Dependency between ACM certificate and CloudFront distribution modules

41 Views Asked by At

I'm using a couple of modules in my Terraform configuration: acm_certificate and cloudfront_distribution. I want to create the CloudFront distribution only when the certificate has been validated. For some reasons, certificate must be validated manually.

module "acm_certificate" {
  //params
}

module "cloudfront_distribution" {
  //params
}

Currently, I proceed this way:

  1. Plan/apply certificate with -target=module.acm_certificate
  2. Validate certificate
  3. Run full plan/apply. Here, CloudFront distribution is created

Is it possible to change the config so I just have to run two full plan/apply without -target?

I tried this:

module "acm_certificate" {
  //params
}

module "cloudfront_distribution" {
  //params

  count  = module.acm_certificate.status == "PENDING_VALIDATION" ? 0 : 1
  depends_on = [module.acm_certificate]
}

But I got this error:

The "count" value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many instances will be created. To work around this, use the -target argument to first apply only the resources that the count depends on.

It seems depends_on does not work as I expected. Is there a way to do what I want?

0

There are 0 best solutions below