1. Packages
  2. AWS Classic
  3. API Docs
  4. iot
  5. CaCertificate

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi

aws.iot.CaCertificate

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi

    Creates and manages an AWS IoT CA Certificate.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    import * as tls from "@pulumi/tls";
    
    const caPrivateKey = new tls.PrivateKey("ca", {algorithm: "RSA"});
    const ca = new tls.SelfSignedCert("ca", {
        privateKeyPem: caPrivateKey.privateKeyPem,
        subject: {
            commonName: "example.com",
            organization: "ACME Examples, Inc",
        },
        validityPeriodHours: 12,
        allowedUses: [
            "key_encipherment",
            "digital_signature",
            "server_auth",
        ],
        isCaCertificate: true,
    });
    const verificationPrivateKey = new tls.PrivateKey("verification", {algorithm: "RSA"});
    const example = aws.iot.getRegistrationCode({});
    const verification = new tls.CertRequest("verification", {
        privateKeyPem: verificationPrivateKey.privateKeyPem,
        subject: {
            commonName: example.then(example => example.registrationCode),
        },
    });
    const verificationLocallySignedCert = new tls.LocallySignedCert("verification", {
        certRequestPem: verification.certRequestPem,
        caPrivateKeyPem: caPrivateKey.privateKeyPem,
        caCertPem: ca.certPem,
        validityPeriodHours: 12,
        allowedUses: [
            "key_encipherment",
            "digital_signature",
            "server_auth",
        ],
    });
    const exampleCaCertificate = new aws.iot.CaCertificate("example", {
        active: true,
        caCertificatePem: ca.certPem,
        verificationCertificatePem: verificationLocallySignedCert.certPem,
        allowAutoRegistration: true,
    });
    
    import pulumi
    import pulumi_aws as aws
    import pulumi_tls as tls
    
    ca_private_key = tls.PrivateKey("ca", algorithm="RSA")
    ca = tls.SelfSignedCert("ca",
        private_key_pem=ca_private_key.private_key_pem,
        subject=tls.SelfSignedCertSubjectArgs(
            common_name="example.com",
            organization="ACME Examples, Inc",
        ),
        validity_period_hours=12,
        allowed_uses=[
            "key_encipherment",
            "digital_signature",
            "server_auth",
        ],
        is_ca_certificate=True)
    verification_private_key = tls.PrivateKey("verification", algorithm="RSA")
    example = aws.iot.get_registration_code()
    verification = tls.CertRequest("verification",
        private_key_pem=verification_private_key.private_key_pem,
        subject=tls.CertRequestSubjectArgs(
            common_name=example.registration_code,
        ))
    verification_locally_signed_cert = tls.LocallySignedCert("verification",
        cert_request_pem=verification.cert_request_pem,
        ca_private_key_pem=ca_private_key.private_key_pem,
        ca_cert_pem=ca.cert_pem,
        validity_period_hours=12,
        allowed_uses=[
            "key_encipherment",
            "digital_signature",
            "server_auth",
        ])
    example_ca_certificate = aws.iot.CaCertificate("example",
        active=True,
        ca_certificate_pem=ca.cert_pem,
        verification_certificate_pem=verification_locally_signed_cert.cert_pem,
        allow_auto_registration=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot"
    	"github.com/pulumi/pulumi-tls/sdk/v4/go/tls"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		caPrivateKey, err := tls.NewPrivateKey(ctx, "ca", &tls.PrivateKeyArgs{
    			Algorithm: pulumi.String("RSA"),
    		})
    		if err != nil {
    			return err
    		}
    		ca, err := tls.NewSelfSignedCert(ctx, "ca", &tls.SelfSignedCertArgs{
    			PrivateKeyPem: caPrivateKey.PrivateKeyPem,
    			Subject: &tls.SelfSignedCertSubjectArgs{
    				CommonName:   pulumi.String("example.com"),
    				Organization: pulumi.String("ACME Examples, Inc"),
    			},
    			ValidityPeriodHours: pulumi.Int(12),
    			AllowedUses: pulumi.StringArray{
    				pulumi.String("key_encipherment"),
    				pulumi.String("digital_signature"),
    				pulumi.String("server_auth"),
    			},
    			IsCaCertificate: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		verificationPrivateKey, err := tls.NewPrivateKey(ctx, "verification", &tls.PrivateKeyArgs{
    			Algorithm: pulumi.String("RSA"),
    		})
    		if err != nil {
    			return err
    		}
    		example, err := iot.GetRegistrationCode(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		verification, err := tls.NewCertRequest(ctx, "verification", &tls.CertRequestArgs{
    			PrivateKeyPem: verificationPrivateKey.PrivateKeyPem,
    			Subject: &tls.CertRequestSubjectArgs{
    				CommonName: pulumi.String(example.RegistrationCode),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		verificationLocallySignedCert, err := tls.NewLocallySignedCert(ctx, "verification", &tls.LocallySignedCertArgs{
    			CertRequestPem:      verification.CertRequestPem,
    			CaPrivateKeyPem:     caPrivateKey.PrivateKeyPem,
    			CaCertPem:           ca.CertPem,
    			ValidityPeriodHours: pulumi.Int(12),
    			AllowedUses: pulumi.StringArray{
    				pulumi.String("key_encipherment"),
    				pulumi.String("digital_signature"),
    				pulumi.String("server_auth"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = iot.NewCaCertificate(ctx, "example", &iot.CaCertificateArgs{
    			Active:                     pulumi.Bool(true),
    			CaCertificatePem:           ca.CertPem,
    			VerificationCertificatePem: verificationLocallySignedCert.CertPem,
    			AllowAutoRegistration:      pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    using Tls = Pulumi.Tls;
    
