terraform-aws-acm-certificate

Terraform module which creates ACM certificate resources on AWS.

Description

Provision ACM certificate and Route53 record for certificates validation.

This module provides recommended settings:

• Use DNS to validate domain ownership
• Renew certificates automatically

Usage

Minimal

module "certificate" {
  source      = "git::https://github.com/tmknom/terraform-aws-acm-certificate.git?ref=tags/2.0.0"
  domain_name = "example.com"
  zone_id     = aws_route53_zone.default.zone_id
}

Complete

module "certificate" {
  source      = "git::https://github.com/tmknom/terraform-aws-acm-certificate.git?ref=tags/2.0.0"
  domain_name = "example.com"
  zone_id     = aws_route53_zone.default.zone_id

  ttl = "120"

  subject_alternative_names = [
    "stg.example.com",
    "dev.example.com",
  ]

  tags = {
    Environment = "prod"
  }

  enabled         = true
  timeouts_create = "5m"
}

Examples

• Minimal
• Complete

Requirements

Name	Version
terraform	>= 0.12

Providers

Name	Version
aws	n/a

Inputs

Name	Description	Type	Default	Required
domain_name	A domain name for which the certificate should be issued.	string	n/a	yes
zone_id	The ID of the hosted zone in which create validation records.	string	n/a	yes
enabled	Set to false to prevent the module from creating anything.	bool	true	no
subject_alternative_names	A list of domains that should be Subject Alternative Names in the issued certificate.	list(string)	[]	no
tags	A mapping of tags to assign to the resource.	map(string)	{}	no
timeouts_create	How long to wait for a certificate to be issued.	string	"5m"	no
ttl	The TTL of the validation records.	number	60	no

Outputs

Name	Description
acm_certificate_arn	The ARN of the certificate.
acm_certificate_domain_validation_options	A list of attributes to feed into other resources to complete certificate validation.
acm_certificate_id	The ARN of the certificate.
route53_record_fqdns	FQDN built using the zone domain and name.
route53_record_names	The name of the record.

Development

Development Requirements

• Docker

Configure environment variables

Terraform variables for examples

export TF_VAR_domain_name=example.org

AWS credentials

export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_DEFAULT_REGION=ap-northeast-1

Installation

git clone git@github.com:tmknom/terraform-aws-acm-certificate.git
cd terraform-aws-acm-certificate
make install

Makefile targets

apply-complete                 Run terraform apply examples/complete
apply-minimal                  Run terraform apply examples/minimal
check-format                   Check format code
clean                          Clean .terraform
destroy-complete               Run terraform destroy examples/complete
destroy-minimal                Run terraform destroy examples/minimal
diff                           Word diff
docs                           Generate docs
format                         Format code
help                           Show help
install                        Install requirements
lint                           Lint code
plan-complete                  Run terraform plan examples/complete
plan-minimal                   Run terraform plan examples/minimal
release                        Release GitHub and Terraform Module Registry
upgrade                        Upgrade makefile

Releasing new versions

Bump VERSION file, and run make release.

Terraform Module Registry

• https://registry.terraform.io/modules/tmknom/acm-certificate/aws

License

Apache 2 Licensed. See LICENSE for full details.