runway.cfngin.hooks.acm module¶
CFNgin hooks for AWS Certificate Manager.
-
class
runway.cfngin.hooks.acm.
Certificate
(context, provider, **kwargs)[source]¶ Bases:
runway.cfngin.hooks.base.Hook
Hook for managing a AWS::CertificateManager::Certificate.
- Keyword Arguments
alt_names (Optional[List[str]]) – Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the domain field is www.example.com if users can reach your site by using either name.
domain (str) – The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (
*
) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com.hosted_zone_id (str) – The ID of the Route 53 Hosted Zone that contains the resource record sets that you want to change. This must exist in the same account that the certificate will be created in.
stack_name (Optional[str]) – Provide a name for the stack used to create the certificate. If not provided, the domain is used (replacing
.
with-
).ttl (Optional[int]) – The resource record cache time to live (TTL), in seconds. (default:
300
)
Example: .. code-block: yaml
- pre_build:
- example-wildcard-cert:
path: runway.cfngin.hooks.acm.Certificate required: true args:
domain: ‘*.example.com’ hosted_zone_id: ${xref example-com::HostedZoneId}
Instantiate class.
- Parameters
context (
runway.cfngin.context.Context
) – Context instance. (passed in by CFNgin)provider (
runway.cfngin.providers.base.BaseProvider
) – Provider instance. (passed in by CFNgin)
-
get_validation_record
(cert_arn=None, interval=5, status='PENDING_VALIDATION')[source]¶ Get validation record from the certificate being created.
- Parameters
- Returns
A record set to be added to Route 53.
- Return type
- Raises
ValueError – No pending or too many pending certificates.
-
remove_validation_records
(records=None)[source]¶ Remove all record set entries used to validate an ACM Certificate.
-
update_record_set
(record_set)[source]¶ Update a validation record set when the cert has not changed.