Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

SelfSignedCert

Create a SelfSignedCert Resource

new SelfSignedCert(name: string, args: SelfSignedCertArgs, opts?: CustomResourceOptions);
def SelfSignedCert(resource_name: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, dns_names: Optional[Sequence[str]] = None, early_renewal_hours: Optional[int] = None, ip_addresses: Optional[Sequence[str]] = None, is_ca_certificate: Optional[bool] = None, key_algorithm: Optional[str] = None, private_key_pem: Optional[str] = None, set_subject_key_id: Optional[bool] = None, subjects: Optional[Sequence[SelfSignedCertSubjectArgs]] = None, uris: Optional[Sequence[str]] = None, validity_period_hours: Optional[int] = None)
func NewSelfSignedCert(ctx *Context, name string, args SelfSignedCertArgs, opts ...ResourceOption) (*SelfSignedCert, error)
public SelfSignedCert(string name, SelfSignedCertArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args SelfSignedCertArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args SelfSignedCertArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args SelfSignedCertArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

SelfSignedCert Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The SelfSignedCert resource accepts the following input properties:

AllowedUses List<string>

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

KeyAlgorithm string

The name of the algorithm for the key provided in private_key_pem.

PrivateKeyPem string

PEM-encoded private key that the certificate will belong to

Subjects List<SelfSignedCertSubjectArgs>

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

DnsNames List<string>

List of DNS names for which a certificate is being requested.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IpAddresses List<string>

List of IP addresses for which a certificate is being requested.

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

Uris List<string>

List of URIs for which a certificate is being requested.

AllowedUses []string

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

KeyAlgorithm string

The name of the algorithm for the key provided in private_key_pem.

PrivateKeyPem string

PEM-encoded private key that the certificate will belong to

Subjects []SelfSignedCertSubject

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

DnsNames []string

List of DNS names for which a certificate is being requested.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IpAddresses []string

List of IP addresses for which a certificate is being requested.

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

Uris []string

List of URIs for which a certificate is being requested.

allowedUses string[]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

keyAlgorithm string

The name of the algorithm for the key provided in private_key_pem.

privateKeyPem string

PEM-encoded private key that the certificate will belong to

subjects SelfSignedCertSubject[]

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

validityPeriodHours number

The number of hours after initial issuing that the certificate will become invalid.

dnsNames string[]

List of DNS names for which a certificate is being requested.

earlyRenewalHours number

Number of hours before the certificates expiry when a new certificate will be generated

ipAddresses string[]

List of IP addresses for which a certificate is being requested.

isCaCertificate boolean

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

setSubjectKeyId boolean

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

uris string[]

List of URIs for which a certificate is being requested.

allowed_uses Sequence[str]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

key_algorithm str

The name of the algorithm for the key provided in private_key_pem.

private_key_pem str

PEM-encoded private key that the certificate will belong to

subjects Sequence[SelfSignedCertSubjectArgs]

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

validity_period_hours int

The number of hours after initial issuing that the certificate will become invalid.

dns_names Sequence[str]

List of DNS names for which a certificate is being requested.

early_renewal_hours int

Number of hours before the certificates expiry when a new certificate will be generated

ip_addresses Sequence[str]

List of IP addresses for which a certificate is being requested.

is_ca_certificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

set_subject_key_id bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

uris Sequence[str]

List of URIs for which a certificate is being requested.

Outputs

All input properties are implicitly available as output properties. Additionally, the SelfSignedCert resource produces the following output properties:

CertPem string

The certificate data in PEM format.

Id string
The provider-assigned unique ID for this managed resource.
ReadyForRenewal bool
ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

CertPem string

The certificate data in PEM format.

Id string
The provider-assigned unique ID for this managed resource.
ReadyForRenewal bool
ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

certPem string

The certificate data in PEM format.

id string
The provider-assigned unique ID for this managed resource.
readyForRenewal boolean
validityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

validityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

cert_pem str

The certificate data in PEM format.

id str
The provider-assigned unique ID for this managed resource.
ready_for_renewal bool
validity_end_time str

The time until which the certificate is invalid, as an RFC3339 timestamp.

validity_start_time str

The time after which the certificate is valid, as an RFC3339 timestamp.

