1

I have got an issue with Terraform when trying to create certificate and check for its validation.

I got this terraform file:

resource "aws_acm_certificate" "api_cert" {
  domain_name = "google.com"
  validation_method = "DNS"
}

output "domain_validation" {
  value = "${aws_acm_certificate.api_cert.domain_validation_options}"
  description = "Certificate domain name validation options"
}

resource "aws_acm_certificate_validation" "api_cert" {
  certificate_arn = "${aws_acm_certificate.api_cert.arn}"
  timeouts {
    create = "2h"
  }
}

We are using DNS servers out of AWS so I need to get domain_validation_options before the job is finished.

This is what I need :

  1. Terraform creates certificate
  2. Terraform prints domain_validation_options
  3. I change manually DNS records so certificate can be validated
  4. Run certificate_validation in terraform
  5. Terraform creates ELB with validated certificate

With file like this I get domain_validation_options after Step 4 fails...

1 Answers1

1

You would have to split it into two separate Terraform runs; you won't get an output written out before the various resources.

Alternatively, depending on what DNS server you're using, there are numerous Terraform providers that can create DNS records automatically for you. I'm guessing the validation is done by creating a TXT record of some sort.

bodgit
  • 4,661
  • 13
  • 26