Certificate
The Certificate resource allows you to create and manage AWS ACMPCA Certificates for issuing and managing your public and private certificates.
Minimal Example
Section titled “Minimal Example”Create a basic ACMPCA Certificate using required properties with one optional property.
import AWS from "alchemy/aws/control";
const certificate = await AWS.ACMPCA.Certificate("myCertificate", {  CertificateAuthorityArn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/abcd1234-5678-90ab-cdef-EXAMPLE11111",  Validity: {    Type: "DAYS",    Value: 365  },  CertificateSigningRequest: "-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----",  SigningAlgorithm: "SHA256WITHRSA",  TemplateArn: "arn:aws:acm-pca:us-east-1:123456789012:template/MyTemplate"});Advanced Configuration
Section titled “Advanced Configuration”Configure an ACMPCA Certificate with additional parameters for enhanced security and validity settings.
const advancedCertificate = await AWS.ACMPCA.Certificate("advancedCertificate", {  CertificateAuthorityArn: "arn:aws:acm-pca:us-west-2:123456789012:certificate-authority/abcd1234-5678-90ab-cdef-EXAMPLE22222",  Validity: {    Type: "YEARS",    Value: 2  },  CertificateSigningRequest: "-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----",  SigningAlgorithm: "SHA384WITHRSA",  ValidityNotBefore: {    Type: "DAYS",    Value: 1  }});Using API Passthrough
Section titled “Using API Passthrough”Create a certificate with API passthrough for additional settings.
const certificateWithApiPassthrough = await AWS.ACMPCA.Certificate("certWithApiPassthrough", {  CertificateAuthorityArn: "arn:aws:acm-pca:eu-west-1:123456789012:certificate-authority/abcd1234-5678-90ab-cdef-EXAMPLE33333",  Validity: {    Type: "DAYS",    Value: 30  },  CertificateSigningRequest: "-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----",  SigningAlgorithm: "SHA256WITHRSA",  ApiPassthrough: {    KeyUsage: {      DigitalSignature: true,      KeyEncipherment: true    },    ExtendedKeyUsage: ["TLSWebServerAuthentication", "TLSWebClientAuthentication"]  }});Adopting Existing Resources
Section titled “Adopting Existing Resources”Adopt an existing ACMPCA certificate instead of failing if it already exists.
const adoptExistingCertificate = await AWS.ACMPCA.Certificate("existingCert", {  CertificateAuthorityArn: "arn:aws:acm-pca:ap-south-1:123456789012:certificate-authority/abcd1234-5678-90ab-cdef-EXAMPLE44444",  Validity: {    Type: "DAYS",    Value: 90  },  CertificateSigningRequest: "-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----",  SigningAlgorithm: "SHA256WITHRSA",  adopt: true});