AWS::CertificateManager::Certificate DomainValidationOption

DomainValidationOption is a property of the AWS::CertificateManager::Certificate resource that specifies the AWS Certificate Manager (ACM) certificate domain to validate. Depending on the chosen validation method, ACM checks the domain's DNS record for a validation CNAME, or it attempts to send a validation email message to the domain owner.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "DomainName" : String,
  "HostedZoneId" : String,
  "ValidationDomain" : String
}

YAML


  DomainName: String
  HostedZoneId: String
  ValidationDomain: String

Properties

DomainName

A fully qualified domain name (FQDN) in the certificate request.

Required: Yes

Type: String

Pattern: ^(\*\.)?(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$

Minimum: 1

Maximum: 253

Update requires: Replacement

HostedZoneId

The HostedZoneId option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of DomainValidationOptions must contain one and only one of the domain-validation options, and the HostedZoneId can be used only when DNS is specified as your validation method.

Use the Route 53 ListHostedZones API to discover IDs for available hosted zones.

This option is required for publicly trusted certificates.

Note

The ListHostedZones API returns IDs in the format "/hostedzone/Z111111QQQQQQQ", but CloudFormation requires the IDs to be in the format "Z111111QQQQQQQ".

When you change your DomainValidationOptions, a new resource is created.

Required: No

Type: String

Update requires: Replacement

ValidationDomain

The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the DomainName value or a superdomain of the DomainName value. For example, if you request a certificate for testing.example.com, you can specify example.com as this value. In that case, ACM sends domain validation emails to the following five addresses:

admin@example.com
administrator@example.com
hostmaster@example.com
postmaster@example.com
webmaster@example.com

Required: No

Type: String

Pattern: ^(\*\.)?(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$

Minimum: 1

Maximum: 253

Update requires: Replacement

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS::CertificateManager::Certificate

Tag