Skip to content

Commit

Permalink
add response policy (copied from mdbook)
Browse files Browse the repository at this point in the history
  • Loading branch information
@marcoieni
marcoieni committed Sep 2, 2024
1 parent 7cd0202 commit 5c6092d
Showing 1 changed file with 29 additions and 2 deletions.
31 changes: 29 additions & 2 deletions terraform/rustc-perf/s3.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,35 @@ module "static_website" {
domain_name = "perf-data.rust-lang.org"
origin_domain_name = aws_s3_bucket.bucket.bucket_regional_domain_name
origin_access_identity = aws_cloudfront_origin_access_identity.bucket.cloudfront_access_identity_path
// todo
response_policy_id = data.terraform_remote_state.shared.outputs.mdbook_response_policy
response_policy_id = aws_cloudfront_response_headers_policy.response_policy.id
}

resource "aws_cloudfront_response_headers_policy" "response_policy" {
name = "RustcPerfPolicy"
comment = "Policy for RustcPerf website"

security_headers_config {
content_type_options {
override = true
}
frame_options {
frame_option = "DENY"
override = true
}
xss_protection {
protection = true
mode_block = true
override = true
}
referrer_policy {
referrer_policy = "no-referrer"
override = true
}
strict_transport_security {
access_control_max_age_sec = 63072000
override = true
}
}
}

resource "aws_iam_user" "s3" {
Expand Down

0 comments on commit 5c6092d

Please sign in to comment.