search

vancluever / terraform-provider-acme

Terraform ACME provider
https://registry.terraform.io/providers/vancluever/acme/latest
Mozilla Public License 2.0
220 stars 74 forks source link

rpc error: code = Unknown desc = route53: not found, ResolveEndpointV2 #434

Closed wanjohiryan closed 1 week ago

wanjohiryan commented 1 week ago

Hello there 👋🏾

I am using [this] pulumi plugin (that ties back to this terraform provider) and I am having an issue with getting dns challenge to work with route53. For reference i have posted an issue on the pulumi project here and i thought you might help.

The error:

024/09/10 14:32:38 [WARN] [domain.com] acme: cleaning up failed: 2 errors occurred:
        * rpc error: code = Unknown desc = route53: not found, ResolveEndpointV2
        * error encountered while cleaning token for DNS challenge: rpc error: code = Unknown desc = route53: not found, ResolveEndpointV2
    2024/09/10 14:32:38 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13948784253
    2024-09-10T14:32:38.757+0300 [DEBUG] plugin.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
    2024-09-10T14:32:38.761+0300 [INFO]  plugin: plugin process exited: plugin=/home/wanjohi/.pulumi/plugins/resource-acme-v0.3.1/pulumi-resource-acme id=39019

The code:

const provider = new acme.Provider("provider", {
    //when i try the prod url, it will still fail
    serverUrl: "https://acme-staging-v02.api.letsencrypt.org/directory",
});

export const reg = new acme.Registration("reg", {
    accountKeyPem: privateKey.privateKeyPem,
    emailAddress: "xxxxxxxx@nestri.io",
}, { provider });

export const certificate = new acme.Certificate("certificate", {
    accountKeyPem: reg.accountKeyPem,
    commonName: "fst.so",
    subjectAlternativeNames: ["fst.so"],
    // keyType: "P256",
    recursiveNameservers: ["8.8.8.8:53"],
    dnsChallenges: [{
        provider: "route53",
        config: {
            AWS_HOSTED_ZONE_ID: "xxxxxxxx",
            AWS_MAX_RETRIES: "10",
            // Fails even when i add the ACCESS_KEY and SECRET_KEY here
        }
    }],
}, { provider });

Any help is greatly appreciated. Thanks in advance

vancluever commented 1 week ago

Hey @wanjohiryan, I'm unable to reproduce it on this end using the latest version of the provider in a TF config.

I Google searched the error and the only thing that I can see to that error message is possibly version compatibility issues between the Route53 API and SDK version in use. You might want to investigate that on your end; I'm not too sure how Pulumi works with the provider on their side and if there's possibly a conflict in the version they're using.

If you want to see it for yourself, you could always stand up a small TF config with what you have above as a process of elimination.

Hope this helps!

wanjohiryan commented 1 week ago

Thank you for the prompt response @vancluever let me reach out to the pulumi acme provider.