JSPM

@aws-cdk/aws-certificatemanager

1.50.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 49947
  • Score
    100M100P100Q22217F
  • License Apache-2.0

The CDK Construct Library for AWS::CertificateManager

Package Exports

  • @aws-cdk/aws-certificatemanager

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@aws-cdk/aws-certificatemanager) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

AWS Certificate Manager Construct Library

cfn-resources: Stable

cdk-constructs: Stable

This package provides Constructs for provisioning and referencing certificates which can be used in CloudFront and ELB.

The following requests a certificate for a given domain:

request a certificate example

After requesting a certificate, you will need to prove that you own the domain in question before the certificate will be granted. The CloudFormation deployment will wait until this verification process has been completed.

Because of this wait time, it's better to provision your certificates either in a separate stack from your main service, or provision them manually and import them into your CDK application.

The CDK also provides a custom resource which can be used for automatic validation if the DNS records for the domain are managed through Route53 (see below).

Email validation

Email-validated certificates (the default) are validated by receiving an email on one of a number of predefined domains and following the instructions in the email.

See Validate with Email in the AWS Certificate Manager User Guide.

DNS validation

DNS-validated certificates are validated by configuring appropriate DNS records for your domain.

See Validate with DNS in the AWS Certificate Manager User Guide.

Automatic DNS-validated certificates using Route53

The DnsValidatedCertificateRequest class provides a Custom Resource by which you can request a TLS certificate from AWS Certificate Manager that is automatically validated using a cryptographically secure DNS record. For this to work, there must be a Route 53 public zone that is responsible for serving records under the Domain Name of the requested certificate. For example, if you request a certificate for www.example.com, there must be a Route 53 public zone example.com that provides authoritative records for the domain.

Example:

request a validated certificate example

Importing

If you want to import an existing certificate, you can do so from its ARN:

const arn = "arn:aws:...";
const certificate = Certificate.fromCertificateArn(this, 'Certificate', arn);

Sharing between Stacks

To share the certificate between stacks in the same CDK application, simply pass the Certificate object between the stacks.