Resource: awsApigatewayv2DomainName
Manages an Amazon API Gateway Version 2 domain name. More information can be found in the Amazon API Gateway Developer Guide.
-> Note: This resource establishes ownership of and the TLS settings for a particular domain name. An API stage can be associated with the domain name using the awsApigatewayv2ApiMapping
resource.
Example Usage
Basic
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.apigatewayv2DomainName.Apigatewayv2DomainName(this, "example", {
domainName: "ws-api.example.com",
domainNameConfiguration: {
certificateArn: "${aws_acm_certificate.example.arn}",
endpointType: "REGIONAL",
securityPolicy: "TLS_1_2",
},
});
Associated Route 53 Resource Record
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsApigatewayv2DomainNameExample =
new aws.apigatewayv2DomainName.Apigatewayv2DomainName(this, "example", {
domainName: "http-api.example.com",
domainNameConfiguration: {
certificateArn: "${aws_acm_certificate.example.arn}",
endpointType: "REGIONAL",
securityPolicy: "TLS_1_2",
},
});
const awsRoute53RecordExample = new aws.route53Record.Route53Record(
this,
"example_1",
{
alias: {
evaluateTargetHealth: false,
name: `\${${awsApigatewayv2DomainNameExample.domainNameConfiguration.fqn}[0].target_domain_name}`,
zoneId: `\${${awsApigatewayv2DomainNameExample.domainNameConfiguration.fqn}[0].hosted_zone_id}`,
},
name: awsApigatewayv2DomainNameExample.domainName,
type: "A",
zoneId: "${aws_route53_zone.example.zone_id}",
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsRoute53RecordExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
domainName
- (Required) Domain name. Must be between 1 and 512 characters in length.domainNameConfiguration
- (Required) Domain name configuration. See below.mutualTlsAuthentication
- (Optional) Mutual TLS authentication configuration for the domain name.tags
- (Optional) Map of tags to assign to the domain name. If configured with a providerdefaultTags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
domainNameConfiguration
certificateArn
- (Required) ARN of an AWS-managed certificate that will be used by the endpoint for the domain name. AWS Certificate Manager is the only supported source. Use theawsAcmCertificate
resource to configure an ACM certificate.endpointType
- (Required) Endpoint type. Valid values:regional
.hostedZoneId
- (Computed) Amazon Route 53 Hosted Zone ID of the endpoint.ownershipVerificationCertificateArn
- (Optional) ARN of the AWS-issued certificate used to validate custom domain ownership (whencertificateArn
is issued via an ACM Private CA ormutualTlsAuthentication
is configured with an ACM-imported certificate.)securityPolicy
- (Required) Transport Layer Security (TLS) version of the security policy for the domain name. Valid values:TLS_1_2
.targetDomainName
- (Computed) Target domain name.
mutualTlsAuthentication
truststoreUri
- (Required) Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example,s3://bucketName/keyName
. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.truststoreVersion
- (Optional) Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
apiMappingSelectionExpression
- API mapping selection expression for the domain name.arn
- ARN of the domain name.id
- Domain name identifier.tagsAll
- Map of tags assigned to the resource, including those inherited from the providerdefaultTags
configuration block.
Timeouts
create
- (Default10M
)update
- (Default60M
)
Import
awsApigatewayv2DomainName
can be imported by using the domain name, e.g.,