LocallySignedCert

Create a LocallySignedCert Resource

new LocallySignedCert(name: string, args: LocallySignedCertArgs, opts?: CustomResourceOptions);

def LocallySignedCert(resource_name: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, ca_cert_pem: Optional[str] = None, ca_key_algorithm: Optional[str] = None, ca_private_key_pem: Optional[str] = None, cert_request_pem: Optional[str] = None, early_renewal_hours: Optional[int] = None, is_ca_certificate: Optional[bool] = None, set_subject_key_id: Optional[bool] = None, validity_period_hours: Optional[int] = None)

func NewLocallySignedCert(ctx *Context, name string, args LocallySignedCertArgs, opts ...ResourceOption) (*LocallySignedCert, error)

public LocallySignedCert(string name, LocallySignedCertArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args LocallySignedCertArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args LocallySignedCertArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args LocallySignedCertArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

LocallySignedCert Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The LocallySignedCert resource accepts the following input properties:

AllowedUses List<string>: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
CaCertPem string: PEM-encoded certificate data for the CA.
CaKeyAlgorithm string: The name of the algorithm for the key provided in ca_private_key_pem.
CaPrivateKeyPem string: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
CertRequestPem string: PEM-encoded request certificate data.
ValidityPeriodHours int: The number of hours after initial issuing that the certificate will become invalid.
EarlyRenewalHours int: Number of hours before the certificates expiry when a new certificate will be generated
IsCaCertificate bool: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
SetSubjectKeyId bool: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

AllowedUses []string: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
CaCertPem string: PEM-encoded certificate data for the CA.
CaKeyAlgorithm string: The name of the algorithm for the key provided in ca_private_key_pem.
CaPrivateKeyPem string: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
CertRequestPem string: PEM-encoded request certificate data.
ValidityPeriodHours int: The number of hours after initial issuing that the certificate will become invalid.
EarlyRenewalHours int: Number of hours before the certificates expiry when a new certificate will be generated
IsCaCertificate bool: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
SetSubjectKeyId bool: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

allowedUses string[]: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
caCertPem string: PEM-encoded certificate data for the CA.
caKeyAlgorithm string: The name of the algorithm for the key provided in ca_private_key_pem.
caPrivateKeyPem string: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
certRequestPem string: PEM-encoded request certificate data.
validityPeriodHours number: The number of hours after initial issuing that the certificate will become invalid.
earlyRenewalHours number: Number of hours before the certificates expiry when a new certificate will be generated
isCaCertificate boolean: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
setSubjectKeyId boolean: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

allowed_uses Sequence[str]: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
ca_cert_pem str: PEM-encoded certificate data for the CA.
ca_key_algorithm str: The name of the algorithm for the key provided in ca_private_key_pem.
ca_private_key_pem str: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
cert_request_pem str: PEM-encoded request certificate data.
validity_period_hours int: The number of hours after initial issuing that the certificate will become invalid.
early_renewal_hours int: Number of hours before the certificates expiry when a new certificate will be generated
is_ca_certificate bool: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
set_subject_key_id bool: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

Outputs

All input properties are implicitly available as output properties. Additionally, the LocallySignedCert resource produces the following output properties:

CertPem string: The certificate data in PEM format.
Id string: The provider-assigned unique ID for this managed resource.
ReadyForRenewal bool
ValidityEndTime string: The time until which the certificate is invalid, as an RFC3339 timestamp.
ValidityStartTime string: The time after which the certificate is valid, as an RFC3339 timestamp.

CertPem string: The certificate data in PEM format.
Id string: The provider-assigned unique ID for this managed resource.
ReadyForRenewal bool
ValidityEndTime string: The time until which the certificate is invalid, as an RFC3339 timestamp.
ValidityStartTime string: The time after which the certificate is valid, as an RFC3339 timestamp.

certPem string: The certificate data in PEM format.
id string: The provider-assigned unique ID for this managed resource.
readyForRenewal boolean
validityEndTime string: The time until which the certificate is invalid, as an RFC3339 timestamp.
validityStartTime string: The time after which the certificate is valid, as an RFC3339 timestamp.

cert_pem str: The certificate data in PEM format.
id str: The provider-assigned unique ID for this managed resource.
ready_for_renewal bool
validity_end_time str: The time until which the certificate is invalid, as an RFC3339 timestamp.
validity_start_time str: The time after which the certificate is valid, as an RFC3339 timestamp.

