x-acm ¶
x-acm:
certificate:
Properties: {}
MacroParameters: {}
Lookup: {}
Define new ACM Certificates (with DNS Validation) or import existing ones that you wish to use with supported AWS services and resources.
Properties ¶
Full support of AWS ACM native properties. Refer to AWS ACM Properties
Hint
If you defined multiple SubjectAlternativeNames names, they will be auto-added to the validation list and use the same ZoneId, so you do not need to list them all in DomainValidationOptions
MacroParameters ¶
This automatically creates the full ACM Certificate definition, and uses DNS validation with AWS CloudFormation. All you have to do is list the domain names that you wish to have in the certificate and the x-route53 or HostedZoneID that you will allow for DNS validation to succeed.
x-acm:
PublicELBCert:
MacroParameters:
DomainNames:
- domain.tld
- sub.domain.tld
HostedZoneId: x-route53::public-domain # Alternatively, you can set the hosted zone ID directly.
x-route53:
public-domain:
ZoneName: domain.tld
Lookup: true
DomainNames ¶
List of the domain names you want to create the ACM Certificate for.
Hint
The first domain name will be used for the CN, and the following ones will be used for SubjectAlternative names
HostedZoneId ¶
The pointer to the x-route53 domain that will allow for DNS Validation. If however you prefer to enter the HostedZoneID directly, you can (or use environment variable).
Attention
That HostedZone ID will be used for all of the Domain Validation.
Services ¶
No need to indicate services to assign the ACM certificate to. Refer to x-elbv2 for mapping to ALB/NLB.
Example ¶
x-acm:
public-acm-01:
Properties:
DomainName: test.lambda-my-aws.io
DomainValidationOptions:
- HostedZoneId: ZABCDEFGHIS0123
DomainName: test.lambda-my-aws.io
SubjectAlternativeNames:
- anothertest.lambda-my-aws.io
- yet.another.test.lambda-my-aws.io
ValidationMethod: DNS
Hint
If you need to specify
x-dns
in the template and provide the
HostedZoneId
which will be used there.
DNS Reference:
dns_reference_syntax
JSON Schema ¶
Model ¶
x-acm ¶
|
x-acm.spec.json |
||||
|
x-acm specification for ECS Cluster |
||||
|
type |
object |
|||
|
properties |
||||
|
x-resources.common.spec.json#/definitions/Lookup |
|||
|
type |
string |
||
|
||||
|
type |
object |
|||
|
x-resources.common.spec.json#/definitions/Settings |
|||
|
type |
object |
||
|
properties |
||||
|
List domain names to generate the certificate for. First in list will be CN |
|||
|
type |
array |
|||
|
items |
type |
string |
||
|
format |
hostname |
|||
|
The ZoneID or x-route53:: pointer to public zone. |
|||
|
type |
string |
|||
|
format |
Z[A-Z0-9]+$|x-route53::[a-zA-Z0-9-_.]+$ |
|||
|
additionalProperties |
False |
|||
|
definitions |
||||
Definition ¶
{
"$schema": "http://json-schema.org/draft-07/schema#",
"id": "x-acm.spec.json",
"$id": "x-acm.spec.json",
"title": "x-acm",
"description": "x-acm specification for ECS Cluster",
"type": "object",
"properties": {
"Lookup": {
"$ref": "x-resources.common.spec.json#/definitions/Lookup"
},
"Use": {
"type": "string"
},
"Properties": {
"type": "object",
"description": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html"
},
"Settings": {
"$ref": "x-resources.common.spec.json#/definitions/Settings"
},
"MacroParameters": {
"type": "object",
"additionalProperties": false,
"required": [
"DomainNames",
"HostedZoneId"
],
"properties": {
"DomainNames": {
"type": "array",
"description": "List domain names to generate the certificate for. First in list will be CN",
"items": {
"type": "string",
"format": "hostname"
}
},
"HostedZoneId": {
"type": "string",
"description": "The ZoneID or x-route53:: pointer to public zone.",
"format": "Z[A-Z0-9]+$|x-route53::[a-zA-Z0-9-_.]+$"
}
}
}
},
"definitions": {}
}
Test files ¶
You can find the test files here to use as reference for your use-case.