From 84c194109ac2ac0455df92afc3edfd0e1248775f Mon Sep 17 00:00:00 2001
From: nepalevov <33350321+nepalevov@users.noreply.github.com>
Date: Tue, 15 Nov 2022 14:52:46 +0300
Subject: [PATCH] feat: Make validation timeout configurable (#124)
---
README.md | 1 +
main.tf | 4 ++++
variables.tf | 6 ++++++
wrappers/main.tf | 1 +
4 files changed, 12 insertions(+)
diff --git a/README.md b/README.md
index 3992cdd..bb5d46d 100644
--- a/README.md
+++ b/README.md
@@ -210,6 +210,7 @@ No modules.
| [validation\_method](#input\_validation\_method) | Which method to use for validation. DNS or EMAIL are valid, NONE can be used for certificates that were imported into ACM and then into Terraform. | `string` | `"DNS"` | no |
| [validation\_option](#input\_validation\_option) | The domain name that you want ACM to use to send you validation emails. This domain name is the suffix of the email addresses that you want ACM to use. | `any` | `{}` | no |
| [validation\_record\_fqdns](#input\_validation\_record\_fqdns) | When validation is set to DNS and the DNS validation records are set externally, provide the fqdns for the validation | `list(string)` | `[]` | no |
+| [validation\_timeout](#input\_validation\_timeout) | Define maximum timeout to wait for the validation to complete | `string` | `null` | no |
| [wait\_for\_validation](#input\_wait\_for\_validation) | Whether to wait for the validation to complete | `bool` | `true` | no |
| [zone\_id](#input\_zone\_id) | The ID of the hosted zone to contain this record. Required when validating via Route53 | `string` | `""` | no |
diff --git a/main.tf b/main.tf
index 0f1ad06..323d2f1 100644
--- a/main.tf
+++ b/main.tf
@@ -66,4 +66,8 @@ resource "aws_acm_certificate_validation" "this" {
certificate_arn = aws_acm_certificate.this[0].arn
validation_record_fqdns = flatten([aws_route53_record.validation[*].fqdn, var.validation_record_fqdns])
+
+ timeouts {
+ create = var.validation_timeout
+ }
}
diff --git a/variables.tf b/variables.tf
index 2758410..e887445 100644
--- a/variables.tf
+++ b/variables.tf
@@ -28,6 +28,12 @@ variable "wait_for_validation" {
default = true
}
+variable "validation_timeout" {
+ description = "Define maximum timeout to wait for the validation to complete"
+ type = string
+ default = null
+}
+
variable "certificate_transparency_logging_preference" {
description = "Specifies whether certificate details should be added to a certificate transparency log"
type = bool
diff --git a/wrappers/main.tf b/wrappers/main.tf
index 980824b..dcadfd2 100644
--- a/wrappers/main.tf
+++ b/wrappers/main.tf
@@ -8,6 +8,7 @@ module "wrapper" {
validate_certificate = try(each.value.validate_certificate, var.defaults.validate_certificate, true)
validation_allow_overwrite_records = try(each.value.validation_allow_overwrite_records, var.defaults.validation_allow_overwrite_records, true)
wait_for_validation = try(each.value.wait_for_validation, var.defaults.wait_for_validation, true)
+ validation_timeout = try(each.value.validation_timeout, var.defaults.validation_timeout, null)
certificate_transparency_logging_preference = try(each.value.certificate_transparency_logging_preference, var.defaults.certificate_transparency_logging_preference, true)
domain_name = try(each.value.domain_name, var.defaults.domain_name, "")
subject_alternative_names = try(each.value.subject_alternative_names, var.defaults.subject_alternative_names, [])