A Terraform module to create DNS-validated certificates using ACM
At the moment, testing is manual and requires access to the Plus3IT account 303523384066 where the zone tardigrade.cloudarmor.io exists:
# Replace "xxx" with the AWS profile, then execute the integration tests.
AWS_PROFILE=xxx make terraform/pytest PYTEST_ARGS="-v --nomock"
| Name | Version |
|---|---|
| terraform | >= 0.13.0 |
| Name | Version |
|---|---|
| aws | n/a |
| Name | Type |
|---|---|
| aws_route53_zone.this | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| domain_name | Domain name to use for the ACM certificate | string |
n/a | yes |
| certificate_transparency_logging_preference | Value to apply to the certificate transparency logging preference for the ACM certificate | string |
"ENABLED" |
no |
| create_certificate_validation | Boolean controlling whether to create the ACM certificate validation resource | bool |
true |
no |
| subject_alternative_names | Subject alternative names to associate with the ACM certificate | list(string) |
[] |
no |
| tags | Map of tags to apply to all resources that support tags | map(string) |
{} |
no |
| ttl | Time-to-live for the DNS validation records | number |
300 |
no |
| zone_id | Route53 zone ID in which to create the DNS validation records | string |
"" |
no |
| Name | Description |
|---|---|
| acm_certificate | The ACM certificate object |
| acm_certificate_validation | The ACM certificate validation object |
| route53_validation_records | Map of Route53 validation record objects, one per unique domain name and SAN |