AWS CloudFront distribution is a CDN platform used to cache the static contents. It improves the website performance by returning the cached data to the client browser from the nearest edge location. When we publish new content on the site, we want to invalidate the previous one so that user gets the latest resource on their browser. In this article, I will explain how to invalidate the AWS CloudFront distribution cache in the Terraform script.
Invalidate CloudFront Distribution Cache using Terraform
Terraform is an infrastructure management code that we use to create resources in the cloud. Unlike the older ways where we used to create everything manually, Terraform provides a way where we write codes and it creates those resources when we run it.
If we want to create an AWS Lambda function then we will just write a Terraform script where we provide all the configuration details and run the script. It will create the lambda function. The best part is that it stores the state so that it doesn’t recreate the same resource which is already created by the script.
Unfortunately, Terraform provides no built-in code to invalidate the CloudFront cache. We have to do it via the AWS CLI command.
Checkout our article if you want to improve your website performance using CloudFront.
Invalidate cloudfront cache using terraform null resource
Terraform provides a special block called as null_resource. We can use it to run shell commands on the provider.
locals {
distribution_id = "" // pass your cloudfront distribution id here
}
resource "null_resource" "invalidate_cache" {
provisioner local-exec {
command = "aws cloudfront create-invalidation --distribution-id ${local.distribution_id} --paths '/*'"
}
}In the above code, we are using a null resource block to run the AWS CLI command to invalidate the cache. You have to pass the value of distribution id in locals.
I have provided /* in the paths parameter which means it will invalidate the root cache. All the assets will be invalidated at once. If you want to invalidate only a specific asset then you have to provide the asset path in the paths parameter.
Invalidate cloudfront cache using Terraform aws cloudfront distribution resource
We can also use Terraform aws_cloudfront_distribution resource to invalidate the cache. Use a local-exec provisioner to run the cloudfront invalidate cache CLI command.
resource "aws_cloudfront_distribution" "s3_distribution" {
# ...
provisioner "local-exec" {
command = "aws cloudfront create-invalidation --distribution-id ${self.id} --paths '/*'"
}
}You can change the asset path in paths parameter to invalidate only a specific asset.
Conclusion
We can invalidate AWS CloudFront distribution cache using Terraform in multiple ways. However, Terraform doesn’t provide any built-in code to do this, we have to use shell command to invalidate the cache.