Terraform-provider-aws: Allow configuring CloudFront cache_behavior precedence
_This issue was originally opened by @randomeizer as hashicorp/terraform#7253. It was migrated here as part of the provider split. The original body of the issue is below._
Terraform Version
0.6.16
Affected Resource(s)
Please list the resources as a list, for example:
- cloudfront_distribution > cache_behavior
Terraform Configuration Files
`````` hcl
Distro pointing at the specified domain.
resource "aws_cloudfront_distribution" "cloudfront" {
origin {
domain_name = "${var.lde_vm_domain_name}"
origin_id = "lde_vm"
custom_origin_config {
http_port = 80
https_port = 443
origin_protocol_policy = "match-viewer"
origin_ssl_protocols = [
"SSLv3",
"TLSv1"]
}
custom_header = {
name = "${var.lde_custom_header_name}"
value = "${var.lde_custom_header_value}"
}
}
aliases = ["${var.public_domain_name}"]
enabled = true
comment = "CloudFront Server"
default_cache_behavior {
target_origin_id = "lde_vm"
allowed_methods = [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT"]
cached_methods = [
"GET",
"HEAD"]
compress = true
smooth_streaming = false
forwarded_values {
cookies {
forward = "all"
}
headers = ["Host"]
query_string = true
}
viewer_protocol_policy = "allow-all"
min_ttl = 0
default_ttl = 3600
max_ttl = 31536000
}
private digital content cache
cache_behavior {
path_pattern = "user/digital_content/download/*"
target_origin_id = "lde_vm"
allowed_methods = [
"GET",
"HEAD",
"OPTIONS"]
cached_methods = [
"GET",
"HEAD"]
compress = true
smooth_streaming = false
forwarded_values {
cookies {
forward = "none"
}
headers = ["Host"]
query_string = true
}
trusted_signers = ["self"]
viewer_protocol_policy = "allow-all"
min_ttl = 0
default_ttl = 3600
max_ttl = 31536000
}
# JS files
cache_behavior {
path_pattern = "js/*"
target_origin_id = "lde_vm"
allowed_methods = [
"GET",
"HEAD",
"OPTIONS"]
cached_methods = [
"GET",
"HEAD"]
compress = true
smooth_streaming = false
forwarded_values {
cookies {
forward = "none"
}
headers = ["Host"]
query_string = true
}
viewer_protocol_policy = "allow-all"
min_ttl = 0
default_ttl = 3600
max_ttl = 31536000
}
# CSS files
cache_behavior {
path_pattern = "css/*"
target_origin_id = "lde_vm"
allowed_methods = [
"GET",
"HEAD",
"OPTIONS"]
cached_methods = [
"GET",
"HEAD"]
compress = true
smooth_streaming = false
forwarded_values {
cookies {
forward = "none"
}
headers = ["Host"]
query_string = true
}
viewer_protocol_policy = "allow-all"
min_ttl = 0
default_ttl = 3600
max_ttl = 31536000
}
restrictions {
geo_restriction {
restriction_type = "none"
}
}
viewer_certificate {
iam_certificate_id = "${aws_iam_server_certificate.alias_certificate.id}"
ssl_support_method = "sni-only"
minimum_protocol_version = "TLSv1"
}
retain_on_delete = false
price_class = "${var.cloudfront_price_class}"
}```
Debug Output
N/A
Panic Output
N/A
Expected Behavior
We should be able to specify the precedence of multiple cache_behavior definitions. Eg:
```hcl
cache_behavior {
precedence: 0
path_pattern: "js/*"
...
}
cache_behavior {
precedence: 1
path_pattern: "images/*"
}
``````
Alternately, the order that the cache_behaviour blocks are defined in the config should define the precedence.
Actual Behavior
Cache behaviours are created in random order:
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
terraform apply
Important Factoids
Are there anything atypical about your accounts that we should know? For example: Running in EC2 Classic? Custom version of OpenStack? Tight ACLs?
Nothing special.
References
Not that I'm aware of.
hashibot
All 21 comments
this issue opened over a year ago is still not addressed? @randomeizer
swoodford
on 28 Jun 2017
Does anyone have a fix for this yet?
acejam
on 13 Jul 2017
I have a PR open for this here: https://github.com/terraform-providers/terraform-provider-aws/pull/1269
acejam
on 27 Jul 2017
@acejam Thanks, this is fantastic! Any idea when this will land in master?
jonaf
on 2 Aug 2017
@jonaf Hopefully soon, but you'll need to use Terraform 0.10 in order to get this functionality. Right now I'm trying to figure out the data migrations needed in order to update existing state.
acejam
on 2 Aug 2017
@acejam OK, so you mean I'll have to make Terraform from source to get it? No problem. Please let me know if there's any way I can be helpful, as I'm in pretty sincere need of this change.
jonaf
on 2 Aug 2017
+1. Do we have an ETA for the fix?
ykorabelnikov
on 22 Sep 2017
I'm waiting for @Ninir's feedback on how to proceed here: https://github.com/terraform-providers/terraform-provider-aws/pull/1269#issuecomment-327299057
acejam
on 22 Sep 2017
Hey folks,
Sorry for the silence here, will check this out ASAP :)
Ninir
on 26 Sep 2017
@Ninir any news on that?
digitalkaoz
on 15 Feb 2018
is there a status update on when this will be implemented and pushed to master?
lamc
on 16 Feb 2018
+1 would be great to see this feature added!
kainosact
on 23 Mar 2018
@Ninir @apparentlymart ping - can we get an update? Original ticket filed on Jun 21, 2016.
mikeatlas-r7
on 2 Apr 2018
@mikeatlas-r7 A PR of mine has been open since July of 2017 that addresses this, but they still haven't merged it.
https://github.com/terraform-providers/terraform-provider-aws/pull/1269
acejam
on 2 Apr 2018
For us it's also mandatory to get this feature for our cloudfront distributions
p7s1-wolfgang-dworzak
on 5 Apr 2018
We're currently "very lucky" in that we only have a 2nd cache behavior beyond the default behavior, and it appears the default behavior is last in the order ("by default") - but this is a lucky accident and may not hold us over forever :/
mikeatlas-r7
on 5 Apr 2018
Hey folks,
Sorry for the silence here. As written in the PR, this is an issue that should be handled carefully.
While the current behaviour is broken, we would like to provide the fix as early as possible without breaking things.
The current PR is breaking things and thus cannot be merged before 2.0.0.
I'm currently working on an alternative solution that will be out in a few moments.
Hope it makes sense.
Ninir
on 6 Apr 2018
Hey folks,
Just to let you know this has been merged and should be available in the next release. It implements a new attribute called ordered_behavior_cache, which implies that you replace your olds and broken cache_behavior in your stacks to this new one.
It is the only solution we came up with. Hope it makes sense!
Ninir
on 18 Apr 2018
new attribute ordered_behavior_cache is a perfectly fine way to implement it in my book! thanks everyone behind this :)
mikeatlas-r7
on 18 Apr 2018
Fantastic work!
I've imported a few existing distributions and am setting up the config to match (by checking against terraform plan as I go). Terraform is detecting the existing live state as cache_behaviour. Should it instead be detecting as ordered_cache_behaviour now?
tdmalone
on 1 May 2018
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 6 Apr 2020
Related issues
reedloden
ยท
3Comments
hazmeister
ยท
3Comments
modax
ยท
3Comments
joelittlejohn
ยท
3Comments
ccslamstack
ยท
3Comments
Most helpful comment
Hey folks,
Just to let you know this has been merged and should be available in the next release. It implements a new attribute called
ordered_behavior_cache, which implies that you replace your olds and brokencache_behaviorin your stacks to this new one.It is the only solution we came up with. Hope it makes sense!