billions-yak-67755
03/26/2021, 10:24 AMorange-secretary-87364
03/26/2021, 11:58 AMacm.Certificate(...)
there is a property on the certificate domain_validation_options
that you can use to create the DNS record.certificate_validation_record = route53.Record('{}-validation-record'.format(config.environment),
name=certificate.domain_validation_options[0]['resourceRecordName'],
records=[
certificate.domain_validation_options[0]['resourceRecordValue']
],
ttl=60,
type=certificate.domain_validation_options[0]["resourceRecordType"],
zone_id=zone.zone_id)
acm.CertificateValidation('{}-certificate-validation'.format(config.environment),
certificate_arn=certificate.arn,
validation_record_fqdns=[certificate_validation_record.fqdn])
billions-yak-67755
03/26/2021, 2:21 PMWhen you use theresource in a CloudFormation stack, domain validation is handled automatically if all three of the following are true: The certificate domain is hosted in Amazon Route 53, the domain resides in your AWS account, and you are using DNS validation.AWS::CertificateManager::Certificate