google-native logo
Google Cloud Native v0.30.0, Apr 14 23

google-native.certificatemanager/v1.Certificate

Explore with Pulumi AI

Creates a new Certificate in a given project and location.

Create Certificate Resource

new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                certificate_id: Optional[str] = None,
                description: Optional[str] = None,
                labels: Optional[Mapping[str, str]] = None,
                location: Optional[str] = None,
                managed: Optional[ManagedCertificateArgs] = None,
                name: Optional[str] = None,
                project: Optional[str] = None,
                scope: Optional[CertificateScope] = None,
                self_managed: Optional[SelfManagedCertificateArgs] = None)
@overload
def Certificate(resource_name: str,
                args: CertificateArgs,
                opts: Optional[ResourceOptions] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: google-native:certificatemanager/v1:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Certificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Certificate resource accepts the following input properties:

CertificateId string

Required. A user-provided name of the certificate.

Description string

One or more paragraphs of text description of a certificate.

Labels Dictionary<string, string>

Set of labels associated with a Certificate.

Location string
Managed Pulumi.GoogleNative.CertificateManager.V1.Inputs.ManagedCertificateArgs

If set, contains configuration and state of a managed certificate.

Name string

A user-defined name of the certificate. Certificate names must be unique globally and match pattern projects/*/locations/*/certificates/*.

Project string
Scope Pulumi.GoogleNative.CertificateManager.V1.CertificateScope

Immutable. The scope of the certificate.

SelfManaged Pulumi.GoogleNative.CertificateManager.V1.Inputs.SelfManagedCertificateArgs

If set, defines data of a self-managed certificate.

CertificateId string

Required. A user-provided name of the certificate.

Description string

One or more paragraphs of text description of a certificate.

Labels map[string]string

Set of labels associated with a Certificate.

Location string
Managed ManagedCertificateArgs

If set, contains configuration and state of a managed certificate.

Name string

A user-defined name of the certificate. Certificate names must be unique globally and match pattern projects/*/locations/*/certificates/*.

Project string
Scope CertificateScope

Immutable. The scope of the certificate.

SelfManaged SelfManagedCertificateArgs

If set, defines data of a self-managed certificate.

certificateId String

Required. A user-provided name of the certificate.

description String

One or more paragraphs of text description of a certificate.

labels Map<String,String>

Set of labels associated with a Certificate.

location String
managed ManagedCertificateArgs

If set, contains configuration and state of a managed certificate.

name String

A user-defined name of the certificate. Certificate names must be unique globally and match pattern projects/*/locations/*/certificates/*.

project String
scope CertificateScope

Immutable. The scope of the certificate.

selfManaged SelfManagedCertificateArgs

If set, defines data of a self-managed certificate.

certificateId string

Required. A user-provided name of the certificate.

description string

One or more paragraphs of text description of a certificate.

labels {[key: string]: string}

Set of labels associated with a Certificate.

location string
managed ManagedCertificateArgs

If set, contains configuration and state of a managed certificate.

name string

A user-defined name of the certificate. Certificate names must be unique globally and match pattern projects/*/locations/*/certificates/*.

project string
scope CertificateScope

Immutable. The scope of the certificate.

selfManaged SelfManagedCertificateArgs

If set, defines data of a self-managed certificate.

certificate_id str

Required. A user-provided name of the certificate.

description str

One or more paragraphs of text description of a certificate.

labels Mapping[str, str]

Set of labels associated with a Certificate.

location str
managed ManagedCertificateArgs

If set, contains configuration and state of a managed certificate.

name str

A user-defined name of the certificate. Certificate names must be unique globally and match pattern projects/*/locations/*/certificates/*.

project str
scope CertificateScope

Immutable. The scope of the certificate.

self_managed SelfManagedCertificateArgs

If set, defines data of a self-managed certificate.

certificateId String

Required. A user-provided name of the certificate.

description String

One or more paragraphs of text description of a certificate.

labels Map<String>

Set of labels associated with a Certificate.

location String
managed Property Map

If set, contains configuration and state of a managed certificate.

name String

A user-defined name of the certificate. Certificate names must be unique globally and match pattern projects/*/locations/*/certificates/*.

project String
scope "DEFAULT" | "EDGE_CACHE"

Immutable. The scope of the certificate.

selfManaged Property Map

If set, defines data of a self-managed certificate.

Outputs

All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:

CreateTime string

The creation timestamp of a Certificate.

ExpireTime string

The expiry timestamp of a Certificate.

Id string

The provider-assigned unique ID for this managed resource.

PemCertificate string

The PEM-encoded certificate chain.

SanDnsnames List<string>

The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.

UpdateTime string

The last update timestamp of a Certificate.

CreateTime string

The creation timestamp of a Certificate.

ExpireTime string

The expiry timestamp of a Certificate.

Id string

The provider-assigned unique ID for this managed resource.

PemCertificate string

The PEM-encoded certificate chain.

SanDnsnames []string

The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.

UpdateTime string

The last update timestamp of a Certificate.

createTime String

The creation timestamp of a Certificate.

expireTime String

The expiry timestamp of a Certificate.

id String

The provider-assigned unique ID for this managed resource.

pemCertificate String

The PEM-encoded certificate chain.

sanDnsnames List<String>

The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.

updateTime String

The last update timestamp of a Certificate.

createTime string

The creation timestamp of a Certificate.

expireTime string

The expiry timestamp of a Certificate.

id string

The provider-assigned unique ID for this managed resource.

pemCertificate string

The PEM-encoded certificate chain.

sanDnsnames string[]

The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.

updateTime string

The last update timestamp of a Certificate.

create_time str

The creation timestamp of a Certificate.

expire_time str

The expiry timestamp of a Certificate.

id str

The provider-assigned unique ID for this managed resource.

pem_certificate str

The PEM-encoded certificate chain.

san_dnsnames Sequence[str]

The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.

update_time str

The last update timestamp of a Certificate.

createTime String

The creation timestamp of a Certificate.

expireTime String

The expiry timestamp of a Certificate.

id String

The provider-assigned unique ID for this managed resource.

pemCertificate String

The PEM-encoded certificate chain.

sanDnsnames List<String>

The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.

updateTime String

The last update timestamp of a Certificate.

Supporting Types

AuthorizationAttemptInfoResponse

Details string

Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.

Domain string

Domain name of the authorization attempt.

FailureReason string

Reason for failure of the authorization attempt for the domain.

State string

State of the domain for managed certificate issuance.

Details string

Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.

Domain string

Domain name of the authorization attempt.

FailureReason string

Reason for failure of the authorization attempt for the domain.

State string

State of the domain for managed certificate issuance.

details String

Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.

domain String

Domain name of the authorization attempt.

failureReason String

Reason for failure of the authorization attempt for the domain.

state String

State of the domain for managed certificate issuance.

details string

Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.

domain string

Domain name of the authorization attempt.

failureReason string

Reason for failure of the authorization attempt for the domain.

state string

State of the domain for managed certificate issuance.

details str

Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.

domain str

Domain name of the authorization attempt.

failure_reason str

Reason for failure of the authorization attempt for the domain.

state str

State of the domain for managed certificate issuance.

details String

Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.

domain String

Domain name of the authorization attempt.

failureReason String

Reason for failure of the authorization attempt for the domain.

state String

State of the domain for managed certificate issuance.

CertificateScope

Default
DEFAULT

Certificates with default scope are served from core Google data centers. If unsure, choose this option.

EdgeCache
EDGE_CACHE

Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.

CertificateScopeDefault
DEFAULT

Certificates with default scope are served from core Google data centers. If unsure, choose this option.

CertificateScopeEdgeCache
EDGE_CACHE

Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.

Default
DEFAULT

Certificates with default scope are served from core Google data centers. If unsure, choose this option.

EdgeCache
EDGE_CACHE

Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.

Default
DEFAULT

Certificates with default scope are served from core Google data centers. If unsure, choose this option.

EdgeCache
EDGE_CACHE

Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.

DEFAULT
DEFAULT

Certificates with default scope are served from core Google data centers. If unsure, choose this option.

EDGE_CACHE
EDGE_CACHE

Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.

"DEFAULT"
DEFAULT

Certificates with default scope are served from core Google data centers. If unsure, choose this option.

"EDGE_CACHE"
EDGE_CACHE

Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.

ManagedCertificate

DnsAuthorizations List<string>

Immutable. Authorizations that will be used for performing domain authorization.

Domains List<string>

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

IssuanceConfig string

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

DnsAuthorizations []string

Immutable. Authorizations that will be used for performing domain authorization.

Domains []string

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

IssuanceConfig string

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

dnsAuthorizations List<String>

Immutable. Authorizations that will be used for performing domain authorization.

domains List<String>

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuanceConfig String

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

dnsAuthorizations string[]

Immutable. Authorizations that will be used for performing domain authorization.

domains string[]

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuanceConfig string

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

dns_authorizations Sequence[str]

Immutable. Authorizations that will be used for performing domain authorization.

domains Sequence[str]

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuance_config str

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

dnsAuthorizations List<String>

Immutable. Authorizations that will be used for performing domain authorization.

domains List<String>

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuanceConfig String

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

ManagedCertificateResponse

AuthorizationAttemptInfo List<Pulumi.GoogleNative.CertificateManager.V1.Inputs.AuthorizationAttemptInfoResponse>

Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.

DnsAuthorizations List<string>

Immutable. Authorizations that will be used for performing domain authorization.

Domains List<string>

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

IssuanceConfig string

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

ProvisioningIssue Pulumi.GoogleNative.CertificateManager.V1.Inputs.ProvisioningIssueResponse

Information about issues with provisioning a Managed Certificate.

State string

State of the managed certificate resource.

AuthorizationAttemptInfo []AuthorizationAttemptInfoResponse

Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.

DnsAuthorizations []string

Immutable. Authorizations that will be used for performing domain authorization.

Domains []string

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

IssuanceConfig string

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

ProvisioningIssue ProvisioningIssueResponse

Information about issues with provisioning a Managed Certificate.

State string

State of the managed certificate resource.

authorizationAttemptInfo List<AuthorizationAttemptInfoResponse>

Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.

dnsAuthorizations List<String>

Immutable. Authorizations that will be used for performing domain authorization.

domains List<String>

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuanceConfig String

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

provisioningIssue ProvisioningIssueResponse

Information about issues with provisioning a Managed Certificate.

state String

State of the managed certificate resource.

authorizationAttemptInfo AuthorizationAttemptInfoResponse[]

Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.

dnsAuthorizations string[]

Immutable. Authorizations that will be used for performing domain authorization.

domains string[]

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuanceConfig string

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

provisioningIssue ProvisioningIssueResponse

Information about issues with provisioning a Managed Certificate.

state string

State of the managed certificate resource.

authorization_attempt_info Sequence[AuthorizationAttemptInfoResponse]

Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.

dns_authorizations Sequence[str]

Immutable. Authorizations that will be used for performing domain authorization.

domains Sequence[str]

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuance_config str

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

provisioning_issue ProvisioningIssueResponse

Information about issues with provisioning a Managed Certificate.

state str

State of the managed certificate resource.

authorizationAttemptInfo List<Property Map>

Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.

dnsAuthorizations List<String>

Immutable. Authorizations that will be used for performing domain authorization.

domains List<String>

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

issuanceConfig String

Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.

provisioningIssue Property Map

Information about issues with provisioning a Managed Certificate.

state String

State of the managed certificate resource.

ProvisioningIssueResponse

Details string

Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.

Reason string

Reason for provisioning failures.

Details string

Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.

Reason string

Reason for provisioning failures.

details String

Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.

reason String

Reason for provisioning failures.

details string

Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.

reason string

Reason for provisioning failures.

details str

Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.

reason str

Reason for provisioning failures.

details String

Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.

reason String

Reason for provisioning failures.

SelfManagedCertificate

PemCertificate string

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

PemPrivateKey string

Input only. The PEM-encoded private key of the leaf certificate.

PemCertificate string

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

PemPrivateKey string

Input only. The PEM-encoded private key of the leaf certificate.

pemCertificate String

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pemPrivateKey String

Input only. The PEM-encoded private key of the leaf certificate.

pemCertificate string

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pemPrivateKey string

Input only. The PEM-encoded private key of the leaf certificate.

pem_certificate str

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pem_private_key str

Input only. The PEM-encoded private key of the leaf certificate.

pemCertificate String

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pemPrivateKey String

Input only. The PEM-encoded private key of the leaf certificate.

SelfManagedCertificateResponse

PemCertificate string

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

PemPrivateKey string

Input only. The PEM-encoded private key of the leaf certificate.

PemCertificate string

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

PemPrivateKey string

Input only. The PEM-encoded private key of the leaf certificate.

pemCertificate String

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pemPrivateKey String

Input only. The PEM-encoded private key of the leaf certificate.

pemCertificate string

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pemPrivateKey string

Input only. The PEM-encoded private key of the leaf certificate.

pem_certificate str

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pem_private_key str

Input only. The PEM-encoded private key of the leaf certificate.

pemCertificate String

Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.

pemPrivateKey String

Input only. The PEM-encoded private key of the leaf certificate.

Package Details

Repository
Google Cloud Native pulumi/pulumi-google-native
License
Apache-2.0