使用证书和 route53 记录部署的 CDK 挂起
CDK deploy with certificate and route53 records hangs
我尝试使用以下命令部署 CDK 项目时挂起:cdk deploy --require-approval never
我有以下结构来部署 create-react-app with CDK
package.json # React
src/
public/
cdk/
package.json # CDK
这是我用来创建存储桶、推送 build/ 文件夹并发布 route53 记录和证书并创建云端分发的代码
import { Construct } from "constructs"
import {
Stack,
StackProps,
aws_s3 as s3,
aws_s3_deployment as s3Deploy,
aws_cloudfront as cloudfront,
aws_cloudfront_origins as cloudFrontOrigins,
aws_certificatemanager as acm,
aws_route53 as route53,
aws_route53_targets as route53Targets,
CfnOutput,
} from "aws-cdk-lib"
const bucketName = "my-bucket-name"
const domainName = "subdomain.example.com"
const localFolder = "../build"
const cloudFolder = "minified-react-master"
const oaiID = "XXXXXXXXXXXXXX"
const zoneName = "example.com"
export class CdkStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props)
const websiteBucket = new s3.Bucket(this, "ReferenceBucket", {
bucketName: bucketName,
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
})
new s3Deploy.BucketDeployment(this, "DeployStatic", {
sources: [s3Deploy.Source.asset(localFolder)],
destinationBucket: websiteBucket,
destinationKeyPrefix: cloudFolder,
})
const oai = cloudfront.OriginAccessIdentity.fromOriginAccessIdentityName(this, "AccessIdentity", oaiID)
const myHostedZone = new route53.HostedZone(this, "HostedZone", {
zoneName: zoneName,
})
const certificate = new acm.Certificate(this, "Certificate", {
domainName: domainName,
validation: acm.CertificateValidation.fromDns(myHostedZone),
})
const distribution = new cloudfront.Distribution(this, "CloudFrontDist", {
defaultBehavior: {
origin: new cloudFrontOrigins.S3Origin(websiteBucket, {
originPath: `/${cloudFolder}`,
originAccessIdentity: oai,
}),
allowedMethods: cloudfront.AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
},
domainNames: [domainName],
certificate: certificate,
priceClass: cloudfront.PriceClass.PRICE_CLASS_100,
minimumProtocolVersion: cloudfront.SecurityPolicyProtocol.TLS_V1_2_2021,
})
new route53.ARecord(this, "AliasRecord", {
zone: myHostedZone,
target: route53.RecordTarget.fromAlias(new route53Targets.CloudFrontTarget(distribution)),
})
new CfnOutput(this, "DistroName", {
value: distribution.distributionDomainName,
description: "Distribution assigned URL",
exportName: "TheAwesomeDistro",
})
}
}
这是日志,我花了 40 分钟才最终停止它
cdk deploy --require-approval never
✨ Synthesis time: 8.7s
stable-project-master: deploying...
[0%] start: Publishing 55f133baccc1d0e4666b88328d51a8c2ff354c919b8e0fa9f045123a19df1b4e:current_account-us-east-1
[0%] start: Publishing f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da:current_account-us-east-1
[0%] start: Publishing 5d842ebd539c808f49a8b3be08177714858f53cfe65e91e756cdc81f128be2df:current_account-us-east-1
[0%] start: Publishing 8d5bc80a7b784529c22a0a120c3cfaf04c72cce506110a3233e7566b4c794f3d:current_account-us-east-1
[25%] success: Published 8d5bc80a7b784529c22a0a120c3cfaf04c72cce506110a3233e7566b4c794f3d:current_account-us-east-1
[50%] success: Published f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da:current_account-us-east-1
[75%] success: Published 55f133baccc1d0e4666b88328d51a8c2ff354c919b8e0fa9f045123a19df1b4e:current_account-us-east-1
[100%] success: Published 5d842ebd539c808f49a8b3be08177714858f53cfe65e91e756cdc81f128be2df:current_account-us-east-1
stable-project-master: creating CloudFormation changeset...
