-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
34 lines (28 loc) · 1.25 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
provider "aws" {}
data "aws_route53_zone" "current" {
zone_id = "${var.public_zone_id}"
}
locals {
common_name = "${replace(var.domain_name == "" ? data.aws_route53_zone.current.name : var.domain_name, "/\\.$$/", "")}"
}
resource "aws_acm_certificate" "acm_certificate" {
domain_name = "${local.common_name}"
validation_method = "DNS"
subject_alternative_names = "${compact(var.subject_alternative_names)}"
tags = "${merge(var.main_vars,
map("system", var.system_name),
map("Name", replace(local.common_name, "/^\\*/", "wildcard")),
map("region", var.main_vars["region"])
)}"
}
resource "aws_route53_record" "acm_certificate" {
name = "${aws_acm_certificate.acm_certificate.domain_validation_options.0.resource_record_name}"
type = "${aws_acm_certificate.acm_certificate.domain_validation_options.0.resource_record_type}"
zone_id = "${var.public_zone_id}"
records = ["${aws_acm_certificate.acm_certificate.domain_validation_options.0.resource_record_value}"]
ttl = 60
}
resource "aws_acm_certificate_validation" "acm_certificate" {
certificate_arn = "${aws_acm_certificate.acm_certificate.arn}"
validation_record_fqdns = ["${aws_route53_record.acm_certificate.fqdn}"]
}