Terraform AWS Certificate Manager (ACM) with Multiple Hosted Zone Module

Terraform module to create an ACM resource that contains domains from multiple Route53 hosted zone. ACM validation is using Route53 only. This module supports terraform version 0.12 only.

Usage

The domain_name and subject_alternative_names variables consist of map (object) of string and list of map of string. Each object must consist zone and domain keys.

The zone key contains name of hosted zone where the domain belong. The hosted must be a public one on Route53 in the same AWS account with the requested certificate.
The domain key contains domain name that will be used in the certificate whether in the domain name or subject alternative names section.

module "acm" {
    source = "../../"

    domain_name = {
        zone = "example.com"
        domain = "example.com"
    }
    subject_alternative_names = [
        {
            zone = "example.com"
            domain = "*.example.com"
        },
        {
            zone = "example.org"
            domain = "example.org"
        },
        {
            zone =  "example.org"
            domain = "*.example.org"
        }
    ]

    tags = {
        Name = "Test ACM multiple hosted zone"
    }
}

Examples

Recreating ACM Certificate

Due to the hashicorp/terraform-provider-aws#8531 issue, this module implement a workaround that makes existing ACM certificate won't be recreated when we change the subject alternatives name. So make sure to taint the certificate using terraform taint command before adjusting the subject alternatives name. Here is the steps:

Taint exisiting certificate using terraform taint module.acm.aws_acm_certificate.self command.
Adjust value of the subject_alternatives_name variable.
Run terraform plan -out=tfplan.out and review the execution plan.
Apply the change using terraform apply tfplan.out.

Inputs

Name	Description	Type	Default	Required
domain_name	Domain name for the ACM certificate	`map(string)`	n/a	yes
subject_alternative_names	List of subject alternative names for the ACM certificate	`list(map(string))`	n/a	yes
tags	Key and value pair that will be added as tag	`map(string)`	`{}`	no
validate_certificate	Whether to validate certificate	`bool`	`true`	no
validation_allow_overwrite_records	Whether to allow overwrite of Route53 records	`bool`	`true`	no
validation_set_records	Whether to configure Route53 records for validation	`bool`	`true`	no

Outputs

Name	Description
certificate_arn	The ARN of the certificate
certificate_domain_validation_options	A list of attributes to feed into other resources to complete certificate validation
certificate_domains	List of domain names covered by the certificate

sa-mao / terraform-aws-acm-multiple-hosted-zone Goto Github PK

terraform-aws-acm-multiple-hosted-zone's Introduction

Terraform AWS Certificate Manager (ACM) with Multiple Hosted Zone Module

Usage

Examples

Recreating ACM Certificate

Inputs

Outputs

terraform-aws-acm-multiple-hosted-zone's People

Contributors

Watchers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent