We recommend using Azure Native.
azure.appservice.Certificate
Explore with Pulumi AI
Manages an App Service certificate.
Example Usage
This example provisions an App Service Certificate from a Local File.
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
private static string ReadFileBase64(string path) {
return Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(File.ReadAllText(path)));
}
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
{
Location = "West Europe",
});
var exampleCertificate = new Azure.AppService.Certificate("exampleCertificate", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
PfxBlob = ReadFileBase64("certificate.pfx"),
Password = "password123!",
});
});
package main
import (
"encoding/base64"
"os"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appservice"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func filebase64OrPanic(path string) pulumi.StringPtrInput {
if fileData, err := os.ReadFile(path); err == nil {
return pulumi.String(base64.StdEncoding.EncodeToString(fileData[:]))
} else {
panic(err.Error())
}
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
_, err = appservice.NewCertificate(ctx, "exampleCertificate", &appservice.CertificateArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
PfxBlob: filebase64OrPanic("certificate.pfx"),
Password: pulumi.String("password123!"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appservice.Certificate;
import com.pulumi.azure.appservice.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.pfxBlob(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get("certificate.pfx"))))
.password("password123!")
.build());
}
}
import pulumi
import base64
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_certificate = azure.appservice.Certificate("exampleCertificate",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
pfx_blob=(lambda path: base64.b64encode(open(path).read().encode()).decode())("certificate.pfx"),
password="password123!")
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
import * as fs from "fs";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleCertificate = new azure.appservice.Certificate("exampleCertificate", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
pfxBlob: Buffer.from(fs.readFileSync("certificate.pfx"), 'binary').toString('base64'),
password: "password123!",
});
Coming soon!
Create Certificate Resource
new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
app_service_plan_id: Optional[str] = None,
key_vault_secret_id: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
password: Optional[str] = None,
pfx_blob: Optional[str] = None,
resource_group_name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
@overload
def Certificate(resource_name: str,
args: CertificateArgs,
opts: Optional[ResourceOptions] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: azure:appservice:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Certificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Certificate resource accepts the following input properties:
- Resource
Group stringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- App
Service stringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- Key
Vault stringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
Specifies the name of the certificate. Changing this forces a new resource to be created.
- Password string
The password to access the certificate's private key. Changing this forces a new resource to be created.
- Pfx
Blob string The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- Dictionary<string, string>
A mapping of tags to assign to the resource.
- Resource
Group stringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- App
Service stringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- Key
Vault stringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
Specifies the name of the certificate. Changing this forces a new resource to be created.
- Password string
The password to access the certificate's private key. Changing this forces a new resource to be created.
- Pfx
Blob string The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- map[string]string
A mapping of tags to assign to the resource.
- resource
Group StringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- app
Service StringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- key
Vault StringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location String
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password String
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx
Blob String The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- Map<String,String>
A mapping of tags to assign to the resource.
- resource
Group stringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- app
Service stringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- key
Vault stringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name string
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password string
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx
Blob string The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- {[key: string]: string}
A mapping of tags to assign to the resource.
- resource_
group_ strname The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- app_
service_ strplan_ id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- key_
vault_ strsecret_ id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location str
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name str
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password str
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx_
blob str The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- Mapping[str, str]
A mapping of tags to assign to the resource.
- resource
Group StringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- app
Service StringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- key
Vault StringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location String
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password String
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx
Blob String The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- Map<String>
A mapping of tags to assign to the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:
- Expiration
Date string The expiration date for the certificate.
- Friendly
Name string The friendly name of the certificate.
- Host
Names List<string> List of host names the certificate applies to.
- Hosting
Environment stringProfile Id The ID of the App Service Environment where the certificate is in use.
- Id string
The provider-assigned unique ID for this managed resource.
- Issue
Date string The issue date for the certificate.
- Issuer string
The name of the certificate issuer.
- Subject
Name string The subject name of the certificate.
- Thumbprint string
The thumbprint for the certificate.
- Expiration
Date string The expiration date for the certificate.
