Initial Implementation (#1)

SweetOps · aknysh · commit 39d8c9b74d22 · 2018-03-27T00:42:12.000-04:00
* init code

* Use TF `aws_acm_certificate` resources to request SSL certificate

* Update `README`

* Create `aws_route53_zone` only if `validation_method="DNS"`
diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,5 @@
 
 # Module directory
 .terraform/
+.idea
+*.iml
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,16 @@
+addons:
+  apt:
+    packages:
+      - git
+      - make
+      - curl
+
+install:
+  - make init
+
+script:
+  - make terraform/install
+  - make terraform/get-plugins
+  - make terraform/get-modules
+  - make terraform/lint
+  - make terraform/validate
diff --git a/LICENSE b/LICENSE
@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright {yyyy} {name of copyright owner}
+   Copyright 2017-2018 Cloud Posse, LLC
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/Makefile b/Makefile
@@ -0,0 +1,6 @@
+SHELL := /bin/bash
+
+-include $(shell curl -sSL -o .build-harness "https://git.io/build-harness"; echo .build-harness)
+
+lint:
+	$(SELF) terraform/install terraform/get-modules terraform/get-plugins terraform/lint terraform/validate
diff --git a/README.md b/README.md
@@ -1 +1,118 @@
-# terraform-aws-acm-request
+# terraform-aws-acm-request-certificate [![Build Status](https://travis-ci.org/cloudposse/terraform-aws-acm-request-certificate.svg?branch=master)](https://travis-ci.org/cloudposse/terraform-aws-acm-request-certificate)
+
+Terraform module to request an ACM certificate for a domain name and create a CNAME record in the DNZ zone to complete certificate validation 
+
+
+## Usage
+
+```hcl
+module "acm_request_certificate" {
+  source                           = "git::https://github.com/cloudposse/terraform-aws-acm-request-certificate.git?ref=master"
+  domain_name                      = "example.com"
+  proces_domain_validation_options = "true"
+  ttl                              = "300"
+}
+```
+
+
+## Variables
+
+|  Name                               |  Default     |  Description                                                                       | Required |
+|:------------------------------------|:-------------|:-----------------------------------------------------------------------------------|:--------:|
+| `domain_name`                       | ``           | A domain name for which the certificate should be issued                           | Yes      |
+| `validation_method`                 | `DNS`        | Which method to use for validation, `DNS` or `EMAIL`                               | No       |
+| `proces_domain_validation_options`  | `true`       | Flag to enable/disable processing of the record to add to the DNS zone to complete certificate validation   | No       |
+| `ttl`                               | `300`        | The TTL of the record to add to the DNS zone to complete certificate validation    | No       |
+| `tags`                              | `{}`         | Additional tags  (_e.g._ `map("BusinessUnit","XYZ")`                               | No       |
+
+
+## Outputs
+
+| Name                         | Description                                                                    |
+|:-----------------------------|:-------------------------------------------------------------------------------|
+| `id`                         | The ARN of the certificate                                                     |
+| `arn`                        | The ARN of the certificate                                                     |
+| `domain_validation_options`  | CNAME record that is added to the DNS zone to complete certificate validation  |
+
+
+
+## Help
+
+**Got a question?**
+
+File a GitHub [issue](https://github.com/cloudposse/terraform-aws-acm-request-certificate/issues), send us an [email](mailto:hello@cloudposse.com) or reach out to us on [Gitter](https://gitter.im/cloudposse/).
+
+
+## Contributing
+
+### Bug Reports & Feature Requests
+
+Please use the [issue tracker](https://github.com/cloudposse/terraform-aws-acm-request-certificate/issues) to report any bugs or file feature requests.
