Docs
PackagesGoogle Cloud Classic v7.20.0 published on Wednesday, Apr 24, 2024 by Pulumi
gcp.certificatemanager.CertificateIssuanceConfig
Explore with Pulumi AI
Certificate represents a HTTP-reachable backend for a Certificate.
To get more information about CertificateIssuanceConfig, see:
- API documentation
- How-to Guides
Example Usage
Certificate Manager Certificate Issuance Config
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const pool = new gcp.certificateauthority.CaPool("pool", {
name: "ca-pool",
location: "us-central1",
tier: "ENTERPRISE",
});
const _default = new gcp.certificatemanager.CertificateIssuanceConfig("default", {
name: "issuance-config",
description: "sample description for the certificate issuanceConfigs",
certificateAuthorityConfig: {
certificateAuthorityServiceConfig: {
caPool: pool.id,
},
},
lifetime: "1814400s",
rotationWindowPercentage: 34,
keyAlgorithm: "ECDSA_P256",
labels: {
name: "wrench",
count: "3",
},
});
const caAuthority = new gcp.certificateauthority.Authority("ca_authority", {
location: "us-central1",
pool: pool.name,
certificateAuthorityId: "ca-authority",
config: {
subjectConfig: {
subject: {
organization: "HashiCorp",
commonName: "my-certificate-authority",
},
subjectAltName: {
dnsNames: ["hashicorp.com"],
},
},
x509Config: {
caOptions: {
isCa: true,
},
keyUsage: {
baseKeyUsage: {
certSign: true,
crlSign: true,
},
extendedKeyUsage: {
serverAuth: true,
},
},
},
},
keySpec: {
algorithm: "RSA_PKCS1_4096_SHA256",
},
deletionProtection: false,
skipGracePeriod: true,
ignoreActiveCertificatesOnDeletion: true,
});
import pulumi
import pulumi_gcp as gcp
pool = gcp.certificateauthority.CaPool("pool",
name="ca-pool",
location="us-central1",
tier="ENTERPRISE")
default = gcp.certificatemanager.CertificateIssuanceConfig("default",
name="issuance-config",
description="sample description for the certificate issuanceConfigs",
certificate_authority_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs(
certificate_authority_service_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs(
ca_pool=pool.id,
),
),
lifetime="1814400s",
rotation_window_percentage=34,
key_algorithm="ECDSA_P256",
labels={
"name": "wrench",
"count": "3",
})
ca_authority = gcp.certificateauthority.Authority("ca_authority",
location="us-central1",
pool=pool.name,
certificate_authority_id="ca-authority",
config=gcp.certificateauthority.AuthorityConfigArgs(
subject_config=gcp.certificateauthority.AuthorityConfigSubjectConfigArgs(
subject=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectArgs(
organization="HashiCorp",
common_name="my-certificate-authority",
),
subject_alt_name=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs(
dns_names=["hashicorp.com"],
),
),
x509_config=gcp.certificateauthority.AuthorityConfigX509ConfigArgs(
ca_options=gcp.certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs(
is_ca=True,
),
key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs(
base_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs(
cert_sign=True,
crl_sign=True,
),
extended_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs(
server_auth=True,
),
),
),
),
key_spec=gcp.certificateauthority.AuthorityKeySpecArgs(
algorithm="RSA_PKCS1_4096_SHA256",
),
deletion_protection=False,
skip_grace_period=True,
ignore_active_certificates_on_deletion=True)
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
pool, err := certificateauthority.NewCaPool(ctx, "pool", &certificateauthority.CaPoolArgs{
Name: pulumi.String("ca-pool"),
Location: pulumi.String("us-central1"),
Tier: pulumi.String("ENTERPRISE"),
})
if err != nil {
return err
}
_, err = certificatemanager.NewCertificateIssuanceConfig(ctx, "default", &certificatemanager.CertificateIssuanceConfigArgs{
Name: pulumi.String("issuance-config"),
Description: pulumi.String("sample description for the certificate issuanceConfigs"),
CertificateAuthorityConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs{
CertificateAuthorityServiceConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs{
CaPool: pool.ID(),
},
},
Lifetime: pulumi.String("1814400s"),
RotationWindowPercentage: pulumi.Int(34),
KeyAlgorithm: pulumi.String("ECDSA_P256"),
Labels: pulumi.StringMap{
"name": pulumi.String("wrench"),
"count": pulumi.String("3"),
},
})
if err != nil {
return err
}
_, err = certificateauthority.NewAuthority(ctx, "ca_authority", &certificateauthority.AuthorityArgs{
Location: pulumi.String("us-central1"),
Pool: pool.Name,
CertificateAuthorityId: pulumi.String("ca-authority"),
Config: &certificateauthority.AuthorityConfigArgs{
SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
Organization: pulumi.String("HashiCorp"),
CommonName: pulumi.String("my-certificate-authority"),
},
SubjectAltName: &certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs{
