Skip to content

Commit

Permalink
Merge pull request #5 from osodevops/AS/allow-blank-distribution
Browse files Browse the repository at this point in the history
Allow whitelist distributions to be stood up before certs are finalized
  • Loading branch information
andysingleton authored Jul 12, 2024
2 parents 61ef1d5 + 8cf4dd9 commit 8ceba33
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 5 deletions.
1 change: 1 addition & 0 deletions aws_acm_certificates.tf
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ resource "aws_acm_certificate" "certificate" {
}

resource "aws_acm_certificate_validation" "cert" {
count = var.whitelabel_domain ? 0 : 1
provider = aws.cloudfront
certificate_arn = aws_acm_certificate.certificate.arn
validation_record_fqdns = [for record in aws_route53_record.certificate_validation : record.fqdn]
Expand Down
6 changes: 2 additions & 4 deletions aws_cloudfront_distribution.tf
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ resource "aws_cloudfront_distribution" "s3_distribution" {

viewer_certificate {
cloudfront_default_certificate = var.use_cloudfront_default_certificate
acm_certificate_arn = aws_acm_certificate.certificate.arn
acm_certificate_arn = var.use_cloudfront_default_certificate ? "" : aws_acm_certificate.certificate.arn
ssl_support_method = "sni-only"
minimum_protocol_version = var.minimum_protocol_version
}
Expand All @@ -28,9 +28,7 @@ resource "aws_cloudfront_distribution" "s3_distribution" {
response_page_path = "/index.html"
}

aliases = [
var.distribution_fqdn
]
aliases = var.use_cloudfront_default_certificate ? [] : [var.distribution_fqdn]

logging_config {
bucket = module.bucket_cloudwatch_logs_backup.s3_bucket_bucket_domain_name
Expand Down
2 changes: 1 addition & 1 deletion outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ output "identity" {
}

output "domain_validations" {
value = aws_route53_record.certificate_validation
value = aws_acm_certificate.certificate.domain_validation_options
}

0 comments on commit 8ceba33

Please sign in to comment.