### List CloudFront Distribution Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/list-resources/cloudfront_distribution Example usage for listing CloudFront Distribution resources. Ensure you have HashiCorp Terraform version 1.14 or later installed. ```terraform list "aws_cloudfront_distribution" "example" { provider = aws } ``` -------------------------------- ### Basic Authorization Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_connection This example shows how to configure an EventBridge connection using Basic Authorization. ```APIDOC ### Example Usage Basic Authorization ```terraform resource "aws_cloudwatch_event_connection" "test" { name = "ngrok-connection" description = "A connection description" authorization_type = "BASIC" auth_parameters { basic { username = "user" password = "Pass1234!" } } } ``` ``` -------------------------------- ### aws_wafv2_ip_set Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_ip_set Provides an example of how to configure an AWS WAFv2 IP set resource. This snippet demonstrates setting the name, description, scope, IP address version, and a list of IP addresses in CIDR notation. It also includes example tags. ```terraform resource "aws_wafv2_ip_set" "example" { name = "example" description = "Example IP set" scope = "REGIONAL" ip_address_version = "IPV4" addresses = ["1.2.3.4/32", "5.6.7.8/32"] tags = { Tag1 = "Value1" Tag2 = "Value2" } } ``` -------------------------------- ### OAuth Client Credentials Authorization Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_connection This example illustrates setting up an EventBridge connection with OAuth Client Credentials authorization. ```APIDOC ### Example Usage OAuth Authorization ```terraform resource "aws_cloudwatch_event_connection" "test" { name = "ngrok-connection" description = "A connection description" authorization_type = "OAUTH_CLIENT_CREDENTIALS" auth_parameters { oauth { authorization_endpoint = "https://auth.url.com/endpoint" http_method = "GET" client_parameters { client_id = "1234567890" client_secret = "Pass1234!" } oauth_http_parameters { body { key = "body-parameter-key" value = "body-parameter-value" is_value_secret = false } header { key = "header-parameter-key" value = "header-parameter-value" is_value_secret = false } query_string { key = "query-string-parameter-key" value = "query-string-parameter-value" is_value_secret = false } } } } } ``` ``` -------------------------------- ### Basic Response Configuration Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_response This example demonstrates the basic configuration of an API Gateway method response, setting the status code for a GET method on a specific resource. ```APIDOC ## Resource: aws_api_gateway_method_response ### Description Provides an HTTP Method Response for an API Gateway Resource. More information about API Gateway method responses can be found in the Amazon API Gateway Developer Guide. ### Example Usage #### Basic Response ```terraform resource "aws_api_gateway_rest_api" "MyDemoAPI" { name = "MyDemoAPI" description = "This is my API for demonstration purposes" } resource "aws_api_gateway_resource" "MyDemoResource" { rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id parent_id = aws_api_gateway_rest_api.MyDemoAPI.root_resource_id path_part = "mydemoresource" } resource "aws_api_gateway_method" "MyDemoMethod" { rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id resource_id = aws_api_gateway_resource.MyDemoResource.id http_method = "GET" authorization = "NONE" } resource "aws_api_gateway_integration" "MyDemoIntegration" { rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id resource_id = aws_api_gateway_resource.MyDemoResource.id http_method = aws_api_gateway_method.MyDemoMethod.http_method type = "MOCK" } resource "aws_api_gateway_method_response" "response_200" { rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id resource_id = aws_api_gateway_resource.MyDemoResource.id http_method = aws_api_gateway_method.MyDemoMethod.http_method status_code = "200" } ``` ``` -------------------------------- ### aws_s3_object Resource Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object This example demonstrates the creation of an S3 object with specific configurations including key, bucket, source file, tags, and an override for provider default tags. ```APIDOC ## aws_s3_object ### Description Manages a single S3 