Package software.amazon.awscdk.services.iot

Class CfnCertificate

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.CfnElement
software.amazon.awscdk.core.CfnRefElement
software.amazon.awscdk.core.CfnResource
software.amazon.awscdk.services.iot.CfnCertificate
All Implemented Interfaces:
IConstruct, IDependable, IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:29:57.530Z") @Stability(Stable) public class CfnCertificate extends CfnResource implements IInspectable
A CloudFormation AWS::IoT::Certificate.

Use the AWS::IoT::Certificate resource to declare an AWS IoT X.509 certificate. For information about working with X.509 certificates, see X.509 Client Certificates in the AWS IoT Developer Guide .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.iot.*;
 CfnCertificate cfnCertificate = CfnCertificate.Builder.create(this, "MyCfnCertificate")
         .status("status")
         // the properties below are optional
         .caCertificatePem("caCertificatePem")
         .certificateMode("certificateMode")
         .certificatePem("certificatePem")
         .certificateSigningRequest("certificateSigningRequest")
         .build();

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnCertificate

      protected CfnCertificate(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnCertificate

      protected CfnCertificate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnCertificate

      @Stability(Stable) public CfnCertificate(@NotNull Construct scope, @NotNull String id, @NotNull CfnCertificateProps props)
      Create a new AWS::IoT::Certificate.

      Parameters:
      scope -
      • scope in which this resource is defined.
      This parameter is required.
      id -
      • scoped id of the resource.
      This parameter is required.
      props -
      • resource properties.
      This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector -
      • tree inspector to collect and process attributes.
      This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrArn

      @Stability(Stable) @NotNull public String getAttrArn()
      Returns the Amazon Resource Name (ARN) for the certificate. For example:.

      { "Fn::GetAtt": ["MyCertificate", "Arn"] }

      A value similar to the following is returned:

      arn:aws:iot:ap-southeast-2:123456789012:cert/a1234567b89c012d3e4fg567hij8k9l01mno1p23q45678901rs234567890t1u2

    • getAttrId

      @Stability(Stable) @NotNull public String getAttrId()
      The certificate ID.

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getStatus

      @Stability(Stable) @NotNull public String getStatus()
      The status of the certificate.

      Valid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.

      The status value REGISTER_INACTIVE is deprecated and should not be used.

    • setStatus

      @Stability(Stable) public void setStatus(@NotNull String value)
      The status of the certificate.

      Valid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.

      The status value REGISTER_INACTIVE is deprecated and should not be used.

    • getCaCertificatePem

      @Stability(Stable) @Nullable public String getCaCertificatePem()
      The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.

    • setCaCertificatePem

      @Stability(Stable) public void setCaCertificatePem(@Nullable String value)
      The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.

    • getCertificateMode

      @Stability(Stable) @Nullable public String getCertificateMode()
      Specifies which mode of certificate registration to use with this resource.

      Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.

      DEFAULT : A certificate in DEFAULT mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in DEFAULT mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .

      SNI_ONLY : A certificate in SNI_ONLY mode is registered without an issuer CA. Devices with certificates in SNI_ONLY mode must send the SNI extension when connecting to AWS IoT Core .

    • setCertificateMode

      @Stability(Stable) public void setCertificateMode(@Nullable String value)
      Specifies which mode of certificate registration to use with this resource.

      Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.

      DEFAULT : A certificate in DEFAULT mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in DEFAULT mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .

      SNI_ONLY : A certificate in SNI_ONLY mode is registered without an issuer CA. Devices with certificates in SNI_ONLY mode must send the SNI extension when connecting to AWS IoT Core .

    • getCertificatePem

      @Stability(Stable) @Nullable public String getCertificatePem()
      The certificate data in PEM format.

      Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.

    • setCertificatePem

      @Stability(Stable) public void setCertificatePem(@Nullable String value)
      The certificate data in PEM format.

      Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.

    • getCertificateSigningRequest

      @Stability(Stable) @Nullable public String getCertificateSigningRequest()
      The certificate signing request (CSR).

    • setCertificateSigningRequest

      @Stability(Stable) public void setCertificateSigningRequest(@Nullable String value)
      The certificate signing request (CSR).