AWS Native is in preview. AWS Classic is fully supported.
aws-native.acmpca.Certificate
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
A certificate issued via a private certificate authority
Create Certificate Resource
new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
api_passthrough: Optional[CertificateApiPassthroughArgs] = None,
certificate_authority_arn: Optional[str] = None,
certificate_signing_request: Optional[str] = None,
signing_algorithm: Optional[str] = None,
template_arn: Optional[str] = None,
validity: Optional[CertificateValidityArgs] = None,
validity_not_before: Optional[CertificateValidityArgs] = None)
@overload
def Certificate(resource_name: str,
args: CertificateArgs,
opts: Optional[ResourceOptions] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: aws-native:acmpca:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Certificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Certificate resource accepts the following input properties:
- string
The Amazon Resource Name (ARN) for the private CA to issue the certificate.
- Certificate
Signing stringRequest The certificate signing request (CSR) for the Certificate.
- Signing
Algorithm string The name of the algorithm that will be used to sign the Certificate.
- Validity
Pulumi.
Aws Native. Acmpca. Inputs. Certificate Validity The time before which the Certificate will be valid.
- Api
Passthrough Pulumi.Aws Native. Acmpca. Inputs. Certificate Api Passthrough These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.
- Template
Arn string Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.
- Validity
Not Pulumi.Before Aws Native. Acmpca. Inputs. Certificate Validity The time after which the Certificate will be valid.
- string
The Amazon Resource Name (ARN) for the private CA to issue the certificate.
- Certificate
Signing stringRequest The certificate signing request (CSR) for the Certificate.
- Signing
Algorithm string The name of the algorithm that will be used to sign the Certificate.
- Validity
Certificate
Validity Args The time before which the Certificate will be valid.
- Api
Passthrough CertificateApi Passthrough Args These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.
- Template
Arn string Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.
- Validity
Not CertificateBefore Validity Args The time after which the Certificate will be valid.
- String
The Amazon Resource Name (ARN) for the private CA to issue the certificate.
- certificate
Signing StringRequest The certificate signing request (CSR) for the Certificate.
- signing
Algorithm String The name of the algorithm that will be used to sign the Certificate.
- validity
Certificate
Validity The time before which the Certificate will be valid.
- api
Passthrough CertificateApi Passthrough These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.
- template
Arn String Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.
- validity
Not CertificateBefore Validity The time after which the Certificate will be valid.
- string
The Amazon Resource Name (ARN) for the private CA to issue the certificate.
- certificate
Signing stringRequest The certificate signing request (CSR) for the Certificate.
- signing
Algorithm string The name of the algorithm that will be used to sign the Certificate.
- validity
Certificate
Validity The time before which the Certificate will be valid.
- api
Passthrough CertificateApi Passthrough These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.
- template
Arn string Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.
- validity
Not CertificateBefore Validity The time after which the Certificate will be valid.
- str
The Amazon Resource Name (ARN) for the private CA to issue the certificate.
- certificate_
signing_ strrequest The certificate signing request (CSR) for the Certificate.
- signing_
algorithm str The name of the algorithm that will be used to sign the Certificate.
- validity
Certificate
Validity Args The time before which the Certificate will be valid.
- api_
passthrough CertificateApi Passthrough Args These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.
- template_
arn str Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.
- validity_
not_ Certificatebefore Validity Args The time after which the Certificate will be valid.
- String
The Amazon Resource Name (ARN) for the private CA to issue the certificate.
- certificate
Signing StringRequest The certificate signing request (CSR) for the Certificate.
- signing
Algorithm String The name of the algorithm that will be used to sign the Certificate.
- validity Property Map
The time before which the Certificate will be valid.
- api
Passthrough Property Map These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.
- template
Arn String Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.
- validity
Not Property MapBefore The time after which the Certificate will be valid.
Outputs
All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:
- Arn string
The ARN of the issued certificate.
- Certificate
Value string The issued certificate in base 64 PEM-encoded format.
- Id string
The provider-assigned unique ID for this managed resource.
- Arn string
The ARN of the issued certificate.
- Certificate string
The issued certificate in base 64 PEM-encoded format.
- Id string
The provider-assigned unique ID for this managed resource.
- arn String
The ARN of the issued certificate.
- certificate String
The issued certificate in base 64 PEM-encoded format.
- id String
The provider-assigned unique ID for this managed resource.
- arn string
The ARN of the issued certificate.
- certificate string
The issued certificate in base 64 PEM-encoded format.
- id string
The provider-assigned unique ID for this managed resource.
- arn str
The ARN of the issued certificate.
- certificate str
The issued certificate in base 64 PEM-encoded format.
- id str
The provider-assigned unique ID for this managed resource.
- arn String
The ARN of the issued certificate.
- certificate String
The issued certificate in base 64 PEM-encoded format.
- id String
The provider-assigned unique ID for this managed resource.
Supporting Types
CertificateApiPassthrough, CertificateApiPassthroughArgs
CertificateCustomAttribute, CertificateCustomAttributeArgs
- Object
Identifier string - Value string
- Object
Identifier string - Value string
- object
Identifier String - value String
- object
Identifier string - value string
- object_
identifier str - value str
- object
Identifier String - value String
CertificateCustomExtension, CertificateCustomExtensionArgs
- Object
Identifier string - Value string
- Critical bool
- Object
Identifier string - Value string
- Critical bool
- object
Identifier String - value String
- critical Boolean
- object
Identifier string - value string
- critical boolean
- object_
identifier str - value str
- critical bool
- object
Identifier String - value String
- critical Boolean
CertificateEdiPartyName, CertificateEdiPartyNameArgs
- Name
Assigner string - Party
Name string
- Name
Assigner string - Party
Name string
- name
Assigner String - party
Name String
- name
Assigner string - party
Name string
- name_
assigner str - party_
name str
- name
Assigner String - party
Name String
CertificateExtendedKeyUsage, CertificateExtendedKeyUsageArgs
- Extended
Key stringUsage Object Identifier - Extended
Key stringUsage Type
- Extended
Key stringUsage Object Identifier - Extended
Key stringUsage Type
- extended
Key StringUsage Object Identifier - extended
Key StringUsage Type
- extended
Key stringUsage Object Identifier - extended
Key stringUsage Type
- extended
Key StringUsage Object Identifier - extended
Key StringUsage Type
CertificateExtensions, CertificateExtensionsArgs
- Certificate
Policies List<Pulumi.Aws Native. Acmpca. Inputs. Certificate Policy Information> - Custom
Extensions List<Pulumi.Aws Native. Acmpca. Inputs. Certificate Custom Extension> - Extended
Key List<Pulumi.Usage Aws Native. Acmpca. Inputs. Certificate Extended Key Usage> - Key
Usage Pulumi.Aws Native. Acmpca. Inputs. Certificate Key Usage - Subject
Alternative List<Pulumi.Names Aws Native. Acmpca. Inputs. Certificate General Name>
CertificateGeneralName, CertificateGeneralNameArgs
- directory
Name Property Map - dns
Name String - edi
Party Property MapName - ip
Address String - other
Name Property Map - registered
Id String - rfc822Name String
- uniform
Resource StringIdentifier
CertificateKeyUsage, CertificateKeyUsageArgs
- Crl
Sign bool - Data
Encipherment bool - Decipher
Only bool - Digital
Signature bool - Encipher
Only bool - Key
Agreement bool - Key
Cert boolSign - Key
Encipherment bool - Non
Repudiation bool
- Crl
Sign bool - Data
Encipherment bool - Decipher
Only bool - Digital
Signature bool - Encipher
Only bool - Key
Agreement bool - Key
Cert boolSign - Key
Encipherment bool - Non
Repudiation bool
- crl
Sign Boolean - data
Encipherment Boolean - decipher
Only Boolean - digital
Signature Boolean - encipher
Only Boolean - key
Agreement Boolean - key
Cert BooleanSign - key
Encipherment Boolean - non
Repudiation Boolean
- crl
Sign boolean - data
Encipherment boolean - decipher
Only boolean - digital
Signature boolean - encipher
Only boolean - key
Agreement boolean - key
Cert booleanSign - key
Encipherment boolean - non
Repudiation boolean
- crl_
sign bool - data_
encipherment bool - decipher_
only bool - digital_
signature bool - encipher_
only bool - key_
agreement bool - key_
cert_ boolsign - key_
encipherment bool - non_
repudiation bool
- crl
Sign Boolean - data
Encipherment Boolean - decipher
Only Boolean - digital
Signature Boolean - encipher
Only Boolean - key
Agreement Boolean - key
Cert BooleanSign - key
Encipherment Boolean - non
Repudiation Boolean
CertificateOtherName, CertificateOtherNameArgs
CertificatePolicyInformation, CertificatePolicyInformationArgs
CertificatePolicyQualifierInfo, CertificatePolicyQualifierInfoArgs
CertificateQualifier, CertificateQualifierArgs
- Cps
Uri string
- Cps
Uri string
- cps
Uri String
- cps
Uri string
- cps_
uri str
- cps
Uri String
CertificateSubject, CertificateSubjectArgs
- Common
Name string - Country string
- Custom
Attributes List<Pulumi.Aws Native. Acmpca. Inputs. Certificate Custom Attribute> - Distinguished
Name stringQualifier - Generation
Qualifier string - Given
Name string - Initials string
- Locality string
- Organization string
- Organizational
Unit string - Pseudonym string
- Serial
Number string - State string
- Surname string
- Title string
- Common
Name string - Country string
- Custom
Attributes []CertificateCustom Attribute - Distinguished
Name stringQualifier - Generation
Qualifier string - Given
Name string - Initials string
- Locality string
- Organization string
- Organizational
Unit string - Pseudonym string
- Serial
Number string - State string
- Surname string
- Title string
- common
Name String - country String
- custom
Attributes List<CertificateCustom Attribute> - distinguished
Name StringQualifier - generation
Qualifier String - given
Name String - initials String
- locality String
- organization String
- organizational
Unit String - pseudonym String
- serial
Number String - state String
- surname String
- title String
- common
Name string - country string
- custom
Attributes CertificateCustom Attribute[] - distinguished
Name stringQualifier - generation
Qualifier string - given
Name string - initials string
- locality string
- organization string
- organizational
Unit string - pseudonym string
- serial
Number string - state string
- surname string
- title string
- common_
name str - country str
- custom_
attributes Sequence[CertificateCustom Attribute] - distinguished_
name_ strqualifier - generation_
qualifier str - given_
name str - initials str
- locality str
- organization str
- organizational_
unit str - pseudonym str
- serial_
number str - state str
- surname str
- title str
- common
Name String - country String
- custom
Attributes List<Property Map> - distinguished
Name StringQualifier - generation
Qualifier String - given
Name String - initials String
- locality String
- organization String
- organizational
Unit String - pseudonym String
- serial
Number String - state String
- surname String
- title String
CertificateValidity, CertificateValidityArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.