Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(certificatemanager): DnsValidatedCertificate: Tokens in the domainName property break cdk deploy #15925

Closed
piotrekwitkowski opened this issue Aug 6, 2021 · 2 comments
Closed

(certificatemanager): DnsValidatedCertificate: Tokens in the domainName property break cdk deploy #15925

piotrekwitkowski opened this issue Aug 6, 2021 · 2 comments
Assignees
@njlynch
Labels
@aws-cdk/aws-certificatemanager Related to Amazon Certificate Manager bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.

Comments

@piotrekwitkowski
Copy link

piotrekwitkowski commented Aug 6, 2021
edited

For the DnsValidatedCertificate construct, tokens within the domainName property break the cdk deploy with the following error:

Received response status [FAILED] from custom resource. Message returned: 1 validation error detected:
Value '{{resolve:secretsmanager:arn:aws:secretsmanager:eu-central-1:123456789012:secret:DOMAIN_NAME:SecretString:::}}'
at 'domainName' failed to satisfy constraint: Member must satisfy regular expression pattern:
^(\*\.)?(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$
(RequestId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)

Reproduction Steps

// in stack
const hostedZone = HostedZone.fromHostedZoneAttributes(this, 'HostedZone', {
  hostedZoneId: hostedZoneId,
  zoneName: hostedZoneName
});

const domainNameSecret = Secret.fromSecretNameV2(this, 'DomainName', DOMAIN_NAME);
const domainName = domainNameSecret.secretValue.toString();

new DnsValidatedCertificate(this, 'Certificate', {
  hostedZone: hostedZone,
  domainName: domainName,
})

What did you expect to happen?

I wanted to get a (wildcard) certificate for my hosted zone and domain name and be able to use tokens for the domainName, the same way I'm using it for the hostedZoneId and hostedZoneName. There was a similar issue with hostedZone

What actually happened?

I got the error.

Environment

  • CDK CLI Version: 2.0.0-rc.16 (build dba3421)
  • Framework Version:
  • Node.js Version: v14.17.3
  • OS: Amazon Linux
  • Language (Version): TypeScript (4.3.5)

This is 🐛 Bug Report
@piotrekwitkowski piotrekwitkowski added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 6, 2021
@piotrekwitkowski piotrekwitkowski changed the title DnsValidatedCertificate: Tokens in the domainName property break cdk synth (certificatemanager): DnsValidatedCertificate: Tokens in the domainName property break cdk synth Aug 6, 2021
@github-actions github-actions bot added the @aws-cdk/aws-certificatemanager Related to Amazon Certificate Manager label Aug 6, 2021
@piotrekwitkowski piotrekwitkowski changed the title (certificatemanager): DnsValidatedCertificate: Tokens in the domainName property break cdk synth (certificatemanager): DnsValidatedCertificate: Tokens in the domainName property break cdk deploy Aug 6, 2021
@piotrekwitkowski piotrekwitkowski mentioned this issue Aug 6, 2021
Closed
@njlynch
Copy link
Contributor

njlynch commented Aug 16, 2021

Same issue as #15926, with the same resolution. (CloudFormation doesn't currently support dynamic references + custom resources).

@njlynch njlynch closed this as completed Aug 16, 2021
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@njlynch njlynch

Labels
@aws-cdk/aws-certificatemanager Related to Amazon Certificate Manager bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@njlynch @piotrekwitkowski