Look up an Existing SelfSignedCert Resource

Get an existing SelfSignedCert resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SelfSignedCertState, opts?: CustomResourceOptions): SelfSignedCert
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, cert_pem: Optional[str] = None, dns_names: Optional[Sequence[str]] = None, early_renewal_hours: Optional[int] = None, ip_addresses: Optional[Sequence[str]] = None, is_ca_certificate: Optional[bool] = None, key_algorithm: Optional[str] = None, private_key_pem: Optional[str] = None, ready_for_renewal: Optional[bool] = None, set_subject_key_id: Optional[bool] = None, subjects: Optional[Sequence[SelfSignedCertSubjectArgs]] = None, uris: Optional[Sequence[str]] = None, validity_end_time: Optional[str] = None, validity_period_hours: Optional[int] = None, validity_start_time: Optional[str] = None) -> SelfSignedCert
func GetSelfSignedCert(ctx *Context, name string, id IDInput, state *SelfSignedCertState, opts ...ResourceOption) (*SelfSignedCert, error)
public static SelfSignedCert Get(string name, Input<string> id, SelfSignedCertState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowedUses List<string>

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

CertPem string

The certificate data in PEM format.

DnsNames List<string>

List of DNS names for which a certificate is being requested.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IpAddresses List<string>

List of IP addresses for which a certificate is being requested.

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

KeyAlgorithm string

The name of the algorithm for the key provided in private_key_pem.

PrivateKeyPem string

PEM-encoded private key that the certificate will belong to

ReadyForRenewal bool
SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

Subjects List<SelfSignedCertSubjectArgs>

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

Uris List<string>

List of URIs for which a certificate is being requested.

ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

AllowedUses []string

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

CertPem string

The certificate data in PEM format.

DnsNames []string

List of DNS names for which a certificate is being requested.

EarlyRenewalHours int

Number of hours before the certificates expiry when a new certificate will be generated

IpAddresses []string

List of IP addresses for which a certificate is being requested.

IsCaCertificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

KeyAlgorithm string

The name of the algorithm for the key provided in private_key_pem.

PrivateKeyPem string

PEM-encoded private key that the certificate will belong to

ReadyForRenewal bool
SetSubjectKeyId bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

Subjects []SelfSignedCertSubject

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

Uris []string

List of URIs for which a certificate is being requested.

ValidityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

ValidityPeriodHours int

The number of hours after initial issuing that the certificate will become invalid.

ValidityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

allowedUses string[]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

certPem string

The certificate data in PEM format.

dnsNames string[]

List of DNS names for which a certificate is being requested.

earlyRenewalHours number

Number of hours before the certificates expiry when a new certificate will be generated

ipAddresses string[]

List of IP addresses for which a certificate is being requested.

isCaCertificate boolean

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

keyAlgorithm string

The name of the algorithm for the key provided in private_key_pem.

privateKeyPem string

PEM-encoded private key that the certificate will belong to

readyForRenewal boolean
setSubjectKeyId boolean

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

subjects SelfSignedCertSubject[]

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

uris string[]

List of URIs for which a certificate is being requested.

validityEndTime string

The time until which the certificate is invalid, as an RFC3339 timestamp.

validityPeriodHours number

The number of hours after initial issuing that the certificate will become invalid.

validityStartTime string

The time after which the certificate is valid, as an RFC3339 timestamp.

allowed_uses Sequence[str]

List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.

cert_pem str

The certificate data in PEM format.

dns_names Sequence[str]

List of DNS names for which a certificate is being requested.

early_renewal_hours int

Number of hours before the certificates expiry when a new certificate will be generated

ip_addresses Sequence[str]

List of IP addresses for which a certificate is being requested.

is_ca_certificate bool

Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to false, meaning that the certificate does not represent a certificate authority.

key_algorithm str

The name of the algorithm for the key provided in private_key_pem.

private_key_pem str

PEM-encoded private key that the certificate will belong to

ready_for_renewal bool
set_subject_key_id bool

If true, the certificate will include the subject key identifier. Defaults to false, in which case the subject key identifier is not set at all.

subjects Sequence[SelfSignedCertSubjectArgs]

The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for tls.CertRequest.

uris Sequence[str]

List of URIs for which a certificate is being requested.

validity_end_time str

The time until which the certificate is invalid, as an RFC3339 timestamp.

validity_period_hours int

The number of hours after initial issuing that the certificate will become invalid.

validity_start_time str

The time after which the certificate is valid, as an RFC3339 timestamp.

Supporting Types

SelfSignedCertSubject

CommonName string
Country string
Locality string
Organization string
OrganizationalUnit string
PostalCode string
Province string
SerialNumber string
StreetAddresses List<string>

Package Details

Repository
https://github.com/pulumi/pulumi-tls
License
Apache-2.0
Notes
This Pulumi package is based on the tls Terraform Provider.