I’m following the instructions to add a custom domain to an api gateway, and it has me creating a new Route 53 hosted zone for “api.my.domain” … I’m running pulumi up, and now it’s taking a long time to validate an SSL cert because the DNS records don’t appear to be propagating. Is this because it’s a new zone, or could it be because I also have another hosted zone under “my.domain” ?

you can import the existing hosted zone using

pulumi import

then once pulumi is managing the resource you can pass the zoneid through programatically

Oh cool, thanks Joshy! If I import the zone into multiple projects (e.g. projectA.my.domain and projectB.my.domain) will that cause any issue?

Yeah I wouldn’t advise having the resource in multiple projects, this could cause real issues with state if being updated by both places. What’s the use case for wanting to have the zone in multiple projects?

Ah ok that makes sense, I suppose if you did have in all repos, 1 could delete it and affect the others. In my use case I have 3 repo’s and each needs its own subdomain, so there’s “api.xyz” “app.xyz” and “admin.xyz”. I’m hoping to define the subdomain resources (dns records, tls certs etc) in the relevant repository, but is there another way people tend to solve this problem?

ah ok so you just need the hosted zone id? you can manage it in a central project, and providing they all use the same pulumi backend, you can output the values of the hosted zone from project A, then use stack references to pull in the outputs from project A to project B and C