You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When you change the content of the certificate, it should change the certificate upstream.
Actual Behavior
It does not work, and it fails with this error:
1 error(s) occurred:
* aws_api_gateway_domain_name.hsts: BadRequestException: Invalid patch path '/certificate_body' specified for op 'replace'. Must be one of: [/certificateName]
status code: 400, request id: e5a98f19-78e4-11e6-bd58-bdfb359ea935
Steps to Reproduce
Create a API Gateway domain name with one certficate. Try to rerun that with a different certificate.
Important Factoids
The implementation is wrong. Actually there is not a programmatic way of rotating the certs of a API gateway domain name as it is mention in the documentation:
The following steps describe how to upload and renew an expiring certificate for a custom domain name using the API Gateway console. You cannot rotate custom domain name certificates programmatically.
Proposed implementation
Given you cannot rotate the certificate with API calls, I do not really know what should be the actual behaviour.
I suggest that we add an option of force_update: true, so that it will delete and create the resource to change the certificate if it is set to true, or fail with an error reporting that it must be changed manually otherwise.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
ghost
locked and limited conversation to collaborators
Apr 8, 2020
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Terraform Version
Affected Resource(s)
aws
withaws_api_gateway_domain_name
Terraform Configuration Files
Expected Behavior
When you change the content of the certificate, it should change the certificate upstream.
Actual Behavior
It does not work, and it fails with this error:
Steps to Reproduce
Create a API Gateway domain name with one certficate. Try to rerun that with a different certificate.
Important Factoids
The implementation is wrong. Actually there is not a programmatic way of rotating the certs of a API gateway domain name as it is mention in the documentation:
Proposed implementation
Given you cannot rotate the certificate with API calls, I do not really know what should be the actual behaviour.
I suggest that we add an option of
force_update: true
, so that it will delete and create the resource to change the certificate if it is set to true, or fail with an error reporting that it must be changed manually otherwise.References
#3675
The text was updated successfully, but these errors were encountered: