Take a look at the following Terraform code block:
resource "aws_acm_certificate" "devcoops" {
domain_name = "devcoops.com"
subject_alternative_names = ["devcoops.com", "www.devcoops.com"]
validation_method = "DNS"
tags = {
Environment = "prod"
}
lifecycle {
create_before_destroy = true
}
}
So, you might be thinking what’s wrong with it? Obviously, at first sight it seems fine, but if you run terraform plan / apply, you will get prompted every single time for a resource recreation. For instance:
~ subject_alternative_names = [ # forces replacement
+ "devcoops.com",
"www.devcoops.com",
]
And there are two ways to handle it.
Prerequisites
- Terraform
Solution(s)
Solution no. 1
Never add the domain_name value as part of the subject_alternative_names list.
resource "aws_acm_certificate" "devcoops" {
domain_name = "devcoops.com"
subject_alternative_names = ["www.devcoops.com"]
...
Solution no. 2
Since subject_alternative_names is an optional argument, either remove it or leave it empty.
resource "aws_acm_certificate" "devcoops" {
domain_name = "devcoops.com"
subject_alternative_names = []
...
Conclusion
As always, if you can think of any alternative solution, feel free to write a comment below. On a side note, follow our official channel on Telegram.