Docs Home
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.28.0 published on Monday, May 19, 2025 by Pulumi
aws-native.iot.DomainConfiguration
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.28.0 published on Monday, May 19, 2025 by Pulumi
Create and manage a Domain Configuration
Create DomainConfiguration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DomainConfiguration(name: string, args?: DomainConfigurationArgs, opts?: CustomResourceOptions);@overload
def DomainConfiguration(resource_name: str,
args: Optional[DomainConfigurationArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def DomainConfiguration(resource_name: str,
opts: Optional[ResourceOptions] = None,
application_protocol: Optional[DomainConfigurationApplicationProtocol] = None,
authentication_type: Optional[DomainConfigurationAuthenticationType] = None,
authorizer_config: Optional[DomainConfigurationAuthorizerConfigArgs] = None,
client_certificate_config: Optional[DomainConfigurationClientCertificateConfigArgs] = None,
domain_configuration_name: Optional[str] = None,
domain_configuration_status: Optional[DomainConfigurationStatus] = None,
domain_name: Optional[str] = None,
server_certificate_arns: Optional[Sequence[str]] = None,
server_certificate_config: Optional[DomainConfigurationServerCertificateConfigArgs] = None,
service_type: Optional[DomainConfigurationServiceType] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
tls_config: Optional[DomainConfigurationTlsConfigArgs] = None,
validation_certificate_arn: Optional[str] = None)func NewDomainConfiguration(ctx *Context, name string, args *DomainConfigurationArgs, opts ...ResourceOption) (*DomainConfiguration, error)public DomainConfiguration(string name, DomainConfigurationArgs? args = null, CustomResourceOptions? opts = null)
public DomainConfiguration(String name, DomainConfigurationArgs args)
public DomainConfiguration(String name, DomainConfigurationArgs args, CustomResourceOptions options)
type: aws-native:iot:DomainConfiguration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DomainConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DomainConfigurationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DomainConfigurationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DomainConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DomainConfigurationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
DomainConfiguration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DomainConfiguration resource accepts the following input properties:
- Application
Protocol Pulumi.Aws Native. Io T. Domain Configuration Application Protocol - An enumerated string that specifies the application-layer protocol.
- Authentication
Type Pulumi.Aws Native. Io T. Domain Configuration Authentication Type - An enumerated string that specifies the authentication type.
-
Pulumi.
Aws Native. Io T. Inputs. Domain Configuration Authorizer Config - An object that specifies the authorization service for a domain.
- Client
Certificate Pulumi.Config Aws Native. Io T. Inputs. Domain Configuration Client Certificate Config - An object that specifies the client certificate configuration for a domain.
- Domain
Configuration stringName - The name of the domain configuration. This value must be unique to a region.
- Domain
Configuration Pulumi.Status Aws Native. Io T. Domain Configuration Status The status to which the domain configuration should be updated.
Valid values:
ENABLED|DISABLED- Domain
Name string - The name of the domain.
- Server
Certificate List<string>Arns - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- Server
Certificate Pulumi.Config Aws Native. Io T. Inputs. Domain Configuration Server Certificate Config The server certificate configuration.
For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- Service
Type Pulumi.Aws Native. Io T. Domain Configuration Service Type The type of service delivered by the endpoint.
AWS IoT Core currently supports only the
DATAservice type.-
List<Pulumi.
Aws Native. Inputs. Tag> Metadata which can be used to manage the domain configuration.
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."
For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."
- Tls
Config Pulumi.Aws Native. Io T. Inputs. Domain Configuration Tls Config - An object that specifies the TLS configuration for a domain.
- Validation
Certificate stringArn - The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.
- Application
Protocol DomainConfiguration Application Protocol - An enumerated string that specifies the application-layer protocol.
- Authentication
Type DomainConfiguration Authentication Type - An enumerated string that specifies the authentication type.
-
Domain
Configuration Authorizer Config Args - An object that specifies the authorization service for a domain.
- Client
Certificate DomainConfig Configuration Client Certificate Config Args - An object that specifies the client certificate configuration for a domain.
- Domain
Configuration stringName - The name of the domain configuration. This value must be unique to a region.
- Domain
Configuration DomainStatus Configuration Status The status to which the domain configuration should be updated.
Valid values:
ENABLED|DISABLED- Domain
Name string - The name of the domain.
- Server
Certificate []stringArns - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- Server
Certificate DomainConfig Configuration Server Certificate Config Args The server certificate configuration.
For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- Service
Type DomainConfiguration Service Type The type of service delivered by the endpoint.
AWS IoT Core currently supports only the
DATAservice type.-
Tag
Args Metadata which can be used to manage the domain configuration.
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."
For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."
- Tls
Config DomainConfiguration Tls Config Args - An object that specifies the TLS configuration for a domain.
- Validation
Certificate stringArn - The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.
- application
Protocol DomainConfiguration Application Protocol - An enumerated string that specifies the application-layer protocol.
- authentication
Type DomainConfiguration Authentication Type - An enumerated string that specifies the authentication type.
-
Domain
Configuration Authorizer Config - An object that specifies the authorization service for a domain.
- client
Certificate DomainConfig Configuration Client Certificate Config - An object that specifies the client certificate configuration for a domain.
- domain
Configuration StringName - The name of the domain configuration. This value must be unique to a region.
- domain
Configuration DomainStatus Configuration Status The status to which the domain configuration should be updated.
Valid values:
ENABLED|DISABLED- domain
Name String - The name of the domain.
- server
Certificate List<String>Arns - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- server
Certificate DomainConfig Configuration Server Certificate Config The server certificate configuration.
For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- service
Type DomainConfiguration Service Type The type of service delivered by the endpoint.
AWS IoT Core currently supports only the
DATAservice type.- List<Tag>
Metadata which can be used to manage the domain configuration.
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."
For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."
- tls
Config DomainConfiguration Tls Config - An object that specifies the TLS configuration for a domain.
- validation
Certificate StringArn - The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.
- application
Protocol DomainConfiguration Application Protocol - An enumerated string that specifies the application-layer protocol.
- authentication
Type DomainConfiguration Authentication Type - An enumerated string that specifies the authentication type.
-
Domain
Configuration Authorizer Config - An object that specifies the authorization service for a domain.
- client
Certificate DomainConfig Configuration Client Certificate Config - An object that specifies the client certificate configuration for a domain.
- domain
Configuration stringName - The name of the domain configuration. This value must be unique to a region.
- domain
Configuration DomainStatus Configuration Status The status to which the domain configuration should be updated.
Valid values:
ENABLED|DISABLED- domain
Name string - The name of the domain.
- server
Certificate string[]Arns - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- server
Certificate DomainConfig Configuration Server Certificate Config The server certificate configuration.
For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- service
Type DomainConfiguration Service Type The type of service delivered by the endpoint.
AWS IoT Core currently supports only the
DATAservice type.- Tag[]
Metadata which can be used to manage the domain configuration.
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."
For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."
- tls
Config DomainConfiguration Tls Config - An object that specifies the TLS configuration for a domain.
- validation
Certificate stringArn - The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.
- application_
protocol DomainConfiguration Application Protocol - An enumerated string that specifies the application-layer protocol.
- authentication_
type DomainConfiguration Authentication Type - An enumerated string that specifies the authentication type.
-
Domain
Configuration Authorizer Config Args - An object that specifies the authorization service for a domain.
- client_
certificate_ Domainconfig Configuration Client Certificate Config Args - An object that specifies the client certificate configuration for a domain.
- domain_
configuration_ strname - The name of the domain configuration. This value must be unique to a region.
- domain_
configuration_ Domainstatus Configuration Status The status to which the domain configuration should be updated.
Valid values:
ENABLED|DISABLED- domain_
name str - The name of the domain.
- server_
certificate_ Sequence[str]arns - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- server_
certificate_ Domainconfig Configuration Server Certificate Config Args The server certificate configuration.
For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- service_
type DomainConfiguration Service Type The type of service delivered by the endpoint.
AWS IoT Core currently supports only the
DATAservice type.-
Sequence[Tag
Args] Metadata which can be used to manage the domain configuration.
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."
For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."
- tls_
config DomainConfiguration Tls Config Args - An object that specifies the TLS configuration for a domain.
- validation_
certificate_ strarn - The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.
- application
Protocol "SECURE_MQTT" | "MQTT_WSS" | "HTTPS" | "DEFAULT" - An enumerated string that specifies the application-layer protocol.
- authentication
Type "AWS_X509" | "CUSTOM_AUTH" | "AWS_SIGV4" | "CUSTOM_AUTH_X509" | "DEFAULT" - An enumerated string that specifies the authentication type.
- Property Map
- An object that specifies the authorization service for a domain.
- client
Certificate Property MapConfig - An object that specifies the client certificate configuration for a domain.
- domain
Configuration StringName - The name of the domain configuration. This value must be unique to a region.
- domain
Configuration "ENABLED" | "DISABLED"Status The status to which the domain configuration should be updated.
