Package @pulumi/tls

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-tls repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-tls repo.

var tls = require("@pulumi/tls");
import * as tls from "@pulumi/tls";

Modules

Resources

Data Sources

Others

Resources

Resource CertRequest

class CertRequest extends CustomResource

This content is derived from https://github.com/terraform-providers/terraform-provider-tls/blob/master/website/docs/r/cert_request.html.markdown.

constructor

new CertRequest(name: string, args: CertRequestArgs, opts?: pulumi.CustomResourceOptions)

Create a CertRequest resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CertRequestState, opts?: pulumi.CustomResourceOptions): CertRequest

Get an existing CertRequest resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of CertRequest. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property certRequestPem

public certRequestPem: pulumi.Output<string>;

The certificate request data in PEM format.

property dnsNames

public dnsNames: pulumi.Output<string[] | undefined>;

List of DNS names for which a certificate is being requested.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipAddresses

public ipAddresses: pulumi.Output<string[] | undefined>;

List of IP addresses for which a certificate is being requested.

property keyAlgorithm

public keyAlgorithm: pulumi.Output<string>;

The name of the algorithm for the key provided in privateKeyPem.

property privateKeyPem

public privateKeyPem: pulumi.Output<string>;

PEM-encoded private key that the certificate will belong to

property subjects

public subjects: pulumi.Output<outputs.CertRequestSubject[]>;

The subject for which a certificate is being requested. This is a nested configuration block whose structure is described below.

property uris

public uris: pulumi.Output<string[] | undefined>;

List of URIs for which a certificate is being requested.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource LocallySignedCert

class LocallySignedCert extends CustomResource

This content is derived from https://github.com/terraform-providers/terraform-provider-tls/blob/master/website/docs/r/locally_signed_cert.html.markdown.

constructor

new LocallySignedCert(name: string, args: LocallySignedCertArgs, opts?: pulumi.CustomResourceOptions)

Create a LocallySignedCert resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LocallySignedCertState, opts?: pulumi.CustomResourceOptions): LocallySignedCert

Get an existing LocallySignedCert resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of LocallySignedCert. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowedUses

public allowedUses: pulumi.Output<string[]>;

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

property caCertPem

public caCertPem: pulumi.Output<string>;

PEM-encoded certificate data for the CA.

property caKeyAlgorithm

public caKeyAlgorithm: pulumi.Output<string>;

The name of the algorithm for the key provided in caPrivateKeyPem.

property caPrivateKeyPem

public caPrivateKeyPem: pulumi.Output<string>;

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

property certPem

public certPem: pulumi.Output<string>;

The certificate data in PEM format.

property certRequestPem

public certRequestPem: pulumi.Output<string>;

PEM-encoded request certificate data.

property earlyRenewalHours

public earlyRenewalHours: pulumi.Output<number | undefined>;

Number of hours before the certificates expiry when a new certificate will be generated

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property isCaCertificate

public isCaCertificate: pulumi.Output<boolean | undefined>;

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

property readyForRenewal

public readyForRenewal: pulumi.Output<boolean>;

property setSubjectKeyId

public setSubjectKeyId: pulumi.Output<boolean | undefined>;

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property validityEndTime

public validityEndTime: pulumi.Output<string>;

The time until which the certificate is invalid, as an RFC3339 timestamp.

property validityPeriodHours

public validityPeriodHours: pulumi.Output<number>;

The number of hours after initial issuing that the certificate will become invalid.

property validityStartTime

public validityStartTime: pulumi.Output<string>;

The time after which the certificate is valid, as an RFC3339 timestamp.

Resource PrivateKey

class PrivateKey extends CustomResource

This content is derived from https://github.com/terraform-providers/terraform-provider-tls/blob/master/website/docs/r/private_key.html.markdown.

constructor

new PrivateKey(name: string, args: PrivateKeyArgs, opts?: pulumi.CustomResourceOptions)

Create a PrivateKey resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PrivateKeyState, opts?: pulumi.CustomResourceOptions): PrivateKey

Get an existing PrivateKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of PrivateKey. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property algorithm

public algorithm: pulumi.Output<string>;

The name of the algorithm to use for the key. Currently-supported values are “RSA” and “ECDSA”.

property ecdsaCurve

public ecdsaCurve: pulumi.Output<string | undefined>;

When algorithm is “ECDSA”, the name of the elliptic curve to use. May be any one of “P224”, “P256”, “P384” or “P521”, with “P224” as the default.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property privateKeyPem

public privateKeyPem: pulumi.Output<string>;

The private key data in PEM format.

property publicKeyFingerprintMd5

public publicKeyFingerprintMd5: pulumi.Output<string>;

The md5 hash of the public key data in OpenSSH MD5 hash format, e.g. aa:bb:cc:.... Only available if the selected private key format is compatible, as per the rules for publicKeyOpenssh.

property publicKeyOpenssh

public publicKeyOpenssh: pulumi.Output<string>;

The public key data in OpenSSH authorizedKeys format, if the selected private key format is compatible. All RSA keys are supported, and ECDSA keys with curves “P256”, “P384” and “P521” are supported. This attribute is empty if an incompatible ECDSA curve is selected.

property publicKeyPem

public publicKeyPem: pulumi.Output<string>;

The public key data in PEM format.

property rsaBits

public rsaBits: pulumi.Output<number | undefined>;

When algorithm is “RSA”, the size of the generated RSA key in bits. Defaults to 2048.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Provider

class Provider extends ProviderResource

The provider type for the tls package. By default, resources use package-wide configuration settings, however an explicit Provider instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.

This content is derived from https://github.com/terraform-providers/terraform-provider-tls/blob/master/website/docs/index.html.markdown.

constructor

new Provider(name: string, args?: ProviderArgs, opts?: pulumi.ResourceOptions)

Create a Provider resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Provider. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method register

static register(provider: ProviderResource | undefined): Promise<string | undefined>

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SelfSignedCert

class SelfSignedCert extends CustomResource

This content is derived from https://github.com/terraform-providers/terraform-provider-tls/blob/master/website/docs/r/self_signed_cert.html.markdown.

constructor

new SelfSignedCert(name: string, args: SelfSignedCertArgs, opts?: pulumi.CustomResourceOptions)

Create a SelfSignedCert resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SelfSignedCertState, opts?: pulumi.CustomResourceOptions): SelfSignedCert

Get an existing SelfSignedCert resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of SelfSignedCert. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowedUses

public allowedUses: pulumi.Output<string[]>;

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

property certPem

public certPem: pulumi.Output<string>;

The certificate data in PEM format.

property dnsNames

public dnsNames: pulumi.Output<string[] | undefined>;

List of DNS names for which a certificate is being requested.

property earlyRenewalHours

public earlyRenewalHours: pulumi.Output<number | undefined>;

Number of hours before the certificates expiry when a new certificate will be generated

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipAddresses

public ipAddresses: pulumi.Output<string[] | undefined>;

List of IP addresses for which a certificate is being requested.

property isCaCertificate

public isCaCertificate: pulumi.Output<boolean | undefined>;

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

property keyAlgorithm

public keyAlgorithm: pulumi.Output<string>;

The name of the algorithm for the key provided in privateKeyPem.

property privateKeyPem

public privateKeyPem: pulumi.Output<string>;

PEM-encoded private key that the certificate will belong to

property readyForRenewal

public readyForRenewal: pulumi.Output<boolean>;

property setSubjectKeyId

public setSubjectKeyId: pulumi.Output<boolean | undefined>;

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

property subjects

public subjects: pulumi.Output<outputs.SelfSignedCertSubject[]>;

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls..CertRequest.

property uris

public uris: pulumi.Output<string[] | undefined>;

List of URIs for which a certificate is being requested.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property validityEndTime

public validityEndTime: pulumi.Output<string>;

The time until which the certificate is invalid, as an RFC3339 timestamp.

property validityPeriodHours

public validityPeriodHours: pulumi.Output<number>;

The number of hours after initial issuing that the certificate will become invalid.

property validityStartTime

public validityStartTime: pulumi.Output<string>;

The time after which the certificate is valid, as an RFC3339 timestamp.

Data Sources

Data Source getPublicKey

getPublicKey(args: GetPublicKeyArgs, opts?: pulumi.InvokeOptions): Promise<GetPublicKeyResult> & GetPublicKeyResult

Use this data source to get the public key from a PEM-encoded private key for use in other resources.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as tls from "@pulumi/tls";

const example = tls.getPublicKey({
    privateKeyPem: fs.readFileSync("~/.ssh/id_rsa", "utf-8"),
});

This content is derived from https://github.com/terraform-providers/terraform-provider-tls/blob/master/website/docs/d/public_key.html.markdown.

Others

interface CertRequestArgs

interface CertRequestArgs

The set of arguments for constructing a CertRequest resource.

property dnsNames

dnsNames?: pulumi.Input<pulumi.Input<string>[]>;

List of DNS names for which a certificate is being requested.

property ipAddresses

ipAddresses?: pulumi.Input<pulumi.Input<string>[]>;

List of IP addresses for which a certificate is being requested.

property keyAlgorithm

keyAlgorithm: pulumi.Input<string>;

The name of the algorithm for the key provided in privateKeyPem.

property privateKeyPem

privateKeyPem: pulumi.Input<string>;

PEM-encoded private key that the certificate will belong to

property subjects

subjects: pulumi.Input<pulumi.Input<inputs.CertRequestSubject>[]>;

The subject for which a certificate is being requested. This is a nested configuration block whose structure is described below.

property uris

uris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for which a certificate is being requested.

interface CertRequestState

interface CertRequestState

Input properties used for looking up and filtering CertRequest resources.

property certRequestPem

certRequestPem?: pulumi.Input<string>;

The certificate request data in PEM format.

property dnsNames

dnsNames?: pulumi.Input<pulumi.Input<string>[]>;

List of DNS names for which a certificate is being requested.

property ipAddresses

ipAddresses?: pulumi.Input<pulumi.Input<string>[]>;

List of IP addresses for which a certificate is being requested.

property keyAlgorithm

keyAlgorithm?: pulumi.Input<string>;

The name of the algorithm for the key provided in privateKeyPem.

property privateKeyPem

privateKeyPem?: pulumi.Input<string>;

PEM-encoded private key that the certificate will belong to

property subjects

subjects?: pulumi.Input<pulumi.Input<inputs.CertRequestSubject>[]>;

The subject for which a certificate is being requested. This is a nested configuration block whose structure is described below.

property uris

uris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for which a certificate is being requested.

function getEnv

getEnv(vars: string[]): string | undefined

function getEnvBoolean

getEnvBoolean(vars: string[]): boolean | undefined

function getEnvNumber

getEnvNumber(vars: string[]): number | undefined

interface GetPublicKeyArgs

interface GetPublicKeyArgs

A collection of arguments for invoking getPublicKey.

property privateKeyPem

privateKeyPem: string;

The private key to use. Currently-supported key types are “RSA” or “ECDSA”.

interface GetPublicKeyResult

interface GetPublicKeyResult

A collection of values returned by getPublicKey.

property algorithm

algorithm: string;

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property privateKeyPem

privateKeyPem: string;

The private key data in PEM format.

property publicKeyFingerprintMd5

publicKeyFingerprintMd5: string;

The md5 hash of the public key data in OpenSSH MD5 hash format, e.g. aa:bb:cc:.... Only available if the selected private key format is compatible, as per the rules for publicKeyOpenssh.

property publicKeyOpenssh

publicKeyOpenssh: string;

The public key data in OpenSSH authorizedKeys format, if the selected private key format is compatible. All RSA keys are supported, and ECDSA keys with curves “P256”, “P384” and “P521” are supported. This attribute is empty if an incompatible ECDSA curve is selected.

property publicKeyPem

publicKeyPem: string;

The public key data in PEM format.

function getVersion

getVersion(): string

interface LocallySignedCertArgs

interface LocallySignedCertArgs

The set of arguments for constructing a LocallySignedCert resource.

