Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

acm.Certificate is having issues getting values for ValidationDomain (e.g. '9]}') with imported values #4232

Closed
ghost opened this issue Sep 25, 2019 · 0 comments · Fixed by #4251
Closed

acm.Certificate is having issues getting values for ValidationDomain (e.g. '9]}') with imported values #4232

ghost opened this issue Sep 25, 2019 · 0 comments · Fixed by #4251
Assignees
@rix0rrr
Labels
@aws-cdk/aws-certificatemanager Related to Amazon Certificate Manager bug This issue is a bug.

Comments

@ghost
Copy link

ghost commented Sep 25, 2019

This code:
import acm = require('@aws-cdk/aws-certificatemanager');
import cdk = require('@aws-cdk/core');

export class ExampleStack extends cdk.Stack {
constructor(app: cdk.App, id: string) {
super(app, id);

 const certificate = new acm.Certificate(this, 'Certificate', {
  domainName: "application-dns." + cdk.Fn.importValue('Route53ZoneDomain'),
  validationMethod: acm.ValidationMethod.EMAIL,
})

certificate.certificateArn

}
}

const app = new cdk.App();
new ExampleStack(app, 'ExampleApp');
app.synth();

Reproduction Steps

Running the above produces the following resource definition:

Resources:
Certificate4E7ABB08:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName:
Fn::Join:
- ""
- - application-dns.
- Fn::ImportValue: Route53ZoneDomain-rc0
DomainValidationOptions:
- DomainName:
Fn::Join:
- ""
- - application-dns.
- Fn::ImportValue: Route53ZoneDomain-rc0
ValidationDomain: 9]}
ValidationMethod: EMAIL
Metadata:
aws:cdk:path: ExampleStack/Certificate/Resource
CDKMetadata:
Type: AWS::CDK::Metadata
Properties:
Modules: aws-cdk=1.9.0,@aws-cdk/assets=1.9.0,@aws-cdk/aws-certificatemanager=1.9.0,@aws-cdk/aws-cloudformation=1.9.0,@aws-cdk/aws-cloudwatch=1.9.0,@aws-cdk/aws-ec2=1.9.0,@aws-cdk/aws-events=1.9.0,@aws-cdk/aws-iam=1.9.0,@aws-cdk/aws-kms=1.9.0,@aws-cdk/aws-lambda=1.9.0,@aws-cdk/aws-s3=1.9.0,@aws-cdk/aws-s3-assets=1.9.0,@aws-cdk/aws-sqs=1.9.0,@aws-cdk/aws-ssm=1.9.0,@aws-cdk/core=1.9.0,@aws-cdk/cx-api=1.9.0,@aws-cdk/region-info=1.9.0,jsii-runtime=node.js/v12.4.0

Bolded is the issue.

If I replace the import value with a string it all works as expected.

Resources:
Certificate4E7ABB08:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName: application-dns.dev.example.com
DomainValidationOptions:
- DomainName: application-dns.dev.example.com
ValidationDomain: example.com
ValidationMethod: EMAIL
Metadata:
aws:cdk:path: ExampleStack/Certificate/Resource
CDKMetadata:
Type: AWS::CDK::Metadata
Properties:
Modules: aws-cdk=1.9.0,@aws-cdk/assets=1.9.0,@aws-cdk/aws-certificatemanager=1.9.0,@aws-cdk/aws-cloudformation=1.9.0,@aws-cdk/aws-cloudwatch=1.9.0,@aws-cdk/aws-ec2=1.9.0,@aws-cdk/aws-events=1.9.0,@aws-cdk/aws-iam=1.9.0,@aws-cdk/aws-kms=1.9.0,@aws-cdk/aws-lambda=1.9.0,@aws-cdk/aws-s3=1.9.0,@aws-cdk/aws-s3-assets=1.9.0,@aws-cdk/aws-sqs=1.9.0,@aws-cdk/aws-ssm=1.9.0,@aws-cdk/core=1.9.0,@aws-cdk/cx-api=1.9.0,@aws-cdk/region-info=1.9.0,jsii-runtime=node.js/v12.4.0
Condition: CDKMetadataAvailable

Error Log

Environment

  • CLI Version :
  • Framework Version: 1.9.0
  • OS MacOS :
  • Language :Typescript

Other

This is 🐛 Bug Report
@ghost ghost added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Sep 25, 2019
@SomayaB SomayaB added the @aws-cdk/aws-certificatemanager Related to Amazon Certificate Manager label Sep 25, 2019
@rix0rrr rix0rrr removed the needs-triage This issue or PR still needs to be triaged. label Sep 26, 2019
rix0rrr added a commit that referenced this issue Sep 26, 2019
@rix0rrr
fix(acm): support Tokens for domainName in Certificate
e312548 
Detect when someone tries to use a Token for a `domainName` in
`Certificate`, and require that they supply a validation domain when
that happens (necessary because we won't be able to properly calculate
the apex domain at CDK run time).

This does require that you use the exact same string in the
`validationDomains` map; since different instances of equivalent
tokens might evaluate to a different string, this requires that you
store the stringified token in a variable first.

Fixes #4232.
@rix0rrr rix0rrr mentioned this issue Sep 26, 2019
Merged
@mergify mergify bot closed this as completed in #4251 Sep 27, 2019
mergify bot pushed a commit that referenced this issue Sep 27, 2019
@rix0rrr @mergify
fix(acm): support Tokens for domainName in Certificate (#4251)
ee1283d 
Detect when someone tries to use a Token for a `domainName` in
`Certificate`, and require that they supply a validation domain when
that happens (necessary because we won't be able to properly calculate
the apex domain at CDK run time).

This does require that you use the exact same string in the
`validationDomains` map; since different instances of equivalent
tokens might evaluate to a different string, this requires that you
store the stringified token in a variable first.

Fixes #4232.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rix0rrr rix0rrr

Labels
@aws-cdk/aws-certificatemanager Related to Amazon Certificate Manager bug This issue is a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(acm): support Tokens for domainName in Certificate aws/aws-cdk
2 participants
@rix0rrr @SomayaB