Run terraform 0.13upgrade

Problem: we'd like to use latest tf version, but the tf state uses 0.12 Solution: go back in time to tf 0.13.7 and apply `terraform 0.13upgrade` https://developer.hashicorp.com/terraform/language/v1.1.x/upgrade-guides/0-13 https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-3-upgrade#domain_validation_options-changed-from-list-to-set Meanwhile a small change was detected, but following the suggestion `terraform state mv 'aws_route53_record.cert_validation[0]' 'aws_route53_record.cert_validation["ghc.dev"]'` there was no change
serokell · Sep 29, 2023 · ecdb6b1 · ecdb6b1
1 parent 3c517aa
commit ecdb6b1
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 5 deletions.
diff --git a/deployment/main.tf b/deployment/main.tf
@@ -53,23 +53,39 @@ POLICY
     // page.
     //error_document = "404.html"
   }
+
+  server_side_encryption_configuration {
+    rule {
+      apply_server_side_encryption_by_default {
+        sse_algorithm = "AES256"
+      }
+    }
+  }
 }
 
 resource "aws_acm_certificate" "cert" {
   domain_name       = var.root_domain_name
   validation_method = "DNS"
 }
 resource "aws_route53_record" "cert_validation" {
-  name    = aws_acm_certificate.cert.domain_validation_options[0].resource_record_name
-  type    = aws_acm_certificate.cert.domain_validation_options[0].resource_record_type
+  for_each = {
+    for dvo in aws_acm_certificate.cert.domain_validation_options : dvo.domain_name  => {
+      name    = dvo.resource_record_name
+      record  = dvo.resource_record_value
+      type    = dvo.resource_record_type
+    }
+  }
+
+  name    = each.value.name
+  type    = each.value.type
   zone_id = aws_route53_zone.zone.zone_id
-  records = [aws_acm_certificate.cert.domain_validation_options[0].resource_record_value]
+  records = [each.value.record]
   ttl     = 60
 }
 
 resource "aws_acm_certificate_validation" "cert" {
   certificate_arn         = aws_acm_certificate.cert.arn
-  validation_record_fqdns = [aws_route53_record.cert_validation.fqdn]
+  validation_record_fqdns = [for record in aws_route53_record.cert_validation : record.fqdn]
 }
 resource "aws_cloudfront_distribution" "www_distribution" {
   // origin is where CloudFront gets its content from.

diff --git a/deployment/versions.tf b/deployment/versions.tf
@@ -1,4 +1,10 @@
 
 terraform {
-  required_version = ">= 0.12"
+  required_version = ">= 0.13"
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = "= 3.27.0"
+    }
+  }
 }