1. Packages
  2. AWS Classic
  3. API Docs
  4. acmpca
  5. getCertificateAuthority

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.40.0 published on Wednesday, Jun 12, 2024 by Pulumi

aws.acmpca.getCertificateAuthority

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.40.0 published on Wednesday, Jun 12, 2024 by Pulumi

    Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = aws.acmpca.getCertificateAuthority({
        arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.acmpca.get_certificate_authority(arn="arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := acmpca.LookupCertificateAuthority(ctx, &acmpca.LookupCertificateAuthorityArgs{
    			Arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Aws.Acmpca.GetCertificateAuthority.Invoke(new()
        {
            Arn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.acmpca.AcmpcaFunctions;
    import com.pulumi.aws.acmpca.inputs.GetCertificateAuthorityArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = AcmpcaFunctions.getCertificateAuthority(GetCertificateAuthorityArgs.builder()
                .arn("arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
                .build());
    
        }
    }
    
    variables:
      example:
        fn::invoke:
          Function: aws:acmpca:getCertificateAuthority
          Arguments:
            arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012
    

    Using getCertificateAuthority

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getCertificateAuthority(args: GetCertificateAuthorityArgs, opts?: InvokeOptions): Promise<GetCertificateAuthorityResult>
    function getCertificateAuthorityOutput(args: GetCertificateAuthorityOutputArgs, opts?: InvokeOptions): Output<GetCertificateAuthorityResult>
    def get_certificate_authority(arn: Optional[str] = None,
                                  tags: Optional[Mapping[str, str]] = None,
                                  opts: Optional[InvokeOptions] = None) -> GetCertificateAuthorityResult
    def get_certificate_authority_output(arn: Optional[pulumi.Input[str]] = None,
                                  tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                                  opts: Optional[InvokeOptions] = None) -> Output[GetCertificateAuthorityResult]
    func LookupCertificateAuthority(ctx *Context, args *LookupCertificateAuthorityArgs, opts ...InvokeOption) (*LookupCertificateAuthorityResult, error)
    func LookupCertificateAuthorityOutput(ctx *Context, args *LookupCertificateAuthorityOutputArgs, opts ...InvokeOption) LookupCertificateAuthorityResultOutput

    > Note: This function is named LookupCertificateAuthority in the Go SDK.

    public static class GetCertificateAuthority 
    {
        public static Task<GetCertificateAuthorityResult> InvokeAsync(GetCertificateAuthorityArgs args, InvokeOptions? opts = null)
        public static Output<GetCertificateAuthorityResult> Invoke(GetCertificateAuthorityInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetCertificateAuthorityResult> getCertificateAuthority(GetCertificateAuthorityArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws:acmpca/getCertificateAuthority:getCertificateAuthority
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Arn string
    ARN of the certificate authority.
    Tags Dictionary<string, string>
    Key-value map of user-defined tags that are attached to the certificate authority.
    Arn string
    ARN of the certificate authority.
    Tags map[string]string
    Key-value map of user-defined tags that are attached to the certificate authority.
    arn String
    ARN of the certificate authority.
    tags Map<String,String>
    Key-value map of user-defined tags that are attached to the certificate authority.
    arn string
    ARN of the certificate authority.
    tags {[key: string]: string}
    Key-value map of user-defined tags that are attached to the certificate authority.
    arn str
    ARN of the certificate authority.
    tags Mapping[str, str]
    Key-value map of user-defined tags that are attached to the certificate authority.
    arn String
    ARN of the certificate authority.
    tags Map<String>
    Key-value map of user-defined tags that are attached to the certificate authority.

    getCertificateAuthority Result

    The following output properties are available:

    Arn string
    Certificate string
    Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
    CertificateChain string
    Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
    CertificateSigningRequest string
    The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyStorageSecurityStandard string
    NotAfter string
    Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    NotBefore string
    Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    RevocationConfigurations List<GetCertificateAuthorityRevocationConfiguration>
    Nested attribute containing revocation configuration.
    Serial string
    Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
    Status string
    Status of the certificate authority.
    Tags Dictionary<string, string>
    Key-value map of user-defined tags that are attached to the certificate authority.
    Type string
    Type of the certificate authority.
    UsageMode string
    Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
    Arn string
    Certificate string
    Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
    CertificateChain string
    Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
    CertificateSigningRequest string
    The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyStorageSecurityStandard string
    NotAfter string
    Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    NotBefore string
    Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    RevocationConfigurations []GetCertificateAuthorityRevocationConfiguration
    Nested attribute containing revocation configuration.
    Serial string
    Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
    Status string
    Status of the certificate authority.
    Tags map[string]string
    Key-value map of user-defined tags that are attached to the certificate authority.
    Type string
    Type of the certificate authority.
    UsageMode string
    Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
    arn String
    certificate String
    Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
    certificateChain String
    Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
    certificateSigningRequest String
    The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
    id String
    The provider-assigned unique ID for this managed resource.
    keyStorageSecurityStandard String
    notAfter String
    Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    notBefore String
    Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    revocationConfigurations List<GetCertificateAuthorityRevocationConfiguration>
    Nested attribute containing revocation configuration.
    serial String
    Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
    status String
    Status of the certificate authority.
    tags Map<String,String>
    Key-value map of user-defined tags that are attached to the certificate authority.
    type String
    Type of the certificate authority.
    usageMode String
    Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
    arn string
    certificate string
    Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
    certificateChain string
    Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
    certificateSigningRequest string
    The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
    id string
    The provider-assigned unique ID for this managed resource.
    keyStorageSecurityStandard string
    notAfter string
    Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    notBefore string
    Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    revocationConfigurations GetCertificateAuthorityRevocationConfiguration[]
    Nested attribute containing revocation configuration.
    serial string
    Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
    status string
    Status of the certificate authority.
    tags {[key: string]: string}
    Key-value map of user-defined tags that are attached to the certificate authority.
    type string
    Type of the certificate authority.
    usageMode string
    Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
    arn str
    certificate str
    Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
    certificate_chain str
    Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
    certificate_signing_request str
    The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
    id str
    The provider-assigned unique ID for this managed resource.
    key_storage_security_standard str
    not_after str
    Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    not_before str
    Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    revocation_configurations Sequence[GetCertificateAuthorityRevocationConfiguration]
    Nested attribute containing revocation configuration.
    serial str
    Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
    status str
    Status of the certificate authority.
    tags Mapping[str, str]
    Key-value map of user-defined tags that are attached to the certificate authority.
    type str
    Type of the certificate authority.
    usage_mode str
    Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
    arn String
    certificate String
    Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
    certificateChain String
    Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
    certificateSigningRequest String
    The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
    id String
    The provider-assigned unique ID for this managed resource.
    keyStorageSecurityStandard String
    notAfter String
    Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    notBefore String
    Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
    revocationConfigurations List<Property Map>
    Nested attribute containing revocation configuration.
    serial String
    Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
    status String
    Status of the certificate authority.
    tags Map<String>
    Key-value map of user-defined tags that are attached to the certificate authority.
    type String
    Type of the certificate authority.
    usageMode String
    Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.

    Supporting Types

    GetCertificateAuthorityRevocationConfiguration

    CrlConfigurations List<GetCertificateAuthorityRevocationConfigurationCrlConfiguration>
    Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
    OcspConfigurations List<GetCertificateAuthorityRevocationConfigurationOcspConfiguration>
    CrlConfigurations []GetCertificateAuthorityRevocationConfigurationCrlConfiguration
    Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
    OcspConfigurations []GetCertificateAuthorityRevocationConfigurationOcspConfiguration
    crlConfigurations List<GetCertificateAuthorityRevocationConfigurationCrlConfiguration>
    Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
    ocspConfigurations List<GetCertificateAuthorityRevocationConfigurationOcspConfiguration>
    crlConfigurations GetCertificateAuthorityRevocationConfigurationCrlConfiguration[]
    Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
    ocspConfigurations GetCertificateAuthorityRevocationConfigurationOcspConfiguration[]
    crl_configurations Sequence[GetCertificateAuthorityRevocationConfigurationCrlConfiguration]
    Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
    ocsp_configurations Sequence[GetCertificateAuthorityRevocationConfigurationOcspConfiguration]
    crlConfigurations List<Property Map>
    Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
    ocspConfigurations List<Property Map>

    GetCertificateAuthorityRevocationConfigurationCrlConfiguration

    CustomCname string
    Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
    Enabled bool
    Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
    ExpirationInDays int
    Number of days until a certificate expires.
    S3BucketName string
    Name of the S3 bucket that contains the CRL.
    S3ObjectAcl string
    Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
    CustomCname string
    Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
    Enabled bool
    Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
    ExpirationInDays int
    Number of days until a certificate expires.
    S3BucketName string
    Name of the S3 bucket that contains the CRL.
    S3ObjectAcl string
    Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
    customCname String
    Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
    enabled Boolean
    Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
    expirationInDays Integer
    Number of days until a certificate expires.
    s3BucketName String
    Name of the S3 bucket that contains the CRL.
    s3ObjectAcl String
    Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
    customCname string
    Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
    enabled boolean
    Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
    expirationInDays number
    Number of days until a certificate expires.
    s3BucketName string
    Name of the S3 bucket that contains the CRL.
    s3ObjectAcl string
    Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
    custom_cname str
    Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
    enabled bool
    Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
    expiration_in_days int
    Number of days until a certificate expires.
    s3_bucket_name str
    Name of the S3 bucket that contains the CRL.
    s3_object_acl str
    Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
    customCname String
    Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
    enabled Boolean
    Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
    expirationInDays Number
    Number of days until a certificate expires.
    s3BucketName String
    Name of the S3 bucket that contains the CRL.
    s3ObjectAcl String
    Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.

    GetCertificateAuthorityRevocationConfigurationOcspConfiguration

    Enabled bool
    Boolean value that specifies whether a custom OCSP responder is enabled.
    OcspCustomCname string
    A CNAME specifying a customized OCSP domain.
    Enabled bool
    Boolean value that specifies whether a custom OCSP responder is enabled.
    OcspCustomCname string
    A CNAME specifying a customized OCSP domain.
    enabled Boolean
    Boolean value that specifies whether a custom OCSP responder is enabled.
    ocspCustomCname String
    A CNAME specifying a customized OCSP domain.
    enabled boolean
    Boolean value that specifies whether a custom OCSP responder is enabled.
    ocspCustomCname string
    A CNAME specifying a customized OCSP domain.
    enabled bool
    Boolean value that specifies whether a custom OCSP responder is enabled.
    ocsp_custom_cname str
    A CNAME specifying a customized OCSP domain.
    enabled Boolean
    Boolean value that specifies whether a custom OCSP responder is enabled.
    ocspCustomCname String
    A CNAME specifying a customized OCSP domain.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.40.0 published on Wednesday, Jun 12, 2024 by Pulumi