Additional domains with EKS load balancers
We have a service deployed in EKS (reference architecture) and we have a need to add a cname from an external domain. I think I see a way to customize our k8s service module to add additional host aliases, but I think we'll run into issues with the SSL certificate. Is there a way to add SAN support + externally managed certs to the load balancer?
ALBs support multiple certificates and you can attach those to the ALB created by the `Ingress` resource using `alb_acm_certificate_arns` input variable in the `k8s-service` module. However, the ALB certificates have to be managed by ACM, so you either have to import your existing certificate (with the cert private key) to ACM or provision a new certificate for the additional domain name. You could also reprovision your existing certificate to a wildcard/SAN certificate, but the external domain owner still has to verify your certificate request.