Docs
PackagesFastly v8.5.1 published on Monday, Mar 18, 2024 by Pulumi
fastly.TlsPlatformCertificate
Explore with Pulumi AI
Uploads a TLS certificate to the Fastly Platform TLS service.
Each TLS certificate must have its corresponding private key uploaded prior to uploading the certificate. This can be achieved in Pulumi using
depends_on
Example Usage
Basic usage with self-signed CA:
import * as pulumi from "@pulumi/pulumi";
import * as fastly from "@pulumi/fastly";
import * as tls from "@pulumi/tls";
const caKey = new tls.PrivateKey("caKey", {algorithm: "RSA"});
const keyPrivateKey = new tls.PrivateKey("keyPrivateKey", {algorithm: "RSA"});
const ca = new tls.SelfSignedCert("ca", {
keyAlgorithm: caKey.algorithm,
privateKeyPem: caKey.privateKeyPem,
subjects: [{
commonName: "Example CA",
}],
isCaCertificate: true,
validityPeriodHours: 360,
allowedUses: [
"cert_signing",
"server_auth",
],
});
const example = new tls.CertRequest("example", {
keyAlgorithm: keyPrivateKey.algorithm,
privateKeyPem: keyPrivateKey.privateKeyPem,
subjects: [{
commonName: "example.com",
}],
dnsNames: [
"example.com",
"www.example.com",
],
});
const certLocallySignedCert = new tls.LocallySignedCert("certLocallySignedCert", {
certRequestPem: example.certRequestPem,
caKeyAlgorithm: caKey.algorithm,
caPrivateKeyPem: caKey.privateKeyPem,
caCertPem: ca.certPem,
validityPeriodHours: 360,
allowedUses: [
"cert_signing",
"server_auth",
],
});
const config = fastly.getTlsConfiguration({
tlsService: "PLATFORM",
});
const keyTlsPrivateKey = new fastly.TlsPrivateKey("keyTlsPrivateKey", {keyPem: keyPrivateKey.privateKeyPem});
const certTlsPlatformCertificate = new fastly.TlsPlatformCertificate("certTlsPlatformCertificate", {
certificateBody: certLocallySignedCert.certPem,
intermediatesBlob: ca.certPem,
configurationId: config.then(config => config.id),
allowUntrustedRoot: true,
}, {
dependsOn: [keyTlsPrivateKey],
});
import pulumi
import pulumi_fastly as fastly
import pulumi_tls as tls
ca_key = tls.PrivateKey("caKey", algorithm="RSA")
key_private_key = tls.PrivateKey("keyPrivateKey", algorithm="RSA")
ca = tls.SelfSignedCert("ca",
key_algorithm=ca_key.algorithm,
private_key_pem=ca_key.private_key_pem,
subjects=[tls.SelfSignedCertSubjectArgs(
common_name="Example CA",
)],
is_ca_certificate=True,
validity_period_hours=360,
allowed_uses=[
"cert_signing",
"server_auth",
])
example = tls.CertRequest("example",
key_algorithm=key_private_key.algorithm,
private_key_pem=key_private_key.private_key_pem,
subjects=[tls.CertRequestSubjectArgs(
common_name="example.com",
)],
dns_names=[
"example.com",
"www.example.com",
])
cert_locally_signed_cert = tls.LocallySignedCert("certLocallySignedCert",
cert_request_pem=example.cert_request_pem,
ca_key_algorithm=ca_key.algorithm,
ca_private_key_pem=ca_key.private_key_pem,
ca_cert_pem=ca.cert_pem,
validity_period_hours=360,
allowed_uses=[
"cert_signing",
"server_auth",
])
config = fastly.get_tls_configuration(tls_service="PLATFORM")
key_tls_private_key = fastly.TlsPrivateKey("keyTlsPrivateKey", key_pem=key_private_key.private_key_pem)
cert_tls_platform_certificate = fastly.TlsPlatformCertificate("certTlsPlatformCertificate",
certificate_body=cert_locally_signed_cert.cert_pem,
intermediates_blob=ca.cert_pem,
configuration_id=config.id,
allow_untrusted_root=True,
opts=pulumi.ResourceOptions(depends_on=[key_tls_private_key]))
package main
import (
"github.com/pulumi/pulumi-fastly/sdk/v8/go/fastly"
"github.com/pulumi/pulumi-tls/sdk/v4/go/tls"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
caKey, err := tls.NewPrivateKey(ctx, "caKey", &tls.PrivateKeyArgs{
Algorithm: pulumi.String("RSA"),
})
if err != nil {
return err
}
keyPrivateKey, err := tls.NewPrivateKey(ctx, "keyPrivateKey", &tls.PrivateKeyArgs{
Algorithm: pulumi.String("RSA"),
})
if err != nil {
return err
}
ca, err := tls.NewSelfSignedCert(ctx, "ca", &tls.SelfSignedCertArgs{
KeyAlgorithm: caKey.Algorithm,
PrivateKeyPem: caKey.PrivateKeyPem,
Subjects: tls.SelfSignedCertSubjectArray{
&tls.SelfSignedCertSubjectArgs{
CommonName: pulumi.String("Example CA"),
},
},
IsCaCertificate: pulumi.Bool(true),
ValidityPeriodHours: pulumi.Int(360),
AllowedUses: pulumi.StringArray{
pulumi.String("cert_signing"),
pulumi.String("server_auth"),
},
})
if err != nil {
return err
}
example, err := tls.NewCertRequest(ctx, "example", &tls.CertRequestArgs{
KeyAlgorithm: keyPrivateKey.Algorithm,
PrivateKeyPem: keyPrivateKey.PrivateKeyPem,
Subjects: tls.CertRequestSubjectArray{
&tls.CertRequestSubjectArgs{
CommonName: pulumi.String("example.com"),
},
},
DnsNames: pulumi.StringArray{
pulumi.String("example.com"),
pulumi.String("www.example.com"),
},
})
if err != nil {
return err
}
certLocallySignedCert, err := tls.NewLocallySignedCert(ctx, "certLocallySignedCert", &tls.LocallySignedCertArgs{
CertRequestPem: example.CertRequestPem,
CaKeyAlgorithm: caKey.Algorithm,
CaPrivateKeyPem: caKey.PrivateKeyPem,
CaCertPem: ca.CertPem,
ValidityPeriodHours: pulumi.Int(360),
AllowedUses: pulumi.StringArray{
pulumi.String("cert_signing"),
pulumi.String("server_auth"),
},
})
if err != nil {
return err
}
config, err := fastly.GetTlsConfiguration(ctx, &fastly.GetTlsConfigurationArgs{
TlsService: pulumi.StringRef("PLATFORM"),
}, nil)
if err != nil {
return err
}
keyTlsPrivateKey, err := fastly.NewTlsPrivateKey(ctx, "keyTlsPrivateKey", &fastly.TlsPrivateKeyArgs{
KeyPem: keyPrivateKey.PrivateKeyPem,
})
if err != nil {
return err
}
_, err = fastly.NewTlsPlatformCertificate(ctx, "certTlsPlatformCertificate", &fastly.TlsPlatformCertificateArgs{
CertificateBody: certLocallySignedCert.CertPem,
IntermediatesBlob: ca.CertPem,
ConfigurationId: *pulumi.String(config.Id),
AllowUntrustedRoot: pulumi.Bool(true),
}, pulumi.DependsOn([]pulumi.Resource{
keyTlsPrivateKey,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fastly = Pulumi.Fastly;
using Tls = Pulumi.Tls;
return await Deployment.RunAsync(() =>
{
var caKey = new Tls.PrivateKey("caKey", new()
{
Algorithm = "RSA",
});
var keyPrivateKey = new Tls.PrivateKey("keyPrivateKey", new()
{
Algorithm = "RSA",
});
var ca = new Tls.SelfSignedCert("ca", new()
{
KeyAlgorithm = caKey.Algorithm,
PrivateKeyPem = caKey.PrivateKeyPem,
Subjects = new[]
{
new Tls.Inputs.SelfSignedCertSubjectArgs
{
CommonName = "Example CA",
},
},
IsCaCertificate = true,
ValidityPeriodHours = 360,
AllowedUses = new[]
{
"cert_signing",
"server_auth",
},
});
var example = new Tls.CertRequest("example", new()
{
KeyAlgorithm = keyPrivateKey.Algorithm,
PrivateKeyPem = keyPrivateKey.PrivateKeyPem,
Subjects = new[]
{
new Tls.Inputs.CertRequestSubjectArgs
{
CommonName = "example.com",
},
},
DnsNames = new[]
{
"example.com",
"www.example.com",
},
});
var certLocallySignedCert = new Tls.LocallySignedCert("certLocallySignedCert", new()
{
CertRequestPem = example.CertRequestPem,
CaKeyAlgorithm = caKey.Algorithm,
CaPrivateKeyPem = caKey.PrivateKeyPem,
CaCertPem = ca.CertPem,
ValidityPeriodHours = 360,
AllowedUses = new[]
{
"cert_signing",
"server_auth",
},
});
var config = Fastly.GetTlsConfiguration.Invoke(new()
{
TlsService = "PLATFORM",
});
var keyTlsPrivateKey = new Fastly.TlsPrivateKey("keyTlsPrivateKey", new()
{
KeyPem = keyPrivateKey.PrivateKeyPem,
