Open jericht opened 5 months ago
Have you tried running the integration tests with this change? I'd expect any of them using DocumentDB to fail because Deadline 10 does not provide a CA trust store with the new CA certificate yet.
Have you tried running the integration tests with this change? I'd expect any of them using DocumentDB to fail because Deadline 10 does not provide a CA trust store with the new CA certificate yet.
Yes, the repository tests failed due to this. We'll need to wait until a new Deadline release is made with the new CA certificate before merging this.
Notes
The RDS CA certificate used by DocDB instances deployed by RFDK is expiring in August 2024. See https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html
This PR changes the DocDB instances deployed by our integration tests to use the newer RDS CA certificate. We still need to do this for RFDK itself in a future PR.
Testing
rds-ca-rsa4096-g1
Example CFN template snippet:
AWS Console screenshot showing CA cert is applied:![image](https://github.com/aws/aws-rfdk/assets/68654047/aa895943-a820-4bfe-be9e-71b24afdcb7c)
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license