You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Detect when someone tries to use a Token for a `domainName` in
`Certificate`, and require that they supply a validation domain when
that happens (necessary because we won't be able to properly calculate
the apex domain at CDK run time).
This does require that you use the exact same string in the
`validationDomains` map; since different instances of equivalent
tokens might evaluate to a different string, this requires that you
store the stringified token in a variable first.
Fixes#4232.
Detect when someone tries to use a Token for a `domainName` in
`Certificate`, and require that they supply a validation domain when
that happens (necessary because we won't be able to properly calculate
the apex domain at CDK run time).
This does require that you use the exact same string in the
`validationDomains` map; since different instances of equivalent
tokens might evaluate to a different string, this requires that you
store the stringified token in a variable first.
Fixes#4232.
This code:
import acm = require('@aws-cdk/aws-certificatemanager');
import cdk = require('@aws-cdk/core');
export class ExampleStack extends cdk.Stack {
constructor(app: cdk.App, id: string) {
super(app, id);
}
}
const app = new cdk.App();
new ExampleStack(app, 'ExampleApp');
app.synth();
Reproduction Steps
Running the above produces the following resource definition:
Resources:
Certificate4E7ABB08:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName:
Fn::Join:
- ""
- - application-dns.
- Fn::ImportValue: Route53ZoneDomain-rc0
DomainValidationOptions:
- DomainName:
Fn::Join:
- ""
- - application-dns.
- Fn::ImportValue: Route53ZoneDomain-rc0
ValidationDomain: 9]}
ValidationMethod: EMAIL
Metadata:
aws:cdk:path: ExampleStack/Certificate/Resource
CDKMetadata:
Type: AWS::CDK::Metadata
Properties:
Modules: aws-cdk=1.9.0,@aws-cdk/assets=1.9.0,@aws-cdk/aws-certificatemanager=1.9.0,@aws-cdk/aws-cloudformation=1.9.0,@aws-cdk/aws-cloudwatch=1.9.0,@aws-cdk/aws-ec2=1.9.0,@aws-cdk/aws-events=1.9.0,@aws-cdk/aws-iam=1.9.0,@aws-cdk/aws-kms=1.9.0,@aws-cdk/aws-lambda=1.9.0,@aws-cdk/aws-s3=1.9.0,@aws-cdk/aws-s3-assets=1.9.0,@aws-cdk/aws-sqs=1.9.0,@aws-cdk/aws-ssm=1.9.0,@aws-cdk/core=1.9.0,@aws-cdk/cx-api=1.9.0,@aws-cdk/region-info=1.9.0,jsii-runtime=node.js/v12.4.0
Bolded is the issue.
If I replace the import value with a string it all works as expected.
Resources:
Certificate4E7ABB08:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName: application-dns.dev.example.com
DomainValidationOptions:
- DomainName: application-dns.dev.example.com
ValidationDomain: example.com
ValidationMethod: EMAIL
Metadata:
aws:cdk:path: ExampleStack/Certificate/Resource
CDKMetadata:
Type: AWS::CDK::Metadata
Properties:
Modules: aws-cdk=1.9.0,@aws-cdk/assets=1.9.0,@aws-cdk/aws-certificatemanager=1.9.0,@aws-cdk/aws-cloudformation=1.9.0,@aws-cdk/aws-cloudwatch=1.9.0,@aws-cdk/aws-ec2=1.9.0,@aws-cdk/aws-events=1.9.0,@aws-cdk/aws-iam=1.9.0,@aws-cdk/aws-kms=1.9.0,@aws-cdk/aws-lambda=1.9.0,@aws-cdk/aws-s3=1.9.0,@aws-cdk/aws-s3-assets=1.9.0,@aws-cdk/aws-sqs=1.9.0,@aws-cdk/aws-ssm=1.9.0,@aws-cdk/core=1.9.0,@aws-cdk/cx-api=1.9.0,@aws-cdk/region-info=1.9.0,jsii-runtime=node.js/v12.4.0
Condition: CDKMetadataAvailable
Error Log
Environment
Other
This is 🐛 Bug Report
The text was updated successfully, but these errors were encountered: