Pulumi Registry
All packages

AWS Classic

Pulumi Official
Package maintained by Pulumi
v5.4.0 published on Wednesday, May 4, 2022 by Pulumi
Source code
  1. Pulumi Registry
  2. AWS Classic
  3. AWS Classic
  4. acmpca
  5. getCertificateAuthority

getCertificateAuthority

Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var example = Output.Create(Aws.Acmpca.GetCertificateAuthority.InvokeAsync(new Aws.Acmpca.GetCertificateAuthorityArgs
        {
            Arn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
        }));
    }

}

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/acmpca"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.LookupCertificateAuthority(ctx, &acmpca.LookupCertificateAuthorityArgs{
			Arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = Output.of(AcmpcaFunctions.getCertificateAuthority(GetCertificateAuthorityArgs.builder()
            .arn("arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
            .build()));

        }
}

import pulumi
import pulumi_aws as aws

example = aws.acmpca.get_certificate_authority(arn="arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = pulumi.output(aws.acmpca.getCertificateAuthority({
    arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
}));

variables:
  example:
    Fn::Invoke:
      Function: aws:acmpca:getCertificateAuthority
      Arguments:
        arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012

Using getCertificateAuthority

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getCertificateAuthority(args: GetCertificateAuthorityArgs, opts?: InvokeOptions): Promise<GetCertificateAuthorityResult>
function getCertificateAuthorityOutput(args: GetCertificateAuthorityOutputArgs, opts?: InvokeOptions): Output<GetCertificateAuthorityResult>
def get_certificate_authority(arn: Optional[str] = None,
                              revocation_configurations: Optional[Sequence[GetCertificateAuthorityRevocationConfiguration]] = None,
                              tags: Optional[Mapping[str, str]] = None,
                              opts: Optional[InvokeOptions] = None) -> GetCertificateAuthorityResult
def get_certificate_authority_output(arn: Optional[pulumi.Input[str]] = None,
                              revocation_configurations: Optional[pulumi.Input[Sequence[pulumi.Input[GetCertificateAuthorityRevocationConfigurationArgs]]]] = None,
                              tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                              opts: Optional[InvokeOptions] = None) -> Output[GetCertificateAuthorityResult]
func LookupCertificateAuthority(ctx *Context, args *LookupCertificateAuthorityArgs, opts ...InvokeOption) (*LookupCertificateAuthorityResult, error)
func LookupCertificateAuthorityOutput(ctx *Context, args *LookupCertificateAuthorityOutputArgs, opts ...InvokeOption) LookupCertificateAuthorityResultOutput

> Note: This function is named LookupCertificateAuthority in the Go SDK.

public static class GetCertificateAuthority 
{
    public static Task<GetCertificateAuthorityResult> InvokeAsync(GetCertificateAuthorityArgs args, InvokeOptions? opts = null)
    public static Output<GetCertificateAuthorityResult> Invoke(GetCertificateAuthorityInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetCertificateAuthorityResult> getCertificateAuthority(GetCertificateAuthorityArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

Fn::Invoke:
  Function: aws:acmpca/getCertificateAuthority:getCertificateAuthority
  Arguments:
    # Arguments dictionary

The following arguments are supported:

Arn string

Amazon Resource Name (ARN) of the certificate authority.

RevocationConfigurations List<Pulumi.Aws.Acmpca.Inputs.GetCertificateAuthorityRevocationConfiguration>

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
Tags Dictionary<string, string>

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

Arn string

Amazon Resource Name (ARN) of the certificate authority.

RevocationConfigurations []GetCertificateAuthorityRevocationConfiguration

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
Tags map[string]string

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

arn String

Amazon Resource Name (ARN) of the certificate authority.

revocationConfigurations ListCertificateAuthorityRevocationConfiguration>

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
tags Map

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

arn string

Amazon Resource Name (ARN) of the certificate authority.

revocationConfigurations GetCertificateAuthorityRevocationConfiguration[]

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
tags {[key: string]: string}

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

arn str

Amazon Resource Name (ARN) of the certificate authority.

revocation_configurations Sequence[GetCertificateAuthorityRevocationConfiguration]

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
tags Mapping[str, str]

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

arn String

Amazon Resource Name (ARN) of the certificate authority.

revocationConfigurations List

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
tags Map

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

getCertificateAuthority Result

The following output properties are available:

Arn string
Certificate string

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

CertificateChain string

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

CertificateSigningRequest string

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

Id string

The provider-assigned unique ID for this managed resource.

NotAfter string

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

NotBefore string

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

RevocationConfigurations List<Pulumi.Aws.Acmpca.Outputs.GetCertificateAuthorityRevocationConfiguration>

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
Serial string

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

Status string

Status of the certificate authority.

Tags Dictionary<string, string>

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

Type string

The type of the certificate authority.

Arn string
Certificate string

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

CertificateChain string

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

CertificateSigningRequest string

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

Id string

The provider-assigned unique ID for this managed resource.

NotAfter string

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

NotBefore string

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

RevocationConfigurations []GetCertificateAuthorityRevocationConfiguration

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
Serial string

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

Status string

Status of the certificate authority.

Tags map[string]string

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

Type string

The type of the certificate authority.

arn String
certificate String

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

certificateChain String

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

certificateSigningRequest String

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

id String

The provider-assigned unique ID for this managed resource.

notAfter String

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

notBefore String

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

revocationConfigurations ListCertificateAuthorityRevocationConfiguration>

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
serial String

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

status String

Status of the certificate authority.

tags Map

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

type String

The type of the certificate authority.

arn string
certificate string

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

certificateChain string

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

certificateSigningRequest string

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

id string

The provider-assigned unique ID for this managed resource.

notAfter string

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

notBefore string

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

revocationConfigurations GetCertificateAuthorityRevocationConfiguration[]

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
serial string

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

status string

Status of the certificate authority.

tags {[key: string]: string}

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

type string

The type of the certificate authority.

arn str
certificate str

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

certificate_chain str

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

certificate_signing_request str

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

id str

The provider-assigned unique ID for this managed resource.

not_after str

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

not_before str

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

revocation_configurations Sequence[GetCertificateAuthorityRevocationConfiguration]

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
serial str

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

status str

Status of the certificate authority.

tags Mapping[str, str]

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

type str

The type of the certificate authority.

arn String
certificate String

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

certificateChain String

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

certificateSigningRequest String

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

id String

The provider-assigned unique ID for this managed resource.

notAfter String

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

notBefore String

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

revocationConfigurations List

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
  • revocation_configuration.0.crl_configuration.0.s3_object_acl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
serial String

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

status String

Status of the certificate authority.

tags Map

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

type String

The type of the certificate authority.

Supporting Types

GetCertificateAuthorityRevocationConfiguration

GetCertificateAuthorityRevocationConfigurationCrlConfiguration

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.