Describe the feature
If you provide a domainName that is longer than 64 characters, DnsValidatedCertificate will fail to create the certificate.
This is documented in https://docs.aws.amazon.com/acm/latest/APIReference/API_RequestCertificate.html (technically, the limit is 64 octets. The limit actually comes from RFC 5280, so it is not expected to change.
Pain can be removed by having this check as part of cdk build rather than occurring when the lambda function calls the RequestCertificate API.
Use Case
I've been caught by this in adding more verbose subdomains and not seeing the issue until the cloudformation deploy.
Proposed Solution
throw an error if the length is too long. There is probably also a minimum length that can be checked.
Other Information
No response
Acknowledgements
CDK version used
2.31.2
Environment details (OS name and version, etc.)
N/A
Describe the feature
If you provide a domainName that is longer than 64 characters, DnsValidatedCertificate will fail to create the certificate.
This is documented in https://docs.aws.amazon.com/acm/latest/APIReference/API_RequestCertificate.html (technically, the limit is 64 octets. The limit actually comes from RFC 5280, so it is not expected to change.
Pain can be removed by having this check as part of cdk build rather than occurring when the lambda function calls the RequestCertificate API.
Use Case
I've been caught by this in adding more verbose subdomains and not seeing the issue until the cloudformation deploy.
Proposed Solution
throw an error if the length is too long. There is probably also a minimum length that can be checked.
Other Information
No response
Acknowledgements
CDK version used
2.31.2
Environment details (OS name and version, etc.)
N/A