From 7bf7a81ea2f30d84148b07264d311260e2a5d32f Mon Sep 17 00:00:00 2001
From: Frederic Leger <frederic@webofmars.com>
Date: Fri, 14 Jun 2024 15:13:32 +0200
Subject: [PATCH] fix(aws): cloudfront : better cache behaviors handling

---
 aws/cloudfront-distribution/README.md     |  2 +-
 aws/cloudfront-distribution/cloudfront.tf | 26 +++++++++++++----------
 aws/cloudfront-distribution/variables.tf  | 24 ++-------------------
 3 files changed, 18 insertions(+), 34 deletions(-)

diff --git a/aws/cloudfront-distribution/README.md b/aws/cloudfront-distribution/README.md
index e6b9902..ae36bfc 100644
--- a/aws/cloudfront-distribution/README.md
+++ b/aws/cloudfront-distribution/README.md
@@ -45,7 +45,7 @@ No modules.
 | <a name="input_is_ipv6_enabled"></a> [is\_ipv6\_enabled](#input\_is\_ipv6\_enabled) | Whether CloudFront responds to IPv6 DNS requests with an IPv6 address for your distribution. | `bool` | `true` | no |
 | <a name="input_logging_config"></a> [logging\_config](#input\_logging\_config) | A logging configuration element (required). | `map(any)` | <pre>{<br>  "bucket": "",<br>  "include_cookies": false,<br>  "prefix": ""<br>}</pre> | no |
 | <a name="input_name"></a> [name](#input\_name) | The name of the route53 zone | `string` | `"example.com"` | no |
-| <a name="input_ordered_cache_behavior"></a> [ordered\_cache\_behavior](#input\_ordered\_cache\_behavior) | An ordered cache behavior element (multiples allowed). | <pre>list(object({<br>    allowed_methods = list(string)<br>    cached_methods  = list(string)<br>    compress        = bool<br>    default_ttl     = number<br>    forwarded_values = object({<br>      cookies = object({<br>        forward           = string<br>        whitelisted_names = list(string)<br>      })<br>      headers      = list(string)<br>      query_string = bool<br>    })<br>    max_ttl                = number<br>    min_ttl                = number<br>    path_pattern           = string<br>    smooth_streaming       = bool<br>    target_origin_id       = string<br>    trusted_signers        = list(string)<br>    viewer_protocol_policy = string<br>  }))</pre> | `[]` | no |
+| <a name="input_ordered_cache_behavior"></a> [ordered\_cache\_behavior](#input\_ordered\_cache\_behavior) | An ordered cache behavior element (multiples allowed). | `list(any)` | `[]` | no |
 | <a name="input_origin"></a> [origin](#input\_origin) | An origin element (multiples allowed). | `list(any)` | `[]` | no |
 | <a name="input_origin_group"></a> [origin\_group](#input\_origin\_group) | An origin group element (multiples allowed). | <pre>list(object({<br>    failover_criteria = object({<br>      status_codes = list(number)<br>    })<br>    member = list(object({<br>      origin_id = string<br>    }))<br>    origin_id = string<br>  }))</pre> | `[]` | no |
 | <a name="input_price_class"></a> [price\_class](#input\_price\_class) | The price class for this distribution. One of PriceClass\_All, PriceClass\_200, PriceClass\_100. | `string` | `"PriceClass_All"` | no |
diff --git a/aws/cloudfront-distribution/cloudfront.tf b/aws/cloudfront-distribution/cloudfront.tf
index f2b6b30..4c3ae4f 100644
--- a/aws/cloudfront-distribution/cloudfront.tf
+++ b/aws/cloudfront-distribution/cloudfront.tf
@@ -68,7 +68,7 @@ resource "aws_cloudfront_distribution" "main" {
       }
 
       dynamic "lambda_function_association" {
-        for_each = length(default_cache_behavior.value.lambda_function_association) > 0 ? flatten([default_cache_behavior.value.lambda_function_association]) : []
+        for_each = try(default_cache_behavior.value.lambda_function_association, [])
         content {
           event_type   = try(lambda_function_association.value.event_type, null)
           include_body = try(lambda_function_association.value.include_body, null)
@@ -90,12 +90,21 @@ resource "aws_cloudfront_distribution" "main" {
   dynamic "ordered_cache_behavior" {
     for_each = var.ordered_cache_behavior
     content {
-      allowed_methods = ordered_cache_behavior.value.allowed_methods
-      cached_methods  = ordered_cache_behavior.value.cached_methods
-      compress        = ordered_cache_behavior.value.compress
-      default_ttl     = ordered_cache_behavior.value.default_ttl
+      allowed_methods            = try(ordered_cache_behavior.value.allowed_methods, null)
+      cache_policy_id            = try(ordered_cache_behavior.value.cache_policy_id, null)
+      cached_methods             = try(ordered_cache_behavior.value.cached_methods, null)
+      compress                   = try(ordered_cache_behavior.value.compress, null)
+      default_ttl                = try(ordered_cache_behavior.value.default_ttl, null)
+      max_ttl                    = try(ordered_cache_behavior.value.max_ttl, null)
+      min_ttl                    = try(ordered_cache_behavior.value.min_ttl, null)
+      origin_request_policy_id   = try(ordered_cache_behavior.value.origin_request_policy_id, null)
+      path_pattern               = try(ordered_cache_behavior.value.path_pattern, null)
+      response_headers_policy_id = try(ordered_cache_behavior.value.response_headers_policy_id, null)
+      target_origin_id           = try(ordered_cache_behavior.value.target_origin_id, null)
+      viewer_protocol_policy     = try(ordered_cache_behavior.value.viewer_protocol_policy, null)
+
       dynamic "forwarded_values" {
-        for_each = ordered_cache_behavior.value.forwarded_values
+        for_each = try(ordered_cache_behavior.value.forwarded_values, [])
         content {
           dynamic "cookies" {
             for_each = forwarded_values.value.cookies
@@ -108,11 +117,6 @@ resource "aws_cloudfront_distribution" "main" {
           query_string = forwarded_values.value.query_string
         }
       }
-      max_ttl                = ordered_cache_behavior.value.max_ttl
-      min_ttl                = ordered_cache_behavior.value.min_ttl
-      path_pattern           = ordered_cache_behavior.value.path_pattern
-      target_origin_id       = ordered_cache_behavior.value.target_origin_id
-      viewer_protocol_policy = ordered_cache_behavior.value.viewer_protocol_policy
     }
   }
 
diff --git a/aws/cloudfront-distribution/variables.tf b/aws/cloudfront-distribution/variables.tf
index 884e5f6..1f54431 100644
--- a/aws/cloudfront-distribution/variables.tf
+++ b/aws/cloudfront-distribution/variables.tf
@@ -107,28 +107,8 @@ variable "logging_config" {
 
 variable "ordered_cache_behavior" {
   description = "An ordered cache behavior element (multiples allowed)."
-  type = list(object({
-    allowed_methods = list(string)
-    cached_methods  = list(string)
-    compress        = bool
-    default_ttl     = number
-    forwarded_values = object({
-      cookies = object({
-        forward           = string
-        whitelisted_names = list(string)
-      })
-      headers      = list(string)
-      query_string = bool
-    })
-    max_ttl                = number
-    min_ttl                = number
-    path_pattern           = string
-    smooth_streaming       = bool
-    target_origin_id       = string
-    trusted_signers        = list(string)
-    viewer_protocol_policy = string
-  }))
-  default = []
+  type        = list(any)
+  default     = []
 }
 
 variable "origin" {