aws_iot_domainconfiguration

account_id

Type: STRING

application_protocol

Type: STRING
Provider name: applicationProtocol
Description: An enumerated string that specifies the application-layer protocol.

• SECURE_MQTT - MQTT over TLS.

• MQTT_WSS - MQTT over WebSocket.

• HTTPS - HTTP over TLS.

• DEFAULT - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify application_layer protocol. For more information, see Device communication protocols.

authentication_type

Type: STRING
Provider name: authenticationType
Description: An enumerated string that specifies the authentication type.

• CUSTOM_AUTH_X509 - Use custom authentication and authorization with additional details from the X.509 client certificate.

• CUSTOM_AUTH - Use custom authentication and authorization. For more information, see Custom authentication and authorization.

• AWS_X509 - Use X.509 client certificates without custom authentication and authorization. For more information, see X.509 client certificates.

• AWS_SIGV4 - Use Amazon Web Services Signature Version 4. For more information, see IAM users, groups, and roles.

• DEFAULT - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify authentication type. For more information, see Device communication protocols.

authorizer_config

Type: STRUCT
Provider name: authorizerConfig
Description: An object that specifies the authorization service for a domain.

• allow_authorizer_override
  Type: BOOLEAN
  Provider name: allowAuthorizerOverride
  Description: A Boolean that specifies whether the domain configuration’s authorization service can be overridden.
  
• default_authorizer_name
  Type: STRING
  Provider name: defaultAuthorizerName
  Description: The name of the authorization service for a domain configuration.
  

client_certificate_config

Type: STRUCT
Provider name: clientCertificateConfig
Description: An object that specifies the client certificate configuration for a domain.

• client_certificate_callback_arn
  Type: STRING
  Provider name: clientCertificateCallbackArn
  Description: The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.
  

domain_configuration_arn

Type: STRING
Provider name: domainConfigurationArn
Description: The ARN of the domain configuration.

domain_configuration_name

Type: STRING
Provider name: domainConfigurationName
Description: The name of the domain configuration.

domain_configuration_status

Type: STRING
Provider name: domainConfigurationStatus
Description: A Boolean value that specifies the current state of the domain configuration.

domain_name

Type: STRING
Provider name: domainName
Description: The name of the domain.

domain_type

Type: STRING
Provider name: domainType
Description: The type of the domain.

last_status_change_date

Type: TIMESTAMP
Provider name: lastStatusChangeDate
Description: The date and time the domain configuration’s status was last changed.

server_certificate_config

Type: STRUCT
Provider name: serverCertificateConfig
Description: The server certificate configuration.

• enable_ocsp_check
  Type: BOOLEAN
  Provider name: enableOCSPCheck
  Description: A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Server certificate configuration for OCSP stapling from Amazon Web Services IoT Core Developer Guide.
  
• ocsp_authorized_responder_arn
  Type: STRING
  Provider name: ocspAuthorizedResponderArn
  Description: The Amazon Resource Name (ARN) for an X.509 certificate stored in Amazon Web Services Certificate Manager (ACM). If provided, Amazon Web Services IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same Amazon Web Services account and region as the domain configuration.
  
• ocsp_lambda_arn
  Type: STRING
  Provider name: ocspLambdaArn
  Description: The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function’s response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same Amazon Web Services account and region as the domain configuration. For more information, see Configuring server certificate OCSP for private endpoints in Amazon Web Services IoT Core from the Amazon Web Services IoT Core developer guide.
  

server_certificates

Type: UNORDERED_LIST_STRUCT
Provider name: serverCertificates
Description: A list containing summary information about the server certificate included in the domain configuration.

• server_certificate_arn
  Type: STRING
  Provider name: serverCertificateArn
  Description: The ARN of the server certificate.
  
• server_certificate_status
  Type: STRING
  Provider name: serverCertificateStatus
  Description: The status of the server certificate.
  
• server_certificate_status_detail
  Type: STRING
  Provider name: serverCertificateStatusDetail
  Description: Details that explain the status of the server certificate.
  

service_type

Type: STRING
Provider name: serviceType
Description: The type of service delivered by the endpoint.

tags

Type: UNORDERED_LIST_STRING

tls_config

Type: STRUCT
Provider name: tlsConfig
Description: An object that specifies the TLS configuration for a domain.

• security_policy
  Type: STRING
  Provider name: securityPolicy
  Description: The security policy for a domain configuration. For more information, see Security policies in the Amazon Web Services IoT Core developer guide.