1. Packages
  2. AWS Classic
  3. API Docs
  4. apigateway
  5. DomainName

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.12.3 published on Thursday, Nov 30, 2023 by Pulumi

aws.apigateway.DomainName

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.12.3 published on Thursday, Nov 30, 2023 by Pulumi

    Registers a custom domain name for use with AWS API Gateway. Additional information about this functionality can be found in the API Gateway Developer Guide.

    This resource just establishes ownership of and the TLS settings for a particular domain name. An API can be attached to a particular path under the registered domain name using the aws.apigateway.BasePathMapping resource.

    API Gateway domains can be defined as either ’edge-optimized’ or ‘regional’. In an edge-optimized configuration, API Gateway internally creates and manages a CloudFront distribution to route requests on the given hostname. In addition to this resource it’s necessary to create a DNS record corresponding to the given domain name which is an alias (either Route53 alias or traditional CNAME) to the Cloudfront domain name exported in the cloudfront_domain_name attribute.

    In a regional configuration, API Gateway does not create a CloudFront distribution to route requests to the API, though a distribution can be created if needed. In either case, it is necessary to create a DNS record corresponding to the given domain name which is an alias (either Route53 alias or traditional CNAME) to the regional domain name exported in the regional_domain_name attribute.

    Note: API Gateway requires the use of AWS Certificate Manager (ACM) certificates instead of Identity and Access Management (IAM) certificates in regions that support ACM. Regions that support ACM can be found in the Regions and Endpoints Documentation. To import an existing private key and certificate into ACM or request an ACM certificate, see the aws.acm.Certificate resource.

    Note: The aws.apigateway.DomainName resource expects dependency on the aws.acm.CertificateValidation as only verified certificates can be used. This can be made either explicitly by adding the depends_on = [aws_acm_certificate_validation.cert] attribute. Or implicitly by referring certificate ARN from the validation resource where it will be available after the resource creation: regional_certificate_arn = aws_acm_certificate_validation.cert.certificate_arn.

    Example Usage

    Edge Optimized (ACM Certificate)

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var exampleDomainName = new Aws.ApiGateway.DomainName("exampleDomainName", new()
        {
            CertificateArn = aws_acm_certificate_validation.Example.Certificate_arn,
            Domain = "api.example.com",
        });
    
        // Example DNS record using Route53.
        // Route53 is not specifically required; any DNS host can be used.
        var exampleRecord = new Aws.Route53.Record("exampleRecord", new()
        {
            Name = exampleDomainName.Domain,
            Type = "A",
            ZoneId = aws_route53_zone.Example.Id,
            Aliases = new[]
            {
                new Aws.Route53.Inputs.RecordAliasArgs
                {
                    EvaluateTargetHealth = true,
                    Name = exampleDomainName.CloudfrontDomainName,
                    ZoneId = exampleDomainName.CloudfrontZoneId,
                },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		exampleDomainName, err := apigateway.NewDomainName(ctx, "exampleDomainName", &apigateway.DomainNameArgs{
    			CertificateArn: pulumi.Any(aws_acm_certificate_validation.Example.Certificate_arn),
    			DomainName:     pulumi.String("api.example.com"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = route53.NewRecord(ctx, "exampleRecord", &route53.RecordArgs{
    			Name:   exampleDomainName.DomainName,
    			Type:   pulumi.String("A"),
    			ZoneId: pulumi.Any(aws_route53_zone.Example.Id),
    			Aliases: route53.RecordAliasArray{
    				&route53.RecordAliasArgs{
    					EvaluateTargetHealth: pulumi.Bool(true),
    					Name:                 exampleDomainName.CloudfrontDomainName,
    					ZoneId:               exampleDomainName.CloudfrontZoneId,
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.apigateway.DomainName;
    import com.pulumi.aws.apigateway.DomainNameArgs;
    import com.pulumi.aws.route53.Record;
    import com.pulumi.aws.route53.RecordArgs;
    import com.pulumi.aws.route53.inputs.RecordAliasArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var exampleDomainName = new DomainName("exampleDomainName", DomainNameArgs.builder()        
                .certificateArn(aws_acm_certificate_validation.example().certificate_arn())
                .domainName("api.example.com")
                .build());
    
            var exampleRecord = new Record("exampleRecord", RecordArgs.builder()        
                .name(exampleDomainName.domainName())
                .type("A")
                .zoneId(aws_route53_zone.example().id())
                .aliases(RecordAliasArgs.builder()
                    .evaluateTargetHealth(true)
                    .name(exampleDomainName.cloudfrontDomainName())
                    .zoneId(exampleDomainName.cloudfrontZoneId())
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    example_domain_name = aws.apigateway.DomainName("exampleDomainName",
        certificate_arn=aws_acm_certificate_validation["example"]["certificate_arn"],
        domain_name="api.example.com")
    # Example DNS record using Route53.
    # Route53 is not specifically required; any DNS host can be used.
    example_record = aws.route53.Record("exampleRecord",
        name=example_domain_name.domain_name,
        type="A",
        zone_id=aws_route53_zone["example"]["id"],
        aliases=[aws.route53.RecordAliasArgs(
            evaluate_target_health=True,
            name=example_domain_name.cloudfront_domain_name,
            zone_id=example_domain_name.cloudfront_zone_id,
        )])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const exampleDomainName = new aws.apigateway.DomainName("exampleDomainName", {
        certificateArn: aws_acm_certificate_validation.example.certificate_arn,
        domainName: "api.example.com",
    });
    // Example DNS record using Route53.
    // Route53 is not specifically required; any DNS host can be used.
    const exampleRecord = new aws.route53.Record("exampleRecord", {
        name: exampleDomainName.domainName,
        type: "A",
        zoneId: aws_route53_zone.example.id,
        aliases: [{
            evaluateTargetHealth: true,
            name: exampleDomainName.cloudfrontDomainName,
            zoneId: exampleDomainName.cloudfrontZoneId,
        }],
    });
    
    resources:
      exampleDomainName:
        type: aws:apigateway:DomainName
        properties:
          certificateArn: ${aws_acm_certificate_validation.example.certificate_arn}
          domainName: api.example.com
      # Example DNS record using Route53.
      # Route53 is not specifically required; any DNS host can be used.
      exampleRecord:
        type: aws:route53:Record
        properties:
          name: ${exampleDomainName.domainName}
          type: A
          zoneId: ${aws_route53_zone.example.id}
          aliases:
            - evaluateTargetHealth: true
              name: ${exampleDomainName.cloudfrontDomainName}
              zoneId: ${exampleDomainName.cloudfrontZoneId}
    

    Edge Optimized (IAM Certificate)

    using System.Collections.Generic;
    using System.IO;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var exampleDomainName = new Aws.ApiGateway.DomainName("exampleDomainName", new()
        {
            Domain = "api.example.com",
            CertificateName = "example-api",
            CertificateBody = File.ReadAllText($"{path.Module}/example.com/example.crt"),
            CertificateChain = File.ReadAllText($"{path.Module}/example.com/ca.crt"),
            CertificatePrivateKey = File.ReadAllText($"{path.Module}/example.com/example.key"),
        });
    
        // Example DNS record using Route53.
        // Route53 is not specifically required; any DNS host can be used.
        var exampleRecord = new Aws.Route53.Record("exampleRecord", new()
        {
            ZoneId = aws_route53_zone.Example.Id,
            Name = exampleDomainName.Domain,
            Type = "A",
            Aliases = new[]
            {
                new Aws.Route53.Inputs.RecordAliasArgs
                {
                    Name = exampleDomainName.CloudfrontDomainName,
                    ZoneId = exampleDomainName.CloudfrontZoneId,
                    EvaluateTargetHealth = true,
                },
            },
        });
    
    });
    
    package main
    
    import (
    	"fmt"
    	"os"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func readFileOrPanic(path string) pulumi.StringPtrInput {
    	data, err := os.ReadFile(path)
    	if err != nil {
    		panic(err.Error())
    	}
    	return pulumi.String(string(data))
    }
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		exampleDomainName, err := apigateway.NewDomainName(ctx, "exampleDomainName", &apigateway.DomainNameArgs{
    			DomainName:            pulumi.String("api.example.com"),
    			CertificateName:       pulumi.String("example-api"),
    			CertificateBody:       readFileOrPanic(fmt.Sprintf("%v/example.com/example.crt", path.Module)),
    			CertificateChain:      readFileOrPanic(fmt.Sprintf("%v/example.com/ca.crt", path.Module)),
    			CertificatePrivateKey: readFileOrPanic(fmt.Sprintf("%v/example.com/example.key", path.Module)),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = route53.NewRecord(ctx, "exampleRecord", &route53.RecordArgs{
    			ZoneId: pulumi.Any(aws_route53_zone.Example.Id),
    			Name:   exampleDomainName.DomainName,
    			Type:   pulumi.String("A"),
    			Aliases: route53.RecordAliasArray{
    				&route53.RecordAliasArgs{
    					Name:                 exampleDomainName.CloudfrontDomainName,
    					ZoneId:               exampleDomainName.CloudfrontZoneId,
    					EvaluateTargetHealth: pulumi.Bool(true),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.apigateway.DomainName;
    import com.pulumi.aws.apigateway.DomainNameArgs;
    import com.pulumi.aws.route53.Record;
    import com.pulumi.aws.route53.RecordArgs;
    import com.pulumi.aws.route53.inputs.RecordAliasArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var exampleDomainName = new DomainName("exampleDomainName", DomainNameArgs.builder()        
                .domainName("api.example.com")
                .certificateName("example-api")
                .certificateBody(Files.readString(Paths.get(String.format("%s/example.com/example.crt", path.module()))))
                .certificateChain(Files.readString(Paths.get(String.format("%s/example.com/ca.crt", path.module()))))
                .certificatePrivateKey(Files.readString(Paths.get(String.format("%s/example.com/example.key", path.module()))))
                .build());
    
            var exampleRecord = new Record("exampleRecord", RecordArgs.builder()        
                .zoneId(aws_route53_zone.example().id())
                .name(exampleDomainName.domainName())
                .type("A")
                .aliases(RecordAliasArgs.builder()
                    .name(exampleDomainName.cloudfrontDomainName())
                    .zoneId(exampleDomainName.cloudfrontZoneId())
                    .evaluateTargetHealth(true)
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    example_domain_name = aws.apigateway.DomainName("exampleDomainName",
        domain_name="api.example.com",
        certificate_name="example-api",
        certificate_body=(lambda path: open(path).read())(f"{path['module']}/example.com/example.crt"),
        certificate_chain=(lambda path: open(path).read())(f"{path['module']}/example.com/ca.crt"),
        certificate_private_key=(lambda path: open(path).read())(f"{path['module']}/example.com/example.key"))
    # Example DNS record using Route53.
    # Route53 is not specifically required; any DNS host can be used.
    example_record = aws.route53.Record("exampleRecord",
        zone_id=aws_route53_zone["example"]["id"],
        name=example_domain_name.domain_name,
        type="A",
        aliases=[aws.route53.RecordAliasArgs(
            name=example_domain_name.cloudfront_domain_name,
            zone_id=example_domain_name.cloudfront_zone_id,
            evaluate_target_health=True,
        )])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    import * as fs from "fs";
    
    const exampleDomainName = new aws.apigateway.DomainName("exampleDomainName", {
        domainName: "api.example.com",
        certificateName: "example-api",
        certificateBody: fs.readFileSync(`${path.module}/example.com/example.crt`),
        certificateChain: fs.readFileSync(`${path.module}/example.com/ca.crt`),
        certificatePrivateKey: fs.readFileSync(`${path.module}/example.com/example.key`),
    });
    // Example DNS record using Route53.
    // Route53 is not specifically required; any DNS host can be used.
    const exampleRecord = new aws.route53.Record("exampleRecord", {
        zoneId: aws_route53_zone.example.id,
        name: exampleDomainName.domainName,
        type: "A",
        aliases: [{
            name: exampleDomainName.cloudfrontDomainName,
            zoneId: exampleDomainName.cloudfrontZoneId,
            evaluateTargetHealth: true,
        }],
    });
    
    resources:
      exampleDomainName:
        type: aws:apigateway:DomainName
        properties:
          domainName: api.example.com
          certificateName: example-api
          certificateBody:
            fn::readFile: ${path.module}/example.com/example.crt
          certificateChain:
            fn::readFile: ${path.module}/example.com/ca.crt
          certificatePrivateKey:
            fn::readFile: ${path.module}/example.com/example.key
      # Example DNS record using Route53.
      # Route53 is not specifically required; any DNS host can be used.
      exampleRecord:
        type: aws:route53:Record
        properties:
          zoneId: ${aws_route53_zone.example.id} # See aws_route53_zone for how to create this
          name: ${exampleDomainName.domainName}
          type: A
          aliases:
            - name: ${exampleDomainName.cloudfrontDomainName}
              zoneId: ${exampleDomainName.cloudfrontZoneId}
              evaluateTargetHealth: true
    

    Regional (ACM Certificate)

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.apigateway.DomainName;
    import com.pulumi.aws.apigateway.DomainNameArgs;
    import com.pulumi.aws.apigateway.inputs.DomainNameEndpointConfigurationArgs;
    import com.pulumi.aws.route53.Record;
    import com.pulumi.aws.route53.RecordArgs;
    import com.pulumi.aws.route53.inputs.RecordAliasArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var exampleDomainName = new DomainName("exampleDomainName", DomainNameArgs.builder()        
                .domainName("api.example.com")
                .regionalCertificateArn(aws_acm_certificate_validation.example().certificate_arn())
                .endpointConfiguration(DomainNameEndpointConfigurationArgs.builder()
                    .types("REGIONAL")
                    .build())
                .build());
    
            var exampleRecord = new Record("exampleRecord", RecordArgs.builder()        
                .name(exampleDomainName.domainName())
                .type("A")
                .zoneId(aws_route53_zone.example().id())
                .aliases(RecordAliasArgs.builder()
                    .evaluateTargetHealth(true)
                    .name(exampleDomainName.regionalDomainName())
                    .zoneId(exampleDomainName.regionalZoneId())
                    .build())
                .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      exampleDomainName:
        type: aws:apigateway:DomainName
        properties:
          domainName: api.example.com
          regionalCertificateArn: ${aws_acm_certificate_validation.example.certificate_arn}
          endpointConfiguration:
            types:
              - REGIONAL
      # Example DNS record using Route53.
      # Route53 is not specifically required; any DNS host can be used.
      exampleRecord:
        type: aws:route53:Record
        properties:
          name: ${exampleDomainName.domainName}
          type: A
          zoneId: ${aws_route53_zone.example.id}
          aliases:
            - evaluateTargetHealth: true
              name: ${exampleDomainName.regionalDomainName}
              zoneId: ${exampleDomainName.regionalZoneId}
    

    Regional (IAM Certificate)

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.apigateway.DomainName;
    import com.pulumi.aws.apigateway.DomainNameArgs;
    import com.pulumi.aws.apigateway.inputs.DomainNameEndpointConfigurationArgs;
    import com.pulumi.aws.route53.Record;
    import com.pulumi.aws.route53.RecordArgs;
    import com.pulumi.aws.route53.inputs.RecordAliasArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var exampleDomainName = new DomainName("exampleDomainName", DomainNameArgs.builder()        
                .certificateBody(Files.readString(Paths.get(String.format("%s/example.com/example.crt", path.module()))))
                .certificateChain(Files.readString(Paths.get(String.format("%s/example.com/ca.crt", path.module()))))
                .certificatePrivateKey(Files.readString(Paths.get(String.format("%s/example.com/example.key", path.module()))))
                .domainName("api.example.com")
                .regionalCertificateName("example-api")
                .endpointConfiguration(DomainNameEndpointConfigurationArgs.builder()
                    .types("REGIONAL")
                    .build())
                .build());
    
            var exampleRecord = new Record("exampleRecord", RecordArgs.builder()        
                .name(exampleDomainName.domainName())
                .type("A")
                .zoneId(aws_route53_zone.example().id())
                .aliases(RecordAliasArgs.builder()
                    .evaluateTargetHealth(true)
                    .name(exampleDomainName.regionalDomainName())
                    .zoneId(exampleDomainName.regionalZoneId())
                    .build())
                .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      exampleDomainName:
        type: aws:apigateway:DomainName
        properties:
          certificateBody:
            fn::readFile: ${path.module}/example.com/example.crt
          certificateChain:
            fn::readFile: ${path.module}/example.com/ca.crt
          certificatePrivateKey:
            fn::readFile: ${path.module}/example.com/example.key
          domainName: api.example.com
          regionalCertificateName: example-api
          endpointConfiguration:
            types:
              - REGIONAL
      # Example DNS record using Route53.
      # Route53 is not specifically required; any DNS host can be used.
      exampleRecord:
        type: aws:route53:Record
        properties:
          name: ${exampleDomainName.domainName}
          type: A
          zoneId: ${aws_route53_zone.example.id}
          aliases:
            - evaluateTargetHealth: true
              name: ${exampleDomainName.regionalDomainName}
              zoneId: ${exampleDomainName.regionalZoneId}
    

    Create DomainName Resource

    new DomainName(name: string, args: DomainNameArgs, opts?: CustomResourceOptions);
    @overload
    def DomainName(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   certificate_arn: Optional[str] = None,
                   certificate_body: Optional[str] = None,
                   certificate_chain: Optional[str] = None,
                   certificate_name: Optional[str] = None,
                   certificate_private_key: Optional[str] = None,
                   domain_name: Optional[str] = None,
                   endpoint_configuration: Optional[DomainNameEndpointConfigurationArgs] = None,
                   mutual_tls_authentication: Optional[DomainNameMutualTlsAuthenticationArgs] = None,
                   ownership_verification_certificate_arn: Optional[str] = None,
                   regional_certificate_arn: Optional[str] = None,
                   regional_certificate_name: Optional[str] = None,
                   security_policy: Optional[str] = None,
                   tags: Optional[Mapping[str, str]] = None)
    @overload
    def DomainName(resource_name: str,
                   args: DomainNameArgs,
                   opts: Optional[ResourceOptions] = None)
    func NewDomainName(ctx *Context, name string, args DomainNameArgs, opts ...ResourceOption) (*DomainName, error)
    public DomainName(string name, DomainNameArgs args, CustomResourceOptions? opts = null)
    public DomainName(String name, DomainNameArgs args)
    public DomainName(String name, DomainNameArgs args, CustomResourceOptions options)
    
    type: aws:apigateway:DomainName
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args DomainNameArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DomainNameArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DomainNameArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DomainNameArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DomainNameArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    DomainName Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The DomainName resource accepts the following input properties:

    Domain string

    Fully-qualified domain name to register.

    CertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    CertificateBody string

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateChain string

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateName string

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    CertificatePrivateKey string

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    EndpointConfiguration DomainNameEndpointConfiguration

    Configuration block defining API endpoint information including type. See below.

    MutualTlsAuthentication DomainNameMutualTlsAuthentication

    Mutual TLS authentication configuration for the domain name. See below.

    OwnershipVerificationCertificateArn string

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    RegionalCertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    RegionalCertificateName string

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    SecurityPolicy string

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    Tags Dictionary<string, string>

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    DomainName string

    Fully-qualified domain name to register.

    CertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    CertificateBody string

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateChain string

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateName string

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    CertificatePrivateKey string

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    EndpointConfiguration DomainNameEndpointConfigurationArgs

    Configuration block defining API endpoint information including type. See below.

    MutualTlsAuthentication DomainNameMutualTlsAuthenticationArgs

    Mutual TLS authentication configuration for the domain name. See below.

    OwnershipVerificationCertificateArn string

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    RegionalCertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    RegionalCertificateName string

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    SecurityPolicy string

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    Tags map[string]string

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    domainName String

    Fully-qualified domain name to register.

    certificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificateBody String

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateChain String

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateName String

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificatePrivateKey String

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    endpointConfiguration DomainNameEndpointConfiguration

    Configuration block defining API endpoint information including type. See below.

    mutualTlsAuthentication DomainNameMutualTlsAuthentication

    Mutual TLS authentication configuration for the domain name. See below.

    ownershipVerificationCertificateArn String

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regionalCertificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regionalCertificateName String

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    securityPolicy String

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags Map<String,String>

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    domainName string

    Fully-qualified domain name to register.

    certificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificateBody string

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateChain string

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateName string

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificatePrivateKey string

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    endpointConfiguration DomainNameEndpointConfiguration

    Configuration block defining API endpoint information including type. See below.

    mutualTlsAuthentication DomainNameMutualTlsAuthentication

    Mutual TLS authentication configuration for the domain name. See below.

    ownershipVerificationCertificateArn string

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regionalCertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regionalCertificateName string

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    securityPolicy string

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags {[key: string]: string}

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    domain_name str

    Fully-qualified domain name to register.

    certificate_arn str

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificate_body str

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificate_chain str

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificate_name str

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificate_private_key str

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    endpoint_configuration DomainNameEndpointConfigurationArgs

    Configuration block defining API endpoint information including type. See below.

    mutual_tls_authentication DomainNameMutualTlsAuthenticationArgs

    Mutual TLS authentication configuration for the domain name. See below.

    ownership_verification_certificate_arn str

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regional_certificate_arn str

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regional_certificate_name str

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    security_policy str

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags Mapping[str, str]

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    domainName String

    Fully-qualified domain name to register.

    certificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificateBody String

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateChain String

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateName String

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificatePrivateKey String

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    endpointConfiguration Property Map

    Configuration block defining API endpoint information including type. See below.

    mutualTlsAuthentication Property Map

    Mutual TLS authentication configuration for the domain name. See below.

    ownershipVerificationCertificateArn String

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regionalCertificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regionalCertificateName String

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    securityPolicy String

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags Map<String>

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    Outputs

    All input properties are implicitly available as output properties. Additionally, the DomainName resource produces the following output properties:

    Arn string

    ARN of domain name.

    CertificateUploadDate string

    Upload date associated with the domain certificate.

    CloudfrontDomainName string

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    CloudfrontZoneId string

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    Id string

    The provider-assigned unique ID for this managed resource.

    RegionalDomainName string

    Hostname for the custom domain's regional endpoint.

    RegionalZoneId string

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    TagsAll Dictionary<string, string>

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    Arn string

    ARN of domain name.

    CertificateUploadDate string

    Upload date associated with the domain certificate.

    CloudfrontDomainName string

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    CloudfrontZoneId string

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    Id string

    The provider-assigned unique ID for this managed resource.

    RegionalDomainName string

    Hostname for the custom domain's regional endpoint.

    RegionalZoneId string

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    TagsAll map[string]string

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn String

    ARN of domain name.

    certificateUploadDate String

    Upload date associated with the domain certificate.

    cloudfrontDomainName String

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfrontZoneId String

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    id String

    The provider-assigned unique ID for this managed resource.

    regionalDomainName String

    Hostname for the custom domain's regional endpoint.

    regionalZoneId String

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    tagsAll Map<String,String>

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn string

    ARN of domain name.

    certificateUploadDate string

    Upload date associated with the domain certificate.

    cloudfrontDomainName string

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfrontZoneId string

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    id string

    The provider-assigned unique ID for this managed resource.

    regionalDomainName string

    Hostname for the custom domain's regional endpoint.

    regionalZoneId string

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    tagsAll {[key: string]: string}

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn str

    ARN of domain name.

    certificate_upload_date str

    Upload date associated with the domain certificate.

    cloudfront_domain_name str

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfront_zone_id str

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    id str

    The provider-assigned unique ID for this managed resource.

    regional_domain_name str

    Hostname for the custom domain's regional endpoint.

    regional_zone_id str

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    tags_all Mapping[str, str]

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn String

    ARN of domain name.

    certificateUploadDate String

    Upload date associated with the domain certificate.

    cloudfrontDomainName String

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfrontZoneId String

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    id String

    The provider-assigned unique ID for this managed resource.

    regionalDomainName String

    Hostname for the custom domain's regional endpoint.

    regionalZoneId String

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    tagsAll Map<String>

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    Look up Existing DomainName Resource

    Get an existing DomainName resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: DomainNameState, opts?: CustomResourceOptions): DomainName
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            certificate_arn: Optional[str] = None,
            certificate_body: Optional[str] = None,
            certificate_chain: Optional[str] = None,
            certificate_name: Optional[str] = None,
            certificate_private_key: Optional[str] = None,
            certificate_upload_date: Optional[str] = None,
            cloudfront_domain_name: Optional[str] = None,
            cloudfront_zone_id: Optional[str] = None,
            domain_name: Optional[str] = None,
            endpoint_configuration: Optional[DomainNameEndpointConfigurationArgs] = None,
            mutual_tls_authentication: Optional[DomainNameMutualTlsAuthenticationArgs] = None,
            ownership_verification_certificate_arn: Optional[str] = None,
            regional_certificate_arn: Optional[str] = None,
            regional_certificate_name: Optional[str] = None,
            regional_domain_name: Optional[str] = None,
            regional_zone_id: Optional[str] = None,
            security_policy: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None) -> DomainName
    func GetDomainName(ctx *Context, name string, id IDInput, state *DomainNameState, opts ...ResourceOption) (*DomainName, error)
    public static DomainName Get(string name, Input<string> id, DomainNameState? state, CustomResourceOptions? opts = null)
    public static DomainName get(String name, Output<String> id, DomainNameState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string

    ARN of domain name.

    CertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    CertificateBody string

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateChain string

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateName string

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    CertificatePrivateKey string

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateUploadDate string

    Upload date associated with the domain certificate.

    CloudfrontDomainName string

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    CloudfrontZoneId string

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    Domain string

    Fully-qualified domain name to register.

    EndpointConfiguration DomainNameEndpointConfiguration

    Configuration block defining API endpoint information including type. See below.

    MutualTlsAuthentication DomainNameMutualTlsAuthentication

    Mutual TLS authentication configuration for the domain name. See below.

    OwnershipVerificationCertificateArn string

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    RegionalCertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    RegionalCertificateName string

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    RegionalDomainName string

    Hostname for the custom domain's regional endpoint.

    RegionalZoneId string

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    SecurityPolicy string

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    Tags Dictionary<string, string>

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    TagsAll Dictionary<string, string>

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    Arn string

    ARN of domain name.

    CertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    CertificateBody string

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateChain string

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateName string

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    CertificatePrivateKey string

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    CertificateUploadDate string

    Upload date associated with the domain certificate.

    CloudfrontDomainName string

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    CloudfrontZoneId string

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    DomainName string

    Fully-qualified domain name to register.

    EndpointConfiguration DomainNameEndpointConfigurationArgs

    Configuration block defining API endpoint information including type. See below.

    MutualTlsAuthentication DomainNameMutualTlsAuthenticationArgs

    Mutual TLS authentication configuration for the domain name. See below.

    OwnershipVerificationCertificateArn string

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    RegionalCertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    RegionalCertificateName string

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    RegionalDomainName string

    Hostname for the custom domain's regional endpoint.

    RegionalZoneId string

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    SecurityPolicy string

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    Tags map[string]string

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    TagsAll map[string]string

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn String

    ARN of domain name.

    certificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificateBody String

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateChain String

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateName String

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificatePrivateKey String

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateUploadDate String

    Upload date associated with the domain certificate.

    cloudfrontDomainName String

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfrontZoneId String

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    domainName String

    Fully-qualified domain name to register.

    endpointConfiguration DomainNameEndpointConfiguration

    Configuration block defining API endpoint information including type. See below.

    mutualTlsAuthentication DomainNameMutualTlsAuthentication

    Mutual TLS authentication configuration for the domain name. See below.

    ownershipVerificationCertificateArn String

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regionalCertificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regionalCertificateName String

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    regionalDomainName String

    Hostname for the custom domain's regional endpoint.

    regionalZoneId String

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    securityPolicy String

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags Map<String,String>

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    tagsAll Map<String,String>

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn string

    ARN of domain name.

    certificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificateBody string

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateChain string

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateName string

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificatePrivateKey string

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateUploadDate string

    Upload date associated with the domain certificate.

    cloudfrontDomainName string

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfrontZoneId string

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    domainName string

    Fully-qualified domain name to register.

    endpointConfiguration DomainNameEndpointConfiguration

    Configuration block defining API endpoint information including type. See below.

    mutualTlsAuthentication DomainNameMutualTlsAuthentication

    Mutual TLS authentication configuration for the domain name. See below.

    ownershipVerificationCertificateArn string

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regionalCertificateArn string

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regionalCertificateName string

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    regionalDomainName string

    Hostname for the custom domain's regional endpoint.

    regionalZoneId string

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    securityPolicy string

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags {[key: string]: string}

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    tagsAll {[key: string]: string}

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn str

    ARN of domain name.

    certificate_arn str

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificate_body str

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificate_chain str

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificate_name str

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificate_private_key str

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificate_upload_date str

    Upload date associated with the domain certificate.

    cloudfront_domain_name str

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfront_zone_id str

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    domain_name str

    Fully-qualified domain name to register.

    endpoint_configuration DomainNameEndpointConfigurationArgs

    Configuration block defining API endpoint information including type. See below.

    mutual_tls_authentication DomainNameMutualTlsAuthenticationArgs

    Mutual TLS authentication configuration for the domain name. See below.

    ownership_verification_certificate_arn str

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regional_certificate_arn str

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regional_certificate_name str

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    regional_domain_name str

    Hostname for the custom domain's regional endpoint.

    regional_zone_id str

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    security_policy str

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags Mapping[str, str]

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    tags_all Mapping[str, str]

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    arn String

    ARN of domain name.

    certificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with certificate_name, certificate_body, certificate_chain, certificate_private_key, regional_certificate_arn, and regional_certificate_name.

    certificateBody String

    Certificate issued for the domain name being registered, in PEM format. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateChain String

    Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateName String

    Unique name to use when registering this certificate as an IAM server certificate. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. Required if certificate_arn is not set.

    certificatePrivateKey String

    Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name.

    certificateUploadDate String

    Upload date associated with the domain certificate.

    cloudfrontDomainName String

    Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.

    cloudfrontZoneId String

    For convenience, the hosted zone ID (Z2FDTNDATAQYW2) that can be used to create a Route53 alias record for the distribution.

    domainName String

    Fully-qualified domain name to register.

    endpointConfiguration Property Map

    Configuration block defining API endpoint information including type. See below.

    mutualTlsAuthentication Property Map

    Mutual TLS authentication configuration for the domain name. See below.

    ownershipVerificationCertificateArn String

    ARN of the AWS-issued certificate used to validate custom domain ownership (when certificate_arn is issued via an ACM Private CA or mutual_tls_authentication is configured with an ACM-imported certificate.)

    regionalCertificateArn String

    ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    When uploading a certificate, the following arguments are supported:

    regionalCertificateName String

    User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with certificate_arn, certificate_name, certificate_body, certificate_chain, and certificate_private_key.

    regionalDomainName String

    Hostname for the custom domain's regional endpoint.

    regionalZoneId String

    Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.

    securityPolicy String

    Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are TLS_1_0 and TLS_1_2. Must be configured to perform drift detection.

    tags Map<String>

    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    When referencing an AWS-managed certificate, the following arguments are supported:

    tagsAll Map<String>

    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:

    Please use tags instead.

    Supporting Types

    DomainNameEndpointConfiguration, DomainNameEndpointConfigurationArgs

    Types string

    List of endpoint types. This resource currently only supports managing a single value. Valid values: EDGE or REGIONAL. If unspecified, defaults to EDGE. Must be declared as REGIONAL in non-Commercial partitions. Refer to the documentation for more information on the difference between edge-optimized and regional APIs.

    Types string

    List of endpoint types. This resource currently only supports managing a single value. Valid values: EDGE or REGIONAL. If unspecified, defaults to EDGE. Must be declared as REGIONAL in non-Commercial partitions. Refer to the documentation for more information on the difference between edge-optimized and regional APIs.

    types String

    List of endpoint types. This resource currently only supports managing a single value. Valid values: EDGE or REGIONAL. If unspecified, defaults to EDGE. Must be declared as REGIONAL in non-Commercial partitions. Refer to the documentation for more information on the difference between edge-optimized and regional APIs.

    types string

    List of endpoint types. This resource currently only supports managing a single value. Valid values: EDGE or REGIONAL. If unspecified, defaults to EDGE. Must be declared as REGIONAL in non-Commercial partitions. Refer to the documentation for more information on the difference between edge-optimized and regional APIs.

    types str

    List of endpoint types. This resource currently only supports managing a single value. Valid values: EDGE or REGIONAL. If unspecified, defaults to EDGE. Must be declared as REGIONAL in non-Commercial partitions. Refer to the documentation for more information on the difference between edge-optimized and regional APIs.

    types String

    List of endpoint types. This resource currently only supports managing a single value. Valid values: EDGE or REGIONAL. If unspecified, defaults to EDGE. Must be declared as REGIONAL in non-Commercial partitions. Refer to the documentation for more information on the difference between edge-optimized and regional APIs.

    DomainNameMutualTlsAuthentication, DomainNameMutualTlsAuthenticationArgs

    TruststoreUri string

    Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.

    TruststoreVersion string

    Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.

    TruststoreUri string

    Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.

    TruststoreVersion string

    Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.

    truststoreUri String

    Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.

    truststoreVersion String

    Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.

    truststoreUri string

    Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.

    truststoreVersion string

    Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.

    truststore_uri str

    Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.

    truststore_version str

    Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.

    truststoreUri String

    Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.

    truststoreVersion String

    Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.

    Import

    Using pulumi import, import API Gateway domain names using their name. For example:

     $ pulumi import aws:apigateway/domainName:DomainName example dev.example.com
    

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the aws Terraform Provider.

    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.12.3 published on Thursday, Nov 30, 2023 by Pulumi