Skip to content

2.0.0

Latest
Latest

Choose a tag to compare

View all tags
@dflook dflook released this 24 Apr 20:35
· 2 commits to main since this release
Immutable release. Only release title and notes can be modified.
2.0.0
1e8dbc5
This commit was signed with the committer’s verified signature.
dflook Daniel Flook
GPG key ID: 9459036D5AF34B20
Verified
Learn about vigilant mode.

⚠️ This version requires an additional acm:UpdateCertificateOptions permission to be added to the Lambda execution role.
Ensure your CustomAcmCertificateLambdaExecutionRole is up to date with the example in cloudformation.[yaml|json].

Added

Missing certificate property compared to AWS::CertificateManager::Certificate:

  • CertificateTransparencyLoggingPreference has been added to control certificate transparency logging.

New enhancements over AWS::CertificateManager::Certificate:

  • A new KeyAlgorithm certificate property has been added to specify the key algorithm to use.
    The default is RSA_2048, which is the same as AWS::CertificateManager::Certificate. Not all algorithms are supported by all clients, AWS Services or regions.

Changed

  • A DomainValidationOption is no longer required for all domains in the certificate. If a DomainValidationOption is not specified for a domain, no validation record will be created for that domain.
    The validation records will need to be created through some other means. The certificate resource will be in the CREATE_IN_PROGRESS state until the validation records are created.

  • The certificate resource will not necessarily be replaced on changes to the DomainValidationOptions property.
    Only changes to DomainName or HostedZoneId in DomainValidationOptions will cause the certificate to be replaced.

Fixed

  • Failures that could occur when creating or updating large numbers of certificates in parallel.
Assets 3
Loading