serverless-domain-manager icon indicating copy to clipboard operation
serverless-domain-manager copied to clipboard

Published 20 hours ago verified publisher icon amplify-education

Does certificateArn variable support IAM certficate Arn?

Open ChihSeanHsu opened this issue 4 years ago • 1 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Support Question

Question As mentioned in title, I have tried to use IAM certificate Arn to create domain, but serverless cannot create it.

Command Run `sls create_domain --stage staging --region eu-central-1

Console Output

Serverless: [AWS apigatewayv2 404 1.507s 0 retries] getDomainName({ DomainName: 'new-api-emea.abc-stg.com' })
Serverless Domain Manager: Error: new-api-emea.abc-stg.com:  NotFoundException: Invalid domain name identifier specified
Serverless: Selected specific certificateArn arn:aws:iam::122222222:server-certificate/abc_non_prod-2022
Serverless: [AWS apigateway 400 1.024s 0 retries] createDomainName({ domainName: 'new-api-emea.abc-stg.com',
  endpointConfiguration: { types: [ 'EDGE', [length]: 1 ] },
  securityPolicy: 'TLS_1_2',
  certificateArn:
   'arn:aws:iam::122222222:server-certificate/abc_non_prod-2022' })
Serverless Domain Manager: Error: new-api-emea.abc-stg.com:  BadRequestException: Invalid certificate ARN: arn:aws:iam::122222222:server-certificate/abc_non_prod-2022. Vendor should be 'acm'
Serverless Domain Manager: Error:new-api-emea.abc-stg.com:  Error: Error: Failed to create custom domain new-api-emea.abc-stg.com

 
  Error --------------------------------------------------
 
  Error: Error: Unable to create domain new-api-emea.abc-stg.com

Domain Manager Configuration Replace this with your own serverless.yml file (anonymized, of course) to help us better resolve your issue.

custom:
  customDomain:
    domainName: new-api-${self:custom.regionMapping.${self:provider.region}}.${self:custom.domainName.${self:provider.stage}}
    hostedZoneId: ${self:custom.route53HostZoneId.${self:provider.stage}}
    stage: ${self:provider.stage}
    certificateArn: ${self:custom.acmCertArn.${self:provider.stage}}
    createRoute53Record: true

Versions

  • Domain Manager version(s): 4.2.0
  • Node/npm version: Node v10.16.3/ npm 6.9.0
  • Serverless Version: 1.70.0
  • Lambda Code: python

Additional context/Screenshots Add any other context about the problem here. If applicable, add screenshots to help explain.

ChihSeanHsu avatar Jul 23 '20 03:07 ChihSeanHsu

Using a certificate Arn worked for me in 4.2.0, I didn't have a custom hostedZoneId specified, that's the only difference between our configs.

jdelaune avatar Aug 07 '20 09:08 jdelaune

Hi @ChihSeanHsu

Hope you have solved this issue. But It should be a certificate ARN specified.

We are not supporting version 4.x anymore please try our latest version 6.x and let us know in case of any issues

rddimon avatar Feb 06 '23 20:02 rddimon