Docs Home
We recommend using Azure Native.
Azure v6.23.0 published on Thursday, May 22, 2025 by Pulumi
azure.apimanagement.CustomDomain
Explore with Pulumi AI
Manages a API Management Custom Domain.
Disclaimers
Note: It’s possible to define Custom Domains both within the
azure.apimanagement.Serviceresource via thehostname_configurationsblock and by using this resource. However it’s not possible to use both methods to manage Custom Domains within an API Management Service, since there will be conflicts.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const example = azure.keyvault.getKeyVault({
name: "mykeyvault",
resourceGroupName: "some-resource-group",
});
const exampleService = new azure.apimanagement.Service("example", {
name: "example-apim",
location: exampleResourceGroup.location,
resourceGroupName: exampleResourceGroup.name,
publisherName: "pub1",
publisherEmail: "pub1@email.com",
skuName: "Developer_1",
});
const exampleCertificate = new azure.keyvault.Certificate("example", {
name: "example-certificate",
keyVaultId: example.then(example => example.id),
certificatePolicy: {
issuerParameters: {
name: "Self",
},
keyProperties: {
exportable: true,
keySize: 2048,
keyType: "RSA",
reuseKey: true,
},
lifetimeActions: [{
action: {
actionType: "AutoRenew",
},
trigger: {
daysBeforeExpiry: 30,
},
}],
secretProperties: {
contentType: "application/x-pkcs12",
},
x509CertificateProperties: {
keyUsages: [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
],
subject: "CN=api.example.com",
validityInMonths: 12,
subjectAlternativeNames: {
dnsNames: [
"api.example.com",
"portal.example.com",
],
},
},
},
});
const exampleCustomDomain = new azure.apimanagement.CustomDomain("example", {
apiManagementId: exampleService.id,
gateways: [{
hostName: "api.example.com",
keyVaultId: exampleCertificate.versionlessSecretId,
}],
developerPortals: [{
hostName: "portal.example.com",
keyVaultId: exampleCertificate.versionlessSecretId,
}],
});
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example = azure.keyvault.get_key_vault(name="mykeyvault",
resource_group_name="some-resource-group")
example_service = azure.apimanagement.Service("example",
name="example-apim",
location=example_resource_group.location,
resource_group_name=example_resource_group.name,
publisher_name="pub1",
publisher_email="pub1@email.com",
sku_name="Developer_1")
example_certificate = azure.keyvault.Certificate("example",
name="example-certificate",
key_vault_id=example.id,
certificate_policy={
"issuer_parameters": {
"name": "Self",
},
"key_properties": {
"exportable": True,
"key_size": 2048,
"key_type": "RSA",
"reuse_key": True,
},
"lifetime_actions": [{
"action": {
"action_type": "AutoRenew",
},
"trigger": {
"days_before_expiry": 30,
},
}],
"secret_properties": {
"content_type": "application/x-pkcs12",
},
"x509_certificate_properties": {
"key_usages": [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
],
"subject": "CN=api.example.com",
"validity_in_months": 12,
"subject_alternative_names": {
"dns_names": [
"api.example.com",
"portal.example.com",
],
},
},
})
example_custom_domain = azure.apimanagement.CustomDomain("example",
api_management_id=example_service.id,
gateways=[{
"host_name": "api.example.com",
"key_vault_id": example_certificate.versionless_secret_id,
}],
developer_portals=[{
"host_name": "portal.example.com",
"key_vault_id": example_certificate.versionless_secret_id,
}])
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/apimanagement"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
example, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
Name: "mykeyvault",
ResourceGroupName: "some-resource-group",
}, nil)
if err != nil {
return err
}
exampleService, err := apimanagement.NewService(ctx, "example", &apimanagement.ServiceArgs{
Name: pulumi.String("example-apim"),
Location: exampleResourceGroup.Location,
ResourceGroupName: exampleResourceGroup.Name,
PublisherName: pulumi.String("pub1"),
PublisherEmail: pulumi.String("pub1@email.com"),
SkuName: pulumi.String("Developer_1"),
})
if err != nil {
return err
}
exampleCertificate, err := keyvault.NewCertificate(ctx, "example", &keyvault.CertificateArgs{
Name: pulumi.String("example-certificate"),
KeyVaultId: pulumi.String(example.Id),
CertificatePolicy: &keyvault.CertificateCertificatePolicyArgs{
IssuerParameters: &keyvault.CertificateCertificatePolicyIssuerParametersArgs{
Name: pulumi.String("Self"),
},
KeyProperties: &keyvault.CertificateCertificatePolicyKeyPropertiesArgs{
Exportable: pulumi.Bool(true),
KeySize: pulumi.Int(2048),
KeyType: pulumi.String("RSA"),
ReuseKey: pulumi.Bool(true),
},
LifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{
&keyvault.CertificateCertificatePolicyLifetimeActionArgs{
Action: &keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{
