use managed cloudfront caching and forwarding policies instead of defining our own

2026-06-08 11:17:27 +00:00 · 2026-03-17 09:42:16 +00:00 · 2026-03-17 09:42:16 +00:00 · c91193ed22
commit c91193ed22
parent 867cebc9f2
1 changed files with 6 additions and 40 deletions
--- a/infrastructure/terraform/modules/cloudfront/main.tf
+++ b/infrastructure/terraform/modules/cloudfront/main.tf
@ -1,39 +1,9 @@
-resource "aws_cloudfront_cache_policy" "api" {
+data "aws_cloudfront_cache_policy" "caching_disabled" {
-  name = "api-no-cache"
+  name = "Managed-CachingDisabled"
  default_ttl = 0
  max_ttl     = 0
  min_ttl     = 0
  parameters_in_cache_key_and_forwarded_to_origin {
    cookies_config {
      cookie_behavior = "none"
    }
    headers_config {
      header_behavior = "none"
    }
    query_strings_config {
      query_string_behavior = "none"
    }
  }
 }
-resource "aws_cloudfront_origin_request_policy" "api" {
+data "aws_cloudfront_origin_request_policy" "all_viewer_except_host_header" {
-  name = "api-forward-all"
+  name = "Managed-AllViewerExceptHostHeader"
  headers_config {
    header_behavior = "allViewer"
  }
  query_strings_config {
    query_string_behavior = "all"
  }
  cookies_config {
    cookie_behavior = "all"
  }
 }
 ############################################
@ -122,12 +92,8 @@ resource "aws_cloudfront_distribution" "this" {
    allowed_methods = ["GET","HEAD","OPTIONS","PUT","POST","PATCH","DELETE"]
    cached_methods  = ["GET","HEAD"]
-    cache_policy_id          = aws_cloudfront_cache_policy.api.id
+    cache_policy_id          = data.aws_cloudfront_cache_policy.caching_disabled.id
-    origin_request_policy_id = aws_cloudfront_origin_request_policy.api.id
+    origin_request_policy_id = data.aws_cloudfront_origin_request_policy.all_viewer_except_host_header.id
    min_ttl     = 0
    default_ttl = 0
    max_ttl     = 0
  }
  price_class = "PriceClass_All"