feat: add region arg to certificate v2 component

src/v2/components/acm-certificate/index.ts

@@ -10,6 +10,7 @@ export namespace AcmCertificate {
      */
     subjectAlternativeNames?: pulumi.Input<string>[];
     hostedZoneId: pulumi.Input<string>;
+    region?: pulumi.Input<string>;
   };
 }
 
@@ -29,19 +30,25 @@ export class AcmCertificate extends pulumi.ComponentResource {
         domainName: args.domain,
         subjectAlternativeNames: args.subjectAlternativeNames,
         validationMethod: 'DNS',
+        region: args.region,
         tags: commonTags,
       },
       { parent: this },
     );
 
-    this.createCertValidationRecords(args.domain, args.hostedZoneId);
+    this.createCertValidationRecords(
+      args.domain,
+      args.hostedZoneId,
+      args.region,
+    );
 
     this.registerOutputs();
   }
 
   private createCertValidationRecords(
     domainName: AcmCertificate.Args['domain'],
     hostedZoneId: AcmCertificate.Args['hostedZoneId'],
+    region: AcmCertificate.Args['region'],
   ) {
     this.certificate.domainValidationOptions.apply(domains => {
       const validationRecords = domains.map(
@@ -67,6 +74,7 @@ export class AcmCertificate extends pulumi.ComponentResource {
         {
           certificateArn: this.certificate.arn,
           validationRecordFqdns: validationRecords.map(record => record.fqdn),
+          region,
         },
         { parent: this },
       );

tests/acm-certificate/index.test.ts

@@ -1,3 +1,4 @@
+import { alternateRegion } from './infrastructure/config';
 import * as assert from 'node:assert';
 import * as automation from '../automation';
 import { InlineProgramArgs } from '@pulumi/pulumi/automation';
@@ -37,6 +38,7 @@ const ctx: AcmCertificateTestContext = {
   },
   clients: {
     acm: new ACMClient({ region }),
+    acmAlternateRegion: new ACMClient({ region: alternateRegion }),
     route53: new Route53Client({ region }),
   },
 };
@@ -139,4 +141,21 @@ describe('ACM Certificate component deployment', () => {
       'Certificate should include all expected domains',
     );
   });
+
+  it('should create certificate in alternate region', async () => {
+    const certificate = ctx.outputs.regionCertificate.value;
+    assert.ok(certificate.certificate, 'Should have certificate property');
+    assert.ok(certificate.certificate.arn, 'Certificate should have ARN');
+
+    return backOff(async () => {
+      const certResult = await ctx.clients.acmAlternateRegion.send(
+        new DescribeCertificateCommand({
+          CertificateArn: certificate.certificate.arn,
+        }),
+      );
+
+      const cert = certResult.Certificate;
+      assert.ok(cert, 'Certificate should exist');
+    }, ctx.config.exponentialBackOffConfig);
+  });
 });

tests/acm-certificate/infrastructure/config.ts

@@ -0,0 +1,2 @@
+export const alternateRegion =
+  process.env.AWS_REGION === 'eu-central-1' ? 'us-west-1' : 'eu-central-1';

tests/acm-certificate/infrastructure/index.ts

@@ -1,5 +1,6 @@
 import { next as studion } from '@studion/infra-code-blocks';
 import * as aws from '@pulumi/aws-v7';
+import { alternateRegion } from './config';
 
 const appName = 'acm-certificate-test';
 
@@ -24,4 +25,10 @@ const sanCertificate = new studion.AcmCertificate(
   },
 );
 
-export { certificate, sanCertificate, hostedZone };
+const regionCertificate = new studion.AcmCertificate(`${appName}-region-cert`, {
+  domain: `region.${domainName}`,
+  hostedZoneId: hostedZone.zoneId,
+  region: alternateRegion,
+});
+
+export { certificate, sanCertificate, regionCertificate, hostedZone };

tests/acm-certificate/test-context.ts

@@ -24,6 +24,7 @@ interface PulumiProgramContext {
 interface AwsContext {
   clients: {
     acm: ACMClient;
+    acmAlternateRegion: ACMClient;
     route53: Route53Client;
   };
 }