Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CloudFront Cache Policy #17336

Merged
merged 13 commits into from
Feb 11, 2021
Merged

CloudFront Cache Policy #17336

Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
1e07711
Add cloudfront_cache_policy resource
bill-rich Jan 26, 2021
921ffcb
Fix copy and paste error
bill-rich Jan 28, 2021
272c6b9
Fix formatting
bill-rich Jan 28, 2021
b3cf9d5
Add cloudfront_cache_policy data source
bill-rich Jan 28, 2021
1b32de5
Address feedback from cache_policy code review
bill-rich Feb 3, 2021
66e407f
Include feedback from origin_request_policy
bill-rich Feb 4, 2021
79133b3
Revert part of CF distribution changes
bill-rich Feb 4, 2021
ffad98c
Fix error message capitalization
bill-rich Feb 4, 2021
1b2174e
Add IsNewResource check
bill-rich Feb 4, 2021
b6d0d33
Fix imports
bill-rich Feb 4, 2021
672902f
Use expandStringSet
bill-rich Feb 10, 2021
cc46094
Add default and ordered policy tests
bill-rich Feb 10, 2021
976ec8e
Add CHANGELOG entry
bill-rich Feb 11, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
233 changes: 233 additions & 0 deletions aws/cloudfront_cache_policy_structure.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,233 @@
package aws

import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/cloudfront"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func expandCloudFrontCachePolicyCookieNames(tfMap map[string]interface{}) *cloudfront.CookieNames {
if tfMap == nil {
return nil
}

items := expandStringSet(tfMap["items"].(*schema.Set))

apiObject := &cloudfront.CookieNames{
Items: items,
Quantity: aws.Int64(int64(len(items))),
}

return apiObject
}

func expandCloudFrontCachePolicyCookiesConfig(tfMap map[string]interface{}) *cloudfront.CachePolicyCookiesConfig {
if tfMap == nil {
return nil
}

apiObject := &cloudfront.CachePolicyCookiesConfig{
CookieBehavior: aws.String(tfMap["cookie_behavior"].(string)),
}

if items, ok := tfMap["cookies"].([]interface{}); ok && len(items) == 1 {
apiObject.Cookies = expandCloudFrontCachePolicyCookieNames(items[0].(map[string]interface{}))
}

return apiObject
}

func expandCloudFrontCachePolicyHeaders(tfMap map[string]interface{}) *cloudfront.Headers {
if tfMap == nil {
return nil
}

items := expandStringSet(tfMap["items"].(*schema.Set))

apiObject := &cloudfront.Headers{
Items: items,
Quantity: aws.Int64(int64(len(items))),
}

return apiObject
}

func expandCloudFrontCachePolicyHeadersConfig(tfMap map[string]interface{}) *cloudfront.CachePolicyHeadersConfig {
if tfMap == nil {
return nil
}

apiObject := &cloudfront.CachePolicyHeadersConfig{
HeaderBehavior: aws.String(tfMap["header_behavior"].(string)),
}

if items, ok := tfMap["headers"].([]interface{}); ok && len(items) == 1 && tfMap["header_behavior"] != "none" {
apiObject.Headers = expandCloudFrontCachePolicyHeaders(items[0].(map[string]interface{}))
}

return apiObject
}

func expandCloudFrontCachePolicyQueryStringNames(tfMap map[string]interface{}) *cloudfront.QueryStringNames {
if tfMap == nil {
return nil
}

items := expandStringSet(tfMap["items"].(*schema.Set))

apiObject := &cloudfront.QueryStringNames{
Items: items,
Quantity: aws.Int64(int64(len(items))),
}

return apiObject
}

func expandCloudFrontCachePolicyQueryStringConfig(tfMap map[string]interface{}) *cloudfront.CachePolicyQueryStringsConfig {
if tfMap == nil {
return nil
}

apiObject := &cloudfront.CachePolicyQueryStringsConfig{
QueryStringBehavior: aws.String(tfMap["query_string_behavior"].(string)),
}

if items, ok := tfMap["query_strings"].([]interface{}); ok && len(items) == 1 {
apiObject.QueryStrings = expandCloudFrontCachePolicyQueryStringNames(items[0].(map[string]interface{}))
}

return apiObject
}

func expandCloudFrontCachePolicyParametersConfig(tfMap map[string]interface{}) *cloudfront.ParametersInCacheKeyAndForwardedToOrigin {
if tfMap == nil {
return nil
}

var cookiesConfig *cloudfront.CachePolicyCookiesConfig
var headersConfig *cloudfront.CachePolicyHeadersConfig
var queryStringsConfig *cloudfront.CachePolicyQueryStringsConfig

if cookiesFlat, ok := tfMap["cookies_config"].([]interface{}); ok && len(cookiesFlat) == 1 {
cookiesConfig = expandCloudFrontCachePolicyCookiesConfig(cookiesFlat[0].(map[string]interface{}))
}

if headersFlat, ok := tfMap["headers_config"].([]interface{}); ok && len(headersFlat) == 1 {
headersConfig = expandCloudFrontCachePolicyHeadersConfig(headersFlat[0].(map[string]interface{}))
}

if queryStringsFlat, ok := tfMap["query_strings_config"].([]interface{}); ok && len(queryStringsFlat) == 1 {
queryStringsConfig = expandCloudFrontCachePolicyQueryStringConfig(queryStringsFlat[0].(map[string]interface{}))
}

parametersConfig := &cloudfront.ParametersInCacheKeyAndForwardedToOrigin{
CookiesConfig: cookiesConfig,
EnableAcceptEncodingBrotli: aws.Bool(tfMap["enable_accept_encoding_brotli"].(bool)),
EnableAcceptEncodingGzip: aws.Bool(tfMap["enable_accept_encoding_gzip"].(bool)),
HeadersConfig: headersConfig,
QueryStringsConfig: queryStringsConfig,
}

return parametersConfig
}

func expandCloudFrontCachePolicyConfig(d *schema.ResourceData) *cloudfront.CachePolicyConfig {
parametersConfig := &cloudfront.ParametersInCacheKeyAndForwardedToOrigin{}

if parametersFlat, ok := d.GetOk("parameters_in_cache_key_and_forwarded_to_origin"); ok {
parametersConfig = expandCloudFrontCachePolicyParametersConfig(parametersFlat.([]interface{})[0].(map[string]interface{}))
}
cachePolicy := &cloudfront.CachePolicyConfig{
Comment: aws.String(d.Get("comment").(string)),
DefaultTTL: aws.Int64(int64(d.Get("default_ttl").(int))),
MaxTTL: aws.Int64(int64(d.Get("max_ttl").(int))),
MinTTL: aws.Int64(int64(d.Get("min_ttl").(int))),
Name: aws.String(d.Get("name").(string)),
ParametersInCacheKeyAndForwardedToOrigin: parametersConfig,
}

return cachePolicy
}

func flattenCloudFrontCachePolicyCookiesConfig(cookiesConfig *cloudfront.CachePolicyCookiesConfig) []map[string]interface{} {
cookiesConfigFlat := map[string]interface{}{}

cookies := []map[string]interface{}{}
if cookiesConfig.Cookies != nil {
cookies = []map[string]interface{}{
{
"items": cookiesConfig.Cookies.Items,
},
}
}

cookiesConfigFlat["cookie_behavior"] = aws.StringValue(cookiesConfig.CookieBehavior)
cookiesConfigFlat["cookies"] = cookies

return []map[string]interface{}{
cookiesConfigFlat,
}
}

func flattenCloudFrontCachePolicyHeadersConfig(headersConfig *cloudfront.CachePolicyHeadersConfig) []map[string]interface{} {
headersConfigFlat := map[string]interface{}{}

headers := []map[string]interface{}{}
if headersConfig.Headers != nil {
headers = []map[string]interface{}{
{
"items": headersConfig.Headers.Items,
},
}
}

headersConfigFlat["header_behavior"] = aws.StringValue(headersConfig.HeaderBehavior)
headersConfigFlat["headers"] = headers

return []map[string]interface{}{
headersConfigFlat,
}
}

func flattenCloudFrontCachePolicyQueryStringsConfig(queryStringsConfig *cloudfront.CachePolicyQueryStringsConfig) []map[string]interface{} {
queryStringsConfigFlat := map[string]interface{}{}

