Creates an SSL certificate using AWS ACM, verifies domain ownership using Route53 and returns it's ARN, so it can be attached to AWS resources, eg. CloudFront.
| Name | Version |
|---|---|
| terraform | >= 0.12, <2.0 |
| aws | >= 3.0.0 |
| Name | Version |
|---|---|
| aws | >= 3.0.0 |
No modules.
| Name | Type |
|---|---|
| aws_acm_certificate.cert | resource |
| aws_acm_certificate_validation.cert | resource |
| aws_route53_record.validation | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| create | Should resources be created | bool |
true |
no |
| create_validation_records | Whether to create DNS records for validation. When creating certificates for the same domain in different regions, ACM will request the same DNS records for validation, which will make terraform try to create the same records twice and fail. Use this variable to make sure only one of the modules creates the validation records. |
bool |
true |
no |
| domains | Certificate domains, have to be in one Route53 hosted zone. | list(string) |
n/a | yes |
| hosted_zone_id | Route53 hosted zone id for ACM domain ownership validation | string |
null |
no |
| tags | Tags to set on resources that support them | map(string) |
{} |
no |
| validate | Whether to wait for certificate validation | bool |
true |
no |
| validation_record_fqdns | When create_validation_records is false you can pass a list of aws_route53_record.*.fqdn to make sure validation checks don't start before the records are created. |
list(string) |
null |
no |
| Name | Description |
|---|---|
| arn | ACM certificate ARN |
| id | ACM certificate id |
| validated_arn | ACM certificate ARN, once it's validated |
| validation_records | DNS validation records, in cases where you want to manually create them |