DnsNames: pulumi.StringArray{
pulumi.String("hashicorp.com"),
},
},
},
X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
IsCa: pulumi.Bool(true),
},
KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
CertSign: pulumi.Bool(true),
CrlSign: pulumi.Bool(true),
},
ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
ServerAuth: pulumi.Bool(true),
},
},
},
},
KeySpec: &certificateauthority.AuthorityKeySpecArgs{
Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
},
DeletionProtection: pulumi.Bool(false),
SkipGracePeriod: pulumi.Bool(true),
IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var pool = new Gcp.CertificateAuthority.CaPool("pool", new()
{
Name = "ca-pool",
Location = "us-central1",
Tier = "ENTERPRISE",
});
var @default = new Gcp.CertificateManager.CertificateIssuanceConfig("default", new()
{
Name = "issuance-config",
Description = "sample description for the certificate issuanceConfigs",
CertificateAuthorityConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
{
CertificateAuthorityServiceConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
{
CaPool = pool.Id,
},
},
Lifetime = "1814400s",
RotationWindowPercentage = 34,
KeyAlgorithm = "ECDSA_P256",
Labels =
{
{ "name", "wrench" },
{ "count", "3" },
},
});
var caAuthority = new Gcp.CertificateAuthority.Authority("ca_authority", new()
{
Location = "us-central1",
Pool = pool.Name,
CertificateAuthorityId = "ca-authority",
Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigArgs
{
SubjectConfig = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigArgs
{
Subject = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectArgs
{
Organization = "HashiCorp",
CommonName = "my-certificate-authority",
},
SubjectAltName = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs
{
DnsNames = new[]
{
"hashicorp.com",
},
},
},
X509Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigArgs
{
CaOptions = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigCaOptionsArgs
{
IsCa = true,
},
KeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageArgs
{
BaseKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs
{
CertSign = true,
CrlSign = true,
},
ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs
{
ServerAuth = true,
},
},
},
},
KeySpec = new Gcp.CertificateAuthority.Inputs.AuthorityKeySpecArgs
{
Algorithm = "RSA_PKCS1_4096_SHA256",
},
DeletionProtection = false,
SkipGracePeriod = true,
IgnoreActiveCertificatesOnDeletion = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.certificateauthority.CaPool;
import com.pulumi.gcp.certificateauthority.CaPoolArgs;
import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfig;
import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs;
import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs;
import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs;
import com.pulumi.gcp.certificateauthority.Authority;
import com.pulumi.gcp.certificateauthority.AuthorityArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pool = new CaPool("pool", CaPoolArgs.builder()
.name("ca-pool")
.location("us-central1")
.tier("ENTERPRISE")
.build());
var default_ = new CertificateIssuanceConfig("default", CertificateIssuanceConfigArgs.builder()
.name("issuance-config")
.description("sample description for the certificate issuanceConfigs")
.certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder()
.certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder()
.caPool(pool.id())
.build())
.build())
.lifetime("1814400s")
.rotationWindowPercentage(34)
.keyAlgorithm("ECDSA_P256")
.labels(Map.ofEntries(
Map.entry("name", "wrench"),
Map.entry("count", "3")
))
.build());
var caAuthority = new Authority("caAuthority", AuthorityArgs.builder()
.location("us-central1")
.pool(pool.name())
.certificateAuthorityId("ca-authority")
.config(AuthorityConfigArgs.builder()
.subjectConfig(AuthorityConfigSubjectConfigArgs.builder()
.subject(AuthorityConfigSubjectConfigSubjectArgs.builder()
.organization("HashiCorp")
.commonName("my-certificate-authority")
.build())
.subjectAltName(AuthorityConfigSubjectConfigSubjectAltNameArgs.builder()
.dnsNames("hashicorp.com")
.build())
.build())
.x509Config(AuthorityConfigX509ConfigArgs.builder()
.caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder()
.isCa(true)
.build())
.keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder()
.baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder()
.certSign(true)
.crlSign(true)
.build())
.extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder()
.serverAuth(true)
.build())
.build())
.build())
.build())
.keySpec(AuthorityKeySpecArgs.builder()
.algorithm("RSA_PKCS1_4096_SHA256")
.build())
.deletionProtection(false)
.skipGracePeriod(true)
.ignoreActiveCertificatesOnDeletion(true)
.build());
}
}
resources:
default:
type: gcp:certificatemanager:CertificateIssuanceConfig
properties:
name: issuance-config
description: sample description for the certificate issuanceConfigs
certificateAuthorityConfig:
certificateAuthorityServiceConfig:
caPool: ${pool.id}
lifetime: 1814400s
rotationWindowPercentage: 34
keyAlgorithm: ECDSA_P256
labels:
name: wrench
count: '3'
pool:
type: gcp:certificateauthority:CaPool
properties:
name: ca-pool
location: us-central1
tier: ENTERPRISE
caAuthority:
type: gcp:certificateauthority:Authority
name: ca_authority
properties:
location: us-central1
pool: ${pool.name}
certificateAuthorityId: ca-authority
config:
subjectConfig:
subject:
organization: HashiCorp
commonName: my-certificate-authority
subjectAltName:
dnsNames:
- hashicorp.com
x509Config:
caOptions:
isCa: true
keyUsage:
baseKeyUsage:
certSign: true
crlSign: true
extendedKeyUsage:
serverAuth: true
keySpec:
algorithm: RSA_PKCS1_4096_SHA256
deletionProtection: false
skipGracePeriod: true
ignoreActiveCertificatesOnDeletion: true
Create CertificateIssuanceConfig Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CertificateIssuanceConfig(name: string, args: CertificateIssuanceConfigArgs, opts?: CustomResourceOptions);@overload
def CertificateIssuanceConfig(resource_name: str,
args: CertificateIssuanceConfigArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CertificateIssuanceConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate_authority_config: Optional[CertificateIssuanceConfigCertificateAuthorityConfigArgs] = None,
key_algorithm: Optional[str] = None,
lifetime: Optional[str] = None,
rotation_window_percentage: Optional[int] = None,
description: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None)func NewCertificateIssuanceConfig(ctx *Context, name string, args CertificateIssuanceConfigArgs, opts ...ResourceOption) (*CertificateIssuanceConfig, error)public CertificateIssuanceConfig(string name, CertificateIssuanceConfigArgs args, CustomResourceOptions? opts = null)
public CertificateIssuanceConfig(String name, CertificateIssuanceConfigArgs args)
public CertificateIssuanceConfig(String name, CertificateIssuanceConfigArgs args, CustomResourceOptions options)
type: gcp:certificatemanager:CertificateIssuanceConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CertificateIssuanceConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertificateIssuanceConfigArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertificateIssuanceConfigArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateIssuanceConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertificateIssuanceConfigArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var certificateIssuanceConfigResource = new Gcp.CertificateManager.CertificateIssuanceConfig("certificateIssuanceConfigResource", new()
{
CertificateAuthorityConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
{
CertificateAuthorityServiceConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
{
CaPool = "string",
},
},
KeyAlgorithm = "string",
Lifetime = "string",
RotationWindowPercentage = 0,
Description = "string",
Labels =
{
{ "string", "string" },
},
Location = "string",
Name = "string",
Project = "string",
});
example, err := certificatemanager.NewCertificateIssuanceConfig(ctx, "certificateIssuanceConfigResource", &certificatemanager.CertificateIssuanceConfigArgs{
CertificateAuthorityConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs{
CertificateAuthorityServiceConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs{
CaPool: pulumi.String("string"),
},
},
KeyAlgorithm: pulumi.String("string"),
Lifetime: pulumi.String("string"),
RotationWindowPercentage: pulumi.Int(0),
Description: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Location: pulumi.String("string"),
Name: pulumi.String("string"),
Project: pulumi.String("string"),
})
var certificateIssuanceConfigResource = new CertificateIssuanceConfig("certificateIssuanceConfigResource", CertificateIssuanceConfigArgs.builder()
.certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder()
.certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder()
.caPool("string")
.build())
.build())
.keyAlgorithm("string")
.lifetime("string")
.rotationWindowPercentage(0)
.description("string")
.labels(Map.of("string", "string"))
.location("string")
.name("string")
.project("string")
.build());
certificate_issuance_config_resource = gcp.certificatemanager.CertificateIssuanceConfig("certificateIssuanceConfigResource",
certificate_authority_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs(
certificate_authority_service_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs(
ca_pool="string",
),
),
key_algorithm="string",
lifetime="string",
rotation_window_percentage=0,
description="string",
labels={
"string": "string",
},
location="string",
name="string",
project="string")
const certificateIssuanceConfigResource = new gcp.certificatemanager.CertificateIssuanceConfig("certificateIssuanceConfigResource", {
certificateAuthorityConfig: {
certificateAuthorityServiceConfig: {
caPool: "string",
},
},
keyAlgorithm: "string",
lifetime: "string",
rotationWindowPercentage: 0,
description: "string",
labels: {
string: "string",
},
location: "string",
name: "string",
project: "string",
});
type: gcp:certificatemanager:CertificateIssuanceConfig
properties:
certificateAuthorityConfig:
certificateAuthorityServiceConfig:
caPool: string
description: string
keyAlgorithm: string
labels:
string: string
lifetime: string
location: string
name: string
project: string
rotationWindowPercentage: 0
CertificateIssuanceConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The CertificateIssuanceConfig resource accepts the following input properties:
-
Certificate
Issuance Config Certificate Authority Config - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- Key
Algorithm string - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - Lifetime string
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- Rotation
Window intPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- Description string
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- Labels Dictionary<string, string>
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- Location string
- The Certificate Manager location. If not specified, "global" is used.
- Name string
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- Project string
-
Certificate
Issuance Config Certificate Authority Config Args - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- Key
Algorithm string - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - Lifetime string
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- Rotation
Window intPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- Description string
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- Labels map[string]string
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- Location string
- The Certificate Manager location. If not specified, "global" is used.
- Name string
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- Project string
-
Certificate
Issuance Config Certificate Authority Config - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- key
Algorithm String - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - lifetime String
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- rotation
Window IntegerPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- description String
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- labels Map<String,String>
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- location String
- The Certificate Manager location. If not specified, "global" is used.
- name String
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project String
-
Certificate
Issuance Config Certificate Authority Config - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- key
Algorithm string - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - lifetime string
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- rotation
Window numberPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- description string
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- labels {[key: string]: string}
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- location string
- The Certificate Manager location. If not specified, "global" is used.
- name string
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project string
-
Certificate
Issuance Config Certificate Authority Config Args - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- key_
algorithm str - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - lifetime str
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- rotation_
window_ intpercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- description str
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- labels Mapping[str, str]
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- location str
- The Certificate Manager location. If not specified, "global" is used.
- name str
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project str
- Property Map
- The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- key
Algorithm String - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - lifetime String
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- rotation
Window NumberPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- description String
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- labels Map<String>
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- location String
- The Certificate Manager location. If not specified, "global" is used.
- name String
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project String
Outputs
All input properties are implicitly available as output properties. Additionally, the CertificateIssuanceConfig resource produces the following output properties:
- Create
Time string - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- Effective
Labels Dictionary<string, string> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Id string
- The provider-assigned unique ID for this managed resource.
- Pulumi
Labels Dictionary<string, string> - The combination of labels configured directly on the resource and default labels configured on the provider.
- Update
Time string - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- Create
Time string - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- Effective
Labels map[string]string - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Id string
- The provider-assigned unique ID for this managed resource.
- Pulumi
Labels map[string]string - The combination of labels configured directly on the resource and default labels configured on the provider.
- Update
Time string - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- create
Time String - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- effective
Labels Map<String,String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id String
- The provider-assigned unique ID for this managed resource.
- pulumi
Labels Map<String,String> - The combination of labels configured directly on the resource and default labels configured on the provider.
- update
Time String - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- create
Time string - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- effective
Labels {[key: string]: string} - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id string
- The provider-assigned unique ID for this managed resource.
- pulumi
Labels {[key: string]: string} - The combination of labels configured directly on the resource and default labels configured on the provider.
- update
Time string - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- create_
time str - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- effective_
labels Mapping[str, str] - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id str
- The provider-assigned unique ID for this managed resource.
- pulumi_
labels Mapping[str, str] - The combination of labels configured directly on the resource and default labels configured on the provider.
- update_
time str - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- create
Time String - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- effective
Labels Map<String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id String
- The provider-assigned unique ID for this managed resource.
- pulumi
Labels Map<String> - The combination of labels configured directly on the resource and default labels configured on the provider.
- update
Time String - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
Look up Existing CertificateIssuanceConfig Resource
Get an existing CertificateIssuanceConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CertificateIssuanceConfigState, opts?: CustomResourceOptions): CertificateIssuanceConfig@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
certificate_authority_config: Optional[CertificateIssuanceConfigCertificateAuthorityConfigArgs] = None,
create_time: Optional[str] = None,
description: Optional[str] = None,
effective_labels: Optional[Mapping[str, str]] = None,
key_algorithm: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
lifetime: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None,
pulumi_labels: Optional[Mapping[str, str]] = None,
rotation_window_percentage: Optional[int] = None,
update_time: Optional[str] = None) -> CertificateIssuanceConfigfunc GetCertificateIssuanceConfig(ctx *Context, name string, id IDInput, state *CertificateIssuanceConfigState, opts ...ResourceOption) (*CertificateIssuanceConfig, error)public static CertificateIssuanceConfig Get(string name, Input<string> id, CertificateIssuanceConfigState? state, CustomResourceOptions? opts = null)public static CertificateIssuanceConfig get(String name, Output<String> id, CertificateIssuanceConfigState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
-
Certificate
Issuance Config Certificate Authority Config - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- Create
Time string - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- Description string
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- Effective
Labels Dictionary<string, string> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Key
Algorithm string - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - Labels Dictionary<string, string>
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- Lifetime string
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- Location string
- The Certificate Manager location. If not specified, "global" is used.
- Name string
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- Project string
- Pulumi
Labels Dictionary<string, string> - The combination of labels configured directly on the resource and default labels configured on the provider.
- Rotation
Window intPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- Update
Time string - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
-
Certificate
Issuance Config Certificate Authority Config Args - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- Create
Time string - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- Description string
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- Effective
Labels map[string]string - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Key
Algorithm string - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - Labels map[string]string
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- Lifetime string
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- Location string
- The Certificate Manager location. If not specified, "global" is used.
- Name string
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- Project string
- Pulumi
Labels map[string]string - The combination of labels configured directly on the resource and default labels configured on the provider.
- Rotation
Window intPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- Update
Time string - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
-
Certificate
Issuance Config Certificate Authority Config - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- create
Time String - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- description String
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- effective
Labels Map<String,String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- key
Algorithm String - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - labels Map<String,String>
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- lifetime String
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- location String
- The Certificate Manager location. If not specified, "global" is used.
- name String
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project String
- pulumi
Labels Map<String,String> - The combination of labels configured directly on the resource and default labels configured on the provider.
