Worry-free AWS ACM certificate DNS validation with Pulumi
· 4 min read
Quite often I need to create AWS ACM certificate and do DNS validation using Pulumi.
Pulumi aws.acm.CertificateValidation DNS example only show basic and naive implementation:
- hardcoded single domain validation ¯_(ツ)_/¯
- will fail if you try to validated wildcard and apex domain simultaneously
* creating Route 53 Record: InvalidChangeBatch: [Tried to create resource record set [name='_f22110437fea5500aa0f8bf286aed7c7.howto.ahanoff.dev.', type='CNAME'] but it already exists]
Today I'll show how to create validation that works for any domain
note
- I will use
howto.ahanoff.devdomain as example - I will use Pulumi with Typescript
I will create AWS ACM certificate with the following conditions:
- multi domain certificate
- validates wildcard domain:
*.howto.ahanoff.dev - validates apex domain:
howto.ahanoff.dev