Valid values:
ENABLED|DISABLED- domain
Name String - The name of the domain.
- server
Certificate List<String>Arns - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- server
Certificate Property MapConfig The server certificate configuration.
For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- service
Type "DATA" | "CREDENTIAL_PROVIDER" | "JOBS" The type of service delivered by the endpoint.
AWS IoT Core currently supports only the
DATAservice type.- List<Property Map>
Metadata which can be used to manage the domain configuration.
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."
For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."
- tls
Config Property Map - An object that specifies the TLS configuration for a domain.
- validation
Certificate StringArn - The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.
Outputs
All input properties are implicitly available as output properties. Additionally, the DomainConfiguration resource produces the following output properties:
- Arn string
- The Amazon Resource Name (ARN) of the domain configuration.
- Domain
Type Pulumi.Aws Native. Io T. Domain Configuration Domain Type - The type of service delivered by the domain.
- Id string
- The provider-assigned unique ID for this managed resource.
- Server
Certificates List<Pulumi.Aws Native. Io T. Outputs. Domain Configuration Server Certificate Summary> - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- Arn string
- The Amazon Resource Name (ARN) of the domain configuration.
- Domain
Type DomainConfiguration Domain Type - The type of service delivered by the domain.
- Id string
- The provider-assigned unique ID for this managed resource.
- Server
Certificates []DomainConfiguration Server Certificate Summary - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- arn String
- The Amazon Resource Name (ARN) of the domain configuration.
- domain
Type DomainConfiguration Domain Type - The type of service delivered by the domain.
- id String
- The provider-assigned unique ID for this managed resource.
- server
Certificates List<DomainConfiguration Server Certificate Summary> - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- arn string
- The Amazon Resource Name (ARN) of the domain configuration.
- domain
Type DomainConfiguration Domain Type - The type of service delivered by the domain.
- id string
- The provider-assigned unique ID for this managed resource.
- server
Certificates DomainConfiguration Server Certificate Summary[] - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- arn str
- The Amazon Resource Name (ARN) of the domain configuration.
- domain_
type DomainConfiguration Domain Type - The type of service delivered by the domain.
- id str
- The provider-assigned unique ID for this managed resource.
- server_
certificates Sequence[DomainConfiguration Server Certificate Summary] - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
- arn String
- The Amazon Resource Name (ARN) of the domain configuration.
- domain
Type "ENDPOINT" | "AWS_MANAGED" | "CUSTOMER_MANAGED" - The type of service delivered by the domain.
- id String
- The provider-assigned unique ID for this managed resource.
- server
Certificates List<Property Map> - The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.
Supporting Types
DomainConfigurationApplicationProtocol, DomainConfigurationApplicationProtocolArgs
- Secure
Mqtt - SECURE_MQTT
- Mqtt
Wss - MQTT_WSS
- Https
- HTTPS
- Default
- DEFAULT
- Domain
Configuration Application Protocol Secure Mqtt - SECURE_MQTT
- Domain
Configuration Application Protocol Mqtt Wss - MQTT_WSS
- Domain
Configuration Application Protocol Https - HTTPS
- Domain
Configuration Application Protocol Default - DEFAULT
- Secure
Mqtt - SECURE_MQTT
- Mqtt
Wss - MQTT_WSS
- Https
- HTTPS
- Default
- DEFAULT
- Secure
Mqtt - SECURE_MQTT
- Mqtt
Wss - MQTT_WSS
- Https
- HTTPS
- Default
- DEFAULT
- SECURE_MQTT
- SECURE_MQTT
- MQTT_WSS
- MQTT_WSS
- HTTPS
- HTTPS
- DEFAULT
- DEFAULT
- "SECURE_MQTT"
- SECURE_MQTT
- "MQTT_WSS"
- MQTT_WSS
- "HTTPS"
- HTTPS
- "DEFAULT"
- DEFAULT
DomainConfigurationAuthenticationType, DomainConfigurationAuthenticationTypeArgs
- Aws
X509 - AWS_X509
- Custom
Auth - CUSTOM_AUTH
- Aws
Sigv4 - AWS_SIGV4
- Custom
Auth X509 - CUSTOM_AUTH_X509
- Default
- DEFAULT
- Domain
Configuration Authentication Type Aws X509 - AWS_X509
- Domain
Configuration Authentication Type Custom Auth - CUSTOM_AUTH
- Domain
Configuration Authentication Type Aws Sigv4 - AWS_SIGV4
- Domain
Configuration Authentication Type Custom Auth X509 - CUSTOM_AUTH_X509
- Domain
Configuration Authentication Type Default - DEFAULT
- Aws
X509 - AWS_X509
- Custom
Auth - CUSTOM_AUTH
- Aws
Sigv4 - AWS_SIGV4
- Custom
Auth X509 - CUSTOM_AUTH_X509
- Default
- DEFAULT
- Aws
X509 - AWS_X509
- Custom
Auth - CUSTOM_AUTH
- Aws
Sigv4 - AWS_SIGV4
- Custom
Auth X509 - CUSTOM_AUTH_X509
- Default
- DEFAULT
- AWS_X509
- AWS_X509
- CUSTOM_AUTH
- CUSTOM_AUTH
- AWS_SIGV4
- AWS_SIGV4
- CUSTOM_AUTH_X509
- CUSTOM_AUTH_X509
- DEFAULT
- DEFAULT
- "AWS_X509"
- AWS_X509
- "CUSTOM_AUTH"
- CUSTOM_AUTH
- "AWS_SIGV4"
- AWS_SIGV4
- "CUSTOM_AUTH_X509"
- CUSTOM_AUTH_X509
- "DEFAULT"
- DEFAULT
DomainConfigurationAuthorizerConfig, DomainConfigurationAuthorizerConfigArgs
- bool
- A Boolean that specifies whether the domain configuration's authorization service can be overridden.
- string
- The name of the authorization service for a domain configuration.
- bool
- A Boolean that specifies whether the domain configuration's authorization service can be overridden.
- string
- The name of the authorization service for a domain configuration.
- Boolean
- A Boolean that specifies whether the domain configuration's authorization service can be overridden.
- String
- The name of the authorization service for a domain configuration.
- boolean
- A Boolean that specifies whether the domain configuration's authorization service can be overridden.
- string
- The name of the authorization service for a domain configuration.
- bool
- A Boolean that specifies whether the domain configuration's authorization service can be overridden.
- str
- The name of the authorization service for a domain configuration.
- Boolean
- A Boolean that specifies whether the domain configuration's authorization service can be overridden.
- String
- The name of the authorization service for a domain configuration.
DomainConfigurationClientCertificateConfig, DomainConfigurationClientCertificateConfigArgs
- Client
Certificate stringCallback Arn - The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.
- Client
Certificate stringCallback Arn - The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.
- client
Certificate StringCallback Arn - The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.
- client
Certificate stringCallback Arn - The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.
- client_
certificate_ strcallback_ arn - The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.
- client
Certificate StringCallback Arn - The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.
DomainConfigurationDomainType, DomainConfigurationDomainTypeArgs
- Endpoint
- ENDPOINT
- Aws
Managed - AWS_MANAGED
- Customer
Managed - CUSTOMER_MANAGED
- Domain
Configuration Domain Type Endpoint - ENDPOINT
- Domain
Configuration Domain Type Aws Managed - AWS_MANAGED
- Domain
Configuration Domain Type Customer Managed - CUSTOMER_MANAGED
- Endpoint
- ENDPOINT
- Aws
Managed - AWS_MANAGED
- Customer
Managed - CUSTOMER_MANAGED
- Endpoint
- ENDPOINT
- Aws
Managed - AWS_MANAGED
- Customer
Managed - CUSTOMER_MANAGED
- ENDPOINT
- ENDPOINT
- AWS_MANAGED
- AWS_MANAGED
- CUSTOMER_MANAGED
- CUSTOMER_MANAGED
- "ENDPOINT"
- ENDPOINT
- "AWS_MANAGED"
- AWS_MANAGED
- "CUSTOMER_MANAGED"
- CUSTOMER_MANAGED
DomainConfigurationServerCertificateConfig, DomainConfigurationServerCertificateConfigArgs
- Enable
Ocsp boolCheck - A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- string
- The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.
- Ocsp
Lambda stringArn - The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.
- Enable
Ocsp boolCheck - A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- string
- The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.
- Ocsp
Lambda stringArn - The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.
- enable
Ocsp BooleanCheck - A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- String
- The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.
- ocsp
Lambda StringArn - The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.
- enable
Ocsp booleanCheck - A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- string
- The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.
- ocsp
Lambda stringArn - The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.
- enable_
ocsp_ boolcheck - A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- str
- The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.
- ocsp_
lambda_ strarn - The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.
- enable
Ocsp BooleanCheck - A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Configurable endpoints from the AWS IoT Core Developer Guide.
- String
- The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.
- ocsp
Lambda StringArn - The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.
DomainConfigurationServerCertificateSummary, DomainConfigurationServerCertificateSummaryArgs
- Server
Certificate stringArn - The ARN of the server certificate.
- Server
Certificate Pulumi.Status Aws Native. Io T. Domain Configuration Server Certificate Summary Server Certificate Status - The status of the server certificate.
- Server
Certificate stringStatus Detail - Details that explain the status of the server certificate.
- Server
Certificate stringArn - The ARN of the server certificate.
- Server
Certificate DomainStatus Configuration Server Certificate Summary Server Certificate Status - The status of the server certificate.
- Server
Certificate stringStatus Detail - Details that explain the status of the server certificate.
- server
Certificate StringArn - The ARN of the server certificate.
- server
Certificate DomainStatus Configuration Server Certificate Summary Server Certificate Status - The status of the server certificate.
- server
Certificate StringStatus Detail - Details that explain the status of the server certificate.
- server
Certificate stringArn - The ARN of the server certificate.
- server
Certificate DomainStatus Configuration Server Certificate Summary Server Certificate Status - The status of the server certificate.
- server
Certificate stringStatus Detail - Details that explain the status of the server certificate.
- server_
certificate_ strarn - The ARN of the server certificate.
- server_
certificate_ Domainstatus Configuration Server Certificate Summary Server Certificate Status - The status of the server certificate.
- server_
certificate_ strstatus_ detail - Details that explain the status of the server certificate.
- server
Certificate StringArn - The ARN of the server certificate.
- server
Certificate "INVALID" | "VALID"Status - The status of the server certificate.
- server
Certificate StringStatus Detail - Details that explain the status of the server certificate.
DomainConfigurationServerCertificateSummaryServerCertificateStatus, DomainConfigurationServerCertificateSummaryServerCertificateStatusArgs
- Invalid
- INVALID
- Valid
- VALID
- Domain
Configuration Server Certificate Summary Server Certificate Status Invalid - INVALID
- Domain
Configuration Server Certificate Summary Server Certificate Status Valid - VALID
- Invalid
- INVALID
- Valid
- VALID
- Invalid
- INVALID
- Valid
- VALID
- INVALID
- INVALID
- VALID
- VALID
- "INVALID"
- INVALID
- "VALID"
- VALID
DomainConfigurationServiceType, DomainConfigurationServiceTypeArgs
- Data
- DATA
- Credential
Provider - CREDENTIAL_PROVIDER
- Jobs
- JOBS
- Domain
Configuration Service Type Data - DATA
- Domain
Configuration Service Type Credential Provider - CREDENTIAL_PROVIDER
- Domain
Configuration Service Type Jobs - JOBS
- Data
- DATA
- Credential
Provider - CREDENTIAL_PROVIDER
- Jobs
- JOBS
- Data
- DATA
- Credential
Provider - CREDENTIAL_PROVIDER
- Jobs
- JOBS
- DATA
- DATA
- CREDENTIAL_PROVIDER
- CREDENTIAL_PROVIDER
- JOBS
- JOBS
- "DATA"
- DATA
- "CREDENTIAL_PROVIDER"
- CREDENTIAL_PROVIDER
- "JOBS"
- JOBS
DomainConfigurationStatus, DomainConfigurationStatusArgs
- Enabled
- ENABLED
- Disabled
- DISABLED
- Domain
Configuration Status Enabled - ENABLED
- Domain
Configuration Status Disabled - DISABLED
- Enabled
- ENABLED
- Disabled
- DISABLED
- Enabled
- ENABLED
- Disabled
- DISABLED
- ENABLED
- ENABLED
- DISABLED
- DISABLED
- "ENABLED"
- ENABLED
- "DISABLED"
- DISABLED
DomainConfigurationTlsConfig, DomainConfigurationTlsConfigArgs
- Security
Policy string - The security policy for a domain configuration. For more information, see Security policies in the AWS IoT Core developer guide .
- Security
Policy string - The security policy for a domain configuration. For more information, see Security policies in the AWS IoT Core developer guide .
- security
Policy String - The security policy for a domain configuration. For more information, see Security policies in the AWS IoT Core developer guide .
- security
Policy string - The security policy for a domain configuration. For more information, see Security policies in the AWS IoT Core developer guide .
- security_
policy str - The security policy for a domain configuration. For more information, see Security policies in the AWS IoT Core developer guide .
- security
Policy String - The security policy for a domain configuration. For more information, see Security policies in the AWS IoT Core developer guide .
Tag, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.28.0 published on Monday, May 19, 2025 by Pulumi