ACM Certificate
Public TLS certificate for ALB / CloudFront / API Gateway.
Configuration
Section titled “Configuration”| Setting | Type | Required | Default |
|---|---|---|---|
| Primary domain | Text | Yes | — |
| SAN list | List | — | — |
| Validation method Options: DNS, Email | Choice | — | DNS |
| Transparency logging | Toggle | — | true |
| Key algorithm Options: RSA 2048, RSA 4096, ECC P-256, ECC P-384 | Choice | — | RSA_2048 |
| Renew this many days early | Number | — | 0 |
| Private CA ARN (private cert) | Text | — | — |
| Tags | Key–value | — | — |
Connections
Section titled “Connections”| Socket | Direction | Accepts | Terraform arg |
|---|---|---|---|
| Private CA | Input | aws.acm-pca-authority | certificate_authority_arn |
| Used by | Output | aws.acm-certificate-validation, aws.cloudfront, aws.lb-listener | — |