This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::IoT::CACertificate
Specifies a CA certificate.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::IoT::CACertificate", "Properties" : { "AutoRegistrationStatus" :String, "CACertificatePem" :String, "CertificateMode" :String, "RegistrationConfig" :RegistrationConfig, "RemoveAutoRegistration" :Boolean, "Status" :String, "Tags" :[ Tag, ... ], "VerificationCertificatePem" :String} }
YAML
Type: AWS::IoT::CACertificate Properties: AutoRegistrationStatus:StringCACertificatePem:StringCertificateMode:StringRegistrationConfig:RegistrationConfigRemoveAutoRegistration:BooleanStatus:StringTags:- TagVerificationCertificatePem:String
Properties
- AutoRegistrationStatus
- 
                    Whether the CA certificate is configured for auto registration of device certificates. Valid values are "ENABLE" and "DISABLE". Required: No Type: String Allowed values: ENABLE | DISABLEUpdate requires: No interruption 
- CACertificatePem
- 
                    The certificate data in PEM format. Required: Yes Type: String Pattern: [\s\S]*Minimum: 1Maximum: 65536Update requires: Replacement 
- CertificateMode
- 
                    The mode of the CA. All the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see certificate mode. Valid values are "DEFAULT" and "SNI_ONLY". Required: No Type: String Allowed values: DEFAULT | SNI_ONLYUpdate requires: Replacement 
- RegistrationConfig
- 
                    Information about the registration configuration. Required: No Type: RegistrationConfig Update requires: No interruption 
- RemoveAutoRegistration
- 
                    If true, removes auto registration. Required: No Type: Boolean Update requires: No interruption 
- Status
- 
                    The status of the CA certificate. Valid values are "ACTIVE" and "INACTIVE". Required: Yes Type: String Allowed values: ACTIVE | INACTIVEUpdate requires: No interruption 
- 
                    An array of key-value pairs to apply to this resource. For more information, see Tag. Required: No Type: Array of Tag Update requires: No interruption 
- VerificationCertificatePem
- 
                    The private key verification certificate. Required: No Type: String Pattern: [\s\S]*Minimum: 1Maximum: 65536Update requires: Replacement 
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the CA certificate ID.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
- Arn
- 
                            Returns the Amazon Resource Name (ARN) for the CA certificate. For example: { "Fn::GetAtt": ["MyCACertificate", "Arn"] }A value similar to the following is returned: arn:aws:iot:us-east-1:123456789012:cacert/a6be6b84559801927e35a8f901fae08b5971d78d1562e29504ff9663b276a5f5
- Id
- 
                            The CA certificate ID.