AWS::IoT::DomainConfiguration

Specifies a domain configuration.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::IoT::DomainConfiguration",
  "Properties" : {
      "ApplicationProtocol" : String,
      "AuthenticationType" : String,
      "AuthorizerConfig" : AuthorizerConfig,
      "ClientCertificateConfig" : ClientCertificateConfig,
      "DomainConfigurationName" : String,
      "DomainConfigurationStatus" : String,
      "DomainName" : String,
      "ServerCertificateArns" : [ String, ... ],
      "ServerCertificateConfig" : ServerCertificateConfig,
      "ServiceType" : String,
      "Tags" : [ Tag, ... ],
      "TlsConfig" : TlsConfig,
      "ValidationCertificateArn" : String
    }
}

YAML


Type: AWS::IoT::DomainConfiguration
Properties:
  ApplicationProtocol: String
  AuthenticationType: String
  AuthorizerConfig: 
    AuthorizerConfig
  ClientCertificateConfig: 
    ClientCertificateConfig
  DomainConfigurationName: String
  DomainConfigurationStatus: String
  DomainName: String
  ServerCertificateArns: 
    - String
  ServerCertificateConfig: 
    ServerCertificateConfig
  ServiceType: String
  Tags: 
    - Tag
  TlsConfig: 
    TlsConfig
  ValidationCertificateArn: String

Properties

ApplicationProtocol

An enumerated string that speciﬁes the application-layer protocol.

Required: No

Type: String

Allowed values: SECURE_MQTT | MQTT_WSS | HTTPS | DEFAULT

Update requires: No interruption

AuthenticationType

An enumerated string that speciﬁes the authentication type.

Required: No

Type: String

Allowed values: AWS_X509 | CUSTOM_AUTH | AWS_SIGV4 | CUSTOM_AUTH_X509 | DEFAULT

Update requires: No interruption

AuthorizerConfig

An object that specifies the authorization service for a domain.

Required: No

Type: AuthorizerConfig

Update requires: No interruption

ClientCertificateConfig

An object that speciﬁes the client certificate conﬁguration for a domain.

Required: No

Type: ClientCertificateConfig

Update requires: No interruption

DomainConfigurationName

The name of the domain configuration. This value must be unique to a region.

Required: No

Type: String

Pattern: ^[\w.-]+$

Minimum: 1

Maximum: 128

Update requires: Replacement

DomainConfigurationStatus

The status to which the domain configuration should be updated.

Valid values: ENABLED | DISABLED

Required: No

Type: String

Allowed values: ENABLED | DISABLED

Update requires: No interruption

DomainName

The name of the domain.

Required: No

Type: String

Minimum: 1

Maximum: 253

Update requires: Replacement

ServerCertificateArns

The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS-managed domains.

Required: No

Type: Array of String

Minimum: 1 | 0

Maximum: 2048 | 1

Update requires: Replacement

ServerCertificateConfig

The server certificate configuration.

For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.

Required: No

Type: ServerCertificateConfig

Update requires: No interruption

ServiceType

The type of service delivered by the endpoint.

Note

AWS IoT Core currently supports only the DATA service type.

Required: No

Type: String

Allowed values: DATA | CREDENTIAL_PROVIDER | JOBS

Update requires: Replacement

Tags

Metadata which can be used to manage the domain configuration.

Note

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

Required: No

Type: Array of Tag

Update requires: No interruption

TlsConfig

An object that specifies the TLS configuration for a domain.

Required: No

Type: TlsConfig

Update requires: No interruption

ValidationCertificateArn

The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS-managed domains.

Required: No

Type: String

Pattern: ^arn:aws(-cn|-us-gov|-iso-b|-iso)?:acm:[a-z]{2}-(gov-|iso-|isob-)?[a-z]{4,9}-\d{1}:\d{12}:certificate/[a-zA-Z0-9/-]+$

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the domain configuration name. For example:

{ "Ref": "MyDomainConfiguration" }

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn: The Amazon Resource Name (ARN) of the domain configuration.
DomainType: The type of service delivered by the domain.
ServerCertificates: The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS-managed domains.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Tag

AuthorizerConfig