- Friendly
Name string The friendly name of the certificate.
- Host
Names []string List of host names the certificate applies to.
- Hosting
Environment stringProfile Id The ID of the App Service Environment where the certificate is in use.
- Id string
The provider-assigned unique ID for this managed resource.
- Issue
Date string The issue date for the certificate.
- Issuer string
The name of the certificate issuer.
- Subject
Name string The subject name of the certificate.
- Thumbprint string
The thumbprint for the certificate.
- expiration
Date String The expiration date for the certificate.
- friendly
Name String The friendly name of the certificate.
- host
Names List<String> List of host names the certificate applies to.
- hosting
Environment StringProfile Id The ID of the App Service Environment where the certificate is in use.
- id String
The provider-assigned unique ID for this managed resource.
- issue
Date String The issue date for the certificate.
- issuer String
The name of the certificate issuer.
- subject
Name String The subject name of the certificate.
- thumbprint String
The thumbprint for the certificate.
- expiration
Date string The expiration date for the certificate.
- friendly
Name string The friendly name of the certificate.
- host
Names string[] List of host names the certificate applies to.
- hosting
Environment stringProfile Id The ID of the App Service Environment where the certificate is in use.
- id string
The provider-assigned unique ID for this managed resource.
- issue
Date string The issue date for the certificate.
- issuer string
The name of the certificate issuer.
- subject
Name string The subject name of the certificate.
- thumbprint string
The thumbprint for the certificate.
- expiration_
date str The expiration date for the certificate.
- friendly_
name str The friendly name of the certificate.
- host_
names Sequence[str] List of host names the certificate applies to.
- hosting_
environment_ strprofile_ id The ID of the App Service Environment where the certificate is in use.
- id str
The provider-assigned unique ID for this managed resource.
- issue_
date str The issue date for the certificate.
- issuer str
The name of the certificate issuer.
- subject_
name str The subject name of the certificate.
- thumbprint str
The thumbprint for the certificate.
- expiration
Date String The expiration date for the certificate.
- friendly
Name String The friendly name of the certificate.
- host
Names List<String> List of host names the certificate applies to.
- hosting
Environment StringProfile Id The ID of the App Service Environment where the certificate is in use.
- id String
The provider-assigned unique ID for this managed resource.
- issue
Date String The issue date for the certificate.
- issuer String
The name of the certificate issuer.
- subject
Name String The subject name of the certificate.
- thumbprint String
The thumbprint for the certificate.
Look up Existing Certificate Resource
Get an existing Certificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CertificateState, opts?: CustomResourceOptions): Certificate
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
app_service_plan_id: Optional[str] = None,
expiration_date: Optional[str] = None,
friendly_name: Optional[str] = None,
host_names: Optional[Sequence[str]] = None,
hosting_environment_profile_id: Optional[str] = None,
issue_date: Optional[str] = None,
issuer: Optional[str] = None,
key_vault_secret_id: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
password: Optional[str] = None,
pfx_blob: Optional[str] = None,
resource_group_name: Optional[str] = None,
subject_name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
thumbprint: Optional[str] = None) -> Certificate
func GetCertificate(ctx *Context, name string, id IDInput, state *CertificateState, opts ...ResourceOption) (*Certificate, error)
public static Certificate Get(string name, Input<string> id, CertificateState? state, CustomResourceOptions? opts = null)
public static Certificate get(String name, Output<String> id, CertificateState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- App
Service stringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- Expiration
Date string The expiration date for the certificate.
- Friendly
Name string The friendly name of the certificate.
- Host
Names List<string> List of host names the certificate applies to.
- Hosting
Environment stringProfile Id The ID of the App Service Environment where the certificate is in use.
- Issue
Date string The issue date for the certificate.
- Issuer string
The name of the certificate issuer.
- Key
Vault stringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
Specifies the name of the certificate. Changing this forces a new resource to be created.
- Password string
The password to access the certificate's private key. Changing this forces a new resource to be created.
- Pfx
Blob string The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- Resource
Group stringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- Subject
Name string The subject name of the certificate.
- Dictionary<string, string>
A mapping of tags to assign to the resource.
- Thumbprint string
The thumbprint for the certificate.
- App
Service stringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- Expiration
Date string The expiration date for the certificate.
- Friendly
Name string The friendly name of the certificate.
- Host
Names []string List of host names the certificate applies to.
- Hosting
Environment stringProfile Id The ID of the App Service Environment where the certificate is in use.
- Issue
Date string The issue date for the certificate.
- Issuer string
The name of the certificate issuer.
- Key
Vault stringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
Specifies the name of the certificate. Changing this forces a new resource to be created.
- Password string
The password to access the certificate's private key. Changing this forces a new resource to be created.
- Pfx
Blob string The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- Resource
Group stringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- Subject
Name string The subject name of the certificate.
- map[string]string
A mapping of tags to assign to the resource.
- Thumbprint string
The thumbprint for the certificate.
- app
Service StringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- expiration
Date String The expiration date for the certificate.
- friendly
Name String The friendly name of the certificate.
- host
Names List<String> List of host names the certificate applies to.
- hosting
Environment StringProfile Id The ID of the App Service Environment where the certificate is in use.
- issue
Date String The issue date for the certificate.
- issuer String
The name of the certificate issuer.
- key
Vault StringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location String
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password String
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx
Blob String The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- resource
Group StringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- subject
Name String The subject name of the certificate.
- Map<String,String>
A mapping of tags to assign to the resource.
- thumbprint String
The thumbprint for the certificate.
- app
Service stringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- expiration
Date string The expiration date for the certificate.
- friendly
Name string The friendly name of the certificate.
- host
Names string[] List of host names the certificate applies to.
- hosting
Environment stringProfile Id The ID of the App Service Environment where the certificate is in use.
- issue
Date string The issue date for the certificate.
- issuer string
The name of the certificate issuer.
- key
Vault stringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name string
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password string
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx
Blob string The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- resource
Group stringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- subject
Name string The subject name of the certificate.
- {[key: string]: string}
A mapping of tags to assign to the resource.
- thumbprint string
The thumbprint for the certificate.
- app_
service_ strplan_ id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- expiration_
date str The expiration date for the certificate.
- friendly_
name str The friendly name of the certificate.
- host_
names Sequence[str] List of host names the certificate applies to.
- hosting_
environment_ strprofile_ id The ID of the App Service Environment where the certificate is in use.
- issue_
date str The issue date for the certificate.
- issuer str
The name of the certificate issuer.
- key_
vault_ strsecret_ id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location str
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name str
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password str
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx_
blob str The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- resource_
group_ strname The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- subject_
name str The subject name of the certificate.
- Mapping[str, str]
A mapping of tags to assign to the resource.
- thumbprint str
The thumbprint for the certificate.
- app
Service StringPlan Id The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
- expiration
Date String The expiration date for the certificate.
- friendly
Name String The friendly name of the certificate.
- host
Names List<String> List of host names the certificate applies to.
- hosting
Environment StringProfile Id The ID of the App Service Environment where the certificate is in use.
- issue
Date String The issue date for the certificate.
- issuer String
The name of the certificate issuer.
- key
Vault StringSecret Id The ID of the Key Vault secret. Changing this forces a new resource to be created.
- location String
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
Specifies the name of the certificate. Changing this forces a new resource to be created.
- password String
The password to access the certificate's private key. Changing this forces a new resource to be created.
- pfx
Blob String The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
NOTE: Either
pfx_blob
orkey_vault_secret_id
must be set - but not both.- resource
Group StringName The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
- subject
Name String The subject name of the certificate.
- Map<String>
A mapping of tags to assign to the resource.
- thumbprint String
The thumbprint for the certificate.
Import
App Service Certificates can be imported using the resource id
, e.g.
$ pulumi import azure:appservice/certificate:Certificate example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Web/certificates/certificate1
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurerm
Terraform Provider.