Look up an Existing LocallySignedCert Resource

Get an existing LocallySignedCert resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: LocallySignedCertState, opts?: CustomResourceOptions): LocallySignedCert

@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, ca_cert_pem: Optional[str] = None, ca_key_algorithm: Optional[str] = None, ca_private_key_pem: Optional[str] = None, cert_pem: Optional[str] = None, cert_request_pem: Optional[str] = None, early_renewal_hours: Optional[int] = None, is_ca_certificate: Optional[bool] = None, ready_for_renewal: Optional[bool] = None, set_subject_key_id: Optional[bool] = None, validity_end_time: Optional[str] = None, validity_period_hours: Optional[int] = None, validity_start_time: Optional[str] = None) -> LocallySignedCert

func GetLocallySignedCert(ctx *Context, name string, id IDInput, state *LocallySignedCertState, opts ...ResourceOption) (*LocallySignedCert, error)

public static LocallySignedCert Get(string name, Input<string> id, LocallySignedCertState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowedUses List<string>: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
CaCertPem string: PEM-encoded certificate data for the CA.
CaKeyAlgorithm string: The name of the algorithm for the key provided in ca_private_key_pem.
CaPrivateKeyPem string: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
CertPem string: The certificate data in PEM format.
CertRequestPem string: PEM-encoded request certificate data.
EarlyRenewalHours int: Number of hours before the certificates expiry when a new certificate will be generated
IsCaCertificate bool: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
ReadyForRenewal bool
SetSubjectKeyId bool: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.
ValidityEndTime string: The time until which the certificate is invalid, as an RFC3339 timestamp.
ValidityPeriodHours int: The number of hours after initial issuing that the certificate will become invalid.
ValidityStartTime string: The time after which the certificate is valid, as an RFC3339 timestamp.

AllowedUses []string: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
CaCertPem string: PEM-encoded certificate data for the CA.
CaKeyAlgorithm string: The name of the algorithm for the key provided in ca_private_key_pem.
CaPrivateKeyPem string: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
CertPem string: The certificate data in PEM format.
CertRequestPem string: PEM-encoded request certificate data.
EarlyRenewalHours int: Number of hours before the certificates expiry when a new certificate will be generated
IsCaCertificate bool: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
ReadyForRenewal bool
SetSubjectKeyId bool: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.
ValidityEndTime string: The time until which the certificate is invalid, as an RFC3339 timestamp.
ValidityPeriodHours int: The number of hours after initial issuing that the certificate will become invalid.
ValidityStartTime string: The time after which the certificate is valid, as an RFC3339 timestamp.

allowedUses string[]: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
caCertPem string: PEM-encoded certificate data for the CA.
caKeyAlgorithm string: The name of the algorithm for the key provided in ca_private_key_pem.
caPrivateKeyPem string: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
certPem string: The certificate data in PEM format.
certRequestPem string: PEM-encoded request certificate data.
earlyRenewalHours number: Number of hours before the certificates expiry when a new certificate will be generated
isCaCertificate boolean: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
readyForRenewal boolean
setSubjectKeyId boolean: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.
validityEndTime string: The time until which the certificate is invalid, as an RFC3339 timestamp.
validityPeriodHours number: The number of hours after initial issuing that the certificate will become invalid.
validityStartTime string: The time after which the certificate is valid, as an RFC3339 timestamp.

allowed_uses Sequence[str]: List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
ca_cert_pem str: PEM-encoded certificate data for the CA.
ca_key_algorithm str: The name of the algorithm for the key provided in ca_private_key_pem.
ca_private_key_pem str: PEM-encoded private key data for the CA. This can be read from a separate file using the file interpolation function.
cert_pem str: The certificate data in PEM format.
cert_request_pem str: PEM-encoded request certificate data.
early_renewal_hours int: Number of hours before the certificates expiry when a new certificate will be generated
is_ca_certificate bool: Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.
ready_for_renewal bool
set_subject_key_id bool: If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.
validity_end_time str: The time until which the certificate is invalid, as an RFC3339 timestamp.
validity_period_hours int: The number of hours after initial issuing that the certificate will become invalid.
validity_start_time str: The time after which the certificate is valid, as an RFC3339 timestamp.

Package Details

Repository: https://github.com/pulumi/pulumi-tls
License: Apache-2.0
Notes: This Pulumi package is based on the tls Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud