Cloudformation Dns Certificate Versions Save

Cloudformation DNS Validated Certificate Resource

2.0.0

1 year ago

:warning: This version requires an additional acm:UpdateCertificateOptions permission to be added to the Lambda execution role. Ensure your CustomAcmCertificateLambdaExecutionRole is up to date with the example in cloudformation.[yaml|json].

Added

Missing certificate property compared to AWS::CertificateManager::Certificate:

  • CertificateTransparencyLoggingPreference has been added to control certificate transparency logging.

New enhancements over AWS::CertificateManager::Certificate:

  • A new KeyAlgorithm certificate property has been added to specify the key algorithm to use. The default is RSA_2048, which is the same as AWS::CertificateManager::Certificate. Not all algorithms are supported by all clients, AWS Services or regions.

Changed

  • A DomainValidationOption is no longer required for all domains in the certificate. If a DomainValidationOption is not specified for a domain, no validation record will be created for that domain. The validation records will need to be created through some other means. The certificate resource will be in the CREATE_IN_PROGRESS state until the validation records are created.

  • The certificate resource will not necessarily be replaced on changes to the DomainValidationOptions property. Only changes to DomainName or HostedZoneId in DomainValidationOptions will cause the certificate to be replaced.

Fixed

  • Failures that could occur when creating or updating large numbers of certificates in parallel.

1.8.0

1 year ago

Added

  • A new optional Route53RoleExternalId domain validation option. This specifies an ExternalId to use when assuming the Route53RoleArn. Thanks pritamrungta!

1.7.5

1 year ago

Fixed

  • Resolve cfn-lint check I3042 about hardcoded partition in arn. Thanks CurryEleison!

1.7.4

1 year ago

Changed

  • Updated lambda runtime to Python 3.9. AWS Lambda support for Python 3.6 is coming to an end.

1.7.3

3 years ago

Fixed

  • Avoid unnecessary requests when updating/deleting certificate that could result in a ThrottlingException - thanks @danieljamesscott

1.7.2

4 years ago

Fixed

  • No longer use undocumented vendored requests library from boto3

1.7.1

4 years ago

Fixed

  • Certificate creation failing in some regions after a change in ACM API behaviour

1.7.0

5 years ago

Added

  • Support for cancelling certificate update. This can occur when a stack update is cancelled, perhaps due to another resource failing to create/update/delete.

1.6.0

5 years ago

Added

  • The requested certificate is automatically tagged with cloudformation:logical-id, cloudformation:stack-id and cloudformation:stack-name
  • Support for cancelling certificate creation. This can occur when a rollback is triggered while a certificate is creating

1.5.1

5 years ago

Fixed

  • Cloudformation resource failing to delete when the certificate was deleted