Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

CustomSsl

Provides a Cloudflare custom ssl resource.

Example Usage

using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

class MyStack : Stack
{
    public MyStack()
    {
        var config = new Config();
        var cloudflareZoneId = config.Get("cloudflareZoneId") ?? "1d5fdc9e88c8a8c4518b068cd94331fe";
        // Add a custom ssl certificate to the domain
        var foossl = new Cloudflare.CustomSsl("foossl", new Cloudflare.CustomSslArgs
        {
            CustomSslOptions = new Cloudflare.Inputs.CustomSslCustomSslOptionsArgs
            {
                Bundle_method = "ubiquitous",
                Certificate = "-----INSERT CERTIFICATE-----",
                Geo_restrictions = "us",
                Private_key = "-----INSERT PRIVATE KEY-----",
                Type = "legacy_custom",
            },
            ZoneId = cloudflareZoneId,
        });
    }

}
package main

import (
    "github.com/pulumi/pulumi-cloudflare/sdk/v2/go/cloudflare"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi/config"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        cfg := config.New(ctx, "")
        cloudflareZoneId := "1d5fdc9e88c8a8c4518b068cd94331fe"
        if param := cfg.Get("cloudflareZoneId"); param != "" {
            cloudflareZoneId = param
        }
        _, err := cloudflare.NewCustomSsl(ctx, "foossl", &cloudflare.CustomSslArgs{
            CustomSslOptions: &cloudflare.CustomSslCustomSslOptionsArgs{
                Bundle_method:    pulumi.String("ubiquitous"),
                Certificate:      pulumi.String("-----INSERT CERTIFICATE-----"),
                Geo_restrictions: pulumi.String("us"),
                Private_key:      pulumi.String("-----INSERT PRIVATE KEY-----"),
                Type:             pulumi.String("legacy_custom"),
            },
            ZoneId: pulumi.String(cloudflareZoneId),
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_cloudflare as cloudflare

config = pulumi.Config()
cloudflare_zone_id = config.get("cloudflareZoneId")
if cloudflare_zone_id is None:
    cloudflare_zone_id = "1d5fdc9e88c8a8c4518b068cd94331fe"
# Add a custom ssl certificate to the domain
foossl = cloudflare.CustomSsl("foossl",
    custom_ssl_options=cloudflare.CustomSslCustomSslOptionsArgs(
        bundle_method="ubiquitous",
        certificate="-----INSERT CERTIFICATE-----",
        geo_restrictions="us",
        private_key="-----INSERT PRIVATE KEY-----",
        type="legacy_custom",
    ),
    zone_id=cloudflare_zone_id)
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

const config = new pulumi.Config();
const cloudflareZoneId = config.get("cloudflareZoneId") || "1d5fdc9e88c8a8c4518b068cd94331fe";

// Add a custom ssl certificate to the domain
const foossl = new cloudflare.CustomSsl("foossl", {
    customSslOptions: {
        bundle_method: "ubiquitous",
        certificate: "-----INSERT CERTIFICATE-----",
        geo_restrictions: "us",
        private_key: "-----INSERT PRIVATE KEY-----",
        type: "legacy_custom",
    },
    zoneId: cloudflareZoneId,
});

Create a CustomSsl Resource

new CustomSsl(name: string, args: CustomSslArgs, opts?: CustomResourceOptions);
def CustomSsl(resource_name: str, opts: Optional[ResourceOptions] = None, custom_ssl_options: Optional[CustomSslCustomSslOptionsArgs] = None, custom_ssl_priorities: Optional[Sequence[CustomSslCustomSslPriorityArgs]] = None, zone_id: Optional[str] = None)
func NewCustomSsl(ctx *Context, name string, args CustomSslArgs, opts ...ResourceOption) (*CustomSsl, error)
public CustomSsl(string name, CustomSslArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args CustomSslArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CustomSslArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CustomSslArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

CustomSsl Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The CustomSsl resource accepts the following input properties:

ZoneId string

The DNS zone id to the custom ssl cert should be added.

CustomSslOptions CustomSslCustomSslOptionsArgs

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

CustomSslPriorities List<CustomSslCustomSslPriorityArgs>
ZoneId string

The DNS zone id to the custom ssl cert should be added.

