1 files changed, 24 insertions, 9 deletions

diff --git a/bliki.tf b/bliki.tf
index 1777e3f..3bdcd7d 100644
--- a/bliki.tf
+++ b/bliki.tf
@@ -19,15 +19,19 @@ provider "aws" {
 resource "aws_s3_bucket" "bliki" {
   bucket = "grimoire.ca"
 
-  website {
-    index_document = "index.html"
-  }
-
   tags = {
     Project = "bliki"
   }
 }
 
+resource "aws_s3_bucket_website_configuration" "bliki" {
+  bucket = aws_s3_bucket.bliki.id
+
+  index_document {
+    suffix = "index.html"
+  }
+}
+
 resource "aws_s3_bucket_policy" "bliki" {
   bucket = aws_s3_bucket.bliki.id
   policy = <<POLICY
@@ -62,12 +66,23 @@ resource "aws_acm_certificate" "bliki" {
 }
 
 resource "aws_route53_record" "bliki_validation" {
+  for_each = {
+    for dvo in aws_acm_certificate.bliki.domain_validation_options :
+      dvo.domain_name => {
+        name   = dvo.resource_record_name
+        record = dvo.resource_record_value
+        type   = dvo.resource_record_type
+      }
+  }
+
   zone_id = data.aws_route53_zone.grimoire_ca.zone_id
-  ttl = 60
-  name = aws_acm_certificate.bliki.domain_validation_options[0].resource_record_name
-  type = aws_acm_certificate.bliki.domain_validation_options[0].resource_record_type
+
+  ttl  = 60
+  name = each.value.name
+  type = each.value.type
+
   records = [
-    aws_acm_certificate.bliki.domain_validation_options[0].resource_record_value,
+    each.value.record,
   ]
 }
 
@@ -88,7 +103,7 @@ resource "aws_cloudfront_distribution" "bliki" {
 
     # Use the website endpoint, not the bucket endpoint, to get / -> /index.html
     # translation through S3's website config.
-    domain_name = aws_s3_bucket.bliki.website_endpoint
+    domain_name = aws_s3_bucket_website_configuration.bliki.website_endpoint
 
     custom_origin_config {
       http_port = 80