Allow management of ACM certs with SANs in multiple zones

[nitrocode]

what

• Allow management of ACM certs with SANs in multiple zones
• Add versions.tf to examples/complete

why

• This is useful for more complex certificates and validation of those certificates
• Workaround without this is to manage validation records outside of the module

resource "aws_route53_record" "default" {
  for_each = {
    for dvo in module.acm_certificate.domain_validation_options[0] : dvo.domain_name => {
      name   = dvo.resource_record_name
      record = dvo.resource_record_value
      type   = dvo.resource_record_type
    }
  }

  name    = each.value.name
  records = [each.value.record]
  type    = each.value.type
  zone_id = data.aws_route53_zone.default[local.domain_to_zone[each.key]].id
  ttl     = 300
}

references

• Closes Support SANs with multiple hosted zones #55
• Closes Update README.md and docs #60
• https://github.com/cloudposse/terraform-aws-route53-cluster-zone

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

/test all

[apanzerj]

@nitrocode seeing a weird error:

Domain: bar.com
Subdomain: foo.baz.bar.com
In v0.16.2 this apply worked just fine.

module "acm_request_certificate_east_coast" {
  source = "cloudposse/acm-request-certificate/aws"

  version         = "0.16.2"

  domain_name                       = "foo.baz.bar.com"
  process_domain_validation_options = true
  ttl                               = "300"
  subject_alternative_names         = ["*.foo.baz.bar.com", "*.bar.com"]

  providers = {
    aws = aws.use1
  }
}

Now in v0.17.0 it gives me an error saying it can’t find a zone for baz.bar.com which weird cuz, I don’t need that zone for anything.

edit: link to slack message too: https://sweetops.slack.com/archives/CB6GHNLG0/p1665521731064809

[nitrocode]

@apanzerj set bar.com as zone_name (or zone_id) and then both subject_alternative_names and the domain_name will use the same zone_id