AWS CloudFront Terraform module
Upstream version 6.7.0
6 controls from Registry requirements
Terraform Module Source
nistcsfv11.compliance.tf/terraform-aws-modules/cloudfront/awsBehavioral Summary
This module modifies 1 variable default and makes 0 resource changes from the upstream module. All changes are driven by compliance controls and can be reviewed in detail below.
Your Code Impact
If you are migrating from the upstream module, the enforced default changes mean your existing configurations will automatically gain compliance controls. Variables you have explicitly set will continue to use your values. Review the diff below to understand exactly what changes.
Compared to
terraform-aws-modules/cloudfront/aws@6.7.01 changesVariables Changed
1| Variable | Upstream | CTF | Reason | Control |
|---|---|---|---|---|
| viewer_certificate | {} | { "ssl_support_method": "sni-only" } | This control checks if AWS CloudFront distributions are using a custom SSL/TLS certificate and are configured to use SNI to serve HTTPS requests. This control fails if a custom SSL/TLS certificate is associated but the SSL/TLS support method is a dedicated IP address. | cloudfront_distribution_sni_enabled |