1 Answer
- Newest
- Most votes
- Most comments
0
Okay, I think that would be managing certificates in IAM. I've never done it with Terraform, but I think iam_server_certificate is what you're looking for.
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_server_certificate
Relevant content
- asked 6 months ago
- asked a year ago
- Accepted Answerasked 9 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
This was the original requirement: Create self signed certificate for
test.example.com
and used this hostname with Load balancer, this DNS should be resolved internally within VPC network with route 53 private hosted zone.I am not good at English, so I want to clarify your question.
Is it correct that what you want to know is that you want to add a record pointing to the ALB in Route 53? In other words, when you query Route53 for test.example.com, do you want the IP of the ALB to be returned?
Or do you want all of the following? How to install a self-signed certificate in the ALB How to create a private host zone on Route53 How to add a record to Route53 that returns the ALB's IP
Hi Shibata, the questions you asked below are my requirements i.e.
How to install a self-signed certificate in the ALB How to create a private host zone on Route53 How to add a record to Route53 that returns the ALB's IP
That's fine English is just any other language after all and I am not a native English speaking guy either :)
I understand your question. However, I must make an unfortunate announcement.
To answer your question, I must check your understanding of several items. It is a task that requires as much effort as writing a blog post, and even in my native language, it is difficult, and I do not have the time to do it.
I would like to help you, so I hope the following will give you some hints.
To upload certificates to AWS, you can use ACM's import function in addition to IAM, which I mentioned earlier. This is more modern.
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate
You can apply the certificate to ALB by specifying the ARN of the ACM certificate you just created in the certificate_arn of the aws_alb_listener.
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener
A Route 53 Private Host Zone can be created at
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone#private-zone
Use an alias record to return the IP of the ALB in Route 53.
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record#alias-record
I hope you can achieve your goal.