Hello guys. I need to create an aws.acm.Certificat...
# aws
r
Hello guys. I need to create an aws.acm.Certificate after creating self signed certificate with new pvk.SelfSignedCert call. At the first pulumi up, the aws.acm.Certificate call fails with the following error: "* error importing ACM Certificate: ValidationException: The certificate is valid in the future. You can Import a certificate only during its validity period." If I retry the with 'pulumi update' after a few seconds, everything goes fine and the acm certificate is correctly created. Any suggestion..?....thanks so much.
g
Can you share the relevant bits of your code (confidential info redacted, please)? It sounds like you need to set a
depends_on
flag: https://www.pulumi.com/docs/intro/concepts/resources/options/dependson/
r
Hi @great-queen-39697, sure....code follows:
......... ......... // Create certificate const examplePrivateKey = new pvk.PrivateKey("examplePrivateKey", { algorithm: "RSA" }); function creaselfsignedcert() { return new pvk.SelfSignedCert("exampleSelfSignedCert", { keyAlgorithm: "RSA", privateKeyPem: examplePrivateKey.privateKeyPem, subjects: [ { commonName: "example.com", organization: "ACME Examples, Inc" } ], validityPeriodHours: 8760, allowedUses: ["key_encipherment", "digital_signature", "server_auth"] }); } // Create acm certificate function createcert({ cert }: { cert: pvk.SelfSignedCert }) { return new aws.acm.Certificate( "cert", { privateKey: examplePrivateKey.privateKeyPem, certificateBody: cert.certPem }, { dependsOn: cert } ); } const SSCert = creaselfsignedcert(); const cert = createcert({ cert: SSCert }); Thanks a lot for your kindly support......
Hi. Any news about the mentioned issue...?...as you can see I already adopt the dependsOn. Thanks.
g
Hi there, sorry, been offline. I don't know what the
pvk
library is that you're calling; are you actually calling the TLS package? https://www.pulumi.com/registry/packages/tls/api-docs/privatekey/ At the moment, nothing's jumping out at me to say that I know your problem. Let me ask internally
r
Hi Laura. Confirmed that I'm using the mentioned package. Thanks.......francesco
g
So I asked around, and we're not quite sure what the issue is. Technically, you're using the cert in the arguments, so you don't need the dependsOn call. I suspect there's some slight clock drift between your local machine and AWS since it resolves after a moment. I'd open up an issue to confirm that it's not a bug with the provider: https://github.com/pulumi/pulumi/issues/new/choose
r
Thank you @great-queen-39697. Look forward. Regards.......
👍 1
126 Views