    return await Deployment.RunAsync(() => 
    {
        var caPrivateKey = new Tls.PrivateKey("ca", new()
        {
            Algorithm = "RSA",
        });
    
        var ca = new Tls.SelfSignedCert("ca", new()
        {
            PrivateKeyPem = caPrivateKey.PrivateKeyPem,
            Subject = new Tls.Inputs.SelfSignedCertSubjectArgs
            {
                CommonName = "example.com",
                Organization = "ACME Examples, Inc",
            },
            ValidityPeriodHours = 12,
            AllowedUses = new[]
            {
                "key_encipherment",
                "digital_signature",
                "server_auth",
            },
            IsCaCertificate = true,
        });
    
        var verificationPrivateKey = new Tls.PrivateKey("verification", new()
        {
            Algorithm = "RSA",
        });
    
        var example = Aws.Iot.GetRegistrationCode.Invoke();
    
        var verification = new Tls.CertRequest("verification", new()
        {
            PrivateKeyPem = verificationPrivateKey.PrivateKeyPem,
            Subject = new Tls.Inputs.CertRequestSubjectArgs
            {
                CommonName = example.Apply(getRegistrationCodeResult => getRegistrationCodeResult.RegistrationCode),
            },
        });
    
        var verificationLocallySignedCert = new Tls.LocallySignedCert("verification", new()
        {
            CertRequestPem = verification.CertRequestPem,
            CaPrivateKeyPem = caPrivateKey.PrivateKeyPem,
            CaCertPem = ca.CertPem,
            ValidityPeriodHours = 12,
            AllowedUses = new[]
            {
                "key_encipherment",
                "digital_signature",
                "server_auth",
            },
        });
    
        var exampleCaCertificate = new Aws.Iot.CaCertificate("example", new()
        {
            Active = true,
            CaCertificatePem = ca.CertPem,
            VerificationCertificatePem = verificationLocallySignedCert.CertPem,
            AllowAutoRegistration = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.tls.PrivateKey;
    import com.pulumi.tls.PrivateKeyArgs;
    import com.pulumi.tls.SelfSignedCert;
    import com.pulumi.tls.SelfSignedCertArgs;
    import com.pulumi.tls.inputs.SelfSignedCertSubjectArgs;
    import com.pulumi.aws.iot.IotFunctions;
    import com.pulumi.tls.CertRequest;
    import com.pulumi.tls.CertRequestArgs;
    import com.pulumi.tls.inputs.CertRequestSubjectArgs;
    import com.pulumi.tls.LocallySignedCert;
    import com.pulumi.tls.LocallySignedCertArgs;
    import com.pulumi.aws.iot.CaCertificate;
    import com.pulumi.aws.iot.CaCertificateArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var caPrivateKey = new PrivateKey("caPrivateKey", PrivateKeyArgs.builder()        
                .algorithm("RSA")
                .build());
    
            var ca = new SelfSignedCert("ca", SelfSignedCertArgs.builder()        
                .privateKeyPem(caPrivateKey.privateKeyPem())
                .subject(SelfSignedCertSubjectArgs.builder()
                    .commonName("example.com")
                    .organization("ACME Examples, Inc")
                    .build())
                .validityPeriodHours(12)
                .allowedUses(            
                    "key_encipherment",
                    "digital_signature",
                    "server_auth")
                .isCaCertificate(true)
                .build());
    
            var verificationPrivateKey = new PrivateKey("verificationPrivateKey", PrivateKeyArgs.builder()        
                .algorithm("RSA")
                .build());
    
            final var example = IotFunctions.getRegistrationCode();
    
            var verification = new CertRequest("verification", CertRequestArgs.builder()        
                .privateKeyPem(verificationPrivateKey.privateKeyPem())
                .subject(CertRequestSubjectArgs.builder()
                    .commonName(example.applyValue(getRegistrationCodeResult -> getRegistrationCodeResult.registrationCode()))
                    .build())
                .build());
    
            var verificationLocallySignedCert = new LocallySignedCert("verificationLocallySignedCert", LocallySignedCertArgs.builder()        
                .certRequestPem(verification.certRequestPem())
                .caPrivateKeyPem(caPrivateKey.privateKeyPem())
                .caCertPem(ca.certPem())
                .validityPeriodHours(12)
                .allowedUses(            
                    "key_encipherment",
                    "digital_signature",
                    "server_auth")
                .build());
    
            var exampleCaCertificate = new CaCertificate("exampleCaCertificate", CaCertificateArgs.builder()        
                .active(true)
                .caCertificatePem(ca.certPem())
                .verificationCertificatePem(verificationLocallySignedCert.certPem())
                .allowAutoRegistration(true)
                .build());
    
        }
    }
    
    resources:
      ca:
        type: tls:SelfSignedCert
        properties:
          privateKeyPem: ${caPrivateKey.privateKeyPem}
          subject:
            commonName: example.com
            organization: ACME Examples, Inc
          validityPeriodHours: 12
          allowedUses:
            - key_encipherment
            - digital_signature
            - server_auth
          isCaCertificate: true
      caPrivateKey:
        type: tls:PrivateKey
        name: ca
        properties:
          algorithm: RSA
      verification:
        type: tls:CertRequest
        properties:
          privateKeyPem: ${verificationPrivateKey.privateKeyPem}
          subject:
            commonName: ${example.registrationCode}
      verificationPrivateKey:
        type: tls:PrivateKey
        name: verification
        properties:
          algorithm: RSA
      verificationLocallySignedCert:
        type: tls:LocallySignedCert
        name: verification
        properties:
          certRequestPem: ${verification.certRequestPem}
          caPrivateKeyPem: ${caPrivateKey.privateKeyPem}
          caCertPem: ${ca.certPem}
          validityPeriodHours: 12
          allowedUses:
            - key_encipherment
            - digital_signature
            - server_auth
      exampleCaCertificate:
        type: aws:iot:CaCertificate
        name: example
        properties:
          active: true
          caCertificatePem: ${ca.certPem}
          verificationCertificatePem: ${verificationLocallySignedCert.certPem}
          allowAutoRegistration: true
    variables:
      example:
        fn::invoke:
          Function: aws:iot:getRegistrationCode
          Arguments: {}
    

    Create CaCertificate Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CaCertificate(name: string, args: CaCertificateArgs, opts?: CustomResourceOptions);
    @overload
    def CaCertificate(resource_name: str,
                      args: CaCertificateArgs,
                      opts: Optional[ResourceOptions] = None)
    
    @overload
    def CaCertificate(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      active: Optional[bool] = None,
                      allow_auto_registration: Optional[bool] = None,
                      ca_certificate_pem: Optional[str] = None,
                      certificate_mode: Optional[str] = None,
                      registration_config: Optional[CaCertificateRegistrationConfigArgs] = None,
                      tags: Optional[Mapping[str, str]] = None,
                      verification_certificate_pem: Optional[str] = None)
    func NewCaCertificate(ctx *Context, name string, args CaCertificateArgs, opts ...ResourceOption) (*CaCertificate, error)
    public CaCertificate(string name, CaCertificateArgs args, CustomResourceOptions? opts = null)
    public CaCertificate(String name, CaCertificateArgs args)
    public CaCertificate(String name, CaCertificateArgs args, CustomResourceOptions options)
    
    type: aws:iot:CaCertificate
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args CaCertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CaCertificateArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CaCertificateArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CaCertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CaCertificateArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var caCertificateResource = new Aws.Iot.CaCertificate("caCertificateResource", new()
    {
        Active = false,
        AllowAutoRegistration = false,
        CaCertificatePem = "string",
        CertificateMode = "string",
        RegistrationConfig = new Aws.Iot.Inputs.CaCertificateRegistrationConfigArgs
        {
            RoleArn = "string",
            TemplateBody = "string",
            TemplateName = "string",
        },
        Tags = 
        {
            { "string", "string" },
        },
        VerificationCertificatePem = "string",
    });
    
    example, err := iot.NewCaCertificate(ctx, "caCertificateResource", &iot.CaCertificateArgs{
    	Active:                pulumi.Bool(false),
    	AllowAutoRegistration: pulumi.Bool(false),
    	CaCertificatePem:      pulumi.String("string"),
    	CertificateMode:       pulumi.String("string"),
    	RegistrationConfig: &iot.CaCertificateRegistrationConfigArgs{
    		RoleArn:      pulumi.String("string"),
    		TemplateBody: pulumi.String("string"),
    		TemplateName: pulumi.String("string"),
    	},
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	VerificationCertificatePem: pulumi.String("string"),
    })
    
    var caCertificateResource = new CaCertificate("caCertificateResource", CaCertificateArgs.builder()        
        .active(false)
        .allowAutoRegistration(false)
        .caCertificatePem("string")
        .certificateMode("string")
        .registrationConfig(CaCertificateRegistrationConfigArgs.builder()
            .roleArn("string")
            .templateBody("string")
            .templateName("string")
            .build())
        .tags(Map.of("string", "string"))
        .verificationCertificatePem("string")
        .build());
    
    ca_certificate_resource = aws.iot.CaCertificate("caCertificateResource",
        active=False,
        allow_auto_registration=False,
        ca_certificate_pem="string",
        certificate_mode="string",
        registration_config=aws.iot.CaCertificateRegistrationConfigArgs(
            role_arn="string",
            template_body="string",
            template_name="string",
        ),
        tags={
            "string": "string",
        },
        verification_certificate_pem="string")
    
    const caCertificateResource = new aws.iot.CaCertificate("caCertificateResource", {
        active: false,
        allowAutoRegistration: false,
        caCertificatePem: "string",
        certificateMode: "string",
        registrationConfig: {
            roleArn: "string",
            templateBody: "string",
            templateName: "string",
        },
        tags: {
            string: "string",
        },
        verificationCertificatePem: "string",
    });
    
    type: aws:iot:CaCertificate
    properties:
        active: false
        allowAutoRegistration: false
        caCertificatePem: string
        certificateMode: string
        registrationConfig:
            roleArn: string
            templateBody: string
            templateName: string
        tags:
            string: string
        verificationCertificatePem: string
    

    CaCertificate Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CaCertificate resource accepts the following input properties:

    Active bool
    Boolean flag to indicate if the certificate should be active for device authentication.
    AllowAutoRegistration bool
    Boolean flag to indicate if the certificate should be active for device regisration.
    CaCertificatePem string
    PEM encoded CA certificate.
    CertificateMode string
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    RegistrationConfig CaCertificateRegistrationConfig
    Information about the registration configuration. See below.
    Tags Dictionary<string, string>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    VerificationCertificatePem string
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    Active bool
    Boolean flag to indicate if the certificate should be active for device authentication.
    AllowAutoRegistration bool
    Boolean flag to indicate if the certificate should be active for device regisration.
    CaCertificatePem string
    PEM encoded CA certificate.
    CertificateMode string
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    RegistrationConfig CaCertificateRegistrationConfigArgs
    Information about the registration configuration. See below.
    Tags map[string]string
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    VerificationCertificatePem string
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active Boolean
    Boolean flag to indicate if the certificate should be active for device authentication.
    allowAutoRegistration Boolean
    Boolean flag to indicate if the certificate should be active for device regisration.
    caCertificatePem String
    PEM encoded CA certificate.
    certificateMode String
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    registrationConfig CaCertificateRegistrationConfig
    Information about the registration configuration. See below.
    tags Map<String,String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    verificationCertificatePem String
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active boolean
    Boolean flag to indicate if the certificate should be active for device authentication.
    allowAutoRegistration boolean
    Boolean flag to indicate if the certificate should be active for device regisration.
    caCertificatePem string
    PEM encoded CA certificate.
    certificateMode string
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    registrationConfig CaCertificateRegistrationConfig
    Information about the registration configuration. See below.
    tags {[key: string]: string}
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    verificationCertificatePem string
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active bool
    Boolean flag to indicate if the certificate should be active for device authentication.
    allow_auto_registration bool
    Boolean flag to indicate if the certificate should be active for device regisration.
    ca_certificate_pem str
    PEM encoded CA certificate.
    certificate_mode str
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    registration_config CaCertificateRegistrationConfigArgs
    Information about the registration configuration. See below.
    tags Mapping[str, str]
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    verification_certificate_pem str
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active Boolean
    Boolean flag to indicate if the certificate should be active for device authentication.
    allowAutoRegistration Boolean
    Boolean flag to indicate if the certificate should be active for device regisration.
    caCertificatePem String
    PEM encoded CA certificate.
    certificateMode String
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    registrationConfig Property Map
    Information about the registration configuration. See below.
    tags Map<String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    verificationCertificatePem String
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CaCertificate resource produces the following output properties:

    Arn string
    The ARN of the created CA certificate.
    CustomerVersion int
    The customer version of the CA certificate.
    GenerationId string
    The generation ID of the CA certificate.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Validities List<CaCertificateValidity>
    When the CA certificate is valid.
    Arn string
    The ARN of the created CA certificate.
    CustomerVersion int
    The customer version of the CA certificate.
    GenerationId string
    The generation ID of the CA certificate.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Validities []CaCertificateValidity
    When the CA certificate is valid.
    arn String
    The ARN of the created CA certificate.
    customerVersion Integer
    The customer version of the CA certificate.
    generationId String
    The generation ID of the CA certificate.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities List<CaCertificateValidity>
    When the CA certificate is valid.
    arn string
    The ARN of the created CA certificate.
    customerVersion number
    The customer version of the CA certificate.
    generationId string
    The generation ID of the CA certificate.
    id string
    The provider-assigned unique ID for this managed resource.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities CaCertificateValidity[]
    When the CA certificate is valid.
    arn str
    The ARN of the created CA certificate.
    customer_version int
    The customer version of the CA certificate.
    generation_id str
    The generation ID of the CA certificate.
    id str
    The provider-assigned unique ID for this managed resource.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities Sequence[CaCertificateValidity]
    When the CA certificate is valid.
    arn String
    The ARN of the created CA certificate.
    customerVersion Number
    The customer version of the CA certificate.
    generationId String
    The generation ID of the CA certificate.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities List<Property Map>
    When the CA certificate is valid.

    Look up Existing CaCertificate Resource

    Get an existing CaCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CaCertificateState, opts?: CustomResourceOptions): CaCertificate
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            active: Optional[bool] = None,
            allow_auto_registration: Optional[bool] = None,
            arn: Optional[str] = None,
            ca_certificate_pem: Optional[str] = None,
            certificate_mode: Optional[str] = None,
            customer_version: Optional[int] = None,
            generation_id: Optional[str] = None,
            registration_config: Optional[CaCertificateRegistrationConfigArgs] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            validities: Optional[Sequence[CaCertificateValidityArgs]] = None,
            verification_certificate_pem: Optional[str] = None) -> CaCertificate
    func GetCaCertificate(ctx *Context, name string, id IDInput, state *CaCertificateState, opts ...ResourceOption) (*CaCertificate, error)
    public static CaCertificate Get(string name, Input<string> id, CaCertificateState? state, CustomResourceOptions? opts = null)
    public static CaCertificate get(String name, Output<String> id, CaCertificateState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Active bool
    Boolean flag to indicate if the certificate should be active for device authentication.
    AllowAutoRegistration bool
    Boolean flag to indicate if the certificate should be active for device regisration.
    Arn string
    The ARN of the created CA certificate.
    CaCertificatePem string
    PEM encoded CA certificate.
    CertificateMode string
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    CustomerVersion int
    The customer version of the CA certificate.
    GenerationId string
    The generation ID of the CA certificate.
    RegistrationConfig CaCertificateRegistrationConfig
    Information about the registration configuration. See below.
    Tags Dictionary<string, string>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Validities List<CaCertificateValidity>
    When the CA certificate is valid.
    VerificationCertificatePem string
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    Active bool
    Boolean flag to indicate if the certificate should be active for device authentication.
    AllowAutoRegistration bool
    Boolean flag to indicate if the certificate should be active for device regisration.
    Arn string
    The ARN of the created CA certificate.
    CaCertificatePem string
    PEM encoded CA certificate.
    CertificateMode string
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    CustomerVersion int
    The customer version of the CA certificate.
    GenerationId string
    The generation ID of the CA certificate.
    RegistrationConfig CaCertificateRegistrationConfigArgs
    Information about the registration configuration. See below.
    Tags map[string]string
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Validities []CaCertificateValidityArgs
    When the CA certificate is valid.
    VerificationCertificatePem string
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active Boolean
    Boolean flag to indicate if the certificate should be active for device authentication.
    allowAutoRegistration Boolean
    Boolean flag to indicate if the certificate should be active for device regisration.
    arn String
    The ARN of the created CA certificate.
    caCertificatePem String
    PEM encoded CA certificate.
    certificateMode String
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    customerVersion Integer
    The customer version of the CA certificate.
    generationId String
    The generation ID of the CA certificate.
    registrationConfig CaCertificateRegistrationConfig
    Information about the registration configuration. See below.
    tags Map<String,String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities List<CaCertificateValidity>
    When the CA certificate is valid.
    verificationCertificatePem String
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active boolean
    Boolean flag to indicate if the certificate should be active for device authentication.
    allowAutoRegistration boolean
    Boolean flag to indicate if the certificate should be active for device regisration.
    arn string
    The ARN of the created CA certificate.
    caCertificatePem string
    PEM encoded CA certificate.
    certificateMode string
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    customerVersion number
    The customer version of the CA certificate.
    generationId string
    The generation ID of the CA certificate.
    registrationConfig CaCertificateRegistrationConfig
    Information about the registration configuration. See below.
    tags {[key: string]: string}
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities CaCertificateValidity[]
    When the CA certificate is valid.
    verificationCertificatePem string
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active bool
    Boolean flag to indicate if the certificate should be active for device authentication.
    allow_auto_registration bool
    Boolean flag to indicate if the certificate should be active for device regisration.
    arn str
    The ARN of the created CA certificate.
    ca_certificate_pem str
    PEM encoded CA certificate.
    certificate_mode str
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    customer_version int
    The customer version of the CA certificate.
    generation_id str
    The generation ID of the CA certificate.
    registration_config CaCertificateRegistrationConfigArgs
    Information about the registration configuration. See below.
    tags Mapping[str, str]
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities Sequence[CaCertificateValidityArgs]
    When the CA certificate is valid.
    verification_certificate_pem str
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.
    active Boolean
    Boolean flag to indicate if the certificate should be active for device authentication.
    allowAutoRegistration Boolean
    Boolean flag to indicate if the certificate should be active for device regisration.
    arn String
    The ARN of the created CA certificate.
    caCertificatePem String
    PEM encoded CA certificate.
    certificateMode String
    The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.
    customerVersion Number
    The customer version of the CA certificate.
    generationId String
    The generation ID of the CA certificate.
    registrationConfig Property Map
    Information about the registration configuration. See below.
    tags Map<String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    validities List<Property Map>
    When the CA certificate is valid.
    verificationCertificatePem String
    PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.

    Supporting Types

    CaCertificateRegistrationConfig, CaCertificateRegistrationConfigArgs

    RoleArn string
    The ARN of the role.
    TemplateBody string
    The template body.
    TemplateName string
    The name of the provisioning template.
    RoleArn string
    The ARN of the role.
    TemplateBody string
    The template body.
    TemplateName string
    The name of the provisioning template.
    roleArn String
    The ARN of the role.
    templateBody String
    The template body.
    templateName String
    The name of the provisioning template.
    roleArn string
    The ARN of the role.
    templateBody string
    The template body.
    templateName string
    The name of the provisioning template.
    role_arn str
    The ARN of the role.
    template_body str
    The template body.
    template_name str
    The name of the provisioning template.
    roleArn String
    The ARN of the role.
    templateBody String
    The template body.
    templateName String
    The name of the provisioning template.

    CaCertificateValidity, CaCertificateValidityArgs

    NotAfter string
    The certificate is not valid after this date.
    NotBefore string
    The certificate is not valid before this date.
    NotAfter string
    The certificate is not valid after this date.
    NotBefore string
    The certificate is not valid before this date.
    notAfter String
    The certificate is not valid after this date.
    notBefore String
    The certificate is not valid before this date.
    notAfter string
    The certificate is not valid after this date.
    notBefore string
    The certificate is not valid before this date.
    not_after str
    The certificate is not valid after this date.
    not_before str
    The certificate is not valid before this date.
    notAfter String
    The certificate is not valid after this date.
    notBefore String
    The certificate is not valid before this date.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi