aws-cdk construct - Certification Manager

Question

Below is my understanding on talking to AWS API(REST) using SDK approach or CF template generation tools(like AWS_CDK or Troposphere)

Working with AWS certification manager, we would like to create private root CA using aws-cdk constructs.

But the cdk-documentation does not support any construct to create root CA

On troposphere side, it is the same story, no support for creating root CA

aws_sdk has support for creating root CA, but state maintenance is the issue.

My preference is to pick aws_cdk, but,

What is the current status on this api level support to create private root CA, using aws-cdk?

score 1 · Accepted Answer · answered Jul 04 '19 at 07:54

1

Cloudformation does not support private Root CA Resources (view the supported resources). Therefore cdk and troposphere can not provide support for it.

You can create a Lambda backed Custom Resource that adds support for the acm pca stuff (take a look at the docs). You could use cdk to create the CustomResource and a python lambda that wraps the acm pca API calls.

answered Jul 04 '19 at 07:54

quadroid

8,444
6
49
82

I created a custom resource for a iam SamlProvider (which is not supported by Cloudformation as well). You can take a look here https://github.com/ventx/aws-cdk-library/blob/master/lib/constructs/SamlProviderConstruct.ts – quadroid Jul 04 '19 at 11:58

aws-cdk construct - Certification Manager

1 Answers1