fcirone
commented
2 years ago +1 domain should be by environment not app
Open programmablemike opened 2 years ago
fcirone
commented
2 years ago +1 domain should be by environment not app
huanjani
commented
2 years ago @programmablemike: This feature is now possible in v1.18.0: https://github.com/aws/copilot-cli/releases/tag/v1.18.0 🎉 by importing an existing certificate.
We'll keep the issue open to be able to take a domain as environment inputs with #3522
mvn-bachhuynh-dn
commented
2 years ago Hi all, I really tired when trying to find to implement separated PRD domain with DEV domain, especially with add-on, it's totally useless when try to use some Output like HostedZone, Subdomain from Parent Stack. (it's not available in ENV stack with imported certs)
I believe, if Copilot could support multi-domain, or multi-app in the same repo should be better.
Thank you!
Lou1415926
commented
2 years ago I believe, if Copilot could support multi-domain, or multi-app in the same repo should be better.
Responding on Gitter. For folks that are interested feel free navigate there.
fruwe
commented
1 year ago +1 to reopen this. Love copilot, but an option to use at least one domain per environment would really help.
PS: The gitter link above is not working for me.
Lou1415926
commented
1 year ago @fruwe Gitter redid how they locate a message so all of the old links don't work anymore it seems :( But I believe this was the thread that I wanted to share. The question that I posted there was meant to understand the other user's specific use case better, so it probably does not apply to you. But if you have any input on that, I'd appreciate it as well!
fruwe
commented
1 year ago Thanks for the quick reply. I am trying to migrate to copilot, first staging, later production.
The two envs are using two distinct domains.
http.alias would have been quite convenient. There was even documentation mentioning multiple aliases and one of them was a completely different TLD.
Anyway, it would be great to be able to specify the domain, but in the meantime I will do it manually〜
rmarops
commented
1 year ago Am I understanding correctly that this requires running copilot env init --import-cert-arns arn:aws:acm:us-east-1... which means you have to create a fresh env?
Lou1415926
commented
1 year ago @rmarops nope! You can use specify your cert ARN in the environment manifest under http.public.certificates (or http.private.certificates, or cdn.certificates, depending on which ALB / CDN you want to secure)
rmarops
commented
1 year ago hey @Lou1415926, I've tried this but im not sure if i am missing a step https://github.com/aws/copilot-cli/discussions/5474
description
We're trying to setup a multi-account, multi-domain deployment where we have a single (global) Application account and then each Copilot Environment (eg. dev, test, staging, production) is deployed into a separate AWS account w/ a custom domain registered in that account.
To produce the following environment --> domain map:
Our reasoning behind using a separate domain per environment is for security - to hedge against subdomain takeover attacks and to take advantage of the site isolation protections that are becoming more prevalent in modern browsers.
current behavior
Trying to do a
copilot svc deploywithENV.http.aliasset to a custom domain without that domain registered in the application causes the following error and aborts deployment.desired behavior
Ideally what I'd like to do is register all the possible custom domains using
copilot app init myapp --domain myapp.dev,myapp.net,myapp.io,myapp.comand then specify the domain for each environment by settingENV.http.aliasin the Copilot Service manifest, or have the ability to toggle off the check for the application/custom domain duringcopilot svc deploy.references