Hi there I am trying to create a Cloudfront distribution for Serverless Stack #help

Hi there, I am trying to create a Cloudfront distr...

Kujtim Hoxha

08/19/2021, 8:27 PM

Hi there, I am trying to create a Cloudfront distribution for media files (e.x a user uploads to s3 using signed urls) and I want to make that available through

<http://media.mysite.com/|media.mysite.com/>...

, I was trying to use the

StaticSite

as an example but for some reason the

DnsValidatedCertificate

is giving me an error, it is trying to find a lambda function in

lambda.Code.fromAsset(path.resolve(__dirname, '..', 'lambda-packages', 'dns_validated_certificate_handler', 'lib')),

looking at the source code and because of that

sst start

is giving me an error

Copy code

Error: Cannot find asset at /Users/path/to/my/app/.build/lambda-packages/dns_validated_certificate_handler/lib

Kujtim Hoxha

08/19/2021, 8:39 PM

I fixed this by using

Copy code

const acmCertificate = new acm.Certificate(this, 'Certificate', {
      domainName: domain,
      validation: acm.CertificateValidation.fromDns(hostedZone),
    });

instead of

DnsValidatedCertificate

Kujtim Hoxha

08/19/2021, 8:46 PM

Ok this is not solving the full issue because this does not allow setting the region to us-east-1 😅

Frank

08/19/2021, 10:01 PM

Hey @Kujtim Hoxha, can you show me what you have rn?

Kujtim Hoxha

08/20/2021, 11:48 AM

@Frank what do you mean by

rn

Ross Coundon

08/20/2021, 2:13 PM

Probably just short for "right now"

Kujtim Hoxha

08/20/2021, 2:18 PM

Oh 🤦‍♂️ I will post soon not near my laptop now thanks @Ross Coundon

Kujtim Hoxha

08/20/2021, 3:15 PM

Copy code

const mediaBucket = new Bucket(this, 'MediaBucket', {
      s3Bucket: {
        removalPolicy: process.env.IS_LOCAL
          ? RemovalPolicy.DESTROY
          : RemovalPolicy.RETAIN,
        cors: [
          {
            allowedHeaders: ['*'],
            allowedMethods: [
              HttpMethods.GET,
              HttpMethods.PUT,
              HttpMethods.HEAD,
            ],
            allowedOrigins: ['*'],
          },
        ],
      },
    });

    const hostedZone = route53.HostedZone.fromLookup(this, 'HostedZone', {
      domainName: '<http://mydomain.com|mydomain.com>',
    });
    let domain = `${this.stage}-<http://media.mydomain.com|media.mydomain.com>`;
    if (this.stage === 'prod') {
      domain = '<http://media.mydomain.com|media.mydomain.com>';
    }
    const acmCertificate = new acm.DnsValidatedCertificate(
      this,
      'Certificate',
      {
        domainName: domain,
        hostedZone: hostedZone,
        region: 'us-east-1',
      }
    );

    const cfDistribution = new cf.Distribution(this, 'Distribution', {
      errorResponses: [],
      // these values can NOT be overwritten by cfDistributionProps
      domainNames: [domain],
      certificate: acmCertificate,
      defaultBehavior: {
        origin: new cfOrigins.S3Origin(mediaBucket.s3Bucket),
        viewerProtocolPolicy: cf.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
      },
    });

    new route53.ARecord(this, 'AliasRecord', {
      recordName: domain,
      zone: hostedZone,
      target: route53.RecordTarget.fromAlias(
        new route53Targets.CloudFrontTarget(cfDistribution)
      ),
    });

Kujtim Hoxha

08/20/2021, 3:15 PM

Here is what I have until now

Frank

08/20/2021, 4:50 PM

Thanks @Kujtim Hoxha, and what’s the latest error you are getting with this?

Kujtim Hoxha

08/20/2021, 4:52 PM

The one above

Kujtim Hoxha

08/20/2021, 4:52 PM

In the main thread

Frank

08/20/2021, 4:52 PM

Copy code

Error: Cannot find asset at /Users/path/to/my/app/.build/lambda-packages/dns_validated_certificate_handler/lib

when you run

sst start

right?

Kujtim Hoxha

08/20/2021, 4:52 PM

Yep

Frank

08/20/2021, 4:52 PM

Cool, taking a look.

Kujtim Hoxha

08/20/2021, 4:53 PM

Thanks

Kujtim Hoxha

08/20/2021, 4:53 PM

I am using yarn workspaces might be related 🤷‍♂️

Frank

08/20/2021, 5:11 PM

Yeah I just tried the stack in a non-yarn workspace setup and it worked.

Frank

08/20/2021, 5:12 PM

Can you share what your yarn workspace structure is like?

Kujtim Hoxha

08/20/2021, 5:12 PM

sure

Copy code

-> backend
---->lib
------->stacks...
---->sst.son
-> frontend
-> common

Kujtim Hoxha

08/20/2021, 5:13 PM

and I was running yarn commands within the

backend

folder

Frank

08/20/2021, 5:13 PM

sst.json

is inside the

backend

folder right?

Kujtim Hoxha

08/20/2021, 5:14 PM

correct

Kujtim Hoxha

08/20/2021, 5:15 PM

I am suspecting it has something to do with the

node_modules

folder being one level above

Kujtim Hoxha

08/20/2021, 5:16 PM

https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts#L89

Kujtim Hoxha

08/20/2021, 5:16 PM

^ this is causing the error

Kujtim Hoxha

08/20/2021, 5:21 PM

The weird thing is that StaticSite uses the same construct and it works 😅

Kujtim Hoxha

08/20/2021, 5:30 PM

O wow I think I fixed it 😮 looks like I need to add

@aws-cdk/aws-certificatemanager

in my package.json, but the weird thing is that for other

@aws-dev/*

I never had to do it 🤷‍♂️

Frank

08/20/2021, 5:30 PM

Kujtim Hoxha

08/20/2021, 5:31 PM

I looked in the node_modules and it was there because sst has it as a requirement but to make this work you need to explicitly have it in 🤷‍♂️

Kujtim Hoxha

08/20/2021, 5:31 PM

I do not really get why

Frank

08/20/2021, 5:32 PM

when u didn’t put it, is

@aws-cdk/aws-certificatemanager

directly inside

/node_modules

or is it in

/node_modules/@serverless-stack/resources/node_modules/@aws-cdk/aws-certificatemanager

Kujtim Hoxha

08/20/2021, 5:33 PM

it all is directly there

Kujtim Hoxha

08/20/2021, 5:33 PM

But because I am using workspaces it is at the top level node_module

Frank

08/20/2021, 5:42 PM

Yeah I see it.. just managed to reproduce the issue

Kujtim Hoxha

08/20/2021, 5:46 PM

Thanks for the help Frank, it is all working now 🎉

Open in Slack

Previous Next