refactor(modules/acm): remove configuration for private ca issued certificates

Author: saumitra-dev

README.md

@@ -37,7 +37,6 @@ Terraform module to deploy production-ready applications and services on an exis
 |------|-------------|------|---------|:--------:|
 | <a name="input_acm_amazon_issued_certificates"></a> [acm\_amazon\_issued\_certificates](#input\_acm\_amazon\_issued\_certificates) | Amazon-issued ACM certificates to create | `any` | `{}` | no |
 | <a name="input_acm_imported_certificates"></a> [acm\_imported\_certificates](#input\_acm\_imported\_certificates) | Imported ACM certificates to create | `any` | `{}` | no |
-| <a name="input_acm_private_ca_issued_certificates"></a> [acm\_private\_ca\_issued\_certificates](#input\_acm\_private\_ca\_issued\_certificates) | Private CA Issued ACM certificates to create | `any` | `{}` | no |
 | <a name="input_capacity_provider_default_auto_scaling_group_arn"></a> [capacity\_provider\_default\_auto\_scaling\_group\_arn](#input\_capacity\_provider\_default\_auto\_scaling\_group\_arn) | Default Autoscaling Group to use with the Capacity Providers | `string` | `null` | no |
 | <a name="input_capacity_providers"></a> [capacity\_providers](#input\_capacity\_providers) | Capacity Providers to create for use within the ECS Cluster | `any` | `{}` | no |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the ECS Cluster to use with the ECS Service | `string` | n/a | yes |
@@ -70,6 +69,4 @@ Terraform module to deploy production-ready applications and services on an exis
 | <a name="output_ecs_service_arn"></a> [ecs\_service\_arn](#output\_ecs\_service\_arn) | ARN of the ECS Service |
 | <a name="output_ecs_task_definition_arn"></a> [ecs\_task\_definition\_arn](#output\_ecs\_task\_definition\_arn) | ARN of the ECS Task Definition |
 | <a name="output_imported_acm_certificates_arns"></a> [imported\_acm\_certificates\_arns](#output\_imported\_acm\_certificates\_arns) | ARNs of the Imported ACM certificates |
-| <a name="output_private_ca_issued_acm_certificates_arns"></a> [private\_ca\_issued\_acm\_certificates\_arns](#output\_private\_ca\_issued\_acm\_certificates\_arns) | ARNs of the Private CA issued ACM certificates |
-| <a name="output_private_ca_issued_acm_certificates_validation_records"></a> [private\_ca\_issued\_acm\_certificates\_validation\_records](#output\_private\_ca\_issued\_acm\_certificates\_validation\_records) | Validation Records of the Private CA issued ACM certificates |
 <!-- END_TF_DOCS -->

main.tf

@@ -336,7 +336,6 @@ module "acm" {
 
   count = var.create_acm ? 1 : 0
 
-  amazon_issued_certificates     = try(var.acm_amazon_issued_certificates, {})
-  imported_certificates          = try(var.acm_imported_certificates, {})
-  private_ca_issued_certificates = try(var.acm_private_ca_issued_certificates, {})
+  amazon_issued_certificates = try(var.acm_amazon_issued_certificates, {})
+  imported_certificates      = try(var.acm_imported_certificates, {})
 }

modules/acm/README.md

@@ -23,15 +23,13 @@ No modules.
 |------|------|
 | [aws_acm_certificate.amazon_issued](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
 | [aws_acm_certificate.imported](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
-| [aws_acm_certificate.private_ca_issued](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_amazon_issued_certificates"></a> [amazon\_issued\_certificates](#input\_amazon\_issued\_certificates) | List of Amazon-issued certificates to ACM create | <pre>map(object({<br>    domain_name               = string<br>    subject_alternative_names = optional(list(string), [])<br>    validation_method         = optional(string, null)<br>    key_algorithm             = optional(string, null)<br>    options = optional(object({<br>      certificate_transparency_logging_preference = optional(string, null)<br>    }))<br>    validation_option = optional(object({<br>      domain_name       = string<br>      validation_domain = string<br>    }))<br>    tags = optional(map(any), {})<br>  }))</pre> | `{}` | no |
 | <a name="input_imported_certificates"></a> [imported\_certificates](#input\_imported\_certificates) | List of imported certificates to use to create ACM certificates | <pre>map(object({<br>    private_key       = string<br>    certificate_body  = string<br>    certificate_chain = optional(string, null)<br>    tags              = optional(map(any), {})<br>  }))</pre> | `{}` | no |
-| <a name="input_private_ca_issued_certificates"></a> [private\_ca\_issued\_certificates](#input\_private\_ca\_issued\_certificates) | List of Private CA issued certificates to use to create ACM certificates | <pre>map(object({<br>    certificate_authority_arn = string<br>    domain_name               = string<br>    early_renewal_duration    = optional(string, null)<br>    tags                      = optional(map(any), {})<br>  }))</pre> | `{}` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Resource Tags to use with the created ACM certificates | `map(any)` | `{}` | no |
 
