AWS::IoT::DomainConfiguration - AWS CloudFormation

AWS::IoT::DomainConfiguration

Specifies a domain configuration.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::IoT::DomainConfiguration", "Properties" : { "ApplicationProtocol" : String, "AuthenticationType" : String, "AuthorizerConfig" : AuthorizerConfig, "ClientCertificateConfig" : ClientCertificateConfig, "DomainConfigurationName" : String, "DomainConfigurationStatus" : String, "DomainName" : String, "ServerCertificateArns" : [ String, ... ], "ServerCertificateConfig" : ServerCertificateConfig, "ServiceType" : String, "Tags" : [ Tag, ... ], "TlsConfig" : TlsConfig, "ValidationCertificateArn" : String } }

Properties

ApplicationProtocol

An enumerated string that specifies the application-layer protocol.

Required: No

Type: String

Allowed values: SECURE_MQTT | MQTT_WSS | HTTPS | DEFAULT

Update requires: No interruption

AuthenticationType

An enumerated string that specifies the authentication type.

Required: No

Type: String

Allowed values: AWS_X509 | CUSTOM_AUTH | AWS_SIGV4 | CUSTOM_AUTH_X509 | DEFAULT

Update requires: No interruption

AuthorizerConfig

An object that specifies the authorization service for a domain.

Required: No

Type: AuthorizerConfig

Update requires: No interruption

ClientCertificateConfig

An object that specifies the client certificate configuration for a domain.

Required: No

Type: ClientCertificateConfig

Update requires: No interruption

DomainConfigurationName

The name of the domain configuration. This value must be unique to a region.

Required: No

Type: String

Pattern: ^[\w.-]+$

Minimum: 1

Maximum: 128

Update requires: Replacement

DomainConfigurationStatus

The status to which the domain configuration should be updated.

Valid values: ENABLED | DISABLED

Required: No

Type: String

Allowed values: ENABLED | DISABLED

Update requires: No interruption

DomainName

The name of the domain.

Required: No

Type: String

Minimum: 1

Maximum: 253

Update requires: Replacement

ServerCertificateArns

The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS-managed domains.

Required: No

Type: Array of String

Minimum: 1 | 0

Maximum: 2048 | 1

Update requires: Replacement

ServerCertificateConfig

The server certificate configuration.

For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.

Required: No

Type: ServerCertificateConfig

Update requires: No interruption

ServiceType

The type of service delivered by the endpoint.

Note

AWS IoT Core currently supports only the DATA service type.

Required: No

Type: String

Allowed values: DATA | CREDENTIAL_PROVIDER | JOBS

Update requires: Replacement

Tags

Metadata which can be used to manage the domain configuration.

Note

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

Required: No

Type: Array of Tag

Update requires: No interruption

TlsConfig

An object that specifies the TLS configuration for a domain.

Required: No

Type: TlsConfig

Update requires: No interruption

ValidationCertificateArn

The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS-managed domains.

Required: No

Type: String

Pattern: ^arn:aws(-cn|-us-gov|-iso-b|-iso)?:acm:[a-z]{2}-(gov-|iso-|isob-)?[a-z]{4,9}-\d{1}:\d{12}:certificate/[a-zA-Z0-9/-]+$

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the domain configuration name. For example:

{ "Ref": "MyDomainConfiguration" }

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

The Amazon Resource Name (ARN) of the domain configuration.

DomainType

The type of service delivered by the domain.

ServerCertificates

The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS-managed domains.