hi all! i have encapsulated the logic for obtainin...
# general
hi all! i have encapsulated the logic for obtaining a viewer certificate for cloudfront (aws) into a function (note I'm returning it in the very first line):
Copy code
function getViewerCertificate(
  customDomain: string | undefined,
  ... // other parameters
): pulumi.Input<aws.types.input.cloudfront.DistributionViewerCertificate> {
  if (!customDomain) {
    return {
      minimumProtocolVersion: 'TLSv1.1_2016',
      cloudfrontDefaultCertificate: true,
which I later call it (with
set to
Copy code
const viewerCertificate = getViewerCertificate(customDomain,...)
and use it:
Copy code
const distributionArgs: aws.cloudfront.DistributionArgs = {enabled: true, aliases: customDomain ? [customDomain] : [], viewerCertificate, ...}
and after running the
command with automation api this change is detected on every deploy as an updated resource, taking a lot of time to complete the operation. I understand that pulumi should not detect this as a change. is this an expected behavior? it seems like a bug to me
Export your pulumi state, and find in the state file the JSON object representing the
that was provided to the cloudfront distribution as it currently exists. Then you will be able to see how/if it differs with the object returned from this function