generated from burib/terraform-aws-module-template
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
44 lines (38 loc) · 1.48 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
resource "aws_route53_zone" "this" {
name = var.domain
}
# Certificate
resource "aws_acm_certificate" "wildcard_cert" {
domain_name = aws_route53_zone.this.name
validation_method = "DNS"
subject_alternative_names = [
"*.${aws_route53_zone.this.name}"
]
}
resource "aws_acm_certificate_validation" "wildcard_cert" {
certificate_arn = aws_acm_certificate.wildcard_cert.arn
validation_record_fqdns = [
aws_route53_record.wildcard_cert_validation.fqdn
]
}
resource "aws_route53_record" "wildcard_cert_validation" {
name = tolist(aws_acm_certificate.wildcard_cert.domain_validation_options)[0].resource_record_name
type = tolist(aws_acm_certificate.wildcard_cert.domain_validation_options)[0].resource_record_type
zone_id = aws_route53_zone.this.zone_id
records = [
tolist(aws_acm_certificate.wildcard_cert.domain_validation_options)[0].resource_record_value
]
ttl = "60"
}
resource "aws_ssm_parameter" "hosted_zone_id" {
name = "/zones/${replace(aws_route53_zone.this.name, ".", "-DOT-")}/id"
value = aws_route53_zone.this.zone_id
description = "Route53 Hosted Zone ID for ${aws_route53_zone.this.name}"
type = "String"
}
resource "aws_ssm_parameter" "wildcard_cert_arn" {
name = "/certificates/${replace(aws_route53_zone.this.name, ".", "-DOT-")}/wildcard/arn"
value = aws_acm_certificate.wildcard_cert.arn
description = "Wildcard Certificate ARN of *.${aws_route53_zone.this.name}"
type = "String"
}