aws.acmpca.getCertificateAuthority
Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).
Example Usage
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Acmpca.GetCertificateAuthority.Invoke(new()
{
Arn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := acmpca.LookupCertificateAuthority(ctx, &acmpca.LookupCertificateAuthorityArgs{
Arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.acmpca.AcmpcaFunctions;
import com.pulumi.aws.acmpca.inputs.GetCertificateAuthorityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = AcmpcaFunctions.getCertificateAuthority(GetCertificateAuthorityArgs.builder()
.arn("arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
.build());
}
}
import pulumi
import pulumi_aws as aws
example = aws.acmpca.get_certificate_authority(arn="arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.acmpca.getCertificateAuthority({
arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
});
variables:
example:
fn::invoke:
Function: aws:acmpca:getCertificateAuthority
Arguments:
arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012
Using getCertificateAuthority
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getCertificateAuthority(args: GetCertificateAuthorityArgs, opts?: InvokeOptions): Promise<GetCertificateAuthorityResult>
function getCertificateAuthorityOutput(args: GetCertificateAuthorityOutputArgs, opts?: InvokeOptions): Output<GetCertificateAuthorityResult>def get_certificate_authority(arn: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
opts: Optional[InvokeOptions] = None) -> GetCertificateAuthorityResult
def get_certificate_authority_output(arn: Optional[pulumi.Input[str]] = None,
tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetCertificateAuthorityResult]func LookupCertificateAuthority(ctx *Context, args *LookupCertificateAuthorityArgs, opts ...InvokeOption) (*LookupCertificateAuthorityResult, error)
func LookupCertificateAuthorityOutput(ctx *Context, args *LookupCertificateAuthorityOutputArgs, opts ...InvokeOption) LookupCertificateAuthorityResultOutput> Note: This function is named LookupCertificateAuthority in the Go SDK.
public static class GetCertificateAuthority
{
public static Task<GetCertificateAuthorityResult> InvokeAsync(GetCertificateAuthorityArgs args, InvokeOptions? opts = null)
public static Output<GetCertificateAuthorityResult> Invoke(GetCertificateAuthorityInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetCertificateAuthorityResult> getCertificateAuthority(GetCertificateAuthorityArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws:acmpca/getCertificateAuthority:getCertificateAuthority
arguments:
# arguments dictionaryThe following arguments are supported:
- Arn string
ARN of the certificate authority.
- Dictionary<string, string>
Key-value map of user-defined tags that are attached to the certificate authority.
- Arn string
ARN of the certificate authority.
- map[string]string
Key-value map of user-defined tags that are attached to the certificate authority.
- arn String
ARN of the certificate authority.
- Map<String,String>
Key-value map of user-defined tags that are attached to the certificate authority.
- arn string
ARN of the certificate authority.
- {[key: string]: string}
Key-value map of user-defined tags that are attached to the certificate authority.
- arn str
ARN of the certificate authority.
- Mapping[str, str]
Key-value map of user-defined tags that are attached to the certificate authority.
- arn String
ARN of the certificate authority.
- Map<String>
Key-value map of user-defined tags that are attached to the certificate authority.
getCertificateAuthority Result
The following output properties are available:
- Arn string
- Certificate string
Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Chain string Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Signing stringRequest The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- Id string
The provider-assigned unique ID for this managed resource.
- Not
After string Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Not
Before string Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Revocation
Configurations List<Pulumi.Aws. Acmpca. Outputs. Get Certificate Authority Revocation Configuration> Nested attribute containing revocation configuration.
revocation_configuration.0.crl_configuration- Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.revocation_configuration.0.crl_configuration.0.custom_cname- Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.revocation_configuration.0.crl_configuration.0.enabled- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.revocation_configuration.0.crl_configuration.0.expiration_in_days- Number of days until a certificate expires.revocation_configuration.0.crl_configuration.0.s3_bucket_name- Name of the S3 bucket that contains the CRL.revocation_configuration.0.crl_configuration.0.s3_object_acl- Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.revocation_configuration.0.ocsp_configuration.0.enabled- Boolean value that specifies whether a custom OCSP responder is enabled.revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname- A CNAME specifying a customized OCSP domain.
- Serial string
Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- Status string
Status of the certificate authority.
- Dictionary<string, string>
Key-value map of user-defined tags that are attached to the certificate authority.
- Type string
Type of the certificate authority.
- Usage
Mode string Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- Arn string
- Certificate string
Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Chain string Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Signing stringRequest The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- Id string
The provider-assigned unique ID for this managed resource.
- Not
After string Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Not
Before string Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Revocation
Configurations []GetCertificate Authority Revocation Configuration Nested attribute containing revocation configuration.
revocation_configuration.0.crl_configuration- Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.revocation_configuration.0.crl_configuration.0.custom_cname- Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.revocation_configuration.0.crl_configuration.0.enabled- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.revocation_configuration.0.crl_configuration.0.expiration_in_days- Number of days until a certificate expires.revocation_configuration.0.crl_configuration.0.s3_bucket_name- Name of the S3 bucket that contains the CRL.revocation_configuration.0.crl_configuration.0.s3_object_acl- Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.revocation_configuration.0.ocsp_configuration.0.enabled- Boolean value that specifies whether a custom OCSP responder is enabled.revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname- A CNAME specifying a customized OCSP domain.
- Serial string
Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- Status string
Status of the certificate authority.
- map[string]string
Key-value map of user-defined tags that are attached to the certificate authority.
- Type string
Type of the certificate authority.
- Usage
Mode string Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn String
- certificate String
Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate
Chain String Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate
Signing StringRequest The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id String
The provider-assigned unique ID for this managed resource.
