nicosingh · October 16, 2024 14:02
diff --git a/lets-encrypt-cert.tf b/lets-encrypt-cert.tf
 provider "acme" {
  server_url = "https://acme-staging-v02.api.letsencrypt.org/directory"
  #server_url = "https://acme-v02.api.letsencrypt.org/directory"
 }

 data "aws_route53_zone" "base_domain" {
  name = "eks.singh.cl" # TODO put your own DNS in here!
 }

 resource "tls_private_key" "private_key" {
  algorithm = "RSA"
 }

 resource "acme_registration" "registration" {
  account_key_pem = tls_private_key.private_key.private_key_pem
  email_address   = "[email protected]" # TODO put your own email in here!
 }

 resource "acme_certificate" "certificate" {
  account_key_pem           = acme_registration.registration.account_key_pem
  common_name               = data.aws_route53_zone.base_domain.name
  subject_alternative_names = ["*.${data.aws_route53_zone.base_domain.name}"]

  dns_challenge {
    provider = "route53"

    config = {
      AWS_HOSTED_ZONE_ID = data.aws_route53_zone.base_domain.zone_id
    }
  }

  depends_on = [acme_registration.registration]
 }
	provider "acme" {
	server_url = "https://acme-staging-v02.api.letsencrypt.org/directory"
	#server_url = "https://acme-v02.api.letsencrypt.org/directory"
	}

	data "aws_route53_zone" "base_domain" {
	name = "eks.singh.cl" # TODO put your own DNS in here!
	}

	resource "tls_private_key" "private_key" {
	algorithm = "RSA"
	}

	resource "acme_registration" "registration" {
	account_key_pem = tls_private_key.private_key.private_key_pem
	email_address = "[email protected]" # TODO put your own email in here!
	}

	resource "acme_certificate" "certificate" {
	account_key_pem = acme_registration.registration.account_key_pem
	common_name = data.aws_route53_zone.base_domain.name
	subject_alternative_names = ["*.${data.aws_route53_zone.base_domain.name}"]

	dns_challenge {
	provider = "route53"

	config = {
	AWS_HOSTED_ZONE_ID = data.aws_route53_zone.base_domain.zone_id
	}
	}

	depends_on = [acme_registration.registration]
	}