From fc3c64a3f9424c8d961427fa2976d0de0528fee7 Mon Sep 17 00:00:00 2001 From: Khalim Conn-Kowlessar Date: Mon, 17 Jul 2023 11:24:42 +0100 Subject: [PATCH] Test adding ssl certificate --- .../terraform/modules/route53/main.tf | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/infrastructure/terraform/modules/route53/main.tf b/infrastructure/terraform/modules/route53/main.tf index e69de29b..bcbdfc77 100644 --- a/infrastructure/terraform/modules/route53/main.tf +++ b/infrastructure/terraform/modules/route53/main.tf @@ -0,0 +1,43 @@ +resource "aws_route53_zone" "my_hosted_zone" { + name = var.domain_name +} + +# Request an SSL certificate for the domain +resource "aws_acm_certificate" "my_certificate_request" { + domain_name = var.domain_name + subject_alternative_names = ["*.{var.domain_name}"] + validation_method = "DNS" + + tags = { + Name : var.domain_name + } + + lifecycle { + create_before_destroy = true + } +} + +# Create a DNS record to prove that we own the domain +resource "aws_route53_record" "my_validation_record" { + zone_id = aws_route53_zone.my_hosted_zone.zone_id + name = aws_acm_certificate.my_certificate_request.domain_validation_options.0.resource_record_name + type = aws_acm_certificate.my_certificate_request.domain_validation_options.0.resource_record_type + records = [aws_acm_certificate.my_certificate_request.domain_validation_options.0.resource_record_value] + ttl = var.ttl +} + +resource "aws_acm_certificate_validation" "my_certificate_validation" { + certificate_arn = aws_acm_certificate.my_certificate_request.arn + validation_record_fqdns = [aws_route53_record.my_validation_record.fqdn] +} + +resource "aws_route53_record" "my_caa_record" { + zone_id = aws_route53_zone.my_hosted_zone.zone_id + name = var.domain_name + type = "CAA" + records = [ + "0 issue \"amazon.com\"", + "0 issuewild \"amazon.com\"" + ] + ttl = var.ttl +} \ No newline at end of file