NDR-213b Create ACM per workspace (#427)

megan-bower4 · web-flow · commit d2f2c096ace6 · 2025-09-11T10:20:22.000+01:00
diff --git a/infrastructure/acm_certificate.tf b/infrastructure/acm_certificate.tf
@@ -1,5 +1,4 @@
 resource "aws_acm_certificate" "mtls_api_gateway_cert" {
-  count             = local.is_sandbox ? 0 : 1
   domain_name       = local.mtls_api_gateway_full_domain_name
   validation_method = "DNS"
 
@@ -10,8 +9,8 @@ resource "aws_acm_certificate" "mtls_api_gateway_cert" {
 
 # Record used by ACM for DNS Validation
 resource "aws_route53_record" "validation" {
-  for_each = local.is_sandbox ? {} : {
-    for dvo in aws_acm_certificate.mtls_api_gateway_cert[0].domain_validation_options :
+  for_each = {
+    for dvo in aws_acm_certificate.mtls_api_gateway_cert.domain_validation_options :
     dvo.domain_name => {
       name   = dvo.resource_record_name
       record = dvo.resource_record_value
@@ -28,7 +27,6 @@ resource "aws_route53_record" "validation" {
 }
 
 resource "aws_acm_certificate_validation" "mtls_api_gateway_cert" {
-  count                   = local.is_sandbox ? 0 : 1
-  certificate_arn         = aws_acm_certificate.mtls_api_gateway_cert[0].arn
+  certificate_arn         = aws_acm_certificate.mtls_api_gateway_cert.arn
   validation_record_fqdns = [for record in aws_route53_record.validation : record.fqdn]
 }
