-
Notifications
You must be signed in to change notification settings - Fork 89
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #42 from arunlalp/master
Create AWS ACM Terraform files
- Loading branch information
Showing
23 changed files
with
608 additions
and
122 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
provider "aws" { | ||
region = var.region | ||
} | ||
|
||
module "acm" { | ||
source = "../../../modules/acm" | ||
region = var.region | ||
|
||
domain_name = var.domain_name | ||
validation_method = var.validation_method | ||
key_algorithm = var.key_algorithm | ||
certificate_transparency_logging_preference = var.certificate_transparency_logging_preference | ||
dns_domain_name = var.dns_domain_name | ||
|
||
name = var.name | ||
environment = var.environment | ||
owner = var.owner | ||
cost_center = var.cost_center | ||
application = var.application | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
output "cert_domain_name" { | ||
description = "The valid domain name associated with the SSL/TLS certificate." | ||
value = module.acm.cert_domain_name | ||
} | ||
|
||
output "cert_expiry_date" { | ||
description = "The expiration date of the SSL/TLS certificate." | ||
value = module.acm.cert_expiry_date | ||
} | ||
|
||
output "cert_renewal_eligibility" { | ||
description = "Indicates if the SSL/TLS certificate is eligible for renewal." | ||
value = module.acm.cert_renewal_eligibility | ||
} | ||
|
||
output "cert_source" { | ||
description = "The source or type of the SSL/TLS certificate (e.g., 'AMAZON_ISSUED', 'IMPORTED')." | ||
value = module.acm.cert_source | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
variable "region" { | ||
type = string | ||
description = "The AWS region where the Certificate Manager will be used." | ||
} | ||
|
||
variable "domain_name" { | ||
type = string | ||
description = "The domain name associated with the SSL/TLS certificate." | ||
} | ||
|
||
variable "validation_method" { | ||
type = string | ||
description = "The validation method used for certificate issuance (e.g., DNS, email)." | ||
} | ||
|
||
variable "key_algorithm" { | ||
type = string | ||
description = "The cryptographic key algorithm used for the certificate (e.g., RSA, ECDSA)." | ||
} | ||
|
||
variable "certificate_transparency_logging_preference" { | ||
type = string | ||
description = "The logging preference for certificate transparency (e.g., 'ENABLED' or 'DISABLED')." | ||
} | ||
|
||
variable "tags" { | ||
default = {} | ||
type = map(string) | ||
description = "A map of extra tags to attach to the AWS resources." | ||
} | ||
|
||
variable "name" { | ||
type = string | ||
description = "A user-defined name for the AWS resources." | ||
} | ||
|
||
variable "environment" { | ||
type = string | ||
description = "The name of the environment associated with the AWS resources." | ||
} | ||
|
||
variable "owner" { | ||
type = string | ||
description = "The name of the owner or responsible party for the AWS resources." | ||
} | ||
|
||
variable "cost_center" { | ||
type = string | ||
description = "The identifier for the cost center associated with the AWS resources." | ||
} | ||
|
||
variable "application" { | ||
type = string | ||
description = "The name of the application or project related to the AWS resources." | ||
} | ||
|
||
variable "dns_domain_name" { | ||
type = string | ||
description = "Domain name of the Route 53" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
provider "aws" { | ||
region = var.region | ||
} | ||
|
||
module "acm" { | ||
source = "../../modules/acm" | ||
region = var.region | ||
|
||
domain_name = var.domain_name | ||
validation_method = var.validation_method | ||
key_algorithm = var.key_algorithm | ||
certificate_transparency_logging_preference = var.certificate_transparency_logging_preference | ||
dns_domain_name = var.dns_domain_name | ||
|
||
name = var.name | ||
environment = var.environment | ||
owner = var.owner | ||
cost_center = var.cost_center | ||
application = var.application | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
output "cert_domain_name" { | ||
description = "The valid domain name associated with the SSL/TLS certificate." | ||
value = module.acm.cert_domain_name | ||
} | ||
|
||
output "cert_expiry_date" { | ||
description = "The expiration date of the SSL/TLS certificate." | ||
value = module.acm.cert_expiry_date | ||
} | ||
|
||
output "cert_renewal_eligibility" { | ||
description = "Indicates if the SSL/TLS certificate is eligible for renewal." | ||
value = module.acm.cert_renewal_eligibility | ||
} | ||
|
||
output "cert_source" { | ||
description = "The source or type of the SSL/TLS certificate (e.g., 'AMAZON_ISSUED', 'IMPORTED')." | ||
value = module.acm.cert_source | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
variable "region" { | ||
type = string | ||
description = "The AWS region where the Certificate Manager will be used." | ||
} | ||
|
||
variable "domain_name" { | ||
type = string | ||
description = "The domain name associated with the SSL/TLS certificate." | ||
} | ||
|
||
variable "validation_method" { | ||
type = string | ||
description = "The validation method used for certificate issuance (e.g., DNS, email)." | ||
} | ||
|
||
variable "key_algorithm" { | ||
type = string | ||
