1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. certificatemanager
  5. CertificateIssuanceConfig
Google Cloud Classic v7.19.0 published on Thursday, Apr 18, 2024 by Pulumi

gcp.certificatemanager.CertificateIssuanceConfig

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.19.0 published on Thursday, Apr 18, 2024 by Pulumi

    Certificate represents a HTTP-reachable backend for a Certificate.

    To get more information about CertificateIssuanceConfig, see:

    Example Usage

    Certificate Manager Certificate Issuance Config

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const pool = new gcp.certificateauthority.CaPool("pool", {
        name: "ca-pool",
        location: "us-central1",
        tier: "ENTERPRISE",
    });
    const _default = new gcp.certificatemanager.CertificateIssuanceConfig("default", {
        name: "issuance-config",
        description: "sample description for the certificate issuanceConfigs",
        certificateAuthorityConfig: {
            certificateAuthorityServiceConfig: {
                caPool: pool.id,
            },
        },
        lifetime: "1814400s",
        rotationWindowPercentage: 34,
        keyAlgorithm: "ECDSA_P256",
        labels: {
            name: "wrench",
            count: "3",
        },
    });
    const caAuthority = new gcp.certificateauthority.Authority("ca_authority", {
        location: "us-central1",
        pool: pool.name,
        certificateAuthorityId: "ca-authority",
        config: {
            subjectConfig: {
                subject: {
                    organization: "HashiCorp",
                    commonName: "my-certificate-authority",
                },
                subjectAltName: {
                    dnsNames: ["hashicorp.com"],
                },
            },
            x509Config: {
                caOptions: {
                    isCa: true,
                },
                keyUsage: {
                    baseKeyUsage: {
                        certSign: true,
                        crlSign: true,
                    },
                    extendedKeyUsage: {
                        serverAuth: true,
                    },
                },
            },
        },
        keySpec: {
            algorithm: "RSA_PKCS1_4096_SHA256",
        },
        deletionProtection: false,
        skipGracePeriod: true,
        ignoreActiveCertificatesOnDeletion: true,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    pool = gcp.certificateauthority.CaPool("pool",
        name="ca-pool",
        location="us-central1",
        tier="ENTERPRISE")
    default = gcp.certificatemanager.CertificateIssuanceConfig("default",
        name="issuance-config",
        description="sample description for the certificate issuanceConfigs",
        certificate_authority_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs(
            certificate_authority_service_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs(
                ca_pool=pool.id,
            ),
        ),
        lifetime="1814400s",
        rotation_window_percentage=34,
        key_algorithm="ECDSA_P256",
        labels={
            "name": "wrench",
            "count": "3",
        })
    ca_authority = gcp.certificateauthority.Authority("ca_authority",
        location="us-central1",
        pool=pool.name,
        certificate_authority_id="ca-authority",
        config=gcp.certificateauthority.AuthorityConfigArgs(
            subject_config=gcp.certificateauthority.AuthorityConfigSubjectConfigArgs(
                subject=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectArgs(
                    organization="HashiCorp",
                    common_name="my-certificate-authority",
                ),
                subject_alt_name=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs(
                    dns_names=["hashicorp.com"],
                ),
            ),
            x509_config=gcp.certificateauthority.AuthorityConfigX509ConfigArgs(
                ca_options=gcp.certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs(
                    is_ca=True,
                ),
                key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs(
                    base_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs(
                        cert_sign=True,
                        crl_sign=True,
                    ),
                    extended_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs(
                        server_auth=True,
                    ),
                ),
            ),
        ),
        key_spec=gcp.certificateauthority.AuthorityKeySpecArgs(
            algorithm="RSA_PKCS1_4096_SHA256",
        ),
        deletion_protection=False,
        skip_grace_period=True,
        ignore_active_certificates_on_deletion=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificateauthority"
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		pool, err := certificateauthority.NewCaPool(ctx, "pool", &certificateauthority.CaPoolArgs{
    			Name:     pulumi.String("ca-pool"),
    			Location: pulumi.String("us-central1"),
    			Tier:     pulumi.String("ENTERPRISE"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = certificatemanager.NewCertificateIssuanceConfig(ctx, "default", &certificatemanager.CertificateIssuanceConfigArgs{
    			Name:        pulumi.String("issuance-config"),
    			Description: pulumi.String("sample description for the certificate issuanceConfigs"),
    			CertificateAuthorityConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs{
    				CertificateAuthorityServiceConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs{
    					CaPool: pool.ID(),
    				},
    			},
    			Lifetime:                 pulumi.String("1814400s"),
    			RotationWindowPercentage: pulumi.Int(34),
    			KeyAlgorithm:             pulumi.String("ECDSA_P256"),
    			Labels: pulumi.StringMap{
    				"name":  pulumi.String("wrench"),
    				"count": pulumi.String("3"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = certificateauthority.NewAuthority(ctx, "ca_authority", &certificateauthority.AuthorityArgs{
    			Location:               pulumi.String("us-central1"),
    			Pool:                   pool.Name,
    			CertificateAuthorityId: pulumi.String("ca-authority"),
    			Config: &certificateauthority.AuthorityConfigArgs{
    				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
    					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
    						Organization: pulumi.String("HashiCorp"),
    						CommonName:   pulumi.String("my-certificate-authority"),
    					},
    					SubjectAltName: &certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs{
    						DnsNames: pulumi.StringArray{
    							pulumi.String("hashicorp.com"),
    						},
    					},
    				},
    				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
    					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
    						IsCa: pulumi.Bool(true),
    					},
    					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
    						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
    							CertSign: pulumi.Bool(true),
    							CrlSign:  pulumi.Bool(true),
    						},
    						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
    							ServerAuth: pulumi.Bool(true),
    						},
    					},
    				},
    			},
    			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
    				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
    			},
    			DeletionProtection:                 pulumi.Bool(false),
    			SkipGracePeriod:                    pulumi.Bool(true),
    			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var pool = new Gcp.CertificateAuthority.CaPool("pool", new()
        {
            Name = "ca-pool",
            Location = "us-central1",
            Tier = "ENTERPRISE",
        });
    
