
Table of Contents
This serverless plugin creates certificates that you need for your custom domains in API Gateway.
Use this in your CICD flow to automatically create a certificate, create the necessary route53 recordsets to validate the certificate with Dns-Validation and finally wait until the certificate has been validated.
Serverless Framework
This package is made for the serverless framework.
You can install it like this:
npm install -g serverless
npm update -g serverless
Check out their getting started guide for more information here.
Usage Requirements
Make sure you have the following installed before starting:
npm i serverless-certificate-creator --save-dev
open serverless.yml and add the following:
- serverless-certificate-creator
certificateName: '' //required
idempotencyToken: 'abcsomedomainio' //optional
hostedZoneName: '' //required if hostedZoneId is not set
hostedZoneId: 'XXXXXXXXX' //required if hostedZoneName is not set
writeCertInfoToFile: false // optional default is false. if you set it to true you will get a new file (after executing serverless create-cert), that contains certificate info that you can use in your deploy pipeline
certInfoFileName: 'cert-info.yml' // optional, only used when writeCertInfoToFile is set to true. It sets the name of the file containing the cert info
region: eu-west-1 // optional - default is us-east-1 which is required for custom api gateway domains of Type Edge (default)
now you can run:
serverless create-cert
Combine with serverless-domain-manager
If you combine this plugin with serverless-domain-manager you can automate the complete process of creating a custom domain with a certificate.
I found serverless-domain-manager very useful but i also wanted to be able to automatically create the certificate for the newly generated custom domain.
Install the plugins:
npm i serverless-certificate-creator --save-dev
npm i serverless-domain-manager --save-dev
Open serverless.yml and add the following:
- serverless-certificate-creator
- serverless-domain-manager
certificateName: ''
basePath: ''
stage: ${self:provider.stage}
createRoute53Record: true
certificateName: '' //required
idempotencyToken: 'abcsomedomainio' //optional
hostedZoneName: '' //required if hostedZoneId is not set
hostedZoneId: 'XXXXXXXXX' //required if hostedZoneName is not set
region: eu-west-1 // optional - default is us-east-1 which is required for custom api gateway domains of Type Edge (default)
enabled: true // optional - default is true. For some stages you may not want to use certificates (and custom domains associated with it).
Now you can run:
serverless create-cert
serverless create_domain
Please make sure to check out the complete sample project here.
Copyright (c) 2018 Bastian Töpfer, contributors.
Released under the MIT license.