Comments (6)
@mojeto
thank you for testing and submitting the issue.
I think what you have is related to how AWS operates. Although ACM is supported in many regions, to use a certificate with CloudFront, it should be requested only in US East (N. Virginia) region.
If you want to require HTTPS between viewers and CloudFront, you must change the AWS region to US East (N. Virginia) in the AWS Certificate Manager console before you request or import a certificate.
If you want to require HTTPS between CloudFront and your origin, and you're using an ELB load balancer as your origin, you can request or import a certificate in any region.
https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html
To use an ACM Certificate with Amazon CloudFront, you must request or import the certificate in the US East (N. Virginia) region. ACM Certificates in this region that are associated with a CloudFront distribution are distributed to all the geographic locations configured for that distribution.
https://stackoverflow.com/questions/37289994/aws-certificate-manager-do-regions-matter
This is an AWS restriction, and you need to request the same cert in us-east-1
.
from terraform-aws-cloudfront-s3-cdn.
@aknysh and @osterman thank you guys. I didn't know that. I've spent too much time checking the code is right and forgot to check AWS limitations. I suggest pointing these limitation out in Generating ACM Certificate
in README.md. It would help me.
from terraform-aws-cloudfront-s3-cdn.
@mojeto
we'll update README
, thanks
from terraform-aws-cloudfront-s3-cdn.
@aknysh is correct. This is a fundamental requirement of CloudFront.
from terraform-aws-cloudfront-s3-cdn.
Ya, that's a good suggestion. I'm going to rename the issue to reflect that.
from terraform-aws-cloudfront-s3-cdn.
@mojeto
we updated README
about using SSL cert with CloudFront.
Merged into master
.
https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/releases/tag/0.1.5
from terraform-aws-cloudfront-s3-cdn.
Related Issues (20)
- Error: An argument named "response_headers_policy_id" is not expected here. HOT 5
- version 4.0.0 of the aws provider contains breaking changes for the CDN module HOT 11
- Make random_password.referer available as an output HOT 1
- AuthorizationHeaderMalformed: The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'us-west-2'
- IAM Continuously Updates Between Apply HOT 1
- Using existing origin access identity fails with explicit context HOT 1
- Lambda@Edge submodule doesn't allow to control log group settings HOT 1
- Add support for origin-access-control to replace origin-access-identity HOT 2
- Allow route53 records overwrite
- `additional_bucket_policy` has no effect HOT 1
- The parameter ForwardedValues is required error if i use ordered_cache parameter HOT 2
- Cannot create deployment principal and the CDN in the same terraform run HOT 1
- http2and3 http_version gives validation error
- Ability to attach a custom iAM policy to lambdas
- There are many deprecated resources related to S3 HOT 1
- Unable to disable logging
- Changes To S3 Bucket Default Settings Breaks Access Logging HOT 3
- Unable to reference an origin bucket that does not existing yet
- Website enabled forces an S3 bucket SSL only access policy that can not be applied
- Version 5.0.0 of the aws provider contains breaking changes for this module HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-aws-cloudfront-s3-cdn.