        var @default = new Gcp.CertificateManager.CertificateIssuanceConfig("default", new()
        {
            Name = "issuance-config",
            Description = "sample description for the certificate issuanceConfigs",
            CertificateAuthorityConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
            {
                CertificateAuthorityServiceConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
                {
                    CaPool = pool.Id,
                },
            },
            Lifetime = "1814400s",
            RotationWindowPercentage = 34,
            KeyAlgorithm = "ECDSA_P256",
            Labels = 
            {
                { "name", "wrench" },
                { "count", "3" },
            },
        });
    
        var caAuthority = new Gcp.CertificateAuthority.Authority("ca_authority", new()
        {
            Location = "us-central1",
            Pool = pool.Name,
            CertificateAuthorityId = "ca-authority",
            Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigArgs
            {
                SubjectConfig = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigArgs
                {
                    Subject = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectArgs
                    {
                        Organization = "HashiCorp",
                        CommonName = "my-certificate-authority",
                    },
                    SubjectAltName = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs
                    {
                        DnsNames = new[]
                        {
                            "hashicorp.com",
                        },
                    },
                },
                X509Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigArgs
                {
                    CaOptions = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigCaOptionsArgs
                    {
                        IsCa = true,
                    },
                    KeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageArgs
                    {
                        BaseKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs
                        {
                            CertSign = true,
                            CrlSign = true,
                        },
                        ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs
                        {
                            ServerAuth = true,
                        },
                    },
                },
            },
            KeySpec = new Gcp.CertificateAuthority.Inputs.AuthorityKeySpecArgs
            {
                Algorithm = "RSA_PKCS1_4096_SHA256",
            },
            DeletionProtection = false,
            SkipGracePeriod = true,
            IgnoreActiveCertificatesOnDeletion = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.certificateauthority.CaPool;
    import com.pulumi.gcp.certificateauthority.CaPoolArgs;
    import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfig;
    import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs;
    import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs;
    import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs;
    import com.pulumi.gcp.certificateauthority.Authority;
    import com.pulumi.gcp.certificateauthority.AuthorityArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs;
    import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var pool = new CaPool("pool", CaPoolArgs.builder()        
                .name("ca-pool")
                .location("us-central1")
                .tier("ENTERPRISE")
                .build());
    
            var default_ = new CertificateIssuanceConfig("default", CertificateIssuanceConfigArgs.builder()        
                .name("issuance-config")
                .description("sample description for the certificate issuanceConfigs")
                .certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder()
                    .certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder()
                        .caPool(pool.id())
                        .build())
                    .build())
                .lifetime("1814400s")
                .rotationWindowPercentage(34)
                .keyAlgorithm("ECDSA_P256")
                .labels(Map.ofEntries(
                    Map.entry("name", "wrench"),
                    Map.entry("count", "3")
                ))
                .build());
    
            var caAuthority = new Authority("caAuthority", AuthorityArgs.builder()        
                .location("us-central1")
                .pool(pool.name())
                .certificateAuthorityId("ca-authority")
                .config(AuthorityConfigArgs.builder()
                    .subjectConfig(AuthorityConfigSubjectConfigArgs.builder()
                        .subject(AuthorityConfigSubjectConfigSubjectArgs.builder()
                            .organization("HashiCorp")
                            .commonName("my-certificate-authority")
                            .build())
                        .subjectAltName(AuthorityConfigSubjectConfigSubjectAltNameArgs.builder()
                            .dnsNames("hashicorp.com")
                            .build())
                        .build())
                    .x509Config(AuthorityConfigX509ConfigArgs.builder()
                        .caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder()
                            .isCa(true)
                            .build())
                        .keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder()
                            .baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder()
                                .certSign(true)
                                .crlSign(true)
                                .build())
                            .extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder()
                                .serverAuth(true)
                                .build())
                            .build())
                        .build())
                    .build())
                .keySpec(AuthorityKeySpecArgs.builder()
                    .algorithm("RSA_PKCS1_4096_SHA256")
                    .build())
                .deletionProtection(false)
                .skipGracePeriod(true)
                .ignoreActiveCertificatesOnDeletion(true)
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:certificatemanager:CertificateIssuanceConfig
        properties:
          name: issuance-config
          description: sample description for the certificate issuanceConfigs
          certificateAuthorityConfig:
            certificateAuthorityServiceConfig:
              caPool: ${pool.id}
          lifetime: 1814400s
          rotationWindowPercentage: 34
          keyAlgorithm: ECDSA_P256
          labels:
            name: wrench
            count: '3'
      pool:
        type: gcp:certificateauthority:CaPool
        properties:
          name: ca-pool
          location: us-central1
          tier: ENTERPRISE
      caAuthority:
        type: gcp:certificateauthority:Authority
        name: ca_authority
        properties:
          location: us-central1
          pool: ${pool.name}
          certificateAuthorityId: ca-authority
          config:
            subjectConfig:
              subject:
                organization: HashiCorp
                commonName: my-certificate-authority
              subjectAltName:
                dnsNames:
                  - hashicorp.com
            x509Config:
              caOptions:
                isCa: true
              keyUsage:
                baseKeyUsage:
                  certSign: true
                  crlSign: true
                extendedKeyUsage:
                  serverAuth: true
          keySpec:
            algorithm: RSA_PKCS1_4096_SHA256
          deletionProtection: false
          skipGracePeriod: true
          ignoreActiveCertificatesOnDeletion: true
    

    Create CertificateIssuanceConfig Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CertificateIssuanceConfig(name: string, args: CertificateIssuanceConfigArgs, opts?: CustomResourceOptions);
    @overload
    def CertificateIssuanceConfig(resource_name: str,
                                  args: CertificateIssuanceConfigArgs,
                                  opts: Optional[ResourceOptions] = None)
    