ActionType: pulumi.String("AutoRenew"),
},
Trigger: &keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{
DaysBeforeExpiry: pulumi.Int(30),
},
},
},
SecretProperties: &keyvault.CertificateCertificatePolicySecretPropertiesArgs{
ContentType: pulumi.String("application/x-pkcs12"),
},
X509CertificateProperties: &keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{
KeyUsages: pulumi.StringArray{
pulumi.String("cRLSign"),
pulumi.String("dataEncipherment"),
pulumi.String("digitalSignature"),
pulumi.String("keyAgreement"),
pulumi.String("keyCertSign"),
pulumi.String("keyEncipherment"),
},
Subject: pulumi.String("CN=api.example.com"),
ValidityInMonths: pulumi.Int(12),
SubjectAlternativeNames: &keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{
DnsNames: pulumi.StringArray{
pulumi.String("api.example.com"),
pulumi.String("portal.example.com"),
},
},
},
},
})
if err != nil {
return err
}
_, err = apimanagement.NewCustomDomain(ctx, "example", &apimanagement.CustomDomainArgs{
ApiManagementId: exampleService.ID(),
Gateways: apimanagement.CustomDomainGatewayArray{
&apimanagement.CustomDomainGatewayArgs{
HostName: pulumi.String("api.example.com"),
KeyVaultId: exampleCertificate.VersionlessSecretId,
},
},
DeveloperPortals: apimanagement.CustomDomainDeveloperPortalArray{
&apimanagement.CustomDomainDeveloperPortalArgs{
HostName: pulumi.String("portal.example.com"),
KeyVaultId: exampleCertificate.VersionlessSecretId,
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var example = Azure.KeyVault.GetKeyVault.Invoke(new()
{
Name = "mykeyvault",
ResourceGroupName = "some-resource-group",
});
var exampleService = new Azure.ApiManagement.Service("example", new()
{
Name = "example-apim",
Location = exampleResourceGroup.Location,
ResourceGroupName = exampleResourceGroup.Name,
PublisherName = "pub1",
PublisherEmail = "pub1@email.com",
SkuName = "Developer_1",
});
var exampleCertificate = new Azure.KeyVault.Certificate("example", new()
{
Name = "example-certificate",
KeyVaultId = example.Apply(getKeyVaultResult => getKeyVaultResult.Id),
CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs
{
IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs
{
Name = "Self",
},
KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs
{
Exportable = true,
KeySize = 2048,
KeyType = "RSA",
ReuseKey = true,
},
LifetimeActions = new[]
{
new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs
{
Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs
{
ActionType = "AutoRenew",
},
Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs
{
DaysBeforeExpiry = 30,
},
},
},
SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs
{
ContentType = "application/x-pkcs12",
},
X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs
{
KeyUsages = new[]
{
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
},
Subject = "CN=api.example.com",
ValidityInMonths = 12,
SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs
{
DnsNames = new[]
{
"api.example.com",
"portal.example.com",
},
},
},
},
});
var exampleCustomDomain = new Azure.ApiManagement.CustomDomain("example", new()
{
ApiManagementId = exampleService.Id,
Gateways = new[]
{
new Azure.ApiManagement.Inputs.CustomDomainGatewayArgs
{
HostName = "api.example.com",
KeyVaultId = exampleCertificate.VersionlessSecretId,
},
},
DeveloperPortals = new[]
{
new Azure.ApiManagement.Inputs.CustomDomainDeveloperPortalArgs
{
HostName = "portal.example.com",
KeyVaultId = exampleCertificate.VersionlessSecretId,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;
import com.pulumi.azure.apimanagement.Service;
import com.pulumi.azure.apimanagement.ServiceArgs;
import com.pulumi.azure.keyvault.Certificate;
import com.pulumi.azure.keyvault.CertificateArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;
import com.pulumi.azure.apimanagement.CustomDomain;
import com.pulumi.azure.apimanagement.CustomDomainArgs;
import com.pulumi.azure.apimanagement.inputs.CustomDomainGatewayArgs;
import com.pulumi.azure.apimanagement.inputs.CustomDomainDeveloperPortalArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
final var example = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
.name("mykeyvault")
.resourceGroupName("some-resource-group")
.build());
var exampleService = new Service("exampleService", ServiceArgs.builder()
.name("example-apim")
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.publisherName("pub1")
.publisherEmail("pub1@email.com")
.skuName("Developer_1")
.build());
var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder()
.name("example-certificate")
.keyVaultId(example.id())
.certificatePolicy(CertificateCertificatePolicyArgs.builder()
.issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()
.name("Self")
.build())
.keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()
.exportable(true)
.keySize(2048)
.keyType("RSA")
.reuseKey(true)
.build())
.lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()
.action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()
.actionType("AutoRenew")
.build())
.trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()
.daysBeforeExpiry(30)
.build())
.build())
.secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()
.contentType("application/x-pkcs12")
.build())
.x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()
.keyUsages(
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment")
.subject("CN=api.example.com")
.validityInMonths(12)
.subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()
.dnsNames(
"api.example.com",
"portal.example.com")
.build())
.build())
.build())
.build());
var exampleCustomDomain = new CustomDomain("exampleCustomDomain", CustomDomainArgs.builder()
.apiManagementId(exampleService.id())
.gateways(CustomDomainGatewayArgs.builder()
.hostName("api.example.com")
.keyVaultId(exampleCertificate.versionlessSecretId())
.build())
.developerPortals(CustomDomainDeveloperPortalArgs.builder()
.hostName("portal.example.com")
.keyVaultId(exampleCertificate.versionlessSecretId())
.build())
.build());
}
}
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
name: example
properties:
name: example-resources
location: West Europe
exampleService:
type: azure:apimanagement:Service
name: example
properties:
name: example-apim
location: ${exampleResourceGroup.location}
resourceGroupName: ${exampleResourceGroup.name}
publisherName: pub1
publisherEmail: pub1@email.com
skuName: Developer_1
exampleCertificate:
type: azure:keyvault:Certificate
name: example
properties:
name: example-certificate
keyVaultId: ${example.id}
certificatePolicy:
issuerParameters:
name: Self
keyProperties:
exportable: true
keySize: 2048
keyType: RSA
reuseKey: true
lifetimeActions:
- action:
actionType: AutoRenew
trigger:
daysBeforeExpiry: 30
secretProperties:
contentType: application/x-pkcs12
x509CertificateProperties:
keyUsages:
- cRLSign
- dataEncipherment
- digitalSignature
- keyAgreement
- keyCertSign
- keyEncipherment
subject: CN=api.example.com
validityInMonths: 12
subjectAlternativeNames:
dnsNames:
- api.example.com
- portal.example.com
exampleCustomDomain:
type: azure:apimanagement:CustomDomain
name: example
properties:
apiManagementId: ${exampleService.id}
gateways:
- hostName: api.example.com
keyVaultId: ${exampleCertificate.versionlessSecretId}
developerPortals:
- hostName: portal.example.com
keyVaultId: ${exampleCertificate.versionlessSecretId}
variables:
example:
fn::invoke:
function: azure:keyvault:getKeyVault
arguments:
name: mykeyvault
resourceGroupName: some-resource-group
Create CustomDomain Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CustomDomain(name: string, args: CustomDomainArgs, opts?: CustomResourceOptions);@overload
def CustomDomain(resource_name: str,
args: CustomDomainArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CustomDomain(resource_name: str,
opts: Optional[ResourceOptions] = None,
api_management_id: Optional[str] = None,
developer_portals: Optional[Sequence[CustomDomainDeveloperPortalArgs]] = None,
gateways: Optional[Sequence[CustomDomainGatewayArgs]] = None,
managements: Optional[Sequence[CustomDomainManagementArgs]] = None,
portals: Optional[Sequence[CustomDomainPortalArgs]] = None,
scms: Optional[Sequence[CustomDomainScmArgs]] = None)func NewCustomDomain(ctx *Context, name string, args CustomDomainArgs, opts ...ResourceOption) (*CustomDomain, error)public CustomDomain(string name, CustomDomainArgs args, CustomResourceOptions? opts = null)
public CustomDomain(String name, CustomDomainArgs args)
public CustomDomain(String name, CustomDomainArgs args, CustomResourceOptions options)
type: azure:apimanagement:CustomDomain
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CustomDomainArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CustomDomainArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CustomDomainArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CustomDomainArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CustomDomainArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var customDomainResource = new Azure.ApiManagement.CustomDomain("customDomainResource", new()
{
ApiManagementId = "string",
DeveloperPortals = new[]
{
new Azure.ApiManagement.Inputs.CustomDomainDeveloperPortalArgs
{
HostName = "string",
Certificate = "string",
CertificatePassword = "string",
CertificateSource = "string",
CertificateStatus = "string",
Expiry = "string",
KeyVaultCertificateId = "string",
NegotiateClientCertificate = false,
SslKeyvaultIdentityClientId = "string",
Subject = "string",
Thumbprint = "string",
},
},
Gateways = new[]
{
new Azure.ApiManagement.Inputs.CustomDomainGatewayArgs
{
HostName = "string",
CertificateStatus = "string",
CertificateSource = "string",
Certificate = "string",
DefaultSslBinding = false,
Expiry = "string",
CertificatePassword = "string",
KeyVaultCertificateId = "string",
NegotiateClientCertificate = false,
SslKeyvaultIdentityClientId = "string",
Subject = "string",
Thumbprint = "string",
},
},
Managements = new[]
{
new Azure.ApiManagement.Inputs.CustomDomainManagementArgs
{
HostName = "string",
Certificate = "string",
CertificatePassword = "string",
CertificateSource = "string",
CertificateStatus = "string",
Expiry = "string",
KeyVaultCertificateId = "string",
NegotiateClientCertificate = false,
SslKeyvaultIdentityClientId = "string",
Subject = "string",
Thumbprint = "string",
},
},
Portals = new[]
{
new Azure.ApiManagement.Inputs.CustomDomainPortalArgs
{
HostName = "string",
Certificate = "string",
CertificatePassword = "string",
CertificateSource = "string",
CertificateStatus = "string",
Expiry = "string",
KeyVaultCertificateId = "string",
NegotiateClientCertificate = false,
SslKeyvaultIdentityClientId = "string",
Subject = "string",
Thumbprint = "string",
},
},
Scms = new[]
{
new Azure.ApiManagement.Inputs.CustomDomainScmArgs
{
HostName = "string",
Certificate = "string",
CertificatePassword = "string",
CertificateSource = "string",
CertificateStatus = "string",
Expiry = "string",
KeyVaultCertificateId = "string",
NegotiateClientCertificate = false,
SslKeyvaultIdentityClientId = "string",
Subject = "string",
Thumbprint = "string",
},
},
});
example, err := apimanagement.NewCustomDomain(ctx, "customDomainResource", &apimanagement.CustomDomainArgs{
ApiManagementId: pulumi.String("string"),
DeveloperPortals: apimanagement.CustomDomainDeveloperPortalArray{
&apimanagement.CustomDomainDeveloperPortalArgs{
HostName: pulumi.String("string"),
Certificate: pulumi.String("string"),
CertificatePassword: pulumi.String("string"),
CertificateSource: pulumi.String("string"),
CertificateStatus: pulumi.String("string"),
Expiry: pulumi.String("string"),
KeyVaultCertificateId: pulumi.String("string"),
NegotiateClientCertificate: pulumi.Bool(false),
SslKeyvaultIdentityClientId: pulumi.String("string"),
Subject: pulumi.String("string"),
Thumbprint: pulumi.String("string"),
},
},
Gateways: apimanagement.CustomDomainGatewayArray{
&apimanagement.CustomDomainGatewayArgs{
HostName: pulumi.String("string"),
CertificateStatus: pulumi.String("string"),
CertificateSource: pulumi.String("string"),
Certificate: pulumi.String("string"),
DefaultSslBinding: pulumi.Bool(false),
Expiry: pulumi.String("string"),
CertificatePassword: pulumi.String("string"),
KeyVaultCertificateId: pulumi.String("string"),
NegotiateClientCertificate: pulumi.Bool(false),
SslKeyvaultIdentityClientId: pulumi.String("string"),
Subject: pulumi.String("string"),
Thumbprint: pulumi.String("string"),
},
},
Managements: apimanagement.CustomDomainManagementArray{
&apimanagement.CustomDomainManagementArgs{
HostName: pulumi.String("string"),
Certificate: pulumi.String("string"),
CertificatePassword: pulumi.String("string"),
CertificateSource: pulumi.String("string"),
CertificateStatus: pulumi.String("string"),
Expiry: pulumi.String("string"),
KeyVaultCertificateId: pulumi.String("string"),
NegotiateClientCertificate: pulumi.Bool(false),
SslKeyvaultIdentityClientId: pulumi.String("string"),
Subject: pulumi.String("string"),
Thumbprint: pulumi.String("string"),
},
},
Portals: apimanagement.CustomDomainPortalArray{
&apimanagement.CustomDomainPortalArgs{
HostName: pulumi.String("string"),
Certificate: pulumi.String("string"),
CertificatePassword: pulumi.String("string"),
CertificateSource: pulumi.String("string"),
CertificateStatus: pulumi.String("string"),
Expiry: pulumi.String("string"),
KeyVaultCertificateId: pulumi.String("string"),
NegotiateClientCertificate: pulumi.Bool(false),
SslKeyvaultIdentityClientId: pulumi.String("string"),
Subject: pulumi.String("string"),
Thumbprint: pulumi.String("string"),
},
},
Scms: apimanagement.CustomDomainScmArray{
&apimanagement.CustomDomainScmArgs{
HostName: pulumi.String("string"),
Certificate: pulumi.String("string"),
CertificatePassword: pulumi.String("string"),
CertificateSource: pulumi.String("string"),
CertificateStatus: pulumi.String("string"),
Expiry: pulumi.String("string"),
KeyVaultCertificateId: pulumi.String("string"),
NegotiateClientCertificate: pulumi.Bool(false),
SslKeyvaultIdentityClientId: pulumi.String("string"),
Subject: pulumi.String("string"),
Thumbprint: pulumi.String("string"),
},
},
})
var customDomainResource = new com.pulumi.azure.apimanagement.CustomDomain("customDomainResource", com.pulumi.azure.apimanagement.CustomDomainArgs.builder()
.apiManagementId("string")
.developerPortals(CustomDomainDeveloperPortalArgs.builder()
.hostName("string")
.certificate("string")
.certificatePassword("string")
.certificateSource("string")
.certificateStatus("string")
.expiry("string")
.keyVaultCertificateId("string")
.negotiateClientCertificate(false)
.sslKeyvaultIdentityClientId("string")
.subject("string")
.thumbprint("string")
.build())
.gateways(CustomDomainGatewayArgs.builder()
.hostName("string")
.certificateStatus("string")
.certificateSource("string")
.certificate("string")
.defaultSslBinding(false)
.expiry("string")
.certificatePassword("string")
.keyVaultCertificateId("string")
.negotiateClientCertificate(false)
.sslKeyvaultIdentityClientId("string")
.subject("string")
.thumbprint("string")
.build())
.managements(CustomDomainManagementArgs.builder()
.hostName("string")
.certificate("string")
.certificatePassword("string")
.certificateSource("string")
.certificateStatus("string")
.expiry("string")
.keyVaultCertificateId("string")
.negotiateClientCertificate(false)
.sslKeyvaultIdentityClientId("string")
.subject("string")
.thumbprint("string")
.build())
.portals(CustomDomainPortalArgs.builder()
.hostName("string")
.certificate("string")
.certificatePassword("string")
.certificateSource("string")
.certificateStatus("string")
.expiry("string")
.keyVaultCertificateId("string")
.negotiateClientCertificate(false)
.sslKeyvaultIdentityClientId("string")
.subject("string")
.thumbprint("string")
.build())
.scms(CustomDomainScmArgs.builder()
.hostName("string")
.certificate("string")
.certificatePassword("string")
.certificateSource("string")
.certificateStatus("string")
.expiry("string")
.keyVaultCertificateId("string")
.negotiateClientCertificate(false)
.sslKeyvaultIdentityClientId("string")
.subject("string")
.thumbprint("string")
.build())
.build());
custom_domain_resource = azure.apimanagement.CustomDomain("customDomainResource",
api_management_id="string",
developer_portals=[{
"host_name": "string",
"certificate": "string",
"certificate_password": "string",
"certificate_source": "string",
"certificate_status": "string",
"expiry": "string",
"key_vault_certificate_id": "string",
"negotiate_client_certificate": False,
"ssl_keyvault_identity_client_id": "string",
"subject": "string",
"thumbprint": "string",
}],
gateways=[{
"host_name": "string",
"certificate_status": "string",
"certificate_source": "string",
"certificate": "string",
"default_ssl_binding": False,
"expiry": "string",
"certificate_password": "string",
"key_vault_certificate_id": "string",
"negotiate_client_certificate": False,
"ssl_keyvault_identity_client_id": "string",
"subject": "string",
"thumbprint": "string",
}],
managements=[{
"host_name": "string",
"certificate": "string",
"certificate_password": "string",
"certificate_source": "string",
"certificate_status": "string",
"expiry": "string",
"key_vault_certificate_id": "string",
"negotiate_client_certificate": False,
"ssl_keyvault_identity_client_id": "string",
"subject": "string",
"thumbprint": "string",
}],
portals=[{
"host_name": "string",
"certificate": "string",
"certificate_password": "string",
"certificate_source": "string",
"certificate_status": "string",
"expiry": "string",
"key_vault_certificate_id": "string",
"negotiate_client_certificate": False,
"ssl_keyvault_identity_client_id": "string",
"subject": "string",
"thumbprint": "string",
}],
scms=[{
"host_name": "string",
"certificate": "string",
"certificate_password": "string",
"certificate_source": "string",
"certificate_status": "string",
"expiry": "string",
"key_vault_certificate_id": "string",
"negotiate_client_certificate": False,
"ssl_keyvault_identity_client_id": "string",
"subject": "string",
"thumbprint": "string",
}])
const customDomainResource = new azure.apimanagement.CustomDomain("customDomainResource", {
apiManagementId: "string",
developerPortals: [{
hostName: "string",
certificate: "string",
certificatePassword: "string",
certificateSource: "string",
certificateStatus: "string",
expiry: "string",
keyVaultCertificateId: "string",
negotiateClientCertificate: false,
sslKeyvaultIdentityClientId: "string",
subject: "string",
thumbprint: "string",
}],
gateways: [{
hostName: "string",
certificateStatus: "string",
certificateSource: "string",
certificate: "string",
defaultSslBinding: false,
expiry: "string",
certificatePassword: "string",
keyVaultCertificateId: "string",
negotiateClientCertificate: false,
sslKeyvaultIdentityClientId: "string",
subject: "string",
thumbprint: "string",
}],
managements: [{
hostName: "string",
certificate: "string",
certificatePassword: "string",
certificateSource: "string",
certificateStatus: "string",
expiry: "string",
keyVaultCertificateId: "string",
negotiateClientCertificate: false,
sslKeyvaultIdentityClientId: "string",
subject: "string",
thumbprint: "string",
}],
portals: [{
hostName: "string",
certificate: "string",
certificatePassword: "string",
certificateSource: "string",
certificateStatus: "string",
expiry: "string",
keyVaultCertificateId: "string",
negotiateClientCertificate: false,
sslKeyvaultIdentityClientId: "string",
subject: "string",
thumbprint: "string",
}],
scms: [{
hostName: "string",
certificate: "string",
certificatePassword: "string",
certificateSource: "string",
certificateStatus: "string",
expiry: "string",
keyVaultCertificateId: "string",
negotiateClientCertificate: false,
sslKeyvaultIdentityClientId: "string",
subject: "string",
thumbprint: "string",
}],
});
type: azure:apimanagement:CustomDomain
properties:
apiManagementId: string
developerPortals:
- certificate: string
certificatePassword: string
certificateSource: string
certificateStatus: string
expiry: string
hostName: string
keyVaultCertificateId: string
negotiateClientCertificate: false
sslKeyvaultIdentityClientId: string
subject: string
thumbprint: string
gateways:
- certificate: string
certificatePassword: string
certificateSource: string
certificateStatus: string
defaultSslBinding: false
expiry: string
hostName: string
keyVaultCertificateId: string
negotiateClientCertificate: false
sslKeyvaultIdentityClientId: string
subject: string
thumbprint: string
managements:
- certificate: string
certificatePassword: string
certificateSource: string
certificateStatus: string
expiry: string
hostName: string
keyVaultCertificateId: string
negotiateClientCertificate: false
sslKeyvaultIdentityClientId: string
subject: string
thumbprint: string
portals:
- certificate: string
certificatePassword: string
certificateSource: string
certificateStatus: string
expiry: string
hostName: string
keyVaultCertificateId: string
negotiateClientCertificate: false
sslKeyvaultIdentityClientId: string
subject: string
thumbprint: string
scms:
- certificate: string
certificatePassword: string
certificateSource: string
certificateStatus: string
expiry: string
hostName: string
keyVaultCertificateId: string
negotiateClientCertificate: false
sslKeyvaultIdentityClientId: string
subject: string
thumbprint: string
CustomDomain Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CustomDomain resource accepts the following input properties:
- Api
Management stringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- Developer
Portals List<CustomDomain Developer Portal> - One or more
developer_portalblocks as defined below. - Gateways
List<Custom
Domain Gateway> - One or more
gatewayblocks as defined below. - Managements
List<Custom
Domain Management> - One or more
managementblocks as defined below. - Portals
List<Custom
Domain Portal> - One or more
portalblocks as defined below. - Scms
List<Custom
Domain Scm> - One or more
scmblocks as defined below.
- Api
Management stringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- Developer
Portals []CustomDomain Developer Portal Args - One or more
developer_portalblocks as defined below. - Gateways
[]Custom
Domain Gateway Args - One or more
gatewayblocks as defined below. - Managements
[]Custom
Domain Management Args - One or more
managementblocks as defined below. - Portals
[]Custom
Domain Portal Args - One or more
portalblocks as defined below. - Scms
[]Custom
Domain Scm Args - One or more
scmblocks as defined below.
- api
Management StringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer
Portals List<CustomDomain Developer Portal> - One or more
developer_portalblocks as defined below. - gateways
List<Custom
Domain Gateway> - One or more
gatewayblocks as defined below. - managements
List<Custom
Domain Management> - One or more
managementblocks as defined below. - portals
List<Custom
Domain Portal> - One or more
portalblocks as defined below. - scms
List<Custom
Domain Scm> - One or more
scmblocks as defined below.
- api
Management stringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer
Portals CustomDomain Developer Portal[] - One or more
developer_portalblocks as defined below. - gateways
Custom
Domain Gateway[] - One or more
gatewayblocks as defined below. - managements
Custom
Domain Management[] - One or more
managementblocks as defined below. - portals
Custom
Domain Portal[] - One or more
portalblocks as defined below. - scms
Custom
Domain Scm[] - One or more
scmblocks as defined below.
- api_
management_ strid - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer_
portals Sequence[CustomDomain Developer Portal Args] - One or more
developer_portalblocks as defined below. - gateways
Sequence[Custom
Domain Gateway Args] - One or more
gatewayblocks as defined below. - managements
Sequence[Custom
Domain Management Args] - One or more
managementblocks as defined below. - portals
Sequence[Custom
Domain Portal Args] - One or more
portalblocks as defined below. - scms
Sequence[Custom
Domain Scm Args] - One or more
scmblocks as defined below.
- api
Management StringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer
Portals List<Property Map> - One or more
developer_portalblocks as defined below. - gateways List<Property Map>
- One or more
gatewayblocks as defined below. - managements List<Property Map>
- One or more
managementblocks as defined below. - portals List<Property Map>
- One or more
portalblocks as defined below. - scms List<Property Map>
- One or more
scmblocks as defined below.
Outputs
All input properties are implicitly available as output properties. Additionally, the CustomDomain resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CustomDomain Resource
Get an existing CustomDomain resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CustomDomainState, opts?: CustomResourceOptions): CustomDomain@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
api_management_id: Optional[str] = None,
developer_portals: Optional[Sequence[CustomDomainDeveloperPortalArgs]] = None,
gateways: Optional[Sequence[CustomDomainGatewayArgs]] = None,
managements: Optional[Sequence[CustomDomainManagementArgs]] = None,
portals: Optional[Sequence[CustomDomainPortalArgs]] = None,
scms: Optional[Sequence[CustomDomainScmArgs]] = None) -> CustomDomainfunc GetCustomDomain(ctx *Context, name string, id IDInput, state *CustomDomainState, opts ...ResourceOption) (*CustomDomain, error)public static CustomDomain Get(string name, Input<string> id, CustomDomainState? state, CustomResourceOptions? opts = null)public static CustomDomain get(String name, Output<String> id, CustomDomainState state, CustomResourceOptions options)resources: _: type: azure:apimanagement:CustomDomain get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Api
Management stringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- Developer
Portals List<CustomDomain Developer Portal> - One or more
developer_portalblocks as defined below. - Gateways
List<Custom
Domain Gateway> - One or more
gatewayblocks as defined below. - Managements
List<Custom
Domain Management> - One or more
managementblocks as defined below. - Portals
List<Custom
Domain Portal> - One or more
portalblocks as defined below. - Scms
List<Custom
Domain Scm> - One or more
scmblocks as defined below.
- Api
Management stringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- Developer
Portals []CustomDomain Developer Portal Args - One or more
developer_portalblocks as defined below. - Gateways
[]Custom
Domain Gateway Args - One or more
gatewayblocks as defined below. - Managements
[]Custom
Domain Management Args - One or more
managementblocks as defined below. - Portals
[]Custom
Domain Portal Args - One or more
portalblocks as defined below. - Scms
[]Custom
Domain Scm Args - One or more
scmblocks as defined below.
- api
Management StringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer
Portals List<CustomDomain Developer Portal> - One or more
developer_portalblocks as defined below. - gateways
List<Custom
Domain Gateway> - One or more
gatewayblocks as defined below. - managements
List<Custom
Domain Management> - One or more
managementblocks as defined below. - portals
List<Custom
Domain Portal> - One or more
portalblocks as defined below. - scms
List<Custom
Domain Scm> - One or more
scmblocks as defined below.
- api
Management stringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer
Portals CustomDomain Developer Portal[] - One or more
developer_portalblocks as defined below. - gateways
Custom
Domain Gateway[] - One or more
gatewayblocks as defined below. - managements
Custom
Domain Management[] - One or more
managementblocks as defined below. - portals
Custom
Domain Portal[] - One or more
portalblocks as defined below. - scms
Custom
Domain Scm[] - One or more
scmblocks as defined below.
- api_
management_ strid - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer_
portals Sequence[CustomDomain Developer Portal Args] - One or more
developer_portalblocks as defined below. - gateways
Sequence[Custom
Domain Gateway Args] - One or more
gatewayblocks as defined below. - managements
Sequence[Custom
Domain Management Args] - One or more
managementblocks as defined below. - portals
Sequence[Custom
Domain Portal Args] - One or more
portalblocks as defined below. - scms
Sequence[Custom
Domain Scm Args] - One or more
scmblocks as defined below.
- api
Management StringId - The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
- developer
Portals List<Property Map> - One or more
developer_portalblocks as defined below. - gateways List<Property Map>
- One or more
gatewayblocks as defined below. - managements List<Property Map>
- One or more
managementblocks as defined below. - portals List<Property Map>
- One or more
portalblocks as defined below. - scms List<Property Map>
- One or more
scmblocks as defined below.
Supporting Types
CustomDomainDeveloperPortal, CustomDomainDeveloperPortalArgs
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
- host
Name string - The Hostname to use for the corresponding endpoint.
- certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password string - The password associated with the certificate provided above.
- certificate
Source string - certificate
Status string - expiry string
- key
Vault stringCertificate Id - key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client booleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject string
- thumbprint string
- host_
name str - The Hostname to use for the corresponding endpoint.
- certificate str
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate_
password str - The password associated with the certificate provided above.
- certificate_
source str - certificate_
status str - expiry str
- key_
vault_ strcertificate_ id - key_
vault_ strid - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate_
client_ boolcertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl_
keyvault_ stridentity_ client_ id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject str
- thumbprint str
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
CustomDomainGateway, CustomDomainGatewayArgs
- Host
Name string - The Hostname to use for the API Proxy Endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Default
Ssl boolBinding - Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to
false. - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- Host
Name string - The Hostname to use for the API Proxy Endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Default
Ssl boolBinding - Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to
false. - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- host
Name String - The Hostname to use for the API Proxy Endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - default
Ssl BooleanBinding - Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to
false. - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
- host
Name string - The Hostname to use for the API Proxy Endpoint.
- certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password string - The password associated with the certificate provided above.
- certificate
Source string - certificate
Status string - default
Ssl booleanBinding - Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to
false. - expiry string
- key
Vault stringCertificate Id - key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client booleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject string
- thumbprint string
- host_
name str - The Hostname to use for the API Proxy Endpoint.
- certificate str
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate_
password str - The password associated with the certificate provided above.
- certificate_
source str - certificate_
status str - default_
ssl_ boolbinding - Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to
false. - expiry str
- key_
vault_ strcertificate_ id - key_
vault_ strid - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate_
client_ boolcertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl_
keyvault_ stridentity_ client_ id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject str
- thumbprint str
- host
Name String - The Hostname to use for the API Proxy Endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - default
Ssl BooleanBinding - Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to
false. - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
CustomDomainManagement, CustomDomainManagementArgs
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
- host
Name string - The Hostname to use for the corresponding endpoint.
- certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password string - The password associated with the certificate provided above.
- certificate
Source string - certificate
Status string - expiry string
- key
Vault stringCertificate Id - key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client booleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject string
- thumbprint string
- host_
name str - The Hostname to use for the corresponding endpoint.
- certificate str
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate_
password str - The password associated with the certificate provided above.
- certificate_
source str - certificate_
status str - expiry str
- key_
vault_ strcertificate_ id - key_
vault_ strid - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate_
client_ boolcertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl_
keyvault_ stridentity_ client_ id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject str
- thumbprint str
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
CustomDomainPortal, CustomDomainPortalArgs
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
- host
Name string - The Hostname to use for the corresponding endpoint.
- certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password string - The password associated with the certificate provided above.
- certificate
Source string - certificate
Status string - expiry string
- key
Vault stringCertificate Id - key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client booleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject string
- thumbprint string
- host_
name str - The Hostname to use for the corresponding endpoint.
- certificate str
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate_
password str - The password associated with the certificate provided above.
- certificate_
source str - certificate_
status str - expiry str
- key_
vault_ strcertificate_ id - key_
vault_ strid - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate_
client_ boolcertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl_
keyvault_ stridentity_ client_ id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject str
- thumbprint str
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
CustomDomainScm, CustomDomainScmArgs
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- Host
Name string - The Hostname to use for the corresponding endpoint.
- Certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - Certificate
Password string - The password associated with the certificate provided above.
- Certificate
Source string - Certificate
Status string - Expiry string
- Key
Vault stringCertificate Id - Key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- Negotiate
Client boolCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - Ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- Subject string
- Thumbprint string
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
- host
Name string - The Hostname to use for the corresponding endpoint.
- certificate string
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password string - The password associated with the certificate provided above.
- certificate
Source string - certificate
Status string - expiry string
- key
Vault stringCertificate Id - key
Vault stringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client booleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault stringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject string
- thumbprint string
- host_
name str - The Hostname to use for the corresponding endpoint.
- certificate str
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate_
password str - The password associated with the certificate provided above.
- certificate_
source str - certificate_
status str - expiry str
- key_
vault_ strcertificate_ id - key_
vault_ strid - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate_
client_ boolcertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl_
keyvault_ stridentity_ client_ id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject str
- thumbprint str
- host
Name String - The Hostname to use for the corresponding endpoint.
- certificate String
- The Base64 Encoded Certificate. (Mutually exclusive with
key_vault_id.) - certificate
Password String - The password associated with the certificate provided above.
- certificate
Source String - certificate
Status String - expiry String
- key
Vault StringCertificate Id - key
Vault StringId - The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
- negotiate
Client BooleanCertificate - Should Client Certificate Negotiation be enabled for this Hostname? Defaults to
false. - ssl
Keyvault StringIdentity Client Id System or User Assigned Managed identity clientId as generated by Azure AD, which has
GETaccess to the keyVault containing the SSL certificate.NOTE: If a User Assigned Managed identity is specified for
ssl_keyvault_identity_client_idthen this identity must be associated to theazure.apimanagement.Servicewithin anidentityblock.- subject String
- thumbprint String
Import
API Management Custom Domains can be imported using the resource id, e.g.
$ pulumi import azure:apimanagement/customDomain:CustomDomain example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ApiManagement/service/instance1/customDomains/default
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.