queryStrings := []map[string]interface{}{}
if queryStringsConfig.QueryStrings != nil {
queryStrings = []map[string]interface{}{
{
"items": queryStringsConfig.QueryStrings.Items,
},
}
}

queryStringsConfigFlat["query_string_behavior"] = aws.StringValue(queryStringsConfig.QueryStringBehavior)
queryStringsConfigFlat["query_strings"] = queryStrings

return []map[string]interface{}{
queryStringsConfigFlat,
}
}

func setParametersConfig(parametersConfig *cloudfront.ParametersInCacheKeyAndForwardedToOrigin) []map[string]interface{} {
parametersConfigFlat := map[string]interface{}{
"enable_accept_encoding_brotli": aws.BoolValue(parametersConfig.EnableAcceptEncodingBrotli),
"enable_accept_encoding_gzip": aws.BoolValue(parametersConfig.EnableAcceptEncodingGzip),
"cookies_config": flattenCloudFrontCachePolicyCookiesConfig(parametersConfig.CookiesConfig),
"headers_config": flattenCloudFrontCachePolicyHeadersConfig(parametersConfig.HeadersConfig),
"query_strings_config": flattenCloudFrontCachePolicyQueryStringsConfig(parametersConfig.QueryStringsConfig),
}

return []map[string]interface{}{
parametersConfigFlat,
}
}

func setCloudFrontCachePolicy(d *schema.ResourceData, cachePolicy *cloudfront.CachePolicyConfig) {
d.Set("comment", aws.StringValue(cachePolicy.Comment))
d.Set("default_ttl", aws.Int64Value(cachePolicy.DefaultTTL))
d.Set("max_ttl", aws.Int64Value(cachePolicy.MaxTTL))
d.Set("min_ttl", aws.Int64Value(cachePolicy.MinTTL))
d.Set("name", aws.StringValue(cachePolicy.Name))
d.Set("parameters_in_cache_key_and_forwarded_to_origin", setParametersConfig(cachePolicy.ParametersInCacheKeyAndForwardedToOrigin))
}
38 changes: 30 additions & 8 deletions aws/cloudfront_distribution_configuration_structure.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,17 +189,24 @@ func flattenCacheBehaviors(cbs *cloudfront.CacheBehaviors) []interface{} {

func expandCloudFrontDefaultCacheBehavior(m map[string]interface{}) *cloudfront.DefaultCacheBehavior {
dcb := &cloudfront.DefaultCacheBehavior{
CachePolicyId: aws.String(m["cache_policy_id"].(string)),
Compress: aws.Bool(m["compress"].(bool)),
DefaultTTL: aws.Int64(int64(m["default_ttl"].(int))),
FieldLevelEncryptionId: aws.String(m["field_level_encryption_id"].(string)),
ForwardedValues: expandForwardedValues(m["forwarded_values"].([]interface{})[0].(map[string]interface{})),
MaxTTL: aws.Int64(int64(m["max_ttl"].(int))),
MinTTL: aws.Int64(int64(m["min_ttl"].(int))),
OriginRequestPolicyId: aws.String(m["origin_request_policy_id"].(string)),
TargetOriginId: aws.String(m["target_origin_id"].(string)),
ViewerProtocolPolicy: aws.String(m["viewer_protocol_policy"].(string)),
}

if forwardedValuesFlat, ok := m["forwarded_values"].([]interface{}); ok && len(forwardedValuesFlat) == 1 {
dcb.ForwardedValues = expandForwardedValues(m["forwarded_values"].([]interface{})[0].(map[string]interface{}))
}

if m["cache_policy_id"].(string) == "" {
dcb.MinTTL = aws.Int64(int64(m["min_ttl"].(int)))
dcb.MaxTTL = aws.Int64(int64(m["max_ttl"].(int)))
dcb.DefaultTTL = aws.Int64(int64(m["default_ttl"].(int)))
}

if v, ok := m["trusted_signers"]; ok {
dcb.TrustedSigners = expandTrustedSigners(v.([]interface{}))
} else {
Expand All @@ -224,18 +231,27 @@ func expandCloudFrontDefaultCacheBehavior(m map[string]interface{}) *cloudfront.
}

