Use native cloudfront 404 page (#991)

modules/spa-s3-cloudfront/CHANGELOG.md

@@ -1,3 +1,17 @@
+## Component PR [#991]()
+
+### Drop `lambda_edge_redirect_404`
+
+This PR removes the `lambda_edge_redirect_404` functionality because it leads to significat costs. 
+Use native CloudFront error pages configs instead.
+
+```yaml
+cloudfront_custom_error_response:
+  - error_code: 404
+    response_code: 404
+    response_page_path: /404.html
+```
+
 ## Components PR [#978](https://github.com/cloudposse/terraform-aws-components/pull/978)
 
 ### Lambda@Edge Submodule Refactor

modules/spa-s3-cloudfront/README.md

@@ -229,7 +229,6 @@ components:
 | <a name="input_lambda_edge_destruction_delay"></a> [lambda\_edge\_destruction\_delay](#input\_lambda\_edge\_destruction\_delay) | The delay, in [Golang ParseDuration](https://pkg.go.dev/time#ParseDuration) format, to wait before destroying the Lambda@Edge<br>functions.<br><br>This delay is meant to circumvent Lambda@Edge functions not being immediately deletable following their dissociation from<br>a CloudFront distribution, since they are replicated to CloudFront Edge servers around the world.<br><br>If set to `null`, no delay will be introduced.<br><br>By default, the delay is 20 minutes. This is because it takes about 3 minutes to destroy a CloudFront distribution, and<br>around 15 minutes until the Lambda@Edge function is available for deletion, in most cases.<br><br>For more information, see: https://github.com/hashicorp/terraform-provider-aws/issues/1721. | `string` | `"20m"` | no |
 | <a name="input_lambda_edge_functions"></a> [lambda\_edge\_functions](#input\_lambda\_edge\_functions) | Lambda@Edge functions to create.<br><br>The key of this map is the name of the Lambda@Edge function.<br><br>This map will be deep merged with each enabled default function. Use deep merge to change or overwrite specific values passed by those function objects. | <pre>map(object({<br>    source = optional(list(object({<br>      filename = string<br>      content  = string<br>    })))<br>    source_dir   = optional(string)<br>    source_zip   = optional(string)<br>    runtime      = string<br>    handler      = string<br>    event_type   = string<br>    include_body = bool<br>  }))</pre> | `{}` | no |
 | <a name="input_lambda_edge_handler"></a> [lambda\_edge\_handler](#input\_lambda\_edge\_handler) | The default Lambda@Edge handler for all functions.<br><br>This value is deep merged in `module.lambda_edge_functions` with `var.lambda_edge_functions` and can be overwritten for any individual function. | `string` | `"index.handler"` | no |
-| <a name="input_lambda_edge_redirect_404_enabled"></a> [lambda\_edge\_redirect\_404\_enabled](#input\_lambda\_edge\_redirect\_404\_enabled) | Enable or disable SPA 404 redirects via Lambda@Edge - returns a 302 and a location of `/` if the request returned 404. | `bool` | `false` | no |
 | <a name="input_lambda_edge_runtime"></a> [lambda\_edge\_runtime](#input\_lambda\_edge\_runtime) | The default Lambda@Edge runtime for all functions.<br><br>This value is deep merged in `module.lambda_edge_functions` with `var.lambda_edge_functions` and can be overwritten for any individual function. | `string` | `"nodejs16.x"` | no |
 | <a name="input_name"></a> [name](#input\_name) | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.<br>This is the only ID element not also included as a `tag`.<br>The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. | `string` | `null` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |

modules/spa-s3-cloudfront/lambda_edge.tf

@@ -1,6 +1,4 @@
 locals {
-  lambda_edge_redirect_404_enabled = local.enabled && var.lambda_edge_redirect_404_enabled
-
   cloudfront_lambda_function_association = concat(var.cloudfront_lambda_function_association, module.lambda_edge.lambda_function_association)
 }
 
@@ -58,39 +56,6 @@ module "lambda_edge_functions" {
         include_body = false
       }
     } : {},
-    local.lambda_edge_redirect_404_enabled ? {
-      origin_response = {
-        source = [{
-          content  = file("${path.module}/dist/lambda_edge_404_redirect.js")
-          filename = "index.js"
-        }]
-        runtime      = var.lambda_edge_runtime
-        handler      = var.lambda_edge_handler
-        event_type   = "origin-response"
-        include_body = false
-      },
-      viewer_request = {
-        source = [{
-          content  = <<-EOT
-          exports.handler = (event, context, callback) => {
-              const { request } = event.Records[0].cf;
-              request.headers['x-forwarded-host'] = [
-                  {
-                      key: 'X-Forwarded-Host',
-                      value: request.headers.host[0].value
-                  }
-              ];
-              return callback(null, request);
-          };
-          EOT
-          filename = "index.js"
-        }]
-        runtime      = var.lambda_edge_runtime
-        handler      = var.lambda_edge_handler
-        event_type   = "viewer-request"
-        include_body = false
-      }
-    } : {},
     var.lambda_edge_functions,
   ]
 }

modules/spa-s3-cloudfront/variables.tf

@@ -173,7 +173,7 @@ variable "cloudfront_custom_error_response" {
   # http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html#custom-error-pages-procedure
   # https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#custom-error-response-arguments
   type = list(object({
-    error_caching_min_ttl = string
+    error_caching_min_ttl = optional(string, "10")
     error_code            = string
     response_code         = string
     response_page_path    = string
@@ -452,14 +452,6 @@ variable "preview_environment_enabled" {
   default     = false
 }
 
-variable "lambda_edge_redirect_404_enabled" {
-  type        = bool
-  description = <<-EOT
-  Enable or disable SPA 404 redirects via Lambda@Edge - returns a 302 and a location of `/` if the request returned 404.
-  EOT
-  default     = false
-}
-
 variable "github_runners_deployment_principal_arn_enabled" {
   type        = bool
   description = "A flag that is used to decide whether or not to include the GitHub Runner's IAM role in origin_deployment_principal_arns list"