stable-project-master | 0/13 | 5:01:35 PM | REVIEW_IN_PROGRESS | AWS::CloudFormation::Stack | stable-project-master User Initiated
stable-project-master | 0/13 | 5:01:46 PM | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | stable-project-master User Initiated
stable-project-master | 0/13 | 5:01:53 PM | CREATE_IN_PROGRESS | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023)
stable-project-master | 0/13 | 5:01:53 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265) Resource creation Initiated
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata)
stable-project-master | 0/13 | 5:01:55 PM | CREATE_IN_PROGRESS | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12) Resource creation Initiated
stable-project-master | 0/13 | 5:01:56 PM | CREATE_IN_PROGRESS | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866) Resource creation Initiated
stable-project-master | 0/13 | 5:01:56 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) Resource creation Initiated
stable-project-master | 1/13 | 5:01:56 PM | CREATE_COMPLETE | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata)
stable-project-master | 1/13 | 5:02:02 PM | CREATE_IN_PROGRESS | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023) Resource creation Initiated
stable-project-master | 2/13 | 5:02:02 PM | CREATE_COMPLETE | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023)
stable-project-master | 3/13 | 5:02:08 PM | CREATE_COMPLETE | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265)
stable-project-master | 4/13 | 5:02:16 PM | CREATE_COMPLETE | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12)
stable-project-master | 4/13 | 5:02:19 PM | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170)
stable-project-master | 4/13 | 5:02:19 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF)
stable-project-master | 4/13 | 5:02:20 PM | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170) Resource creation Initiated
stable-project-master | 4/13 | 5:02:20 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF) Resource creation Initiated
stable-project-master | 5/13 | 5:02:20 PM | CREATE_COMPLETE | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170)
stable-project-master | 6/13 | 5:02:34 PM | CREATE_COMPLETE | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF)
stable-project-master | 6/13 | 5:02:36 PM | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536)
stable-project-master | 7/13 | 5:02:41 PM | CREATE_COMPLETE | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866)
stable-project-master | 7/13 | 5:02:42 PM | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536) Resource creation Initiated
stable-project-master | 7/13 | 5:02:44 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08)
stable-project-master | 7/13 | 5:02:45 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08) Resource creation Initiated
stable-project-master | 8/13 | 5:02:50 PM | CREATE_COMPLETE | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536)
stable-project-master | 8/13 | 5:02:53 PM | CREATE_IN_PROGRESS | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246)
stable-project-master | 8/13 | 5:03:17 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08) Content of DNS Record is: {Name: _7fc42ea58e43b5091517f04ac34fcd25.stable-dev.example.com.,Type: CNAME,Value: _d637400f04abfa0e752b5feb9e826cd1.qwknvqrlct.acm-validations.aws.}
stable-project-master | 8/13 | 5:03:38 PM | CREATE_IN_PROGRESS | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246) Resource creation Initiated
stable-project-master | 9/13 | 5:03:38 PM | CREATE_COMPLETE | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246)
9/13 Currently in progress: stable-project-master, Certificate4E7ABB08
发生这种情况是因为托管区域必须有正确的记录来验证您的域。您可以使用 CDK 创建托管区域,然后添加所需的记录(由您的域注册商指定)以将域的控制权转移到托管区域。
执行此操作后,它将能够自动使用 DNS 验证证书。
无需手动执行任何操作。
我尝试使用以下命令部署 CDK 项目时挂起:cdk deploy --require-approval never
我有以下结构来部署 create-react-app with CDK
package.json # React
src/
public/
cdk/
package.json # CDK
这是我用来创建存储桶、推送 build/ 文件夹并发布 route53 记录和证书并创建云端分发的代码
import { Construct } from "constructs"
import {
Stack,
StackProps,
aws_s3 as s3,
aws_s3_deployment as s3Deploy,
aws_cloudfront as cloudfront,
aws_cloudfront_origins as cloudFrontOrigins,
aws_certificatemanager as acm,
aws_route53 as route53,
aws_route53_targets as route53Targets,
CfnOutput,
} from "aws-cdk-lib"
const bucketName = "my-bucket-name"
const domainName = "subdomain.example.com"
const localFolder = "../build"
const cloudFolder = "minified-react-master"
const oaiID = "XXXXXXXXXXXXXX"
const zoneName = "example.com"
export class CdkStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props)
const websiteBucket = new s3.Bucket(this, "ReferenceBucket", {
bucketName: bucketName,
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
})
new s3Deploy.BucketDeployment(this, "DeployStatic", {
sources: [s3Deploy.Source.asset(localFolder)],
destinationBucket: websiteBucket,
destinationKeyPrefix: cloudFolder,
})
const oai = cloudfront.OriginAccessIdentity.fromOriginAccessIdentityName(this, "AccessIdentity", oaiID)
const myHostedZone = new route53.HostedZone(this, "HostedZone", {
zoneName: zoneName,
})
const certificate = new acm.Certificate(this, "Certificate", {
domainName: domainName,
validation: acm.CertificateValidation.fromDns(myHostedZone),
})
const distribution = new cloudfront.Distribution(this, "CloudFrontDist", {
defaultBehavior: {
origin: new cloudFrontOrigins.S3Origin(websiteBucket, {
originPath: `/${cloudFolder}`,
originAccessIdentity: oai,
}),
allowedMethods: cloudfront.AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
},
domainNames: [domainName],
certificate: certificate,
priceClass: cloudfront.PriceClass.PRICE_CLASS_100,
minimumProtocolVersion: cloudfront.SecurityPolicyProtocol.TLS_V1_2_2021,
})
new route53.ARecord(this, "AliasRecord", {
zone: myHostedZone,
target: route53.RecordTarget.fromAlias(new route53Targets.CloudFrontTarget(distribution)),
})
new CfnOutput(this, "DistroName", {
value: distribution.distributionDomainName,
description: "Distribution assigned URL",
exportName: "TheAwesomeDistro",
})
}
}
这是日志,我花了 40 分钟才最终停止它
cdk deploy --require-approval never
✨ Synthesis time: 8.7s
stable-project-master: deploying...
[0%] start: Publishing 55f133baccc1d0e4666b88328d51a8c2ff354c919b8e0fa9f045123a19df1b4e:current_account-us-east-1
[0%] start: Publishing f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da:current_account-us-east-1
[0%] start: Publishing 5d842ebd539c808f49a8b3be08177714858f53cfe65e91e756cdc81f128be2df:current_account-us-east-1
[0%] start: Publishing 8d5bc80a7b784529c22a0a120c3cfaf04c72cce506110a3233e7566b4c794f3d:current_account-us-east-1
[25%] success: Published 8d5bc80a7b784529c22a0a120c3cfaf04c72cce506110a3233e7566b4c794f3d:current_account-us-east-1
[50%] success: Published f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da:current_account-us-east-1
[75%] success: Published 55f133baccc1d0e4666b88328d51a8c2ff354c919b8e0fa9f045123a19df1b4e:current_account-us-east-1
[100%] success: Published 5d842ebd539c808f49a8b3be08177714858f53cfe65e91e756cdc81f128be2df:current_account-us-east-1
stable-project-master: creating CloudFormation changeset...
stable-project-master | 0/13 | 5:01:35 PM | REVIEW_IN_PROGRESS | AWS::CloudFormation::Stack | stable-project-master User Initiated
stable-project-master | 0/13 | 5:01:46 PM | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | stable-project-master User Initiated
stable-project-master | 0/13 | 5:01:53 PM | CREATE_IN_PROGRESS | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023)
stable-project-master | 0/13 | 5:01:53 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265) Resource creation Initiated
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata)
stable-project-master | 0/13 | 5:01:55 PM | CREATE_IN_PROGRESS | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12) Resource creation Initiated
stable-project-master | 0/13 | 5:01:56 PM | CREATE_IN_PROGRESS | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866) Resource creation Initiated
stable-project-master | 0/13 | 5:01:56 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) Resource creation Initiated
stable-project-master | 1/13 | 5:01:56 PM | CREATE_COMPLETE | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata)
stable-project-master | 1/13 | 5:02:02 PM | CREATE_IN_PROGRESS | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023) Resource creation Initiated
stable-project-master | 2/13 | 5:02:02 PM | CREATE_COMPLETE | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023)
stable-project-master | 3/13 | 5:02:08 PM | CREATE_COMPLETE | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265)
stable-project-master | 4/13 | 5:02:16 PM | CREATE_COMPLETE | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12)
stable-project-master | 4/13 | 5:02:19 PM | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170)
stable-project-master | 4/13 | 5:02:19 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF)
stable-project-master | 4/13 | 5:02:20 PM | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170) Resource creation Initiated
stable-project-master | 4/13 | 5:02:20 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF) Resource creation Initiated
stable-project-master | 5/13 | 5:02:20 PM | CREATE_COMPLETE | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170)
stable-project-master | 6/13 | 5:02:34 PM | CREATE_COMPLETE | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF)
stable-project-master | 6/13 | 5:02:36 PM | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536)
stable-project-master | 7/13 | 5:02:41 PM | CREATE_COMPLETE | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866)
stable-project-master | 7/13 | 5:02:42 PM | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536) Resource creation Initiated
stable-project-master | 7/13 | 5:02:44 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08)
stable-project-master | 7/13 | 5:02:45 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08) Resource creation Initiated
stable-project-master | 8/13 | 5:02:50 PM | CREATE_COMPLETE | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536)
stable-project-master | 8/13 | 5:02:53 PM | CREATE_IN_PROGRESS | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246)
stable-project-master | 8/13 | 5:03:17 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08) Content of DNS Record is: {Name: _7fc42ea58e43b5091517f04ac34fcd25.stable-dev.example.com.,Type: CNAME,Value: _d637400f04abfa0e752b5feb9e826cd1.qwknvqrlct.acm-validations.aws.}
stable-project-master | 8/13 | 5:03:38 PM | CREATE_IN_PROGRESS | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246) Resource creation Initiated
stable-project-master | 9/13 | 5:03:38 PM | CREATE_COMPLETE | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246)
9/13 Currently in progress: stable-project-master, Certificate4E7ABB08
发生这种情况是因为托管区域必须有正确的记录来验证您的域。您可以使用 CDK 创建托管区域,然后添加所需的记录(由您的域注册商指定)以将域的控制权转移到托管区域。
执行此操作后,它将能够自动使用 DNS 验证证书。
无需手动执行任何操作。