property allowedUses

allowedUses: pulumi.Input<pulumi.Input<string>[]>;

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

property caCertPem

caCertPem: pulumi.Input<string>;

PEM-encoded certificate data for the CA.

property caKeyAlgorithm

caKeyAlgorithm: pulumi.Input<string>;

The name of the algorithm for the key provided in caPrivateKeyPem.

property caPrivateKeyPem

caPrivateKeyPem: pulumi.Input<string>;

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

property certRequestPem

certRequestPem: pulumi.Input<string>;

PEM-encoded request certificate data.

property earlyRenewalHours

earlyRenewalHours?: pulumi.Input<number>;

Number of hours before the certificates expiry when a new certificate will be generated

property isCaCertificate

isCaCertificate?: pulumi.Input<boolean>;

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

property setSubjectKeyId

setSubjectKeyId?: pulumi.Input<boolean>;

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

property validityPeriodHours

validityPeriodHours: pulumi.Input<number>;

The number of hours after initial issuing that the certificate will become invalid.

interface LocallySignedCertState

interface LocallySignedCertState

Input properties used for looking up and filtering LocallySignedCert resources.

property allowedUses

allowedUses?: pulumi.Input<pulumi.Input<string>[]>;

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

property caCertPem

caCertPem?: pulumi.Input<string>;

PEM-encoded certificate data for the CA.

property caKeyAlgorithm

caKeyAlgorithm?: pulumi.Input<string>;

The name of the algorithm for the key provided in caPrivateKeyPem.

property caPrivateKeyPem

caPrivateKeyPem?: pulumi.Input<string>;

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

property certPem

certPem?: pulumi.Input<string>;

The certificate data in PEM format.

property certRequestPem

certRequestPem?: pulumi.Input<string>;

PEM-encoded request certificate data.

property earlyRenewalHours

earlyRenewalHours?: pulumi.Input<number>;

Number of hours before the certificates expiry when a new certificate will be generated

property isCaCertificate

isCaCertificate?: pulumi.Input<boolean>;

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

property readyForRenewal

readyForRenewal?: pulumi.Input<boolean>;

property setSubjectKeyId

setSubjectKeyId?: pulumi.Input<boolean>;

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

property validityEndTime

validityEndTime?: pulumi.Input<string>;

The time until which the certificate is invalid, as an RFC3339 timestamp.

property validityPeriodHours

validityPeriodHours?: pulumi.Input<number>;

The number of hours after initial issuing that the certificate will become invalid.

property validityStartTime

validityStartTime?: pulumi.Input<string>;

The time after which the certificate is valid, as an RFC3339 timestamp.

interface PrivateKeyArgs

interface PrivateKeyArgs

The set of arguments for constructing a PrivateKey resource.

property algorithm

algorithm: pulumi.Input<string>;

The name of the algorithm to use for the key. Currently-supported values are “RSA” and “ECDSA”.

property ecdsaCurve

ecdsaCurve?: pulumi.Input<string>;

When algorithm is “ECDSA”, the name of the elliptic curve to use. May be any one of “P224”, “P256”, “P384” or “P521”, with “P224” as the default.

property rsaBits

rsaBits?: pulumi.Input<number>;

When algorithm is “RSA”, the size of the generated RSA key in bits. Defaults to 2048.

interface PrivateKeyState

interface PrivateKeyState

Input properties used for looking up and filtering PrivateKey resources.

property algorithm

algorithm?: pulumi.Input<string>;

The name of the algorithm to use for the key. Currently-supported values are “RSA” and “ECDSA”.

property ecdsaCurve

ecdsaCurve?: pulumi.Input<string>;

When algorithm is “ECDSA”, the name of the elliptic curve to use. May be any one of “P224”, “P256”, “P384” or “P521”, with “P224” as the default.

property privateKeyPem

privateKeyPem?: pulumi.Input<string>;

The private key data in PEM format.

property publicKeyFingerprintMd5

publicKeyFingerprintMd5?: pulumi.Input<string>;

