AWS::ACMPCA::Certificate CustomExtension - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::ACMPCA::Certificate CustomExtension

Specifies the X.509 extension information for a certificate.

Extensions present in CustomExtensions follow the ApiPassthrough template rules.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "Critical" : Boolean, "ObjectIdentifier" : String, "Value" : String }


Critical: Boolean ObjectIdentifier: String Value: String



Specifies the critical flag of the X.509 extension.

Required: No

Type: Boolean

Update requires: Replacement


Specifies the object identifier (OID) of the X.509 extension. For more information, see the Global OID reference database.

Required: Yes

Type: String

Pattern: ^([0-2])\.([0-9]|([0-3][0-9]))((\.([0-9]+)){0,126})$

Minimum: 0

Maximum: 64

Update requires: Replacement


Specifies the base64-encoded value of the X.509 extension.

Required: Yes

Type: String

Pattern: ^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$

Minimum: 1

Maximum: 4096

Update requires: Replacement