Azure Classic

v5.25.0 published on Thursday, Nov 24, 2022 by Pulumi

Certificate

Manages an App Service certificate.

Example Usage

This example provisions an App Service Certificate from a Local File.

using System;
using System.Collections.Generic;
using System.IO;
using Pulumi;
using Azure = Pulumi.Azure;

	private static string ReadFileBase64(string path) {
		return Convert.ToBase64String(Encoding.UTF8.GetBytes(File.ReadAllText(path)))
	}

return await Deployment.RunAsync(() => 
{
    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
    });

    var exampleCertificate = new Azure.AppService.Certificate("exampleCertificate", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        PfxBlob = ReadFileBase64("certificate.pfx"),
        Password = "password123!",
    });

});

package main

import (
	"encoding/base64"
	"io/ioutil"

	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appservice"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func filebase64OrPanic(path string) pulumi.StringPtrInput {
	if fileData, err := ioutil.ReadFile(path); err == nil {
		return pulumi.String(base64.StdEncoding.EncodeToString(fileData[:]))
	} else {
		panic(err.Error())
	}
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		_, err = appservice.NewCertificate(ctx, "exampleCertificate", &appservice.CertificateArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			Location:          exampleResourceGroup.Location,
			PfxBlob:           filebase64OrPanic("certificate.pfx"),
			Password:          pulumi.String("password123!"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appservice.Certificate;
import com.pulumi.azure.appservice.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .pfxBlob(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get("certificate.pfx"))))
            .password("password123!")
            .build());

    }
}

import pulumi
import base64
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_certificate = azure.appservice.Certificate("exampleCertificate",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    pfx_blob=(lambda path: base64.b64encode(open(path).read().encode()).decode())("certificate.pfx"),
    password="password123!")

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
import * as fs from "fs";

const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleCertificate = new azure.appservice.Certificate("exampleCertificate", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
    pfxBlob: Buffer.from(fs.readFileSync("certificate.pfx"), 'binary').toString('base64'),
    password: "password123!",
});

Coming soon!

Create Certificate Resource

new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);

@overload
def Certificate(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                app_service_plan_id: Optional[str] = None,
                key_vault_secret_id: Optional[str] = None,
                location: Optional[str] = None,
                name: Optional[str] = None,
                password: Optional[str] = None,
                pfx_blob: Optional[str] = None,
                resource_group_name: Optional[str] = None,
                tags: Optional[Mapping[str, str]] = None)
@overload
def Certificate(resource_name: str,
                args: CertificateArgs,
                opts: Optional[ResourceOptions] = None)

func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)

public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)

public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)

type: azure:appservice:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Certificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Certificate resource accepts the following input properties:

ResourceGroupName string: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
AppServicePlanId string: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
KeyVaultSecretId string: The ID of the Key Vault secret. Changing this forces a new resource to be created.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string: Specifies the name of the certificate. Changing this forces a new resource to be created.
Password string: The password to access the certificate's private key. Changing this forces a new resource to be created.
PfxBlob string: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
Tags Dictionary<string, string>

ResourceGroupName string: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
AppServicePlanId string: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
KeyVaultSecretId string: The ID of the Key Vault secret. Changing this forces a new resource to be created.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string: Specifies the name of the certificate. Changing this forces a new resource to be created.
Password string: The password to access the certificate's private key. Changing this forces a new resource to be created.
PfxBlob string: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
Tags map[string]string

resourceGroupName String: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
appServicePlanId String: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
keyVaultSecretId String: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name String: Specifies the name of the certificate. Changing this forces a new resource to be created.
password String: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfxBlob String: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
tags Map<String,String>

resourceGroupName string: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
appServicePlanId string: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
keyVaultSecretId string: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name string: Specifies the name of the certificate. Changing this forces a new resource to be created.
password string: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfxBlob string: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
tags {[key: string]: string}

resource_group_name str: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
app_service_plan_id str: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
key_vault_secret_id str: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location str: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name str: Specifies the name of the certificate. Changing this forces a new resource to be created.
password str: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfx_blob str: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
tags Mapping[str, str]

resourceGroupName String: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
appServicePlanId String: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
keyVaultSecretId String: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name String: Specifies the name of the certificate. Changing this forces a new resource to be created.
password String: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfxBlob String: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
tags Map<String>

