Creates a TLS certificate using AWS ACM for domains hosted on Route53. The ACM certificate can also be attached to an ALB listener.
Creates the following resources:
- ACM certificate
- Route53 record used to validate TLS certificate
- Optional association with an ALB listener
module "acm_cert" {
source = "trussworks/acm-cert/aws"
alb_listener_arn = "arn:aws:elasticloadbalancing:us-west-2:..."
domain_name = "www.example.com"
zone_name = "example.com"
}| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 3.0 |
| Name | Version |
|---|---|
| aws | >= 3.0 |
No modules.
| Name | Type |
|---|---|
| aws_acm_certificate.main | resource |
| aws_acm_certificate_validation.main | resource |
| aws_lb_listener_certificate.main | resource |
| aws_route53_record.caa | resource |
| aws_route53_record.main | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| alb_listener_arn | Associate ACM certificate to an ALB listener. | string |
"" |
no |
| caa_records | Add CAA records to route53. | list(string) |
[] |
no |
| domain_name | Domain name to associate with the ACM certificate. | string |
n/a | yes |
| environment | Environment tag. e.g. prod | string |
n/a | yes |
| tags | Tags to be attached to the ACM certificate. | map(string) |
{} |
no |
| zone_id | The Route53 zone id for which the certificate should be verified and issued. | string |
n/a | yes |
| Name | Description |
|---|---|
| acm_arn | The ARN of the validated ACM certificate. |
Install dependencies (macOS)
brew install pre-commit go terraform terraform-docs
pre-commit install --install-hooks