Delete the CNAME DNS record used for certificate validation in hosted zone #9
Comments
|
How should I resolve it? |
|
Hi @yanlinaung30 - the manual workaround for this issue is to manually delete the CNAME record first before deleting the CloudFormation stack. You can do this by using the AWS Route 53 console to open the hosted zone that was created as part of your stack, selecting the CNAME record set, then "Delete Record Set". After that, you should be able to fully delete the CloudFormation stack as it will then be able to delete the hosted zone. Let me know if that works. |
|
@cloudkj But I encountered another issue. CloudFrontRootDistribution CloudFrontWWWDistribution
|
|
Hi @yanlinaung30 - it looks like ACM has a restriction that requires certificates to be created in the us-east-1 region in order to be used with CloudFront: https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html
Unfortunately, for now you'll have to create the stack in us-east-1. Note that there should be no degradation in performance for visitors since the CloudFront distribution will be global. However, I can see that there can be a performance/cost issue in dealing with uploading or syncing assets if us-east-1 is not your home region. I'll open a separate issue to track this problem. At the very least, the docs should be updated to reflect this limitation. It's possible that CloudFormation Stack Sets can offer a path forward by requesting only the ACM certificate in us-east-1 but other resources in the chosen region, but some work is needed to see if that's possible. |
|
@cloudkj |
Attempting to delete a newly created SCAR stack in CloudFormation currently fails due to the CNAME DNS record that is created manually as part of the validation step. A custom resource could be added to the template to remove this record from the hosted zone so that the record is deleted after validation is successful.
The text was updated successfully, but these errors were encountered: