serverless-certificate-creator
Table of Contents
Description
This serverless plugin creates certificates that you need for your custom domains in API Gateway.
Use this in your CICD flow to automatically create a certificate, create the necessary route53 recordsets to validate the certificate with Dns-Validation and finally wait until the certificate has been validated.
Serverless Framework
This package is made for the serverless framework.
You can install it like this:
npm install -g serverless
npm update -g serverless
Check out their getting started guide for more information here.
Usage Requirements
Make sure you have the following installed before starting:
Usage
npm i serverless-certificate-creator --save-dev
open serverless.yml and add the following:
plugins:
- serverless-certificate-creator
...
custom:
customCertificate:
//required
certificateName: 'abc.somedomain.io'
//optional
idempotencyToken: 'abcsomedomainio'
//required if hostedZoneId is not set
hostedZoneName: 'somedomain.io.'
//required if hostedZoneName is not set
hostedZoneId: 'XXXXXXXXX'
// optional default is false. if you set it to true you will get a new file (after executing serverless create-cert), that contains certificate info that you can use in your deploy pipeline
writeCertInfoToFile: false
// optional, only used when writeCertInfoToFile is set to true. It sets the name of the file containing the cert info
certInfoFileName: 'cert-info.yml'
// optional - default is us-east-1 which is required for custom api gateway domains of Type Edge (default)
region: eu-west-1
//optional - see SubjectAlternativeNames https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/ACM.html#requestCertificate-property
subjectAlternativeNames :
- 'www.somedomain.io'
- 'def.somedomain.io'
now you can run:
serverless create-cert
Combine with serverless-domain-manager
If you combine this plugin with serverless-domain-manager you can automate the complete process of creating a custom domain with a certificate.
I found serverless-domain-manager very useful but i also wanted to be able to automatically create the certificate for the newly generated custom domain.
Examples
Install the plugins:
npm i serverless-certificate-creator --save-dev
npm i serverless-domain-manager --save-dev
Open serverless.yml and add the following:
plugins:
- serverless-certificate-creator
- serverless-domain-manager
...
custom:
customDomain:
domainName: abc.somedomain.io
certificateName: 'abc.somedomain.io'
basePath: ''
stage: ${self:provider.stage}
createRoute53Record: true
customCertificate:
certificateName: 'abc.somedomain.io' //required
idempotencyToken: 'abcsomedomainio' //optional
hostedZoneName: 'somedomain.io.' //required if hostedZoneId is not set
hostedZoneId: 'XXXXXXXXX' //required if hostedZoneName is not set
region: eu-west-1 // optional - default is us-east-1 which is required for custom api gateway domains of Type Edge (default)
enabled: true // optional - default is true. For some stages you may not want to use certificates (and custom domains associated with it).
Now you can run:
serverless create-cert
serverless create_domain
Please make sure to check out the complete sample project here.
License
Copyright (c) 2018 Bastian Töpfer, contributors.
Released under the MIT license.