AWS Lambda function — approves ACM certificates issued with DNS validation option. Following lambda is written as a custom resource to automate certificate approval process in a stack.

Download code:

git clone https://github.com/b-b3rn4rd/acm-approver-lambda.git

Create CloudFormation stack

$ S3_BUCKET_NAME=bucket-name DOMAIN_NAME=www.example.net make deploy

... ouput ....
Waiting for changeset to be created..
Waiting for stack create/update to complete
Successfully created/updated stack - acm-approver-lamda

Following command will create CloudFormation stack, which provisions lambda function and invokes it as a custom resource to request and confirm required certificate.

I have not found a way to 100% accurately identify hosted zone id based on certificate's domain name, currently I'm using longest match suffix approach.