 ## Outputs
@@ -41,6 +39,4 @@ No modules.
 | <a name="output_amazon_issued_acm_certificates_arns"></a> [amazon\_issued\_acm\_certificates\_arns](#output\_amazon\_issued\_acm\_certificates\_arns) | ARNs of the Amazon issued ACM certificates |
 | <a name="output_amazon_issued_acm_certificates_validation_records"></a> [amazon\_issued\_acm\_certificates\_validation\_records](#output\_amazon\_issued\_acm\_certificates\_validation\_records) | Validation Records of the Amazon issued ACM certificates |
 | <a name="output_imported_acm_certificates_arns"></a> [imported\_acm\_certificates\_arns](#output\_imported\_acm\_certificates\_arns) | ARNs of the Imported ACM certificates |
-| <a name="output_private_ca_issued_acm_certificates_arns"></a> [private\_ca\_issued\_acm\_certificates\_arns](#output\_private\_ca\_issued\_acm\_certificates\_arns) | ARNs of the Private CA issued ACM certificates |
-| <a name="output_private_ca_issued_acm_certificates_validation_records"></a> [private\_ca\_issued\_acm\_certificates\_validation\_records](#output\_private\_ca\_issued\_acm\_certificates\_validation\_records) | Validation Records of the Private CA issued ACM certificates |
 <!-- END_TF_DOCS -->

modules/acm/main.tf

@@ -51,21 +51,3 @@ resource "aws_acm_certificate" "imported" {
 
   tags = merge(var.tags, each.value.tags)
 }
-
-################################################################################
-# ACM Private CA issued certificates
-################################################################################
-
-resource "aws_acm_certificate" "private_ca_issued" {
-  for_each = var.private_ca_issued_certificates
-
-  certificate_authority_arn = each.value.certificate_authority_arn
-  domain_name               = each.value.domain_name
-  early_renewal_duration    = each.value.early_renewal_duration
-
-  lifecycle {
-    create_before_destroy = true
-  }
-
-  tags = merge(var.tags, each.value.tags)
-}

modules/acm/outputs.tf

@@ -31,28 +31,3 @@ output "imported_acm_certificates_arns" {
   description = "ARNs of the Imported ACM certificates"
   value       = { for k, v in aws_acm_certificate.imported : k => v.arn }
 }
-
-################################################################################
-# ACM Private CA issued certificates
-################################################################################
-
-output "private_ca_issued_acm_certificates_arns" {
-  description = "ARNs of the Private CA issued ACM certificates"
-  value       = { for k, v in aws_acm_certificate.private_ca_issued : k => v.arn }
-}
-
-output "private_ca_issued_acm_certificates_validation_records" {
-  description = "Validation Records of the Private CA issued ACM certificates"
-  value = {
-    for k, v in aws_acm_certificate.private_ca_issued :
-    k => [
-      for record in v.domain_validation_options :
-      {
-        name   = record.resource_record_name
-        type   = record.resource_record_type
-        value  = record.resource_record_value
-        domain = record.domain_name
-      }
-    ]
-  }
-}

modules/acm/variables.tf

@@ -32,17 +32,6 @@ variable "imported_certificates" {
   default = {}
 }
 
-variable "private_ca_issued_certificates" {
-  description = "List of Private CA issued certificates to use to create ACM certificates"
-  type = map(object({
-    certificate_authority_arn = string
-    domain_name               = string
-    early_renewal_duration    = optional(string, null)
-    tags                      = optional(map(any), {})
-  }))
-  default = {}
-}
-
 variable "tags" {
   description = "Resource Tags to use with the created ACM certificates"
   type        = map(any)

outputs.tf

@@ -35,16 +35,6 @@ output "imported_acm_certificates_arns" {
   value       = try(module.acm[0].imported_acm_certificates_arns, null)
 }
 
-output "private_ca_issued_acm_certificates_arns" {
-  description = "ARNs of the Private CA issued ACM certificates"
-  value       = try(module.acm[0].private_ca_issued_acm_certificates_arns, null)
-}
-
-output "private_ca_issued_acm_certificates_validation_records" {
-  description = "Validation Records of the Private CA issued ACM certificates"
-  value       = try(module.acm[0].private_ca_issued_acm_certificates_validation_records, null)
-}
-
 ################################################################################
 # Application Load Balancer
 ################################################################################

variables.tf

@@ -91,9 +91,3 @@ variable "acm_imported_certificates" {
   type        = any
   default     = {}
 }
-
-variable "acm_private_ca_issued_certificates" {
-  description = "Private CA Issued ACM certificates to create"
-  type        = any
-  default     = {}
-}