Outputs

All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:

ExpirationDate string: The expiration date for the certificate.
FriendlyName string: The friendly name of the certificate.
HostNames List<string>: List of host names the certificate applies to.
Id string: The provider-assigned unique ID for this managed resource.
IssueDate string: The issue date for the certificate.
Issuer string: The name of the certificate issuer.
SubjectName string: The subject name of the certificate.
Thumbprint string: The thumbprint for the certificate.

ExpirationDate string: The expiration date for the certificate.
FriendlyName string: The friendly name of the certificate.
HostNames []string: List of host names the certificate applies to.
Id string: The provider-assigned unique ID for this managed resource.
IssueDate string: The issue date for the certificate.
Issuer string: The name of the certificate issuer.
SubjectName string: The subject name of the certificate.
Thumbprint string: The thumbprint for the certificate.

expirationDate String: The expiration date for the certificate.
friendlyName String: The friendly name of the certificate.
hostNames List<String>: List of host names the certificate applies to.
id String: The provider-assigned unique ID for this managed resource.
issueDate String: The issue date for the certificate.
issuer String: The name of the certificate issuer.
subjectName String: The subject name of the certificate.
thumbprint String: The thumbprint for the certificate.

expirationDate string: The expiration date for the certificate.
friendlyName string: The friendly name of the certificate.
hostNames string[]: List of host names the certificate applies to.
id string: The provider-assigned unique ID for this managed resource.
issueDate string: The issue date for the certificate.
issuer string: The name of the certificate issuer.
subjectName string: The subject name of the certificate.
thumbprint string: The thumbprint for the certificate.

expiration_date str: The expiration date for the certificate.
friendly_name str: The friendly name of the certificate.
host_names Sequence[str]: List of host names the certificate applies to.
id str: The provider-assigned unique ID for this managed resource.
issue_date str: The issue date for the certificate.
issuer str: The name of the certificate issuer.
subject_name str: The subject name of the certificate.
thumbprint str: The thumbprint for the certificate.

expirationDate String: The expiration date for the certificate.
friendlyName String: The friendly name of the certificate.
hostNames List<String>: List of host names the certificate applies to.
id String: The provider-assigned unique ID for this managed resource.
issueDate String: The issue date for the certificate.
issuer String: The name of the certificate issuer.
subjectName String: The subject name of the certificate.
thumbprint String: The thumbprint for the certificate.

Look up Existing Certificate Resource

Get an existing Certificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CertificateState, opts?: CustomResourceOptions): Certificate

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        app_service_plan_id: Optional[str] = None,
        expiration_date: Optional[str] = None,
        friendly_name: Optional[str] = None,
        host_names: Optional[Sequence[str]] = None,
        issue_date: Optional[str] = None,
        issuer: Optional[str] = None,
        key_vault_secret_id: Optional[str] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        password: Optional[str] = None,
        pfx_blob: Optional[str] = None,
        resource_group_name: Optional[str] = None,
        subject_name: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        thumbprint: Optional[str] = None) -> Certificate

func GetCertificate(ctx *Context, name string, id IDInput, state *CertificateState, opts ...ResourceOption) (*Certificate, error)

public static Certificate Get(string name, Input<string> id, CertificateState? state, CustomResourceOptions? opts = null)

public static Certificate get(String name, Output<String> id, CertificateState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AppServicePlanId string: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
ExpirationDate string: The expiration date for the certificate.
FriendlyName string: The friendly name of the certificate.
HostNames List<string>: List of host names the certificate applies to.
IssueDate string: The issue date for the certificate.
Issuer string: The name of the certificate issuer.
KeyVaultSecretId string: The ID of the Key Vault secret. Changing this forces a new resource to be created.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string: Specifies the name of the certificate. Changing this forces a new resource to be created.
Password string: The password to access the certificate's private key. Changing this forces a new resource to be created.
PfxBlob string: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
ResourceGroupName string: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
SubjectName string: The subject name of the certificate.
Tags Dictionary<string, string>
Thumbprint string: The thumbprint for the certificate.

AppServicePlanId string: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
ExpirationDate string: The expiration date for the certificate.
FriendlyName string: The friendly name of the certificate.
HostNames []string: List of host names the certificate applies to.
IssueDate string: The issue date for the certificate.
Issuer string: The name of the certificate issuer.
KeyVaultSecretId string: The ID of the Key Vault secret. Changing this forces a new resource to be created.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string: Specifies the name of the certificate. Changing this forces a new resource to be created.
Password string: The password to access the certificate's private key. Changing this forces a new resource to be created.
PfxBlob string: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
ResourceGroupName string: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
SubjectName string: The subject name of the certificate.
Tags map[string]string
Thumbprint string: The thumbprint for the certificate.

appServicePlanId String: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
expirationDate String: The expiration date for the certificate.
friendlyName String: The friendly name of the certificate.
hostNames List<String>: List of host names the certificate applies to.
issueDate String: The issue date for the certificate.
issuer String: The name of the certificate issuer.
keyVaultSecretId String: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name String: Specifies the name of the certificate. Changing this forces a new resource to be created.
password String: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfxBlob String: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
resourceGroupName String: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
subjectName String: The subject name of the certificate.
tags Map<String,String>
thumbprint String: The thumbprint for the certificate.

appServicePlanId string: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
expirationDate string: The expiration date for the certificate.
friendlyName string: The friendly name of the certificate.
hostNames string[]: List of host names the certificate applies to.
issueDate string: The issue date for the certificate.
issuer string: The name of the certificate issuer.
keyVaultSecretId string: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name string: Specifies the name of the certificate. Changing this forces a new resource to be created.
password string: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfxBlob string: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
resourceGroupName string: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
subjectName string: The subject name of the certificate.
tags {[key: string]: string}
thumbprint string: The thumbprint for the certificate.

app_service_plan_id str: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
expiration_date str: The expiration date for the certificate.
friendly_name str: The friendly name of the certificate.
host_names Sequence[str]: List of host names the certificate applies to.
issue_date str: The issue date for the certificate.
issuer str: The name of the certificate issuer.
key_vault_secret_id str: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location str: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name str: Specifies the name of the certificate. Changing this forces a new resource to be created.
password str: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfx_blob str: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
resource_group_name str: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
subject_name str: The subject name of the certificate.
tags Mapping[str, str]
thumbprint str: The thumbprint for the certificate.

appServicePlanId String: The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.
expirationDate String: The expiration date for the certificate.
friendlyName String: The friendly name of the certificate.
hostNames List<String>: List of host names the certificate applies to.
issueDate String: The issue date for the certificate.
issuer String: The name of the certificate issuer.
keyVaultSecretId String: The ID of the Key Vault secret. Changing this forces a new resource to be created.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name String: Specifies the name of the certificate. Changing this forces a new resource to be created.
password String: The password to access the certificate's private key. Changing this forces a new resource to be created.
pfxBlob String: The base64-encoded contents of the certificate. Changing this forces a new resource to be created.
resourceGroupName String: The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.
subjectName String: The subject name of the certificate.
tags Map<String>
thumbprint String: The thumbprint for the certificate.

Import

App Service Certificates can be imported using the resource id, e.g.

 $ pulumi import azure:appservice/certificate:Certificate example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Web/certificates/certificate1

Package Details

Repository: https://github.com/pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.