Skip to content

2.0.0

Latest
Latest
Compare
Choose a tag to compare
@dflook dflook released this 24 Apr 20:35
· 2 commits to main since this release
2.0.0
1e8dbc5
This commit was signed with the committer’s verified signature.
dflook Daniel Flook
GPG key ID: 9459036D5AF34B20
Learn about vigilant mode.

⚠️ This version requires an additional acm:UpdateCertificateOptions permission to be added to the Lambda execution role.
Ensure your CustomAcmCertificateLambdaExecutionRole is up to date with the example in cloudformation.[yaml|json].

Added

Missing certificate property compared to AWS::CertificateManager::Certificate:

  • CertificateTransparencyLoggingPreference has been added to control certificate transparency logging.

New enhancements over AWS::CertificateManager::Certificate:

  • A new KeyAlgorithm certificate property has been added to specify the key algorithm to use.
    The default is RSA_2048, which is the same as AWS::CertificateManager::Certificate. Not all algorithms are supported by all clients, AWS Services or regions.

Changed

  • A DomainValidationOption is no longer required for all domains in the certificate. If a DomainValidationOption is not specified for a domain, no validation record will be created for that domain.
    The validation records will need to be created through some other means. The certificate resource will be in the CREATE_IN_PROGRESS state until the validation records are created.

  • The certificate resource will not necessarily be replaced on changes to the DomainValidationOptions property.
    Only changes to DomainName or HostedZoneId in DomainValidationOptions will cause the certificate to be replaced.

Fixed

  • Failures that could occur when creating or updating large numbers of certificates in parallel.
Assets 2
Loading