-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws_api_gateway_domain_name: uploading certificates is not supported for REGIONAL. #6936
Comments
Hi @senfbrot 👋 Sorry for any confusion. This is a limitation of API Gateway, depending on which region you are in: https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html
We should probably change the note about ACM in our resource documentation to include this specific information as well. |
Hi @bflad thanks for the update. In my case the region is |
The API Gateway functionality for uploading certificates predates ACM: https://aws.amazon.com/about-aws/whats-new/2017/03/amazon-api-gateway-integrates-with-aws-certificate-manager-acm/ If I had to guess since its not called out in the AWS documentation, certificate uploading in API Gateway is implemented via IAM Server Certificates. The certificate name, body, etc. parameters are marked deprecated in the API Reference. To support the workflow you mention above in the Terraform AWS provider, we'll need to merge in ACM certificate import support like #5453. |
This can also be verified via the AWS CLI: https://docs.aws.amazon.com/cli/latest/reference/apigateway/create-domain-name.html |
…f ACM vs IAM certificate usage References: * #6936 * #6635 * https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html Previously, the Terraform AWS Provider did not support importing/uploading certificates into ACM. With this newer functionality, we can authoritatively point operators to the `aws_acm_certificate` resource. We also try to clarify that ACM certificates should be used instead of directly uploading certificates (IAM) where ACM is supported.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
Terraform Version
Affected Resource(s)
Terraform Configuration Files
Simply taken from the example in https://www.terraform.io/docs/providers/aws/r/api_gateway_domain_name.html#regional-uploaded-certificate-, section
Regional (Uploaded Certificate)
Expected Behavior
Either that
or
Actual Behavior
Steps to Reproduce
terraform apply
References
The text was updated successfully, but these errors were encountered: