Class: AWSCDK::CertificateManager::DNSValidatedCertificateProps
- Inherits:
-
CertificateProps
- Object
- CertificateProps
- AWSCDK::CertificateManager::DNSValidatedCertificateProps
- Defined in:
- certificate_manager/dns_validated_certificate_props.rb
Overview
Properties to create a DNS validated certificate managed by AWS Certificate Manager.
Instance Attribute Summary collapse
-
#allow_export ⇒ Boolean?
readonly
Enable or disable export of this certificate.
-
#certificate_name ⇒ String?
readonly
The Certificate name.
-
#cleanup_route53_records ⇒ Boolean?
readonly
When set to true, when the DnsValidatedCertificate is deleted, the associated Route53 validation records are removed.
-
#custom_resource_role ⇒ AWSCDK::IAM::IRole?
readonly
Role to use for the custom resource that creates the validated certificate.
-
#domain_name ⇒ String
readonly
Fully-qualified domain name to request a certificate for.
-
#hosted_zone ⇒ AWSCDK::Route53::IHostedZone
readonly
Route 53 Hosted Zone used to perform DNS validation of the request.
-
#key_algorithm ⇒ AWSCDK::CertificateManager::KeyAlgorithm?
readonly
Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
-
#region ⇒ String?
readonly
AWS region that will host the certificate.
-
#route53_endpoint ⇒ String?
readonly
An endpoint of Route53 service, which is not necessary as AWS SDK could figure out the right endpoints for most regions, but for some regions such as those in aws-cn partition, the default endpoint is not working now, hence the right endpoint need to be specified through this prop.
-
#subject_alternative_names ⇒ Array<String>?
readonly
Alternative domain names on your certificate.
-
#transparency_logging_enabled ⇒ Boolean?
readonly
Enable or disable transparency logging for this certificate.
-
#validation ⇒ AWSCDK::CertificateManager::CertificateValidation?
readonly
How to validate this certificate.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(domain_name:, allow_export: nil, certificate_name: nil, key_algorithm: nil, subject_alternative_names: nil, transparency_logging_enabled: nil, validation: nil, hosted_zone:, cleanup_route53_records: nil, custom_resource_role: nil, region: nil, route53_endpoint: nil) ⇒ DNSValidatedCertificateProps
constructor
A new instance of DNSValidatedCertificateProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(domain_name:, allow_export: nil, certificate_name: nil, key_algorithm: nil, subject_alternative_names: nil, transparency_logging_enabled: nil, validation: nil, hosted_zone:, cleanup_route53_records: nil, custom_resource_role: nil, region: nil, route53_endpoint: nil) ⇒ DNSValidatedCertificateProps
Returns a new instance of DNSValidatedCertificateProps.
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 19 def initialize(domain_name:, allow_export: nil, certificate_name: nil, key_algorithm: nil, subject_alternative_names: nil, transparency_logging_enabled: nil, validation: nil, hosted_zone:, cleanup_route53_records: nil, custom_resource_role: nil, region: nil, route53_endpoint: nil) @domain_name = domain_name Jsii::Type.check_type(@domain_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "domainName") @allow_export = allow_export Jsii::Type.check_type(@allow_export, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "allowExport") unless @allow_export.nil? @certificate_name = certificate_name Jsii::Type.check_type(@certificate_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "certificateName") unless @certificate_name.nil? @key_algorithm = key_algorithm Jsii::Type.check_type(@key_algorithm, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2VydGlmaWNhdGVtYW5hZ2VyLktleUFsZ29yaXRobSJ9")), "keyAlgorithm") unless @key_algorithm.nil? @subject_alternative_names = subject_alternative_names Jsii::Type.check_type(@subject_alternative_names, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "subjectAlternativeNames") unless @subject_alternative_names.nil? @transparency_logging_enabled = transparency_logging_enabled Jsii::Type.check_type(@transparency_logging_enabled, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "transparencyLoggingEnabled") unless @transparency_logging_enabled.nil? @validation = validation Jsii::Type.check_type(@validation, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2VydGlmaWNhdGVtYW5hZ2VyLkNlcnRpZmljYXRlVmFsaWRhdGlvbiJ9")), "validation") unless @validation.nil? @hosted_zone = hosted_zone Jsii::Type.check_type(@hosted_zone, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfcm91dGU1My5JSG9zdGVkWm9uZSJ9")), "hostedZone") @cleanup_route53_records = cleanup_route53_records Jsii::Type.check_type(@cleanup_route53_records, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "cleanupRoute53Records") unless @cleanup_route53_records.nil? @custom_resource_role = custom_resource_role Jsii::Type.check_type(@custom_resource_role, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklSb2xlIn0=")), "customResourceRole") unless @custom_resource_role.nil? @region = region Jsii::Type.check_type(@region, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "region") unless @region.nil? @route53_endpoint = route53_endpoint Jsii::Type.check_type(@route53_endpoint, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "route53Endpoint") unless @route53_endpoint.nil? end |
Instance Attribute Details
#allow_export ⇒ Boolean? (readonly)
Default: false
Enable or disable export of this certificate.
If you issue an exportable public certificate, there is a charge at certificate issuance and again when the certificate renews. Ref: https://aws.amazon.com/certificate-manager/pricing
59 60 61 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 59 def allow_export @allow_export end |
#certificate_name ⇒ String? (readonly)
Default: the full, absolute path of this construct
The Certificate name.
Since the Certificate resource doesn't support providing a physical name, the value provided here will be recorded in the Name tag
66 67 68 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 66 def certificate_name @certificate_name end |
#cleanup_route53_records ⇒ Boolean? (readonly)
Default: false
When set to true, when the DnsValidatedCertificate is deleted, the associated Route53 validation records are removed.
CAUTION: If multiple certificates share the same domains (and same validation records), this can cause the other certificates to fail renewal and/or not validate. Not recommended for production use.
112 113 114 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 112 def cleanup_route53_records @cleanup_route53_records end |
#custom_resource_role ⇒ AWSCDK::IAM::IRole? (readonly)
Default: - A new role will be created
Role to use for the custom resource that creates the validated certificate.
117 118 119 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 117 def custom_resource_role @custom_resource_role end |
#domain_name ⇒ String (readonly)
Fully-qualified domain name to request a certificate for.
May contain wildcards, such as *.domain.com.
51 52 53 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 51 def domain_name @domain_name end |
#hosted_zone ⇒ AWSCDK::Route53::IHostedZone (readonly)
Route 53 Hosted Zone used to perform DNS validation of the request.
The zone must be authoritative for the domain name specified in the Certificate Request.
103 104 105 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 103 def hosted_zone @hosted_zone end |
#key_algorithm ⇒ AWSCDK::CertificateManager::KeyAlgorithm? (readonly)
Default: KeyAlgorithm.RSA_2048
Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
72 73 74 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 72 def key_algorithm @key_algorithm end |
#region ⇒ String? (readonly)
Default: the region the stack is deployed in.
AWS region that will host the certificate.
This is needed especially for certificates used for CloudFront distributions, which require the region to be us-east-1.
126 127 128 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 126 def region @region end |
#route53_endpoint ⇒ String? (readonly)
Default: - The AWS SDK will determine the Route53 endpoint to use based on region
An endpoint of Route53 service, which is not necessary as AWS SDK could figure out the right endpoints for most regions, but for some regions such as those in aws-cn partition, the default endpoint is not working now, hence the right endpoint need to be specified through this prop.
Route53 is not been officially launched in China, it is only available for AWS internal accounts now. To make DnsValidatedCertificate work for internal accounts now, a special endpoint needs to be provided.
135 136 137 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 135 def route53_endpoint @route53_endpoint end |
#subject_alternative_names ⇒ Array<String>? (readonly)
Default: - No additional FQDNs will be included as alternative domain names.
Alternative domain names on your certificate.
Use this to register alternative domain names that represent the same site.
79 80 81 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 79 def subject_alternative_names @subject_alternative_names end |
#transparency_logging_enabled ⇒ Boolean? (readonly)
Default: true
Enable or disable transparency logging for this certificate.
Once a certificate has been logged, it cannot be removed from the log. Opting out at that point will have no effect. If you opt out of logging when you request a certificate and then choose later to opt back in, your certificate will not be logged until it is renewed. If you want the certificate to be logged immediately, we recommend that you issue a new one.
91 92 93 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 91 def transparency_logging_enabled @transparency_logging_enabled end |
#validation ⇒ AWSCDK::CertificateManager::CertificateValidation? (readonly)
Default: CertificateValidation.fromEmail()
How to validate this certificate.
96 97 98 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 96 def validation @validation end |
Class Method Details
.jsii_properties ⇒ Object
137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 137 def self.jsii_properties { :domain_name => "domainName", :allow_export => "allowExport", :certificate_name => "certificateName", :key_algorithm => "keyAlgorithm", :subject_alternative_names => "subjectAlternativeNames", :transparency_logging_enabled => "transparencyLoggingEnabled", :validation => "validation", :hosted_zone => "hostedZone", :cleanup_route53_records => "cleanupRoute53Records", :custom_resource_role => "customResourceRole", :region => "region", :route53_endpoint => "route53Endpoint", } end |
Instance Method Details
#to_jsii ⇒ Object
154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 |
# File 'certificate_manager/dns_validated_certificate_props.rb', line 154 def to_jsii result = {} result.merge!(super) result.merge!({ "domainName" => @domain_name, "allowExport" => @allow_export, "certificateName" => @certificate_name, "keyAlgorithm" => @key_algorithm, "subjectAlternativeNames" => @subject_alternative_names, "transparencyLoggingEnabled" => @transparency_logging_enabled, "validation" => @validation, "hostedZone" => @hosted_zone, "cleanupRoute53Records" => @cleanup_route53_records, "customResourceRole" => @custom_resource_role, "region" => @region, "route53Endpoint" => @route53_endpoint, }) result.compact end |