azure logo
Azure Classic v5.43.0, May 6 23

azure.keyvault.CertificateIssuer

Explore with Pulumi AI

Manages a Key Vault Certificate Issuer.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var current = Azure.Core.GetClientConfig.Invoke();

    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
    });

    var exampleKeyVault = new Azure.KeyVault.KeyVault("exampleKeyVault", new()
    {
        Location = exampleResourceGroup.Location,
        ResourceGroupName = exampleResourceGroup.Name,
        SkuName = "standard",
        TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
    });

    var exampleCertificateIssuer = new Azure.KeyVault.CertificateIssuer("exampleCertificateIssuer", new()
    {
        OrgId = "ExampleOrgName",
        KeyVaultId = exampleKeyVault.Id,
        ProviderName = "DigiCert",
        AccountId = "0000",
        Password = "example-password",
    });

});
package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := core.GetClientConfig(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleKeyVault, err := keyvault.NewKeyVault(ctx, "exampleKeyVault", &keyvault.KeyVaultArgs{
			Location:          exampleResourceGroup.Location,
			ResourceGroupName: exampleResourceGroup.Name,
			SkuName:           pulumi.String("standard"),
			TenantId:          *pulumi.String(current.TenantId),
		})
		if err != nil {
			return err
		}
		_, err = keyvault.NewCertificateIssuer(ctx, "exampleCertificateIssuer", &keyvault.CertificateIssuerArgs{
			OrgId:        pulumi.String("ExampleOrgName"),
			KeyVaultId:   exampleKeyVault.ID(),
			ProviderName: pulumi.String("DigiCert"),
			AccountId:    pulumi.String("0000"),
			Password:     pulumi.String("example-password"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.CertificateIssuer;
import com.pulumi.azure.keyvault.CertificateIssuerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var current = CoreFunctions.getClientConfig();

        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()        
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .skuName("standard")
            .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
            .build());

        var exampleCertificateIssuer = new CertificateIssuer("exampleCertificateIssuer", CertificateIssuerArgs.builder()        
            .orgId("ExampleOrgName")
            .keyVaultId(exampleKeyVault.id())
            .providerName("DigiCert")
            .accountId("0000")
            .password("example-password")
            .build());

    }
}
import pulumi
import pulumi_azure as azure

current = azure.core.get_client_config()
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_key_vault = azure.keyvault.KeyVault("exampleKeyVault",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    sku_name="standard",
    tenant_id=current.tenant_id)
example_certificate_issuer = azure.keyvault.CertificateIssuer("exampleCertificateIssuer",
    org_id="ExampleOrgName",
    key_vault_id=example_key_vault.id,
    provider_name="DigiCert",
    account_id="0000",
    password="example-password")
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const current = azure.core.getClientConfig({});
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleKeyVault = new azure.keyvault.KeyVault("exampleKeyVault", {
    location: exampleResourceGroup.location,
    resourceGroupName: exampleResourceGroup.name,
    skuName: "standard",
    tenantId: current.then(current => current.tenantId),
});
const exampleCertificateIssuer = new azure.keyvault.CertificateIssuer("exampleCertificateIssuer", {
    orgId: "ExampleOrgName",
    keyVaultId: exampleKeyVault.id,
    providerName: "DigiCert",
    accountId: "0000",
    password: "example-password",
});
resources:
  exampleResourceGroup:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
  exampleKeyVault:
    type: azure:keyvault:KeyVault
    properties:
      location: ${exampleResourceGroup.location}
      resourceGroupName: ${exampleResourceGroup.name}
      skuName: standard
      tenantId: ${current.tenantId}
  exampleCertificateIssuer:
    type: azure:keyvault:CertificateIssuer
    properties:
      orgId: ExampleOrgName
      keyVaultId: ${exampleKeyVault.id}
      providerName: DigiCert
      accountId: '0000'
      password: example-password
variables:
  current:
    fn::invoke:
      Function: azure:core:getClientConfig
      Arguments: {}

Create CertificateIssuer Resource

new CertificateIssuer(name: string, args: CertificateIssuerArgs, opts?: CustomResourceOptions);
@overload
def CertificateIssuer(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      account_id: Optional[str] = None,
                      admins: Optional[Sequence[CertificateIssuerAdminArgs]] = None,
                      key_vault_id: Optional[str] = None,
                      name: Optional[str] = None,
                      org_id: Optional[str] = None,
                      password: Optional[str] = None,
                      provider_name: Optional[str] = None)
@overload
def CertificateIssuer(resource_name: str,
                      args: CertificateIssuerArgs,
                      opts: Optional[ResourceOptions] = None)
func NewCertificateIssuer(ctx *Context, name string, args CertificateIssuerArgs, opts ...ResourceOption) (*CertificateIssuer, error)
public CertificateIssuer(string name, CertificateIssuerArgs args, CustomResourceOptions? opts = null)
public CertificateIssuer(String name, CertificateIssuerArgs args)
public CertificateIssuer(String name, CertificateIssuerArgs args, CustomResourceOptions options)
type: azure:keyvault:CertificateIssuer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CertificateIssuerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CertificateIssuerArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CertificateIssuerArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CertificateIssuerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CertificateIssuerArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

CertificateIssuer Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The CertificateIssuer resource accepts the following input properties:

KeyVaultId string

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

ProviderName string

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

AccountId string

The account number with the third-party Certificate Issuer.

Admins List<CertificateIssuerAdminArgs>

One or more admin blocks as defined below.

Name string

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

OrgId string

The ID of the organization as provided to the issuer.

Password string

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

KeyVaultId string

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

ProviderName string

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

AccountId string

The account number with the third-party Certificate Issuer.

Admins []CertificateIssuerAdminArgs

One or more admin blocks as defined below.

Name string

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

OrgId string

The ID of the organization as provided to the issuer.

Password string

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

keyVaultId String

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

providerName String

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

accountId String

The account number with the third-party Certificate Issuer.

admins List<CertificateIssuerAdminArgs>

One or more admin blocks as defined below.

name String

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

orgId String

The ID of the organization as provided to the issuer.

password String

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

keyVaultId string

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

providerName string

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

accountId string

The account number with the third-party Certificate Issuer.

admins CertificateIssuerAdminArgs[]

One or more admin blocks as defined below.

name string

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

orgId string

The ID of the organization as provided to the issuer.

password string

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

key_vault_id str

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

provider_name str

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

account_id str

The account number with the third-party Certificate Issuer.

admins Sequence[CertificateIssuerAdminArgs]

One or more admin blocks as defined below.

name str

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

org_id str

The ID of the organization as provided to the issuer.

password str

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

keyVaultId String

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

providerName String

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

accountId String

The account number with the third-party Certificate Issuer.

admins List<Property Map>

One or more admin blocks as defined below.

name String

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

orgId String

The ID of the organization as provided to the issuer.

password String

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

Outputs

All input properties are implicitly available as output properties. Additionally, the CertificateIssuer resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing CertificateIssuer Resource

Get an existing CertificateIssuer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CertificateIssuerState, opts?: CustomResourceOptions): CertificateIssuer
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        admins: Optional[Sequence[CertificateIssuerAdminArgs]] = None,
        key_vault_id: Optional[str] = None,
        name: Optional[str] = None,
        org_id: Optional[str] = None,
        password: Optional[str] = None,
        provider_name: Optional[str] = None) -> CertificateIssuer
func GetCertificateIssuer(ctx *Context, name string, id IDInput, state *CertificateIssuerState, opts ...ResourceOption) (*CertificateIssuer, error)
public static CertificateIssuer Get(string name, Input<string> id, CertificateIssuerState? state, CustomResourceOptions? opts = null)
public static CertificateIssuer get(String name, Output<String> id, CertificateIssuerState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccountId string

The account number with the third-party Certificate Issuer.

Admins List<CertificateIssuerAdminArgs>

One or more admin blocks as defined below.

KeyVaultId string

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

Name string

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

OrgId string

The ID of the organization as provided to the issuer.

Password string

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

ProviderName string

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

AccountId string

The account number with the third-party Certificate Issuer.

Admins []CertificateIssuerAdminArgs

One or more admin blocks as defined below.

KeyVaultId string

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

Name string

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

OrgId string

The ID of the organization as provided to the issuer.

Password string

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

ProviderName string

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

accountId String

The account number with the third-party Certificate Issuer.

admins List<CertificateIssuerAdminArgs>

One or more admin blocks as defined below.

keyVaultId String

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

name String

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

orgId String

The ID of the organization as provided to the issuer.

password String

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

providerName String

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

accountId string

The account number with the third-party Certificate Issuer.

admins CertificateIssuerAdminArgs[]

One or more admin blocks as defined below.

keyVaultId string

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

name string

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

orgId string

The ID of the organization as provided to the issuer.

password string

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

providerName string

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

account_id str

The account number with the third-party Certificate Issuer.

admins Sequence[CertificateIssuerAdminArgs]

One or more admin blocks as defined below.

key_vault_id str

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

name str

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

org_id str

The ID of the organization as provided to the issuer.

password str

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

provider_name str

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

accountId String

The account number with the third-party Certificate Issuer.

admins List<Property Map>

One or more admin blocks as defined below.

keyVaultId String

The ID of the Key Vault in which to create the Certificate Issuer. Changing this forces a new resource to be created.

name String

The name which should be used for this Key Vault Certificate Issuer. Changing this forces a new Key Vault Certificate Issuer to be created.

orgId String

The ID of the organization as provided to the issuer.

password String

The password associated with the account and organization ID at the third-party Certificate Issuer. If not specified, will not overwrite any previous value.

providerName String

The name of the third-party Certificate Issuer. Possible values are: DigiCert, GlobalSign, OneCertV2-PrivateCA, OneCertV2-PublicCA and SslAdminV2.

Supporting Types

CertificateIssuerAdmin

EmailAddress string

E-mail address of the admin.

FirstName string

First name of the admin.

LastName string

Last name of the admin.

Phone string

Phone number of the admin.

EmailAddress string

E-mail address of the admin.

FirstName string

First name of the admin.

LastName string

Last name of the admin.

Phone string

Phone number of the admin.

emailAddress String

E-mail address of the admin.

firstName String

First name of the admin.

lastName String

Last name of the admin.

phone String

Phone number of the admin.

emailAddress string

E-mail address of the admin.

firstName string

First name of the admin.

lastName string

Last name of the admin.

phone string

Phone number of the admin.

email_address str

E-mail address of the admin.

first_name str

First name of the admin.

last_name str

Last name of the admin.

phone str

Phone number of the admin.

emailAddress String

E-mail address of the admin.

firstName String

First name of the admin.

lastName String

Last name of the admin.

phone String

Phone number of the admin.

Import

Key Vault Certificate Issuers can be imported using the resource id, e.g.

 $ pulumi import azure:keyvault/certificateIssuer:CertificateIssuer example "https://key-vault-name.vault.azure.net/certificates/issuers/example"

Package Details

Repository
Azure Classic pulumi/pulumi-azure
License
Apache-2.0
Notes

This Pulumi package is based on the azurerm Terraform Provider.