martinjt/certificate.ts Secret

## certificate.ts
import * as aws from "@pulumi/aws";
import * as pulumi from "@pulumi/pulumi"

export interface CertificateArgs {
    baseDomain: string;
}

export class SslCertificate extends pulumi.ComponentResource {
    public certicateArn: pulumi.Output<string>;

    constructor(name: string,
        args: CertificateArgs,
        opts: pulumi.ComponentResourceOptions = {}) {
        super("examples:ssl-certificate", name, args, opts);

        // us-east1 is important here as the cert needs to be there for cloudfront
        var usEast1 = new aws.Provider("us-east-1", {
            region: "us-east-1",
        });
        const exampleCertificate = new aws.acm.Certificate("examples-certificate", {
            domainName: args.baseDomain,
            subjectAlternativeNames: [`*.${args.baseDomain}`],
            validationMethod: "DNS"
        }, {
            provider: usEast1,
        });
        const exampleZone = aws.route53.getZone({
            name: args.baseDomain,
            privateZone: false,
        });

        const certValidation = new aws.route53.Record("examples-certificate-validation", {
            name: exampleCertificate.domainValidationOptions[0].resourceRecordName,
            records: [exampleCertificate.domainValidationOptions[0].resourceRecordValue],
            ttl: 60,
            type: exampleCertificate.domainValidationOptions[0].resourceRecordType,
            zoneId: exampleZone.then(x => x.zoneId),
        });

        const certCertificateValidation = new aws.acm.CertificateValidation("cert", {
            certificateArn: exampleCertificate.arn,
            validationRecordFqdns: [certValidation.fqdn],
        }, {
            provider: usEast1,
        });

        this.certicateArn = certCertificateValidation.certificateArn;
    }
}
	import * as aws from "@pulumi/aws";
	import * as pulumi from "@pulumi/pulumi"

	export interface CertificateArgs {
	baseDomain: string;
	}

	export class SslCertificate extends pulumi.ComponentResource {
	public certicateArn: pulumi.Output<string>;

	constructor(name: string,
	args: CertificateArgs,
	opts: pulumi.ComponentResourceOptions = {}) {
	super("examples:ssl-certificate", name, args, opts);

	// us-east1 is important here as the cert needs to be there for cloudfront
	var usEast1 = new aws.Provider("us-east-1", {
	region: "us-east-1",
	});
	const exampleCertificate = new aws.acm.Certificate("examples-certificate", {
	domainName: args.baseDomain,
	subjectAlternativeNames: [`*.${args.baseDomain}`],
	validationMethod: "DNS"
	}, {
	provider: usEast1,
	});
	const exampleZone = aws.route53.getZone({
	name: args.baseDomain,
	privateZone: false,
	});

	const certValidation = new aws.route53.Record("examples-certificate-validation", {
	name: exampleCertificate.domainValidationOptions[0].resourceRecordName,
	records: [exampleCertificate.domainValidationOptions[0].resourceRecordValue],
	ttl: 60,
	type: exampleCertificate.domainValidationOptions[0].resourceRecordType,
	zoneId: exampleZone.then(x => x.zoneId),
	});

	const certCertificateValidation = new aws.acm.CertificateValidation("cert", {
	certificateArn: exampleCertificate.arn,
	validationRecordFqdns: [certValidation.fqdn],
	}, {
	provider: usEast1,
	});

	this.certicateArn = certCertificateValidation.certificateArn;
	}
	}