Azure Active Directory (Azure AD) v5.38.0, May 17 23

Azure Active Directory (Azure AD) v5.38.0 published on Wednesday, May 17, 2023 by Pulumi

azuread.ApplicationCertificate

Explore with Pulumi AI

Azure Active Directory (Azure AD) v5.38.0 published on Wednesday, May 17, 2023 by Pulumi

Import

Certificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g.

 $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate test 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111

-> This ID format is unique to Terraform and is composed of the application’s object ID, the string “certificate” and the certificate’s key ID in the format {ObjectId}/certificate/{CertificateKeyId}.

Create ApplicationCertificate Resource

new ApplicationCertificate(name: string, args: ApplicationCertificateArgs, opts?: CustomResourceOptions);

@overload
def ApplicationCertificate(resource_name: str,
                           opts: Optional[ResourceOptions] = None,
                           application_object_id: Optional[str] = None,
                           encoding: Optional[str] = None,
                           end_date: Optional[str] = None,
                           end_date_relative: Optional[str] = None,
                           key_id: Optional[str] = None,
                           start_date: Optional[str] = None,
                           type: Optional[str] = None,
                           value: Optional[str] = None)
@overload
def ApplicationCertificate(resource_name: str,
                           args: ApplicationCertificateArgs,
                           opts: Optional[ResourceOptions] = None)

func NewApplicationCertificate(ctx *Context, name string, args ApplicationCertificateArgs, opts ...ResourceOption) (*ApplicationCertificate, error)

public ApplicationCertificate(string name, ApplicationCertificateArgs args, CustomResourceOptions? opts = null)

public ApplicationCertificate(String name, ApplicationCertificateArgs args)
public ApplicationCertificate(String name, ApplicationCertificateArgs args, CustomResourceOptions options)

type: azuread:ApplicationCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ApplicationCertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ApplicationCertificateArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ApplicationCertificateArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ApplicationCertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ApplicationCertificateArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

ApplicationCertificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ApplicationCertificate resource accepts the following input properties:

ApplicationObjectId string: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
Value string: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.
Encoding string: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
EndDate string: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
EndDateRelative string: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
KeyId string: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
StartDate string: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
Type string: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.

ApplicationObjectId string: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
Value string: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.
Encoding string: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
EndDate string: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
EndDateRelative string: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
KeyId string: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
StartDate string: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
Type string: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.

applicationObjectId String: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
value String: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.
encoding String: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
endDate String: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
endDateRelative String: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
keyId String: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
startDate String: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type String: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.

applicationObjectId string: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
value string: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.
encoding string: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
endDate string: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
endDateRelative string: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
keyId string: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
startDate string: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type string: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.

application_object_id str: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
value str: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.
encoding str: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
end_date str: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
end_date_relative str: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
key_id str: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
start_date str: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type str: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.

applicationObjectId String: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
value String: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.
encoding String: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
endDate String: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
endDateRelative String: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
keyId String: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
startDate String: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type String: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.

Outputs

All input properties are implicitly available as output properties. Additionally, the ApplicationCertificate resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ApplicationCertificate Resource

Get an existing ApplicationCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ApplicationCertificateState, opts?: CustomResourceOptions): ApplicationCertificate

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        application_object_id: Optional[str] = None,
        encoding: Optional[str] = None,
        end_date: Optional[str] = None,
        end_date_relative: Optional[str] = None,
        key_id: Optional[str] = None,
        start_date: Optional[str] = None,
        type: Optional[str] = None,
        value: Optional[str] = None) -> ApplicationCertificate

func GetApplicationCertificate(ctx *Context, name string, id IDInput, state *ApplicationCertificateState, opts ...ResourceOption) (*ApplicationCertificate, error)

public static ApplicationCertificate Get(string name, Input<string> id, ApplicationCertificateState? state, CustomResourceOptions? opts = null)

public static ApplicationCertificate get(String name, Output<String> id, ApplicationCertificateState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ApplicationObjectId string: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
Encoding string: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
EndDate string: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
EndDateRelative string: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
KeyId string: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
StartDate string: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
Type string: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.
Value string: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.

ApplicationObjectId string: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
Encoding string: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
EndDate string: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
EndDateRelative string: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
KeyId string: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
StartDate string: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
Type string: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.
Value string: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.

applicationObjectId String: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
encoding String: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
endDate String: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
endDateRelative String: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
keyId String: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
startDate String: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type String: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.
value String: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.

applicationObjectId string: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
encoding string: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
endDate string: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
endDateRelative string: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
keyId string: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
startDate string: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type string: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.
value string: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.

application_object_id str: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
encoding str: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
end_date str: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
end_date_relative str: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
key_id str: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
start_date str: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type str: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.
value str: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.

applicationObjectId String: The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created.
encoding String: Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem.
Tip for Azure Key Vault The hex encoding option is useful for consuming certificate data from the azurerm_key_vault_certificate resource.
endDate String: The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created.
endDateRelative String: A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created.
One of end_date or end_date_relative must be set. The maximum allowed duration is determined by Azure AD.
keyId String: A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created.
startDate String: The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created.
type String: The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created.
value String: The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the encoding argument.

Package Details

Repository: Azure Active Directory (Azure AD) pulumi/pulumi-azuread
License: Apache-2.0
Notes: This Pulumi package is based on the azuread Terraform Provider.

Azure Active Directory (Azure AD) v5.38.0 published on Wednesday, May 17, 2023 by Pulumi

pulumi/pulumi-azuread

azuread.ApplicationCertificate

On this page

On this page

Import

Create ApplicationCertificate Resource

ApplicationCertificate Resource Properties

Inputs

Outputs

Look up Existing ApplicationCertificate Resource

Package Details

On this page

On this page