Skip to content

CloudFront Static Website Data

This stack contains the data resources (S3 buckets) for CloudFront static websites.

Resources

  • S3 Content Bucket: Stores the static website content
  • S3 Logs Bucket: Stores CloudFront access logs

Discovery

Other stacks can discover these resources via SSM parameters:

  • /${environment}/cloudfront-static-website/${name}/s3-bucket-id
  • /${environment}/cloudfront-static-website/${name}/s3-bucket-arn
  • /${environment}/cloudfront-static-website/${name}/s3-bucket-regional-domain-name
  • /${environment}/cloudfront-static-website/${name}/logs-s3-bucket-id

Destroying Stacks with S3 Content

S3 buckets with versioning enabled (which these are) cannot be destroyed if they contain objects. If you encounter an error like:

Error: deleting S3 Bucket: operation error S3: DeleteBucket, 
api error BucketNotEmpty: The bucket you tried to delete is not empty. 
You must delete all versions in the bucket.

If you're destroying the entire stack:

  1. Set force_destroy = true in your configuration
  2. Run terraform apply
  3. Run terraform destroy

Option 2: Manual Bucket Cleanup (For partial destruction)

If you've already partially destroyed resources:

  1. Use the AWS Console to empty the S3 buckets manually
  2. Go to the S3 service in the AWS Console
  3. Select the bucket and choose "Empty" from the Actions menu
  4. Follow the prompts to delete all object versions
  5. Then run terraform destroy again

Variables

Name Description Type Default Required
IncludeLockFile Include a Terraform lock file. bool false no
Name Name for the CloudFront static website data resources string n/a yes
AutoForwardLogs Automatically forward any CloudWatch log groups or S3 logs created by this template to Datadog if the current account is integrated with Datadog. map {"Enable": true} no
AwsProviderVersion The version of the AWS provider to use string >= 6.24.0, < 7.0.0 no
S3EnforceSecureTransport Require HTTPS for all requests to S3 buckets created by this template. bool false no