SelfSignedCert
Create a SelfSignedCert Resource
new SelfSignedCert(name: string, args: SelfSignedCertArgs, opts?: CustomResourceOptions);def SelfSignedCert(resource_name: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, dns_names: Optional[Sequence[str]] = None, early_renewal_hours: Optional[int] = None, ip_addresses: Optional[Sequence[str]] = None, is_ca_certificate: Optional[bool] = None, key_algorithm: Optional[str] = None, private_key_pem: Optional[str] = None, set_subject_key_id: Optional[bool] = None, subjects: Optional[Sequence[SelfSignedCertSubjectArgs]] = None, uris: Optional[Sequence[str]] = None, validity_period_hours: Optional[int] = None)func NewSelfSignedCert(ctx *Context, name string, args SelfSignedCertArgs, opts ...ResourceOption) (*SelfSignedCert, error)public SelfSignedCert(string name, SelfSignedCertArgs args, CustomResourceOptions? opts = null)- name string
- The unique name of the resource.
- args SelfSignedCertArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SelfSignedCertArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SelfSignedCertArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
SelfSignedCert Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The SelfSignedCert resource accepts the following input properties:
- Allowed
Uses List<string> List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- Key
Algorithm string The name of the algorithm for the key provided in
private_key_pem.- Private
Key stringPem PEM-encoded private key that the certificate will belong to
- Subjects
List<Self
Signed Cert Subject Args> The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- Validity
Period intHours The number of hours after initial issuing that the certificate will become invalid.
- Dns
Names List<string> List of DNS names for which a certificate is being requested.
- Early
Renewal intHours Number of hours before the certificates expiry when a new certificate will be generated
- Ip
Addresses List<string> List of IP addresses for which a certificate is being requested.
- Is
Ca boolCertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- Set
Subject boolKey Id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- Uris List<string>
List of URIs for which a certificate is being requested.
- Allowed
Uses []string List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- Key
Algorithm string The name of the algorithm for the key provided in
private_key_pem.- Private
Key stringPem PEM-encoded private key that the certificate will belong to
- Subjects
[]Self
Signed Cert Subject The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- Validity
Period intHours The number of hours after initial issuing that the certificate will become invalid.
- Dns
Names []string List of DNS names for which a certificate is being requested.
- Early
Renewal intHours Number of hours before the certificates expiry when a new certificate will be generated
- Ip
Addresses []string List of IP addresses for which a certificate is being requested.
- Is
Ca boolCertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- Set
Subject boolKey Id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- Uris []string
List of URIs for which a certificate is being requested.
- allowed
Uses string[] List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- key
Algorithm string The name of the algorithm for the key provided in
private_key_pem.- private
Key stringPem PEM-encoded private key that the certificate will belong to
- subjects
Self
Signed Cert Subject[] The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- validity
Period numberHours The number of hours after initial issuing that the certificate will become invalid.
- dns
Names string[] List of DNS names for which a certificate is being requested.
- early
Renewal numberHours Number of hours before the certificates expiry when a new certificate will be generated
- ip
Addresses string[] List of IP addresses for which a certificate is being requested.
- is
Ca booleanCertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- set
Subject booleanKey Id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- uris string[]
List of URIs for which a certificate is being requested.
- allowed_
uses Sequence[str] List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- key_
algorithm str The name of the algorithm for the key provided in
private_key_pem.- private_
key_ strpem PEM-encoded private key that the certificate will belong to
- subjects
Sequence[Self
Signed Cert Subject Args] The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- validity_
period_ inthours The number of hours after initial issuing that the certificate will become invalid.
- dns_
names Sequence[str] List of DNS names for which a certificate is being requested.
- early_
renewal_ inthours Number of hours before the certificates expiry when a new certificate will be generated
- ip_
addresses Sequence[str] List of IP addresses for which a certificate is being requested.
- is_
ca_ boolcertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- set_
subject_ boolkey_ id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- uris Sequence[str]
List of URIs for which a certificate is being requested.
Outputs
All input properties are implicitly available as output properties. Additionally, the SelfSignedCert resource produces the following output properties:
- Cert
Pem string The certificate data in PEM format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Ready
For boolRenewal - Validity
End stringTime The time until which the certificate is invalid, as an RFC3339 timestamp.
- Validity
Start stringTime The time after which the certificate is valid, as an RFC3339 timestamp.
- Cert
Pem string The certificate data in PEM format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Ready
For boolRenewal - Validity
End stringTime The time until which the certificate is invalid, as an RFC3339 timestamp.
- Validity
Start stringTime The time after which the certificate is valid, as an RFC3339 timestamp.
- cert
Pem string The certificate data in PEM format.
- id string
- The provider-assigned unique ID for this managed resource.
- ready
For booleanRenewal - validity
End stringTime The time until which the certificate is invalid, as an RFC3339 timestamp.
- validity
Start stringTime The time after which the certificate is valid, as an RFC3339 timestamp.
- cert_
pem str The certificate data in PEM format.
- id str
- The provider-assigned unique ID for this managed resource.
- ready_
for_ boolrenewal - validity_
end_ strtime The time until which the certificate is invalid, as an RFC3339 timestamp.
- validity_
start_ strtime The time after which the certificate is valid, as an RFC3339 timestamp.
Look up an Existing SelfSignedCert Resource
Get an existing SelfSignedCert resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SelfSignedCertState, opts?: CustomResourceOptions): SelfSignedCert@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, allowed_uses: Optional[Sequence[str]] = None, cert_pem: Optional[str] = None, dns_names: Optional[Sequence[str]] = None, early_renewal_hours: Optional[int] = None, ip_addresses: Optional[Sequence[str]] = None, is_ca_certificate: Optional[bool] = None, key_algorithm: Optional[str] = None, private_key_pem: Optional[str] = None, ready_for_renewal: Optional[bool] = None, set_subject_key_id: Optional[bool] = None, subjects: Optional[Sequence[SelfSignedCertSubjectArgs]] = None, uris: Optional[Sequence[str]] = None, validity_end_time: Optional[str] = None, validity_period_hours: Optional[int] = None, validity_start_time: Optional[str] = None) -> SelfSignedCertfunc GetSelfSignedCert(ctx *Context, name string, id IDInput, state *SelfSignedCertState, opts ...ResourceOption) (*SelfSignedCert, error)public static SelfSignedCert Get(string name, Input<string> id, SelfSignedCertState? state, CustomResourceOptions? opts = null)- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Allowed
Uses List<string> List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- Cert
Pem string The certificate data in PEM format.
- Dns
Names List<string> List of DNS names for which a certificate is being requested.
- Early
Renewal intHours Number of hours before the certificates expiry when a new certificate will be generated
- Ip
Addresses List<string> List of IP addresses for which a certificate is being requested.
- Is
Ca boolCertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- Key
Algorithm string The name of the algorithm for the key provided in
private_key_pem.- Private
Key stringPem PEM-encoded private key that the certificate will belong to
- Ready
For boolRenewal - Set
Subject boolKey Id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- Subjects
List<Self
Signed Cert Subject Args> The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- Uris List<string>
List of URIs for which a certificate is being requested.
- Validity
End stringTime The time until which the certificate is invalid, as an RFC3339 timestamp.
- Validity
Period intHours The number of hours after initial issuing that the certificate will become invalid.
- Validity
Start stringTime The time after which the certificate is valid, as an RFC3339 timestamp.
- Allowed
Uses []string List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- Cert
Pem string The certificate data in PEM format.
- Dns
Names []string List of DNS names for which a certificate is being requested.
- Early
Renewal intHours Number of hours before the certificates expiry when a new certificate will be generated
- Ip
Addresses []string List of IP addresses for which a certificate is being requested.
- Is
Ca boolCertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- Key
Algorithm string The name of the algorithm for the key provided in
private_key_pem.- Private
Key stringPem PEM-encoded private key that the certificate will belong to
- Ready
For boolRenewal - Set
Subject boolKey Id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- Subjects
[]Self
Signed Cert Subject The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- Uris []string
List of URIs for which a certificate is being requested.
- Validity
End stringTime The time until which the certificate is invalid, as an RFC3339 timestamp.
- Validity
Period intHours The number of hours after initial issuing that the certificate will become invalid.
- Validity
Start stringTime The time after which the certificate is valid, as an RFC3339 timestamp.
- allowed
Uses string[] List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- cert
Pem string The certificate data in PEM format.
- dns
Names string[] List of DNS names for which a certificate is being requested.
- early
Renewal numberHours Number of hours before the certificates expiry when a new certificate will be generated
- ip
Addresses string[] List of IP addresses for which a certificate is being requested.
- is
Ca booleanCertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- key
Algorithm string The name of the algorithm for the key provided in
private_key_pem.- private
Key stringPem PEM-encoded private key that the certificate will belong to
- ready
For booleanRenewal - set
Subject booleanKey Id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- subjects
Self
Signed Cert Subject[] The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- uris string[]
List of URIs for which a certificate is being requested.
- validity
End stringTime The time until which the certificate is invalid, as an RFC3339 timestamp.
- validity
Period numberHours The number of hours after initial issuing that the certificate will become invalid.
- validity
Start stringTime The time after which the certificate is valid, as an RFC3339 timestamp.
- allowed_
uses Sequence[str] List of keywords each describing a use that is permitted for the issued certificate. The valid keywords are listed below.
- cert_
pem str The certificate data in PEM format.
- dns_
names Sequence[str] List of DNS names for which a certificate is being requested.
- early_
renewal_ inthours Number of hours before the certificates expiry when a new certificate will be generated
- ip_
addresses Sequence[str] List of IP addresses for which a certificate is being requested.
- is_
ca_ boolcertificate Boolean controlling whether the CA flag will be set in the generated certificate. Defaults to
false, meaning that the certificate does not represent a certificate authority.- key_
algorithm str The name of the algorithm for the key provided in
private_key_pem.- private_
key_ strpem PEM-encoded private key that the certificate will belong to
- ready_
for_ boolrenewal - set_
subject_ boolkey_ id If
true, the certificate will include the subject key identifier. Defaults tofalse, in which case the subject key identifier is not set at all.- subjects
Sequence[Self
Signed Cert Subject Args] The subject for which a certificate is being requested. This is a nested configuration block whose structure matches the corresponding block for
tls.CertRequest.- uris Sequence[str]
List of URIs for which a certificate is being requested.
- validity_
end_ strtime The time until which the certificate is invalid, as an RFC3339 timestamp.
- validity_
period_ inthours The number of hours after initial issuing that the certificate will become invalid.
- validity_
start_ strtime The time after which the certificate is valid, as an RFC3339 timestamp.
Supporting Types
SelfSignedCertSubject
- Common
Name string - Country string
- Locality string
- Organization string
- Organizational
Unit string - Postal
Code string - Province string
- Serial
Number string - Street
Addresses List<string>
- Common
Name string - Country string
- Locality string
- Organization string
- Organizational
Unit string - Postal
Code string - Province string
- Serial
Number string - Street
Addresses []string
- common
Name string - country string
- locality string
- organization string
- organizational
Unit string - postal
Code string - province string
- serial
Number string - street
Addresses string[]
- common_
name str - country str
- locality str
- organization str
- organizational_
unit str - postal_
code str - province str
- serial_
number str - street_
addresses Sequence[str]
Package Details
- Repository
- https://github.com/pulumi/pulumi-tls
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
tlsTerraform Provider.