akamai.getCPSEnrollments

Use the akamai.getCPSEnrollments data source to return data for all of a specific contract’s enrollments.

Basic usage

This example shows how to set up a user:

import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";

const testEnrollmentsList = akamai.getCPSEnrollments({
    contractId: _var.contract_id,
});
export const dvOutput = testEnrollmentsList;
import pulumi
import pulumi_akamai as akamai

test_enrollments_list = akamai.get_cps_enrollments(contract_id=var["contract_id"])
pulumi.export("dvOutput", test_enrollments_list)
using System.Collections.Generic;
using Pulumi;
using Akamai = Pulumi.Akamai;

return await Deployment.RunAsync(() => 
{
    var testEnrollmentsList = Akamai.GetCPSEnrollments.Invoke(new()
    {
        ContractId = @var.Contract_id,
    });

    return new Dictionary<string, object?>
    {
        ["dvOutput"] = testEnrollmentsList,
    };
});
package main

import (
	"github.com/pulumi/pulumi-akamai/sdk/v4/go/akamai"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testEnrollmentsList, err := akamai.GetCPSEnrollments(ctx, &akamai.GetCPSEnrollmentsArgs{
			ContractId: _var.Contract_id,
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("dvOutput", testEnrollmentsList)
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akamai.AkamaiFunctions;
import com.pulumi.akamai.inputs.GetCPSEnrollmentsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testEnrollmentsList = AkamaiFunctions.getCPSEnrollments(GetCPSEnrollmentsArgs.builder()
            .contractId(var_.contract_id())
            .build());

        ctx.export("dvOutput", testEnrollmentsList.applyValue(getCPSEnrollmentsResult -> getCPSEnrollmentsResult));
    }
}
variables:
  testEnrollmentsList:
    fn::invoke:
      Function: akamai:getCPSEnrollments
      Arguments:
        contractId: ${var.contract_id}
outputs:
  dvOutput: ${testEnrollmentsList}

Attributes reference

This data source returns these attributes:

  • enrollments
    • enrollment_id
    • common_name - The fully qualified domain name (FQDN) used for the certificate.
    • sans - Additional common names in a Subject Alternative Names (SAN) list.
    • secure_network - The type of deployment network used. standard-tls deploys your certificate to Akamai’s standard secure network, but it isn’t PCI compliant. enhanced-tls deploys your certificate to Akamai’s more secure network with PCI compliance capability.
    • sni_only - Whether you enabled SNI-only extension for the enrollment. Server Name Indication (SNI) is an extension of the Transport Layer Security (TLS) networking protocol. It allows a server to present multiple certificates on the same IP address. All modern web browsers support the SNI extension. If you have the same SAN on two or more certificates with the SNI-only option set, Akamai may serve traffic using any certificate which matches the requested SNI hostname.
    • admin_contact - Contact information for the certificate administrator at your company.
    • certificate_chain_type - Certificate trust chain type.
    • csr - When you create an enrollment, you also generate a certificate signing request (CSR) using CPS. CPS signs the CSR with the private key. The CSR contains all the information the CA needs to issue your certificate.
      • country_code - The country code for the country where your organization is located.
      • city - The city where your organization resides.
      • organization - The name of your company or organization.
      • organizational_unit - Your organizational unit.
      • preferred_trust_chain - For the Let’s Encrypt Domain Validated (DV) SAN certificates, the preferred trust chain will be included by CPS with the leaf certificate in the TLS handshake.
      • state - Your state or province.
    • enable_multi_stacked_certificates - If present, an ECDSA certificate is enabled in addition to an RSA certificate. CPS automatically performs all certificate operations on both certificates, and uses the best certificate for each client connection to your secure properties.
    • network_configuration - The network information and TLS Metadata you want CPS to use to push the completed certificate to the network.
      • client_mutual_authentication - If present, shows the configuration for client mutual authentication. Specifies the trust chain that is used to verify client certificates and some configuration options.
        • send_ca_list_to_client - If present, the server is enabled to send the certificate authority (CA) list to the client.
        • ocsp_enabled - If present, the Online Certificate Status Protocol (OCSP) stapling is enabled for client certificates.
        • set_id - The identifier of the set of trust chains, created in Trust Chain Manager.
      • disallowed_tls_versions - The TLS protocol version that is not trusted. CPS uses the TLS protocols that Akamai currently supports as a best practice.
      • clone_dns_names - If present, CPS directs traffic using all the SANs listed in the SANs parameter when the enrollment was created.
      • geography - A list of where you can deploy the certificate. Either core to specify worldwide deployment (including China and Russia), china+core to specify worldwide deployment and China, or russia+core to specify worldwide deployment and Russia.
      • must_have_ciphers - If present, shows ciphers included for enrollment when deployed on the network. The default is ak-akamai-2020q1 when it is not set. For more information on cipher profiles, see Akamai community.
      • ocsp_stapling - If present, the enrollment is using OCSP stapling. OCSP stapling improves performance by including a valid OCSP response in every TLS handshake. This option allows the visitors on your site to query the Online Certificate Status Protocol (OCSP) server at regular intervals to obtain a signed time-stamped OCSP response. Possible values are on, off, or not-set.
      • preferred_ciphers - If present, shows the ciphers that you prefer to include for the enrollment while deploying it on the network. The default is ak-akamai-2020q1 when its not set. For more information on cipher profiles, see Akamai community.
      • quic_enabled - If present, uses the QUIC transport layer network protocol.
    • signature_algorithm - If present, shows the Secure Hash Algorithm (SHA) function, either SHA-1 or SHA-256.
    • tech_contact - The technical contact within Akamai. This is the person you work closest with at Akamai and who can verify the certificate request. The CA calls this contact if there are any issues with the certificate and they can’t reach the admin_contact.
    • organization - The name of the organization in Akamai where your technical contact works.
      • name - The name of the technical contact at Akamai.
      • phone - The phone number of the technical contact at Akamai.
      • address_line_one - The address for the technical contact at Akamai.
      • address_line_two - The address for the technical contact at Akamai.
      • city - The address for the technical contact at Akamai.
      • region - The region for the technical contact at Akamai.
      • postal_code - The postal code for the technical contact at Akamai.
      • country_code - The country code for the technical contact at Akamai.
    • certificate_type - Populates automatically with the san certificate type and is preserved in the state file.
    • validation_type - Populates automatically with the dv validation type and is preserved in the state file.
    • registration_authority - Populates automatically with the lets-encrypt certificate type and is preserved in the state file.
    • pending_changes - If true, there are changes currently pending in CPS. To view pending changes, use the data_akamai_cps_enrollment data source.

Using getCPSEnrollments

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getCPSEnrollments(args: GetCPSEnrollmentsArgs, opts?: InvokeOptions): Promise<GetCPSEnrollmentsResult>
function getCPSEnrollmentsOutput(args: GetCPSEnrollmentsOutputArgs, opts?: InvokeOptions): Output<GetCPSEnrollmentsResult>
def get_cps_enrollments(contract_id: Optional[str] = None,
                        opts: Optional[InvokeOptions] = None) -> GetCPSEnrollmentsResult
def get_cps_enrollments_output(contract_id: Optional[pulumi.Input[str]] = None,
                        opts: Optional[InvokeOptions] = None) -> Output[GetCPSEnrollmentsResult]
func GetCPSEnrollments(ctx *Context, args *GetCPSEnrollmentsArgs, opts ...InvokeOption) (*GetCPSEnrollmentsResult, error)
func GetCPSEnrollmentsOutput(ctx *Context, args *GetCPSEnrollmentsOutputArgs, opts ...InvokeOption) GetCPSEnrollmentsResultOutput

> Note: This function is named GetCPSEnrollments in the Go SDK.

public static class GetCPSEnrollments 
{
    public static Task<GetCPSEnrollmentsResult> InvokeAsync(GetCPSEnrollmentsArgs args, InvokeOptions? opts = null)
    public static Output<GetCPSEnrollmentsResult> Invoke(GetCPSEnrollmentsInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetCPSEnrollmentsResult> getCPSEnrollments(GetCPSEnrollmentsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: akamai:index/getCPSEnrollments:getCPSEnrollments
  arguments:
    # arguments dictionary

The following arguments are supported:

ContractId string

A contract's ID, optionally with the ctr_ prefix.