description = "The cryptographic key algorithm used for the certificate (e.g., RSA, ECDSA)." | ||
} | ||
|
||
variable "certificate_transparency_logging_preference" { | ||
type = string | ||
description = "The logging preference for certificate transparency (e.g., 'ENABLED' or 'DISABLED')." | ||
} | ||
|
||
variable "tags" { | ||
default = {} | ||
type = map(string) | ||
description = "A map of extra tags to attach to the AWS resources." | ||
} | ||
|
||
variable "name" { | ||
type = string | ||
description = "A user-defined name for the AWS resources." | ||
} | ||
|
||
variable "environment" { | ||
type = string | ||
description = "The name of the environment associated with the AWS resources." | ||
} | ||
|
||
variable "owner" { | ||
type = string | ||
description = "The name of the owner or responsible party for the AWS resources." | ||
} | ||
|
||
variable "cost_center" { | ||
type = string | ||
description = "The identifier for the cost center associated with the AWS resources." | ||
} | ||
|
||
variable "application" { | ||
type = string | ||
description = "The name of the application or project related to the AWS resources." | ||
} | ||
|
||
variable "dns_domain_name" { | ||
type = string | ||
description = "Domain name of the Route 53" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
provider "aws" { | ||
region = var.region | ||
} | ||
|
||
module "route53" { | ||
source = "../../modules/route53" | ||
region = var.region | ||
|
||
dns_domain_name = var.dns_domain_name | ||
|
||
name = var.name | ||
environment = var.environment | ||
owner = var.owner | ||
cost_center = var.cost_center | ||
application = var.application | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
output "zone_id" { | ||
description = "The Zone ID of the Hosted Zone" | ||
value = module.route53.zone_id | ||
} | ||
|
||
output "name_servers" { | ||
description = "The list of Name Servers of the Hosted Zone" | ||
value = module.route53.name_servers | ||
} | ||
|
||
output "tags_all" { | ||
description = "The list of Tags associated with the Hosted Zone" | ||
value = module.route53.tags_all | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
variable "region" { | ||
type = string | ||
description = "The AWS region where the Certificate Manager will be used." | ||
} | ||
|
||
variable "tags" { | ||
default = {} | ||
type = map(string) | ||
description = "A map of extra tags to attach to the AWS resources." | ||
} | ||
|
||
variable "name" { | ||
type = string | ||
description = "A user-defined name for the AWS resources." | ||
} | ||
|
||
variable "environment" { | ||
type = string | ||
description = "The name of the environment associated with the AWS resources." | ||
} | ||
|
||
variable "owner" { | ||
type = string | ||
description = "The name of the owner or responsible party for the AWS resources." | ||
} | ||
|
||
variable "cost_center" { | ||
type = string | ||
description = "The identifier for the cost center associated with the AWS resources." | ||
} | ||
|
||
variable "application" { | ||
type = string | ||
description = "The name of the application or project related to the AWS resources." | ||
} | ||
|
||
variable "dns_domain_name" { | ||
type = string | ||
description = "Domain name of the Route 53" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
resource "aws_acm_certificate" "ssl_cert" { | ||
domain_name = var.domain_name | ||
validation_method = var.validation_method | ||
key_algorithm = var.key_algorithm | ||
|
||
lifecycle { | ||
create_before_destroy = true | ||
} | ||
|
||
options { | ||
certificate_transparency_logging_preference = var.certificate_transparency_logging_preference | ||
} | ||
|
||
tags = merge( | ||
{ | ||
Name = "${var.environment}-${var.application}-SSL-Cert" | ||
Environment = var.environment | ||
Owner = var.owner | ||
CostCenter = var.cost_center | ||
Application = var.application | ||
}, | ||
var.tags | ||
) | ||
} | ||
|
||
data "aws_route53_zone" "dns_zone" { | ||
name = var.dns_domain_name | ||
private_zone = false | ||
} | ||
|
||
resource "aws_route53_record" "acm_record" { | ||
for_each = { | ||
for dvo in aws_acm_certificate.ssl_cert.domain_validation_options : dvo.domain_name => { | ||
name = dvo.resource_record_name | ||
record = dvo.resource_record_value | ||
type = dvo.resource_record_type | ||
} | ||
} | ||
|
||
allow_overwrite = true | ||
name = each.value.name | ||
records = [each.value.record] | ||
ttl = 300 | ||
type = each.value.type | ||
zone_id = data.aws_route53_zone.dns_zone.zone_id | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
output "cert_domain_name" { | ||
description = "The valid domain name associated with the SSL/TLS certificate." | ||
value = aws_acm_certificate.ssl_cert.domain_name | ||
} | ||
|
||
output "cert_expiry_date" { | ||
description = "The expiration date of the SSL/TLS certificate." | ||
value = aws_acm_certificate.ssl_cert.not_after | ||
} | ||
|
||
output "cert_renewal_eligibility" { | ||
description = "Indicates if the SSL/TLS certificate is eligible for renewal." | ||
value = aws_acm_certificate.ssl_cert.renewal_eligibility | ||
} | ||
|
||
output "cert_source" { | ||
description = "The source or type of the SSL/TLS certificate (e.g., 'AMAZON_ISSUED', 'IMPORTED')." | ||
value = aws_acm_certificate.ssl_cert.type | ||
} |
Oops, something went wrong.