try without vpc

mishraomp · mishraomp · commit 94da7480fdba · 2025-06-28T11:06:58.000-07:00
diff --git a/infrastructure/api/alb.tf b/infrastructure/api/alb.tf
@@ -59,18 +59,3 @@ resource "aws_lb_target_group" "app" {
 
   tags = module.common.common_tags
 }
-resource "aws_cloudfront_vpc_origin" "alb" {
-  vpc_origin_endpoint_config {
-    name                   = var.app_name
-    arn                    = aws_lb.app-alb.arn
-    http_port              = 80
-    https_port             = 443
-    origin_protocol_policy = "https-only"
-
-    origin_ssl_protocols {
-      items    = ["TLSv1.2"]
-      quantity = 1
-    }
-  }
-  tags = module.common.common_tags
-}
diff --git a/infrastructure/api/waf.tf b/infrastructure/api/waf.tf
@@ -45,14 +45,15 @@ module "cloudfront_api" {
   distribution_type = "alb" # Using ALB as the origin
   enabled          = true
   
-  # API Origin Configuration
-  #api_origin_domain_name     = "${module.api_gateway.api_id}.execute-api.${var.aws_region}.amazonaws.com"
-  #api_origin_id             = "http-api-origin"
-  #api_origin_protocol_policy = "https-only"
-  #api_origin_ssl_protocols   = ["TLSv1.2"]
+  # ALB Origin Configuration
   alb_origin_domain_name = aws_lb.app-alb.dns_name
   alb_origin_id          = "api-alb-origin"
-  alb_vpc_origin_id = aws_cloudfront_vpc_origin.alb.id
+  
+  # Use API origin settings for ALB (since we're using custom_origin_config)
+  api_origin_protocol_policy = "http-only"
+  api_origin_http_port       = 80
+  api_origin_https_port      = 443
+  api_origin_ssl_protocols   = ["TLSv1.2"]
   # WAF Integration
   web_acl_arn = module.waf_api[0].web_acl_arn
   
diff --git a/infrastructure/modules/cloudfront/main.tf b/infrastructure/modules/cloudfront/main.tf
@@ -52,12 +52,14 @@ resource "aws_cloudfront_distribution" "this" {
     content {
       domain_name = var.alb_origin_domain_name
       origin_id   = var.alb_origin_id
-      vpc_origin_config {
-        vpc_origin_id = var.alb_vpc_origin_id
+      
+      custom_origin_config {
+        origin_protocol_policy = var.api_origin_protocol_policy  # Reuse API origin settings
+        http_port              = var.api_origin_http_port
+        https_port             = var.api_origin_https_port
+        origin_ssl_protocols   = var.api_origin_ssl_protocols
       }
     }
-    
-    
   }
 
   

Original file line number	Diff line number	Diff line change
`@@ -52,12 +52,14 @@ resource "aws_cloudfront_distribution" "this" {`
`52`	`52`	`content {`
`53`	`53`	`domain_name = var.alb_origin_domain_name`
`54`	`54`	`origin_id = var.alb_origin_id`
`55`		`- vpc_origin_config {`
`56`		`- vpc_origin_id = var.alb_vpc_origin_id`
	`55`	`+`
	`56`	`+ custom_origin_config {`
	`57`	`+ origin_protocol_policy = var.api_origin_protocol_policy # Reuse API origin settings`
	`58`	`+ http_port = var.api_origin_http_port`
	`59`	`+ https_port = var.api_origin_https_port`
	`60`	`+ origin_ssl_protocols = var.api_origin_ssl_protocols`
`57`	`61`	`}`
`58`	`62`	`}`
`59`		`-`
`60`		`-`
`61`	`63`	`}`
`62`	`64`
`63`	`65`