Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
@aws-cdk/aws-certificatemanager
Advanced tools
This package provides Constructs for provisioning and referencing certificates which can be used in CloudFront and ELB.
If certificates are created as part of a CloudFormation run, the CloudFormation provisioning will not complete until domain ownership for the certificate is completed. For email validation, this involves receiving an email on one of a number of predefined domains and following the instructions in the email. The email addresses use will be:
DNS validation is possible in ACM, but is not currently available in CloudFormation. A Custom Resource will be developed for this, but is not currently available.
Because of these blocks, it's probably better to provision your certificates either in a separate stack from your main service, or provision them manually. In both cases, you'll import the certificate into your stack afterwards.
Provision a new certificate by creating an instance of Certificate
. Email validation will be sent
to example.com
:
const certificate = new Certificate(this, 'Certificate', {
domainName: 'test.example.com'
});
Import a certificate either manually, if you know the ARN:
const certificate = Certificate.import(this, 'Certificate', {
certificteArn: "arn:aws:..."
});
Or use exporting and importing mechanisms between stacks:
const certRef = certStack.certificate.export();
const certificate = Certificate.import(this, 'Certificate', certRef);
We should probably also make a Custom Resource that can looks up the certificate ARN by domain name by querying ACM.
0.10.0 (2018-09-27)
This release introduces a better way to "escape" L2 constructs in case of missing features by adding the ability to add arbitrary overrides for resource properties:
const bucket = new s3.Bucket(this, 'L2Bucket');
// access L1
const bucketResource = bucket.findChild('Resource') as s3.cloudformation.BucketResource;
// strongly-typed overrides
bucketResource.propertyOverrides.bucketName = 'NewBucketName';
// weakly-typed overrides
bucketResource.addPropertyOverride('BucketName', 'NewerBucketName');
TagManager
has changed. initialTags
is now passed inside a props object.@aws-cdk/util
is no longer available@aws-cdk/cfnspec: Updated [CloudFormation resource specification] to v2.8.0
([@RomainMuller] in #767)
New Construct Libraries
@aws-cdk/aws-amazonmq
@aws-cdk/aws-iot1click
New Resource Types
Attribute Changes
Property Changes
AWS::ApiGateway::Deployment DeploymentCanarySettings (added)
AWS::ApiGateway::Method AuthorizationScopes (added)
AWS::ApiGateway::Stage AccessLogSetting (added)
AWS::ApiGateway::Stage CanarySetting (added)
AWS::AutoScaling::AutoScalingGroup LaunchTemplate (added)
AWS::CodeBuild::Project LogsConfig (added)
AWS::CodeBuild::Project SecondaryArtifacts (added)
AWS::CodeBuild::Project SecondarySources (added)
AWS::CodeDeploy::DeploymentGroup Ec2TagSet (added)
AWS::CodeDeploy::DeploymentGroup OnPremisesTagSet (added)
AWS::EC2::FlowLog LogDestination (added)
AWS::EC2::FlowLog LogDestinationType (added)
AWS::EC2::FlowLog DeliverLogsPermissionArn.Required (changed)
AWS::EC2::FlowLog LogGroupName.Required (changed)
AWS::EC2::VPCEndpoint IsPrivateDnsEnabled (deleted)
AWS::EC2::VPCEndpoint PrivateDnsEnabled (added)
AWS::EC2::VPCEndpoint RouteTableIds.DuplicatesAllowed (added)
AWS::EC2::VPCEndpoint SecurityGroupIds.DuplicatesAllowed (added)
AWS::EC2::VPCEndpoint SubnetIds.DuplicatesAllowed (added)
AWS::EC2::VPCEndpoint VPCEndpointType.UpdateType (changed)
AWS::ECS::Service SchedulingStrategy (added)
AWS::ECS::Service ServiceRegistries.UpdateType (changed)
AWS::ElastiCache::ReplicationGroup NodeGroupConfiguration.UpdateType (changed)
AWS::ElastiCache::ReplicationGroup NumNodeGroups.UpdateType (changed)
AWS::RDS::DBCluster EngineMode (added)
AWS::RDS::DBCluster ScalingConfiguration (added)
AWS::SageMaker::NotebookInstance LifecycleConfigName.UpdateType (changed)
Property Type Changes
