Cloudflare v6.11.0 published on Friday, Oct 31, 2025 by Pulumi
cloudflare.getZeroTrustGatewayCertificate
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const exampleZeroTrustGatewayCertificate = cloudflare.getZeroTrustGatewayCertificate({
accountId: "699d98642c564d2e855e9661899b7252",
certificateId: "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
});
import pulumi
import pulumi_cloudflare as cloudflare
example_zero_trust_gateway_certificate = cloudflare.get_zero_trust_gateway_certificate(account_id="699d98642c564d2e855e9661899b7252",
certificate_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415")
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.LookupZeroTrustGatewayCertificate(ctx, &cloudflare.LookupZeroTrustGatewayCertificateArgs{
AccountId: "699d98642c564d2e855e9661899b7252",
CertificateId: pulumi.StringRef("f174e90a-fafe-4643-bbbc-4a0ed4fc8415"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var exampleZeroTrustGatewayCertificate = Cloudflare.GetZeroTrustGatewayCertificate.Invoke(new()
{
AccountId = "699d98642c564d2e855e9661899b7252",
CertificateId = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.CloudflareFunctions;
import com.pulumi.cloudflare.inputs.GetZeroTrustGatewayCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var exampleZeroTrustGatewayCertificate = CloudflareFunctions.getZeroTrustGatewayCertificate(GetZeroTrustGatewayCertificateArgs.builder()
.accountId("699d98642c564d2e855e9661899b7252")
.certificateId("f174e90a-fafe-4643-bbbc-4a0ed4fc8415")
.build());
}
}
variables:
exampleZeroTrustGatewayCertificate:
fn::invoke:
function: cloudflare:getZeroTrustGatewayCertificate
arguments:
accountId: 699d98642c564d2e855e9661899b7252
certificateId: f174e90a-fafe-4643-bbbc-4a0ed4fc8415
Using getZeroTrustGatewayCertificate
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getZeroTrustGatewayCertificate(args: GetZeroTrustGatewayCertificateArgs, opts?: InvokeOptions): Promise<GetZeroTrustGatewayCertificateResult>
function getZeroTrustGatewayCertificateOutput(args: GetZeroTrustGatewayCertificateOutputArgs, opts?: InvokeOptions): Output<GetZeroTrustGatewayCertificateResult>def get_zero_trust_gateway_certificate(account_id: Optional[str] = None,
certificate_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetZeroTrustGatewayCertificateResult
def get_zero_trust_gateway_certificate_output(account_id: Optional[pulumi.Input[str]] = None,
certificate_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetZeroTrustGatewayCertificateResult]func LookupZeroTrustGatewayCertificate(ctx *Context, args *LookupZeroTrustGatewayCertificateArgs, opts ...InvokeOption) (*LookupZeroTrustGatewayCertificateResult, error)
func LookupZeroTrustGatewayCertificateOutput(ctx *Context, args *LookupZeroTrustGatewayCertificateOutputArgs, opts ...InvokeOption) LookupZeroTrustGatewayCertificateResultOutput> Note: This function is named LookupZeroTrustGatewayCertificate in the Go SDK.
public static class GetZeroTrustGatewayCertificate
{
public static Task<GetZeroTrustGatewayCertificateResult> InvokeAsync(GetZeroTrustGatewayCertificateArgs args, InvokeOptions? opts = null)
public static Output<GetZeroTrustGatewayCertificateResult> Invoke(GetZeroTrustGatewayCertificateInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetZeroTrustGatewayCertificateResult> getZeroTrustGatewayCertificate(GetZeroTrustGatewayCertificateArgs args, InvokeOptions options)
public static Output<GetZeroTrustGatewayCertificateResult> getZeroTrustGatewayCertificate(GetZeroTrustGatewayCertificateArgs args, InvokeOptions options)
fn::invoke:
function: cloudflare:index/getZeroTrustGatewayCertificate:getZeroTrustGatewayCertificate
arguments:
# arguments dictionaryThe following arguments are supported:
- Account
Id string - Certificate
Id string - Identify the certificate with a UUID.
- Account
Id string - Certificate
Id string - Identify the certificate with a UUID.
- account
Id String - certificate
Id String - Identify the certificate with a UUID.
- account
Id string - certificate
Id string - Identify the certificate with a UUID.
- account_
id str - certificate_
id str - Identify the certificate with a UUID.
- account
Id String - certificate
Id String - Identify the certificate with a UUID.
getZeroTrustGatewayCertificate Result
The following output properties are available:
- Account
Id string - Binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- Certificate string
- Provide the CA certificate (read-only).
- Created
At string - Expires
On string - Fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- Id string
- Identify the certificate with a UUID.
