'Need to create two ALB modules using single terraform
I am new to terraform, I have a situation like need to deploy one source code into two different EC2.
Meaning i am creating module ALB. If I create single ALB module i am fine. When I try to attempt other ALB i am ruining issue and end up with “multiple certificate issue”
Can any one have example to create two ALb with different names using same certificates ?
below is the code snip for the reference:
module "alb" {
namespace = terraform.workspace
name = join("-", [local.name, "asg"])
vpc_cidr_code = lookup(var.awsacct_cidr_code, var.environment)
autoscaling = true
internal = true
autoscale_inst_type = "m5.large"
autoscale_min_size = 2
autoscale_max_size = 3
certificate_arn = data.aws_acm_certificate.xxx.arn
backend_lb_port = 9443
backend_lb_protocol = "HTTPS"
health_check_monitor_path = "/"
autoscale_health_check_grace_period = 600
health_check_interval = 300
health_check_timeout = 120
health_check_matcher = "200-499"
stickiness_enabled = false
tags = module.namespace.tags
autoscale_user_data = templatefile("{path.module}/user-data.tmpl",
{
environment = var.ENV_PROFILE,
keyarn = module.aws_ssl.certificate.arn
commitid = var.COMMIT_ID
secret = var.nodekey_secret[var.environment]
bucketname = var.deploy_bucket[var.environment]
bucketobject = local.name
ally_application_id = var.ally_application_id
}
)
}
module "alb-jobs" {
namespace = terraform.workspace
name = join("-", [local.name1, "asg"])
vpc_cidr_code = lookup(var.awsacct_cidr_code, var.environment)
autoscaling = true
internal = true
autoscale_inst_type = "m5.large"
autoscale_min_size = 1
autoscale_max_size = 1
certificate_arn = data.aws_acm_certificate.xxx.arn
backend_lb_port = 9443
backend_lb_protocol = "HTTPS"
health_check_monitor_path = "/"
autoscale_health_check_grace_period = 600
health_check_interval = 300
health_check_timeout = 120
health_check_matcher = "200-499"
stickiness_enabled = false
tags = module.namespace.tags
autoscale_user_data = templatefile("{path.module}/user-data-jobs.tmpl",
{
environment = var.ENV_PROFILE,
keyarn = module.aws_ssl.certificate.arn
commitid = var.COMMIT_ID
secret = var.nodekey_secret[var.environment]
bucketname = var.deploy_bucket[var.environment]
bucketobject = local.name1
ally_application_id = var.ally_application_id
}
)
}
Eg:
data "aws_acm_certificate" "xxx" {
domain = lookup(var.awsacct_domain, var.environment)
statuses = ["ISSUED"]
}
variable.tf file
awsacct_domain = {
default = "*.dev.xxx.com"
dev = "*.dev.xxx.com"
non-prod-dev = "*.dev.xxx.com"
qa = "*.qa.xxx.com"
cap = "*.cap.xxx.com"
psp = "*.psp.xxx.com"
prod = "*.prod.xxx.com"
}
Getting Error:
Error: Multiple certificates for domain "*.dev.xxx.com" found in this region
229 on main.tf line 5, in data "aws_acm_certificate" "xxx":
230 5: data "aws_acm_certificate" "xxx" {
Please help me to understand more.
Thanks in advance, Bala.
Solution 1:[1]
I have done mistake in the above code, I am try to creating two entries for data source, hence I am getting multiple certificates error. When I try to reuse the data source, it’s started working fine. Thanks to every on to make me understand.
Solution 2:[2]
The error message is quite clear. You have multiple certificates for that particular domain, so it cannot pick just one due to ambiguity. You may have to pass additional arguments to pick the specific certificate. Maybe you can try passing certificate type as well.
Or you can consider deleting the any unused certificate to remove ambiguity.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Balakrishna Tirumalasetti |
| Solution 2 | Technowise |