Description
Is your feature request related to a problem? Please describe
Per the AWS documentation, Route53 is a global API whose region must be either us-east-1
for non-China juristictions, and cn-northwest-1
for the Beijing and Ningxia regions. Accidentally inserting another region will break the issuer and effectively disable cert-manager.
As most AWS APIs are regional and only Route53 and IAM APIs have this disjunct behavior, it's difficult to identify the route53 as the region and customers are already running into this problem.
Describe the behaviour you'd like
The AWS documentation states the following:
When you use the AWS CLI or SDKs to submit requests, you can either leave the Region and endpoint unspecified, or specify the applicable Region:
We should update the EKS reference architecture to remove the explicit region setting (if possible) and add a callout indicating this behavior.