Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
@aws-cdk/aws-certificatemanager.Certification to support Global certificate creation
See original GitHub issue-
I’m submitting a …
- 🪲 bug report
- 🚀 feature request
- 📚 construct library gap
- ☎️ security issue or vulnerability => Please see policy
- ❓ support request => Please see note at the top of this template.
-
What is the current behaviour?
When creating a certificate like:
const certificate = new certificatemanager.Certificate(this, `${domain}-cert`, {
domainName: domain,
validationMethod: certificatemanager.ValidationMethod.DNS,
subjectAlternativeNames: [`www.${domain}`]
})
The certificate is created in the region specified in the profile.
- What is the expected behavior (or behavior of feature suggested)?
As is with the ability to specify whether the certificate should be global - i.e. for CloudFront - or adding the ability to customise the region, though this option seems overkill.
- What is the motivation / use case for changing the behaviour or adding this feature?
Would like to create an ACM Certificate for a domain not yet managed via Route53 - so not able to leverage DnsValidatedCertificate, where region can be specified - in order to provision CloudFront in front of an S3 bucket.
-
Please tell us about your environment:
- CDK CLI Version: 1.3.0
- Module Version: 1.3.0
- OS: OSX Mojave
- Language: JavaScript
-
Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. associated pull-request, stackoverflow, gitter, etc)
Related to https://github.com/aws/aws-cdk/issues/3464
Issue Analytics
- State:
- Created 4 years ago
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
We are unfortunately not able to create regular
Certificates in a different region. The only reason we can inDnsValidatedCertificateis because that is a custom resource.You could automate this by writing your own custom resource, and you could share your implementation with others via NPM, but I’m not sure the base construct library is a place for a resource that does this.
So I find this really weird, I do everything via CDK, in region AP-southeast-2, and now I noticed that creating the Certificate and linking it to my cloudfront doesnt work, because the CDK will create the certificate in the region of the profile used during deploy. But it needs to be US-EAST-1.
Since I do all this in CDK, it doesn’t make sense to give this example in https://docs.aws.amazon.com/cdk/api/latest/docs/aws-certificatemanager-readme.html. This would only for for customers working in US-EAST-1 region, not the rest of the world.
Is it an idea to add a
regionproperty to thenew Certificateclass so that we can automate it and create the certificate in the correct region? I now have to manually issue the certificate 😦