AWS::ApiGateway::Deployment.AccessLogSetting (added)
AWS::ApiGateway::Deployment.CanarySetting (added)
AWS::ApiGateway::Deployment.DeploymentCanarySettings (added)
AWS::ApiGateway::Stage.AccessLogSetting (added)
AWS::ApiGateway::Stage.CanarySetting (added)
AWS::AutoScaling::AutoScalingGroup.LaunchTemplateSpecification (added)
AWS::CodeBuild::Project.CloudWatchLogsConfig (added)
AWS::CodeBuild::Project.LogsConfig (added)
AWS::CodeBuild::Project.S3LogsConfig (added)
AWS::CodeDeploy::DeploymentGroup.EC2TagSet (added)
AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject (added)
AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet (added)
AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject (added)
AWS::EC2::SpotFleet.ClassicLoadBalancer (added)
AWS::EC2::SpotFleet.ClassicLoadBalancersConfig (added)
AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification (added)
AWS::EC2::SpotFleet.LaunchTemplateConfig (added)
AWS::EC2::SpotFleet.LaunchTemplateOverrides (added)
AWS::EC2::SpotFleet.LoadBalancersConfig (added)
AWS::EC2::SpotFleet.TargetGroup (added)
AWS::EC2::SpotFleet.TargetGroupsConfig (added)
AWS::ECS::TaskDefinition.DockerVolumeConfiguration (added)
AWS::ECS::TaskDefinition.RepositoryCredentials (added)
AWS::ECS::TaskDefinition.Tmpfs (added)
AWS::Events::Rule.SqsParameters (added)
AWS::RDS::DBCluster.ScalingConfiguration (added)
AWS::ApiGateway::Deployment.StageDescription AccessLogSetting (added)
AWS::ApiGateway::Deployment.StageDescription CanarySetting (added)
AWS::ApiGateway::Method.Integration ConnectionId (added)
AWS::ApiGateway::Method.Integration ConnectionType (added)
AWS::ApiGateway::Method.Integration TimeoutInMillis (added)
AWS::ApiGateway::UsagePlan.ApiStage Throttle (added)
AWS::CodeBuild::Project.Artifacts ArtifactIdentifier (added)
AWS::CodeBuild::Project.Source SourceIdentifier (added)
AWS::CodeBuild::Project.VpcConfig SecurityGroupIds.Required (changed)
AWS::CodeBuild::Project.VpcConfig Subnets.Required (changed)
AWS::CodeBuild::Project.VpcConfig VpcId.Required (changed)
AWS::CodeDeploy::DeploymentGroup.EC2TagFilter Key.Documentation (changed)
AWS::CodeDeploy::DeploymentGroup.EC2TagFilter Type.Documentation (changed)
AWS::CodeDeploy::DeploymentGroup.EC2TagFilter Value.Documentation (changed)
AWS::CodeDeploy::DeploymentGroup.TagFilter Key.Documentation (changed)
AWS::CodeDeploy::DeploymentGroup.TagFilter Type.Documentation (changed)
AWS::CodeDeploy::DeploymentGroup.TagFilter Value.Documentation (changed)
AWS::EC2::SpotFleet.SpotFleetRequestConfigData InstanceInterruptionBehavior (added)
AWS::EC2::SpotFleet.SpotFleetRequestConfigData LaunchTemplateConfigs (added)
AWS::EC2::SpotFleet.SpotFleetRequestConfigData LoadBalancersConfig (added)
AWS::EC2::SpotFleet.SpotPlacement Tenancy (added)
AWS::ECS::Service.ServiceRegistry ContainerName (added)
AWS::ECS::Service.ServiceRegistry ContainerPort (added)
AWS::ECS::Service.ServiceRegistry Port.UpdateType (changed)
AWS::ECS::Service.ServiceRegistry RegistryArn.UpdateType (changed)
AWS::ECS::TaskDefinition.ContainerDefinition RepositoryCredentials (added)
AWS::ECS::TaskDefinition.LinuxParameters SharedMemorySize (added)
AWS::ECS::TaskDefinition.LinuxParameters Tmpfs (added)
AWS::ECS::TaskDefinition.Volume DockerVolumeConfiguration (added)
AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration NodeGroupId (added)
AWS::Events::Rule.Target SqsParameters (added)
AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.DuplicatesAllowed (added)
AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.ItemType (added)
AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.Type (changed)
FAQs
The CDK Construct Library for AWS::CertificateManager
The npm package @aws-cdk/aws-certificatemanager receives a total of 57,122 weekly downloads. As such, @aws-cdk/aws-certificatemanager popularity was classified as popular.
We found that @aws-cdk/aws-certificatemanager demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.