diff --git a/README.md b/README.md index 5db1f76..6bc9157 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ Terraform module which creates ACM certificates and validates them using Route53 DNS (recommended) or e-mail. +[![SWUbanner](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner2-direct.svg)](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md) + ## Usage with Route53 DNS validation (recommended) ```hcl @@ -149,6 +151,7 @@ No modules. | [create\_route53\_records](#input\_create\_route53\_records) | When validation is set to DNS, define whether to create the DNS records internally via Route53 or externally using any DNS provider | `bool` | `true` | no | | [dns\_ttl](#input\_dns\_ttl) | The TTL of DNS recursive resolvers to cache information about this record. | `number` | `60` | no | | [domain\_name](#input\_domain\_name) | A domain name for which the certificate should be issued | `string` | `""` | no | +| [putin\_khuylo](#input\_putin\_khuylo) | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | `bool` | `true` | no | | [subject\_alternative\_names](#input\_subject\_alternative\_names) | A list of domains that should be SANs in the issued certificate | `list(string)` | `[]` | no | | [tags](#input\_tags) | A mapping of tags to assign to the resource | `map(string)` | `{}` | no | | [validate\_certificate](#input\_validate\_certificate) | Whether to validate certificate by creating Route53 record | `bool` | `true` | no | @@ -177,3 +180,10 @@ Module is maintained by [Anton Babenko](https://github.com/antonbabenko) with he ## License Apache 2 Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-aws-acm/tree/master/LICENSE) for full details. + +## Additional terms of use for users from Russia and Belarus + +By using the code provided in this repository you agree with the following: +* Russia has [illegally annexed Crimea in 2014](https://en.wikipedia.org/wiki/Annexation_of_Crimea_by_the_Russian_Federation) and [brought the war in Donbas](https://en.wikipedia.org/wiki/War_in_Donbas) followed by [full-scale invasion of Ukraine in 2022](https://en.wikipedia.org/wiki/2022_Russian_invasion_of_Ukraine). +* Russia has brought sorrow and devastations to millions of Ukrainians, killed hundreds of innocent people, damaged thousands of buildings, and forced several million people to flee. +* [Putin khuylo!](https://en.wikipedia.org/wiki/Putin_khuylo!) diff --git a/main.tf b/main.tf index 3cf045b..723854d 100644 --- a/main.tf +++ b/main.tf @@ -1,4 +1,6 @@ locals { + create_certificate = var.create_certificate && var.putin_khuylo + # Get distinct list of domains and SANs distinct_domain_names = distinct( [for s in concat([var.domain_name], var.subject_alternative_names) : replace(s, "*.", "")] @@ -6,7 +8,7 @@ locals { # Get the list of distinct domain_validation_options, with wildcard # domain names replaced by the domain name - validation_domains = var.create_certificate ? distinct( + validation_domains = local.create_certificate ? distinct( [for k, v in aws_acm_certificate.this[0].domain_validation_options : merge( tomap(v), { domain_name = replace(v.domain_name, "*.", "") } )] @@ -14,7 +16,7 @@ locals { } resource "aws_acm_certificate" "this" { - count = var.create_certificate ? 1 : 0 + count = local.create_certificate ? 1 : 0 domain_name = var.domain_name subject_alternative_names = var.subject_alternative_names @@ -32,7 +34,7 @@ resource "aws_acm_certificate" "this" { } resource "aws_route53_record" "validation" { - count = var.create_certificate && var.validation_method == "DNS" && var.create_route53_records && var.validate_certificate ? length(local.distinct_domain_names) : 0 + count = local.create_certificate && var.validation_method == "DNS" && var.create_route53_records && var.validate_certificate ? length(local.distinct_domain_names) : 0 zone_id = var.zone_id name = element(local.validation_domains, count.index)["resource_record_name"] @@ -49,7 +51,7 @@ resource "aws_route53_record" "validation" { } resource "aws_acm_certificate_validation" "this" { - count = var.create_certificate && var.validation_method == "DNS" && var.validate_certificate && var.wait_for_validation ? 1 : 0 + count = local.create_certificate && var.validation_method == "DNS" && var.validate_certificate && var.wait_for_validation ? 1 : 0 certificate_arn = aws_acm_certificate.this[0].arn diff --git a/variables.tf b/variables.tf index 42c149a..92a10b0 100644 --- a/variables.tf +++ b/variables.tf @@ -80,3 +80,9 @@ variable "dns_ttl" { type = number default = 60 } + +variable "putin_khuylo" { + description = "Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo!" + type = bool + default = true +}