d-bis/the_order
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
92cc41d26d92527b0fdb39521aa0d5ded227d764
the_order/infra/terraform/cdn.tf
defiQUG 92cc41d26d Add Legal Office seal and complete Azure CDN deployment 
- Add Legal Office of the Master seal (SVG design with Maltese Cross, scales of justice, legal scroll)
- Create legal-office-manifest-template.json for Legal Office credentials
- Update SEAL_MAPPING.md and DESIGN_GUIDE.md with Legal Office seal documentation
- Complete Azure CDN infrastructure deployment:
  - Resource group, storage account, and container created
  - 17 PNG seal files uploaded to Azure Blob Storage
  - All manifest templates updated with Azure URLs
  - Configuration files generated (azure-cdn-config.env)
- Add comprehensive Azure CDN setup scripts and documentation
- Fix manifest URL generation to prevent double slashes
- Verify all seals accessible via HTTPS
2025-11-12 22:03:42 -08:00

109 lines
3.0 KiB
HCL
Raw Blame History

# Azure CDN Infrastructure for Credential Seal Images
# Creates storage account, container, and CDN profile/endpoint
# Storage Account for CDN Images
resource "azurerm_storage_account" "cdn_images" {
name = local.sa_cdn_name
resource_group_name = azurerm_resource_group.main.name
location = var.azure_region
account_tier = "Standard"
account_replication_type = "LRS"
min_tls_version = "TLS1_2"
allow_blob_public_access = true
# Enable blob versioning for image protection
blob_properties {
versioning_enabled = true
delete_retention_policy {
days = var.environment == "prod" ? 90 : 30
}
cors_rule {
allowed_origins = ["*"]
allowed_methods = ["GET", "HEAD", "OPTIONS"]
allowed_headers = ["*"]
exposed_headers = ["*"]
max_age_in_seconds = 3600
}
}
tags = merge(local.common_tags, {
Purpose = "CDNImages"
})
}
# Storage Container for Images
resource "azurerm_storage_container" "cdn_images" {
name = "images"
storage_account_name = azurerm_storage_account.cdn_images.name
container_access_type = "blob"
}
# CDN Profile
resource "azurerm_cdn_profile" "cdn_images" {
name = "${local.project_prefix}-cdn-profile"
location = var.azure_region
resource_group_name = azurerm_resource_group.main.name
sku = "Standard_Microsoft"
tags = merge(local.common_tags, {
Purpose = "CDNProfile"
})
}
# CDN Endpoint
resource "azurerm_cdn_endpoint" "cdn_images" {
name = "${local.project_prefix}-cdn-endpoint"
profile_name = azurerm_cdn_profile.cdn_images.name
location = var.azure_region
resource_group_name = azurerm_resource_group.main.name
origin {
name = "blob-origin"
host_name = azurerm_storage_account.cdn_images.primary_blob_host
}
# Enable compression
is_compression_enabled = true
compression_types = ["gzip", "deflate"]
# Global delivery rule for cache
global_delivery_rule {
cache_expiration_action {
behavior = "Override"
duration = "1.00:00:00" # 1 day
}
}
tags = merge(local.common_tags, {
Purpose = "CDNEndpoint"
})
}
# Outputs
output "cdn_storage_account_name" {
description = "CDN storage account name"
value = azurerm_storage_account.cdn_images.name
}
output "cdn_storage_account_key" {
description = "CDN storage account primary key"
value = azurerm_storage_account.cdn_images.primary_access_key
sensitive = true
}
output "cdn_container_name" {
description = "CDN container name"
value = azurerm_storage_container.cdn_images.name
}
output "cdn_blob_url" {
description = "CDN blob storage URL"
value = "https://${azurerm_storage_account.cdn_images.name}.blob.core.windows.net/${azurerm_storage_container.cdn_images.name}/"
}
output "cdn_endpoint_url" {
description = "CDN endpoint URL"
value = "https://${azurerm_cdn_endpoint.cdn_images.host_name}/${azurerm_storage_container.cdn_images.name}/"
}
Reference in New Issue View Git Blame Copy Permalink