- In
Use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - Issuer
Org string - Indicate the organization that issued the certificate (read-only).
- Issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- Type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", <span pulumi-lang-nodejs=""gatewayManaged"" pulumi-lang-dotnet=""GatewayManaged"" pulumi-lang-go=""gatewayManaged"" pulumi-lang-python=""gateway_managed"" pulumi-lang-yaml=""gatewayManaged"" pulumi-lang-java=""gatewayManaged"">"gateway_managed".
- Updated
At string - Uploaded
On string - Certificate
Id string - Identify the certificate with a UUID.
- Account
Id string - Binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- Certificate string
- Provide the CA certificate (read-only).
- Created
At string - Expires
On string - Fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- Id string
- Identify the certificate with a UUID.
- In
Use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - Issuer
Org string - Indicate the organization that issued the certificate (read-only).
- Issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- Type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", <span pulumi-lang-nodejs=""gatewayManaged"" pulumi-lang-dotnet=""GatewayManaged"" pulumi-lang-go=""gatewayManaged"" pulumi-lang-python=""gateway_managed"" pulumi-lang-yaml=""gatewayManaged"" pulumi-lang-java=""gatewayManaged"">"gateway_managed".
- Updated
At string - Uploaded
On string - Certificate
Id string - Identify the certificate with a UUID.
- account
Id String - binding
Status String - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate String
- Provide the CA certificate (read-only).
- created
At String - expires
On String - fingerprint String
- Provide the SHA256 fingerprint of the certificate (read-only).
- id String
- Identify the certificate with a UUID.
- in
Use Boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org String - Indicate the organization that issued the certificate (read-only).
- issuer
Raw String - Provide the entire issuer field of the certificate (read-only).
- type String
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", <span pulumi-lang-nodejs=""gatewayManaged"" pulumi-lang-dotnet=""GatewayManaged"" pulumi-lang-go=""gatewayManaged"" pulumi-lang-python=""gateway_managed"" pulumi-lang-yaml=""gatewayManaged"" pulumi-lang-java=""gatewayManaged"">"gateway_managed".
- updated
At String - uploaded
On String - certificate
Id String - Identify the certificate with a UUID.
- account
Id string - binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate string
- Provide the CA certificate (read-only).
- created
At string - expires
On string - fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- id string
- Identify the certificate with a UUID.
- in
Use boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org string - Indicate the organization that issued the certificate (read-only).
- issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", <span pulumi-lang-nodejs=""gatewayManaged"" pulumi-lang-dotnet=""GatewayManaged"" pulumi-lang-go=""gatewayManaged"" pulumi-lang-python=""gateway_managed"" pulumi-lang-yaml=""gatewayManaged"" pulumi-lang-java=""gatewayManaged"">"gateway_managed".
- updated
At string - uploaded
On string - certificate
Id string - Identify the certificate with a UUID.
- account_
id str - binding_
status str - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate str
- Provide the CA certificate (read-only).
- created_
at str - expires_
on str - fingerprint str
- Provide the SHA256 fingerprint of the certificate (read-only).
- id str
- Identify the certificate with a UUID.
- in_
use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer_
org str - Indicate the organization that issued the certificate (read-only).
- issuer_
raw str - Provide the entire issuer field of the certificate (read-only).
- type str
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", <span pulumi-lang-nodejs=""gatewayManaged"" pulumi-lang-dotnet=""GatewayManaged"" pulumi-lang-go=""gatewayManaged"" pulumi-lang-python=""gateway_managed"" pulumi-lang-yaml=""gatewayManaged"" pulumi-lang-java=""gatewayManaged"">"gateway_managed".
- updated_
at str - uploaded_
on str - certificate_
id str - Identify the certificate with a UUID.
- account
Id String - binding
Status String - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate String
- Provide the CA certificate (read-only).
- created
At String - expires
On String - fingerprint String
- Provide the SHA256 fingerprint of the certificate (read-only).
- id String
- Identify the certificate with a UUID.
- in
Use Boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org String - Indicate the organization that issued the certificate (read-only).
- issuer
Raw String - Provide the entire issuer field of the certificate (read-only).
- type String
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", <span pulumi-lang-nodejs=""gatewayManaged"" pulumi-lang-dotnet=""GatewayManaged"" pulumi-lang-go=""gatewayManaged"" pulumi-lang-python=""gateway_managed"" pulumi-lang-yaml=""gatewayManaged"" pulumi-lang-java=""gatewayManaged"">"gateway_managed".
- updated
At String - uploaded
On String - certificate
Id String - Identify the certificate with a UUID.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.
