Skip to content
/ cloudar_acm_plus Public
forked from WeAreCloudar/cloudar_acm_plus

A custom resource written in Python to create acm certificates in cloudformation with automatic DNS validation for domains managed by AWS hostedzone and the option to create the certificate in a different region then the cloudformation stack region.

0 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yacinelazaar/cloudar_acm_plus

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
cloudar-acm-plus-custom-resource
cloudar-acm-plus-custom-resource
 
 
README.md
README.md
 
 
cfn.yaml
cfn.yaml
 
 

Repository files navigation

Cloudar-acm-plus

A custom resource written in Python to create acm certificates in cloudformation with automatic DNS validation for domains managed by AWS hostedzone and the option to create the certificate in a different region then the cloudformation stack region.

Features

  • Create acm certificate with dns validation:
    • custom parameters:
      • Domain name
      • Additional domains
      • Validation domain
      • Region
      • Tags
  • Automatic DNS validation of the acm certificate
  • Specify AWS region to create the certificate in, independent of the Cloudformation stack region
  • Cleanup DNS validation records and deleting the acm certificate on delete of the Cloudformation stack

Requirements

  • Python 3.7

  • Pip

  • Bash

  • Zip

  • S3 bucket to put the custom resource package

Deploy the custom resource

cd cloudar-acm-plus-custom-resource
sh install_dependencies
sh pack_custom_resource

Upload the zip file cloudar-acm-plus-custom-resource/packed/cloudar-acm-plus-custom-resource.zip to the S3 bucket you want to use with your custom resource in a cloudformation template.

Implementation notes

See cfn.yaml as an example.

IMPORTANT:
For the delete and cleanup functionality it is required to set the following output in your cloudformation.

Outputs:
   NameCustomResource:
     Description: The arn of the certificate created by NameCustomResource
     Value: !GetAtt NameCustomResource.certificate_arn

Parameters for Type: Custom::CreateCertificates :

  • DomainName: (REQUIRED type:String) The domain name for the acm certificate.
  • AdditionalDomains: (OPTIONAL type:List) Additional domains for the acm certificate
  • ValidationDomain: (REQUIRED type:string) The domain name for the validation domain of the acm certificate
  • HostedZoneId: (REQUIRED type:string) The hosted zone id for the validation domain of the acm certificate
  • CertificateRegion: (REQUIRED type:string) The region to deploy the acm certificate in
  • IdempotencyToken: (REQUIRED type:string pattern: \w+) The idempotency token for the create call of the acm certificate doc: https://docs.aws.amazon.com/acm/latest/APIReference/API_RequestCertificate.html#ACM-RequestCertificate-request-IdempotencyToken
  • CertificateTags: (OPTIONAL type:list) The tags for the acm certificate

Outputs for Type: Custom::CreateCertificates :

  • certificate_arn: The arn of the acm certificate created by the custom resource. (!GetAtt NameCustomResource.certificate_arn)

About

A custom resource written in Python to create acm certificates in cloudformation with automatic DNS validation for domains managed by AWS hostedzone and the option to create the certificate in a different region then the cloudformation stack region.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%