@aws-cdk/aws-certificatemanager
Advanced tools
This package provides Constructs for provisioning and referencing certificates which can be used in CloudFront and ELB.
If certificates are created as part of a CloudFormation run, the CloudFormation provisioning will not complete until domain ownership for the certificate is completed. For email validation, this involves receiving an email on one of a number of predefined domains and following the instructions in the email. The email addresses use will be:
DNS validation is possible in ACM, but is not currently available in CloudFormation. A Custom Resource will be developed for this, but is not currently available.
Because of these blocks, it's probably better to provision your certificates either in a separate stack from your main service, or provision them manually. In both cases, you'll import the certificate into your stack afterwards.
Provision a new certificate by creating an instance of Certificate. Email validation will be sent
to example.com:
const certificate = new Certificate(this, 'Certificate', {
domainName: 'test.example.com'
});
Import a certificate either manually, if you know the ARN:
const certificate = Certificate.import(this, 'Certificate', {
certificteArn: new Arn("arn:aws:...")
});
Or use exporting and importing mechanisms between stacks:
const certRef = certStack.certificate.export();
const certificate = Certificate.import(this, 'Certificate', certRef);
We should probably also make a Custom Resource that can looks up the certificate ARN by domain name by querying ACM.
0.9.0 -- 2018-09-10
The headliners of this release are .NET support, and a wealth of commits by external contributors who are stepping up to fix the CDK for their use cases! Thanks all for the effort put into this release!
cdk init template for C# projects ([@mpiroc] in #617, #643).addBuildToPipeline on Project ([@skinny85] in 783dcb3).addToPipeline on Repository ([@skinny85] in #616).InstanceSize.Nano ([@rix0rrr] in #581)extractMetric() helper function ([@rix0rrr] in #676).addToPipeline on Bucket ([@skinny85] in c8b7a49)..ref attributes ([@rix0rrr] in #627).any to Arn, for example) to reduce typing mistakes ([@rix0rrr] in #629).export()/import() capabilities ([@rix0rrr] in #630).QueueRef.encryptionMasterKey readonly ([@RomainMuller] in #650).cdk init ([@rix0rrr] in #587).@aws-cdk/cfnspec: Updated [CloudFormation resource specification] to v2.6.0 ([@RomainMuller] in #594)
New AWS Construct Library
@aws-cdk/aws-sagemaker supports AWS::SageMaker resourcesNew Resource Types
Attribute Changes
Property Changes
AWS::AppSync::DataSource HttpConfig (added)
AWS::DAX::Cluster SSESpecification (added)
AWS::DynamoDB::Table Stream (added)
AWS::DynamoDB::Table AutoScalingSupport (added)
AWS::EC2::VPCEndpoint IsPrivateDnsEnabled (added)
AWS::EC2::VPCEndpoint SecurityGroupIds (added)
AWS::EC2::VPCEndpoint SubnetIds (added)
AWS::EC2::VPCEndpoint VPCEndpointType (added)
AWS::EC2::VPCEndpoint RouteTableIds.DuplicatesAllowed (deleted)
AWS::EC2::VPCPeeringConnection PeerRegion (added)
AWS::EFS::FileSystem ProvisionedThroughputInMibps (added)
AWS::EFS::FileSystem ThroughputMode (added)
AWS::EMR::Cluster KerberosAttributes (added)
AWS::Glue::Classifier JsonClassifier (added)
AWS::Glue::Classifier XMLClassifier (added)
AWS::Glue::Crawler Configuration (added)
AWS::Lambda::Lambda DLQConfigurationSupport (added)
AWS::Neptune::DBInstance DBSubnetGroupName.UpdateType (changed)
AWS::SNS::Subscription DeliveryPolicy (added)
AWS::SNS::Subscription FilterPolicy (added)
AWS::SNS::Subscription RawMessageDelivery (added)
AWS::SNS::Subscription Region (added)
AWS::SQS::Queue Tags (added)
AWS::ServiceDiscovery::Service HealthCheckCustomConfig (added)
Property Type Changes
AWS::AppSync::DataSource.HttpConfig (added)
AWS::DAX::Cluster.SSESpecification (added)
AWS::EMR::Cluster.KerberosAttributes (added)
AWS::Glue::Classifier.JsonClassifier (added)
AWS::Glue::Classifier.XMLClassifier (added)
AWS::ServiceDiscovery::Service.HealthCheckCustomConfig (added)
AWS::CloudFront::Distribution.CacheBehavior FieldLevelEncryptionId (added)
AWS::CloudFront::Distribution.DefaultCacheBehavior FieldLevelEncryptionId (added)
AWS::CodeBuild::Project.Artifacts EncryptionDisabled (added)
AWS::CodeBuild::Project.Artifacts OverrideArtifactName (added)
AWS::CodeBuild::Project.Environment Certificate (added)
AWS::CodeBuild::Project.Source ReportBuildStatus (added)
AWS::ServiceDiscovery::Service.DnsConfig RoutingPolicy (added)
AWS::WAF::WebACL.ActivatedRule Action.Required (changed)
@aws-cdk/cfnspec: Updated Serverless Application Model (SAM) Resource Specification ([@RomainMuller] in #594)
Property Changes
Property Type Changes
AWS::Serverless::Function.SQSEvent (added)
AWS::Serverless::Function.EventSource Properties.Types (changed)
FAQs
The CDK Construct Library for AWS::CertificateManager
The npm package @aws-cdk/aws-certificatemanager receives a total of 73,036 weekly downloads. As such, @aws-cdk/aws-certificatemanager popularity was classified as popular.
We found that @aws-cdk/aws-certificatemanager demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.