Output RDS certs

2024-12-23 22:52:29 +01:00 · 2024-12-23 22:52:29 +01:00 · 1a93e848da
commit 1a93e848da
parent d652ec8fd5
1 changed files with 16 additions and 3 deletions
--- a/cloud/aws/rds_serverless/rds.tf
+++ b/cloud/aws/rds_serverless/rds.tf
@ -51,6 +51,11 @@ resource "aws_rds_cluster" "cluster" {
  )
 }

+data "aws_rds_certificate" "default" {
+  id                = aws_rds_cluster_instance.instance.ca_cert_identifier
+  latest_valid_till = true
+}
+
 resource "aws_rds_cluster_instance" "instance" {
  cluster_identifier   = aws_rds_cluster.cluster.id
  identifier_prefix    = "${local.sanitised_name}-"
@ -88,8 +93,16 @@ resource "aws_rds_cluster_endpoint" "endpoint" {
  )
 }

+data "http" "cert_data" {
+  url = "https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem"
+}
+
 output "endpoints" {
-  value = {
-    for key, endpoint in aws_rds_cluster_endpoint.endpoint : key => endpoint.endpoint
-  }
+  value = aws_rds_cluster_endpoint.endpoint
+}
+output "cert" {
+  value = data.aws_rds_certificate.default
+}
+output "cert_data" {
+  value = data.http.cert_data.response_body
 }