object. ### Method Not applicable (Terraform resource) ### Endpoint Not applicable (Terraform resource) ### Arguments #### Required * `bucket` - (Required) Name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified. * `key` - (Required) Name of the object once it is in the bucket. #### Optional * `source` - (Optional) The name of the file to be uploaded to the bucket. * `object_lock_legal_hold_status` - (Optional) The legal hold status of an object. Valid values are `"ON"` and `"OFF"`. * `object_lock_mode` - (Optional) The object lock mode of an object. Valid values are `"GOVERNANCE"` and `"COMPLIANCE"`. * `object_lock_retain_until_date` - (Optional) The date and time, in RFC3339 format, when the object's S3 Object Lock is intended to expire. * `force_destroy` - (Optional) Allows the object to be deleted when the bucket is destroyed. Defaults to `false`. #### Override Provider * `default_tags` - (Optional) Configuration block to suppress provider-level default tags. * `tags` - (Optional) A map of tags to assign to the object. If this configuration block is used, provider-level default tags will not be applied. ### Request Example ```hcl resource "aws_s3_bucket" "examplebucket" { bucket = "examplebuckettftest" } resource "aws_s3_object" "examplebucket_object" { key = "someobject" bucket = aws_s3_bucket.examplebucket.id source = "important.txt" tags = { Env = "test" } override_provider { default_tags { tags = {} } } } ``` ### Response #### Success Response (200) Not applicable (Terraform resource) #### Response Example Not applicable (Terraform resource) ``` -------------------------------- ### Basic API Gateway Stage Configuration Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage Manages an API Gateway Stage, referencing a deployment. This example shows a basic setup with method settings. ```terraform resource "aws_api_gateway_rest_api" "example" { body = jsonencode({ openapi = "3.0.1" info = { title = "example" version = "1.0" } paths = { "/path1" = { get = { x-amazon-apigateway-integration = { httpMethod = "GET" payloadFormatVersion = "1.0" type = "HTTP_PROXY" uri = "https://ip-ranges.amazonaws.com/ip-ranges.json" } } } } }) name = "example" } resource "aws_api_gateway_deployment" "example" { rest_api_id = aws_api_gateway_rest_api.example.id triggers = { redeployment = sha1(jsonencode(aws_api_gateway_rest_api.example.body)) } lifecycle { create_before_destroy = true } } resource "aws_api_gateway_stage" "example" { deployment_id = aws_api_gateway_deployment.example.id rest_api_id = aws_api_gateway_rest_api.example.id stage_name = "example" } resource "aws_api_gateway_method_settings" "example" { rest_api_id = aws_api_gateway_rest_api.example.id stage_name = aws_api_gateway_stage.example.stage_name method_path = "*/*" settings { metrics_enabled = true logging_level = "INFO" } } ``` -------------------------------- ### Create a VPC Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/docs Example of creating a Virtual Private Cloud (VPC) with a specified CIDR block. This resource is foundational for network setup in AWS. ```hcl resource "aws_vpc" "example" { cidr_block = "10.0.0.0/16" } ``` -------------------------------- ### aws_cloudfront_distribution_tenant Data Source Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_distribution_tenant Example usage of the aws_cloudfront_distribution_tenant data source to retrieve distribution tenant information by ID. ```APIDOC ## Data Source: aws_cloudfront_distribution_tenant Use this data source to retrieve information about a CloudFront distribution tenant. ### Example Usage ```terraform data "aws_cloudfront_distribution_tenant" "test" { id = "EDFDVBD632BHDS5" } ``` ### Argument Reference This data source supports the following arguments: * `id` (Optional) - Identifier for the distribution tenant. For example: `EDFDVBD632BHDS5`. Exactly one of `id` or `domain` must be specified. * `domain` (Optional) - An associated domain of the distribution tenant. Exactly one of `id` or `domain` must be specified. ### Attribute Reference This data source exports the following attributes in addition to the arguments above: * `domains` - List of domains for the distribution tenant. * `arn` - ARN (Amazon Resource Name) for the distribution tenant. * `status` - Current status of the distribution tenant. `Deployed` if the distribution tenant's information is fully propagated throughout the