func expandCacheBehavior(m map[string]interface{}) *cloudfront.CacheBehavior {
var forwardedValues *cloudfront.ForwardedValues
if forwardedValuesFlat, ok := m["forwarded_values"].([]interface{}); ok && len(forwardedValuesFlat) == 1 {
forwardedValues = expandForwardedValues(m["forwarded_values"].([]interface{})[0].(map[string]interface{}))
}
gdavison marked this conversation as resolved.
Show resolved Hide resolved

cb := &cloudfront.CacheBehavior{
CachePolicyId: aws.String(m["cache_policy_id"].(string)),
Compress: aws.Bool(m["compress"].(bool)),
DefaultTTL: aws.Int64(int64(m["default_ttl"].(int))),
FieldLevelEncryptionId: aws.String(m["field_level_encryption_id"].(string)),
ForwardedValues: expandForwardedValues(m["forwarded_values"].([]interface{})[0].(map[string]interface{})),
MaxTTL: aws.Int64(int64(m["max_ttl"].(int))),
MinTTL: aws.Int64(int64(m["min_ttl"].(int))),
ForwardedValues: forwardedValues,
OriginRequestPolicyId: aws.String(m["origin_request_policy_id"].(string)),
TargetOriginId: aws.String(m["target_origin_id"].(string)),
ViewerProtocolPolicy: aws.String(m["viewer_protocol_policy"].(string)),
}

if m["cache_policy_id"].(string) == "" {
cb.MinTTL = aws.Int64(int64(m["min_ttl"].(int)))
cb.MaxTTL = aws.Int64(int64(m["max_ttl"].(int)))
cb.DefaultTTL = aws.Int64(int64(m["default_ttl"].(int)))
}

if v, ok := m["trusted_signers"]; ok {
cb.TrustedSigners = expandTrustedSigners(v.([]interface{}))
} else {
Expand Down Expand Up @@ -263,6 +279,7 @@ func expandCacheBehavior(m map[string]interface{}) *cloudfront.CacheBehavior {

func flattenCloudFrontDefaultCacheBehavior(dcb *cloudfront.DefaultCacheBehavior) map[string]interface{} {
m := map[string]interface{}{
"cache_policy_id": aws.StringValue(dcb.CachePolicyId),
"compress": aws.BoolValue(dcb.Compress),
"field_level_encryption_id": aws.StringValue(dcb.FieldLevelEncryptionId),
"viewer_protocol_policy": aws.StringValue(dcb.ViewerProtocolPolicy),
Expand Down Expand Up @@ -302,6 +319,7 @@ func flattenCloudFrontDefaultCacheBehavior(dcb *cloudfront.DefaultCacheBehavior)
func flattenCacheBehavior(cb *cloudfront.CacheBehavior) map[string]interface{} {
m := make(map[string]interface{})

m["cache_policy_id"] = aws.StringValue(cb.CachePolicyId)
m["compress"] = aws.BoolValue(cb.Compress)
m["field_level_encryption_id"] = aws.StringValue(cb.FieldLevelEncryptionId)
m["viewer_protocol_policy"] = aws.StringValue(cb.ViewerProtocolPolicy)
Expand Down Expand Up @@ -418,6 +436,10 @@ func flattenLambdaFunctionAssociation(lfa *cloudfront.LambdaFunctionAssociation)
}

func expandForwardedValues(m map[string]interface{}) *cloudfront.ForwardedValues {
if len(m) < 1 {
return nil
}

fv := &cloudfront.ForwardedValues{
QueryString: aws.Bool(m["query_string"].(bool)),
}
Expand Down
1 change: 1 addition & 0 deletions aws/cloudfront_distribution_configuration_structure_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
func defaultCacheBehaviorConf() map[string]interface{} {
return map[string]interface{}{
"viewer_protocol_policy": "allow-all",
"cache_policy_id": "",
"target_origin_id": "myS3Origin",
"forwarded_values": []interface{}{forwardedValuesConf()},
"min_ttl": 0,
Expand Down
Loading