Open jwilson8767 opened 3 years ago
@breathingdust just had the same issue on my end. You must create the certificate in us-east-1 (Virginia) to solve this issue. See the example below.
resource "aws_acm_certificate" "user_pool_domain_cert" {
provider = aws.aws_us_east_1
domain_name = local.user_pool_domain
subject_alternative_names = []
validation_method = "DNS"
tags = {
}
lifecycle {
create_before_destroy = true
}
}
resource "aws_acm_certificate_validation" "user_pool_domain_cert_validation" {
provider = aws.aws_us_east_1
certificate_arn = aws_acm_certificate.user_pool_domain_cert.arn
validation_record_fqdns = [for record in aws_route53_record.user_pool_domain_cert_validation: record.fqdn]
}
Notice that I am using provider
property to change the region.
Good luck!
For me it was because I had one more (undeleted from previous stuff) certificate for the same domain, so in case someone else might have same issue, check if you only have one certificate.
Community Note
Terraform CLI and Terraform AWS Provider Version
Terraform v1.0.2 on linux_amd64
Affected Resource(s)
Terraform Configuration Files
Panic Output
Expected Behavior
The user_pool_domain creation should have been retried after ~1 minute to avoid the error, which I believe stems from the eventual consistency model of ACM.
Actual Behavior
Received error "InvalidParameterException".
Steps to Reproduce
terraform apply
References
Here's a similar issue relating to Cloudfront Distribution creation: https://github.com/hashicorp/terraform-provider-aws/issues/4687 And here's the PR that resolved that issue: https://github.com/hashicorp/terraform-provider-aws/pull/4698