    @overload
    def CertificateIssuanceConfig(resource_name: str,
                                  opts: Optional[ResourceOptions] = None,
                                  certificate_authority_config: Optional[CertificateIssuanceConfigCertificateAuthorityConfigArgs] = None,
                                  key_algorithm: Optional[str] = None,
                                  lifetime: Optional[str] = None,
                                  rotation_window_percentage: Optional[int] = None,
                                  description: Optional[str] = None,
                                  labels: Optional[Mapping[str, str]] = None,
                                  location: Optional[str] = None,
                                  name: Optional[str] = None,
                                  project: Optional[str] = None)
    func NewCertificateIssuanceConfig(ctx *Context, name string, args CertificateIssuanceConfigArgs, opts ...ResourceOption) (*CertificateIssuanceConfig, error)
    public CertificateIssuanceConfig(string name, CertificateIssuanceConfigArgs args, CustomResourceOptions? opts = null)
    public CertificateIssuanceConfig(String name, CertificateIssuanceConfigArgs args)
    public CertificateIssuanceConfig(String name, CertificateIssuanceConfigArgs args, CustomResourceOptions options)
    
    type: gcp:certificatemanager:CertificateIssuanceConfig
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args CertificateIssuanceConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CertificateIssuanceConfigArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CertificateIssuanceConfigArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CertificateIssuanceConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CertificateIssuanceConfigArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var certificateIssuanceConfigResource = new Gcp.CertificateManager.CertificateIssuanceConfig("certificateIssuanceConfigResource", new()
    {
        CertificateAuthorityConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
        {
            CertificateAuthorityServiceConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
            {
                CaPool = "string",
            },
        },
        KeyAlgorithm = "string",
        Lifetime = "string",
        RotationWindowPercentage = 0,
        Description = "string",
        Labels = 
        {
            { "string", "string" },
        },
        Location = "string",
        Name = "string",
        Project = "string",
    });
    
    example, err := certificatemanager.NewCertificateIssuanceConfig(ctx, "certificateIssuanceConfigResource", &certificatemanager.CertificateIssuanceConfigArgs{
    	CertificateAuthorityConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs{
    		CertificateAuthorityServiceConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs{
    			CaPool: pulumi.String("string"),
    		},
    	},
    	KeyAlgorithm:             pulumi.String("string"),
    	Lifetime:                 pulumi.String("string"),
    	RotationWindowPercentage: pulumi.Int(0),
    	Description:              pulumi.String("string"),
    	Labels: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Location: pulumi.String("string"),
    	Name:     pulumi.String("string"),
    	Project:  pulumi.String("string"),
    })
    
    var certificateIssuanceConfigResource = new CertificateIssuanceConfig("certificateIssuanceConfigResource", CertificateIssuanceConfigArgs.builder()        
        .certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder()
            .certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder()
                .caPool("string")
                .build())
            .build())
        .keyAlgorithm("string")
        .lifetime("string")
        .rotationWindowPercentage(0)
        .description("string")
        .labels(Map.of("string", "string"))
        .location("string")
        .name("string")
        .project("string")
        .build());
    
    certificate_issuance_config_resource = gcp.certificatemanager.CertificateIssuanceConfig("certificateIssuanceConfigResource",
        certificate_authority_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs(
            certificate_authority_service_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs(
                ca_pool="string",
            ),
        ),
        key_algorithm="string",
        lifetime="string",
        rotation_window_percentage=0,
        description="string",
        labels={
            "string": "string",
        },
        location="string",
        name="string",
        project="string")
    
    const certificateIssuanceConfigResource = new gcp.certificatemanager.CertificateIssuanceConfig("certificateIssuanceConfigResource", {
        certificateAuthorityConfig: {
            certificateAuthorityServiceConfig: {
                caPool: "string",
            },
        },
        keyAlgorithm: "string",
        lifetime: "string",
        rotationWindowPercentage: 0,
        description: "string",
        labels: {
            string: "string",
        },
        location: "string",
        name: "string",
        project: "string",
    });
    
    type: gcp:certificatemanager:CertificateIssuanceConfig
    properties:
        certificateAuthorityConfig:
            certificateAuthorityServiceConfig:
                caPool: string
        description: string
        keyAlgorithm: string
        labels:
            string: string
        lifetime: string
        location: string
        name: string
        project: string
        rotationWindowPercentage: 0
    

    CertificateIssuanceConfig Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CertificateIssuanceConfig resource accepts the following input properties:

    CertificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfig
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    KeyAlgorithm string
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    Lifetime string
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    RotationWindowPercentage int
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    Description string
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    Labels Dictionary<string, string>

