UNPKG

@aws-cdk/aws-certificatemanager

Version:

The CDK Construct Library for AWS::CertificateManager

github.com/aws/aws-cdk

aws/aws-cdk

187 lines (186 loc) 5.74 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; import * as route53 from '@aws-cdk/aws-route53'; import { IResource } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CertificateBase } from './certificate-base'; /** * Represents a certificate in AWS Certificate Manager */ export interface ICertificate extends IResource { /** * The certificate's ARN * * @attribute */ readonly certificateArn: string; /** * Return the DaysToExpiry metric for this AWS Certificate Manager * Certificate. By default, this is the minimum value over 1 day. * * This metric is no longer emitted once the certificate has effectively * expired, so alarms configured on this metric should probably treat missing * data as "breaching". */ metricDaysToExpiry(props?: cloudwatch.MetricOptions): cloudwatch.Metric; } /** * Properties for your certificate */ export interface CertificateProps { /** * Fully-qualified domain name to request a certificate for. * * May contain wildcards, such as ``*.domain.com``. */ readonly domainName: string; /** * Alternative domain names on your certificate. * * Use this to register alternative domain names that represent the same site. * * @default - No additional FQDNs will be included as alternative domain names. */ readonly subjectAlternativeNames?: string[]; /** * What validation domain to use for every requested domain. * * Has to be a superdomain of the requested domain. * * @default - Apex domain is used for every domain that's not overridden. * @deprecated use `validation` instead. */ readonly validationDomains?: { [domainName: string]: string; }; /** * Validation method used to assert domain ownership * * @default ValidationMethod.EMAIL * @deprecated use `validation` instead. */ readonly validationMethod?: ValidationMethod; /** * How to validate this certificate * * @default CertificateValidation.fromEmail() */ readonly validation?: CertificateValidation; } /** * Properties for certificate validation */ export interface CertificationValidationProps { /** * Validation method * * @default ValidationMethod.EMAIL */ readonly method?: ValidationMethod; /** * Hosted zone to use for DNS validation * * @default - use email validation */ readonly hostedZone?: route53.IHostedZone; /** * A map of hosted zones to use for DNS validation * * @default - use `hostedZone` */ readonly hostedZones?: { [domainName: string]: route53.IHostedZone; }; /** * Validation domains to use for email validation * * @default - Apex domain */ readonly validationDomains?: { [domainName: string]: string; }; } /** * How to validate a certificate */ export declare class CertificateValidation { readonly props: CertificationValidationProps; /** * Validate the certificate with DNS * * IMPORTANT: If `hostedZone` is not specified, DNS records must be added * manually and the stack will not complete creating until the records are * added. * * @param hostedZone the hosted zone where DNS records must be created */ static fromDns(hostedZone?: route53.IHostedZone): CertificateValidation; /** * Validate the certificate with automatically created DNS records in multiple * Amazon Route 53 hosted zones. * * @param hostedZones a map of hosted zones where DNS records must be created * for the domains in the certificate */ static fromDnsMultiZone(hostedZones: { [domainName: string]: route53.IHostedZone; }): CertificateValidation; /** * Validate the certificate with Email * * IMPORTANT: if you are creating a certificate as part of your stack, the stack * will not complete creating until you read and follow the instructions in the * email that you will receive. * * ACM will send validation emails to the following addresses: * * admin@domain.com * administrator@domain.com * hostmaster@domain.com * postmaster@domain.com * webmaster@domain.com * * For every domain that you register. * * @param validationDomains a map of validation domains to use for domains in the certificate */ static fromEmail(validationDomains?: { [domainName: string]: string; }): CertificateValidation; /** * The validation method */ readonly method: ValidationMethod; /** @param props Certification validation properties */ private constructor(); } /** * A certificate managed by AWS Certificate Manager */ export declare class Certificate extends CertificateBase implements ICertificate { /** * Import a certificate */ static fromCertificateArn(scope: Construct, id: string, certificateArn: string): ICertificate; /** * The certificate's ARN */ readonly certificateArn: string; constructor(scope: Construct, id: string, props: CertificateProps); } /** * Method used to assert ownership of the domain */ export declare enum ValidationMethod { /** * Send email to a number of email addresses associated with the domain * * @see https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html */ EMAIL = "EMAIL", /** * Validate ownership by adding appropriate DNS records * * @see https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html */ DNS = "DNS" }