CustomSslOptions CustomSslCustomSslOptions

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

CustomSslPriorities []CustomSslCustomSslPriority
zoneId string

The DNS zone id to the custom ssl cert should be added.

customSslOptions CustomSslCustomSslOptions

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

customSslPriorities CustomSslCustomSslPriority[]
zone_id str

The DNS zone id to the custom ssl cert should be added.

custom_ssl_options CustomSslCustomSslOptionsArgs

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

custom_ssl_priorities Sequence[CustomSslCustomSslPriorityArgs]

Outputs

All input properties are implicitly available as output properties. Additionally, the CustomSsl resource produces the following output properties:

ExpiresOn string
Hosts List<string>
Id string
The provider-assigned unique ID for this managed resource.
Issuer string
ModifiedOn string
Priority int
Signature string
Status string
UploadedOn string
ExpiresOn string
Hosts []string
Id string
The provider-assigned unique ID for this managed resource.
Issuer string
ModifiedOn string
Priority int
Signature string
Status string
UploadedOn string
expiresOn string
hosts string[]
id string
The provider-assigned unique ID for this managed resource.
issuer string
modifiedOn string
priority number
signature string
status string
uploadedOn string
expires_on str
hosts Sequence[str]
id str
The provider-assigned unique ID for this managed resource.
issuer str
modified_on str
priority int
signature str
status str
uploaded_on str

Look up an Existing CustomSsl Resource

Get an existing CustomSsl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CustomSslState, opts?: CustomResourceOptions): CustomSsl
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, custom_ssl_options: Optional[CustomSslCustomSslOptionsArgs] = None, custom_ssl_priorities: Optional[Sequence[CustomSslCustomSslPriorityArgs]] = None, expires_on: Optional[str] = None, hosts: Optional[Sequence[str]] = None, issuer: Optional[str] = None, modified_on: Optional[str] = None, priority: Optional[int] = None, signature: Optional[str] = None, status: Optional[str] = None, uploaded_on: Optional[str] = None, zone_id: Optional[str] = None) -> CustomSsl
func GetCustomSsl(ctx *Context, name string, id IDInput, state *CustomSslState, opts ...ResourceOption) (*CustomSsl, error)
public static CustomSsl Get(string name, Input<string> id, CustomSslState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

CustomSslOptions CustomSslCustomSslOptionsArgs

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

CustomSslPriorities List<CustomSslCustomSslPriorityArgs>
ExpiresOn string
Hosts List<string>
Issuer string
ModifiedOn string
Priority int
Signature string
Status string
UploadedOn string
ZoneId string

The DNS zone id to the custom ssl cert should be added.

CustomSslOptions CustomSslCustomSslOptions

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

CustomSslPriorities []CustomSslCustomSslPriority
ExpiresOn string
Hosts []string
Issuer string
ModifiedOn string
Priority int
Signature string
Status string
UploadedOn string
ZoneId string

The DNS zone id to the custom ssl cert should be added.

customSslOptions CustomSslCustomSslOptions

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

customSslPriorities CustomSslCustomSslPriority[]
expiresOn string
hosts string[]
issuer string
modifiedOn string
priority number
signature string
status string
uploadedOn string
zoneId string

The DNS zone id to the custom ssl cert should be added.

custom_ssl_options CustomSslCustomSslOptionsArgs

The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.

custom_ssl_priorities Sequence[CustomSslCustomSslPriorityArgs]
expires_on str
hosts Sequence[str]
issuer str
modified_on str
priority int
signature str
status str
uploaded_on str
zone_id str

The DNS zone id to the custom ssl cert should be added.

Supporting Types

CustomSslCustomSslOptions

Certificate string

Certificate certificate and the intermediate(s)

PrivateKey string

Certificate’s private key

BundleMethod string

Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force.

GeoRestrictions string

Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security.

Type string

Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom.

Certificate string

Certificate certificate and the intermediate(s)

PrivateKey string

Certificate’s private key

BundleMethod string

Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force.

GeoRestrictions string

Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security.

Type string

Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom.

certificate string

Certificate certificate and the intermediate(s)

privateKey string

Certificate’s private key

bundleMethod string

Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force.

geoRestrictions string

Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security.

type string

Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom.

certificate str

Certificate certificate and the intermediate(s)

private_key str

Certificate’s private key

bundle_method str

Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force.

geo_restrictions str

Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security.

type str

Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom.

CustomSslCustomSslPriority

Id string
Priority int
Id string
Priority int
id string
priority number
id str
priority int

Import

Custom SSL Certs can be imported using a composite ID formed of the zone ID and certificate ID, separated by a “/” e.g.

 $ pulumi import cloudflare:index/customSsl:CustomSsl default 1d5fdc9e88c8a8c4518b068cd94331fe/0123f0ab-9cde-45b2-80bd-4da3010f1337

Package Details

Repository
https://github.com/pulumi/pulumi-cloudflare
License
Apache-2.0
Notes
This Pulumi package is based on the cloudflare Terraform Provider.