in cdk/src/config/config-validator.ts [5:44]
static validateCertificateStack(config: NitroEnclavesAcmStreamlineConfig, isDestroySubcommand: boolean = false): void {
if (!isDestroySubcommand) {
if (!config.certificateConfig.existingCertificateArn) {
if (!config.certificateConfig?.domainName) {
throw new Error('domainName is required in CertificateStack.');
}
if (config.certificateConfig?.isPrivate === undefined) {
throw new Error('isPrivate is required in CertificateStack.');
}
if (config.certificateConfig?.isPrivate) {
// Validation for private certificates
if (!config.certificateConfig.pcaArn) {
throw new Error('pcaArn is required for private certificates in CertificateStack.');
}
if (config.certificateConfig.validationType) {
throw new Error('validationType should not be specified for private certificates in CertificateStack.');
}
if (config.certificateConfig.hostedZoneId) {
throw new Error('hostedZoneId should not be specified for private certificates in CertificateStack.');
}
} else {
if (config.certificateConfig?.pcaArn) {
throw new Error('pcaArn should not be specified for public certificates in CertificateStack.');
}
// Validation for public certificates
if (config.certificateConfig?.hostedZoneId && config.certificateConfig?.validationType) {
throw new Error('validationType should not be specified when Route53 is the DNS provider (hostedZoneId is present) in CertificateStack.');
}
if (!config.certificateConfig?.hostedZoneId && !config.certificateConfig?.validationType) {
throw new Error('Either hostedZoneId or validationType must be specified for public certificates in CertificateStack.');
}
if (config.certificateConfig?.validationType && !['DNS', 'EMAIL'].includes(config.certificateConfig.validationType)) {
throw new Error('validationType must be either "DNS" or "EMAIL" in CertificateStack.');
}
}
}
}
}