Oracle Cloud Infrastructure v3.16.0 published on Wednesday, Jan 28, 2026 by Pulumi
Oracle Cloud Infrastructure v3.16.0 published on Wednesday, Jan 28, 2026 by Pulumi
Example Usage
Create CertificateAuthority Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CertificateAuthority(name: string, args: CertificateAuthorityArgs, opts?: CustomResourceOptions);@overload
def CertificateAuthority(resource_name: str,
args: CertificateAuthorityArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CertificateAuthority(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate_authority_config: Optional[CertificateAuthorityCertificateAuthorityConfigArgs] = None,
compartment_id: Optional[str] = None,
certificate_authority_rules: Optional[Sequence[CertificateAuthorityCertificateAuthorityRuleArgs]] = None,
certificate_revocation_list_details: Optional[CertificateAuthorityCertificateRevocationListDetailsArgs] = None,
defined_tags: Optional[Mapping[str, str]] = None,
description: Optional[str] = None,
external_key_description: Optional[str] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
kms_key_id: Optional[str] = None,
name: Optional[str] = None)func NewCertificateAuthority(ctx *Context, name string, args CertificateAuthorityArgs, opts ...ResourceOption) (*CertificateAuthority, error)public CertificateAuthority(string name, CertificateAuthorityArgs args, CustomResourceOptions? opts = null)
public CertificateAuthority(String name, CertificateAuthorityArgs args)
public CertificateAuthority(String name, CertificateAuthorityArgs args, CustomResourceOptions options)
type: oci:CertificatesManagement:CertificateAuthority
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CertificateAuthorityArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertificateAuthorityArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertificateAuthorityArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateAuthorityArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertificateAuthorityArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var certificateAuthorityResource = new Oci.CertificatesManagement.CertificateAuthority("certificateAuthorityResource", new()
{
CertificateAuthorityConfig = new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityConfigArgs
{
ConfigType = "string",
ActionDetails = new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityConfigActionDetailsArgs
{
ActionType = "string",
CertificatePem = "string",
},
CertificatePem = "string",
IssuerCertificateAuthorityId = "string",
SigningAlgorithm = "string",
Subject = new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityConfigSubjectArgs
{
CommonName = "string",
Country = "string",
DistinguishedNameQualifier = "string",
DomainComponent = "string",
GenerationQualifier = "string",
GivenName = "string",
Initials = "string",
LocalityName = "string",
Organization = "string",
OrganizationalUnit = "string",
Pseudonym = "string",
SerialNumber = "string",
StateOrProvinceName = "string",
Street = "string",
Surname = "string",
Title = "string",
UserId = "string",
},
Validity = new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityConfigValidityArgs
{
TimeOfValidityNotAfter = "string",
TimeOfValidityNotBefore = "string",
},
VersionName = "string",
},
CompartmentId = "string",
CertificateAuthorityRules = new[]
{
new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityRuleArgs
{
RuleType = "string",
CertificateAuthorityMaxValidityDuration = "string",
LeafCertificateMaxValidityDuration = "string",
NameConstraint = new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityRuleNameConstraintArgs
{
ExcludedSubtrees = new[]
{
new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityRuleNameConstraintExcludedSubtreeArgs
{
Type = "string",
Value = "string",
},
},
PermittedSubtrees = new[]
{
new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateAuthorityRuleNameConstraintPermittedSubtreeArgs
{
Type = "string",
Value = "string",
},
},
},
PathLengthConstraint = 0,
},
},
CertificateRevocationListDetails = new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateRevocationListDetailsArgs
{
ObjectStorageConfig = new Oci.CertificatesManagement.Inputs.CertificateAuthorityCertificateRevocationListDetailsObjectStorageConfigArgs
{
ObjectStorageBucketName = "string",
ObjectStorageObjectNameFormat = "string",
ObjectStorageNamespace = "string",
},
CustomFormattedUrls = new[]
{
"string",
},
},
DefinedTags =
{
{ "string", "string" },
},
Description = "string",
ExternalKeyDescription = "string",
FreeformTags =
{
{ "string", "string" },
},
KmsKeyId = "string",
Name = "string",
});
example, err := certificatesmanagement.NewCertificateAuthority(ctx, "certificateAuthorityResource", &certificatesmanagement.CertificateAuthorityArgs{
CertificateAuthorityConfig: &certificatesmanagement.CertificateAuthorityCertificateAuthorityConfigArgs{
ConfigType: pulumi.String("string"),
ActionDetails: &certificatesmanagement.CertificateAuthorityCertificateAuthorityConfigActionDetailsArgs{
ActionType: pulumi.String("string"),
CertificatePem: pulumi.String("string"),
},
CertificatePem: pulumi.String("string"),
IssuerCertificateAuthorityId: pulumi.String("string"),
SigningAlgorithm: pulumi.String("string"),
Subject: &certificatesmanagement.CertificateAuthorityCertificateAuthorityConfigSubjectArgs{
CommonName: pulumi.String("string"),
Country: pulumi.String("string"),
DistinguishedNameQualifier: pulumi.String("string"),
DomainComponent: pulumi.String("string"),
GenerationQualifier: pulumi.String("string"),
GivenName: pulumi.String("string"),
Initials: pulumi.String("string"),
LocalityName: pulumi.String("string"),
Organization: pulumi.String("string"),
OrganizationalUnit: pulumi.String("string"),
Pseudonym: pulumi.String("string"),
SerialNumber: pulumi.String("string"),
StateOrProvinceName: pulumi.String("string"),
Street: pulumi.String("string"),
Surname: pulumi.String("string"),
Title: pulumi.String("string"),
UserId: pulumi.String("string"),
},
Validity: &certificatesmanagement.CertificateAuthorityCertificateAuthorityConfigValidityArgs{
TimeOfValidityNotAfter: pulumi.String("string"),
TimeOfValidityNotBefore: pulumi.String("string"),
},
VersionName: pulumi.String("string"),
},
CompartmentId: pulumi.String("string"),
CertificateAuthorityRules: certificatesmanagement.CertificateAuthorityCertificateAuthorityRuleArray{
&certificatesmanagement.CertificateAuthorityCertificateAuthorityRuleArgs{
RuleType: pulumi.String("string"),
CertificateAuthorityMaxValidityDuration: pulumi.String("string"),
LeafCertificateMaxValidityDuration: pulumi.String("string"),
NameConstraint: &certificatesmanagement.CertificateAuthorityCertificateAuthorityRuleNameConstraintArgs{
ExcludedSubtrees: certificatesmanagement.CertificateAuthorityCertificateAuthorityRuleNameConstraintExcludedSubtreeArray{
&certificatesmanagement.CertificateAuthorityCertificateAuthorityRuleNameConstraintExcludedSubtreeArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
PermittedSubtrees: certificatesmanagement.CertificateAuthorityCertificateAuthorityRuleNameConstraintPermittedSubtreeArray{
&certificatesmanagement.CertificateAuthorityCertificateAuthorityRuleNameConstraintPermittedSubtreeArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
PathLengthConstraint: pulumi.Int(0),
},
},
CertificateRevocationListDetails: &certificatesmanagement.CertificateAuthorityCertificateRevocationListDetailsArgs{
ObjectStorageConfig: &certificatesmanagement.CertificateAuthorityCertificateRevocationListDetailsObjectStorageConfigArgs{
ObjectStorageBucketName: pulumi.String("string"),
ObjectStorageObjectNameFormat: pulumi.String("string"),
ObjectStorageNamespace: pulumi.String("string"),
},
CustomFormattedUrls: pulumi.StringArray{
pulumi.String("string"),
},
},
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Description: pulumi.String("string"),
ExternalKeyDescription: pulumi.String("string"),
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
KmsKeyId: pulumi.String("string"),
Name: pulumi.String("string"),
})
var certificateAuthorityResource = new CertificateAuthority("certificateAuthorityResource", CertificateAuthorityArgs.builder()
.certificateAuthorityConfig(CertificateAuthorityCertificateAuthorityConfigArgs.builder()
.configType("string")
.actionDetails(CertificateAuthorityCertificateAuthorityConfigActionDetailsArgs.builder()
.actionType("string")
.certificatePem("string")
.build())
.certificatePem("string")
.issuerCertificateAuthorityId("string")
.signingAlgorithm("string")
.subject(CertificateAuthorityCertificateAuthorityConfigSubjectArgs.builder()
.commonName("string")
.country("string")
.distinguishedNameQualifier("string")
.domainComponent("string")
.generationQualifier("string")
.givenName("string")
.initials("string")
.localityName("string")
.organization("string")
.organizationalUnit("string")
.pseudonym("string")
.serialNumber("string")
.stateOrProvinceName("string")
.street("string")
.surname("string")
.title("string")
.userId("string")
.build())
.validity(CertificateAuthorityCertificateAuthorityConfigValidityArgs.builder()
.timeOfValidityNotAfter("string")
.timeOfValidityNotBefore("string")
.build())
.versionName("string")
.build())
.compartmentId("string")
.certificateAuthorityRules(CertificateAuthorityCertificateAuthorityRuleArgs.builder()
.ruleType("string")
.certificateAuthorityMaxValidityDuration("string")
.leafCertificateMaxValidityDuration("string")
.nameConstraint(CertificateAuthorityCertificateAuthorityRuleNameConstraintArgs.builder()
.excludedSubtrees(CertificateAuthorityCertificateAuthorityRuleNameConstraintExcludedSubtreeArgs.builder()
.type("string")
.value("string")
.build())
.permittedSubtrees(CertificateAuthorityCertificateAuthorityRuleNameConstraintPermittedSubtreeArgs.builder()
.type("string")
.value("string")
.build())
.build())
.pathLengthConstraint(0)
.build())
.certificateRevocationListDetails(CertificateAuthorityCertificateRevocationListDetailsArgs.builder()
.objectStorageConfig(CertificateAuthorityCertificateRevocationListDetailsObjectStorageConfigArgs.builder()
.objectStorageBucketName("string")
.objectStorageObjectNameFormat("string")
.objectStorageNamespace("string")
.build())
.customFormattedUrls("string")
.build())
.definedTags(Map.of("string", "string"))
.description("string")
.externalKeyDescription("string")
.freeformTags(Map.of("string", "string"))
.kmsKeyId("string")
.name("string")
.build());
certificate_authority_resource = oci.certificatesmanagement.CertificateAuthority("certificateAuthorityResource",
certificate_authority_config={
"config_type": "string",
"action_details": {
"action_type": "string",
"certificate_pem": "string",
},
"certificate_pem": "string",
"issuer_certificate_authority_id": "string",
"signing_algorithm": "string",
"subject": {
"common_name": "string",
"country": "string",
"distinguished_name_qualifier": "string",
"domain_component": "string",
"generation_qualifier": "string",
"given_name": "string",
"initials": "string",
"locality_name": "string",
"organization": "string",
"organizational_unit": "string",
"pseudonym": "string",
"serial_number": "string",
"state_or_province_name": "string",
"street": "string",
"surname": "string",
"title": "string",
"user_id": "string",
},
"validity": {
"time_of_validity_not_after": "string",
"time_of_validity_not_before": "string",
},
"version_name": "string",
},
compartment_id="string",
certificate_authority_rules=[{
"rule_type": "string",
"certificate_authority_max_validity_duration": "string",
"leaf_certificate_max_validity_duration": "string",
"name_constraint": {
"excluded_subtrees": [{
"type": "string",
"value": "string",
}],
"permitted_subtrees": [{
"type": "string",
"value": "string",
}],
},
"path_length_constraint": 0,
}],
certificate_revocation_list_details={
"object_storage_config": {
"object_storage_bucket_name": "string",
"object_storage_object_name_format": "string",
"object_storage_namespace": "string",
},
"custom_formatted_urls": ["string"],
},
defined_tags={
"string": "string",
},
description="string",
external_key_description="string",
freeform_tags={
"string": "string",
},
kms_key_id="string",
name="string")
const certificateAuthorityResource = new oci.certificatesmanagement.CertificateAuthority("certificateAuthorityResource", {
certificateAuthorityConfig: {
configType: "string",
actionDetails: {
actionType: "string",
certificatePem: "string",
},
certificatePem: "string",
issuerCertificateAuthorityId: "string",
signingAlgorithm: "string",
subject: {
commonName: "string",
country: "string",
distinguishedNameQualifier: "string",
domainComponent: "string",
generationQualifier: "string",
givenName: "string",
initials: "string",
localityName: "string",
organization: "string",
organizationalUnit: "string",
pseudonym: "string",
serialNumber: "string",
stateOrProvinceName: "string",
street: "string",
surname: "string",
title: "string",
userId: "string",
},
validity: {
timeOfValidityNotAfter: "string",
timeOfValidityNotBefore: "string",
},
versionName: "string",
},
compartmentId: "string",
certificateAuthorityRules: [{
ruleType: "string",
certificateAuthorityMaxValidityDuration: "string",
leafCertificateMaxValidityDuration: "string",
nameConstraint: {
excludedSubtrees: [{
type: "string",
value: "string",
}],
permittedSubtrees: [{
type: "string",
value: "string",
}],
},
pathLengthConstraint: 0,
}],
certificateRevocationListDetails: {
objectStorageConfig: {
objectStorageBucketName: "string",
objectStorageObjectNameFormat: "string",
objectStorageNamespace: "string",
},
customFormattedUrls: ["string"],
},
definedTags: {
string: "string",
},
description: "string",
externalKeyDescription: "string",
freeformTags: {
string: "string",
},
kmsKeyId: "string",
name: "string",
});
type: oci:CertificatesManagement:CertificateAuthority
properties:
certificateAuthorityConfig:
actionDetails:
actionType: string
certificatePem: string
certificatePem: string
configType: string
issuerCertificateAuthorityId: string
signingAlgorithm: string
subject:
commonName: string
country: string
distinguishedNameQualifier: string
domainComponent: string
generationQualifier: string
givenName: string
initials: string
localityName: string
organization: string
organizationalUnit: string
pseudonym: string
serialNumber: string
stateOrProvinceName: string
street: string
surname: string
title: string
userId: string
validity:
timeOfValidityNotAfter: string
timeOfValidityNotBefore: string
versionName: string
certificateAuthorityRules:
- certificateAuthorityMaxValidityDuration: string
leafCertificateMaxValidityDuration: string
nameConstraint:
excludedSubtrees:
- type: string
value: string
permittedSubtrees:
- type: string
value: string
pathLengthConstraint: 0
ruleType: string
certificateRevocationListDetails:
customFormattedUrls:
- string
objectStorageConfig:
objectStorageBucketName: string
objectStorageNamespace: string
objectStorageObjectNameFormat: string
compartmentId: string
definedTags:
string: string
description: string
externalKeyDescription: string
freeformTags:
string: string
kmsKeyId: string
name: string
CertificateAuthority Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CertificateAuthority resource accepts the following input properties:
-
Certificate
Authority Certificate Authority Config - (Updatable) The configuration details for creating a certificate authority (CA).
- Compartment
Id string - (Updatable) The compartment in which you want to create the CA.
-
List<Certificate
Authority Certificate Authority Rule> - (Updatable) A list of rules that control how the CA is used and managed.
- Certificate
Revocation CertificateList Details Authority Certificate Revocation List Details - (Updatable) The details of the certificate revocation list (CRL).
- Dictionary<string, string>
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - Description string
- (Updatable) A brief description of the CA.
- External
Key stringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Dictionary<string, string>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - Kms
Key stringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- Name string
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
-
Certificate
Authority Certificate Authority Config Args - (Updatable) The configuration details for creating a certificate authority (CA).
- Compartment
Id string - (Updatable) The compartment in which you want to create the CA.
-
[]Certificate
Authority Certificate Authority Rule Args - (Updatable) A list of rules that control how the CA is used and managed.
- Certificate
Revocation CertificateList Details Authority Certificate Revocation List Details Args - (Updatable) The details of the certificate revocation list (CRL).
- map[string]string
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - Description string
- (Updatable) A brief description of the CA.
- External
Key stringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- map[string]string
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - Kms
Key stringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- Name string
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
-
Certificate
Authority Certificate Authority Config - (Updatable) The configuration details for creating a certificate authority (CA).
- compartment
Id String - (Updatable) The compartment in which you want to create the CA.
-
List<Certificate
Authority Certificate Authority Rule> - (Updatable) A list of rules that control how the CA is used and managed.
- certificate
Revocation CertificateList Details Authority Certificate Revocation List Details - (Updatable) The details of the certificate revocation list (CRL).
- Map<String,String>
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description String
- (Updatable) A brief description of the CA.
- external
Key StringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Map<String,String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - kms
Key StringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- name String
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
-
Certificate
Authority Certificate Authority Config - (Updatable) The configuration details for creating a certificate authority (CA).
- compartment
Id string - (Updatable) The compartment in which you want to create the CA.
-
Certificate
Authority Certificate Authority Rule[] - (Updatable) A list of rules that control how the CA is used and managed.
- certificate
Revocation CertificateList Details Authority Certificate Revocation List Details - (Updatable) The details of the certificate revocation list (CRL).
- {[key: string]: string}
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description string
- (Updatable) A brief description of the CA.
- external
Key stringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- {[key: string]: string}
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - kms
Key stringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- name string
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
-
Certificate
Authority Certificate Authority Config Args - (Updatable) The configuration details for creating a certificate authority (CA).
- compartment_
id str - (Updatable) The compartment in which you want to create the CA.
-
Sequence[Certificate
Authority Certificate Authority Rule Args] - (Updatable) A list of rules that control how the CA is used and managed.
- certificate_
revocation_ Certificatelist_ details Authority Certificate Revocation List Details Args - (Updatable) The details of the certificate revocation list (CRL).
- Mapping[str, str]
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description str
- (Updatable) A brief description of the CA.
- external_
key_ strdescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Mapping[str, str]
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - kms_
key_ strid - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- name str
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Property Map
- (Updatable) The configuration details for creating a certificate authority (CA).
- compartment
Id String - (Updatable) The compartment in which you want to create the CA.
- List<Property Map>
- (Updatable) A list of rules that control how the CA is used and managed.
- certificate
Revocation Property MapList Details - (Updatable) The details of the certificate revocation list (CRL).
- Map<String>
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description String
- (Updatable) A brief description of the CA.
- external
Key StringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Map<String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - kms
Key StringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- name String
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Outputs
All input properties are implicitly available as output properties. Additionally, the CertificateAuthority resource produces the following output properties:
- Config
Type string - The origin of the CA.
- Current
Versions List<CertificateAuthority Current Version> - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- Id string
- The provider-assigned unique ID for this managed resource.
- string
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- Lifecycle
Details string - Additional information about the current CA lifecycle state.
- Signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- State string
- The current lifecycle state of the certificate authority.
- Subjects
List<Certificate
Authority Subject> - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- Time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- Config
Type string - The origin of the CA.
- Current
Versions []CertificateAuthority Current Version - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- Id string
- The provider-assigned unique ID for this managed resource.
- string
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- Lifecycle
Details string - Additional information about the current CA lifecycle state.
- Signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- State string
- The current lifecycle state of the certificate authority.
- Subjects
[]Certificate
Authority Subject - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- Time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- config
Type String - The origin of the CA.
- current
Versions List<CertificateAuthority Current Version> - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- id String
- The provider-assigned unique ID for this managed resource.
- String
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- lifecycle
Details String - Additional information about the current CA lifecycle state.
- signing
Algorithm String - The algorithm used to sign public key certificates that the CA issues.
- state String
- The current lifecycle state of the certificate authority.
- subjects
List<Certificate
Authority Subject> - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time
Created String - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- config
Type string - The origin of the CA.
- current
Versions CertificateAuthority Current Version[] - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- id string
- The provider-assigned unique ID for this managed resource.
- string
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- lifecycle
Details string - Additional information about the current CA lifecycle state.
- signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- state string
- The current lifecycle state of the certificate authority.
- subjects
Certificate
Authority Subject[] - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- config_
type str - The origin of the CA.
- current_
versions Sequence[CertificateAuthority Current Version] - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- id str
- The provider-assigned unique ID for this managed resource.
- str
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- lifecycle_
details str - Additional information about the current CA lifecycle state.
- signing_
algorithm str - The algorithm used to sign public key certificates that the CA issues.
- state str
- The current lifecycle state of the certificate authority.
- subjects
Sequence[Certificate
Authority Subject] - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time_
created str - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time_
of_ strdeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- config
Type String - The origin of the CA.
- current
Versions List<Property Map> - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- id String
- The provider-assigned unique ID for this managed resource.
- String
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- lifecycle
Details String - Additional information about the current CA lifecycle state.
- signing
Algorithm String - The algorithm used to sign public key certificates that the CA issues.
- state String
- The current lifecycle state of the certificate authority.
- subjects List<Property Map>
- The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time
Created String - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
Look up Existing CertificateAuthority Resource
Get an existing CertificateAuthority resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CertificateAuthorityState, opts?: CustomResourceOptions): CertificateAuthority@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
certificate_authority_config: Optional[CertificateAuthorityCertificateAuthorityConfigArgs] = None,
certificate_authority_rules: Optional[Sequence[CertificateAuthorityCertificateAuthorityRuleArgs]] = None,
certificate_revocation_list_details: Optional[CertificateAuthorityCertificateRevocationListDetailsArgs] = None,
compartment_id: Optional[str] = None,
config_type: Optional[str] = None,
current_versions: Optional[Sequence[CertificateAuthorityCurrentVersionArgs]] = None,
defined_tags: Optional[Mapping[str, str]] = None,
description: Optional[str] = None,
external_key_description: Optional[str] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
issuer_certificate_authority_id: Optional[str] = None,
kms_key_id: Optional[str] = None,
lifecycle_details: Optional[str] = None,
name: Optional[str] = None,
signing_algorithm: Optional[str] = None,
state: Optional[str] = None,
subjects: Optional[Sequence[CertificateAuthoritySubjectArgs]] = None,
time_created: Optional[str] = None,
time_of_deletion: Optional[str] = None) -> CertificateAuthorityfunc GetCertificateAuthority(ctx *Context, name string, id IDInput, state *CertificateAuthorityState, opts ...ResourceOption) (*CertificateAuthority, error)public static CertificateAuthority Get(string name, Input<string> id, CertificateAuthorityState? state, CustomResourceOptions? opts = null)public static CertificateAuthority get(String name, Output<String> id, CertificateAuthorityState state, CustomResourceOptions options)resources: _: type: oci:CertificatesManagement:CertificateAuthority get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
-
Certificate
Authority Certificate Authority Config - (Updatable) The configuration details for creating a certificate authority (CA).
-
List<Certificate
Authority Certificate Authority Rule> - (Updatable) A list of rules that control how the CA is used and managed.
- Certificate
Revocation CertificateList Details Authority Certificate Revocation List Details - (Updatable) The details of the certificate revocation list (CRL).
- Compartment
Id string - (Updatable) The compartment in which you want to create the CA.
- Config
Type string - The origin of the CA.
- Current
Versions List<CertificateAuthority Current Version> - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- Dictionary<string, string>
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - Description string
- (Updatable) A brief description of the CA.
- External
Key stringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Dictionary<string, string>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - string
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- Kms
Key stringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- Lifecycle
Details string - Additional information about the current CA lifecycle state.
- Name string
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- State string
- The current lifecycle state of the certificate authority.
- Subjects
List<Certificate
Authority Subject> - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- Time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
-
Certificate
Authority Certificate Authority Config Args - (Updatable) The configuration details for creating a certificate authority (CA).
-
[]Certificate
Authority Certificate Authority Rule Args - (Updatable) A list of rules that control how the CA is used and managed.
- Certificate
Revocation CertificateList Details Authority Certificate Revocation List Details Args - (Updatable) The details of the certificate revocation list (CRL).
- Compartment
Id string - (Updatable) The compartment in which you want to create the CA.
- Config
Type string - The origin of the CA.
- Current
Versions []CertificateAuthority Current Version Args - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- map[string]string
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - Description string
- (Updatable) A brief description of the CA.
- External
Key stringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- map[string]string
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - string
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- Kms
Key stringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- Lifecycle
Details string - Additional information about the current CA lifecycle state.
- Name string
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- State string
- The current lifecycle state of the certificate authority.
- Subjects
[]Certificate
Authority Subject Args - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- Time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
-
Certificate
Authority Certificate Authority Config - (Updatable) The configuration details for creating a certificate authority (CA).
-
List<Certificate
Authority Certificate Authority Rule> - (Updatable) A list of rules that control how the CA is used and managed.
- certificate
Revocation CertificateList Details Authority Certificate Revocation List Details - (Updatable) The details of the certificate revocation list (CRL).
- compartment
Id String - (Updatable) The compartment in which you want to create the CA.
- config
Type String - The origin of the CA.
- current
Versions List<CertificateAuthority Current Version> - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- Map<String,String>
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description String
- (Updatable) A brief description of the CA.
- external
Key StringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Map<String,String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - String
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- kms
Key StringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- lifecycle
Details String - Additional information about the current CA lifecycle state.
- name String
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- signing
Algorithm String - The algorithm used to sign public key certificates that the CA issues.
- state String
- The current lifecycle state of the certificate authority.
- subjects
List<Certificate
Authority Subject> - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time
Created String - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
-
Certificate
Authority Certificate Authority Config - (Updatable) The configuration details for creating a certificate authority (CA).
-
Certificate
Authority Certificate Authority Rule[] - (Updatable) A list of rules that control how the CA is used and managed.
- certificate
Revocation CertificateList Details Authority Certificate Revocation List Details - (Updatable) The details of the certificate revocation list (CRL).
- compartment
Id string - (Updatable) The compartment in which you want to create the CA.
- config
Type string - The origin of the CA.
- current
Versions CertificateAuthority Current Version[] - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- {[key: string]: string}
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description string
- (Updatable) A brief description of the CA.
- external
Key stringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- {[key: string]: string}
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - string
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- kms
Key stringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- lifecycle
Details string - Additional information about the current CA lifecycle state.
- name string
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- state string
- The current lifecycle state of the certificate authority.
- subjects
Certificate
Authority Subject[] - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
-
Certificate
Authority Certificate Authority Config Args - (Updatable) The configuration details for creating a certificate authority (CA).
-
Sequence[Certificate
Authority Certificate Authority Rule Args] - (Updatable) A list of rules that control how the CA is used and managed.
- certificate_
revocation_ Certificatelist_ details Authority Certificate Revocation List Details Args - (Updatable) The details of the certificate revocation list (CRL).
- compartment_
id str - (Updatable) The compartment in which you want to create the CA.
- config_
type str - The origin of the CA.
- current_
versions Sequence[CertificateAuthority Current Version Args] - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- Mapping[str, str]
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description str
- (Updatable) A brief description of the CA.
- external_
key_ strdescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Mapping[str, str]
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - str
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- kms_
key_ strid - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- lifecycle_
details str - Additional information about the current CA lifecycle state.
- name str
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- signing_
algorithm str - The algorithm used to sign public key certificates that the CA issues.
- state str
- The current lifecycle state of the certificate authority.
- subjects
Sequence[Certificate
Authority Subject Args] - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time_
created str - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time_
of_ strdeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- Property Map
- (Updatable) The configuration details for creating a certificate authority (CA).
- List<Property Map>
- (Updatable) A list of rules that control how the CA is used and managed.
- certificate
Revocation Property MapList Details - (Updatable) The details of the certificate revocation list (CRL).
- compartment
Id String - (Updatable) The compartment in which you want to create the CA.
- config
Type String - The origin of the CA.
- current
Versions List<Property Map> - The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
- Map<String>
- (Updatable) Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example:
{"foo-namespace.bar-key": "value"} - description String
- (Updatable) A brief description of the CA.
- external
Key StringDescription - (Updatable) For externally managed CAs, a description of the externally managed private key. Avoid entering confidential information.
- Map<String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - String
- The OCID of the parent CA that issued this CA. If this is the root CA, then this value is null.
- kms
Key StringId - The OCID of the Oracle Cloud Infrastructure Vault key used to encrypt the CA.
- lifecycle
Details String - Additional information about the current CA lifecycle state.
- name String
A user-friendly name for the CA. Names are unique within a compartment. Avoid entering confidential information. Valid characters include uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- signing
Algorithm String - The algorithm used to sign public key certificates that the CA issues.
- state String
- The current lifecycle state of the certificate authority.
- subjects List<Property Map>
- The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- time
Created String - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
Supporting Types
CertificateAuthorityCertificateAuthorityConfig, CertificateAuthorityCertificateAuthorityConfigArgs
- Config
Type string - (Updatable) The origin of the CA.
- Action
Details CertificateAuthority Certificate Authority Config Action Details - Certificate
Pem string - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- string
- The OCID of the private, external issuer CA.
- Signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- Subject
Certificate
Authority Certificate Authority Config Subject - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- Validity
Certificate
Authority Certificate Authority Config Validity - (Updatable) An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- Version
Name string - (Updatable) The name of the CA version. When the value is not null, a name is unique across versions of a given CA.
- Config
Type string - (Updatable) The origin of the CA.
- Action
Details CertificateAuthority Certificate Authority Config Action Details - Certificate
Pem string - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- string
- The OCID of the private, external issuer CA.
- Signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- Subject
Certificate
Authority Certificate Authority Config Subject - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- Validity
Certificate
Authority Certificate Authority Config Validity - (Updatable) An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- Version
Name string - (Updatable) The name of the CA version. When the value is not null, a name is unique across versions of a given CA.
- config
Type String - (Updatable) The origin of the CA.
- action
Details CertificateAuthority Certificate Authority Config Action Details - certificate
Pem String - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- String
- The OCID of the private, external issuer CA.
- signing
Algorithm String - The algorithm used to sign public key certificates that the CA issues.
- subject
Certificate
Authority Certificate Authority Config Subject - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- validity
Certificate
Authority Certificate Authority Config Validity - (Updatable) An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version
Name String - (Updatable) The name of the CA version. When the value is not null, a name is unique across versions of a given CA.
- config
Type string - (Updatable) The origin of the CA.
- action
Details CertificateAuthority Certificate Authority Config Action Details - certificate
Pem string - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- string
- The OCID of the private, external issuer CA.
- signing
Algorithm string - The algorithm used to sign public key certificates that the CA issues.
- subject
Certificate
Authority Certificate Authority Config Subject - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- validity
Certificate
Authority Certificate Authority Config Validity - (Updatable) An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version
Name string - (Updatable) The name of the CA version. When the value is not null, a name is unique across versions of a given CA.
- config_
type str - (Updatable) The origin of the CA.
- action_
details CertificateAuthority Certificate Authority Config Action Details - certificate_
pem str - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- str
- The OCID of the private, external issuer CA.
- signing_
algorithm str - The algorithm used to sign public key certificates that the CA issues.
- subject
Certificate
Authority Certificate Authority Config Subject - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- validity
Certificate
Authority Certificate Authority Config Validity - (Updatable) An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version_
name str - (Updatable) The name of the CA version. When the value is not null, a name is unique across versions of a given CA.
- config
Type String - (Updatable) The origin of the CA.
- action
Details Property Map - certificate
Pem String - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- String
- The OCID of the private, external issuer CA.
- signing
Algorithm String - The algorithm used to sign public key certificates that the CA issues.
- subject Property Map
- The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
- validity Property Map
- (Updatable) An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version
Name String - (Updatable) The name of the CA version. When the value is not null, a name is unique across versions of a given CA.
CertificateAuthorityCertificateAuthorityConfigActionDetails, CertificateAuthorityCertificateAuthorityConfigActionDetailsArgs
- Action
Type string - Certificate
Pem string - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- Action
Type string - Certificate
Pem string - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- action
Type String - certificate
Pem String - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- action
Type string - certificate
Pem string - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- action_
type str - certificate_
pem str - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
- action
Type String - certificate
Pem String - (Updatable) The externally signed certificate (in PEM format) for the imported root CA.
CertificateAuthorityCertificateAuthorityConfigSubject, CertificateAuthorityCertificateAuthorityConfigSubjectArgs
- Common
Name string - Common name or fully-qualified domain name (RDN CN).
- Country string
- Country name (RDN C).
- Distinguished
Name stringQualifier - Distinguished name qualifier(RDN DNQ).
- Domain
Component string - Domain component (RDN DC).
- Generation
Qualifier string - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- Given
Name string - Personal given name (RDN G or GN).
- Initials string
- Personal initials.
- Locality
Name string - Locality (RDN L).
- Organization string
- Organization (RDN O).
- Organizational
Unit string - Organizational unit (RDN OU).
- Pseudonym string
- Subject pseudonym.
- Serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- State
Or stringProvince Name - State or province name (RDN ST or S).
- Street string
- Street address (RDN STREET).
- Surname string
- Personal surname (RDN SN).
- Title string
- Title (RDN T or TITLE).
- User
Id string - User ID (RDN UID).
- Common
Name string - Common name or fully-qualified domain name (RDN CN).
- Country string
- Country name (RDN C).
- Distinguished
Name stringQualifier - Distinguished name qualifier(RDN DNQ).
- Domain
Component string - Domain component (RDN DC).
- Generation
Qualifier string - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- Given
Name string - Personal given name (RDN G or GN).
- Initials string
- Personal initials.
- Locality
Name string - Locality (RDN L).
- Organization string
- Organization (RDN O).
- Organizational
Unit string - Organizational unit (RDN OU).
- Pseudonym string
- Subject pseudonym.
- Serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- State
Or stringProvince Name - State or province name (RDN ST or S).
- Street string
- Street address (RDN STREET).
- Surname string
- Personal surname (RDN SN).
- Title string
- Title (RDN T or TITLE).
- User
Id string - User ID (RDN UID).
- common
Name String - Common name or fully-qualified domain name (RDN CN).
- country String
- Country name (RDN C).
- distinguished
Name StringQualifier - Distinguished name qualifier(RDN DNQ).
- domain
Component String - Domain component (RDN DC).
- generation
Qualifier String - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given
Name String - Personal given name (RDN G or GN).
- initials String
- Personal initials.
- locality
Name String - Locality (RDN L).
- organization String
- Organization (RDN O).
- organizational
Unit String - Organizational unit (RDN OU).
- pseudonym String
- Subject pseudonym.
- serial
Number String - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state
Or StringProvince Name - State or province name (RDN ST or S).
- street String
- Street address (RDN STREET).
- surname String
- Personal surname (RDN SN).
- title String
- Title (RDN T or TITLE).
- user
Id String - User ID (RDN UID).
- common
Name string - Common name or fully-qualified domain name (RDN CN).
- country string
- Country name (RDN C).
- distinguished
Name stringQualifier - Distinguished name qualifier(RDN DNQ).
- domain
Component string - Domain component (RDN DC).
- generation
Qualifier string - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given
Name string - Personal given name (RDN G or GN).
- initials string
- Personal initials.
- locality
Name string - Locality (RDN L).
- organization string
- Organization (RDN O).
- organizational
Unit string - Organizational unit (RDN OU).
- pseudonym string
- Subject pseudonym.
- serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state
Or stringProvince Name - State or province name (RDN ST or S).
- street string
- Street address (RDN STREET).
- surname string
- Personal surname (RDN SN).
- title string
- Title (RDN T or TITLE).
- user
Id string - User ID (RDN UID).
- common_
name str - Common name or fully-qualified domain name (RDN CN).
- country str
- Country name (RDN C).
- distinguished_
name_ strqualifier - Distinguished name qualifier(RDN DNQ).
- domain_
component str - Domain component (RDN DC).
- generation_
qualifier str - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given_
name str - Personal given name (RDN G or GN).
- initials str
- Personal initials.
- locality_
name str - Locality (RDN L).
- organization str
- Organization (RDN O).
- organizational_
unit str - Organizational unit (RDN OU).
- pseudonym str
- Subject pseudonym.
- serial_
number str - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state_
or_ strprovince_ name - State or province name (RDN ST or S).
- street str
- Street address (RDN STREET).
- surname str
- Personal surname (RDN SN).
- title str
- Title (RDN T or TITLE).
- user_
id str - User ID (RDN UID).
- common
Name String - Common name or fully-qualified domain name (RDN CN).
- country String
- Country name (RDN C).
- distinguished
Name StringQualifier - Distinguished name qualifier(RDN DNQ).
- domain
Component String - Domain component (RDN DC).
- generation
Qualifier String - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given
Name String - Personal given name (RDN G or GN).
- initials String
- Personal initials.
- locality
Name String - Locality (RDN L).
- organization String
- Organization (RDN O).
- organizational
Unit String - Organizational unit (RDN OU).
- pseudonym String
- Subject pseudonym.
- serial
Number String - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state
Or StringProvince Name - State or province name (RDN ST or S).
- street String
- Street address (RDN STREET).
- surname String
- Personal surname (RDN SN).
- title String
- Title (RDN T or TITLE).
- user
Id String - User ID (RDN UID).
CertificateAuthorityCertificateAuthorityConfigValidity, CertificateAuthorityCertificateAuthorityConfigValidityArgs
- Time
Of stringValidity Not After - (Updatable) The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringValidity Not Before - (Updatable) The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- Time
Of stringValidity Not After - (Updatable) The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringValidity Not Before - (Updatable) The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time
Of StringValidity Not After - (Updatable) The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringValidity Not Before - (Updatable) The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time
Of stringValidity Not After - (Updatable) The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of stringValidity Not Before - (Updatable) The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time_
of_ strvalidity_ not_ after - (Updatable) The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time_
of_ strvalidity_ not_ before - (Updatable) The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time
Of StringValidity Not After - (Updatable) The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringValidity Not Before - (Updatable) The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
CertificateAuthorityCertificateAuthorityRule, CertificateAuthorityCertificateAuthorityRuleArgs
- Rule
Type string - (Updatable) The type of rule, whether an issuance rule that defines the constraints which restricts the hierarchical name forms in certificates or number of levels of descendants that any CA in the certificate chain issues or an issuance expiry rule that governs how long the certificates and CAs issued by the CA are valid.
- string
- (Updatable) A property indicating the maximum validity duration, in days, of subordinate CA's issued by this CA. Expressed in ISO 8601 format.
- Leaf
Certificate stringMax Validity Duration - (Updatable) A property indicating the maximum validity duration, in days, of leaf certificates issued by this CA. Expressed in ISO 8601 format.
- Name
Constraint CertificateAuthority Certificate Authority Rule Name Constraint - A constraint that specifies permitted and excluded namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can define name constraints on a directory name, DNS address, or IP address. If you have a name constraint, you must define at least one permitted namespace or one excluded namespace. Name constraints cannot be updated.
- Path
Length intConstraint - The number of levels of descendants that this certificate authority (CA) can issue. When set to zero, the CA can issue only leaf certificates. There is no limit if the constraint isn't specified. Path length constraints cannot be updated.
- Rule
Type string - (Updatable) The type of rule, whether an issuance rule that defines the constraints which restricts the hierarchical name forms in certificates or number of levels of descendants that any CA in the certificate chain issues or an issuance expiry rule that governs how long the certificates and CAs issued by the CA are valid.
- string
- (Updatable) A property indicating the maximum validity duration, in days, of subordinate CA's issued by this CA. Expressed in ISO 8601 format.
- Leaf
Certificate stringMax Validity Duration - (Updatable) A property indicating the maximum validity duration, in days, of leaf certificates issued by this CA. Expressed in ISO 8601 format.
- Name
Constraint CertificateAuthority Certificate Authority Rule Name Constraint - A constraint that specifies permitted and excluded namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can define name constraints on a directory name, DNS address, or IP address. If you have a name constraint, you must define at least one permitted namespace or one excluded namespace. Name constraints cannot be updated.
- Path
Length intConstraint - The number of levels of descendants that this certificate authority (CA) can issue. When set to zero, the CA can issue only leaf certificates. There is no limit if the constraint isn't specified. Path length constraints cannot be updated.
- rule
Type String - (Updatable) The type of rule, whether an issuance rule that defines the constraints which restricts the hierarchical name forms in certificates or number of levels of descendants that any CA in the certificate chain issues or an issuance expiry rule that governs how long the certificates and CAs issued by the CA are valid.
- String
- (Updatable) A property indicating the maximum validity duration, in days, of subordinate CA's issued by this CA. Expressed in ISO 8601 format.
- leaf
Certificate StringMax Validity Duration - (Updatable) A property indicating the maximum validity duration, in days, of leaf certificates issued by this CA. Expressed in ISO 8601 format.
- name
Constraint CertificateAuthority Certificate Authority Rule Name Constraint - A constraint that specifies permitted and excluded namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can define name constraints on a directory name, DNS address, or IP address. If you have a name constraint, you must define at least one permitted namespace or one excluded namespace. Name constraints cannot be updated.
- path
Length IntegerConstraint - The number of levels of descendants that this certificate authority (CA) can issue. When set to zero, the CA can issue only leaf certificates. There is no limit if the constraint isn't specified. Path length constraints cannot be updated.
- rule
Type string - (Updatable) The type of rule, whether an issuance rule that defines the constraints which restricts the hierarchical name forms in certificates or number of levels of descendants that any CA in the certificate chain issues or an issuance expiry rule that governs how long the certificates and CAs issued by the CA are valid.
- string
- (Updatable) A property indicating the maximum validity duration, in days, of subordinate CA's issued by this CA. Expressed in ISO 8601 format.
- leaf
Certificate stringMax Validity Duration - (Updatable) A property indicating the maximum validity duration, in days, of leaf certificates issued by this CA. Expressed in ISO 8601 format.
- name
Constraint CertificateAuthority Certificate Authority Rule Name Constraint - A constraint that specifies permitted and excluded namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can define name constraints on a directory name, DNS address, or IP address. If you have a name constraint, you must define at least one permitted namespace or one excluded namespace. Name constraints cannot be updated.
- path
Length numberConstraint - The number of levels of descendants that this certificate authority (CA) can issue. When set to zero, the CA can issue only leaf certificates. There is no limit if the constraint isn't specified. Path length constraints cannot be updated.
- rule_
type str - (Updatable) The type of rule, whether an issuance rule that defines the constraints which restricts the hierarchical name forms in certificates or number of levels of descendants that any CA in the certificate chain issues or an issuance expiry rule that governs how long the certificates and CAs issued by the CA are valid.
- str
- (Updatable) A property indicating the maximum validity duration, in days, of subordinate CA's issued by this CA. Expressed in ISO 8601 format.
- leaf_
certificate_ strmax_ validity_ duration - (Updatable) A property indicating the maximum validity duration, in days, of leaf certificates issued by this CA. Expressed in ISO 8601 format.
- name_
constraint CertificateAuthority Certificate Authority Rule Name Constraint - A constraint that specifies permitted and excluded namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can define name constraints on a directory name, DNS address, or IP address. If you have a name constraint, you must define at least one permitted namespace or one excluded namespace. Name constraints cannot be updated.
- path_
length_ intconstraint - The number of levels of descendants that this certificate authority (CA) can issue. When set to zero, the CA can issue only leaf certificates. There is no limit if the constraint isn't specified. Path length constraints cannot be updated.
- rule
Type String - (Updatable) The type of rule, whether an issuance rule that defines the constraints which restricts the hierarchical name forms in certificates or number of levels of descendants that any CA in the certificate chain issues or an issuance expiry rule that governs how long the certificates and CAs issued by the CA are valid.
- String
- (Updatable) A property indicating the maximum validity duration, in days, of subordinate CA's issued by this CA. Expressed in ISO 8601 format.
- leaf
Certificate StringMax Validity Duration - (Updatable) A property indicating the maximum validity duration, in days, of leaf certificates issued by this CA. Expressed in ISO 8601 format.
- name
Constraint Property Map - A constraint that specifies permitted and excluded namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can define name constraints on a directory name, DNS address, or IP address. If you have a name constraint, you must define at least one permitted namespace or one excluded namespace. Name constraints cannot be updated.
- path
Length NumberConstraint - The number of levels of descendants that this certificate authority (CA) can issue. When set to zero, the CA can issue only leaf certificates. There is no limit if the constraint isn't specified. Path length constraints cannot be updated.
CertificateAuthorityCertificateAuthorityRuleNameConstraint, CertificateAuthorityCertificateAuthorityRuleNameConstraintArgs
- Excluded
Subtrees List<CertificateAuthority Certificate Authority Rule Name Constraint Excluded Subtree> - A list that contains excluded (or prohibited) namespaces. If you have a name constraint with no permitted namespaces, you must specify at least one excluded namespace.
- Permitted
Subtrees List<CertificateAuthority Certificate Authority Rule Name Constraint Permitted Subtree> - A list that contains permitted namespaces. If you have a name constraint with no excluded namespaces, you must specify at least one permitted namespace.
- Excluded
Subtrees []CertificateAuthority Certificate Authority Rule Name Constraint Excluded Subtree - A list that contains excluded (or prohibited) namespaces. If you have a name constraint with no permitted namespaces, you must specify at least one excluded namespace.
- Permitted
Subtrees []CertificateAuthority Certificate Authority Rule Name Constraint Permitted Subtree - A list that contains permitted namespaces. If you have a name constraint with no excluded namespaces, you must specify at least one permitted namespace.
- excluded
Subtrees List<CertificateAuthority Certificate Authority Rule Name Constraint Excluded Subtree> - A list that contains excluded (or prohibited) namespaces. If you have a name constraint with no permitted namespaces, you must specify at least one excluded namespace.
- permitted
Subtrees List<CertificateAuthority Certificate Authority Rule Name Constraint Permitted Subtree> - A list that contains permitted namespaces. If you have a name constraint with no excluded namespaces, you must specify at least one permitted namespace.
- excluded
Subtrees CertificateAuthority Certificate Authority Rule Name Constraint Excluded Subtree[] - A list that contains excluded (or prohibited) namespaces. If you have a name constraint with no permitted namespaces, you must specify at least one excluded namespace.
- permitted
Subtrees CertificateAuthority Certificate Authority Rule Name Constraint Permitted Subtree[] - A list that contains permitted namespaces. If you have a name constraint with no excluded namespaces, you must specify at least one permitted namespace.
- excluded_
subtrees Sequence[CertificateAuthority Certificate Authority Rule Name Constraint Excluded Subtree] - A list that contains excluded (or prohibited) namespaces. If you have a name constraint with no permitted namespaces, you must specify at least one excluded namespace.
- permitted_
subtrees Sequence[CertificateAuthority Certificate Authority Rule Name Constraint Permitted Subtree] - A list that contains permitted namespaces. If you have a name constraint with no excluded namespaces, you must specify at least one permitted namespace.
- excluded
Subtrees List<Property Map> - A list that contains excluded (or prohibited) namespaces. If you have a name constraint with no permitted namespaces, you must specify at least one excluded namespace.
- permitted
Subtrees List<Property Map> - A list that contains permitted namespaces. If you have a name constraint with no excluded namespaces, you must specify at least one permitted namespace.
CertificateAuthorityCertificateAuthorityRuleNameConstraintExcludedSubtree, CertificateAuthorityCertificateAuthorityRuleNameConstraintExcludedSubtreeArgs
CertificateAuthorityCertificateAuthorityRuleNameConstraintPermittedSubtree, CertificateAuthorityCertificateAuthorityRuleNameConstraintPermittedSubtreeArgs
CertificateAuthorityCertificateRevocationListDetails, CertificateAuthorityCertificateRevocationListDetailsArgs
- Object
Storage CertificateConfig Authority Certificate Revocation List Details Object Storage Config - (Updatable) The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
- Custom
Formatted List<string>Urls - (Updatable) Optional CRL access points, expressed using a format where the version number of the issuing CA is inserted wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- Object
Storage CertificateConfig Authority Certificate Revocation List Details Object Storage Config - (Updatable) The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
- Custom
Formatted []stringUrls - (Updatable) Optional CRL access points, expressed using a format where the version number of the issuing CA is inserted wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object
Storage CertificateConfig Authority Certificate Revocation List Details Object Storage Config - (Updatable) The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
- custom
Formatted List<String>Urls - (Updatable) Optional CRL access points, expressed using a format where the version number of the issuing CA is inserted wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object
Storage CertificateConfig Authority Certificate Revocation List Details Object Storage Config - (Updatable) The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
- custom
Formatted string[]Urls - (Updatable) Optional CRL access points, expressed using a format where the version number of the issuing CA is inserted wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object_
storage_ Certificateconfig Authority Certificate Revocation List Details Object Storage Config - (Updatable) The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
- custom_
formatted_ Sequence[str]urls - (Updatable) Optional CRL access points, expressed using a format where the version number of the issuing CA is inserted wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object
Storage Property MapConfig - (Updatable) The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
- custom
Formatted List<String>Urls - (Updatable) Optional CRL access points, expressed using a format where the version number of the issuing CA is inserted wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
CertificateAuthorityCertificateRevocationListDetailsObjectStorageConfig, CertificateAuthorityCertificateRevocationListDetailsObjectStorageConfigArgs
- Object
Storage stringBucket Name - (Updatable) The name of the bucket where the CRL is stored.
- Object
Storage stringObject Name Format - (Updatable) The object name in the bucket where the CRL is stored, expressed using a format where the version number of the issuing CA is inserted as part of the Object Storage object name wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- Object
Storage stringNamespace - (Updatable) The tenancy of the bucket where the CRL is stored.
- Object
Storage stringBucket Name - (Updatable) The name of the bucket where the CRL is stored.
- Object
Storage stringObject Name Format - (Updatable) The object name in the bucket where the CRL is stored, expressed using a format where the version number of the issuing CA is inserted as part of the Object Storage object name wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- Object
Storage stringNamespace - (Updatable) The tenancy of the bucket where the CRL is stored.
- object
Storage StringBucket Name - (Updatable) The name of the bucket where the CRL is stored.
- object
Storage StringObject Name Format - (Updatable) The object name in the bucket where the CRL is stored, expressed using a format where the version number of the issuing CA is inserted as part of the Object Storage object name wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object
Storage StringNamespace - (Updatable) The tenancy of the bucket where the CRL is stored.
- object
Storage stringBucket Name - (Updatable) The name of the bucket where the CRL is stored.
- object
Storage stringObject Name Format - (Updatable) The object name in the bucket where the CRL is stored, expressed using a format where the version number of the issuing CA is inserted as part of the Object Storage object name wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object
Storage stringNamespace - (Updatable) The tenancy of the bucket where the CRL is stored.
- object_
storage_ strbucket_ name - (Updatable) The name of the bucket where the CRL is stored.
- object_
storage_ strobject_ name_ format - (Updatable) The object name in the bucket where the CRL is stored, expressed using a format where the version number of the issuing CA is inserted as part of the Object Storage object name wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object_
storage_ strnamespace - (Updatable) The tenancy of the bucket where the CRL is stored.
- object
Storage StringBucket Name - (Updatable) The name of the bucket where the CRL is stored.
- object
Storage StringObject Name Format - (Updatable) The object name in the bucket where the CRL is stored, expressed using a format where the version number of the issuing CA is inserted as part of the Object Storage object name wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
- object
Storage StringNamespace - (Updatable) The tenancy of the bucket where the CRL is stored.
CertificateAuthorityCurrentVersion, CertificateAuthorityCurrentVersionArgs
- string
- The OCID of the CA.
- Issuer
Ca stringVersion Number - The version number of the issuing CA.
- Revocation
Statuses List<CertificateAuthority Current Version Revocation Status> - The current revocation status of the entity.
- Serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- Stages List<string>
- A list of rotation states for this CA version.
- Time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Validities
List<Certificate
Authority Current Version Validity> - An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- Version
Name string - The name of the CA version. When this value is not null, the name is unique across CA versions for a given CA.
- Version
Number string - The version number of the CA.
- string
- The OCID of the CA.
- Issuer
Ca stringVersion Number - The version number of the issuing CA.
- Revocation
Statuses []CertificateAuthority Current Version Revocation Status - The current revocation status of the entity.
- Serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- Stages []string
- A list of rotation states for this CA version.
- Time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Validities
[]Certificate
Authority Current Version Validity - An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- Version
Name string - The name of the CA version. When this value is not null, the name is unique across CA versions for a given CA.
- Version
Number string - The version number of the CA.
- String
- The OCID of the CA.
- issuer
Ca StringVersion Number - The version number of the issuing CA.
- revocation
Statuses List<CertificateAuthority Current Version Revocation Status> - The current revocation status of the entity.
- serial
Number String - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- stages List<String>
- A list of rotation states for this CA version.
- time
Created String - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - validities
List<Certificate
Authority Current Version Validity> - An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version
Name String - The name of the CA version. When this value is not null, the name is unique across CA versions for a given CA.
- version
Number String - The version number of the CA.
- string
- The OCID of the CA.
- issuer
Ca stringVersion Number - The version number of the issuing CA.
- revocation
Statuses CertificateAuthority Current Version Revocation Status[] - The current revocation status of the entity.
- serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- stages string[]
- A list of rotation states for this CA version.
- time
Created string - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of stringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - validities
Certificate
Authority Current Version Validity[] - An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version
Name string - The name of the CA version. When this value is not null, the name is unique across CA versions for a given CA.
- version
Number string - The version number of the CA.
- str
- The OCID of the CA.
- issuer_
ca_ strversion_ number - The version number of the issuing CA.
- revocation_
statuses Sequence[CertificateAuthority Current Version Revocation Status] - The current revocation status of the entity.
- serial_
number str - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- stages Sequence[str]
- A list of rotation states for this CA version.
- time_
created str - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time_
of_ strdeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - validities
Sequence[Certificate
Authority Current Version Validity] - An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version_
name str - The name of the CA version. When this value is not null, the name is unique across CA versions for a given CA.
- version_
number str - The version number of the CA.
- String
- The OCID of the CA.
- issuer
Ca StringVersion Number - The version number of the issuing CA.
- revocation
Statuses List<Property Map> - The current revocation status of the entity.
- serial
Number String - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- stages List<String>
- A list of rotation states for this CA version.
- time
Created String - A property indicating when the CA was created, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringDeletion - An optional property indicating when to delete the CA version, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - validities List<Property Map>
- An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
- version
Name String - The name of the CA version. When this value is not null, the name is unique across CA versions for a given CA.
- version
Number String - The version number of the CA.
CertificateAuthorityCurrentVersionRevocationStatus, CertificateAuthorityCurrentVersionRevocationStatusArgs
- Revocation
Reason string - The reason the certificate or certificate authority (CA) was revoked.
- Time
Of stringRevocation - The time when the entity was revoked, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- Revocation
Reason string - The reason the certificate or certificate authority (CA) was revoked.
- Time
Of stringRevocation - The time when the entity was revoked, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- revocation
Reason String - The reason the certificate or certificate authority (CA) was revoked.
- time
Of StringRevocation - The time when the entity was revoked, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- revocation
Reason string - The reason the certificate or certificate authority (CA) was revoked.
- time
Of stringRevocation - The time when the entity was revoked, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- revocation_
reason str - The reason the certificate or certificate authority (CA) was revoked.
- time_
of_ strrevocation - The time when the entity was revoked, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- revocation
Reason String - The reason the certificate or certificate authority (CA) was revoked.
- time
Of StringRevocation - The time when the entity was revoked, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
CertificateAuthorityCurrentVersionValidity, CertificateAuthorityCurrentVersionValidityArgs
- Time
Of stringValidity Not After - The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringValidity Not Before - The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- Time
Of stringValidity Not After - The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - Time
Of stringValidity Not Before - The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time
Of StringValidity Not After - The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringValidity Not Before - The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time
Of stringValidity Not After - The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of stringValidity Not Before - The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time_
of_ strvalidity_ not_ after - The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time_
of_ strvalidity_ not_ before - The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
- time
Of StringValidity Not After - The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z - time
Of StringValidity Not Before - The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z
CertificateAuthoritySubject, CertificateAuthoritySubjectArgs
- Common
Name string - Common name or fully-qualified domain name (RDN CN).
- Country string
- Country name (RDN C).
- Distinguished
Name stringQualifier - Distinguished name qualifier(RDN DNQ).
- Domain
Component string - Domain component (RDN DC).
- Generation
Qualifier string - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- Given
Name string - Personal given name (RDN G or GN).
- Initials string
- Personal initials.
- Locality
Name string - Locality (RDN L).
- Organization string
- Organization (RDN O).
- Organizational
Unit string - Organizational unit (RDN OU).
- Pseudonym string
- Subject pseudonym.
- Serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- State
Or stringProvince Name - State or province name (RDN ST or S).
- Street string
- Street address (RDN STREET).
- Surname string
- Personal surname (RDN SN).
- Title string
- Title (RDN T or TITLE).
- User
Id string - User ID (RDN UID).
- Common
Name string - Common name or fully-qualified domain name (RDN CN).
- Country string
- Country name (RDN C).
- Distinguished
Name stringQualifier - Distinguished name qualifier(RDN DNQ).
- Domain
Component string - Domain component (RDN DC).
- Generation
Qualifier string - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- Given
Name string - Personal given name (RDN G or GN).
- Initials string
- Personal initials.
- Locality
Name string - Locality (RDN L).
- Organization string
- Organization (RDN O).
- Organizational
Unit string - Organizational unit (RDN OU).
- Pseudonym string
- Subject pseudonym.
- Serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- State
Or stringProvince Name - State or province name (RDN ST or S).
- Street string
- Street address (RDN STREET).
- Surname string
- Personal surname (RDN SN).
- Title string
- Title (RDN T or TITLE).
- User
Id string - User ID (RDN UID).
- common
Name String - Common name or fully-qualified domain name (RDN CN).
- country String
- Country name (RDN C).
- distinguished
Name StringQualifier - Distinguished name qualifier(RDN DNQ).
- domain
Component String - Domain component (RDN DC).
- generation
Qualifier String - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given
Name String - Personal given name (RDN G or GN).
- initials String
- Personal initials.
- locality
Name String - Locality (RDN L).
- organization String
- Organization (RDN O).
- organizational
Unit String - Organizational unit (RDN OU).
- pseudonym String
- Subject pseudonym.
- serial
Number String - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state
Or StringProvince Name - State or province name (RDN ST or S).
- street String
- Street address (RDN STREET).
- surname String
- Personal surname (RDN SN).
- title String
- Title (RDN T or TITLE).
- user
Id String - User ID (RDN UID).
- common
Name string - Common name or fully-qualified domain name (RDN CN).
- country string
- Country name (RDN C).
- distinguished
Name stringQualifier - Distinguished name qualifier(RDN DNQ).
- domain
Component string - Domain component (RDN DC).
- generation
Qualifier string - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given
Name string - Personal given name (RDN G or GN).
- initials string
- Personal initials.
- locality
Name string - Locality (RDN L).
- organization string
- Organization (RDN O).
- organizational
Unit string - Organizational unit (RDN OU).
- pseudonym string
- Subject pseudonym.
- serial
Number string - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state
Or stringProvince Name - State or province name (RDN ST or S).
- street string
- Street address (RDN STREET).
- surname string
- Personal surname (RDN SN).
- title string
- Title (RDN T or TITLE).
- user
Id string - User ID (RDN UID).
- common_
name str - Common name or fully-qualified domain name (RDN CN).
- country str
- Country name (RDN C).
- distinguished_
name_ strqualifier - Distinguished name qualifier(RDN DNQ).
- domain_
component str - Domain component (RDN DC).
- generation_
qualifier str - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given_
name str - Personal given name (RDN G or GN).
- initials str
- Personal initials.
- locality_
name str - Locality (RDN L).
- organization str
- Organization (RDN O).
- organizational_
unit str - Organizational unit (RDN OU).
- pseudonym str
- Subject pseudonym.
- serial_
number str - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state_
or_ strprovince_ name - State or province name (RDN ST or S).
- street str
- Street address (RDN STREET).
- surname str
- Personal surname (RDN SN).
- title str
- Title (RDN T or TITLE).
- user_
id str - User ID (RDN UID).
- common
Name String - Common name or fully-qualified domain name (RDN CN).
- country String
- Country name (RDN C).
- distinguished
Name StringQualifier - Distinguished name qualifier(RDN DNQ).
- domain
Component String - Domain component (RDN DC).
- generation
Qualifier String - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
- given
Name String - Personal given name (RDN G or GN).
- initials String
- Personal initials.
- locality
Name String - Locality (RDN L).
- organization String
- Organization (RDN O).
- organizational
Unit String - Organizational unit (RDN OU).
- pseudonym String
- Subject pseudonym.
- serial
Number String - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
- state
Or StringProvince Name - State or province name (RDN ST or S).
- street String
- Street address (RDN STREET).
- surname String
- Personal surname (RDN SN).
- title String
- Title (RDN T or TITLE).
- user
Id String - User ID (RDN UID).
Import
CertificateAuthorities can be imported using the id, e.g.
$ pulumi import oci:CertificatesManagement/certificateAuthority:CertificateAuthority test_certificate_authority "id"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.
Oracle Cloud Infrastructure v3.16.0 published on Wednesday, Jan 28, 2026 by Pulumi
