Class CertificateValidation
This resource represents a successful validation of an ACM certificate in concert with other resources.
Most commonly, this resource is used together with aws.route53.Record and
aws.acm.Certificate to request a DNS validated certificate,
deploy the required validation records and wait for validation to complete.
WARNING: This resource implements a part of the validation workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.
Example Usage
DNS Validation with Route 53
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var certCertificate = new Aws.Acm.Certificate("certCertificate", new Aws.Acm.CertificateArgs
{
DomainName = "example.com",
ValidationMethod = "DNS",
});
var zone = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs
{
Name = "example.com.",
PrivateZone = false,
}));
var certValidation = new Aws.Route53.Record("certValidation", new Aws.Route53.RecordArgs
{
Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordName),
Records =
{
certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordValue),
},
Ttl = 60,
Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordType),
ZoneId = zone.Apply(zone => zone.ZoneId),
});
var certCertificateValidation = new Aws.Acm.CertificateValidation("certCertificateValidation", new Aws.Acm.CertificateValidationArgs
{
CertificateArn = certCertificate.Arn,
ValidationRecordFqdns =
{
certValidation.Fqdn,
},
});
var frontEnd = new Aws.LB.Listener("frontEnd", new Aws.LB.ListenerArgs
{
CertificateArn = certCertificateValidation.CertificateArn,
});
}
}
Alternative Domains DNS Validation with Route 53
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var certCertificate = new Aws.Acm.Certificate("certCertificate", new Aws.Acm.CertificateArgs
{
DomainName = "example.com",
SubjectAlternativeNames =
{
"www.example.com",
"example.org",
},
ValidationMethod = "DNS",
});
var zone = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs
{
Name = "example.com.",
PrivateZone = false,
}));
var zoneAlt = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs
{
Name = "example.org.",
PrivateZone = false,
}));
var certValidation = new Aws.Route53.Record("certValidation", new Aws.Route53.RecordArgs
{
Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordName),
Records =
{
certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordValue),
},
Ttl = 60,
Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordType),
ZoneId = zone.Apply(zone => zone.ZoneId),
});
var certValidationAlt1 = new Aws.Route53.Record("certValidationAlt1", new Aws.Route53.RecordArgs
{
Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[1].ResourceRecordName),
Records =
{
certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[1].ResourceRecordValue),
},
Ttl = 60,
Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[1].ResourceRecordType),
ZoneId = zone.Apply(zone => zone.ZoneId),
});
var certValidationAlt2 = new Aws.Route53.Record("certValidationAlt2", new Aws.Route53.RecordArgs
{
Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[2].ResourceRecordName),
Records =
{
certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[2].ResourceRecordValue),
},
Ttl = 60,
Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[2].ResourceRecordType),
ZoneId = zoneAlt.Apply(zoneAlt => zoneAlt.ZoneId),
});
var certCertificateValidation = new Aws.Acm.CertificateValidation("certCertificateValidation", new Aws.Acm.CertificateValidationArgs
{
CertificateArn = certCertificate.Arn,
ValidationRecordFqdns =
{
certValidation.Fqdn,
certValidationAlt1.Fqdn,
certValidationAlt2.Fqdn,
},
});
var frontEnd = new Aws.LB.Listener("frontEnd", new Aws.LB.ListenerArgs
{
CertificateArn = certCertificateValidation.CertificateArn,
});
}
}
Email Validation
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var certCertificate = new Aws.Acm.Certificate("certCertificate", new Aws.Acm.CertificateArgs
{
DomainName = "example.com",
ValidationMethod = "EMAIL",
});
var certCertificateValidation = new Aws.Acm.CertificateValidation("certCertificateValidation", new Aws.Acm.CertificateValidationArgs
{
CertificateArn = certCertificate.Arn,
});
}
}
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Aws.Acm
Assembly: Pulumi.Aws.dll
Syntax
public class CertificateValidation : CustomResourceConstructors
View SourceCertificateValidation(String, CertificateValidationArgs, CustomResourceOptions)
Create a CertificateValidation resource with the given unique name, arguments, and options.
Declaration
public CertificateValidation(string name, CertificateValidationArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| CertificateValidationArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceCertificateArn
The ARN of the certificate that is being validated.
Declaration
public Output<string> CertificateArn { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ValidationRecordFqdns
List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation
Declaration
public Output<ImmutableArray<string>> ValidationRecordFqdns { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<System.String>> |
Methods
View SourceGet(String, Input<String>, CertificateValidationState, CustomResourceOptions)
Get an existing CertificateValidation resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static CertificateValidation Get(string name, Input<string> id, CertificateValidationState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| CertificateValidationState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| CertificateValidation |