From 58835a9fa4c1785cb791f890451abc1cbee1a915 Mon Sep 17 00:00:00 2001
From: Mateus Miranda <mateus.miranda@sumup.com>
Date: Thu, 28 Nov 2019 12:13:01 +0100
Subject: [PATCH] Fixing validation records when wildcard is present with
 alternative domains

---
 main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index 81d90d5..1f40903 100644
--- a/main.tf
+++ b/main.tf
@@ -3,7 +3,7 @@ locals {
   distinct_domain_names = distinct(concat([var.domain_name], [for s in var.subject_alternative_names : replace(s, "*.", "")]))
 
   // Copy domain_validation_options for the distinct domain names
-  validation_domains = var.create_certificate ? [for k, v in aws_acm_certificate.this[0].domain_validation_options : tomap(v) if contains(local.distinct_domain_names, v.domain_name)] : []
+  validation_domains = var.create_certificate ? [for k, v in aws_acm_certificate.this[0].domain_validation_options : tomap(v) if contains(local.distinct_domain_names, replace(v.domain_name, "*.", ""))] : []
 }
 
 resource "aws_acm_certificate" "this" {
@@ -21,7 +21,7 @@ resource "aws_acm_certificate" "this" {
 }
 
 resource "aws_route53_record" "validation" {
-  count = var.create_certificate && var.validation_method == "DNS" && var.validate_certificate ? length(local.distinct_domain_names) : 0
+  count = var.create_certificate && var.validation_method == "DNS" && var.validate_certificate ? length(local.distinct_domain_names)+1 : 0
 
   zone_id = var.zone_id
   name    = element(local.validation_domains, count.index)["resource_record_name"]