aws-amplify-alpha: Add support for custom ACM cert
thedevopsguyblog opened this issue · comments
Describe the feature
Hello,
In the UI their is an option to specify a custom SSL cert that is provisioned via ACM.
![Screenshot 2024-06-20 at 9 59 48 am](https://private-user-images.githubusercontent.com/39054710/341345769-f78c49af-4c72-487d-a1ca-6ad8350bab47.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjI1NzY0NzgsIm5iZiI6MTcyMjU3NjE3OCwicGF0aCI6Ii8zOTA1NDcxMC8zNDEzNDU3NjktZjc4YzQ5YWYtNGM3Mi00ODdkLWExY2EtNmFkODM1MGJhYjQ3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA4MDIlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwODAyVDA1MjI1OFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTkzOWUwMmZhZDVhNTg4ODQxNGRhZjlkMDgyZjBhMGZkNzdlNmNlZmFiMGYxM2E3MDI3YzlhM2ZjNDZjNGQwNWEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.B05i8evvM-3Ws-z0xjTMnNbqw7d2pQC166l50p9WIsM)
Using the aws-amplify-alpha construct it would be handy if i could specify a SSL cert I would like to use.
Use Case
I know Specifically in the case when i want to provision my own cert for a custom domain name in cognito and use the same cert for my frontend.
Proposed Solution
- Provision the ACM managed cert in a separate stack
new cdk.aws_certificatemanager.Certificate(this, 'Certificate', {
domainName: props!.envVars.FQDN,
validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(importedHostedZone),
subjectAlternativeNames:[
`*.${props!.envVars.FQDN}`,
`*.api.${props!.envVars.FQDN}`,
`*.auth.${props!.envVars.FQDN}`,
]
});
}
- In the stack where we define the FE app
new amplifyAlpha.App(this, 'mySubAmpHosting', {
...
acmCert:{
fromCertificateArn:`xxx`
}
})
Other Information
No response
Acknowledgements
- I may be able to implement this feature request
- This feature might incur a breaking change
CDK version used
2.143.0 (build 9f2bdf7)
Environment details (OS name and version, etc.)
macOS Ventura - 13.6.3
Hi @thedevopsguyblog , thanks for reaching out.
I see that CertificateSettings prop is supported by the cloudformation, and is missing from the alpha module. This prop support providing AWS managed or Custom certificates, hence is suitable for your usecase.
However I am marking this issue as P3, requesting contributions from the community in this regard.