# ---------------------------------------------------------------------------
# Amazon ACM
# ---------------------------------------------------------------------------

data "aws_route53_zone" "this" {
  name = var.domain_name
}

resource "aws_acm_certificate" "this" {
  domain_name               = var.domain_name
  subject_alternative_names = var.subject_alternative_names
  validation_method         = var.validation_method

  tags = var.tags

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_route53_record" "this" {
  allow_overwrite = var.validation_allow_overwrite_records

  name    = tolist(aws_acm_certificate.this.domain_validation_options)[0].resource_record_name
  records = [tolist(aws_acm_certificate.this.domain_validation_options)[0].resource_record_value]
  type    = tolist(aws_acm_certificate.this.domain_validation_options)[0].resource_record_type
  zone_id = data.aws_route53_zone.this.zone_id
  ttl     = var.dns_ttl

  depends_on = [aws_acm_certificate.this]
}

resource "aws_acm_certificate_validation" "this" {
  certificate_arn         = aws_acm_certificate.this.arn
  validation_record_fqdns = [aws_route53_record.this.fqdn]

  timeouts {
    create = var.validation_timeout
  }
}