ContractId string

A contract's ID, optionally with the ctr_ prefix.

contractId String

A contract's ID, optionally with the ctr_ prefix.

contractId string

A contract's ID, optionally with the ctr_ prefix.

contract_id str

A contract's ID, optionally with the ctr_ prefix.

contractId String

A contract's ID, optionally with the ctr_ prefix.

getCPSEnrollments Result

The following output properties are available:

ContractId string
Enrollments List<GetCPSEnrollmentsEnrollment>
Id string

The provider-assigned unique ID for this managed resource.

ContractId string
Enrollments []GetCPSEnrollmentsEnrollment
Id string

The provider-assigned unique ID for this managed resource.

contractId String
enrollments List<GetCPSEnrollmentsEnrollment>
id String

The provider-assigned unique ID for this managed resource.

contractId string
enrollments GetCPSEnrollmentsEnrollment[]
id string

The provider-assigned unique ID for this managed resource.

contract_id str
enrollments Sequence[GetCPSEnrollmentsEnrollment]
id str

The provider-assigned unique ID for this managed resource.

contractId String
enrollments List<Property Map>
id String

The provider-assigned unique ID for this managed resource.

Supporting Types

GetCPSEnrollmentsEnrollment

GetCPSEnrollmentsEnrollmentAdminContact

AddressLineOne string
City string
CountryCode string
Email string
FirstName string
LastName string
Organization string
Phone string
PostalCode string
Region string
AddressLineTwo string
Title string
AddressLineOne string
City string
CountryCode string
Email string
FirstName string
LastName string
Organization string
Phone string
PostalCode string
Region string
AddressLineTwo string
Title string
addressLineOne String
city String
countryCode String
email String
firstName String
lastName String
organization String
phone String
postalCode String
region String
addressLineTwo String
title String
addressLineOne string
city string
countryCode string
email string
firstName string
lastName string
organization string
phone string
postalCode string
region string
addressLineTwo string
title string
addressLineOne String
city String
countryCode String
email String
firstName String
lastName String
organization String
phone String
postalCode String
region String
addressLineTwo String
title String

GetCPSEnrollmentsEnrollmentCsr

GetCPSEnrollmentsEnrollmentNetworkConfiguration

GetCPSEnrollmentsEnrollmentNetworkConfigurationClientMutualAuthentication

ocspEnabled Boolean
sendCaListToClient Boolean
setId String
ocspEnabled boolean
sendCaListToClient boolean
setId string
ocspEnabled Boolean
sendCaListToClient Boolean
setId String

GetCPSEnrollmentsEnrollmentOrganization

AddressLineOne string
AddressLineTwo string
City string
CountryCode string
Name string
Phone string
PostalCode string
Region string
AddressLineOne string
AddressLineTwo string
City string
CountryCode string
Name string
Phone string
PostalCode string
Region string
addressLineOne String
addressLineTwo String
city String
countryCode String
name String
phone String
postalCode String
region String
addressLineOne string
addressLineTwo string
city string
countryCode string
name string
phone string
postalCode string
region string
addressLineOne String
addressLineTwo String
city String
countryCode String
name String
phone String
postalCode String
region String

GetCPSEnrollmentsEnrollmentTechContact

AddressLineOne string
City string
CountryCode string
Email string
FirstName string
LastName string
Organization string
Phone string
PostalCode string
Region string
AddressLineTwo string
Title string
AddressLineOne string
City string
CountryCode string
Email string
FirstName string
LastName string
Organization string
Phone string
PostalCode string
Region string
AddressLineTwo string
Title string
addressLineOne String
city String
countryCode String
email String
firstName String
lastName String
organization String
phone String
postalCode String
region String
addressLineTwo String
title String
addressLineOne string
city string
countryCode string
email string
firstName string
lastName string
organization string
phone string
postalCode string
region string
addressLineTwo string
title string
addressLineOne String
city String
countryCode String
email String
firstName String
lastName String
organization String
phone String
postalCode String
region String
addressLineTwo String
title String

Package Details

Repository
Akamai pulumi/pulumi-akamai
License
Apache-2.0
Notes

This Pulumi package is based on the akamai Terraform Provider.