The md5 hash of the public key data in OpenSSH MD5 hash format, e.g. aa:bb:cc:.... Only available if the selected private key format is compatible, as per the rules for publicKeyOpenssh.

property publicKeyOpenssh

publicKeyOpenssh?: pulumi.Input<string>;

The public key data in OpenSSH authorizedKeys format, if the selected private key format is compatible. All RSA keys are supported, and ECDSA keys with curves “P256”, “P384” and “P521” are supported. This attribute is empty if an incompatible ECDSA curve is selected.

property publicKeyPem

publicKeyPem?: pulumi.Input<string>;

The public key data in PEM format.

property rsaBits

rsaBits?: pulumi.Input<number>;

When algorithm is “RSA”, the size of the generated RSA key in bits. Defaults to 2048.

interface ProviderArgs

interface ProviderArgs

The set of arguments for constructing a Provider resource.

interface SelfSignedCertArgs

interface SelfSignedCertArgs

The set of arguments for constructing a SelfSignedCert resource.

property allowedUses

allowedUses: pulumi.Input<pulumi.Input<string>[]>;

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

property dnsNames

dnsNames?: pulumi.Input<pulumi.Input<string>[]>;

List of DNS names for which a certificate is being requested.

property earlyRenewalHours

earlyRenewalHours?: pulumi.Input<number>;

Number of hours before the certificates expiry when a new certificate will be generated

property ipAddresses

ipAddresses?: pulumi.Input<pulumi.Input<string>[]>;

List of IP addresses for which a certificate is being requested.

property isCaCertificate

isCaCertificate?: pulumi.Input<boolean>;

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

property keyAlgorithm

keyAlgorithm: pulumi.Input<string>;

The name of the algorithm for the key provided in privateKeyPem.

property privateKeyPem

privateKeyPem: pulumi.Input<string>;

PEM-encoded private key that the certificate will belong to

property setSubjectKeyId

setSubjectKeyId?: pulumi.Input<boolean>;

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

property subjects

subjects: pulumi.Input<pulumi.Input<inputs.SelfSignedCertSubject>[]>;

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls..CertRequest.

property uris

uris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for which a certificate is being requested.

property validityPeriodHours

validityPeriodHours: pulumi.Input<number>;

The number of hours after initial issuing that the certificate will become invalid.

interface SelfSignedCertState

interface SelfSignedCertState

Input properties used for looking up and filtering SelfSignedCert resources.

property allowedUses

allowedUses?: pulumi.Input<pulumi.Input<string>[]>;

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

property certPem

certPem?: pulumi.Input<string>;

The certificate data in PEM format.

property dnsNames

dnsNames?: pulumi.Input<pulumi.Input<string>[]>;

List of DNS names for which a certificate is being requested.

property earlyRenewalHours

earlyRenewalHours?: pulumi.Input<number>;

Number of hours before the certificates expiry when a new certificate will be generated

property ipAddresses

ipAddresses?: pulumi.Input<pulumi.Input<string>[]>;

List of IP addresses for which a certificate is being requested.

property isCaCertificate

isCaCertificate?: pulumi.Input<boolean>;

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

property keyAlgorithm

keyAlgorithm?: pulumi.Input<string>;

The name of the algorithm for the key provided in privateKeyPem.

property privateKeyPem

privateKeyPem?: pulumi.Input<string>;

PEM-encoded private key that the certificate will belong to

property readyForRenewal

readyForRenewal?: pulumi.Input<boolean>;

property setSubjectKeyId

setSubjectKeyId?: pulumi.Input<boolean>;

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

property subjects

subjects?: pulumi.Input<pulumi.Input<inputs.SelfSignedCertSubject>[]>;

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls..CertRequest.

property uris

uris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for which a certificate is being requested.

property validityEndTime

validityEndTime?: pulumi.Input<string>;

The time until which the certificate is invalid, as an RFC3339 timestamp.

property validityPeriodHours

validityPeriodHours?: pulumi.Input<number>;

The number of hours after initial issuing that the certificate will become invalid.

property validityStartTime

validityStartTime?: pulumi.Input<string>;

The time after which the certificate is valid, as an RFC3339 timestamp.