Skip to content

Commit

Permalink
initial acm module
Browse files Browse the repository at this point in the history
artpasut committed Mar 25, 2022
1 parent 69fe5ec commit 05cd848
Showing 9 changed files with 254 additions and 0 deletions.
31 changes: 31 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# EditorConfig is awesome: http://EditorConfig.org
# Uses editorconfig to maintain consistent coding styles

# top-most EditorConfig file
root = true

# Unix-style newlines with a newline ending every file
[*]
charset = utf-8
end_of_line = lf
indent_size = 2
indent_style = space
insert_final_newline = true
max_line_length = 80
trim_trailing_whitespace = true

[*.{tf,tfvars}]
indent_size = 2
indent_style = space

[*.md]
max_line_length = 0
trim_trailing_whitespace = false

# Tab indentation (no size specified)
[Makefile]
tab_width = 2
indent_style = tab

[COMMIT_EDITMSG]
max_line_length = 0
66 changes: 66 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
.DS_Store
example/

.terraform.lock.hcl

# Created by https://www.toptal.com/developers/gitignore/api/terraform,visualstudiocode
# Edit at https://www.toptal.com/developers/gitignore?templates=terraform,visualstudiocode

### Terraform ###
# Local .terraform directories
**/.terraform/*

# .tfstate files
*.tfstate
*.tfstate.*

# Crash log files
crash.log
crash.*.log

# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
#
*.tfvars

# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json

# Include override files you do wish to add to version control using negated pattern
# !example_override.tf

# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*

# Ignore CLI configuration files
.terraformrc
terraform.rc

### VisualStudioCode ###
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
!.vscode/*.code-snippets

# Local History for Visual Studio Code
.history/

# Built Visual Studio Code Extensions
*.vsix

### VisualStudioCode Patch ###
# Ignore all local history of files
.history
.ionide

# Support for Project snippet scope

# End of https://www.toptal.com/developers/gitignore/api/terraform,visualstudiocode
29 changes: 29 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.62.3
hooks:
- id: terraform_fmt
- id: terraform_validate
- id: terraform_docs
args:
- '--args=--lockfile=false'
- id: terraform_tflint
args:
- '--args=--only=terraform_deprecated_interpolation'
- '--args=--only=terraform_deprecated_index'
- '--args=--only=terraform_unused_declarations'
- '--args=--only=terraform_comment_syntax'
- '--args=--only=terraform_documented_outputs'
- '--args=--only=terraform_documented_variables'
- '--args=--only=terraform_typed_variables'
- '--args=--only=terraform_module_pinned_source'
- '--args=--only=terraform_naming_convention'
- '--args=--only=terraform_required_version'
- '--args=--only=terraform_required_providers'
- '--args=--only=terraform_standard_module_structure'
- '--args=--only=terraform_workspace_remote'
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.1.0
hooks:
- id: check-merge-conflict
- id: end-of-file-fixer
79 changes: 79 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,2 +1,81 @@
# terraform-aws-acm

AWS Certificate manager Terraform

## Usage

```terraform
provider "aws" {
alias = "virginia"
region = "us-east-1"
access_key = var.aws_virginia_access_key
secret_key = var.aws_virginia_secret_key
}
provider "aws" {
alias = "singapore"
region = "ap-southeast-1"
access_key = var.aws_singapore_access_key
secret_key = var.aws_singapore_secret_key
}
module "acm_singapore" {
source = "<source>"
providers = {
aws = aws.singapore
}
acm_domain_name = ["domain1", "domain2"]
route53_zone_id = "<hostzone_id>"
}
module "acm_virginia" {
source = "<source>"
providers = {
aws = aws.virginia
}
acm_domain_name = ["domain1", "domain2"]
route53_zone_id = "<hostzone_id>"
}
```

<!-- BEGIN_TF_DOCS -->

## Requirements

| Name | Version |
| ------------------------------------------------------------------------ | -------- |
| <a name="requirement_terraform"></a> [terraform](#requirement_terraform) | >= 1.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement_aws) | >= 4.0.0 |

## Providers

| Name | Version |
| ------------------------------------------------ | -------- |
| <a name="provider_aws"></a> [aws](#provider_aws) | >= 4.0.0 |

## Modules

No modules.

## Resources

| Name | Type |
| --------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
| [aws_acm_certificate.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
| [aws_acm_certificate_validation.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource |
| [aws_route53_record.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |

## Inputs

| Name | Description | Type | Default | Required |
| ------------------------------------------------------------------------------ | ---------------------------------------------------- | -------------- | ------- | :------: |
| <a name="input_acm_domain_name"></a> [acm_domain_name](#input_acm_domain_name) | Domain name for request certificate. | `list(string)` | n/a | yes |
| <a name="input_route53_zone_id"></a> [route53_zone_id](#input_route53_zone_id) | Hosted zone ID matches with domain name certificate. | `string` | n/a | yes |

## Outputs

| Name | Description |
| -------------------------------------------------------------------------------- | --------------- |
| <a name="output_certificate_arn"></a> [certificate_arn](#output_certificate_arn) | Certificate ARN |

<!-- END_TF_DOCS -->
4 changes: 4 additions & 0 deletions locals.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
locals {
domains_validation_options_set_index = { for index, value in aws_acm_certificate.this : index => [for index, value in value.domain_validation_options : value] }
domains_validation_options = { for index, value in local.domains_validation_options_set_index : index => value[0] }
}
22 changes: 22 additions & 0 deletions main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
resource "aws_acm_certificate" "this" {
for_each = { for index, domain in var.acm_domain_name : index => domain }
domain_name = each.value
validation_method = "DNS"
}

resource "aws_route53_record" "this" {
for_each = local.domains_validation_options

allow_overwrite = true
name = each.value.resource_record_name
records = [each.value.resource_record_value]
ttl = 60
type = each.value.resource_record_type
zone_id = var.route53_zone_id
}

resource "aws_acm_certificate_validation" "this" {
count = length(aws_route53_record.this)
certificate_arn = aws_acm_certificate.this[count.index].arn
validation_record_fqdns = [aws_route53_record.this[count.index].fqdn]
}
4 changes: 4 additions & 0 deletions outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
output "certificate_arn" {
value = aws_acm_certificate_validation.this[*].certificate_arn
description = "Certificate ARN"
}
9 changes: 9 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
variable "acm_domain_name" {
description = "Domain name for request certificate."
type = list(string)
}

variable "route53_zone_id" {
description = "Hosted zone ID matches with domain name certificate."
type = string
}
10 changes: 10 additions & 0 deletions versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
terraform {
required_version = ">= 1.0.0"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 4.0.0"
}
}
}

0 comments on commit 05cd848

Please sign in to comment.