Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
AFS
/
xdr-terraform-modules
2
0
Haarauta 0
Tiedostot Esitykset 0 Vetopyynnöt 0 Wiki
Puu: 5d7192d93e
Haarat Tunnisteet
xdr-terraform-m...
/
base
/
github
/
certificate.tf

certificate.tf 2.5 KB
Historia Raaka

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. #----------------------------------------------------------------------------
    2. 

  2. # Private DNS Certificate
    3. 

  3. #----------------------------------------------------------------------------
    4. 

  4. resource "aws_acm_certificate" "cert" {
    5. 

  5.   domain_name       = "*.github.${var.dns_info["private"]["zone"]}"
    6. 

  6.   validation_method = "DNS"
    7. 

  7. 

  8.   lifecycle {
    9. 

  9.     create_before_destroy = true
    10. 

  10.   }
    11. 

  11. 

  12.   subject_alternative_names = [
    13. 

  13.     "github.${var.dns_info["private"]["zone"]}"
    14. 

  14.   ]
    15. 

  15. 

  16.   tags = merge(local.standard_tags, var.tags)
    17. 

  17. }
    18. 

  18. 

  19. resource "aws_acm_certificate_validation" "cert" {
    20. 

  20.   certificate_arn         = aws_acm_certificate.cert.arn
    21. 

  21.   validation_record_fqdns = [for record in aws_route53_record.cert_validation: record.fqdn]
    22. 

  22. }
    23. 

  23. 

  24. resource "aws_route53_record" "cert_validation" {
    25. 

  25.   provider = aws.mdr-common-services-commercial
    26. 

  26. 

  27.   for_each = {
    28. 

  28.     for dvo in aws_acm_certificate.cert.domain_validation_options : dvo.domain_name => {
    29. 

  29.       name   = dvo.resource_record_name
    30. 

  30.       record = dvo.resource_record_value
    31. 

  31.       type   = dvo.resource_record_type
    32. 

  32.     }
    33. 

  33.   }
    34. 

  34. 

  35.   allow_overwrite = true
    36. 

  36.   name            = each.value.name
    37. 

  37.   records         = [each.value.record]
    38. 

  38.   ttl             = 60
    39. 

  39.   type            = each.value.type
    40. 

  40.   zone_id         = var.dns_info["public"]["zone_id"]
    41. 

  41. }
    42. 

  42. 

  43. #----------------------------------------------------------------------------
    44. 

  44. # Public DNS Certificate
    45. 

  45. #----------------------------------------------------------------------------
    46. 

  46. resource "aws_acm_certificate" "cert_public" {
    47. 

  47.   domain_name       = "*.github.${var.dns_info["public"]["zone"]}"
    48. 

  48.   validation_method = "DNS"
    49. 

  49. 

  50.   lifecycle {
    51. 

  51.     create_before_destroy = true
    52. 

  52.   }
    53. 

  53. 

  54.   subject_alternative_names = [
    55. 

  55.     "github.${var.dns_info["public"]["zone"]}"
    56. 

  56.   ]
    57. 

  57. 

  58.   tags = merge(local.standard_tags, var.tags)
    59. 

  59. }
    60. 

  60. 

  61. resource "aws_acm_certificate_validation" "cert_public" {
    62. 

  62.   certificate_arn         = aws_acm_certificate.cert_public.arn
    63. 

  63.   validation_record_fqdns = [for record in aws_route53_record.cert_validation_public: record.fqdn]
    64. 

  64. }
    65. 

  65. 

  66. resource "aws_route53_record" "cert_validation_public" {
    67. 

  67.   provider = aws.mdr-common-services-commercial
    68. 

  68. 

  69.   for_each = {
    70. 

  70.     for dvo in aws_acm_certificate.cert_public.domain_validation_options : dvo.domain_name => {
    71. 

  71.       name   = dvo.resource_record_name
    72. 

  72.       record = dvo.resource_record_value
    73. 

  73.       type   = dvo.resource_record_type
    74. 

  74.     }
    75. 

  75.   }
    76. 

  76. 

  77.   allow_overwrite = true
    78. 

  78.   name            = each.value.name
    79. 

  79.   records         = [each.value.record]
    80. 

  80.   ttl             = 60
    81. 

  81.   type            = each.value.type
    82. 

  82.   zone_id         = var.dns_info["public"]["zone_id"]
    83. 

  83. }
    84.