Closed
Description
Description
Copied from complete example then just added few bits and remove s3 integration
## Reproduction Code
module "cloudfront-xx-xx" {
# Used by ixxx (Images for Websites)
source = "./../../../modules/terraform-aws-cloudfront-master"
providers = {
aws = aws.aws-global
}
aliases = ["xxx"]
comment = "xxx"
enabled = true
staging = false # If you want to create a staging distribution, set this to true
http_version = "http2and3"
is_ipv6_enabled = true
price_class = "PriceClass_All"
retain_on_delete = false
wait_for_deployment = false
# If you want to create a primary distribution with a continuous deployment policy, set this to the ID of the policy.
# This argument should only be set on a production distribution.
# ref. `aws_cloudfront_continuous_deployment_policy` resource: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_continuous_deployment_policy
continuous_deployment_policy_id = null
# When you enable additional metrics for a distribution, CloudFront sends up to 8 metrics to CloudWatch in the US East (N. Virginia) Region.
# This rate is charged only once per month, per metric (up to 8 metrics per distribution).
create_monitoring_subscription = true
create_origin_access_identity = false
create_origin_access_control = false
origin = {
xx-xx-co-uk = {
origin_path = ""
connection_attempts = 3
connection_timeout = 10
domain_name = "xx"
custom_origin_config = {
http_port = 80
https_port = 443
origin_keepalive_timeout = 5
origin_read_timeout = 30
origin_protocol_policy = "match-viewer"
origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"]
}
#if this is here then it cause constant recreation need to comment this out
origin_shield = {
enabled = false
origin_shield_region = "us-east-1"
}
}
}
default_cache_behavior = {
path_pattern = ""
target_origin_id = "xx-xx-xx-xx"
viewer_protocol_policy = "allow-all"
allowed_methods = ["GET", "HEAD", "OPTIONS"]
cached_methods = ["GET", "HEAD"]
use_forwarded_values = false
cache_policy_id = "658327ea-f89d-4fab-a63d-7e88639e58f6" # Managed-CachingOptimized
origin_request_policy_id = "33f36d7e-f396-46d9-90e0-52428a34d9dc" # Policy to forward all parameters in viewer requests
}
viewer_certificate = {
acm_certificate_arn = "xxx"
ssl_support_method = "sni-only"
}
}
Steps to reproduce the behavior:
resource "aws_cloudfront_distribution" "this" {
id = "xx"
tags = {}
# (20 unchanged attributes hidden)
- origin {
- connection_attempts = 3 -> null
- connection_timeout = 10 -> null
- domain_name = "xxx" -> null
- origin_id = "xxx" -> null
- custom_origin_config {
- http_port = 80 -> null
- https_port = 443 -> null
- origin_keepalive_timeout = 5 -> null
- origin_protocol_policy = "match-viewer" -> null
- origin_read_timeout = 30 -> null
- origin_ssl_protocols = [
- "TLSv1",
- "TLSv1.1",
- "TLSv1.2",
] -> null
}
}
+ origin {
+ connection_attempts = 3
+ connection_timeout = 10
+ domain_name = "xxx"
+ origin_id = "xx"
+ custom_origin_config {
+ http_port = 80
+ https_port = 443
+ origin_keepalive_timeout = 5
+ origin_protocol_policy = "match-viewer"
+ origin_read_timeout = 30
+ origin_ssl_protocols = [
+ "TLSv1",
+ "TLSv1.1",
+ "TLSv1.2",
]
}
**+ origin_shield {
+ enabled = false
+ origin_shield_region = "us-east-1"
}**
}
# (3 unchanged blocks hidden)
}
Expected behavior
Do nothing
Actual behavior
Recreated origin
Metadata
Metadata
Assignees
Labels
No labels