Skip to content

Commit

Permalink
ajuste tempalte site
Browse files Browse the repository at this point in the history
  • Loading branch information
@thiagoclessa
thiagoclessa authored Jul 17, 2023
1 parent 562651e commit b488b1a
Show file tree
Hide file tree
Showing 6 changed files with 60 additions and 3 deletions.
39 changes: 39 additions & 0 deletions certificate/certificate.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
resource "aws_acm_certificate" "certificate" {
domain_name = "${var.domain}"
validation_method = "DNS"

tags = {
"Name" = "Site"
}
}

resource "aws_acm_certificate_validation" "certificate_validation" {
certificate_arn = aws_acm_certificate.certificate.arn
validation_record_fqdns = [for record in aws_route53_record.certificate_records : record.fqdn]

depends_on = [
aws_acm_certificate.certificate
]

timeouts {
create = "10m"
}
}

# Add Certificate Validation Records on Route53
resource "aws_route53_record" "certificate_records" {
for_each = {
for dvo in aws_acm_certificate.certificate.domain_validation_options : dvo.domain_name => {
name = dvo.resource_record_name
record = dvo.resource_record_value
type = dvo.resource_record_type
}
}

allow_overwrite = true
name = each.value.name
records = [each.value.record]
ttl = 60
type = each.value.type
zone_id = data.aws_route53_zone.domain_zone.zone_id
}
3 changes: 3 additions & 0 deletions certificate/output.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
output "vca" {
value = "${aws_acm_certificate_validation.certificate_validation.certificate_arn}"
}
2 changes: 2 additions & 0 deletions certificate/variable.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
variable "domain" {
}
9 changes: 7 additions & 2 deletions cloudfront/cloudfront.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,14 @@ resource "aws_cloudfront_distribution" "tf" {
}
}


viewer_certificate {
cloudfront_default_certificate = true
ssl_support_method = "sni-only"
cloudfront_default_certificate = false

minimum_protocol_version = "TLSv1.2_2021"
ssl_support_method = "sni-only"

acm_certificate_arn = "${var.vca}"
}
}
#### ROUTE53 #####
Expand Down
2 changes: 2 additions & 0 deletions cloudfront/variable.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,5 @@ variable "domain" {
}
variable "zoneid" {
}
variable "vca" {
}
8 changes: 7 additions & 1 deletion main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,16 @@ module "site" {
domain = local.config.domain
}

module "certificate" {
source = "./certificate"
domain = local.config.domain
vca = module.certificate.output.vca

}

module "cloudfront" {
source = "./cloudfront"
domain = local.config.domain
zoneid = local.config.zoneid
vca = module.certificate.output.vca
}

0 comments on commit b488b1a

Please sign in to comment.