Merge pull request #1 from dcmn-com/destroyable-cert

v47 · web-flow · commit 8b3e692ab9b8 · 2019-11-06T16:00:41.000+01:00
Destroyable ACM certificate
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -0,0 +1,41 @@
+name: "Terraform Validation"
+on:
+  - push
+jobs:
+  example:
+    name: "Terraform"
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Checkout"
+        uses: actions/checkout@master
+      - name: "Format"
+        uses: hashicorp/terraform-github-actions@master
+        with:
+          tf_actions_version: 0.12.13
+          tf_actions_subcommand: "fmt"
+          tf_actions_working_dir: "."
+          tf_actions_comment: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: "Init"
+        uses: hashicorp/terraform-github-actions@master
+        with:
+          tf_actions_version: 0.12.13
+          tf_actions_subcommand: "init"
+          tf_actions_working_dir: "."
+          tf_actions_comment: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: "Validate"
+        uses: hashicorp/terraform-github-actions@master
+        with:
+          tf_actions_version: 0.12.13
+          tf_actions_subcommand: "validate"
+          tf_actions_working_dir: "."
+          tf_actions_comment: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          TF_VAR_name: "name"
+          TF_VAR_hosted_zone: "hosted_zone"
+          TF_VAR_domain_name: "domain_name"
+          AWS_DEFAULT_REGION: "us-west-1"
diff --git a/README.md b/README.md
@@ -1,2 +1,18 @@
 # terraform-aws-acm-certificate
 A Terraform module to create an Amazon Web Services (AWS) ACM certificate
+
+## Inputs
+
+| Name                       | Description                                                             |  Type  | Default  | Required |
+| -------------------------- | ----------------------------------------------------------------------- | :----: | :------: | :------: |
+| alternative\_domain\_names | Alternative domain names for which will be issued certificate           |  list  | `<list>` |    no    |
+| domain\_name               | Domain name for which will be issued certificate                        | string |   n/a    |   yes    |
+| hosted\_zone               | Public hosted zone that will be used for certificate validation         | string |   n/a    |   yes    |
+| name                       | Name tag for the aws acm certificate                                    | string |   n/a    |   yes    |
+| tags                       | https://docs.aws.amazon.com/ARG/latest/userguide/tagging-resources.html |  map   | `<map>`  |    no    |
+
+## Outputs
+
+| Name | Description           |
+| ---- | --------------------- |
+| arn  | ACM certificate's arn |
diff --git a/main.tf b/main.tf
@@ -0,0 +1,29 @@
+data "aws_route53_zone" "default" {
+  name         = "${var.hosted_zone}"
+  private_zone = false
+}
+
+resource "aws_acm_certificate" "default" {
+  domain_name               = "${var.domain_name}"
+  validation_method         = "DNS"
+  subject_alternative_names = "${concat(var.alternative_domain_names, list(format("*.%s", var.domain_name)))}"
+
+  tags = "${merge(
+    map(
+      "Name", "${var.name}"
+    ),
+  "${var.tags}")}"
+}
+
+resource "aws_route53_record" "default" {
+  name    = "${aws_acm_certificate.default.domain_validation_options.0.resource_record_name}"
+  type    = "${aws_acm_certificate.default.domain_validation_options.0.resource_record_type}"
+  zone_id = "${data.aws_route53_zone.default.id}"
+  records = ["${aws_acm_certificate.default.domain_validation_options.0.resource_record_value}"]
+  ttl     = 60
+}
+
+resource "aws_acm_certificate_validation" "default" {
+  certificate_arn         = "${aws_acm_certificate.default.arn}"
+  validation_record_fqdns = ["${aws_route53_record.default.fqdn}"]
+}
diff --git a/outputs.tf b/outputs.tf
@@ -0,0 +1,4 @@
+output "arn" {
+  value       = "${aws_acm_certificate.default.arn}"
+  description = "ACM certificate's arn"
+}
diff --git a/vars.tf b/vars.tf
@@ -0,0 +1,26 @@
+variable "name" {
+  type        = "string"
+  description = "Name tag for the aws acm certificate"
+}
+
+variable "hosted_zone" {
+  type        = "string"
+  description = "Public hosted zone that will be used for certificate validation"
+}
+
+variable "domain_name" {
+  type        = "string"
+  description = "Domain name for which will be issued certificate"
+}
+
+variable "alternative_domain_names" {
+  type        = "list"
+  description = "Alternative domain names for which will be issued certificate"
+  default     = []
+}
+
+variable "tags" {
+  type        = "map"
+  description = "https://docs.aws.amazon.com/ARG/latest/userguide/tagging-resources.html"
+  default     = {}
+}
