-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
9 changed files
with
254 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
# EditorConfig is awesome: http://EditorConfig.org | ||
# Uses editorconfig to maintain consistent coding styles | ||
|
||
# top-most EditorConfig file | ||
root = true | ||
|
||
# Unix-style newlines with a newline ending every file | ||
[*] | ||
charset = utf-8 | ||
end_of_line = lf | ||
indent_size = 2 | ||
indent_style = space | ||
insert_final_newline = true | ||
max_line_length = 80 | ||
trim_trailing_whitespace = true | ||
|
||
[*.{tf,tfvars}] | ||
indent_size = 2 | ||
indent_style = space | ||
|
||
[*.md] | ||
max_line_length = 0 | ||
trim_trailing_whitespace = false | ||
|
||
# Tab indentation (no size specified) | ||
[Makefile] | ||
tab_width = 2 | ||
indent_style = tab | ||
|
||
[COMMIT_EDITMSG] | ||
max_line_length = 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
.DS_Store | ||
example/ | ||
|
||
.terraform.lock.hcl | ||
|
||
# Created by https://www.toptal.com/developers/gitignore/api/terraform,visualstudiocode | ||
# Edit at https://www.toptal.com/developers/gitignore?templates=terraform,visualstudiocode | ||
|
||
### Terraform ### | ||
# Local .terraform directories | ||
**/.terraform/* | ||
|
||
# .tfstate files | ||
*.tfstate | ||
*.tfstate.* | ||
|
||
# Crash log files | ||
crash.log | ||
crash.*.log | ||
|
||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as | ||
# password, private keys, and other secrets. These should not be part of version | ||
# control as they are data points which are potentially sensitive and subject | ||
# to change depending on the environment. | ||
# | ||
*.tfvars | ||
|
||
# Ignore override files as they are usually used to override resources locally and so | ||
# are not checked in | ||
override.tf | ||
override.tf.json | ||
*_override.tf | ||
*_override.tf.json | ||
|
||
# Include override files you do wish to add to version control using negated pattern | ||
# !example_override.tf | ||
|
||
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan | ||
# example: *tfplan* | ||
|
||
# Ignore CLI configuration files | ||
.terraformrc | ||
terraform.rc | ||
|
||
### VisualStudioCode ### | ||
.vscode/* | ||
!.vscode/settings.json | ||
!.vscode/tasks.json | ||
!.vscode/launch.json | ||
!.vscode/extensions.json | ||
!.vscode/*.code-snippets | ||
|
||
# Local History for Visual Studio Code | ||
.history/ | ||
|
||
# Built Visual Studio Code Extensions | ||
*.vsix | ||
|
||
### VisualStudioCode Patch ### | ||
# Ignore all local history of files | ||
.history | ||
.ionide | ||
|
||
# Support for Project snippet scope | ||
|
||
# End of https://www.toptal.com/developers/gitignore/api/terraform,visualstudiocode |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
repos: | ||
- repo: https://github.com/antonbabenko/pre-commit-terraform | ||
rev: v1.62.3 | ||
hooks: | ||
- id: terraform_fmt | ||
- id: terraform_validate | ||
- id: terraform_docs | ||
args: | ||
- '--args=--lockfile=false' | ||
- id: terraform_tflint | ||
args: | ||
- '--args=--only=terraform_deprecated_interpolation' | ||
- '--args=--only=terraform_deprecated_index' | ||
- '--args=--only=terraform_unused_declarations' | ||
- '--args=--only=terraform_comment_syntax' | ||
- '--args=--only=terraform_documented_outputs' | ||
- '--args=--only=terraform_documented_variables' | ||
- '--args=--only=terraform_typed_variables' | ||
- '--args=--only=terraform_module_pinned_source' | ||
- '--args=--only=terraform_naming_convention' | ||
- '--args=--only=terraform_required_version' | ||
- '--args=--only=terraform_required_providers' | ||
- '--args=--only=terraform_standard_module_structure' | ||
- '--args=--only=terraform_workspace_remote' | ||
- repo: https://github.com/pre-commit/pre-commit-hooks | ||
rev: v4.1.0 | ||
hooks: | ||
- id: check-merge-conflict | ||
- id: end-of-file-fixer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,81 @@ | ||
# terraform-aws-acm | ||
|
||
AWS Certificate manager Terraform | ||
|
||
## Usage | ||
|
||
```terraform | ||
provider "aws" { | ||
alias = "virginia" | ||
region = "us-east-1" | ||
access_key = var.aws_virginia_access_key | ||
secret_key = var.aws_virginia_secret_key | ||
} | ||
provider "aws" { | ||
alias = "singapore" | ||
