stocky-lion-56153
07/20/2020, 9:41 PMPulumi.production.yaml
config has aws:region: eu-west-1
and aws:profile: prod_deploy
(a profile that assumes a role in production). However shell has AWS_PROFILE=dev
(a developer role in a different account) and I found that the ACM cert is getting created in dev
and everything else is (trying to be) created in prod
The code is as follows:
us_east_1 = Provider('us-east-1', region='us-east-1')
cert = acm.Certificate(
"cert",
domain_name=target_domain,
validation_method="DNS",
opts=pulumi.ResourceOptions(provider=us_east_1)
)
cert_validation_domain = route53.Record(
'cert-validation-domain',
zone_id=hosted_zone_id,
ttl=600,
name=cert.domain_validation_options[0]['resourceRecordName'],
type=cert.domain_validation_options[0]['resourceRecordType'],
records=[cert.domain_validation_options[0]['resourceRecordValue']]
)
cert_validation = acm.CertificateValidation(
'cert-validation',
certificate_arn=cert.arn,
validation_record_fqdns=[cert_validation_domain.fqdn],
opts=pulumi.ResourceOptions(provider=us_east_1)
)