Yandex Cloud Certificate Manager Terraform module

Terraform module which creates Yandex Cloud Certificate Manager resources.

Usage

See examples directory for working examples.

Self-managed certificate

Import into Certificate Manager a self-managed certificate.

module "certificate_manager" {
  source = "terraform-yacloud-modules/certificate-manager/yandex"

  self_managed = {
    implicit = {
      description = "self-managed domain certificate"
      certificate = "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- \n -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----"
      private_key = "-----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY-----"
    }
    file = {
      description = "self-managed domain certificate from file"
      certificate = file("cert.pem")
      private_key = file("key.pem")
    }
    lockbox = {
      description = "self-managed domain certificate from lockbox"
      certificate = "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- \n -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----"
      private_key_lockbox_secret = {
        id  = "lockbox_id"
        key = "lockbox_key"
      }
    }
  }
  
  
}

Examples

Examples codified under the examples are intended to give users references for how to use the module(s) as well as testing/validating changes to the source code of the module. If contributing to the project, please be sure to make any appropriate updates to the relevant examples to allow maintainers to test your changes and to keep the examples up to date for users. Thank you!

• Self-managed certificate
• Managed certificate

Requirements

Name	Version
terraform	>= 1.3
yandex	>= 0.72.0

Providers

Name	Version
yandex	>= 0.72.0

Modules

No modules.

Resources

Name	Type
yandex_cm_certificate.managed	resource
yandex_cm_certificate.self_managed	resource

Inputs

Name	Description	Type	Default	Required
managed	Managed certificate specification.	map(object({ domains = optional(list(string), []) # List of domains for this certificate description = optional(string, "") # Certificate description. labels = optional(map(string), {}) # Labels to assign to this certificate. challenge_type = optional(string, "DNS_CNAME") # Domain owner-check method. Possible values: DNS_CNAME, DNS_TXT, HTTP challenge_count = optional(number, 1) # Expected number of challenge count needed to validate certificate. folder_id = optional(string, null) # Folder ID where certificate will be created. If value is omitted, the default provider folder is used. }))	{}	no
self_managed	Self-managed certificate specification.	map(object({ description = optional(string, "") # Certificate description. labels = optional(map(string), {}) # Labels to assign to this certificate. certificate = optional(string, null) # Certificate with chain. private_key = optional(string, null) # Private key of certificate. private_key_lockbox_secret = optional(object({ id = string, key = string }), null) # Lockbox secret specification for getting private key. folder_id = optional(string, null) # Folder ID where certificate will be created. If value is omitted, the default provider folder is used. }))	{}	no

Outputs

Name	Description
managed_certificates	Managed certificates grouped by domain.
self_managed_certificates	Self-managed certificates grouped by domain.

License

Apache-2.0 Licensed. See LICENSE.