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    Location string
    The Certificate Manager location. If not specified, "global" is used.
    Name string
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    CertificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfigArgs
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    KeyAlgorithm string
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    Lifetime string
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    RotationWindowPercentage int
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    Description string
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    Labels map[string]string

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    Location string
    The Certificate Manager location. If not specified, "global" is used.
    Name string
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfig
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    keyAlgorithm String
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    lifetime String
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    rotationWindowPercentage Integer
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    description String
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    labels Map<String,String>

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    location String
    The Certificate Manager location. If not specified, "global" is used.
    name String
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfig
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    keyAlgorithm string
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    lifetime string
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    rotationWindowPercentage number
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    description string
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    labels {[key: string]: string}

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    location string
    The Certificate Manager location. If not specified, "global" is used.
    name string
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificate_authority_config CertificateIssuanceConfigCertificateAuthorityConfigArgs
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    key_algorithm str
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    lifetime str
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    rotation_window_percentage int
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    description str
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    labels Mapping[str, str]

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    location str
    The Certificate Manager location. If not specified, "global" is used.
    name str
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificateAuthorityConfig Property Map
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    keyAlgorithm String
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    lifetime String
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    rotationWindowPercentage Number
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    description String
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    labels Map<String>

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    location String
    The Certificate Manager location. If not specified, "global" is used.
    name String
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CertificateIssuanceConfig resource produces the following output properties:

    CreateTime string
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    EffectiveLabels Dictionary<string, string>
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    Id string
    The provider-assigned unique ID for this managed resource.
    PulumiLabels Dictionary<string, string>
    The combination of labels configured directly on the resource and default labels configured on the provider.
    UpdateTime string
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    CreateTime string
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    EffectiveLabels map[string]string
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    Id string
    The provider-assigned unique ID for this managed resource.
    PulumiLabels map[string]string
    The combination of labels configured directly on the resource and default labels configured on the provider.
    UpdateTime string
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    createTime String
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    effectiveLabels Map<String,String>
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    id String
    The provider-assigned unique ID for this managed resource.
    pulumiLabels Map<String,String>
    The combination of labels configured directly on the resource and default labels configured on the provider.
    updateTime String
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    createTime string
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    effectiveLabels {[key: string]: string}
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    id string
    The provider-assigned unique ID for this managed resource.
    pulumiLabels {[key: string]: string}
    The combination of labels configured directly on the resource and default labels configured on the provider.
    updateTime string
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    create_time str
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    effective_labels Mapping[str, str]
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    id str
    The provider-assigned unique ID for this managed resource.
    pulumi_labels Mapping[str, str]
    The combination of labels configured directly on the resource and default labels configured on the provider.
    update_time str
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    createTime String
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    effectiveLabels Map<String>
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    id String
    The provider-assigned unique ID for this managed resource.
    pulumiLabels Map<String>
    The combination of labels configured directly on the resource and default labels configured on the provider.
    updateTime String
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

    Look up Existing CertificateIssuanceConfig Resource

    Get an existing CertificateIssuanceConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CertificateIssuanceConfigState, opts?: CustomResourceOptions): CertificateIssuanceConfig
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            certificate_authority_config: Optional[CertificateIssuanceConfigCertificateAuthorityConfigArgs] = None,
            create_time: Optional[str] = None,
            description: Optional[str] = None,
            effective_labels: Optional[Mapping[str, str]] = None,
            key_algorithm: Optional[str] = None,
            labels: Optional[Mapping[str, str]] = None,
            lifetime: Optional[str] = None,
            location: Optional[str] = None,
            name: Optional[str] = None,
            project: Optional[str] = None,
            pulumi_labels: Optional[Mapping[str, str]] = None,
            rotation_window_percentage: Optional[int] = None,
            update_time: Optional[str] = None) -> CertificateIssuanceConfig
    func GetCertificateIssuanceConfig(ctx *Context, name string, id IDInput, state *CertificateIssuanceConfigState, opts ...ResourceOption) (*CertificateIssuanceConfig, error)
    public static CertificateIssuanceConfig Get(string name, Input<string> id, CertificateIssuanceConfigState? state, CustomResourceOptions? opts = null)
    public static CertificateIssuanceConfig get(String name, Output<String> id, CertificateIssuanceConfigState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    CertificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfig
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    CreateTime string
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    Description string
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    EffectiveLabels Dictionary<string, string>
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    KeyAlgorithm string
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    Labels Dictionary<string, string>

