feat: Make validation timeout configurable (#124)

terraform-aws-modules · Nov 15, 2022 · 84c1941 · 84c1941
1 parent 3d9ddd9
commit 84c1941
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -210,6 +210,7 @@ No modules.
 | <a name="input_validation_method"></a> [validation\_method](#input\_validation\_method) | Which method to use for validation. DNS or EMAIL are valid, NONE can be used for certificates that were imported into ACM and then into Terraform. | `string` | `"DNS"` | no |
 | <a name="input_validation_option"></a> [validation\_option](#input\_validation\_option) | The domain name that you want ACM to use to send you validation emails. This domain name is the suffix of the email addresses that you want ACM to use. | `any` | `{}` | no |
 | <a name="input_validation_record_fqdns"></a> [validation\_record\_fqdns](#input\_validation\_record\_fqdns) | When validation is set to DNS and the DNS validation records are set externally, provide the fqdns for the validation | `list(string)` | `[]` | no |
+| <a name="input_validation_timeout"></a> [validation\_timeout](#input\_validation\_timeout) | Define maximum timeout to wait for the validation to complete | `string` | `null` | no |
 | <a name="input_wait_for_validation"></a> [wait\_for\_validation](#input\_wait\_for\_validation) | Whether to wait for the validation to complete | `bool` | `true` | no |
 | <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | The ID of the hosted zone to contain this record. Required when validating via Route53 | `string` | `""` | no |
 

diff --git a/main.tf b/main.tf
@@ -66,4 +66,8 @@ resource "aws_acm_certificate_validation" "this" {
   certificate_arn = aws_acm_certificate.this[0].arn
 
   validation_record_fqdns = flatten([aws_route53_record.validation[*].fqdn, var.validation_record_fqdns])
+
+  timeouts {
+    create = var.validation_timeout
+  }
 }
diff --git a/variables.tf b/variables.tf
@@ -28,6 +28,12 @@ variable "wait_for_validation" {
   default     = true
 }
 
+variable "validation_timeout" {
+  description = "Define maximum timeout to wait for the validation to complete"
+  type        = string
+  default     = null
+}
+
 variable "certificate_transparency_logging_preference" {
   description = "Specifies whether certificate details should be added to a certificate transparency log"
   type        = bool

diff --git a/wrappers/main.tf b/wrappers/main.tf
@@ -8,6 +8,7 @@ module "wrapper" {
   validate_certificate                        = try(each.value.validate_certificate, var.defaults.validate_certificate, true)
   validation_allow_overwrite_records          = try(each.value.validation_allow_overwrite_records, var.defaults.validation_allow_overwrite_records, true)
   wait_for_validation                         = try(each.value.wait_for_validation, var.defaults.wait_for_validation, true)
+  validation_timeout                          = try(each.value.validation_timeout, var.defaults.validation_timeout, null)
   certificate_transparency_logging_preference = try(each.value.certificate_transparency_logging_preference, var.defaults.certificate_transparency_logging_preference, true)
   domain_name                                 = try(each.value.domain_name, var.defaults.domain_name, "")
   subject_alternative_names                   = try(each.value.subject_alternative_names, var.defaults.subject_alternative_names, [])