generated from dxw/terraform-template
-
Notifications
You must be signed in to change notification settings - Fork 0
/
certificates-infrastructure.tf
40 lines (28 loc) · 1.49 KB
/
certificates-infrastructure.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
resource "aws_acm_certificate" "infrastructure_wildcard" {
count = local.enable_infrastructure_wildcard_certificate ? 1 : 0
domain_name = "*.${local.infrastructure_route53_domain}"
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
resource "aws_acm_certificate_validation" "infrastructure_wildcard" {
count = local.enable_infrastructure_wildcard_certificate ? 1 : 0
certificate_arn = aws_acm_certificate.infrastructure_wildcard[0].arn
validation_record_fqdns = [for record in aws_route53_record.infrastructure_wildcard_ssl_verification : record.fqdn]
}
resource "aws_acm_certificate" "infrastructure_wildcard_us_east_1" {
count = local.enable_infrastructure_wildcard_certificate && contains([for service in local.infrastructure_ecs_cluster_services : service["enable_cloudfront"]], true) ? 1 : 0
provider = aws.useast1
domain_name = "*.${local.infrastructure_route53_domain}"
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
resource "aws_acm_certificate_validation" "infrastructure_wildcard_us_east_1" {
count = local.enable_infrastructure_wildcard_certificate && contains([for service in local.infrastructure_ecs_cluster_services : service["enable_cloudfront"]], true) ? 1 : 0
provider = aws.useast1
certificate_arn = aws_acm_certificate.infrastructure_wildcard_us_east_1[0].arn
validation_record_fqdns = [for record in aws_route53_record.infrastructure_wildcard_ssl_verification : record.fqdn]
}