aws-cdk-lib.aws_certificatemanager.CfnCertificate.DomainValidationOptionProperty

interface DomainValidationOptionProperty

LanguageType name
.NETAmazon.CDK.AWS.CertificateManager.CfnCertificate.DomainValidationOptionProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscertificatemanager#CfnCertificate_DomainValidationOptionProperty
Javasoftware.amazon.awscdk.services.certificatemanager.CfnCertificate.DomainValidationOptionProperty
Pythonaws_cdk.aws_certificatemanager.CfnCertificate.DomainValidationOptionProperty
TypeScript aws-cdk-lib » aws_certificatemanager » CfnCertificate » DomainValidationOptionProperty

DomainValidationOption is a property of the AWS::CertificateManager::Certificate resource that specifies the AWS Certificate Manager ( ACM ) certificate domain to validate. Depending on the chosen validation method, ACM checks the domain's DNS record for a validation CNAME, or it attempts to send a validation email message to the domain owner.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_certificatemanager as certificatemanager } from 'aws-cdk-lib';
const domainValidationOptionProperty: certificatemanager.CfnCertificate.DomainValidationOptionProperty = {
  domainName: 'domainName',

  // the properties below are optional
  hostedZoneId: 'hostedZoneId',
  validationDomain: 'validationDomain',
};

Properties

NameTypeDescription
domainNamestringA fully qualified domain name (FQDN) in the certificate request.
hostedZoneId?stringThe HostedZoneId option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record.
validationDomain?stringThe domain name to which you want ACM to send validation emails.

domainName

Type: string

A fully qualified domain name (FQDN) in the certificate request.


hostedZoneId?

Type: string (optional)

The HostedZoneId option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record.

Your list of DomainValidationOptions must contain one and only one of the domain-validation options, and the HostedZoneId can be used only when DNS is specified as your validation method.

Use the Route 53 ListHostedZones API to discover IDs for available hosted zones.

This option is required for publicly trusted certificates.

The ListHostedZones API returns IDs in the format "/hostedzone/Z111111QQQQQQQ", but CloudFormation requires the IDs to be in the format "Z111111QQQQQQQ".

When you change your DomainValidationOptions , a new resource is created.


validationDomain?

Type: string (optional)

The domain name to which you want ACM to send validation emails.

This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the DomainName value or a superdomain of the DomainName value. For example, if you request a certificate for testing.example.com , you can specify example.com as this value. In that case, ACM sends domain validation emails to the following five addresses:

  • admin@example.com
  • administrator@example.com
  • hostmaster@example.com
  • postmaster@example.com
  • webmaster@example.com