});
var certTlsPlatformCertificate = new Fastly.TlsPlatformCertificate("certTlsPlatformCertificate", new()
{
CertificateBody = certLocallySignedCert.CertPem,
IntermediatesBlob = ca.CertPem,
ConfigurationId = config.Apply(getTlsConfigurationResult => getTlsConfigurationResult.Id),
AllowUntrustedRoot = true,
}, new CustomResourceOptions
{
DependsOn = new[]
{
keyTlsPrivateKey,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tls.PrivateKey;
import com.pulumi.tls.PrivateKeyArgs;
import com.pulumi.tls.SelfSignedCert;
import com.pulumi.tls.SelfSignedCertArgs;
import com.pulumi.tls.inputs.SelfSignedCertSubjectArgs;
import com.pulumi.tls.CertRequest;
import com.pulumi.tls.CertRequestArgs;
import com.pulumi.tls.inputs.CertRequestSubjectArgs;
import com.pulumi.tls.LocallySignedCert;
import com.pulumi.tls.LocallySignedCertArgs;
import com.pulumi.fastly.FastlyFunctions;
import com.pulumi.fastly.inputs.GetTlsConfigurationArgs;
import com.pulumi.fastly.TlsPrivateKey;
import com.pulumi.fastly.TlsPrivateKeyArgs;
import com.pulumi.fastly.TlsPlatformCertificate;
import com.pulumi.fastly.TlsPlatformCertificateArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var caKey = new PrivateKey("caKey", PrivateKeyArgs.builder()
.algorithm("RSA")
.build());
var keyPrivateKey = new PrivateKey("keyPrivateKey", PrivateKeyArgs.builder()
.algorithm("RSA")
.build());
var ca = new SelfSignedCert("ca", SelfSignedCertArgs.builder()
.keyAlgorithm(caKey.algorithm())
.privateKeyPem(caKey.privateKeyPem())
.subjects(SelfSignedCertSubjectArgs.builder()
.commonName("Example CA")
.build())
.isCaCertificate(true)
.validityPeriodHours(360)
.allowedUses(
"cert_signing",
"server_auth")
.build());
var example = new CertRequest("example", CertRequestArgs.builder()
.keyAlgorithm(keyPrivateKey.algorithm())
.privateKeyPem(keyPrivateKey.privateKeyPem())
.subjects(CertRequestSubjectArgs.builder()
.commonName("example.com")
.build())
.dnsNames(
"example.com",
"www.example.com")
.build());
var certLocallySignedCert = new LocallySignedCert("certLocallySignedCert", LocallySignedCertArgs.builder()
.certRequestPem(example.certRequestPem())
.caKeyAlgorithm(caKey.algorithm())
.caPrivateKeyPem(caKey.privateKeyPem())
.caCertPem(ca.certPem())
.validityPeriodHours(360)
.allowedUses(
"cert_signing",
"server_auth")
.build());
final var config = FastlyFunctions.getTlsConfiguration(GetTlsConfigurationArgs.builder()
.tlsService("PLATFORM")
.build());
var keyTlsPrivateKey = new TlsPrivateKey("keyTlsPrivateKey", TlsPrivateKeyArgs.builder()
.keyPem(keyPrivateKey.privateKeyPem())
.build());
var certTlsPlatformCertificate = new TlsPlatformCertificate("certTlsPlatformCertificate", TlsPlatformCertificateArgs.builder()
.certificateBody(certLocallySignedCert.certPem())
.intermediatesBlob(ca.certPem())
.configurationId(config.applyValue(getTlsConfigurationResult -> getTlsConfigurationResult.id()))
.allowUntrustedRoot(true)
.build(), CustomResourceOptions.builder()
.dependsOn(keyTlsPrivateKey)
.build());
}
}
resources:
caKey:
type: tls:PrivateKey
properties:
algorithm: RSA
keyPrivateKey:
type: tls:PrivateKey
properties:
algorithm: RSA
ca:
type: tls:SelfSignedCert
properties:
keyAlgorithm: ${caKey.algorithm}
privateKeyPem: ${caKey.privateKeyPem}
subjects:
- commonName: Example CA
isCaCertificate: true
validityPeriodHours: 360
allowedUses:
- cert_signing
- server_auth
example:
type: tls:CertRequest
properties:
keyAlgorithm: ${keyPrivateKey.algorithm}
privateKeyPem: ${keyPrivateKey.privateKeyPem}
subjects:
- commonName: example.com
dnsNames:
- example.com
- www.example.com
certLocallySignedCert:
type: tls:LocallySignedCert
properties:
certRequestPem: ${example.certRequestPem}
caKeyAlgorithm: ${caKey.algorithm}
caPrivateKeyPem: ${caKey.privateKeyPem}
caCertPem: ${ca.certPem}
validityPeriodHours: 360
allowedUses:
- cert_signing
- server_auth
keyTlsPrivateKey:
type: fastly:TlsPrivateKey
properties:
keyPem: ${keyPrivateKey.privateKeyPem}
certTlsPlatformCertificate:
type: fastly:TlsPlatformCertificate
properties:
certificateBody: ${certLocallySignedCert.certPem}
intermediatesBlob: ${ca.certPem}
configurationId: ${config.id}
allowUntrustedRoot: true
options:
dependson:
- ${keyTlsPrivateKey}
variables:
config:
fn::invoke:
Function: fastly:getTlsConfiguration
Arguments:
tlsService: PLATFORM
Create TlsPlatformCertificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new TlsPlatformCertificate(name: string, args: TlsPlatformCertificateArgs, opts?: CustomResourceOptions);@overload
def TlsPlatformCertificate(resource_name: str,
args: TlsPlatformCertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def TlsPlatformCertificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate_body: Optional[str] = None,
configuration_id: Optional[str] = None,
intermediates_blob: Optional[str] = None,
allow_untrusted_root: Optional[bool] = None)func NewTlsPlatformCertificate(ctx *Context, name string, args TlsPlatformCertificateArgs, opts ...ResourceOption) (*TlsPlatformCertificate, error)public TlsPlatformCertificate(string name, TlsPlatformCertificateArgs args, CustomResourceOptions? opts = null)
public TlsPlatformCertificate(String name, TlsPlatformCertificateArgs args)
public TlsPlatformCertificate(String name, TlsPlatformCertificateArgs args, CustomResourceOptions options)
type: fastly:TlsPlatformCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var tlsPlatformCertificateResource = new Fastly.TlsPlatformCertificate("tlsPlatformCertificateResource", new()
{
CertificateBody = "string",
ConfigurationId = "string",
IntermediatesBlob = "string",
AllowUntrustedRoot = false,
});
example, err := fastly.NewTlsPlatformCertificate(ctx, "tlsPlatformCertificateResource", &fastly.TlsPlatformCertificateArgs{
CertificateBody: pulumi.String("string"),
ConfigurationId: pulumi.String("string"),
IntermediatesBlob: pulumi.String("string"),
AllowUntrustedRoot: pulumi.Bool(false),
})
var tlsPlatformCertificateResource = new TlsPlatformCertificate("tlsPlatformCertificateResource", TlsPlatformCertificateArgs.builder()
.certificateBody("string")
.configurationId("string")
.intermediatesBlob("string")
.allowUntrustedRoot(false)
.build());
tls_platform_certificate_resource = fastly.TlsPlatformCertificate("tlsPlatformCertificateResource",
certificate_body="string",
configuration_id="string",
intermediates_blob="string",
allow_untrusted_root=False)
const tlsPlatformCertificateResource = new fastly.TlsPlatformCertificate("tlsPlatformCertificateResource", {
certificateBody: "string",
configurationId: "string",
intermediatesBlob: "string",
allowUntrustedRoot: false,
});
type: fastly:TlsPlatformCertificate
properties:
allowUntrustedRoot: false
certificateBody: string
configurationId: string
intermediatesBlob: string
TlsPlatformCertificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The TlsPlatformCertificate resource accepts the following input properties:
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_bodyto its root. - Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_bodyto its root. - Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_bodyto its root. - allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body string - PEM-formatted certificate.
- configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates
Blob string - PEM-formatted certificate chain from the
certificate_bodyto its root. - allow
Untrusted booleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate_
body str - PEM-formatted certificate.
- configuration_
id str - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates_
blob str - PEM-formatted certificate chain from the
certificate_bodyto its root. - allow_
untrusted_ boolroot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_bodyto its root. - allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
Outputs
All input properties are implicitly available as output properties. Additionally, the TlsPlatformCertificate resource produces the following output properties:
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains List<string>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Id string
- The provider-assigned unique ID for this managed resource.
- Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains []string
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Id string
- The provider-assigned unique ID for this managed resource.
- Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id String
- The provider-assigned unique ID for this managed resource.
- not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
- created
At string - Timestamp (GMT) when the certificate was created.
- domains string[]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id string
- The provider-assigned unique ID for this managed resource.
- not
After string - Timestamp (GMT) when the certificate will expire.
- not
Before string - Timestamp (GMT) when the certificate will become valid.
- replace boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At string - Timestamp (GMT) when the certificate was last updated.
- created_
at str - Timestamp (GMT) when the certificate was created.
- domains Sequence[str]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id str
- The provider-assigned unique ID for this managed resource.
- not_
after str - Timestamp (GMT) when the certificate will expire.
- not_
before str - Timestamp (GMT) when the certificate will become valid.
- replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated_
at str - Timestamp (GMT) when the certificate was last updated.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id String
- The provider-assigned unique ID for this managed resource.
- not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
Look up Existing TlsPlatformCertificate Resource
Get an existing TlsPlatformCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TlsPlatformCertificateState, opts?: CustomResourceOptions): TlsPlatformCertificate@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_untrusted_root: Optional[bool] = None,
certificate_body: Optional[str] = None,
configuration_id: Optional[str] = None,
created_at: Optional[str] = None,
domains: Optional[Sequence[str]] = None,
intermediates_blob: Optional[str] = None,
not_after: Optional[str] = None,
not_before: Optional[str] = None,
replace: Optional[bool] = None,
updated_at: Optional[str] = None) -> TlsPlatformCertificatefunc GetTlsPlatformCertificate(ctx *Context, name string, id IDInput, state *TlsPlatformCertificateState, opts ...ResourceOption) (*TlsPlatformCertificate, error)public static TlsPlatformCertificate Get(string name, Input<string> id, TlsPlatformCertificateState? state, CustomResourceOptions? opts = null)public static TlsPlatformCertificate get(String name, Output<String> id, TlsPlatformCertificateState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains List<string>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_bodyto its root. - Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains []string
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_bodyto its root. - Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_bodyto its root. - not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
- allow
Untrusted booleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body string - PEM-formatted certificate.
- configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- created
At string - Timestamp (GMT) when the certificate was created.
- domains string[]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates
Blob string - PEM-formatted certificate chain from the
certificate_bodyto its root. - not
After string - Timestamp (GMT) when the certificate will expire.
- not
Before string - Timestamp (GMT) when the certificate will become valid.
- replace boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At string - Timestamp (GMT) when the certificate was last updated.
- allow_
untrusted_ boolroot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate_
body str - PEM-formatted certificate.
- configuration_
id str - ID of TLS configuration to be used to terminate TLS traffic.
- created_
at str - Timestamp (GMT) when the certificate was created.
- domains Sequence[str]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates_
blob str - PEM-formatted certificate chain from the
certificate_bodyto its root. - not_
after str - Timestamp (GMT) when the certificate will expire.
- not_
before str - Timestamp (GMT) when the certificate will become valid.
- replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated_
at str - Timestamp (GMT) when the certificate was last updated.
- allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_bodyto its root. - not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
Import
A certificate can be imported using its Fastly certificate ID, e.g.
$ pulumi import fastly:index/tlsPlatformCertificate:TlsPlatformCertificate demo xxxxxxxxxxx
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Fastly pulumi/pulumi-fastly
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fastlyTerraform Provider.