· 7 years ago · Mar 23, 2018, 03:42 PM
1provider "aws" {
2 access_key = "${var.access_key}"
3 secret_key = "${var.secret_key}"
4 region = "${var.region}"
5}
6
7variable "access_key" {}
8
9variable "secret_key" {}
10
11variable "region" {}
12
13variable "zone" {}
14
15data "aws_route53_zone" "existing_zone" {
16 name = "${var.zone}"
17}
18
19resource "aws_acm_certificate" "cert" {
20 domain_name = "*.${var.zone}"
21 validation_method = "DNS"
22}
23
24resource "aws_route53_record" "cert_validation" {
25 name = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_name}"
26 type = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_type}"
27 zone_id = "${data.aws_route53_zone.existing_zone.id}"
28 records = ["${aws_acm_certificate.cert.domain_validation_options.0.resource_record_value}"]
29 ttl = 60
30}
31
32resource "aws_acm_certificate_validation" "cert" {
33 certificate_arn = "${aws_acm_certificate.cert.arn}"
34 validation_record_fqdns = ["${aws_route53_record.cert_validation.fqdn}"]
35}
36
37output "certificate_arn" {
38 value = "${aws_acm_certificate.cert.arn}"
39}