v0.18.0

• Bump minimum Terraform version form 0.13 to 0.14
• Revert changes in pre-release version 0.17
• Update tests
• Add ability to specify key_algorithm closes #69 by @joke in #74

v0.16.3

Allow management of ACM certs with SANs in multiple zones @nitrocode (#61)

what

• Allow management of ACM certs with SANs in multiple zones
• Add versions.tf to examples/complete

why

• This is useful for more complex certificates and validation of those certificates
• Workaround without this is to manage validation records outside of the module

resource "aws_route53_record" "default" {
  for_each = {
    for dvo in module.acm_certificate.domain_validation_options[0] : dvo.domain_name => {
      name   = dvo.resource_record_name
      record = dvo.resource_record_value
      type   = dvo.resource_record_type
    }
  }

  name    = each.value.name
  records = [each.value.record]
  type    = each.value.type
  zone_id = data.aws_route53_zone.default[local.domain_to_zone[each.key]].id
  ttl     = 300
}

references

• Closes #55
• Closes #60
• https://github.com/cloudposse/terraform-aws-route53-cluster-zone

🚀 Enhancements

fix spilt of root domain @shovelwagon (#68)

what

This fixes what was mentioned in - #66

why

Adding a simple length check to where domains get update in an array fixes the mentioned issue.

  Error: no matching Route53Zone found
  
    with module.acm_request_certificate.data.aws_route53_zone.default["io"],
    on .terraform/modules/acm_request_certificate/main.tf line 38, in data "aws_route53_zone" "default":
    38: data "aws_route53_zone" "default" {

references

• #66

v0.17.0

This is a pre-release due to #62

Allow management of ACM certs with SANs in multiple zones @nitrocode (#61)

NOTE: This feature requires that the zone to use for validation is the immediate parent of the name in the SAN. See #62.

what

• Allow management of ACM certs with SANs in multiple zones
• Add versions.tf to examples/complete

why

• This is useful for more complex certificates and validation of those certificates
• Workaround without this is to set process_domain_validation_options = false and manage validation records outside of the module

resource "aws_route53_record" "default" {
  for_each = {
    for dvo in module.acm_certificate.domain_validation_options[0] : dvo.domain_name => {
      name   = dvo.resource_record_name
      record = dvo.resource_record_value
      type   = dvo.resource_record_type
    }
  }

  name    = each.value.name
  records = [each.value.record]
  type    = each.value.type
  zone_id = data.aws_route53_zone.default[local.domain_to_zone[each.key]].id
  ttl     = 300
}

references

• Closes #55
• Closes #60
• https://github.com/cloudposse/terraform-aws-route53-cluster-zone

v0.16.2

🚀 Enhancements

Private CA: Skip validation method, correct data source input @nitrocode (#54)

what

• Skip validation method, correct data source input

why

• Validation method is only applicable for public hosted zone acm certs
• Use correct private_zone input for route53 zone data source

references

• N/A

v0.16.1

git.io->cloudposse.tools update @dylanbannon (#57)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

🚀 Enhancements

adding validation certificate_arn output @tbpoetke (#59)

what

• added acm_certificate_validation.certification_arn output

why

• to avoid alb module can't create listener because of not validated cert
• use this output as certification arn in alb module

references

• #58
• closes #58

v0.16.0

Add certificate_authority_arn for private CAs @nitrocode (#53)

what

• Add certificate_authority_arn
• Add validation id output
• Add verification of lowercase sans and domain names

why

• For private CAs

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate
• Thanks to @razorsedge this PR closes #37
• Thanks to @alexjurkiewicz this PR closes #46

v0.15.2

🤖 Automatic Updates

Update README.md and docs @cloudpossebot (#52)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.15.1

🚀 Enhancements

Chore: update `context.tf`, `build-harness` assets @korenyoni (#50)

what

• Update context.tf.
• Update build-harness assets by running make github/init.
• Clean up unused providers.
• Drop Terraform support prior to 0.13.

why

• The latest version of context.tf (null-label:0.25.0), contains new labels. A module instantiating this module with version 0.25.0 of null-label and making use of new labels will not be able to use this module.
• Running make github/init updates build-harness assets, which includes GitHub Actions Workflows and related files.
• The latest distribution of context.tf (null-label:0.25.0) is not compatible with Terraform 0.12.* because it makes use of validation blocks.

references

• https://github.com/cloudposse/terraform-null-label/releases/tag/0.25.0
• closes #41

v0.15.0

Add zone id @nitrocode (#49)

what

• Add zone_id

why

• Create an implicit link between zone creation and acm creation
• This gives the consumer the option to use domain name, zone name, or zone id to use the data source to retrieve the existing hosted zone

references

• Closes #24
• Previous PR #45
  • Did not see this PR unfortunately. It does not update the failing test so if this gets merged, I'll close the other PR.

v0.14.0

add the option for certificate_transparency_logging_preference @marcelobartsch (#32)

what

• Add the option to DISABLE or ENABLE certificate_transparency_logging_preference parameter when creating the certificate

why

• Some cases you don't want to disclose certificate names, as also this may leak internal information when you use this module for internal domains ACM generation in a split horizon dns configuration.

references