Amazon CloudFront system. * `distribution_id` - The ID of the CloudFront distribution the tenant is associated with. * `etag` - Current version of the distribution tenant's information. For example: `E2QWRUHAPOMQZL`. * `enabled` - Whether the distribution tenant is enabled. * `connection_group_id` - The CloudFront connection group the tenant is associated with. ``` -------------------------------- ### List S3 Bucket Versioning Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/list-resources/s3_bucket_versioning Example usage for the aws_s3_bucket_versioning list resource. This snippet demonstrates how to list S3 bucket versioning configurations. ```terraform list "aws_s3_bucket_versioning" "example" { provider = aws } ``` -------------------------------- ### Example Usage of CloudFront Real-Time Log Configuration Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_realtime_log_config This example demonstrates how to set up a CloudFront real-time log configuration, including the necessary IAM roles and policies for sending logs to a Kinesis stream. Ensure the IAM role has the correct permissions for Kinesis. ```terraform data "aws_iam_policy_document" "assume_role" { statement { effect = "Allow" principals { type = "Service" identifiers = ["cloudfront.amazonaws.com"] } actions = ["sts:AssumeRole"] } } resource "aws_iam_role" "example" { name = "cloudfront-realtime-log-config-example" assume_role_policy = data.aws_iam_policy_document.assume_role.json } data "aws_iam_policy_document" "example" { statement { effect = "Allow" actions = [ "kinesis:DescribeStreamSummary", "kinesis:DescribeStream", "kinesis:PutRecord", "kinesis:PutRecords", ] resources = [aws_kinesis_stream.example.arn] } } resource "aws_iam_role_policy" "example" { name = "cloudfront-realtime-log-config-example" role = aws_iam_role.example.id policy = data.aws_iam_policy_document.example.json } resource "aws_cloudfront_realtime_log_config" "example" { name = "example" sampling_rate = 75 fields = ["timestamp", "c-ip"] endpoint { stream_type = "Kinesis" kinesis_stream_config { role_arn = aws_iam_role.example.arn stream_arn = aws_kinesis_stream.example.arn } } depends_on = [aws_iam_role_policy.example] } ``` -------------------------------- ### Example Usage of aws_cloudfront_distribution_tenant Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_distribution_tenant This example shows how to use the aws_cloudfront_distribution_tenant data source to retrieve information about a CloudFront distribution tenant by its ID. ```Terraform data "aws_cloudfront_distribution_tenant" "test" { id = "EDFDVBD632BHDS5" } ``` -------------------------------- ### aws_wafv2_rule_group Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_rule_group A simple example demonstrating the creation of an AWS WAFv2 Rule Group with a single rule. ```APIDOC ## Resource: aws_wafv2_rule_group Creates a WAFv2 Rule Group resource. ### Example Usage #### Simple ```terraform resource "aws_wafv2_rule_group" "example" { name = "example-rule" scope = "REGIONAL" capacity = 2 rule { name = "rule-1" priority = 1 action { allow {} } statement { geo_match_statement { country_codes = ["US", "NL"] } } visibility_config { cloudwatch_metrics_enabled = false metric_name = "friendly-rule-metric-name" sampled_requests_enabled = false } } } ``` ``` -------------------------------- ### Basic Example for aws_s3control_multi_region_access_point_policy Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3control_multi_region_access_point_policy This example demonstrates how to create a Multi-Region Access Point and associate a basic access control policy with it. It requires the `aws_s3_bucket` and `aws_s3control_multi_region_access_point` resources to be defined first. The policy allows `GetObject` and `PutObject` actions for the current account's objects within the access point. ```terraform data "aws_caller_identity" "current" {} data "aws_partition" "current" {} resource "aws_s3_bucket" "foo_bucket" { bucket = "example-bucket-foo" } resource "aws_s3control_multi_region_access_point" "example" { details { name = "example" region { bucket = aws_s3_bucket.foo_bucket.id } } } resource "aws_s3control_multi_region_access_point_policy" "example" { details { name = element(split(":", aws_s3control_multi_region_access_point.example.id), 1) policy = jsonencode({ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "Example", "Effect" : "Allow", "Principal" : { "AWS" : data.aws_caller_identity.current.account_id }, "Action" : ["s3:GetObject", "s3:PutObject"], "Resource" : "arn:${data.aws_partition.current.partition}:s3::${data.aws_caller_identity.current.account_id}:accesspoint/${aws_s3control_multi_region_access_point.example.alias}/object/*" } ] }) } } ``` -------------------------------- ### Example Usage of aws_s3_bucket_objects Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket_objects This example demonstrates how to retrieve all object keys from an S3 bucket and then create individual aws_s3_object data sources for each key. It requires the bucket name and uses the keys attribute from the aws_s3_bucket_objects data source to populate the aws_s3_object data sources. ```terraform data "aws_s3_bucket_objects" "my_objects" { bucket = "ourcorp" } data "aws_s3_object" "object_info" { count = length(data.aws_s3_bucket_objects.my_objects.keys) key = element(data.aws_s3_bucket_objects.my_objects.keys, count.index) bucket = data.aws_s3_bucket_objects.my_objects.id } ``` -------------------------------- ### Example Usage: Blue-Green Deployment Alias Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_alias Example of an alias used for blue-green deployments, gradually rolling out traffic to a new version. ```APIDOC ### Blue-Green Deployment Alias ```terraform # Alias for gradual rollout resource "aws_lambda_alias" "example" { name = "live" description = "Live traffic with gradual rollout to new version" function_name = aws_lambda_function.example.function_name function_version = "5" # Current stable version routing_config { additional_version_weights = { "6" = 0.05 # Send 5% of traffic to new version for testing } } } ``` ``` -------------------------------- ### Example Usage of aws_s3control_object_lambda_access_point_policy Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3control_object_lambda_access_point_policy This example demonstrates how to create an S3 bucket, an S3 access point, an S3 Object Lambda Access Point, and then attach a policy to the Object Lambda Access Point. Ensure the `aws_lambda_function` resource is defined elsewhere. ```terraform resource "aws_s3_bucket" "example" { bucket = "example" } resource "aws_s3_access_point" "example" { bucket = aws_s3_bucket.example.id name = "example" } resource "aws_s3control_object_lambda_access_point" "example" { name = "example" configuration { supporting_access_point = aws_s3_access_point.example.arn transformation_configuration { actions = ["GetObject"] content_transformation { aws_lambda { function_arn = aws_lambda_function.example.arn } } } } } resource "aws_s3control_object_lambda_access_point_policy" "example" { name = aws_s3control_object_lambda_access_point.example.name policy = jsonencode({ Version = "2008-10-17" Statement = [{ Effect = "Allow" Action = "s3-object-lambda:GetObject" Principal = { AWS = data.aws_caller_identity.current.account_id } Resource = aws_s3control_object_lambda_access_point.example.arn }] }) } ``` -------------------------------- ### Basic AWS IAM Role Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role A basic example demonstrating the creation of an IAM role with a specified name. This snippet is a starting point for defining an IAM role. ```terraform resource "aws_iam_role" "test_role" { name = "test_role" ``` -------------------------------- ### List aws_cloudwatch_event_target Resource Example Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/list-resources/cloudwatch_event_target This example demonstrates how to list all EventBridge Target resources for a given rule using the aws_cloudwatch_event_target list resource. Ensure you have Terraform version 1.14 or later installed. ```terraform list "aws_cloudwatch_event_target" "example" { provider = aws config { event_bus_name = "default" rule = "my-rule" } } ``` -------------------------------- ### Compare Production and Development Code Signing Configurations Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lambda_code_signing_config This example shows how to retrieve and compare code signing configurations for production and development environments. It fetches the 'untrusted_artifact_on_deployment' policy for each environment and checks if they match. ```terraform # Production code signing config data "aws_lambda_code_signing_config" "prod" { arn = "arn:aws:lambda:us-west-2:123456789012:code-signing-config:csc-prod-123" } # Development code signing config data "aws_lambda_code_signing_config" "dev" { arn = "arn:aws:lambda:us-west-2:123456789012:code-signing-config:csc-dev-456" } # Compare configurations locals { prod_policy = data.aws_lambda_code_signing_config.prod.policies[0].untrusted_artifact_on_deployment dev_policy = data.aws_lambda_code_signing_config.dev.policies[0].untrusted_artifact_on_deployment config_comparison = { prod_enforcement = local.prod_policy dev_enforcement = local.dev_policy policies_match = local.prod_policy == local.dev_policy } } output "environment_comparison" { value = local.config_comparison } ``` -------------------------------- ### Example Usage of aws_api_gateway_documentation_version Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_documentation_version Demonstrates how to create an API Gateway documentation version. It requires a REST API and a documentation part to be defined. ```terraform resource "aws_api_gateway_documentation_version" "example" { version = "example_version" rest_api_id = aws_api_gateway_rest_api.example.id description = "Example description" depends_on = [aws_api_gateway_documentation_part.example] } resource "aws_api_gateway_rest_api" "example" { name = "example_api" } resource "aws_api_gateway_documentation_part" "example" { location { type = "API" } properties = "{\"description\":\"Example\"}" rest_api_id = aws_api_gateway_rest_api.example.id } ``` -------------------------------- ### aws_cloudfront_distribution Data Source Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_distribution Example of how to use the aws_cloudfront_distribution data source to get information about a CloudFront distribution by its ID. ```APIDOC ## Data Source: aws_cloudfront_distribution Use this data source to retrieve information about a CloudFront distribution. ### Example Usage ``` data "aws_cloudfront_distribution" "test" { id = "EDFDVBD632BHDS5" } ``` ## Argument Reference This data source supports the following arguments: * `id` - (Required) Identifier for the distribution. For example: `EDFDVBD632BHDS5`. ## Attribute Reference This data source exports the following attributes in addition to the arguments above: * `id` - Identifier for the distribution. For example: `EDFDVBD632BHDS5`. * `aliases` - List that contains information about CNAMEs (alternate domain names), if any, for this distribution. * `anycast_ip_list_id` - ID of the Anycast static IP list that is associated with the distribution, if any. * `arn` - ARN (Amazon Resource Name) for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID. * `status` - Current status of the distribution. `Deployed` if the distribution's information is fully propagated throughout the Amazon CloudFront system. * `domain_name` - Domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`. * `last_modified_time` - Date and time the distribution was last modified. * `in_progress_validation_batches` - The number of invalidation batches currently in progress. * `etag` - Current version of the distribution's information. For example: `E2QWRUHAPOMQZL`. * `hosted_zone_id` - CloudFront Route 53 zone ID that can be used to route an [Alias Resource Record Set][7] to. This attribute is simply an alias for the zone ID `Z2FDTNDATAQYW2`. * `web_acl_id` - AWS WAF web ACL associated with this distribution. ``` -------------------------------- ### Example Usage of aws_cloudfront_log_delivery_canonical_user_id Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_log_delivery_canonical_user_id This example demonstrates how to retrieve the CloudFront log delivery canonical user ID and use it to configure S3 bucket ACLs for logging. It also shows how to get the current user's canonical ID. ```Terraform data "aws_canonical_user_id" "current" {} data "aws_cloudfront_log_delivery_canonical_user_id" "example" {} resource "aws_s3_bucket" "example" { bucket = "example" } resource "aws_s3_bucket_ownership_controls" "example" { bucket = aws_s3_bucket.example.id rule { object_ownership = "BucketOwnerPreferred" } } resource "aws_s3_bucket_acl" "example" { bucket = aws_s3_bucket.example.id access_control_policy { grant { grantee { id = data.aws_cloudfront_log_delivery_canonical_user_id.example.id type = "CanonicalUser" } permission = "FULL_CONTROL" } owner { id = data.aws_canonical_user_id.current.id } } depends_on = [aws_s3_bucket_ownership_controls.example] } ``` -------------------------------- ### aws_api_gateway_rest_api Data Source Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/api_gateway_rest_api Example of how to use the aws_api_gateway_rest_api data source to get the ID and root resource ID of a REST API. ```APIDOC ## aws_api_gateway_rest_api Use this data source to get the id and root_resource_id of a REST API in API Gateway. To fetch the REST API you must provide a name to match against. As there is no unique name constraint on REST APIs this data source will error if there is more than one match. ### Description This data source retrieves details about an existing API Gateway REST API, identified by its name. It returns the API's ID and the ID of its root resource. ### Method Data Source ### Endpoint N/A (Data Source) ### Parameters #### Arguments - **name** (Required) - Name of the REST API to look up. If no REST API is found with this name, an error will be returned. If multiple REST APIs are found with this name, an error will be returned. - **region** (Optional) - Region where this resource will be managed. Defaults to the Region set in the provider configuration. ### Attributes - **api_key_source** - Source of the API key for requests. - **arn** - ARN of the REST API. - **binary_media_types** - List of binary media types supported by the REST API. - **description** - Description of the REST API. - **endpoint_access_mode** - Endpoint access mode for the REST API. - **endpoint_configuration** - Endpoint configuration of this REST API showing the endpoint types of the API. See below. - **execution_arn** - Execution ARN part to be used in `lambda_permission`'s `source_arn` when allowing API Gateway to invoke a Lambda function, e.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j`, which can be concatenated with allowed stage, method and resource path. - **id** - Set to the ID of the found REST API. - **minimum_compression_size** - Minimum response size to compress for the REST API. - **policy** - JSON formatted policy document that controls access to the API Gateway. - **root_resource_id** - Set to the ID of the API Gateway Resource on the found REST API where the route matches '/'. - **security_policy** - TLS version + cipher suite for the REST API's default execute-api endpoint. - **tags** - Key-value map of resource tags. ### `endpoint_configuration` Block - **ip_address_type** - IP address types that can invoke a REST API. - **types** - List of endpoint types. - **vpc_endpoint_ids** - Set of VPC Endpoint identifiers. ### Example Usage ```hcl data "aws_api_gateway_rest_api" "my_rest_api" { name = "my-rest-api" } ``` ``` -------------------------------- ### Example Usage of aws_kinesis_stream_consumer Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kinesis_stream_consumer Use this data source to get the details of a Kinesis Stream Consumer. Ensure the stream ARN is correctly provided. ```Terraform data "aws_kinesis_stream_consumer" "example" { name = "example-consumer" stream_arn = aws_kinesis_stream.example.arn } ``` -------------------------------- ### IAM Server Certificate with Files Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_server_certificate Example of creating an IAM server certificate by referencing certificate and private key files. ```terraform resource "aws_iam_server_certificate" "test_cert" { name = "some_test_cert" certificate_body = file("self-ca-cert.pem") private_key = file("test-key.pem") } ``` -------------------------------- ### Example Usage of aws_api_gateway_client_certificate Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_client_certificate Demonstrates how to create a basic API Gateway client certificate with a description. ```terraform resource "aws_api_gateway_client_certificate" "demo" { description = "My client certificate" } ``` -------------------------------- ### Configure S3 Bucket Website with Routing Rules (JSON String) Source: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_website_configuration This example demonstrates configuring website hosting on an S3 bucket using a JSON string for routing rules. This is useful for more complex redirection scenarios based on URL prefixes. ```terraform resource "aws_s3_bucket_website_configuration" "example" { bucket = aws_s3_bucket.example.id index_document { suffix = "index.html" } error_document { key = "error.html" } routing_rules = <