lemon-dog-29241
08/06/2021, 2:38 AMdomain_validation_options
from the creation of my certificate and then loop through them, creating a record for each. I'll share my python in a comment. I'm a newbie all around so it's very probably I've just done something that won't work period ๐def create_route53_zone(org_id):
return aws.route53.Zone(f'shared-hosted-zone-{org_id}', name=f'{org_id}.<http://getbuildbot.com|getbuildbot.com>')
def create_certificate(org_id):
return aws_acm.Certificate(f'shared-certificate-{org_id}',
domain_name=f'{org_id}.<http://getbuildbot.com|getbuildbot.com>',
subject_alternative_names=f'*.{org_id}.<http://getbuildbot.com|getbuildbot.com>',
tags={
"deployed_by": "Pulumi",
"Name": {org_id},
},
validation_method="DNS")
def create_records(org_id, domain_validation_options, zone_id):
validation_record_fqdns = []
i = 0
for dvo in domain_validation_options:
cert_validation = aws.route53.Record(f'{org_id}-record-{i}',
name=dvo['resourceRecordName'],
records=[dvo['resourceRecordValue']],
ttl=300,
type=dvo['resourceRecordType'],
zone_id=zone_id,
opts=pulumi.ResourceOptions(delete_before_replace=True))
i += 1
validation_record_fqdns.append(cert_validation.fqdn)
return validation_record_fqdns
def validate_certificate(org_id, certificate, fqdns):
return aws_acm.CertificateValidation(f'{org_id}-validation',
certificate_arn=certificate,
validation_record_fqdns=fqdns)
def create_and_validate_hosted_zone(org_id):
hosted_zone = create_route53_zone(org_id=org_id)
certificate = create_certificate(org_id=org_id)
fqdns = certificate.domain_validation_options.apply(lambda domain_validation_options: create_records(org_id=org_id,
domain_validation_options=domain_validation_options,
zone_id=hosted_zone.zone_id))
validate_certificate(org_id=org_id, certificate=certificate.arn, fqdns=fqdns)
return {
"hosted_zone": hosted_zone,
"certificate_arn": certificate.arn
}
little-cartoon-10569
08/06/2021, 2:44 AMnew aws.route53.Record(name, {
zoneId: zoneId,
name: this.certificate.domainValidationOptions[1].resourceRecordName,
type: aws.route53.RecordType.CNAME,
ttl: 300,
records: [this.certificate.domainValidationOptions[1].resourceRecordValue]
});
That creates the record for the 2nd DVO. Change the index for the different DVOs.Output<outputs.acm.CertificateDomainValidationOption[]>
, meaning the size of the array won't be known at runtime.lemon-dog-29241
08/06/2021, 2:51 AMValueError: unexpected input of type set
. But I can't figure out where I'm passing in a set... I've tried separating out the records and just creating them singly instead of iterating, but no luck!
def create_and_validate_hosted_zone(org_id):
hosted_zone = create_route53_zone(org_id=org_id)
certificate = create_certificate(org_id=org_id)
fqdns = []
fqdn1_record = aws.route53.Record(f'{org_id}-record-1',
name=certificate.domain_validation_options[0].resource_record_name,
records=[certificate.domain_validation_options[0].resource_record_value],
ttl=300,
type=certificate.domain_validation_options[0].resource_record_type,
zone_id=hosted_zone.zone_id,
opts=pulumi.ResourceOptions(delete_before_replace=True))
fqdn2_record = aws.route53.Record(f'{org_id}-record-1',
name=certificate.domain_validation_options[1].resource_record_name,
records=[certificate.domain_validation_options[1].resource_record_value],
ttl=300,
type=certificate.domain_validation_options[1].resource_record_type,
zone_id=hosted_zone.zone_id,
opts=pulumi.ResourceOptions(delete_before_replace=True))
fqdns.append(fqdn1_record.fqdn)
fqdns.append(fqdn2_record.fqdn)
validate_certificate(org_id=org_id, certificate=certificate.arn, fqdns=fqdns)
return {
"hosted_zone": hosted_zone,
"certificate_arn": certificate.arn
}
red-match-15116
08/06/2021, 3:25 AMlemon-dog-29241
08/06/2021, 3:29 AMred-match-15116
08/06/2021, 3:41 AMvalidate_certificate
bit and see if that works? I have a hunch it might have something to do with fqdnslittle-cartoon-10569
08/06/2021, 3:49 AMcertificate.domain_validation_options[0].resource_record_type
(and [1])? I didn't get a good value back for those so I hard-coded CNAME..lemon-dog-29241
08/06/2021, 11:10 AMdef create_certificate(org_id):
return aws.acm.Certificate(f'shared-certificate-{org_id}',
domain_name=f'{org_id}.<http://getbuildbot.com|getbuildbot.com>',
subject_alternative_names=[f'*.{org_id}.<http://getbuildbot.com|getbuildbot.com>'],
validation_method="DNS")
red-match-15116
08/06/2021, 2:47 PM{org_id}
(which is a set containing the item org_id
) - can you try it without the curly braces?lemon-dog-29241
08/06/2021, 3:44 PMred-match-15116
08/06/2021, 3:57 PMlemon-dog-29241
08/06/2021, 4:02 PMlittle-cartoon-10569
08/08/2021, 9:15 PM