- rotation
Window IntegerPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- update
Time String - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
-
Certificate
Issuance Config Certificate Authority Config - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- create
Time string - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- description string
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- effective
Labels {[key: string]: string} - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- key
Algorithm string - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - labels {[key: string]: string}
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- lifetime string
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- location string
- The Certificate Manager location. If not specified, "global" is used.
- name string
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project string
- pulumi
Labels {[key: string]: string} - The combination of labels configured directly on the resource and default labels configured on the provider.
- rotation
Window numberPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- update
Time string - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
-
Certificate
Issuance Config Certificate Authority Config Args - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- create_
time str - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- description str
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- effective_
labels Mapping[str, str] - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- key_
algorithm str - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - labels Mapping[str, str]
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- lifetime str
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- location str
- The Certificate Manager location. If not specified, "global" is used.
- name str
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project str
- pulumi_
labels Mapping[str, str] - The combination of labels configured directly on the resource and default labels configured on the provider.
- rotation_
window_ intpercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- update_
time str - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- Property Map
- The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.
- create
Time String - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
- description String
- One or more paragraphs of text description of a CertificateIssuanceConfig.
- effective
Labels Map<String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- key
Algorithm String - Key algorithm to use when generating the private key.
Possible values are:
RSA_2048,ECDSA_P256. - labels Map<String>
- 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- lifetime String
- Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
- location String
- The Certificate Manager location. If not specified, "global" is used.
- name String
- A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.
- project String
- pulumi
Labels Map<String> - The combination of labels configured directly on the resource and default labels configured on the provider.
- rotation
Window NumberPercentage - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.
- update
Time String - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
Supporting Types
CertificateIssuanceConfigCertificateAuthorityConfig, CertificateIssuanceConfigCertificateAuthorityConfigArgs
-
Certificate
Issuance Config Certificate Authority Config Certificate Authority Service Config - Defines a CertificateAuthorityServiceConfig. Structure is documented below.
-
Certificate
Issuance Config Certificate Authority Config Certificate Authority Service Config - Defines a CertificateAuthorityServiceConfig. Structure is documented below.
-
Certificate
Issuance Config Certificate Authority Config Certificate Authority Service Config - Defines a CertificateAuthorityServiceConfig. Structure is documented below.
-
Certificate
Issuance Config Certificate Authority Config Certificate Authority Service Config - Defines a CertificateAuthorityServiceConfig. Structure is documented below.
-
Certificate
Issuance Config Certificate Authority Config Certificate Authority Service Config - Defines a CertificateAuthorityServiceConfig. Structure is documented below.
- Property Map
- Defines a CertificateAuthorityServiceConfig. Structure is documented below.
CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfig, CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
- Ca
Pool string - A CA pool resource used to issue a certificate.
The CA pool string has a relative resource path following the form
"projects/{project}/locations/{location}/caPools/{caPool}".
- Ca
Pool string - A CA pool resource used to issue a certificate.
The CA pool string has a relative resource path following the form
"projects/{project}/locations/{location}/caPools/{caPool}".
- ca
Pool String - A CA pool resource used to issue a certificate.
The CA pool string has a relative resource path following the form
"projects/{project}/locations/{location}/caPools/{caPool}".
- ca
Pool string - A CA pool resource used to issue a certificate.
The CA pool string has a relative resource path following the form
"projects/{project}/locations/{location}/caPools/{caPool}".
- ca_
pool str - A CA pool resource used to issue a certificate.
The CA pool string has a relative resource path following the form
"projects/{project}/locations/{location}/caPools/{caPool}".
- ca
Pool String - A CA pool resource used to issue a certificate.
The CA pool string has a relative resource path following the form
"projects/{project}/locations/{location}/caPools/{caPool}".
Import
CertificateIssuanceConfig can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}{{project}}/{{location}}/{{name}}{{location}}/{{name}}
When using the pulumi import command, CertificateIssuanceConfig can be imported using one of the formats above. For example:
$ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}
$ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{project}}/{{location}}/{{name}}
$ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{location}}/{{name}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-betaTerraform Provider.