Created
February 10, 2020 20:19
-
-
Save wlonkly/3afd886bcbe746387976dfa41122b45d to your computer and use it in GitHub Desktop.
Manual vs. module-ized ACM certificates in terraform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
data "aws_route53_zone" "alias_zone" { | |
name = "example.com" | |
private_zone = false | |
} | |
resource "aws_acm_certificate" "certificate" { | |
domain_name = "example.com" | |
validation_method = "DNS" | |
tags = { some list of tags } | |
lifecycle { | |
create_before_destroy = true | |
} | |
} | |
resource "aws_route53_record" "cert_validation" { | |
name = aws_acm_certificate.certificate.domain_validation_options.0.resource_record_name | |
type = aws_acm_certificate.certificate.domain_validation_options.0.resource_record_type | |
zone_id = data.aws_route53_zone.zone.id | |
records = [aws_acm_certificate.certificate.domain_validation_options.0.resource_record_value] | |
ttl = 60 | |
} | |
resource "aws_acm_certificate_validation" "cert" { | |
certificate_arn = aws_acm_certificate.certificate.arn | |
validation_record_fqdns = [aws_route53_record.cert_validation.fqdn] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module "acm_certificate" { | |
source = "../acm_certificate/" | |
domain_name = "example.com" | |
tags = { some list of tags } | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Oversimplification, but the intent was to let people write what's in "module.tf" instead of having to basically cut and paste all the DNS boilerplate that's in "manual.tf".