Init

sugdyzhekov · sugdyzhekov · commit 24e0b1224632 · 2018-06-22T13:44:16.000+03:00
diff --git a/README.md b/README.md
@@ -0,0 +1,26 @@
+## About
+Terraform module to create TLS certificate from AWS ACM
+
+Features: 
+* Multiple domains support (SAN)
+* Auto validation using DNS
+
+Limitations:
+* all DNS zone should be in the same AWS account
+
+## Usage
+ 
+it's a tricky to pass list of hostnames and its Route 53 zone_ids. The format is a string of comma-separated hostnames list 
+and corresponding coma-separated zone_id list (the order in lists should be the same):
+
+```
+module "certificate" {
+  source    = "github.com/jetbrains-infra/terraform-aws-acm-certificate"
+  hostnames = "example.com,example.net" // required
+  zone_ids  = "${aws_route53_zone.example_com.id},${aws_route53_zone.example_net.id}" // required
+}
+```
+
+## Outputs
+
+* `arn` - certificate ARN
diff --git a/certificate.tf b/certificate.tf
@@ -0,0 +1,19 @@
+resource "aws_acm_certificate" "default" {
+  domain_name = "${local.main_domain}"
+  subject_alternative_names = ["${local.alternative_names}"]
+  validation_method = "DNS"
+}
+
+resource "aws_route53_record" "proof" {
+  count   = "${local.hostname_count}"
+  name    = "${element(aws_acm_certificate.default.domain_validation_options.*.resource_record_name, count.index)}"
+  type    = "${element(aws_acm_certificate.default.domain_validation_options.*.resource_record_type, count.index)}"
+  zone_id = "${element(var.zone_ids, count.index)}"
+  records = ["${element(aws_acm_certificate.default.domain_validation_options.*.resource_record_value, count.index)}"]
+  ttl     = 60
+}
+
+resource "aws_acm_certificate_validation" "default" {
+  certificate_arn = "${aws_acm_certificate.default.arn}"
+  validation_record_fqdns = ["${aws_route53_record.proof.fqdn}"]
+}
diff --git a/outputs.tf b/outputs.tf
@@ -0,0 +1,3 @@
+output "arn" {
+  value = "${aws_acm_certificate.default.arn}"
+}
diff --git a/settings.tf b/settings.tf
@@ -0,0 +1,4 @@
+provider "aws" {
+  alias = "us"
+  region = "us-east-1"
+}
diff --git a/variables.tf b/variables.tf
@@ -0,0 +1,15 @@
+variable "hostnames" {}
+variable "zone_ids" {}
+variable "region" {
+  default = "eu-west-1"
+}
+
+locals {
+  main_domain       = "${element(split(",", var.hostnames), 0)}"
+  alternative_names = "${slice(split(",", var.hostnames), 1, length(split(",", var.hostnames)))}"
+  hostname_count    = "${length(split(",", var.hostnames))}"
+}
+
+provider "aws" {
+  region = "${var.region}"
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+output "arn" {`
	`2`	`+ value = "${aws_acm_certificate.default.arn}"`
	`3`	`+}`