aws-cdk-lib.aws_certificatemanager.PrivateCertificate

class PrivateCertificate (construct)

LanguageType name
.NETAmazon.CDK.AWS.CertificateManager.PrivateCertificate
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscertificatemanager#PrivateCertificate
Javasoftware.amazon.awscdk.services.certificatemanager.PrivateCertificate
Pythonaws_cdk.aws_certificatemanager.PrivateCertificate
TypeScript (source)aws-cdk-lib » aws_certificatemanager » PrivateCertificate

Implements IConstruct, IDependable, IResource, ICertificate

A private certificate managed by AWS Certificate Manager.

Example

import * as acmpca from 'aws-cdk-lib/aws-acmpca';

new acm.PrivateCertificate(this, 'PrivateCertificate', {
  domainName: 'test.example.com',
  subjectAlternativeNames: ['cool.example.com', 'test.example.net'], // optional
  certificateAuthority: acmpca.CertificateAuthority.fromCertificateAuthorityArn(this, 'CA',
    'arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/023077d8-2bfa-4eb0-8f22-05c96deade77'),
});

Initializer

new PrivateCertificate(scope: Construct, id: string, props: PrivateCertificateProps)

Parameters

  • scope Construct
  • id string
  • props PrivateCertificateProps

Construct Props

NameTypeDescription
certificateAuthorityICertificateAuthorityPrivate certificate authority (CA) that will be used to issue the certificate.
domainNamestringFully-qualified domain name to request a private certificate for.
subjectAlternativeNames?string[]Alternative domain names on your private certificate.

certificateAuthority

Type: ICertificateAuthority

Private certificate authority (CA) that will be used to issue the certificate.


domainName

Type: string

Fully-qualified domain name to request a private certificate for.

May contain wildcards, such as *.domain.com.


subjectAlternativeNames?

Type: string[] (optional, default: No additional FQDNs will be included as alternative domain names.)

Alternative domain names on your private certificate.

Use this to register alternative domain names that represent the same site.

Properties

NameTypeDescription
certificateArnstringThe certificate's ARN.
envResourceEnvironmentThe environment this resource belongs to.
nodeNodeThe tree node.
stackStackThe stack in which this resource is defined.
region?stringIf the certificate is provisionned in a different region than the containing stack, this should be the region in which the certificate lives so we can correctly create Metric instances.

certificateArn

Type: string

The certificate's ARN.


env

Type: ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


node

Type: Node

The tree node.


stack

Type: Stack

The stack in which this resource is defined.


region?

Type: string (optional)

If the certificate is provisionned in a different region than the containing stack, this should be the region in which the certificate lives so we can correctly create Metric instances.

Methods

NameDescription
applyRemovalPolicy(policy)Apply the given removal policy to this resource.
metricDaysToExpiry(props?)Return the DaysToExpiry metric for this AWS Certificate Manager Certificate. By default, this is the minimum value over 1 day.
toString()Returns a string representation of this construct.
static fromCertificateArn(scope, id, certificateArn)Import a certificate.

applyRemovalPolicy(policy)

public applyRemovalPolicy(policy: RemovalPolicy): void

Parameters

  • policy RemovalPolicy

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


metricDaysToExpiry(props?)

public metricDaysToExpiry(props?: MetricOptions): Metric

Parameters

  • props MetricOptions

Returns

  • Metric

Return the DaysToExpiry metric for this AWS Certificate Manager Certificate. By default, this is the minimum value over 1 day.

This metric is no longer emitted once the certificate has effectively expired, so alarms configured on this metric should probably treat missing data as "breaching".


toString()

public toString(): string

Returns

  • string

Returns a string representation of this construct.


static fromCertificateArn(scope, id, certificateArn)

public static fromCertificateArn(scope: Construct, id: string, certificateArn: string): ICertificate

Parameters

  • scope Construct
  • id string
  • certificateArn string

Returns

  • ICertificate

Import a certificate.