Skip to content

Commit

Permalink
chore: adding security.txt and fixing content headers
Browse files Browse the repository at this point in the history
  • Loading branch information
kiraum committed Oct 5, 2024
1 parent 9332a08 commit 9432e97
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 0 deletions.
4 changes: 4 additions & 0 deletions modules/static_website/content/.well-known/security.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
Contact: mailto:[email protected]
Expires: 2027-12-31T23:59:59.000Z
Preferred-Languages: en

16 changes: 16 additions & 0 deletions modules/static_website/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -445,5 +445,21 @@ resource "aws_cloudfront_response_headers_policy" "security_headers_policy" {
content_security_policy = "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:;"
override = true
}
x_content_type_options {
override = true
}
}
}

resource "aws_s3_object" "security_txt" {
bucket = aws_s3_bucket.static_site.id
key = ".well-known/security.txt"
source = "${path.module}/content/.well-known/security.txt"
etag = filemd5("${path.module}/content/.well-known/security.txt")

content_type = "text/plain"

tags = {
CustomHeader = random_string.custom_header_value.result
}
}

0 comments on commit 9432e97

Please sign in to comment.