+
+### Developing
+
+If you are interested in being a contributor and want to get involved in developing `terraform-aws-acm-request-certificate`, we would love to hear from you! Shoot us an [email](mailto:hello@cloudposse.com).
+
+In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
+
+ 1. **Fork** the repo on GitHub
+ 2. **Clone** the project to your own machine
+ 3. **Commit** changes to your own branch
+ 4. **Push** your work back up to your fork
+ 5. Submit a **Pull request** so that we can review your changes
+
+**NOTE:** Be sure to merge the latest from "upstream" before making a pull request!
+
+
+## License
+
+[APACHE 2.0](LICENSE) © 2018 [Cloud Posse, LLC](https://cloudposse.com)
+
+See [LICENSE](LICENSE) for full details.
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+
+## About
+
+`terraform-aws-acm-request-certificate` is maintained and funded by [Cloud Posse, LLC][website].
+
+![Cloud Posse](https://cloudposse.com/logo-300x69.png)
+
+
+Like it? Please let us know at <hello@cloudposse.com>
+
+We love [Open Source Software](https://github.com/cloudposse/)!
+
+See [our other projects][community]
+or [hire us][hire] to help build your next cloud platform.
+
+  [website]: https://cloudposse.com/
+  [community]: https://github.com/cloudposse/
+  [hire]: https://cloudposse.com/contact/
+
+
+### Contributors
+
+| [![Erik Osterman][erik_img]][erik_web]<br/>[Erik Osterman][erik_web] | [![Andriy Knysh][andriy_img]][andriy_web]<br/>[Andriy Knysh][andriy_web] |
+|-------------------------------------------------------|------------------------------------------------------------------|
+
+  [erik_img]: http://s.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb?s=144
+  [erik_web]: https://github.com/osterman/
+  [andriy_img]: https://avatars0.githubusercontent.com/u/7356997?v=4&u=ed9ce1c9151d552d985bdf5546772e14ef7ab617&s=144
+  [andriy_web]: https://github.com/aknysh/
diff --git a/main.tf b/main.tf
@@ -0,0 +1,24 @@
+resource "aws_acm_certificate" "default" {
+  domain_name       = "${var.domain_name}"
+  validation_method = "${var.validation_method}"
+  tags              = "${var.tags}"
+}
+
+data "aws_route53_zone" "default" {
+  count        = "${var.proces_domain_validation_options == "true" && var.validation_method == "DNS" ? 1 : 0}"
+  name         = "${var.domain_name}."
+  private_zone = false
+}
+
+locals {
+  domain_validation_options = "${aws_acm_certificate.default.domain_validation_options[0]}"
+}
+
+resource "aws_route53_record" "default" {
+  count   = "${var.proces_domain_validation_options == "true" && var.validation_method == "DNS" ? 1 : 0}"
+  zone_id = "${data.aws_route53_zone.default.zone_id}"
+  name    = "${local.domain_validation_options["resource_record_name"]}"
+  type    = "${local.domain_validation_options["resource_record_type"]}"
+  ttl     = "${var.ttl}"
+  records = ["${local.domain_validation_options["resource_record_value"]}"]
+}
diff --git a/outputs.tf b/outputs.tf
@@ -0,0 +1,11 @@
+output "id" {
+  value = "${aws_acm_certificate.default.id}"
+}
+
+output "arn" {
+  value = "${aws_acm_certificate.default.arn}"
+}
+
+output "domain_validation_options" {
+  value = "${aws_acm_certificate.default.domain_validation_options}"
+}
diff --git a/variables.tf b/variables.tf
@@ -0,0 +1,28 @@
+variable "domain_name" {
+  type        = "string"
+  description = "A domain name for which the certificate should be issued"
+}
+
+variable "validation_method" {
+  type        = "string"
+  default     = "DNS"
+  description = "Which method to use for validation, DNS or EMAIL"
+}
+
+variable "proces_domain_validation_options" {
+  type        = "string"
+  default     = "true"
+  description = "Flag to enable/disable processing of the record to add to the DNS zone to complete certificate validation"
+}
+
+variable "ttl" {
+  type        = "string"
+  default     = "300"
+  description = "The TTL of the record to add to the DNS zone to complete certificate validation"
+}
+
+variable "tags" {
+  type        = "map"
+  default     = {}
+  description = "Additional tags (e.g. map('BusinessUnit`,`XYZ`)"
+}
