AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::Transfer::Certificate

CfnCertificate

Imports the signing and encryption certificates that you need to create local (AS2) profiles and partner profiles. You can import both the certificate and its chain in the `Certificate` parameter. After importing a certificate, AWS Transfer Family automatically creates a Amazon CloudWatch metric called `DaysUntilExpiry` that tracks the number of days until the certificate expires. The metric is based on the `InactiveDate` parameter and is published daily in the `AWS/Transfer` namespace. > It can take up to a full day after importing a certificate for Transfer Family to emit the `DaysUntilExpiry` metric to your account. > If you use the `Certificate` parameter to upload both the certificate and its chain, don't use the `CertificateChain` parameter. *CloudWatch monitoring* The `DaysUntilExpiry` metric includes the following specifications: - *Units:* Count (days) - *Dimensions:* `CertificateId` (always present), `Description` (if provided during certificate import) - *Statistics:* Minimum, Maximum, Average - *Frequency:* Published daily

Import

import { CfnCertificate } from 'aws-cdk-lib/aws-transfer';

Or use the module namespace:

import * as transfer from 'aws-cdk-lib/aws-transfer';
// transfer.CfnCertificate

Properties

Configuration passed to the constructor as CfnCertificateProps.

certificateRequired
string

The file name for the certificate.

usageRequired
string

Specifies how this certificate is used. It can be used in the following ways:. - `SIGNING` : For signing AS2 messages - `ENCRYPTION` : For encrypting AS2 messages - `TLS` : For securing AS2 communications sent over HTTPS

activeDateOptional
string

An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.

certificateChainOptional
string

The list of certificates that make up the chain for the certificate.

descriptionOptional
string

The name or description that's used to identity the certificate.

inactiveDateOptional
string

An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.

privateKeyOptional
string

The file that contains the private key for the certificate that's being imported.

tagsOptional
CfnTag[]

Key-value pairs that can be used to group and search for certificates.

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::Transfer::CertificateView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-transfer
CFN TypeAWS::Transfer::Certificate
Properties8

Related Constructs

Explore This Service

External Links