Let acm module create validation records for us (#18)

snovikov · web-flow · commit 62f5f61d13d1 · 2025-01-24T17:09:54.000+01:00
* Let acm module create validation records for us

* Add moved blocks
diff --git a/main.tf b/main.tf
@@ -4,31 +4,15 @@ module "acm" {
 
   create_certificate = var.domain_name != "" ? true : false
 
-  domain_name               = var.dns_subdomain
-  subject_alternative_names = var.subject_alternative_names
-
-  validate_certificate = false
-  validation_method    = "DNS"
-
-  tags = var.tags
-}
+  validation_method = "DNS"
 
-resource "aws_route53_record" "validation" {
-  depends_on = [module.acm]
+  domain_name = var.dns_subdomain
+  zone_id     = data.aws_route53_zone.selected[0].zone_id
 
-  count = length(local.hostnames)
-
-  zone_id         = local.validation_zone_mapping[module.acm.acm_certificate_domain_validation_options[count.index]["domain_name"]]
-  name            = module.acm.acm_certificate_domain_validation_options[count.index]["resource_record_name"]
-  type            = module.acm.acm_certificate_domain_validation_options[count.index]["resource_record_type"]
-  records         = [module.acm.acm_certificate_domain_validation_options[count.index]["resource_record_value"]]
-  ttl             = 60
-  allow_overwrite = var.validation_allow_overwrite_records
-}
+  subject_alternative_names = var.subject_alternative_names
+  zones                     = local.validation_zone_mapping
 
-resource "aws_acm_certificate_validation" "this" {
-  certificate_arn         = module.acm.acm_certificate_arn
-  validation_record_fqdns = aws_route53_record.validation.*.fqdn
+  tags = var.tags
 }
 
 module "application" {
@@ -48,7 +32,7 @@ module "environment" {
 
   depends_on = [
     aws_elastic_beanstalk_application_version.default,
-    aws_acm_certificate_validation.this,
+    module.acm,
   ]
 
   name        = var.application_name
diff --git a/moved.tf b/moved.tf
@@ -7,3 +7,13 @@ moved {
   from = module.elastic_beanstalk_environment
   to   = module.environment
 }
+
+moved {
+  from = aws_route53_record.validation
+  to   = module.acm.aws_route53_record.validation
+}
+
+moved {
+  from = aws_acm_certificate_validation.this
+  to   = module.acm.aws_acm_certificate_validation.this[0]
+}
