aws-cdk-lib.aws_certificatemanager.CertificateProps

interface CertificateProps

LanguageType name
.NETAmazon.CDK.AWS.CertificateManager.CertificateProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscertificatemanager#CertificateProps
Javasoftware.amazon.awscdk.services.certificatemanager.CertificateProps
Pythonaws_cdk.aws_certificatemanager.CertificateProps
TypeScript (source)aws-cdk-lib » aws_certificatemanager » CertificateProps

Properties for your certificate.

Example

const exampleCom = new route53.HostedZone(this, 'ExampleCom', {
  zoneName: 'example.com',
});
const exampleNet = new route53.HostedZone(this, 'ExampleNet', {
  zoneName: 'example.net',
});

const cert = new acm.Certificate(this, 'Certificate', {
  domainName: 'test.example.com',
  subjectAlternativeNames: ['cool.example.com', 'test.example.net'],
  validation: acm.CertificateValidation.fromDnsMultiZone({
    'test.example.com': exampleCom,
    'cool.example.com': exampleCom,
    'test.example.net': exampleNet,
  }),
});

Properties

NameTypeDescription
domainNamestringFully-qualified domain name to request a certificate for.
certificateName?stringThe Certifcate name.
subjectAlternativeNames?string[]Alternative domain names on your certificate.
transparencyLoggingEnabled?booleanEnable or disable transparency logging for this certificate.
validation?CertificateValidationHow to validate this certificate.

domainName

Type: string

Fully-qualified domain name to request a certificate for.

May contain wildcards, such as *.domain.com.


certificateName?

Type: string (optional, default: the full, absolute path of this construct)

The Certifcate name.

Since the Certifcate resource doesn't support providing a physical name, the value provided here will be recorded in the Name tag


subjectAlternativeNames?

Type: string[] (optional, default: No additional FQDNs will be included as alternative domain names.)

Alternative domain names on your certificate.

Use this to register alternative domain names that represent the same site.


transparencyLoggingEnabled?

Type: boolean (optional, default: true)

Enable or disable transparency logging for this certificate.

Once a certificate has been logged, it cannot be removed from the log. Opting out at that point will have no effect. If you opt out of logging when you request a certificate and then choose later to opt back in, your certificate will not be logged until it is renewed. If you want the certificate to be logged immediately, we recommend that you issue a new one.

See also: https://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency


validation?

Type: CertificateValidation (optional, default: CertificateValidation.fromEmail())

How to validate this certificate.