0

I have a stack definition for AWS Fargate. Among other things, my stack has a load balancer, and a public IP/DNS for outside access. I made the certificate manually, using Route53 and currently attach it as:

Parameters:
  VPC:
    Type: AWS::EC2::VPC::Id
  SubnetA:
    Type: AWS::EC2::Subnet::Id
  SubnetB:
    Type: AWS::EC2::Subnet::Id
  Certificate:
    Type: String
    # Update with the certificate ARN from Certificate Manager, which must exist in the same region.
    # In our case, it is staging-api.mydomain.com
    Default: 'arn:aws:acm:us-east-1:505xxxxx303:certificate/03df1a1e-xxxx-xxxx-xxxx-34388b5a1f67'

I would much rather create/update the SSL certificate upon stack creation, instead of having to depend on an external process returning an existing certificate id. In fact, I would rather do away with both my hardcoded AWS account id and the hardcoded certificate id.

Can I get/inherit the account id from the AWS principal somehow and automate the certificate management?

Igor Shmukler
  • 1,742
  • 3
  • 15
  • 48

1 Answers1

1

In general you would use AWS::AccountId variable. But this does not work in Parameters.

Your only choice to overcome this is through macro which you would have to develop yourself in the form of a lambda function.

Marcin
  • 215,873
  • 14
  • 235
  • 294
  • AWS::AccountId is great. Thank you. It will help with account id. Do you have a recommendation for the SSL certificate maybe? – Igor Shmukler Jul 10 '22 at 23:54
  • 1
    @IgorShmukler `AWS::AccountId` will not work in `Parameters`. As I said, you have to create macro to do what you want. – Marcin Jul 11 '22 at 01:10