Skip to content

Commit

Permalink
Merge pull request #42 from arunlalp/master
Browse files Browse the repository at this point in the history
Create AWS ACM Terraform files
  • Loading branch information
techiescamp authored Mar 11, 2024
2 parents f44bfb1 + f9369fe commit d016270
Show file tree
Hide file tree
Showing 23 changed files with 608 additions and 122 deletions.
20 changes: 20 additions & 0 deletions environments/dev/acm/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
provider "aws" {
region = var.region
}

module "acm" {
source = "../../../modules/acm"
region = var.region

domain_name = var.domain_name
validation_method = var.validation_method
key_algorithm = var.key_algorithm
certificate_transparency_logging_preference = var.certificate_transparency_logging_preference
dns_domain_name = var.dns_domain_name

name = var.name
environment = var.environment
owner = var.owner
cost_center = var.cost_center
application = var.application
}
19 changes: 19 additions & 0 deletions environments/dev/acm/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
output "cert_domain_name" {
description = "The valid domain name associated with the SSL/TLS certificate."
value = module.acm.cert_domain_name
}

output "cert_expiry_date" {
description = "The expiration date of the SSL/TLS certificate."
value = module.acm.cert_expiry_date
}

output "cert_renewal_eligibility" {
description = "Indicates if the SSL/TLS certificate is eligible for renewal."
value = module.acm.cert_renewal_eligibility
}

output "cert_source" {
description = "The source or type of the SSL/TLS certificate (e.g., 'AMAZON_ISSUED', 'IMPORTED')."
value = module.acm.cert_source
}
60 changes: 60 additions & 0 deletions environments/dev/acm/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
variable "region" {
type = string
description = "The AWS region where the Certificate Manager will be used."
}

variable "domain_name" {
type = string
description = "The domain name associated with the SSL/TLS certificate."
}

variable "validation_method" {
type = string
description = "The validation method used for certificate issuance (e.g., DNS, email)."
}

variable "key_algorithm" {
type = string
description = "The cryptographic key algorithm used for the certificate (e.g., RSA, ECDSA)."
}

variable "certificate_transparency_logging_preference" {
type = string
description = "The logging preference for certificate transparency (e.g., 'ENABLED' or 'DISABLED')."
}

variable "tags" {
default = {}
type = map(string)
description = "A map of extra tags to attach to the AWS resources."
}

variable "name" {
type = string
description = "A user-defined name for the AWS resources."
}

variable "environment" {
type = string
description = "The name of the environment associated with the AWS resources."
}

variable "owner" {
type = string
description = "The name of the owner or responsible party for the AWS resources."
}

variable "cost_center" {
type = string
description = "The identifier for the cost center associated with the AWS resources."
}

variable "application" {
type = string
description = "The name of the application or project related to the AWS resources."
}

variable "dns_domain_name" {
type = string
description = "Domain name of the Route 53"
}
20 changes: 20 additions & 0 deletions infra/acm/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
provider "aws" {
region = var.region
}

module "acm" {
source = "../../modules/acm"
region = var.region

domain_name = var.domain_name
validation_method = var.validation_method
key_algorithm = var.key_algorithm
certificate_transparency_logging_preference = var.certificate_transparency_logging_preference
dns_domain_name = var.dns_domain_name

name = var.name
environment = var.environment
owner = var.owner
cost_center = var.cost_center
application = var.application
}
19 changes: 19 additions & 0 deletions infra/acm/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
output "cert_domain_name" {
description = "The valid domain name associated with the SSL/TLS certificate."
value = module.acm.cert_domain_name
}

output "cert_expiry_date" {
description = "The expiration date of the SSL/TLS certificate."
value = module.acm.cert_expiry_date
}

output "cert_renewal_eligibility" {
description = "Indicates if the SSL/TLS certificate is eligible for renewal."
value = module.acm.cert_renewal_eligibility
}

output "cert_source" {
description = "The source or type of the SSL/TLS certificate (e.g., 'AMAZON_ISSUED', 'IMPORTED')."
value = module.acm.cert_source
}
60 changes: 60 additions & 0 deletions infra/acm/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
variable "region" {
type = string
description = "The AWS region where the Certificate Manager will be used."
}

variable "domain_name" {
type = string
description = "The domain name associated with the SSL/TLS certificate."
}

variable "validation_method" {
type = string
description = "The validation method used for certificate issuance (e.g., DNS, email)."
}

