Skip to content

Commit 3d76a4a

Browse files
aknyshaknysh
authored
Add SANs to certificate (#2)
* Add subdomains to the certificate * Update SANs variable * Update `README`
1 parent 39d8c9b commit 3d76a4a

File tree

3 files changed

+31
-9
lines changed

3 files changed

+31
-9
lines changed

README.md

Lines changed: 21 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,30 @@
11
# terraform-aws-acm-request-certificate [![Build Status](https://travis-ci.org/cloudposse/terraform-aws-acm-request-certificate.svg?branch=master)](https://travis-ci.org/cloudposse/terraform-aws-acm-request-certificate)
22

3-
Terraform module to request an ACM certificate for a domain name and create a CNAME record in the DNZ zone to complete certificate validation
3+
Terraform module to request an ACM certificate for a domain and add a CNAME record to the DNZ zone to complete certificate validation
44

55

66
## Usage
77

8+
This example will request an SSL certificate for `example.com` domain
9+
10+
```hcl
11+
module "acm_request_certificate" {
12+
source = "git::https://github.com/cloudposse/terraform-aws-acm-request-certificate.git?ref=master"
13+
domain_name = "example.com"
14+
proces_domain_validation_options = "true"
15+
ttl = "300"
16+
}
17+
```
18+
19+
This example will request an SSL certificate for `example.com` domain and all its subdomains `*.example.com`
20+
821
```hcl
922
module "acm_request_certificate" {
1023
source = "git::https://github.com/cloudposse/terraform-aws-acm-request-certificate.git?ref=master"
1124
domain_name = "example.com"
1225
proces_domain_validation_options = "true"
1326
ttl = "300"
27+
subject_alternative_names = ["*.example.com"]
1428
}
1529
```
1630

@@ -24,15 +38,16 @@ module "acm_request_certificate" {
2438
| `proces_domain_validation_options` | `true` | Flag to enable/disable processing of the record to add to the DNS zone to complete certificate validation | No |
2539
| `ttl` | `300` | The TTL of the record to add to the DNS zone to complete certificate validation | No |
2640
| `tags` | `{}` | Additional tags (_e.g._ `map("BusinessUnit","XYZ")` | No |
41+
| `subject_alternative_names` | `[]` | A list of domains that should be SANs in the issued certificate | No |
2742

2843

2944
## Outputs
3045

31-
| Name | Description |
32-
|:-----------------------------|:-------------------------------------------------------------------------------|
33-
| `id` | The ARN of the certificate |
34-
| `arn` | The ARN of the certificate |
35-
| `domain_validation_options` | CNAME record that is added to the DNS zone to complete certificate validation |
46+
| Name | Description |
47+
|:-----------------------------|:---------------------------------------------------------------------------------|
48+
| `id` | The ARN of the certificate |
49+
| `arn` | The ARN of the certificate |
50+
| `domain_validation_options` | CNAME records that are added to the DNS zone to complete certificate validation |
3651

3752

3853

main.tf

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
11
resource "aws_acm_certificate" "default" {
2-
domain_name = "${var.domain_name}"
3-
validation_method = "${var.validation_method}"
4-
tags = "${var.tags}"
2+
domain_name = "${var.domain_name}"
3+
validation_method = "${var.validation_method}"
4+
subject_alternative_names = ["${var.subject_alternative_names}"]
5+
tags = "${var.tags}"
56
}
67

78
data "aws_route53_zone" "default" {

variables.tf

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,3 +26,9 @@ variable "tags" {
2626
default = {}
2727
description = "Additional tags (e.g. map('BusinessUnit`,`XYZ`)"
2828
}
29+
30+
variable "subject_alternative_names" {
31+
type = "list"
32+
default = []
33+
description = "A list of domains that should be SANs in the issued certificate"
34+
}

0 commit comments

Comments
 (0)