Azure Classic v5.43.0, May 6 23
Azure Classic v5.43.0, May 6 23
azure.keyvault.getCertificateData
Explore with Pulumi AI
Use this data source to access data stored in an existing Key Vault Certificate.
Note: This data source uses the
GetSecret
function of the Azure API, to get the key of the certificate. Therefore you need secret/get permission
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleKeyVault = Azure.KeyVault.GetKeyVault.Invoke(new()
{
Name = "examplekv",
ResourceGroupName = "some-resource-group",
});
var exampleCertificateData = Azure.KeyVault.GetCertificateData.Invoke(new()
{
Name = "secret-sauce",
KeyVaultId = exampleKeyVault.Apply(getKeyVaultResult => getKeyVaultResult.Id),
});
return new Dictionary<string, object?>
{
["examplePem"] = exampleCertificateData.Apply(getCertificateDataResult => getCertificateDataResult.Pem),
};
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleKeyVault, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
Name: "examplekv",
ResourceGroupName: "some-resource-group",
}, nil)
if err != nil {
return err
}
exampleCertificateData, err := keyvault.GetCertificateData(ctx, &keyvault.GetCertificateDataArgs{
Name: "secret-sauce",
KeyVaultId: exampleKeyVault.Id,
}, nil)
if err != nil {
return err
}
ctx.Export("examplePem", exampleCertificateData.Pem)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.GetCertificateDataArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var exampleKeyVault = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
.name("examplekv")
.resourceGroupName("some-resource-group")
.build());
final var exampleCertificateData = KeyvaultFunctions.getCertificateData(GetCertificateDataArgs.builder()
.name("secret-sauce")
.keyVaultId(exampleKeyVault.applyValue(getKeyVaultResult -> getKeyVaultResult.id()))
.build());
ctx.export("examplePem", exampleCertificateData.applyValue(getCertificateDataResult -> getCertificateDataResult.pem()));
}
}
import pulumi
import pulumi_azure as azure
example_key_vault = azure.keyvault.get_key_vault(name="examplekv",
resource_group_name="some-resource-group")
example_certificate_data = azure.keyvault.get_certificate_data(name="secret-sauce",
key_vault_id=example_key_vault.id)
pulumi.export("examplePem", example_certificate_data.pem)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleKeyVault = azure.keyvault.getKeyVault({
name: "examplekv",
resourceGroupName: "some-resource-group",
});
const exampleCertificateData = exampleKeyVault.then(exampleKeyVault => azure.keyvault.getCertificateData({
name: "secret-sauce",
keyVaultId: exampleKeyVault.id,
}));
export const examplePem = exampleCertificateData.then(exampleCertificateData => exampleCertificateData.pem);
variables:
exampleKeyVault:
fn::invoke:
Function: azure:keyvault:getKeyVault
Arguments:
name: examplekv
resourceGroupName: some-resource-group
exampleCertificateData:
fn::invoke:
Function: azure:keyvault:getCertificateData
Arguments:
name: secret-sauce
keyVaultId: ${exampleKeyVault.id}
outputs:
examplePem: ${exampleCertificateData.pem}
Using getCertificateData
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getCertificateData(args: GetCertificateDataArgs, opts?: InvokeOptions): Promise<GetCertificateDataResult>
function getCertificateDataOutput(args: GetCertificateDataOutputArgs, opts?: InvokeOptions): Output<GetCertificateDataResult>
def get_certificate_data(key_vault_id: Optional[str] = None,
name: Optional[str] = None,
version: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetCertificateDataResult
def get_certificate_data_output(key_vault_id: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
version: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetCertificateDataResult]
func GetCertificateData(ctx *Context, args *GetCertificateDataArgs, opts ...InvokeOption) (*GetCertificateDataResult, error)
func GetCertificateDataOutput(ctx *Context, args *GetCertificateDataOutputArgs, opts ...InvokeOption) GetCertificateDataResultOutput
> Note: This function is named GetCertificateData
in the Go SDK.
public static class GetCertificateData
{
public static Task<GetCertificateDataResult> InvokeAsync(GetCertificateDataArgs args, InvokeOptions? opts = null)
public static Output<GetCertificateDataResult> Invoke(GetCertificateDataInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetCertificateDataResult> getCertificateData(GetCertificateDataArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: azure:keyvault/getCertificateData:getCertificateData
arguments:
# arguments dictionary
The following arguments are supported:
- Key
Vault stringId Specifies the ID of the Key Vault instance where the Secret resides, available on the
azure.keyvault.KeyVault
Data Source / Resource.- Name string
Specifies the name of the Key Vault Secret.
- Version string
Specifies the version of the certificate to look up. (Defaults to latest)
- Key
Vault stringId Specifies the ID of the Key Vault instance where the Secret resides, available on the
azure.keyvault.KeyVault
Data Source / Resource.- Name string
Specifies the name of the Key Vault Secret.
- Version string
Specifies the version of the certificate to look up. (Defaults to latest)
- key
Vault StringId Specifies the ID of the Key Vault instance where the Secret resides, available on the
azure.keyvault.KeyVault
Data Source / Resource.- name String
Specifies the name of the Key Vault Secret.
- version String
Specifies the version of the certificate to look up. (Defaults to latest)
- key
Vault stringId Specifies the ID of the Key Vault instance where the Secret resides, available on the
azure.keyvault.KeyVault
Data Source / Resource.- name string
Specifies the name of the Key Vault Secret.
- version string
Specifies the version of the certificate to look up. (Defaults to latest)
- key_
vault_ strid Specifies the ID of the Key Vault instance where the Secret resides, available on the
azure.keyvault.KeyVault
Data Source / Resource.- name str
Specifies the name of the Key Vault Secret.
- version str
Specifies the version of the certificate to look up. (Defaults to latest)
- key
Vault StringId Specifies the ID of the Key Vault instance where the Secret resides, available on the
azure.keyvault.KeyVault
Data Source / Resource.- name String
Specifies the name of the Key Vault Secret.
- version String
Specifies the version of the certificate to look up. (Defaults to latest)
getCertificateData Result
The following output properties are available:
- Certificates
Count int Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
- Expires string
Expiry date of certificate in RFC3339 format.
- Hex string
The raw Key Vault Certificate data represented as a hexadecimal string.
- Id string
The provider-assigned unique ID for this managed resource.
- Key string
The Key Vault Certificate Key.
- Key
Vault stringId - Name string
- Not
Before string Not Before date of certificate in RFC3339 format.
- Pem string
The Key Vault Certificate in PEM format.
- Dictionary<string, string>
A mapping of tags to assign to the resource.
- Version string
- Certificates
Count int Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
- Expires string
Expiry date of certificate in RFC3339 format.
- Hex string
The raw Key Vault Certificate data represented as a hexadecimal string.
- Id string
The provider-assigned unique ID for this managed resource.
- Key string
The Key Vault Certificate Key.
- Key
Vault stringId - Name string
- Not
Before string Not Before date of certificate in RFC3339 format.
- Pem string
The Key Vault Certificate in PEM format.
- map[string]string
A mapping of tags to assign to the resource.
- Version string
- certificates
Count Integer Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
- expires String
Expiry date of certificate in RFC3339 format.
- hex String
The raw Key Vault Certificate data represented as a hexadecimal string.
- id String
The provider-assigned unique ID for this managed resource.
- key String
The Key Vault Certificate Key.
- key
Vault StringId - name String
- not
Before String Not Before date of certificate in RFC3339 format.
- pem String
The Key Vault Certificate in PEM format.
- Map<String,String>
A mapping of tags to assign to the resource.
- version String
- certificates
Count number Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
- expires string
Expiry date of certificate in RFC3339 format.
- hex string
The raw Key Vault Certificate data represented as a hexadecimal string.
- id string
The provider-assigned unique ID for this managed resource.
- key string
The Key Vault Certificate Key.
- key
Vault stringId - name string
- not
Before string Not Before date of certificate in RFC3339 format.
- pem string
The Key Vault Certificate in PEM format.
- {[key: string]: string}
A mapping of tags to assign to the resource.
- version string
- certificates_
count int Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
- expires str
Expiry date of certificate in RFC3339 format.
- hex str
The raw Key Vault Certificate data represented as a hexadecimal string.
- id str
The provider-assigned unique ID for this managed resource.
- key str
The Key Vault Certificate Key.
- key_
vault_ strid - name str
- not_
before str Not Before date of certificate in RFC3339 format.
- pem str
The Key Vault Certificate in PEM format.
- Mapping[str, str]
A mapping of tags to assign to the resource.
- version str
- certificates
Count Number Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
- expires String
Expiry date of certificate in RFC3339 format.
- hex String
The raw Key Vault Certificate data represented as a hexadecimal string.
- id String
The provider-assigned unique ID for this managed resource.
- key String
The Key Vault Certificate Key.
- key
Vault StringId - name String
- not
Before String Not Before date of certificate in RFC3339 format.
- pem String
The Key Vault Certificate in PEM format.
- Map<String>
A mapping of tags to assign to the resource.
- version String
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurerm
Terraform Provider.