Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

LocallySignedCert

Create a LocallySignedCert Resource

new LocallySignedCert(name: string, args: LocallySignedCertArgs, opts?: CustomResourceOptions);
def LocallySignedCert(resource_name: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, ca_cert_pem: Optional[str] = None, ca_key_algorithm: Optional[str] = None, ca_private_key_pem: Optional[str] = None, cert_request_pem: Optional[str] = None, early_renewal_hours: Optional[int] = None, is_ca_certificate: Optional[bool] = None, set_subject_key_id: Optional[bool] = None, validity_period_hours: Optional[int] = None)
func NewLocallySignedCert(ctx *Context, name string, args LocallySignedCertArgs, opts ...ResourceOption) (*LocallySignedCert, error)
public LocallySignedCert(string name, LocallySignedCertArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args LocallySignedCertArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args LocallySignedCertArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args LocallySignedCertArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

LocallySignedCert Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The LocallySignedCert resource accepts the following input properties:

AllowedUses List<string>

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

CaCertPem string

PEM-encoded certificate data for the CA.

CaKeyAlgorithm string

The name of the algorithm for the key provided in ca_private_key_pem.

CaPrivateKeyPem string

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

CertRequestPem string

PEM-encoded request certificate data.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

AllowedUses []string

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

CaCertPem string

PEM-encoded certificate data for the CA.

CaKeyAlgorithm string

The name of the algorithm for the key provided in ca_private_key_pem.

CaPrivateKeyPem string

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

CertRequestPem string

PEM-encoded request certificate data.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

allowedUses string[]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

caCertPem string

PEM-encoded certificate data for the CA.

caKeyAlgorithm string

The name of the algorithm for the key provided in ca_private_key_pem.

caPrivateKeyPem string

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

certRequestPem string

PEM-encoded request certificate data.

validityPeriodHours number

The number of hours after initial issuing that the certificate will become invalid.

earlyRenewalHours number

Number of hours before the certificates expiry when a new certificate will be generated

isCaCertificate boolean

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

setSubjectKeyId boolean

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

allowed_uses Sequence[str]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

ca_cert_pem str

PEM-encoded certificate data for the CA.

ca_key_algorithm str

The name of the algorithm for the key provided in ca_private_key_pem.

ca_private_key_pem str

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

cert_request_pem str

PEM-encoded request certificate data.

validity_period_hours int

The number of hours after initial issuing that the certificate will become invalid.

early_renewal_hours int

Number of hours before the certificates expiry when a new certificate will be generated

is_ca_certificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

set_subject_key_id bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

Outputs

All input properties are implicitly available as output properties. Additionally, the LocallySignedCert resource produces the following output properties:

CertPem string

The certificate data in PEM format.

Id string
The provider-assigned unique ID for this managed resource.
ReadyForRenewal bool
ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

CertPem string

The certificate data in PEM format.

Id string
The provider-assigned unique ID for this managed resource.
ReadyForRenewal bool
ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

certPem string

The certificate data in PEM format.

id string
The provider-assigned unique ID for this managed resource.
readyForRenewal boolean
validityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

validityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

cert_pem str

The certificate data in PEM format.

id str
The provider-assigned unique ID for this managed resource.
ready_for_renewal bool
validity_end_time str

The time until which the certificate is invalid, as an RFC3339 timestamp.

validity_start_time str

The time after which the certificate is valid, as an RFC3339 timestamp.

Look up an Existing LocallySignedCert Resource

Get an existing LocallySignedCert resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: LocallySignedCertState, opts?: CustomResourceOptions): LocallySignedCert
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, ca_cert_pem: Optional[str] = None, ca_key_algorithm: Optional[str] = None, ca_private_key_pem: Optional[str] = None, cert_pem: Optional[str] = None, cert_request_pem: Optional[str] = None, early_renewal_hours: Optional[int] = None, is_ca_certificate: Optional[bool] = None, ready_for_renewal: Optional[bool] = None, set_subject_key_id: Optional[bool] = None, validity_end_time: Optional[str] = None, validity_period_hours: Optional[int] = None, validity_start_time: Optional[str] = None) -> LocallySignedCert
func GetLocallySignedCert(ctx *Context, name string, id IDInput, state *LocallySignedCertState, opts ...ResourceOption) (*LocallySignedCert, error)
public static LocallySignedCert Get(string name, Input<string> id, LocallySignedCertState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowedUses List<string>

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

CaCertPem string

PEM-encoded certificate data for the CA.

CaKeyAlgorithm string

The name of the algorithm for the key provided in ca_private_key_pem.

CaPrivateKeyPem string

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

CertPem string

The certificate data in PEM format.

CertRequestPem string

PEM-encoded request certificate data.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

ReadyForRenewal bool
SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

AllowedUses []string

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

CaCertPem string

PEM-encoded certificate data for the CA.

CaKeyAlgorithm string

The name of the algorithm for the key provided in ca_private_key_pem.

CaPrivateKeyPem string

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

CertPem string

The certificate data in PEM format.

CertRequestPem string

PEM-encoded request certificate data.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

ReadyForRenewal bool
SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

allowedUses string[]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

caCertPem string

PEM-encoded certificate data for the CA.

caKeyAlgorithm string

The name of the algorithm for the key provided in ca_private_key_pem.

caPrivateKeyPem string

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

certPem string

The certificate data in PEM format.

certRequestPem string

PEM-encoded request certificate data.

earlyRenewalHours number

Number of hours before the certificates expiry when a new certificate will be generated

isCaCertificate boolean

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

readyForRenewal boolean
setSubjectKeyId boolean

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

validityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

validityPeriodHours number

The number of hours after initial issuing that the certificate will become invalid.

validityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

allowed_uses Sequence[str]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

ca_cert_pem str

PEM-encoded certificate data for the CA.

ca_key_algorithm str

The name of the algorithm for the key provided in ca_private_key_pem.

ca_private_key_pem str

PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.

cert_pem str

The certificate data in PEM format.

cert_request_pem str

PEM-encoded request certificate data.

early_renewal_hours int

Number of hours before the certificates expiry when a new certificate will be generated

is_ca_certificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

ready_for_renewal bool
set_subject_key_id bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

validity_end_time str

The time until which the certificate is invalid, as an RFC3339 timestamp.

validity_period_hours int

The number of hours after initial issuing that the certificate will become invalid.

validity_start_time str

The time after which the certificate is valid, as an RFC3339 timestamp.

Package Details

Repository
https://github.com/pulumi/pulumi-tls
License
Apache-2.0
Notes
This Pulumi package is based on the tls Terraform Provider.