search

amplify-education / serverless-domain-manager

Serverless plugin for managing custom domains with API Gateways.
MIT License
941 stars 232 forks source link

Cross-account certificate references are not allowed #571

Closed nonoodles closed 1 year ago

nonoodles commented 1 year ago

Community Note

Bug Report

Error Description create_domain throws error Cross-account certificate references are not allowed.

Command Run sls create_domain

Console Output

λ sls create_domain --verbose
Running "serverless" from node_modules
Warning: V1 - 'api.foo.com' does not exist.
Environment: win32, node 16.17.1, framework 3.29.0 (local) 3.29.0v (global), plugin 6.2.3, SDK 4.3.2
Docs:        docs.serverless.com
Support:     forum.serverless.com
Bugs:        github.com/serverless/serverless/issues

Error:
Error: Unable to create domain 'api.foo.com':
V1 - Failed to create custom domain 'api.foo.com':
Invalid certificate ARN: arn:aws:acm:af-south-1:****. Cross-account certificate references are not allowed.
    at ServerlessCustomDomain.<anonymous> (**\node_modules\serverless-domain-manager\dist\src\index.js:228:23)
    at Generator.throw (<anonymous>)
    at rejected (**\node_modules\serverless-domain-manager\dist\src\index.js:6:65)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)

Domain Manager Configuration

  customDomain:
    domainName: api.foo.com
    certificateArn: "arn:aws:acm:af-south-1:****"
    basePath: ''
    stage: dev
    createRoute53Record: true
    endpointType: 'regional'
    securityPolicy: tls_1_2
    apiType: rest

Versions

Possible Solution Downgrade to 6.4.4 and domain created successfully.

rddimon commented 1 year ago

Hi @nonoodles

Could you please try our latest version and let us know the result?

nonoodles commented 1 year ago

Thank you @rddimon - Confirmed working as expected on 7.0.4.

nostromoJohn commented 1 year ago

Hi @rddimon, I just ran into the same issue with 7.0.4, downgrading to 6.4.4 worked fine