ibm 1.78.0, Apr 30 25

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm.SmPrivateCertificate

Explore with Pulumi AI

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const smPrivateCertificate = new ibm.SmPrivateCertificate("smPrivateCertificate", {
    instanceId: ibm_resource_instance.sm_instance.guid,
    region: "us-south",
    certificateTemplate: resource.ibm_sm_private_certificate_configuration_template.my_template.name,
    customMetadata: {
        key: "value",
    },
    description: "Extended description for this secret.",
    commonName: "example.com",
    labels: ["my-label"],
    rotation: {
        autoRotate: true,
        interval: 1,
        unit: "day",
    },
    secretGroupId: ibm_sm_secret_group.sm_secret_group.secret_group_id,
    ttl: "48h",
});

import pulumi
import pulumi_ibm as ibm

sm_private_certificate = ibm.SmPrivateCertificate("smPrivateCertificate",
    instance_id=ibm_resource_instance["sm_instance"]["guid"],
    region="us-south",
    certificate_template=resource["ibm_sm_private_certificate_configuration_template"]["my_template"]["name"],
    custom_metadata={
        "key": "value",
    },
    description="Extended description for this secret.",
    common_name="example.com",
    labels=["my-label"],
    rotation={
        "auto_rotate": True,
        "interval": 1,
        "unit": "day",
    },
    secret_group_id=ibm_sm_secret_group["sm_secret_group"]["secret_group_id"],
    ttl="48h")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewSmPrivateCertificate(ctx, "smPrivateCertificate", &ibm.SmPrivateCertificateArgs{
			InstanceId:          pulumi.Any(ibm_resource_instance.Sm_instance.Guid),
			Region:              pulumi.String("us-south"),
			CertificateTemplate: pulumi.Any(resource.Ibm_sm_private_certificate_configuration_template.My_template.Name),
			CustomMetadata: pulumi.StringMap{
				"key": pulumi.String("value"),
			},
			Description: pulumi.String("Extended description for this secret."),
			CommonName:  pulumi.String("example.com"),
			Labels: pulumi.StringArray{
				pulumi.String("my-label"),
			},
			Rotation: &ibm.SmPrivateCertificateRotationArgs{
				AutoRotate: pulumi.Bool(true),
				Interval:   pulumi.Float64(1),
				Unit:       pulumi.String("day"),
			},
			SecretGroupId: pulumi.Any(ibm_sm_secret_group.Sm_secret_group.Secret_group_id),
			Ttl:           pulumi.String("48h"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var smPrivateCertificate = new Ibm.SmPrivateCertificate("smPrivateCertificate", new()
    {
        InstanceId = ibm_resource_instance.Sm_instance.Guid,
        Region = "us-south",
        CertificateTemplate = resource.Ibm_sm_private_certificate_configuration_template.My_template.Name,
        CustomMetadata = 
        {
            { "key", "value" },
        },
        Description = "Extended description for this secret.",
        CommonName = "example.com",
        Labels = new[]
        {
            "my-label",
        },
        Rotation = new Ibm.Inputs.SmPrivateCertificateRotationArgs
        {
            AutoRotate = true,
            Interval = 1,
            Unit = "day",
        },
        SecretGroupId = ibm_sm_secret_group.Sm_secret_group.Secret_group_id,
        Ttl = "48h",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.SmPrivateCertificate;
import com.pulumi.ibm.SmPrivateCertificateArgs;
import com.pulumi.ibm.inputs.SmPrivateCertificateRotationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var smPrivateCertificate = new SmPrivateCertificate("smPrivateCertificate", SmPrivateCertificateArgs.builder()
            .instanceId(ibm_resource_instance.sm_instance().guid())
            .region("us-south")
            .certificateTemplate(resource.ibm_sm_private_certificate_configuration_template().my_template().name())
            .customMetadata(Map.of("key", "value"))
            .description("Extended description for this secret.")
            .commonName("example.com")
            .labels("my-label")
            .rotation(SmPrivateCertificateRotationArgs.builder()
                .autoRotate(true)
                .interval(1)
                .unit("day")
                .build())
            .secretGroupId(ibm_sm_secret_group.sm_secret_group().secret_group_id())
            .ttl("48h")
            .build());

    }
}

resources:
  smPrivateCertificate:
    type: ibm:SmPrivateCertificate
    properties:
      instanceId: ${ibm_resource_instance.sm_instance.guid}
      region: us-south
      certificateTemplate: ${resource.ibm_sm_private_certificate_configuration_template.my_template.name}
      customMetadata:
        key: value
      description: Extended description for this secret.
      commonName: example.com
      labels:
        - my-label
      rotation:
        autoRotate: true
        interval: 1
        unit: day
      secretGroupId: ${ibm_sm_secret_group.sm_secret_group.secret_group_id}
      ttl: 48h

Provider Configuration

The IBM Cloud provider offers a flexible means of providing credentials for authentication. The following methods are supported, in this order, and explained below:

Static credentials
Environment variables

To find which credentials are required for this resource, see the service table here.

Static credentials

You can provide your static credentials by adding the ibmcloud_api_key, iaas_classic_username, and iaas_classic_api_key arguments in the IBM Cloud provider block.

Usage:

provider "ibm" {
    ibmcloud_api_key = ""
    iaas_classic_username = ""
    iaas_classic_api_key = ""
}

Environment variables

You can provide your credentials by exporting the IC_API_KEY, IAAS_CLASSIC_USERNAME, and IAAS_CLASSIC_API_KEY environment variables, representing your IBM Cloud platform API key, IBM Cloud Classic Infrastructure (SoftLayer) user name, and IBM Cloud infrastructure API key, respectively.

provider "ibm" {}

Usage:

export IC_API_KEY="ibmcloud_api_key"
export IAAS_CLASSIC_USERNAME="iaas_classic_username"
export IAAS_CLASSIC_API_KEY="iaas_classic_api_key"
pulumi preview

Note:

Create or find your ibmcloud_api_key and iaas_classic_api_key here.

Select My IBM Cloud API Keys option from view dropdown for ibmcloud_api_key
Select Classic Infrastructure API Keys option from view dropdown for iaas_classic_api_key

For iaas_classic_username

Go to Users
Click on user.
Find user name in the VPN password section under User Details tab

For more informaton, see here.

Create SmPrivateCertificate Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SmPrivateCertificate(name: string, args: SmPrivateCertificateArgs, opts?: CustomResourceOptions);

@overload
def SmPrivateCertificate(resource_name: str,
                         args: SmPrivateCertificateArgs,
                         opts: Optional[ResourceOptions] = None)

@overload
def SmPrivateCertificate(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         instance_id: Optional[str] = None,
                         certificate_template: Optional[str] = None,
                         common_name: Optional[str] = None,
                         ip_sans: Optional[str] = None,
                         name: Optional[str] = None,
                         description: Optional[str] = None,
                         endpoint_type: Optional[str] = None,
                         exclude_cn_from_sans: Optional[bool] = None,
                         format: Optional[str] = None,
                         csr: Optional[str] = None,
                         alt_names: Optional[Sequence[str]] = None,
                         labels: Optional[Sequence[str]] = None,
                         custom_metadata: Optional[Mapping[str, str]] = None,
                         other_sans: Optional[Sequence[str]] = None,
                         private_key_format: Optional[str] = None,
                         region: Optional[str] = None,
                         rotation: Optional[SmPrivateCertificateRotationArgs] = None,
                         secret_group_id: Optional[str] = None,
                         sm_private_certificate_id: Optional[str] = None,
                         ttl: Optional[str] = None,
                         uri_sans: Optional[str] = None,
                         version_custom_metadata: Optional[Mapping[str, str]] = None)

func NewSmPrivateCertificate(ctx *Context, name string, args SmPrivateCertificateArgs, opts ...ResourceOption) (*SmPrivateCertificate, error)

public SmPrivateCertificate(string name, SmPrivateCertificateArgs args, CustomResourceOptions? opts = null)

public SmPrivateCertificate(String name, SmPrivateCertificateArgs args)
public SmPrivateCertificate(String name, SmPrivateCertificateArgs args, CustomResourceOptions options)

type: ibm:SmPrivateCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SmPrivateCertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SmPrivateCertificateArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SmPrivateCertificateArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SmPrivateCertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SmPrivateCertificateArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var smPrivateCertificateResource = new Ibm.SmPrivateCertificate("smPrivateCertificateResource", new()
{
    InstanceId = "string",
    CertificateTemplate = "string",
    CommonName = "string",
    IpSans = "string",
    Name = "string",
    Description = "string",
    EndpointType = "string",
    ExcludeCnFromSans = false,
    Format = "string",
    Csr = "string",
    AltNames = new[]
    {
        "string",
    },
    Labels = new[]
    {
        "string",
    },
    CustomMetadata = 
    {
        { "string", "string" },
    },
    OtherSans = new[]
    {
        "string",
    },
    PrivateKeyFormat = "string",
    Region = "string",
    Rotation = new Ibm.Inputs.SmPrivateCertificateRotationArgs
    {
        AutoRotate = false,
        Interval = 0,
        Unit = "string",
    },
    SecretGroupId = "string",
    SmPrivateCertificateId = "string",
    Ttl = "string",
    UriSans = "string",
    VersionCustomMetadata = 
    {
        { "string", "string" },
    },
});

example, err := ibm.NewSmPrivateCertificate(ctx, "smPrivateCertificateResource", &ibm.SmPrivateCertificateArgs{
	InstanceId:          pulumi.String("string"),
	CertificateTemplate: pulumi.String("string"),
	CommonName:          pulumi.String("string"),
	IpSans:              pulumi.String("string"),
	Name:                pulumi.String("string"),
	Description:         pulumi.String("string"),
	EndpointType:        pulumi.String("string"),
	ExcludeCnFromSans:   pulumi.Bool(false),
	Format:              pulumi.String("string"),
	Csr:                 pulumi.String("string"),
	AltNames: pulumi.StringArray{
		pulumi.String("string"),
	},
	Labels: pulumi.StringArray{
		pulumi.String("string"),
	},
	CustomMetadata: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OtherSans: pulumi.StringArray{
		pulumi.String("string"),
	},
	PrivateKeyFormat: pulumi.String("string"),
	Region:           pulumi.String("string"),
	Rotation: &ibm.SmPrivateCertificateRotationArgs{
		AutoRotate: pulumi.Bool(false),
		Interval:   pulumi.Float64(0),
		Unit:       pulumi.String("string"),
	},
	SecretGroupId:          pulumi.String("string"),
	SmPrivateCertificateId: pulumi.String("string"),
	Ttl:                    pulumi.String("string"),
	UriSans:                pulumi.String("string"),
	VersionCustomMetadata: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
})

var smPrivateCertificateResource = new SmPrivateCertificate("smPrivateCertificateResource", SmPrivateCertificateArgs.builder()
    .instanceId("string")
    .certificateTemplate("string")
    .commonName("string")
    .ipSans("string")
    .name("string")
    .description("string")
    .endpointType("string")
    .excludeCnFromSans(false)
    .format("string")
    .csr("string")
    .altNames("string")
    .labels("string")
    .customMetadata(Map.of("string", "string"))
    .otherSans("string")
    .privateKeyFormat("string")
    .region("string")
    .rotation(SmPrivateCertificateRotationArgs.builder()
        .autoRotate(false)
        .interval(0)
        .unit("string")
        .build())
    .secretGroupId("string")
    .smPrivateCertificateId("string")
    .ttl("string")
    .uriSans("string")
    .versionCustomMetadata(Map.of("string", "string"))
    .build());

sm_private_certificate_resource = ibm.SmPrivateCertificate("smPrivateCertificateResource",
    instance_id="string",
    certificate_template="string",
    common_name="string",
    ip_sans="string",
    name="string",
    description="string",
    endpoint_type="string",
    exclude_cn_from_sans=False,
    format="string",
    csr="string",
    alt_names=["string"],
    labels=["string"],
    custom_metadata={
        "string": "string",
    },
    other_sans=["string"],
    private_key_format="string",
    region="string",
    rotation={
        "auto_rotate": False,
        "interval": 0,
        "unit": "string",
    },
    secret_group_id="string",
    sm_private_certificate_id="string",
    ttl="string",
    uri_sans="string",
    version_custom_metadata={
        "string": "string",
    })

const smPrivateCertificateResource = new ibm.SmPrivateCertificate("smPrivateCertificateResource", {
    instanceId: "string",
    certificateTemplate: "string",
    commonName: "string",
    ipSans: "string",
    name: "string",
    description: "string",
    endpointType: "string",
    excludeCnFromSans: false,
    format: "string",
    csr: "string",
    altNames: ["string"],
    labels: ["string"],
    customMetadata: {
        string: "string",
    },
    otherSans: ["string"],
    privateKeyFormat: "string",
    region: "string",
    rotation: {
        autoRotate: false,
        interval: 0,
        unit: "string",
    },
    secretGroupId: "string",
    smPrivateCertificateId: "string",
    ttl: "string",
    uriSans: "string",
    versionCustomMetadata: {
        string: "string",
    },
});

type: ibm:SmPrivateCertificate
properties:
    altNames:
        - string
    certificateTemplate: string
    commonName: string
    csr: string
    customMetadata:
        string: string
    description: string
    endpointType: string
    excludeCnFromSans: false
    format: string
    instanceId: string
    ipSans: string
    labels:
        - string
    name: string
    otherSans:
        - string
    privateKeyFormat: string
    region: string
    rotation:
        autoRotate: false
        interval: 0
        unit: string
    secretGroupId: string
    smPrivateCertificateId: string
    ttl: string
    uriSans: string
    versionCustomMetadata:
        string: string

SmPrivateCertificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SmPrivateCertificate resource accepts the following input properties:

CertificateTemplate string

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

CommonName string

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

InstanceId string

The GUID of the Secrets Manager instance.

AltNames List<string>

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

Csr string

The certificate signing request.

CustomMetadata Dictionary<string, string>

The secret metadata that a user can customize.

Description string

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

EndpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

ExcludeCnFromSans bool

Controls whether the common name is excluded from Subject Alternative Names (SANs).If the common name set to true, it is not included in DNS or Email SANs if they apply. This field can be useful if the common name is a human-readable identifier, instead of a hostname or an email address.

Format string

The format of the returned data.

IpSans string

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

Labels List<string>

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

Name string

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

OtherSans List<string>

The custom Object Identifier (OID) or UTF8-string Subject Alternative Names to define for the CA certificate.The alternative names must match the values that are specified in the allowed_other_sans field in the associated certificate template. The format is the same as OpenSSL: <oid>:<type>:<value> where the current valid type is UTF8.

PrivateKeyFormat string

The format of the generated private key.

Region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

Rotation SmPrivateCertificateRotation

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

SecretGroupId string

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

SmPrivateCertificateId string

Ttl string

The time-to-live (TTL) to assign to the private certificate. The value can be supplied as a string duration with time unit suffix - d for days, h for hours, m for minutes, or s for seconds. For example, 2d or 48h or 172800s.

UriSans string

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

VersionCustomMetadata Dictionary<string, string>

The secret version metadata that a user can customize.

CertificateTemplate string

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

CommonName string

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

InstanceId string

The GUID of the Secrets Manager instance.

AltNames []string

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

Csr string

The certificate signing request.

CustomMetadata map[string]string

The secret metadata that a user can customize.

Description string

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

EndpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

ExcludeCnFromSans bool

Format string

The format of the returned data.

IpSans string

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

Labels []string

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

Name string

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

OtherSans []string

PrivateKeyFormat string

The format of the generated private key.

Region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

Rotation SmPrivateCertificateRotationArgs

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

SecretGroupId string

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

SmPrivateCertificateId string

Ttl string

UriSans string

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

VersionCustomMetadata map[string]string

The secret version metadata that a user can customize.

certificateTemplate String

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

commonName String

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

instanceId String

The GUID of the Secrets Manager instance.

altNames List<String>

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

csr String

The certificate signing request.

customMetadata Map<String,String>

The secret metadata that a user can customize.

description String

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

endpointType String

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

excludeCnFromSans Boolean

format String

The format of the returned data.

ipSans String

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

labels List<String>

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

name String

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

otherSans List<String>

privateKeyFormat String

The format of the generated private key.

region String

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

rotation SmPrivateCertificateRotation

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secretGroupId String

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

smPrivateCertificateId String

ttl String

uriSans String

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

versionCustomMetadata Map<String,String>

The secret version metadata that a user can customize.

certificateTemplate string

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

commonName string

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

instanceId string

The GUID of the Secrets Manager instance.

altNames string[]

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

csr string

The certificate signing request.

customMetadata {[key: string]: string}

The secret metadata that a user can customize.

description string

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

endpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

excludeCnFromSans boolean

format string

The format of the returned data.

ipSans string

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

labels string[]

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

name string

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

otherSans string[]

privateKeyFormat string

The format of the generated private key.

region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

rotation SmPrivateCertificateRotation

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secretGroupId string

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

smPrivateCertificateId string

ttl string

uriSans string

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

versionCustomMetadata {[key: string]: string}

The secret version metadata that a user can customize.

certificate_template str

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

common_name str

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

instance_id str

The GUID of the Secrets Manager instance.

alt_names Sequence[str]

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

csr str

The certificate signing request.

custom_metadata Mapping[str, str]

The secret metadata that a user can customize.

description str

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

endpoint_type str

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

exclude_cn_from_sans bool

format str

The format of the returned data.

ip_sans str

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

labels Sequence[str]

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

name str

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

other_sans Sequence[str]

private_key_format str

The format of the generated private key.

region str

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

rotation SmPrivateCertificateRotationArgs

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secret_group_id str

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

sm_private_certificate_id str

ttl str

uri_sans str

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

version_custom_metadata Mapping[str, str]

The secret version metadata that a user can customize.

certificateTemplate String

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

commonName String

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

instanceId String

The GUID of the Secrets Manager instance.

altNames List<String>

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

csr String

The certificate signing request.

customMetadata Map<String>

The secret metadata that a user can customize.

description String

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

endpointType String

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

excludeCnFromSans Boolean

format String

The format of the returned data.

ipSans String

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

labels List<String>

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

name String

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

otherSans List<String>

privateKeyFormat String

The format of the generated private key.

region String

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

rotation Property Map

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secretGroupId String

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

smPrivateCertificateId String

ttl String

uriSans String

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

versionCustomMetadata Map<String>

The secret version metadata that a user can customize.

Outputs

All input properties are implicitly available as output properties. Additionally, the SmPrivateCertificate resource produces the following output properties:

CaChains List<string>

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

Certificate string

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

CertificateAuthority string

(String) The intermediate certificate authority that signed this certificate.

CreatedAt string

(String) The date when a resource was created. The date format follows RFC 3339.

CreatedBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

Crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

Downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

ExpirationDate string

(String) The date the certificate is expired. The date format follows RFC 3339.

Id string

The provider-assigned unique ID for this managed resource.

Issuer string

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

IssuingCa string

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

KeyAlgorithm string

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

LocksTotal double

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

NextRotationDate string

(String) The date that the secret is scheduled for automatic rotation.The service automatically creates a new version of the secret on its next rotation date. This field exists only for secrets that have an existing rotation policy.

PrivateKey string

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

RevocationTimeRfc3339 string

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

RevocationTimeSeconds double

(Integer) The timestamp of the certificate revocation.

SecretId string

The unique identifier of the PrivateCertificate.

SecretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

SerialNumber string

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

SigningAlgorithm string

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

State double

(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

Constraints: Allowable values are: 0, 1, 2, 3, 5.

StateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

UpdatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

Validities List<SmPrivateCertificateValidity>

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

VersionsTotal double

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

CaChains []string

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

Certificate string

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

CertificateAuthority string

(String) The intermediate certificate authority that signed this certificate.

CreatedAt string

(String) The date when a resource was created. The date format follows RFC 3339.

CreatedBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

Crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

Downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

ExpirationDate string

(String) The date the certificate is expired. The date format follows RFC 3339.

Id string

The provider-assigned unique ID for this managed resource.

Issuer string

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

IssuingCa string

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

KeyAlgorithm string

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

LocksTotal float64

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

NextRotationDate string

PrivateKey string

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

RevocationTimeRfc3339 string

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

RevocationTimeSeconds float64

(Integer) The timestamp of the certificate revocation.

SecretId string

The unique identifier of the PrivateCertificate.

SecretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

SerialNumber string

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

SigningAlgorithm string

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

State float64

Constraints: Allowable values are: 0, 1, 2, 3, 5.

StateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

UpdatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

Validities []SmPrivateCertificateValidity

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

VersionsTotal float64

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

caChains List<String>

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate String

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificateAuthority String

(String) The intermediate certificate authority that signed this certificate.

createdAt String

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy String

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn String

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

downloaded Boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

expirationDate String

(String) The date the certificate is expired. The date format follows RFC 3339.

id String

The provider-assigned unique ID for this managed resource.

issuer String

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuingCa String

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

keyAlgorithm String

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

locksTotal Double

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

nextRotationDate String

privateKey String

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

revocationTimeRfc3339 String

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocationTimeSeconds Double

(Integer) The timestamp of the certificate revocation.

secretId String

The unique identifier of the PrivateCertificate.

secretType String

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serialNumber String

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signingAlgorithm String

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

state Double

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription String

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

updatedAt String

(String) The date when a resource was recently modified. The date format follows RFC 3339.

validities List<SmPrivateCertificateValidity>

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

versionsTotal Double

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

caChains string[]

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate string

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificateAuthority string

(String) The intermediate certificate authority that signed this certificate.

createdAt string

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

downloaded boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

expirationDate string

(String) The date the certificate is expired. The date format follows RFC 3339.

id string

The provider-assigned unique ID for this managed resource.

issuer string

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuingCa string

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

keyAlgorithm string

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

locksTotal number

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

nextRotationDate string

privateKey string

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

revocationTimeRfc3339 string

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocationTimeSeconds number

(Integer) The timestamp of the certificate revocation.

secretId string

The unique identifier of the PrivateCertificate.

secretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serialNumber string

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signingAlgorithm string

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

state number

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

updatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

validities SmPrivateCertificateValidity[]

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

versionsTotal number

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

ca_chains Sequence[str]

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate str

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificate_authority str

(String) The intermediate certificate authority that signed this certificate.

created_at str

(String) The date when a resource was created. The date format follows RFC 3339.

created_by str

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn str

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

expiration_date str

(String) The date the certificate is expired. The date format follows RFC 3339.

id str

The provider-assigned unique ID for this managed resource.

issuer str

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuing_ca str

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

key_algorithm str

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

locks_total float

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

next_rotation_date str

private_key str

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

revocation_time_rfc3339 str

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocation_time_seconds float

(Integer) The timestamp of the certificate revocation.

secret_id str

The unique identifier of the PrivateCertificate.

secret_type str

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serial_number str

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signing_algorithm str

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

state float

Constraints: Allowable values are: 0, 1, 2, 3, 5.

state_description str

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

updated_at str

(String) The date when a resource was recently modified. The date format follows RFC 3339.

validities Sequence[SmPrivateCertificateValidity]

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

versions_total float

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

caChains List<String>

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate String

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificateAuthority String

(String) The intermediate certificate authority that signed this certificate.

createdAt String

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy String

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn String

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

downloaded Boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

expirationDate String

(String) The date the certificate is expired. The date format follows RFC 3339.

id String

The provider-assigned unique ID for this managed resource.

issuer String

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuingCa String

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

keyAlgorithm String

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

locksTotal Number

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

nextRotationDate String

privateKey String

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

revocationTimeRfc3339 String

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocationTimeSeconds Number

(Integer) The timestamp of the certificate revocation.

secretId String

The unique identifier of the PrivateCertificate.

secretType String

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serialNumber String

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signingAlgorithm String

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

state Number

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription String

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

updatedAt String

(String) The date when a resource was recently modified. The date format follows RFC 3339.

validities List<Property Map>

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

versionsTotal Number

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

Look up Existing SmPrivateCertificate Resource

Get an existing SmPrivateCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SmPrivateCertificateState, opts?: CustomResourceOptions): SmPrivateCertificate

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        alt_names: Optional[Sequence[str]] = None,
        ca_chains: Optional[Sequence[str]] = None,
        certificate: Optional[str] = None,
        certificate_authority: Optional[str] = None,
        certificate_template: Optional[str] = None,
        common_name: Optional[str] = None,
        created_at: Optional[str] = None,
        created_by: Optional[str] = None,
        crn: Optional[str] = None,
        csr: Optional[str] = None,
        custom_metadata: Optional[Mapping[str, str]] = None,
        description: Optional[str] = None,
        downloaded: Optional[bool] = None,
        endpoint_type: Optional[str] = None,
        exclude_cn_from_sans: Optional[bool] = None,
        expiration_date: Optional[str] = None,
        format: Optional[str] = None,
        instance_id: Optional[str] = None,
        ip_sans: Optional[str] = None,
        issuer: Optional[str] = None,
        issuing_ca: Optional[str] = None,
        key_algorithm: Optional[str] = None,
        labels: Optional[Sequence[str]] = None,
        locks_total: Optional[float] = None,
        name: Optional[str] = None,
        next_rotation_date: Optional[str] = None,
        other_sans: Optional[Sequence[str]] = None,
        private_key: Optional[str] = None,
        private_key_format: Optional[str] = None,
        region: Optional[str] = None,
        revocation_time_rfc3339: Optional[str] = None,
        revocation_time_seconds: Optional[float] = None,
        rotation: Optional[SmPrivateCertificateRotationArgs] = None,
        secret_group_id: Optional[str] = None,
        secret_id: Optional[str] = None,
        secret_type: Optional[str] = None,
        serial_number: Optional[str] = None,
        signing_algorithm: Optional[str] = None,
        sm_private_certificate_id: Optional[str] = None,
        state: Optional[float] = None,
        state_description: Optional[str] = None,
        ttl: Optional[str] = None,
        updated_at: Optional[str] = None,
        uri_sans: Optional[str] = None,
        validities: Optional[Sequence[SmPrivateCertificateValidityArgs]] = None,
        version_custom_metadata: Optional[Mapping[str, str]] = None,
        versions_total: Optional[float] = None) -> SmPrivateCertificate

func GetSmPrivateCertificate(ctx *Context, name string, id IDInput, state *SmPrivateCertificateState, opts ...ResourceOption) (*SmPrivateCertificate, error)

public static SmPrivateCertificate Get(string name, Input<string> id, SmPrivateCertificateState? state, CustomResourceOptions? opts = null)

public static SmPrivateCertificate get(String name, Output<String> id, SmPrivateCertificateState state, CustomResourceOptions options)

resources:  _:    type: ibm:SmPrivateCertificate    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AltNames List<string>

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

CaChains List<string>

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

Certificate string

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

CertificateAuthority string

(String) The intermediate certificate authority that signed this certificate.

CertificateTemplate string

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

CommonName string

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

CreatedAt string

(String) The date when a resource was created. The date format follows RFC 3339.

CreatedBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

Crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

Csr string

The certificate signing request.

CustomMetadata Dictionary<string, string>

The secret metadata that a user can customize.

Description string

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

Downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

EndpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

ExcludeCnFromSans bool

ExpirationDate string

(String) The date the certificate is expired. The date format follows RFC 3339.

Format string

The format of the returned data.

InstanceId string

The GUID of the Secrets Manager instance.

IpSans string

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

Issuer string

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

IssuingCa string

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

KeyAlgorithm string

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

Labels List<string>

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

LocksTotal double

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

Name string

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

NextRotationDate string

OtherSans List<string>

PrivateKey string

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

PrivateKeyFormat string

The format of the generated private key.

Region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

RevocationTimeRfc3339 string

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

RevocationTimeSeconds double

(Integer) The timestamp of the certificate revocation.

Rotation SmPrivateCertificateRotation

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

SecretGroupId string

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

SecretId string

The unique identifier of the PrivateCertificate.

SecretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

SerialNumber string

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

SigningAlgorithm string

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

SmPrivateCertificateId string

State double

Constraints: Allowable values are: 0, 1, 2, 3, 5.

StateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

Ttl string

UpdatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

UriSans string

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

Validities List<SmPrivateCertificateValidity>

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

VersionCustomMetadata Dictionary<string, string>

The secret version metadata that a user can customize.

VersionsTotal double

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

AltNames []string

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

CaChains []string

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

Certificate string

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

CertificateAuthority string

(String) The intermediate certificate authority that signed this certificate.

CertificateTemplate string

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

CommonName string

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

CreatedAt string

(String) The date when a resource was created. The date format follows RFC 3339.

CreatedBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

Crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

Csr string

The certificate signing request.

CustomMetadata map[string]string

The secret metadata that a user can customize.

Description string

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

Downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

EndpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

ExcludeCnFromSans bool

ExpirationDate string

(String) The date the certificate is expired. The date format follows RFC 3339.

Format string

The format of the returned data.

InstanceId string

The GUID of the Secrets Manager instance.

IpSans string

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

Issuer string

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

IssuingCa string

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

KeyAlgorithm string

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

Labels []string

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

LocksTotal float64

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

Name string

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

NextRotationDate string

OtherSans []string

PrivateKey string

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

PrivateKeyFormat string

The format of the generated private key.

Region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

RevocationTimeRfc3339 string

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

RevocationTimeSeconds float64

(Integer) The timestamp of the certificate revocation.

Rotation SmPrivateCertificateRotationArgs

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

SecretGroupId string

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

SecretId string

The unique identifier of the PrivateCertificate.

SecretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

SerialNumber string

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

SigningAlgorithm string

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

SmPrivateCertificateId string

State float64

Constraints: Allowable values are: 0, 1, 2, 3, 5.

StateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

Ttl string

UpdatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

UriSans string

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

Validities []SmPrivateCertificateValidityArgs

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

VersionCustomMetadata map[string]string

The secret version metadata that a user can customize.

VersionsTotal float64

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

altNames List<String>

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

caChains List<String>

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate String

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificateAuthority String

(String) The intermediate certificate authority that signed this certificate.

certificateTemplate String

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

commonName String

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

createdAt String

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy String

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn String

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

csr String

The certificate signing request.

customMetadata Map<String,String>

The secret metadata that a user can customize.

description String

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded Boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

endpointType String

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

excludeCnFromSans Boolean

expirationDate String

(String) The date the certificate is expired. The date format follows RFC 3339.

format String

The format of the returned data.

instanceId String

The GUID of the Secrets Manager instance.

ipSans String

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

issuer String

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuingCa String

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

keyAlgorithm String

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

labels List<String>

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locksTotal Double

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name String

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

nextRotationDate String

otherSans List<String>

privateKey String

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

privateKeyFormat String

The format of the generated private key.

region String

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

revocationTimeRfc3339 String

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocationTimeSeconds Double

(Integer) The timestamp of the certificate revocation.

rotation SmPrivateCertificateRotation

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secretGroupId String

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secretId String

The unique identifier of the PrivateCertificate.

secretType String

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serialNumber String

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signingAlgorithm String

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

smPrivateCertificateId String

state Double

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription String

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

ttl String

updatedAt String

(String) The date when a resource was recently modified. The date format follows RFC 3339.

uriSans String

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

validities List<SmPrivateCertificateValidity>

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

versionCustomMetadata Map<String,String>

The secret version metadata that a user can customize.

versionsTotal Double

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

altNames string[]

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

caChains string[]

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate string

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificateAuthority string

(String) The intermediate certificate authority that signed this certificate.

certificateTemplate string

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

commonName string

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

createdAt string

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

csr string

The certificate signing request.

customMetadata {[key: string]: string}

The secret metadata that a user can customize.

description string

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

endpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

excludeCnFromSans boolean

expirationDate string

(String) The date the certificate is expired. The date format follows RFC 3339.

format string

The format of the returned data.

instanceId string

The GUID of the Secrets Manager instance.

ipSans string

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

issuer string

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuingCa string

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

keyAlgorithm string

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

labels string[]

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locksTotal number

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name string

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

nextRotationDate string

otherSans string[]

privateKey string

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

privateKeyFormat string

The format of the generated private key.

region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

revocationTimeRfc3339 string

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocationTimeSeconds number

(Integer) The timestamp of the certificate revocation.

rotation SmPrivateCertificateRotation

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secretGroupId string

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secretId string

The unique identifier of the PrivateCertificate.

secretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serialNumber string

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signingAlgorithm string

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

smPrivateCertificateId string

state number

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

ttl string

updatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

uriSans string

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

validities SmPrivateCertificateValidity[]

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

versionCustomMetadata {[key: string]: string}

The secret version metadata that a user can customize.

versionsTotal number

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

alt_names Sequence[str]

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

ca_chains Sequence[str]

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate str

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificate_authority str

(String) The intermediate certificate authority that signed this certificate.

certificate_template str

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

common_name str

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

created_at str

(String) The date when a resource was created. The date format follows RFC 3339.

created_by str

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn str

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

csr str

The certificate signing request.

custom_metadata Mapping[str, str]

The secret metadata that a user can customize.

description str

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

endpoint_type str

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

exclude_cn_from_sans bool

expiration_date str

(String) The date the certificate is expired. The date format follows RFC 3339.

format str

The format of the returned data.

instance_id str

The GUID of the Secrets Manager instance.

ip_sans str

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

issuer str

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuing_ca str

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

key_algorithm str

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

labels Sequence[str]

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locks_total float

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name str

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

next_rotation_date str

other_sans Sequence[str]

private_key str

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

private_key_format str

The format of the generated private key.

region str

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

revocation_time_rfc3339 str

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocation_time_seconds float

(Integer) The timestamp of the certificate revocation.

rotation SmPrivateCertificateRotationArgs

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secret_group_id str

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secret_id str

The unique identifier of the PrivateCertificate.

secret_type str

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serial_number str

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signing_algorithm str

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

sm_private_certificate_id str

state float

Constraints: Allowable values are: 0, 1, 2, 3, 5.

state_description str

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

ttl str

updated_at str

(String) The date when a resource was recently modified. The date format follows RFC 3339.

uri_sans str

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

validities Sequence[SmPrivateCertificateValidityArgs]

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

version_custom_metadata Mapping[str, str]

The secret version metadata that a user can customize.

versions_total float

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

altNames List<String>

(Forces new resource, List) With the Subject Alternative Name field, you can specify additional host names to be protected by a single SSL certificate.

Constraints: The list items must match regular expression /^(.*?)$/. The maximum length is 99 items. The minimum length is 0 items.

caChains List<String>

(List) The chain of certificate authorities that are associated with the certificate.

Constraints: The list items must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/. The maximum length is 16 items. The minimum length is 1 item.

certificate String

(Forces new resource, String) The PEM-encoded contents of your certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

certificateAuthority String

(String) The intermediate certificate authority that signed this certificate.

certificateTemplate String

The name of the certificate template.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/.

commonName String

The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters. The value must match regular expression /(.*?)/.

createdAt String

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy String

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn String

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

csr String

The certificate signing request.

customMetadata Map<String>

The secret metadata that a user can customize.

description String

An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded Boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

endpointType String

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

excludeCnFromSans Boolean

expirationDate String

(String) The date the certificate is expired. The date format follows RFC 3339.

format String

The format of the returned data.

instanceId String

The GUID of the Secrets Manager instance.

ipSans String

The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

issuer String

(Forces new resource, String) The distinguished name that identifies the entity that signed and issued the certificate.

Constraints: The maximum length is 128 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

issuingCa String

(String) The PEM-encoded certificate of the certificate authority that signed and issued this certificate.

Constraints: The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

keyAlgorithm String

(String) The identifier for the cryptographic algorithm used to generate the public key that is associated with the certificate.

Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

labels List<String>

Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locksTotal Number

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name String

The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9_][A-Za-z0-9_]*(?:_*-*\.*[A-Za-z0-9]*)*[A-Za-z0-9]+$.

nextRotationDate String

otherSans List<String>

privateKey String

(Forces new resource, String) (Optional) The PEM-encoded private key to associate with the certificate.

Constraints: The maximum length is 100000 characters. The minimum length is 50 characters. The value must match regular expression /^(-{5}BEGIN.+?-{5}[\\s\\S]+-{5}END.+?-{5})$/.

privateKeyFormat String

The format of the generated private key.

region String

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

revocationTimeRfc3339 String

(String) The date and time that the certificate was revoked. The date format follows RFC 3339.

revocationTimeSeconds Number

(Integer) The timestamp of the certificate revocation.

rotation Property Map

Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:

secretGroupId String

A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secretId String

The unique identifier of the PrivateCertificate.

secretType String

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

serialNumber String

(String) The unique serial number that was assigned to a certificate by the issuing certificate authority.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /[^a-fA-F0-9]/.

signingAlgorithm String

(String) The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign a certificate.

Constraints: The maximum length is 64 characters. The minimum length is 4 characters.

smPrivateCertificateId String

state Number

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription String

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

ttl String

updatedAt String

(String) The date when a resource was recently modified. The date format follows RFC 3339.

uriSans String

The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.

validities List<Property Map>

(List) The date and time that the certificate validity period begins and ends. Nested scheme for validity:

versionCustomMetadata Map<String>

The secret version metadata that a user can customize.

versionsTotal Number

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

Supporting Types

SmPrivateCertificateRotation, SmPrivateCertificateRotationArgs

AutoRotate bool

Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.

Interval double

The length of the secret rotation time interval.

Constraints: The minimum value is 1.

Unit string

The units for the secret rotation time interval.

Constraints: Allowable values are: day, month.

AutoRotate bool

Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.

Interval float64

The length of the secret rotation time interval.

Constraints: The minimum value is 1.

Unit string

The units for the secret rotation time interval.

Constraints: Allowable values are: day, month.

autoRotate Boolean

Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.

interval Double

The length of the secret rotation time interval.

Constraints: The minimum value is 1.

unit String

The units for the secret rotation time interval.

Constraints: Allowable values are: day, month.

autoRotate boolean

Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.

interval number

The length of the secret rotation time interval.

Constraints: The minimum value is 1.

unit string

The units for the secret rotation time interval.

Constraints: Allowable values are: day, month.

auto_rotate bool

Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.

interval float

The length of the secret rotation time interval.

Constraints: The minimum value is 1.

unit str

The units for the secret rotation time interval.

Constraints: Allowable values are: day, month.

autoRotate Boolean

Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.

interval Number

The length of the secret rotation time interval.

Constraints: The minimum value is 1.

unit String

The units for the secret rotation time interval.

Constraints: Allowable values are: day, month.

SmPrivateCertificateValidity, SmPrivateCertificateValidityArgs

NotAfter string: (String) The date-time format follows RFC 3339.
NotBefore string: (String) The date-time format follows RFC 3339.

NotAfter string: (String) The date-time format follows RFC 3339.
NotBefore string: (String) The date-time format follows RFC 3339.

notAfter String: (String) The date-time format follows RFC 3339.
notBefore String: (String) The date-time format follows RFC 3339.

notAfter string: (String) The date-time format follows RFC 3339.
notBefore string: (String) The date-time format follows RFC 3339.

not_after str: (String) The date-time format follows RFC 3339.
not_before str: (String) The date-time format follows RFC 3339.

notAfter String: (String) The date-time format follows RFC 3339.
notBefore String: (String) The date-time format follows RFC 3339.

Import

You can import the ibm_sm_private_certificate resource by using region, instance_id, and secret_id.

For more information, see the documentation

Syntax

bash

$ pulumi import ibm:index/smPrivateCertificate:SmPrivateCertificate sm_private_certificate <region>/<instance_id>/<secret_id>

Example

bash

$ pulumi import ibm:index/smPrivateCertificate:SmPrivateCertificate sm_private_certificate us-east/6ebc4224-e983-496a-8a54-f40a0bfa9175/b49ad24d-81d4-5ebc-b9b9-b0937d1c84d5

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

ibm.SmPrivateCertificate

On this page

On this page

Example Usage

Provider Configuration

Static credentials

Environment variables

Create SmPrivateCertificate Resource

Constructor syntax

Parameters

Constructor example

SmPrivateCertificate Resource Properties

Inputs

Outputs

Look up Existing SmPrivateCertificate Resource

Supporting Types

SmPrivateCertificateRotation, SmPrivateCertificateRotationArgs

SmPrivateCertificateValidity, SmPrivateCertificateValidityArgs

Import

Package Details

On this page

On this page