AWS China CloudFront Error when provisioned using terraform

0

I am attempting to deploy two cloudfront distributions in cn-northwest-1 and I cannot seem to get ACM certificates attached to them, terraform keeps returning the following error

error creating CloudFront Distribution: InvalidViewerCertificate: The specified SSL certificate source isn't available in this region.
│       status code: 400

The ACM certificates are being generated in us-east-1 and the validation is completing successfully, but it seems that the cloudfront distribution which is created in china cannot access the certificates in the account with access to us-east-1 and RAM does not work for ACM Certificates as far as I could find.

Has anyone run into the similar issue, is the only solution here using SSL/TLS certificates and manually importing them?

1 Answer
0

Unfortunately, Amazon CloudFront in the China Regions currently does not support Amazon Certificate Manager. You must get an SSL/TLS certificate from a different third-party certificate authority (CA) and then upload it to the IAM certificate store.

For more information, see Importing an SSL/TLS Certificate in the Amazon CloudFront Developer Guide.

https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https-procedures.html#cnames-and-https-uploading-certificates https://docs.amazonaws.cn/en_us/aws/latest/userguide/cloudfront.html

AWS
SUPPORT ENGINEER
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions