Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support multiple regions - particularly CloudFront certificates (via stacks?) #565

Open
0xdevalias opened this issue Sep 6, 2018 · 4 comments

Comments

@0xdevalias
Copy link

@0xdevalias 0xdevalias commented Sep 6, 2018

Since CloudFormation is tied to a single region, if I want to deploy in somewhere like ap-southeast-2 then I'm unable to do things within the same template for a different region (eg. us-east-1). This becomes an issue when I want to create a certificate for a non-regional CloudFront distribution (which has to be created in us-east-1), certificates in non-regional API Gateway, etc.

I expect it would be possible to do this using stacks and exports (or manually.. of course), but not sure if/how I would do this in a 'SAM friendly' way.

If this is already possible, perhaps some documentation/an example of how to do this would be useful?

My current workaround is just to use regional certificates for API Gateway.

@txase
Copy link
Contributor

@txase txase commented Sep 6, 2018

We (https://stackery.io) use custom resources to provision CloudFront certificates in us-east-1 even if the stack is created elsewhere. It's probably overkill to include into SAM directly, but it's your best bet for doing non-us-east-1 stacks with CloudFront distributions.

Feel free to reach me at chase@stackery.io if you want any details about how we do it. Or feel free to try Stackery, see how we do it, and replicate the functionality yourself.

@0xdevalias
Copy link
Author

@0xdevalias 0xdevalias commented Sep 6, 2018

I was actually thinking that the custom resource route was going to be the way to go given the current state of things, though haven’t invested the time to explore that/contrast against what a stack based deploy might look like.

@brettstack
Copy link
Contributor

@brettstack brettstack commented Sep 8, 2018

@0xdevalias one way to accomplish this is to have a CloudFormation stack in us-east-1 which creates your certificate, and then use Fn::ImportValue https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-importvalue.html to reference it in your stack in ap-southeast-2.

@0xdevalias
Copy link
Author

@0xdevalias 0xdevalias commented Sep 8, 2018

That was what I was thinking as well.. though hadn't yet explored whether I could deploy an entire 'stack' in a single SAM deploy.

ShreyaGangishetty pushed a commit to ShreyaGangishetty/serverless-application-model that referenced this issue Dec 24, 2019
ShreyaGangishetty pushed a commit to ShreyaGangishetty/serverless-application-model that referenced this issue Dec 24, 2019
* fix: Functional tests must run on localhost to work in Windows (aws#552)

* fix: spacing typo in Log statement in start-lambda (aws#559)

* docs: Fix syntax highlighting in README.md (aws#561)

* docs: Change jest to mocha in Nodejs init README (aws#564)

* docs: Fix @mhart link in README (aws#562)

* docs(README): removed cloudtrail, added SNS to generate-event (aws#569)

* docs: Update repo name references (aws#577)

* feat(debugging): Fixing issues around debugging Golang functions. (aws#565)

* fix(init): Improve current init samples around docs and fixes (aws#558)

* docs(README): Update launch config to SAM CLI from SAM Local (aws#587)

* docs(README): Update sample code for calling Local Lambda Invoke (aws#584)

* refactor(init): renamed handler for camel case, moved callback call up (aws#586)

* chore: aws-lambda-java-core 1.1.0 -> 1.2.0 for java sam init (aws#578)

* feat(validate): Add profile and region options (aws#582)

Currently, `sam validate` requires AWS Creds (due to the SAM Translator).
This commits adds the ability to pass in the credientials through a profile
that is configured through `aws configure`.

* docs(README): Update README prerequisites to include awscli (aws#596)

* fix(start-lambda): Remove Content-Type Header check (aws#594)

* docs: Disambiguation "Amazon Kinesis" (aws#599)

* docs: Adding instructions for how to add pyenv to your PATH for Windows (aws#600)

* docs: Update README with small grammar fix (aws#601)

* fix: Update link in NodeJS package.json (aws#603)

* docs: Creating instructions for Windows users to install sam (aws#605)

* docs: Adding a note directing Windows users to use pipenv (aws#606)

* fix: Fix stringifying λ environment variables when using Python2 (aws#579)

* feat(generate-event): Added support for 50+ events (aws#612)

* feat(invoke): Add region parameter to all invoke related commands (aws#608)

* docs: Breaking up README into separate files to make it easier to read (aws#607)

* chore: Update JVM size params to match docker-lambda (aws#615)

* feat(invoke): Invoke Function Without Parameters through --no-event (aws#604)

* docs: Update advanced_usage.rst with clarification on --env-vars usage (aws#610)

* docs: Remove an extra word in the sam packaging command (aws#618)

* UX: Improves event names to reflect Lambda Event Sources (aws#619)

* docs: Fix git clone typo in installation docs (aws#630)

* docs(README): Callout go1.x runtime support (aws#631)

* docs(installation): Update sam --version command (aws#634)

* chore(0.6.0): SAM CLI Version bump (aws#635)
yvele added a commit to yvele/aws-cfn-custom-resource-lambda-edge that referenced this issue Jun 15, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants