Google Cloud Native v0.30.0, Apr 14 23
Google Cloud Native v0.30.0, Apr 14 23
google-native.certificatemanager/v1.Certificate
Explore with Pulumi AI
Creates a new Certificate in a given project and location.
Create Certificate Resource
new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate_id: Optional[str] = None,
description: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
location: Optional[str] = None,
managed: Optional[ManagedCertificateArgs] = None,
name: Optional[str] = None,
project: Optional[str] = None,
scope: Optional[CertificateScope] = None,
self_managed: Optional[SelfManagedCertificateArgs] = None)
@overload
def Certificate(resource_name: str,
args: CertificateArgs,
opts: Optional[ResourceOptions] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: google-native:certificatemanager/v1:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Certificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Certificate resource accepts the following input properties:
- Certificate
Id string Required. A user-provided name of the certificate.
- Description string
One or more paragraphs of text description of a certificate.
- Labels Dictionary<string, string>
Set of labels associated with a Certificate.
- Location string
- Managed
Pulumi.
Google Native. Certificate Manager. V1. Inputs. Managed Certificate Args If set, contains configuration and state of a managed certificate.
- Name string
A user-defined name of the certificate. Certificate names must be unique globally and match pattern
projects/*/locations/*/certificates/*
.- Project string
- Scope
Pulumi.
Google Native. Certificate Manager. V1. Certificate Scope Immutable. The scope of the certificate.
- Self
Managed Pulumi.Google Native. Certificate Manager. V1. Inputs. Self Managed Certificate Args If set, defines data of a self-managed certificate.
- Certificate
Id string Required. A user-provided name of the certificate.
- Description string
One or more paragraphs of text description of a certificate.
- Labels map[string]string
Set of labels associated with a Certificate.
- Location string
- Managed
Managed
Certificate Args If set, contains configuration and state of a managed certificate.
- Name string
A user-defined name of the certificate. Certificate names must be unique globally and match pattern
projects/*/locations/*/certificates/*
.- Project string
- Scope
Certificate
Scope Immutable. The scope of the certificate.
- Self
Managed SelfManaged Certificate Args If set, defines data of a self-managed certificate.
- certificate
Id String Required. A user-provided name of the certificate.
- description String
One or more paragraphs of text description of a certificate.
- labels Map<String,String>
Set of labels associated with a Certificate.
- location String
- managed
Managed
Certificate Args If set, contains configuration and state of a managed certificate.
- name String
A user-defined name of the certificate. Certificate names must be unique globally and match pattern
projects/*/locations/*/certificates/*
.- project String
- scope
Certificate
Scope Immutable. The scope of the certificate.
- self
Managed SelfManaged Certificate Args If set, defines data of a self-managed certificate.
- certificate
Id string Required. A user-provided name of the certificate.
- description string
One or more paragraphs of text description of a certificate.
- labels {[key: string]: string}
Set of labels associated with a Certificate.
- location string
- managed
Managed
Certificate Args If set, contains configuration and state of a managed certificate.
- name string
A user-defined name of the certificate. Certificate names must be unique globally and match pattern
projects/*/locations/*/certificates/*
.- project string
- scope
Certificate
Scope Immutable. The scope of the certificate.
- self
Managed SelfManaged Certificate Args If set, defines data of a self-managed certificate.
- certificate_
id str Required. A user-provided name of the certificate.
- description str
One or more paragraphs of text description of a certificate.
- labels Mapping[str, str]
Set of labels associated with a Certificate.
- location str
- managed
Managed
Certificate Args If set, contains configuration and state of a managed certificate.
- name str
A user-defined name of the certificate. Certificate names must be unique globally and match pattern
projects/*/locations/*/certificates/*
.- project str
- scope
Certificate
Scope Immutable. The scope of the certificate.
- self_
managed SelfManaged Certificate Args If set, defines data of a self-managed certificate.
- certificate
Id String Required. A user-provided name of the certificate.
- description String
One or more paragraphs of text description of a certificate.
- labels Map<String>
Set of labels associated with a Certificate.
- location String
- managed Property Map
If set, contains configuration and state of a managed certificate.
- name String
A user-defined name of the certificate. Certificate names must be unique globally and match pattern
projects/*/locations/*/certificates/*
.- project String
- scope "DEFAULT" | "EDGE_CACHE"
Immutable. The scope of the certificate.
- self
Managed Property Map If set, defines data of a self-managed certificate.
Outputs
All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:
- Create
Time string The creation timestamp of a Certificate.
- Expire
Time string The expiry timestamp of a Certificate.
- Id string
The provider-assigned unique ID for this managed resource.
- Pem
Certificate string The PEM-encoded certificate chain.
- San
Dnsnames List<string> The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.
- Update
Time string The last update timestamp of a Certificate.
- Create
Time string The creation timestamp of a Certificate.
- Expire
Time string The expiry timestamp of a Certificate.
- Id string
The provider-assigned unique ID for this managed resource.
- Pem
Certificate string The PEM-encoded certificate chain.
- San
Dnsnames []string The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.
- Update
Time string The last update timestamp of a Certificate.
- create
Time String The creation timestamp of a Certificate.
- expire
Time String The expiry timestamp of a Certificate.
- id String
The provider-assigned unique ID for this managed resource.
- pem
Certificate String The PEM-encoded certificate chain.
- san
Dnsnames List<String> The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.
- update
Time String The last update timestamp of a Certificate.
- create
Time string The creation timestamp of a Certificate.
- expire
Time string The expiry timestamp of a Certificate.
- id string
The provider-assigned unique ID for this managed resource.
- pem
Certificate string The PEM-encoded certificate chain.
- san
Dnsnames string[] The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.
- update
Time string The last update timestamp of a Certificate.
- create_
time str The creation timestamp of a Certificate.
- expire_
time str The expiry timestamp of a Certificate.
- id str
The provider-assigned unique ID for this managed resource.
- pem_
certificate str The PEM-encoded certificate chain.
- san_
dnsnames Sequence[str] The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.
- update_
time str The last update timestamp of a Certificate.
- create
Time String The creation timestamp of a Certificate.
- expire
Time String The expiry timestamp of a Certificate.
- id String
The provider-assigned unique ID for this managed resource.
- pem
Certificate String The PEM-encoded certificate chain.
- san
Dnsnames List<String> The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.
- update
Time String The last update timestamp of a Certificate.
Supporting Types
AuthorizationAttemptInfoResponse
- Details string
Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
- Domain string
Domain name of the authorization attempt.
- Failure
Reason string Reason for failure of the authorization attempt for the domain.
- State string
State of the domain for managed certificate issuance.
- Details string
Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
- Domain string
Domain name of the authorization attempt.
- Failure
Reason string Reason for failure of the authorization attempt for the domain.
- State string
State of the domain for managed certificate issuance.
- details String
Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
- domain String
Domain name of the authorization attempt.
- failure
Reason String Reason for failure of the authorization attempt for the domain.
- state String
State of the domain for managed certificate issuance.
- details string
Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
- domain string
Domain name of the authorization attempt.
- failure
Reason string Reason for failure of the authorization attempt for the domain.
- state string
State of the domain for managed certificate issuance.
- details str
Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
- domain str
Domain name of the authorization attempt.
- failure_
reason str Reason for failure of the authorization attempt for the domain.
- state str
State of the domain for managed certificate issuance.
- details String
Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
- domain String
Domain name of the authorization attempt.
- failure
Reason String Reason for failure of the authorization attempt for the domain.
- state String
State of the domain for managed certificate issuance.
CertificateScope
- Default
- DEFAULT
Certificates with default scope are served from core Google data centers. If unsure, choose this option.
- Edge
Cache - EDGE_CACHE
Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.
- Certificate
Scope Default - DEFAULT
Certificates with default scope are served from core Google data centers. If unsure, choose this option.
- Certificate
Scope Edge Cache - EDGE_CACHE
Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.
- Default
- DEFAULT
Certificates with default scope are served from core Google data centers. If unsure, choose this option.
- Edge
Cache - EDGE_CACHE
Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.
- Default
- DEFAULT
Certificates with default scope are served from core Google data centers. If unsure, choose this option.
- Edge
Cache - EDGE_CACHE
Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.
- DEFAULT
- DEFAULT
Certificates with default scope are served from core Google data centers. If unsure, choose this option.
- EDGE_CACHE
- EDGE_CACHE
Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.
- "DEFAULT"
- DEFAULT
Certificates with default scope are served from core Google data centers. If unsure, choose this option.
- "EDGE_CACHE"
- EDGE_CACHE
Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.
ManagedCertificate
- List<string>
Immutable. Authorizations that will be used for performing domain authorization.
- Domains List<string>
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- Issuance
Config string Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
- []string
Immutable. Authorizations that will be used for performing domain authorization.
- Domains []string
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- Issuance
Config string Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
- List<String>
Immutable. Authorizations that will be used for performing domain authorization.
- domains List<String>
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance
Config String Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
- string[]
Immutable. Authorizations that will be used for performing domain authorization.
- domains string[]
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance
Config string Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
- Sequence[str]
Immutable. Authorizations that will be used for performing domain authorization.
- domains Sequence[str]
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance_
config str Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
- List<String>
Immutable. Authorizations that will be used for performing domain authorization.
- domains List<String>
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance
Config String Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
ManagedCertificateResponse
- List<Pulumi.
Google Native. Certificate Manager. V1. Inputs. Authorization Attempt Info Response> Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
- List<string>
Immutable. Authorizations that will be used for performing domain authorization.
- Domains List<string>
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- Issuance
Config string Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.- Provisioning
Issue Pulumi.Google Native. Certificate Manager. V1. Inputs. Provisioning Issue Response Information about issues with provisioning a Managed Certificate.
- State string
State of the managed certificate resource.
- []Authorization
Attempt Info Response Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
- []string
Immutable. Authorizations that will be used for performing domain authorization.
- Domains []string
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- Issuance
Config string Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.- Provisioning
Issue ProvisioningIssue Response Information about issues with provisioning a Managed Certificate.
- State string
State of the managed certificate resource.
- List<Authorization
Attempt Info Response> Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
- List<String>
Immutable. Authorizations that will be used for performing domain authorization.
- domains List<String>
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance
Config String Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.- provisioning
Issue ProvisioningIssue Response Information about issues with provisioning a Managed Certificate.
- state String
State of the managed certificate resource.
- Authorization
Attempt Info Response[] Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
- string[]
Immutable. Authorizations that will be used for performing domain authorization.
- domains string[]
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance
Config string Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.- provisioning
Issue ProvisioningIssue Response Information about issues with provisioning a Managed Certificate.
- state string
State of the managed certificate resource.
- Sequence[Authorization
Attempt Info Response] Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
- Sequence[str]
Immutable. Authorizations that will be used for performing domain authorization.
- domains Sequence[str]
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance_
config str Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.- provisioning_
issue ProvisioningIssue Response Information about issues with provisioning a Managed Certificate.
- state str
State of the managed certificate resource.
- List<Property Map>
Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
- List<String>
Immutable. Authorizations that will be used for performing domain authorization.
- domains List<String>
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
- issuance
Config String Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format
projects/*/locations/*/certificateIssuanceConfigs/*
. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.- provisioning
Issue Property Map Information about issues with provisioning a Managed Certificate.
- state String
State of the managed certificate resource.
ProvisioningIssueResponse
SelfManagedCertificate
- Pem
Certificate string Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- Pem
Private stringKey Input only. The PEM-encoded private key of the leaf certificate.
- Pem
Certificate string Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- Pem
Private stringKey Input only. The PEM-encoded private key of the leaf certificate.
- pem
Certificate String Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem
Private StringKey Input only. The PEM-encoded private key of the leaf certificate.
- pem
Certificate string Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem
Private stringKey Input only. The PEM-encoded private key of the leaf certificate.
- pem_
certificate str Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem_
private_ strkey Input only. The PEM-encoded private key of the leaf certificate.
- pem
Certificate String Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem
Private StringKey Input only. The PEM-encoded private key of the leaf certificate.
SelfManagedCertificateResponse
- Pem
Certificate string Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- Pem
Private stringKey Input only. The PEM-encoded private key of the leaf certificate.
- Pem
Certificate string Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- Pem
Private stringKey Input only. The PEM-encoded private key of the leaf certificate.
- pem
Certificate String Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem
Private StringKey Input only. The PEM-encoded private key of the leaf certificate.
- pem
Certificate string Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem
Private stringKey Input only. The PEM-encoded private key of the leaf certificate.
- pem_
certificate str Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem_
private_ strkey Input only. The PEM-encoded private key of the leaf certificate.
- pem
Certificate String Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
- pem
Private StringKey Input only. The PEM-encoded private key of the leaf certificate.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0