Hello. I'm attempting to create a Certificate for use with a Cloudfront distribution and the certificate must be validated before referencing it in the Cloudfront distribution. The documentation for CertificateValidation and most of (if not all of) the articles I've found so far suggest updating a Route53 zone with the needed validation records. At this time I don't wish to use a Route 53 zone since the zone in question is already with a 3rd party. Does anyone have any recommendations as to how handle creating, manually validating, and then using a cert in a single pulumi project/stack? For example, is there a way to split a stack into two phases? Or, is there away to have Pulumi print the DNS validation records during

up

and wait for me to create them manually? Are there conditional flow control options in general in Pulumi? It appears that CertificateValidation immediately fails if the certificate isn't yet validated, so that does not seem useful for checking on it's status and conditionally doing something else. But, I have found that I can get the certificate status with

apply()

but I'm not yet sure what I can do with that in the context of how Pulumi works. I'm using Javascript, btw.

https://gist.github.com/martinjt/dc8f81fa7aeb1ecfa94150f537f23b74 That's how I do it with DNS validation

@worried-knife-31967 I appreciate the input, thanks. I was hoping to avoid the overhead of maintaining two stacks but perhaps that is the way to do it.