Skip to content
Alchemy
GitHubXDiscord

CertificateProvider

The CertificateProvider resource allows you to manage AWS IoT CertificateProviders which are used to create and manage device certificates for secure communication in IoT applications.

Minimal Example

Section titled “Minimal Example”

Create a basic CertificateProvider with required properties and one optional property.

import AWS from "alchemy/aws/control";


const basicCertificateProvider = await AWS.IoT.CertificateProvider("basicCertificateProvider", {
  LambdaFunctionArn: "arn:aws:lambda:us-east-1:123456789012:function:MyCertificateFunction",
  AccountDefaultForOperations: ["account1", "account2"],
  CertificateProviderName: "MyCertificateProvider"
});

Advanced Configuration

Section titled “Advanced Configuration”

Configure a CertificateProvider with tags and the adoption flag for existing resources.

const advancedCertificateProvider = await AWS.IoT.CertificateProvider("advancedCertificateProvider", {
  LambdaFunctionArn: "arn:aws:lambda:us-east-1:123456789012:function:MyAdvancedCertificateFunction",
  AccountDefaultForOperations: ["account3"],
  Tags: [
    { Key: "Environment", Value: "Production" },
    { Key: "Project", Value: "IoTDeployment" }
  ],
  adopt: true
});

Using Multiple Accounts

Section titled “Using Multiple Accounts”

Create a CertificateProvider that operates across multiple accounts to streamline certificate management.

const multiAccountCertificateProvider = await AWS.IoT.CertificateProvider("multiAccountCertificateProvider", {
  LambdaFunctionArn: "arn:aws:lambda:us-east-1:123456789012:function:MultiAccountCertFunction",
  AccountDefaultForOperations: ["accountA", "accountB", "accountC"],
  CertificateProviderName: "MultiAccountProvider"
});

Integration with Other IoT Resources

Section titled “Integration with Other IoT Resources”

Demonstrate how to integrate the CertificateProvider with other AWS IoT resources, such as an IoT Policy.

import AWS from "alchemy/aws/control";


const iotPolicy = await AWS.IoT.Policy("devicePolicy", {
  PolicyName: "DeviceIoTPolicy",
  PolicyDocument: JSON.stringify({
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Action: "iot:Connect",
        Resource: "*"
      },
      {
        Effect: "Allow",
        Action: "iot:Publish",
        Resource: "arn:aws:iot:us-east-1:123456789012:topic/+/status"
      }
    ]
  })
});


const integratedCertificateProvider = await AWS.IoT.CertificateProvider("integratedCertificateProvider", {
  LambdaFunctionArn: "arn:aws:lambda:us-east-1:123456789012:function:IntegratedCertFunction",
  AccountDefaultForOperations: ["accountX"],
  CertificateProviderName: "IntegratedProvider"
});