I am trying to use a certificate issued in eu-central-1 for my apigateway which is regional and works in the same region.
My terraform code is as follows:
//ACM Certificate
provider "aws" {
region = "eu-central-1"
alias = "eu-central-1"
}
resource "aws_acm_certificate" "certificate" {
provider = "aws.eu-central-1"
domain_name = "*.kumite.xyz"
validation_method = "EMAIL"
}
//Apigateway
resource "aws_api_gateway_rest_api" "kumite_writer_api" {
name = "kumite_writer_api"
endpoint_configuration {
types = ["REGIONAL"]
}
}
resource "aws_api_gateway_domain_name" "domain_name" {
certificate_arn = aws_acm_certificate.certificate.arn
domain_name = "recorder.kumite.xyz"
endpoint_configuration {
types = ["REGIONAL"]
}
}
Unfortunately, I constantly get this error:
Error: Error creating API Gateway Domain Name: BadRequestException: Cannot import certificates for EDGE while REGIONAL is active.
What I am missing here? I think my ApiGateway is not EDGE but REGIONAL so cannot find sense to the error...
Change certificate_arn
to regional_certificate_arn
.
From documentation (emphasis mine):
When referencing an AWS-managed certificate, the following arguments are supported:
certificate_arn
- (Optional) The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.regional_certificate_arn
- (Optional) The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.