d-bis/the_order
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
the_order/infra/terraform/cdn.tf
defiQUG 6a8582e54d feat: comprehensive project structure improvements and Cloud for Sovereignty landing zone 
- Add Cloud for Sovereignty landing zone architecture and deployment
- Implement complete legal document management system
- Reorganize documentation with improved navigation
- Add infrastructure improvements (Dockerfiles, K8s, monitoring)
- Add operational improvements (graceful shutdown, rate limiting, caching)
- Create comprehensive project structure documentation
- Add Azure deployment automation scripts
- Improve repository navigation and organization
2025-11-13 09:32:55 -08:00

109 lines
3.1 KiB
HCL
Raw Permalink Blame History

# Azure CDN Infrastructure for Credential Seal Images
# Creates storage account, container, and CDN profile/endpoint
# Storage Account for CDN Images
resource "azurerm_storage_account" "cdn_images" {
name = local.sa_cdn_name
resource_group_name = azurerm_resource_group.main.name
location = var.azure_region
account_tier = "Standard"
account_replication_type = "LRS"
min_tls_version = "TLS1_2"
allow_blob_public_access = true
# Enable blob versioning for image protection
blob_properties {
versioning_enabled = true
delete_retention_policy {
days = var.environment == "prod" ? 90 : 30
}
cors_rule {
allowed_origins = ["*"]
allowed_methods = ["GET", "HEAD", "OPTIONS"]
allowed_headers = ["*"]
exposed_headers = ["*"]
max_age_in_seconds = 3600
}
}
tags = merge(var.tags, {
Purpose = "CDNImages"
})
}
# Storage Container for Images
resource "azurerm_storage_container" "cdn_images" {
name = "images"
storage_account_name = azurerm_storage_account.cdn_images.name
container_access_type = "blob"
}
# CDN Profile
resource "azurerm_cdn_profile" "cdn_images" {
name = var.cdn_profile_name != "" ? var.cdn_profile_name : "theorder-cdn-${var.environment}"
location = var.azure_region
resource_group_name = azurerm_resource_group.main.name
sku = "Standard_Microsoft"
tags = merge(var.tags, {
Purpose = "CDNProfile"
})
}
# CDN Endpoint
resource "azurerm_cdn_endpoint" "cdn_images" {
name = var.cdn_endpoint_name != "" ? var.cdn_endpoint_name : "theorder-cdn-endpoint-${var.environment}"
profile_name = azurerm_cdn_profile.cdn_images.name
location = var.azure_region
resource_group_name = azurerm_resource_group.main.name
origin {
name = "blob-origin"
host_name = azurerm_storage_account.cdn_images.primary_blob_host
}
# Enable compression
is_compression_enabled = true
compression_types = ["gzip", "deflate"]
# Global delivery rule for cache
global_delivery_rule {
cache_expiration_action {
behavior = "Override"
duration = "1.00:00:00" # 1 day
}
}
tags = merge(var.tags, {
Purpose = "CDNEndpoint"
})
}
# Outputs
output "cdn_storage_account_name" {
description = "CDN storage account name"
value = azurerm_storage_account.cdn_images.name
}
output "cdn_storage_account_key" {
description = "CDN storage account primary key"
value = azurerm_storage_account.cdn_images.primary_access_key
sensitive = true
}
output "cdn_container_name" {
description = "CDN container name"
value = azurerm_storage_container.cdn_images.name
}
output "cdn_blob_url" {
description = "CDN blob storage URL"
value = "https://${azurerm_storage_account.cdn_images.name}.blob.core.windows.net/${azurerm_storage_container.cdn_images.name}/"
}
output "cdn_endpoint_url" {
description = "CDN endpoint URL"
value = "https://${azurerm_cdn_endpoint.cdn_images.host_name}/${azurerm_storage_container.cdn_images.name}/"
}
Reference in New Issue View Git Blame Copy Permalink