Skip to content

self-hosted/docs: call out cert-manager route53 region behavior in EKS reference architecture #12399

Closed
@adrienthebo

Description

@adrienthebo

Is your feature request related to a problem? Please describe

Per the AWS documentation, Route53 is a global API whose region must be either us-east-1 for non-China juristictions, and cn-northwest-1 for the Beijing and Ningxia regions. Accidentally inserting another region will break the issuer and effectively disable cert-manager.

As most AWS APIs are regional and only Route53 and IAM APIs have this disjunct behavior, it's difficult to identify the route53 as the region and customers are already running into this problem.

Describe the behaviour you'd like

The AWS documentation states the following:

When you use the AWS CLI or SDKs to submit requests, you can either leave the Region and endpoint unspecified, or specify the applicable Region:

We should update the EKS reference architecture to remove the explicit region setting (if possible) and add a callout indicating this behavior.

Metadata

Metadata

Assignees

Type

No type

Projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions