From e882361c410a71646754b9196ec0d12d39fe9183 Mon Sep 17 00:00:00 2001 From: nitro Date: Thu, 1 Apr 2021 18:35:49 -0400 Subject: [PATCH] Use acm module instead of awscli (#145) * Use acm module instead of awscli * Auto Format * Update README.yaml * Auto Format Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> --- README.md | 41 ++++++++++++++++++++++++++++++++++++++++- README.yaml | 41 ++++++++++++++++++++++++++++++++++++++++- 2 files changed, 80 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4885ff4d..b7c6d8c3 100644 --- a/README.md +++ b/README.md @@ -133,7 +133,46 @@ module "cdn" { ### Generating ACM Certificate -Use the AWS cli to [request new ACM certifiates](http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request.html) (requires email validation) +```hcl +# For cloudfront, the acm has to be created in us-east-1 or it will not work +provider "aws" { + region = "us-east-1" + alias = "aws.us-east-1" +} + +# create acm and explicitly set it to us-east-1 provider +module "acm_request_certificate" { + source = "cloudposse/acm-request-certificate/aws" + providers = { + aws = aws.us-east-1 + } + + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" + domain_name = "example.com" + subject_alternative_names = ["a.example.com", "b.example.com", "*.c.example.com"] + process_domain_validation_options = true + ttl = "300" +} + +module "cdn" { + source = "cloudposse/cloudfront-s3-cdn/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" + namespace = "eg" + stage = "prod" + name = "app" + aliases = ["assets.cloudposse.com"] + dns_alias_enabled = true + parent_zone_name = "cloudposse.com" + + acm_certificate_arn = module.acm_request_certificate.arn + + depends_on = [module.acm_request_certificate] +} +``` + +Or use the AWS cli to [request new ACM certifiates](http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request.html) (requires email validation) ``` aws acm request-certificate --domain-name example.com --subject-alternative-names a.example.com b.example.com *.c.example.com ``` diff --git a/README.yaml b/README.yaml index 184aa29d..1697634a 100644 --- a/README.yaml +++ b/README.yaml @@ -95,7 +95,46 @@ usage: |- ### Generating ACM Certificate - Use the AWS cli to [request new ACM certifiates](http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request.html) (requires email validation) + ```hcl + # For cloudfront, the acm has to be created in us-east-1 or it will not work + provider "aws" { + region = "us-east-1" + alias = "aws.us-east-1" + } + + # create acm and explicitly set it to us-east-1 provider + module "acm_request_certificate" { + source = "cloudposse/acm-request-certificate/aws" + providers = { + aws = aws.us-east-1 + } + + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" + domain_name = "example.com" + subject_alternative_names = ["a.example.com", "b.example.com", "*.c.example.com"] + process_domain_validation_options = true + ttl = "300" + } + + module "cdn" { + source = "cloudposse/cloudfront-s3-cdn/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" + namespace = "eg" + stage = "prod" + name = "app" + aliases = ["assets.cloudposse.com"] + dns_alias_enabled = true + parent_zone_name = "cloudposse.com" + + acm_certificate_arn = module.acm_request_certificate.arn + + depends_on = [module.acm_request_certificate] + } + ``` + + Or use the AWS cli to [request new ACM certifiates](http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request.html) (requires email validation) ``` aws acm request-certificate --domain-name example.com --subject-alternative-names a.example.com b.example.com *.c.example.com ```