region = "ap-southeast-1" | ||
access_key = var.aws_singapore_access_key | ||
secret_key = var.aws_singapore_secret_key | ||
} | ||
module "acm_singapore" { | ||
source = "<source>" | ||
providers = { | ||
aws = aws.singapore | ||
} | ||
acm_domain_name = ["domain1", "domain2"] | ||
route53_zone_id = "<hostzone_id>" | ||
} | ||
module "acm_virginia" { | ||
source = "<source>" | ||
providers = { | ||
aws = aws.virginia | ||
} | ||
acm_domain_name = ["domain1", "domain2"] | ||
route53_zone_id = "<hostzone_id>" | ||
} | ||
``` | ||
|
||
<!-- BEGIN_TF_DOCS --> | ||
|
||
## Requirements | ||
|
||
| Name | Version | | ||
| ------------------------------------------------------------------------ | -------- | | ||
| <a name="requirement_terraform"></a> [terraform](#requirement_terraform) | >= 1.0.0 | | ||
| <a name="requirement_aws"></a> [aws](#requirement_aws) | >= 4.0.0 | | ||
|
||
## Providers | ||
|
||
| Name | Version | | ||
| ------------------------------------------------ | -------- | | ||
| <a name="provider_aws"></a> [aws](#provider_aws) | >= 4.0.0 | | ||
|
||
## Modules | ||
|
||
No modules. | ||
|
||
## Resources | ||
|
||
| Name | Type | | ||
| --------------------------------------------------------------------------------------------------------------------------------------------- | -------- | | ||
| [aws_acm_certificate.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource | | ||
| [aws_acm_certificate_validation.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource | | ||
| [aws_route53_record.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
| ------------------------------------------------------------------------------ | ---------------------------------------------------- | -------------- | ------- | :------: | | ||
| <a name="input_acm_domain_name"></a> [acm_domain_name](#input_acm_domain_name) | Domain name for request certificate. | `list(string)` | n/a | yes | | ||
| <a name="input_route53_zone_id"></a> [route53_zone_id](#input_route53_zone_id) | Hosted zone ID matches with domain name certificate. | `string` | n/a | yes | | ||
|
||
## Outputs | ||
|
||
| Name | Description | | ||
| -------------------------------------------------------------------------------- | --------------- | | ||
| <a name="output_certificate_arn"></a> [certificate_arn](#output_certificate_arn) | Certificate ARN | | ||
|
||
<!-- END_TF_DOCS --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
locals { | ||
domains_validation_options_set_index = { for index, value in aws_acm_certificate.this : index => [for index, value in value.domain_validation_options : value] } | ||
domains_validation_options = { for index, value in local.domains_validation_options_set_index : index => value[0] } | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
resource "aws_acm_certificate" "this" { | ||
for_each = { for index, domain in var.acm_domain_name : index => domain } | ||
domain_name = each.value | ||
validation_method = "DNS" | ||
} | ||
|
||
resource "aws_route53_record" "this" { | ||
for_each = local.domains_validation_options | ||
|
||
allow_overwrite = true | ||
name = each.value.resource_record_name | ||
records = [each.value.resource_record_value] | ||
ttl = 60 | ||
type = each.value.resource_record_type | ||
zone_id = var.route53_zone_id | ||
} | ||
|
||
resource "aws_acm_certificate_validation" "this" { | ||
count = length(aws_route53_record.this) | ||
certificate_arn = aws_acm_certificate.this[count.index].arn | ||
validation_record_fqdns = [aws_route53_record.this[count.index].fqdn] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
output "certificate_arn" { | ||
value = aws_acm_certificate_validation.this[*].certificate_arn | ||
description = "Certificate ARN" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
variable "acm_domain_name" { | ||
description = "Domain name for request certificate." | ||
type = list(string) | ||
} | ||
|
||
variable "route53_zone_id" { | ||
description = "Hosted zone ID matches with domain name certificate." | ||
type = string | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
terraform { | ||
required_version = ">= 1.0.0" | ||
|
||
required_providers { | ||
aws = { | ||
source = "hashicorp/aws" | ||
version = ">= 4.0.0" | ||
} | ||
} | ||
} |