Does anyone know if there is a nice way to default ACM certi

Question

Does anyone know if there is a nice way to default ACM certificates to creating the appropriate validation DNS records if the relevant HostedZone exists using AWS and python

orange-secretary-87364 · Answer

If you call `acm Certificate ` there is a property on the certificate `domain validation options` that you can use to create the DNS record

orange-secretary-87364 · Answer

I ve used it like this ```certificate validation record = route53 Record validation record format config environment name=certificate domain validation options 0 resourceRecordName records= certificate domain validation options 0 resourceRecordValue ttl=60 type=certificate domain validation options 0 resourceRecordType zone id=zone zone id acm CertificateValidation certificate validation format config environment certificate arn=certificate arn validation record fqdns= certificate validation record fqdn ```

billions-yak-67755 · Answer

Thanks That s what I m currently doing It gets quite tricky when 1 you have multiple SANs 2 you cross hosted zones with your SANs I was hoping there was more magic like in CFN <https docs aws amazon com AWSCloudFormation latest UserGuide aws resource certificatemanager certificate html cfn certificatemanager certificate validationmethod|https docs aws amazon com AWSCloudFormation latest UserGuide aws resource certificatemanager certificate html cfn certificatem validationmethod> gt When you use the `AWS CertificateManager Certificate` resource in a CloudFormation stack domain validation is handled automatically if all three of the following are true The certificate domain is hosted in Amazon Route 53 the domain resides in your AWS account and you are using DNS validation