Contact UsGet started

Static website in Yandex Object Storage using Terraform

Written by
Updated at May 7, 2025

To host a static website in Object Storage using Terraform:

  1. Get your cloud ready.
  2. Create an infrastructure.
  3. Test the website.

If you no longer need the resources you created, delete them.

Get your cloud ready

Sign up in Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or register a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

The cost of hosting a static website includes:

Create an infrastructure

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the documentation on the Terraform website or mirror website.

To create an infrastructure for a static website in Object Storage using Terraform:

  1. Install Terraform, get the authentication credentials, and specify the source for installing the Yandex Cloud provider (see Configure a provider, Step 1).

  2. Prepare your infrastructure description files:

    1. Clone the repository with configuration files.

      git clone https://github.com/yandex-cloud-examples/yc-s3-static-website.git

    2. Navigate to the repository directory. Make sure it contains the following files:

      • static.tf: New infrastructure configuration.
      • index.html and error.html: Website's main page and error page.
    1. Create a folder for configuration files.
    2. In the folder, create:

      1. static.tf configuration file:

        static.tf
        locals {
  folder_id = "<folder_ID>"
  domain    = "<domain>"
}

terraform {
  required_providers {
    yandex = {
      source  = "yandex-cloud/yandex"
      version = ">= 0.47.0"
    }
  }
}

provider "yandex" {
  folder_id = local.folder_id
}

resource "yandex_iam_service_account" "sa" {
  name      = "my-sa"
}

resource "yandex_resourcemanager_folder_iam_member" "sa-editor" {
  folder_id = local.folder_id
  role      = "storage.editor"
  member    = "serviceAccount:${yandex_iam_service_account.sa.id}"
}

resource "yandex_iam_service_account_static_access_key" "sa-static-key" {
  service_account_id = yandex_iam_service_account.sa.id
  description        = "static access key for object storage"
}

resource "yandex_storage_bucket" "test" {
  access_key = yandex_iam_service_account_static_access_key.sa-static-key.access_key
  secret_key = yandex_iam_service_account_static_access_key.sa-static-key.secret_key
  bucket     = local.domain
  max_size   = 1073741824  
  acl        = "public-read"
  
  website {
    index_document = "index.html"
    error_document = "error.html"
  }

  # Certificate Manager certificate
  https {
    certificate_id = data.yandex_cm_certificate.example.id
  }
}

resource "yandex_cm_certificate" "le-certificate" {
  name    = "my-le-cert"
  domains = ["${local.domain}"]

  managed {
  challenge_type = "DNS_CNAME"
  }
}

resource "yandex_dns_recordset" "validation-record" {
  zone_id = yandex_dns_zone.zone1.id
  name    = yandex_cm_certificate.le-certificate.challenges[0].dns_name
  type    = yandex_cm_certificate.le-certificate.challenges[0].dns_type
  data    = [yandex_cm_certificate.le-certificate.challenges[0].dns_value]
  ttl     = 600
}

data "yandex_cm_certificate" "example" {
  depends_on      = [yandex_dns_recordset.validation-record]
  certificate_id  = yandex_cm_certificate.le-certificate.id
  #wait_validation = true
}

resource "yandex_storage_object" "index-html" {
  access_key = yandex_iam_service_account_static_access_key.sa-static-key.access_key
  secret_key = yandex_iam_service_account_static_access_key.sa-static-key.secret_key
  bucket     = yandex_storage_bucket.test.id
  key        = "index.html"
  source     = "index.html"
}

resource "yandex_storage_object" "error-html" {
  access_key = yandex_iam_service_account_static_access_key.sa-static-key.access_key
  secret_key = yandex_iam_service_account_static_access_key.sa-static-key.secret_key
  bucket     = yandex_storage_bucket.test.id
  key        = "error.html"
  source     = "error.html"
}

resource "yandex_dns_zone" "zone1" {
  name        = "example-zone-1"
  description = "Public zone"
  zone        = "${local.domain}."
  public      = true
}

resource "yandex_dns_recordset" "rs2" {
  zone_id = yandex_dns_zone.zone1.id
  name    = "${local.domain}."
  type    = "ANAME"
  ttl     = 600
  data    = ["${local.domain}.website.yandexcloud.net"]
}

      2. index.html file containing the text Hello world!:

        index.html
        <!doctype html>
<html>
  <head>
    <title>Hello, world!</title>
  </head>
  <body>
    <p>Hello, world!</p>
  </body>
</html>

      3. error.html file containing the text Error!:

        error.html
        <!doctype html>
<html>
  <head>
    <title>Error!</title>
  </head>
  <body>
    <p>Error!</p>
  </body>
</html>

    Learn more about the properties of Terraform resources in the provider documentation:

  3. Under locals in the static.tf file, set the following user-defined properties:

    • folder_id: ID of the folder to create the resources in.
    • domain: Domain name in example.com format, without a trailing dot.

  4. Create resources:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

After creating the infrastructure, test the website.

Test the website

To check that the website is running, use one of the standard Object Storage addresses:

  • http://<bucket_name>.website.yandexcloud.net
  • http://website.yandexcloud.net/<bucket_name>

If you have configured your own domain for a website, use its address, e.g., example.com.

How to delete the resources you created

To stop paying for the resources you created:

  1. Open the static.tf configuration file and delete the description of the new infrastructure from it.

  2. Apply the changes:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

See also

Previous
Management console
Next
Overview