Certificates
Certificates for each application are created within its corresponding application stack.
If you need additional certifications you can create them by setting up a separate certificates stack.
Step 1: Create a new configuration file
Create a new configuration file for certificates:
Step 2: Add and install the scaffold
package
Run the following command in the repo-iac/environments/dev/
directory:
This will add the package you want to install to packages.yml
. If you want to know more about how this works, read the reference documentation for packages.yml
.
Then, run the following command to install the package:
Step 3: Initialize and apply the certificates
stack
This will not create any resources since we are scaffolding a empty stack.
Step 4: Add custom certificate
Depending on your needs you can create one or more certificates. The following example creates a certificate for km-dev.oslo.systems
.
module "acm_certificate_km" {
# https://github.com/terraform-aws-modules/terraform-aws-acm
source = "terraform-aws-modules/acm/aws"
version = "5.0.1"
create_certificate = true
domain_name = "km-dev.oslo.systems"
zone_id = data.aws_route53_zone.km.zone_id
validation_method = "DNS"
wait_for_validation = true
}
data "aws_route53_zone" "km" {
name = "km-dev.oslo.systems"
}
Step 5: Verify
Run the following command:
The output list should contain km-dev.oslo.systems
.
Login to the AWS console and navigate to Certficate Manager. Select List certificates in the left-hand menu.
The list should contain km-dev.oslo.systems
Commit your files
At this stage it is a good idea to commit your files.
Next step
Set up load balancing.