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    Lifetime string
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    Location string
    The Certificate Manager location. If not specified, "global" is used.
    Name string
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    PulumiLabels Dictionary<string, string>
    The combination of labels configured directly on the resource and default labels configured on the provider.
    RotationWindowPercentage int
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    UpdateTime string
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    CertificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfigArgs
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    CreateTime string
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    Description string
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    EffectiveLabels map[string]string
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    KeyAlgorithm string
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    Labels map[string]string

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    Lifetime string
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    Location string
    The Certificate Manager location. If not specified, "global" is used.
    Name string
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    PulumiLabels map[string]string
    The combination of labels configured directly on the resource and default labels configured on the provider.
    RotationWindowPercentage int
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    UpdateTime string
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    certificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfig
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    createTime String
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    description String
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    effectiveLabels Map<String,String>
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    keyAlgorithm String
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    labels Map<String,String>

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    lifetime String
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    location String
    The Certificate Manager location. If not specified, "global" is used.
    name String
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    pulumiLabels Map<String,String>
    The combination of labels configured directly on the resource and default labels configured on the provider.
    rotationWindowPercentage Integer
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    updateTime String
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    certificateAuthorityConfig CertificateIssuanceConfigCertificateAuthorityConfig
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    createTime string
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    description string
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    effectiveLabels {[key: string]: string}
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    keyAlgorithm string
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    labels {[key: string]: string}

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    lifetime string
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    location string
    The Certificate Manager location. If not specified, "global" is used.
    name string
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    pulumiLabels {[key: string]: string}
    The combination of labels configured directly on the resource and default labels configured on the provider.
    rotationWindowPercentage number
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    updateTime string
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    certificate_authority_config CertificateIssuanceConfigCertificateAuthorityConfigArgs
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    create_time str
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    description str
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    effective_labels Mapping[str, str]
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    key_algorithm str
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    labels Mapping[str, str]

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    lifetime str
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    location str
    The Certificate Manager location. If not specified, "global" is used.
    name str
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    pulumi_labels Mapping[str, str]
    The combination of labels configured directly on the resource and default labels configured on the provider.
    rotation_window_percentage int
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    update_time str
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    certificateAuthorityConfig Property Map
    The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
    createTime String
    The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    description String
    One or more paragraphs of text description of a CertificateIssuanceConfig.
    effectiveLabels Map<String>
    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
    keyAlgorithm String
    Key algorithm to use when generating the private key. Possible values are: RSA_2048, ECDSA_P256.
    labels Map<String>

    'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    lifetime String
    Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
    location String
    The Certificate Manager location. If not specified, "global" is used.
    name String
    A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    pulumiLabels Map<String>
    The combination of labels configured directly on the resource and default labels configured on the provider.
    rotationWindowPercentage Number
    It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
    updateTime String
    The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

    Supporting Types

    CertificateIssuanceConfigCertificateAuthorityConfig, CertificateIssuanceConfigCertificateAuthorityConfigArgs

    certificateAuthorityServiceConfig Property Map
    Defines a CertificateAuthorityServiceConfig. Structure is documented below.

    CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfig, CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs

    CaPool string
    A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}".


    CaPool string
    A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}".


    caPool String
    A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}".


    caPool string
    A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}".


    ca_pool str
    A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}".


    caPool String
    A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}".


    Import

    CertificateIssuanceConfig can be imported using any of these accepted formats:

    • projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}

    • {{project}}/{{location}}/{{name}}

    • {{location}}/{{name}}

    When using the pulumi import command, CertificateIssuanceConfig can be imported using one of the formats above. For example:

    $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}
    
    $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{project}}/{{location}}/{{name}}
    
    $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{location}}/{{name}}
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v7.19.0 published on Thursday, Apr 18, 2024 by Pulumi