Package software.amazon.awscdk.services.certificatemanager

Interface DnsValidatedCertificateProps

All Superinterfaces:
CertificateProps, software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
DnsValidatedCertificateProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.104.0 (build e79254c)", date="2024-11-22T02:23:58.009Z") @Stability(Stable) public interface DnsValidatedCertificateProps extends software.amazon.jsii.JsiiSerializable, CertificateProps
Properties to create a DNS validated certificate managed by AWS Certificate Manager.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.certificatemanager.*;
 import software.amazon.awscdk.services.iam.*;
 import software.amazon.awscdk.services.route53.*;
 CertificateValidation certificateValidation;
 HostedZone hostedZone;
 KeyAlgorithm keyAlgorithm;
 Role role;
 DnsValidatedCertificateProps dnsValidatedCertificateProps = DnsValidatedCertificateProps.builder()
         .domainName("domainName")
         .hostedZone(hostedZone)
         // the properties below are optional
         .certificateName("certificateName")
         .cleanupRoute53Records(false)
         .customResourceRole(role)
         .keyAlgorithm(keyAlgorithm)
         .region("region")
         .route53Endpoint("route53Endpoint")
         .subjectAlternativeNames(List.of("subjectAlternativeNames"))
         .transparencyLoggingEnabled(false)
         .validation(certificateValidation)
         .build();

  • Method Details

    • getHostedZone

      @Stability(Stable) @NotNull IHostedZone getHostedZone()
      Route 53 Hosted Zone used to perform DNS validation of the request.

      The zone must be authoritative for the domain name specified in the Certificate Request.

    • getCleanupRoute53Records

      @Stability(Stable) @Nullable default Boolean getCleanupRoute53Records()
      When set to true, when the DnsValidatedCertificate is deleted, the associated Route53 validation records are removed.

      CAUTION: If multiple certificates share the same domains (and same validation records), this can cause the other certificates to fail renewal and/or not validate. Not recommended for production use.

      Default: false

    • getCustomResourceRole

      @Stability(Stable) @Nullable default IRole getCustomResourceRole()
      Role to use for the custom resource that creates the validated certificate.

      Default: - A new role will be created

    • getRegion

      @Stability(Stable) @Nullable default String getRegion()
      AWS region that will host the certificate.

      This is needed especially for certificates used for CloudFront distributions, which require the region to be us-east-1.

      Default: the region the stack is deployed in.

    • getRoute53Endpoint

      @Stability(Stable) @Nullable default String getRoute53Endpoint()
      An endpoint of Route53 service, which is not necessary as AWS SDK could figure out the right endpoints for most regions, but for some regions such as those in aws-cn partition, the default endpoint is not working now, hence the right endpoint need to be specified through this prop.

      Route53 is not been officially launched in China, it is only available for AWS internal accounts now. To make DnsValidatedCertificate work for internal accounts now, a special endpoint needs to be provided.

      Default: - The AWS SDK will determine the Route53 endpoint to use based on region

    • builder

      @Stability(Stable) static DnsValidatedCertificateProps.Builder builder()
      Returns:
      a DnsValidatedCertificateProps.Builder of DnsValidatedCertificateProps