2019-07-26 21:02:09 +00:00
|
|
|
resource "aws_acm_certificate" "main" {
|
2019-11-05 17:31:09 +00:00
|
|
|
domain_name = "${var.stage}.${var.domain}"
|
2019-07-29 20:52:10 +00:00
|
|
|
|
2019-12-12 23:00:45 +00:00
|
|
|
subject_alternative_names = sort(var.sans)
|
2019-07-26 21:02:09 +00:00
|
|
|
validation_method = "DNS"
|
2019-08-09 16:29:59 +00:00
|
|
|
|
|
|
|
|
tags = {
|
2019-11-05 17:31:09 +00:00
|
|
|
Name = "${var.stage}.${var.domain}"
|
2019-08-09 16:29:59 +00:00
|
|
|
}
|
2019-07-26 21:02:09 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-30 17:27:15 +00:00
|
|
|
resource "gandi_zonerecord" "cert_verification" {
|
2019-11-05 17:31:09 +00:00
|
|
|
zone = var.zone_id
|
|
|
|
|
name = replace(aws_acm_certificate.main.domain_validation_options[count.index].resource_record_name, ".${var.domain}.", "")
|
2019-08-09 16:29:59 +00:00
|
|
|
type = aws_acm_certificate.main.domain_validation_options[count.index].resource_record_type
|
2019-07-26 21:02:09 +00:00
|
|
|
ttl = 300
|
2019-08-09 16:29:59 +00:00
|
|
|
values = [aws_acm_certificate.main.domain_validation_options[count.index].resource_record_value]
|
2019-12-12 23:00:45 +00:00
|
|
|
count = length(var.sans)+1
|
2019-07-26 21:02:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "aws_acm_certificate_validation" "main" {
|
2019-07-30 18:36:52 +00:00
|
|
|
certificate_arn = aws_acm_certificate.main.arn
|
2019-08-09 16:29:59 +00:00
|
|
|
validation_record_fqdns = [
|
|
|
|
|
for verification in gandi_zonerecord.cert_verification:
|
2019-11-05 17:31:09 +00:00
|
|
|
"${verification.name}.${var.domain}"
|
2019-08-09 16:29:59 +00:00
|
|
|
]
|
2019-07-26 21:02:09 +00:00
|
|
|
}
|
