CfnCertificateProps
- class aws_cdk.aws_iot.CfnCertificateProps(*, status, ca_certificate_pem=None, certificate_mode=None, certificate_pem=None, certificate_signing_request=None)
Bases:
objectProperties for defining a
CfnCertificate.- Parameters:
status (
str) – The status of the certificate. Valid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION. The status value REGISTER_INACTIVE is deprecated and should not be used.ca_certificate_pem (
Optional[str]) – The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.certificate_mode (
Optional[str]) – Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.DEFAULT: A certificate inDEFAULTmode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates inDEFAULTmode aren’t required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .SNI_ONLY: A certificate inSNI_ONLYmode is registered without an issuer CA. Devices with certificates inSNI_ONLYmode must send the SNI extension when connecting to AWS IoT Core .certificate_pem (
Optional[str]) – The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.certificate_signing_request (
Optional[str]) – The certificate signing request (CSR).
- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-certificate.html
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_iot as iot cfn_certificate_props = iot.CfnCertificateProps( status="status", # the properties below are optional ca_certificate_pem="caCertificatePem", certificate_mode="certificateMode", certificate_pem="certificatePem", certificate_signing_request="certificateSigningRequest" )
Attributes
- ca_certificate_pem
The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.
- certificate_mode
Specifies which mode of certificate registration to use with this resource.
Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.
DEFAULT: A certificate inDEFAULTmode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates inDEFAULTmode aren’t required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .SNI_ONLY: A certificate inSNI_ONLYmode is registered without an issuer CA. Devices with certificates inSNI_ONLYmode must send the SNI extension when connecting to AWS IoT Core .
- certificate_pem
The certificate data in PEM format.
Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.
- certificate_signing_request
The certificate signing request (CSR).
- status
The status of the certificate.
Valid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.
The status value REGISTER_INACTIVE is deprecated and should not be used.