variable "domain_name" {
description = "Domain name to register."
default = "example.com"
}
variable "subject_alternative_names" {
description = "FQDNs to be included in the Subject Alternative Name extension of the ACM certificate."
default = ["api.example.com"]
}
variable "number_of_domain_names" {
default = 2
}
data "aws_route53_zone" "zone" {
name = "${var.domain_name}"
private_zone = false
}
resource "aws_acm_certificate" "cert" {
domain_name = "${var.domain_name}"
subject_alternative_names = "${var.subject_alternative_names}"
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
resource "aws_route53_record" "validation" {
#XXX: 未生成なのでlengthが取得できない。かわりに number_of_domain_names で数を教えてあげる
# count = "${length(aws_acm_certificate.cert.domain_validation_options)}"
count = "${var.number_of_domain_names}"
zone_id = "${data.aws_route53_zone.zone.id}"
ttl = 300
name = "${lookup(aws_acm_certificate.cert.domain_validation_options[count.index], "resource_record_name")}"
type = "${lookup(aws_acm_certificate.cert.domain_validation_options[count.index], "resource_record_type")}"
records = ["${lookup(aws_acm_certificate.cert.domain_validation_options[count.index], "resource_record_value")}"]
}
resource "aws_acm_certificate_validation" "validation" {
certificate_arn = "${aws_acm_certificate.cert.arn}"
validation_record_fqdns = ["${aws_route53_record.validation.*.fqdn}"]
}