variable "key_algorithm" {
type = string
description = "The cryptographic key algorithm used for the certificate (e.g., RSA, ECDSA)."
}

variable "certificate_transparency_logging_preference" {
type = string
description = "The logging preference for certificate transparency (e.g., 'ENABLED' or 'DISABLED')."
}

variable "tags" {
default = {}
type = map(string)
description = "A map of extra tags to attach to the AWS resources."
}

variable "name" {
type = string
description = "A user-defined name for the AWS resources."
}

variable "environment" {
type = string
description = "The name of the environment associated with the AWS resources."
}

variable "owner" {
type = string
description = "The name of the owner or responsible party for the AWS resources."
}

variable "cost_center" {
type = string
description = "The identifier for the cost center associated with the AWS resources."
}

variable "application" {
type = string
description = "The name of the application or project related to the AWS resources."
}

variable "dns_domain_name" {
type = string
description = "Domain name of the Route 53"
}
17 changes: 17 additions & 0 deletions infra/route53/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
provider "aws" {
region = var.region
}

module "route53" {
source = "../../modules/route53"
region = var.region

dns_domain_name = var.dns_domain_name

name = var.name
environment = var.environment
owner = var.owner
cost_center = var.cost_center
application = var.application

}
14 changes: 14 additions & 0 deletions infra/route53/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
output "zone_id" {
description = "The Zone ID of the Hosted Zone"
value = module.route53.zone_id
}

output "name_servers" {
description = "The list of Name Servers of the Hosted Zone"
value = module.route53.name_servers
}

output "tags_all" {
description = "The list of Tags associated with the Hosted Zone"
value = module.route53.tags_all
}
40 changes: 40 additions & 0 deletions infra/route53/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
variable "region" {
type = string
description = "The AWS region where the Certificate Manager will be used."
}

variable "tags" {
default = {}
type = map(string)
description = "A map of extra tags to attach to the AWS resources."
}

variable "name" {
type = string
description = "A user-defined name for the AWS resources."
}

variable "environment" {
type = string
description = "The name of the environment associated with the AWS resources."
}

variable "owner" {
type = string
description = "The name of the owner or responsible party for the AWS resources."
}

variable "cost_center" {
type = string
description = "The identifier for the cost center associated with the AWS resources."
}

variable "application" {
type = string
description = "The name of the application or project related to the AWS resources."
}

variable "dns_domain_name" {
type = string
description = "Domain name of the Route 53"
}
46 changes: 46 additions & 0 deletions modules/acm/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
resource "aws_acm_certificate" "ssl_cert" {
domain_name = var.domain_name
validation_method = var.validation_method
key_algorithm = var.key_algorithm

lifecycle {
create_before_destroy = true
}

options {
certificate_transparency_logging_preference = var.certificate_transparency_logging_preference
}

tags = merge(
{
Name = "${var.environment}-${var.application}-SSL-Cert"
Environment = var.environment
Owner = var.owner
CostCenter = var.cost_center
Application = var.application
},
var.tags
)
}

data "aws_route53_zone" "dns_zone" {
name = var.dns_domain_name
private_zone = false
}

resource "aws_route53_record" "acm_record" {
for_each = {
for dvo in aws_acm_certificate.ssl_cert.domain_validation_options : dvo.domain_name => {
name = dvo.resource_record_name
record = dvo.resource_record_value
type = dvo.resource_record_type
}
}

allow_overwrite = true
name = each.value.name
records = [each.value.record]
ttl = 300
type = each.value.type
zone_id = data.aws_route53_zone.dns_zone.zone_id
}
19 changes: 19 additions & 0 deletions modules/acm/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
output "cert_domain_name" {
description = "The valid domain name associated with the SSL/TLS certificate."
value = aws_acm_certificate.ssl_cert.domain_name
}

output "cert_expiry_date" {
description = "The expiration date of the SSL/TLS certificate."
value = aws_acm_certificate.ssl_cert.not_after
}

output "cert_renewal_eligibility" {
description = "Indicates if the SSL/TLS certificate is eligible for renewal."
value = aws_acm_certificate.ssl_cert.renewal_eligibility
}

output "cert_source" {
description = "The source or type of the SSL/TLS certificate (e.g., 'AMAZON_ISSUED', 'IMPORTED')."
value = aws_acm_certificate.ssl_cert.type
}
Loading

0 comments on commit d016270

Please sign in to comment.