CODEWITHSUNDEEP
yamlterraform
awiechert
awiechert

Reputation: 390

terraform create list from yaml to be used in subject_alternative_names

I have this yaml structure and I need terraform to put apex_name and each record entry to be stored in a list which I can then use to create a san certificate. How can I achive this to be flat list for the subject_alternative_names? Any help is highly appreciated.

source_domains:
  - apex_name: elastic2ls.com
    records:
      - elastic2ls.com
      - www.elastic2ls.com
  - apex_name: elastic2ls.ch
    records:
    - elastic2ls.ch
    - www.elastic2ls.ch
    - image.elastic2ls.ch
    - m.elastic2ls.ch
    - static.elastic2ls.ch

resource "aws_acm_certificate" "cert" {
  for_each = var.subdomains
  provider          = aws.certificate_region
  domain_name       = var.target_domain
  subject_alternative_names = sort(each.value)
  validation_method = "DNS"

}

variable "source_domains" {    
  type = set(object({          
    apax_name = string         
    records   = set(string)    
  }))                          
}

Upvotes: 0

Views: 1266

Answers (2)

awiechert
awiechert

Reputation: 390

I was able to achive getting all domain names into the SAN certificate with this terraform code.

locals {
  subject_alternative_names = flatten([
      for d in var.source_domains :
        contains(keys(d), "records") ? d.records: null
      ])

}

resource "aws_acm_certificate" "cert" {
  provider                  = aws.certificate_region
  domain_name               = var.target_domain
  subject_alternative_names = local.subject_alternative_names
  validation_method         = "DNS"


}

variable "source_domains" {       
  type = set(object({             
    apex_name = string            
    records   = set(string)       
  }))                             
}

Upvotes: 0

Dan Monego
Dan Monego

Reputation: 10087

Load your yml into a local value, then use a for statement to massage it into something that fits your use case:

locals {
    source_domains = yaml_decode(file("myYaml.yml"))
}

resource "aws_acm_certificate" "cert" {
    for_each                  = tomap({ for d in local.source_domains :
                                    d.apex_name => d })
    provider                  = aws.certificate_region
    domain_name               = each.key
    subject_alternative_names = sort(flatten([each.key, each.value.records]))
    validation_method         = "DNS"
}

I've assumed that you want to use apex_name as your domain name, and that apex_name was the correct value, and apax_name was a typo.

Upvotes: 1

Related Questions