From a8a15dfa3d5a272807a0f83f41a0f30006941c06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20Buri?= Date: Wed, 13 Nov 2024 17:11:52 +0100 Subject: [PATCH] feat: init add public hosted zone and wildcard certificate --- main.tf | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/main.tf b/main.tf index 8b13789..22bd746 100644 --- a/main.tf +++ b/main.tf @@ -1 +1,30 @@ +resource "aws_route53_zone" "this" { + name = var.domain +} +# Certificate +resource "aws_acm_certificate" "wildcard_cert" { + domain_name = aws_route53_zone.this.name + validation_method = "DNS" + + subject_alternative_names = [ + "*.${aws_route53_zone.this.name}" + ] +} + +resource "aws_acm_certificate_validation" "wildcard_cert" { + certificate_arn = aws_acm_certificate.wildcard_cert.arn + validation_record_fqdns = [ + aws_route53_record.wildcard_cert_validation.fqdn + ] +} + +resource "aws_route53_record" "wildcard_cert_validation" { + name = tolist(aws_acm_certificate.wildcard_cert.domain_validation_options)[0].resource_record_name + type = tolist(aws_acm_certificate.wildcard_cert.domain_validation_options)[0].resource_record_type + zone_id = var.should_create_hosted_zone ? aws_route53_zone.hosted_zone.zone_id : aws_route53_zone.this.zone_id + records = [ + tolist(aws_acm_certificate.wildcard_cert.domain_validation_options)[0].resource_record_value + ] + ttl = "60" +}