- not
After String Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not
Before String Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation
Configurations List<GetCertificate Authority Revocation Configuration> Nested attribute containing revocation configuration.
revocation_configuration.0.crl_configuration- Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.revocation_configuration.0.crl_configuration.0.custom_cname- Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.revocation_configuration.0.crl_configuration.0.enabled- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.revocation_configuration.0.crl_configuration.0.expiration_in_days- Number of days until a certificate expires.revocation_configuration.0.crl_configuration.0.s3_bucket_name- Name of the S3 bucket that contains the CRL.revocation_configuration.0.crl_configuration.0.s3_object_acl- Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.revocation_configuration.0.ocsp_configuration.0.enabled- Boolean value that specifies whether a custom OCSP responder is enabled.revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname- A CNAME specifying a customized OCSP domain.
- serial String
Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status String
Status of the certificate authority.
- Map<String,String>
Key-value map of user-defined tags that are attached to the certificate authority.
- type String
Type of the certificate authority.
- usage
Mode String Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn string
- certificate string
Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate
Chain string Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate
Signing stringRequest The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id string
The provider-assigned unique ID for this managed resource.
- not
After string Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not
Before string Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation
Configurations GetCertificate Authority Revocation Configuration[] Nested attribute containing revocation configuration.
revocation_configuration.0.crl_configuration- Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.revocation_configuration.0.crl_configuration.0.custom_cname- Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.revocation_configuration.0.crl_configuration.0.enabled- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.revocation_configuration.0.crl_configuration.0.expiration_in_days- Number of days until a certificate expires.revocation_configuration.0.crl_configuration.0.s3_bucket_name- Name of the S3 bucket that contains the CRL.revocation_configuration.0.crl_configuration.0.s3_object_acl- Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.revocation_configuration.0.ocsp_configuration.0.enabled- Boolean value that specifies whether a custom OCSP responder is enabled.revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname- A CNAME specifying a customized OCSP domain.
- serial string
Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status string
Status of the certificate authority.
- {[key: string]: string}
Key-value map of user-defined tags that are attached to the certificate authority.
- type string
Type of the certificate authority.
- usage
Mode string Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn str
- certificate str
Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate_
chain str Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate_
signing_ strrequest The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id str
The provider-assigned unique ID for this managed resource.
- not_
after str Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not_
before str Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation_
configurations Sequence[GetCertificate Authority Revocation Configuration] Nested attribute containing revocation configuration.
revocation_configuration.0.crl_configuration- Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.revocation_configuration.0.crl_configuration.0.custom_cname- Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.revocation_configuration.0.crl_configuration.0.enabled- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.revocation_configuration.0.crl_configuration.0.expiration_in_days- Number of days until a certificate expires.revocation_configuration.0.crl_configuration.0.s3_bucket_name- Name of the S3 bucket that contains the CRL.revocation_configuration.0.crl_configuration.0.s3_object_acl- Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.revocation_configuration.0.ocsp_configuration.0.enabled- Boolean value that specifies whether a custom OCSP responder is enabled.revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname- A CNAME specifying a customized OCSP domain.
- serial str
Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status str
Status of the certificate authority.
- Mapping[str, str]
Key-value map of user-defined tags that are attached to the certificate authority.
- type str
Type of the certificate authority.
- usage_
mode str Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn String
- certificate String
Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate
Chain String Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate
Signing StringRequest The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id String
The provider-assigned unique ID for this managed resource.
- not
After String Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not
Before String Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation
Configurations List<Property Map> Nested attribute containing revocation configuration.
revocation_configuration.0.crl_configuration- Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.revocation_configuration.0.crl_configuration.0.custom_cname- Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.revocation_configuration.0.crl_configuration.0.enabled- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.revocation_configuration.0.crl_configuration.0.expiration_in_days- Number of days until a certificate expires.revocation_configuration.0.crl_configuration.0.s3_bucket_name- Name of the S3 bucket that contains the CRL.revocation_configuration.0.crl_configuration.0.s3_object_acl- Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.revocation_configuration.0.ocsp_configuration.0.enabled- Boolean value that specifies whether a custom OCSP responder is enabled.revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname- A CNAME specifying a customized OCSP domain.
- serial String
Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status String
Status of the certificate authority.
- Map<String>
Key-value map of user-defined tags that are attached to the certificate authority.
- type String
Type of the certificate authority.
- usage
Mode String Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
Supporting Types
GetCertificateAuthorityRevocationConfiguration
GetCertificateAuthorityRevocationConfigurationCrlConfiguration
- Custom
Cname string - Enabled bool
- Expiration
In intDays - S3Bucket
Name string - S3Object
Acl string
- Custom
Cname string - Enabled bool
- Expiration
In intDays - S3Bucket
Name string - S3Object
Acl string
- custom
Cname String - enabled Boolean
- expiration
In IntegerDays - s3Bucket
Name String - s3Object
Acl String
- custom
Cname string - enabled boolean
- expiration
In numberDays - s3Bucket
Name string - s3Object
Acl string
- custom_
cname str - enabled bool
- expiration_
in_ intdays - s3_
bucket_ strname - s3_
object_ stracl
- custom
Cname String - enabled Boolean
- expiration
In NumberDays - s3Bucket
Name String - s3Object
Acl String
GetCertificateAuthorityRevocationConfigurationOcspConfiguration
- Enabled bool
- Ocsp
Custom stringCname
- Enabled bool
- Ocsp
Custom stringCname
- enabled Boolean
- ocsp
Custom StringCname
- enabled boolean
- ocsp
Custom stringCname
- enabled bool
- ocsp_
custom_ strcname
- enabled Boolean
- ocsp
Custom StringCname
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.