Блог

Проверка сертификата ACM никогда не завершается, время ожидания истекает примерно через 45 минут, если посмотреть на зону размещения AWS для домена, в ней есть запись cname. Он никогда не доходит до раздела создать домен шлюза Api.

main.tf

 resource "aws_acm_certificate" "cert_api" {  domain_name = var.api_domain  validation_method = "DNS"   tags = {  Name = var.api_domain  } }  resource "aws_acm_certificate_validation" "cert_api" {  certificate_arn = aws_acm_certificate.cert_api.arn  validation_record_fqdns = aws_route53_record.cert_api_validations.*.fqdn }   resource "aws_route53_zone" "api" {  name = var.api_domain }  resource "aws_route53_record" "cert_api_validations" {  allow_overwrite = true  count = length(aws_acm_certificate.cert_api.domain_validation_options)   zone_id = aws_route53_zone.api.zone_id  name = element(aws_acm_certificate.cert_api.domain_validation_options.*.resource_record_name, count.index)  type = element(aws_acm_certificate.cert_api.domain_validation_options.*.resource_record_type, count.index)  records = [element(aws_acm_certificate.cert_api.domain_validation_options.*.resource_record_value, count.index)]  ttl = 60 }  resource "aws_route53_record" "api-a" {  name = aws_apigatewayv2_domain_name.api.domain_name  type = "A"  zone_id = aws_route53_zone.api.zone_id   alias {  name = aws_apigatewayv2_domain_name.api.domain_name_configuration[0].target_domain_name  zone_id = aws_apigatewayv2_domain_name.api.domain_name_configuration[0].hosted_zone_id  evaluate_target_health = false  } }  resource "aws_apigatewayv2_domain_name" "api" {  domain_name = var.api_domain   domain_name_configuration {  certificate_arn = aws_acm_certificate.cert_api.arn  endpoint_type = "REGIONAL"  security_policy = "TLS_1_2"  } }