terraform-aws-acm-request-certificate icon indicating copy to clipboard operation
terraform-aws-acm-request-certificate copied to clipboard
verified publisher icon cloudposse

Module broken if only passing domain name

Open slalomq opened this issue 2 years ago • 2 comments

Describe the Bug

Just passing the domain_name to request the certificate will end in error:

aws_route53_zone.root: Creating...
aws_route53_zone.root: Still creating... [10s elapsed]
aws_route53_zone.root: Still creating... [20s elapsed]
aws_route53_zone.root: Still creating... [30s elapsed]
aws_route53_zone.root: Still creating... [40s elapsed]
aws_route53_zone.root: Creation complete after 44s [id=Z100510839VMYCIY3X0FZ]
module.acm.data.aws_route53_zone.default["io"]: Reading...
module.acm.data.aws_route53_zone.default["example.io"]: Reading...
module.acm.aws_acm_certificate.default[0]: Creating...
module.acm.data.aws_route53_zone.default["example.io"]: Read complete after 1s [id=Z100510839VMYCIY3X0FZ]
module.acm.aws_acm_certificate.default[0]: Creation complete after 6s [id=arn:aws:acm:us-west-2:976668483278:certificate/5a505039-cec1-4407-a629-a71fd18f227a]
╷
│ Error: no matching Route53Zone found
│
│   with module.acm.data.aws_route53_zone.default["io"],
│   on .terraform/modules/acm/main.tf line 38, in data "aws_route53_zone" "default":
│   38: data "aws_route53_zone" "default" {
│
╵

It seems to be trying to get the hosted zone for both "example.io" and just "io" even if I am just passing "example.io" as domain_name. Because the 2nd hosted zone doesn't exist, the module fails.

This works fine if we pick version 0.16.3 of the module.

Expected Behavior

ACM certificate gets created.

Steps to Reproduce

This small code snippet should do it:

resource "aws_route53_zone" "root" {

  name    = "example.io"
  comment = "DNS zone for the root domain"
}

module "acm" {

  source  = "cloudposse/acm-request-certificate/aws"
  version = "0.17.0"

  enabled = true

  domain_name                       = "example.io"
  process_domain_validation_options = true
  ttl                               = 300
  subject_alternative_names         = [format("*.%s", "example.io")]

  depends_on = [aws_route53_zone.root]
}

Screenshots

No response

Environment

  • linux_amd64
  • Module version: 0.0.17
  • Terraform version: Terraform v1.3.8

Additional Context

No response

slalomq avatar Jun 19 '23 20:06 slalomq

@nitrocode

jamengual avatar Jun 19 '23 21:06 jamengual

See PR https://github.com/cloudposse/terraform-aws-acm-request-certificate/pull/66

Workaround for now is to use 0.16.3

nitrocode avatar Jun 20 '23 16:06 nitrocode