tls.getPublicKey
Get a public key from a PEM-encoded private key.
Use this data source to get the public key from a PEM (RFC 1421) or OpenSSH PEM (RFC 4716) formatted private key, for use in other resources.
Example Usage
using System.Collections.Generic;
using System.IO;
using Pulumi;
using Tls = Pulumi.Tls;
return await Deployment.RunAsync(() =>
{
var ed25519_example = new Tls.PrivateKey("ed25519-example", new()
{
Algorithm = "ED25519",
});
var privateKeyPem_example = Tls.GetPublicKey.Invoke(new()
{
PrivateKeyPem = ed25519_example.PrivateKeyPem,
});
var privateKeyOpenssh_example = Tls.GetPublicKey.Invoke(new()
{
PrivateKeyOpenssh = File.ReadAllText("~/.ssh/id_rsa_rfc4716"),
});
});
package main
import (
"io/ioutil"
"github.com/pulumi/pulumi-tls/sdk/v4/go/tls"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := ioutil.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tls.NewPrivateKey(ctx, "ed25519-example", &tls.PrivateKeyArgs{
Algorithm: pulumi.String("ED25519"),
})
if err != nil {
return err
}
_ = tls.GetPublicKeyOutput(ctx, tls.GetPublicKeyOutputArgs{
PrivateKeyPem: ed25519_example.PrivateKeyPem,
}, nil)
_, err = tls.GetPublicKey(ctx, &tls.GetPublicKeyArgs{
PrivateKeyOpenssh: pulumi.StringRef(readFileOrPanic("~/.ssh/id_rsa_rfc4716")),
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tls.PrivateKey;
import com.pulumi.tls.PrivateKeyArgs;
import com.pulumi.tls.TlsFunctions;
import com.pulumi.tls.inputs.GetPublicKeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var ed25519_example = new PrivateKey("ed25519-example", PrivateKeyArgs.builder()
.algorithm("ED25519")
.build());
final var privateKeyPem-example = TlsFunctions.getPublicKey(GetPublicKeyArgs.builder()
.privateKeyPem(ed25519_example.privateKeyPem())
.build());
final var privateKeyOpenssh-example = TlsFunctions.getPublicKey(GetPublicKeyArgs.builder()
.privateKeyOpenssh(Files.readString(Paths.get("~/.ssh/id_rsa_rfc4716")))
.build());
}
}
import pulumi
import pulumi_tls as tls
ed25519_example = tls.PrivateKey("ed25519-example", algorithm="ED25519")
private_key_pem_example = tls.get_public_key_output(private_key_pem=ed25519_example.private_key_pem)
private_key_openssh_example = tls.get_public_key(private_key_openssh=(lambda path: open(path).read())("~/.ssh/id_rsa_rfc4716"))
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as tls from "@pulumi/tls";
const ed25519_example = new tls.PrivateKey("ed25519-example", {algorithm: "ED25519"});
const privateKeyPem-example = tls.getPublicKeyOutput({
privateKeyPem: ed25519_example.privateKeyPem,
});
const privateKeyOpenssh-example = tls.getPublicKey({
privateKeyOpenssh: fs.readFileSync("~/.ssh/id_rsa_rfc4716"),
});
resources:
ed25519-example:
type: tls:PrivateKey
properties:
algorithm: ED25519
variables:
privateKeyPem-example:
fn::invoke:
Function: tls:getPublicKey
Arguments:
privateKeyPem: ${["ed25519-example"].privateKeyPem}
privateKeyOpenssh-example:
fn::invoke:
Function: tls:getPublicKey
Arguments:
privateKeyOpenssh:
fn::readFile: ~/.ssh/id_rsa_rfc4716
Using getPublicKey
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPublicKey(args: GetPublicKeyArgs, opts?: InvokeOptions): Promise<GetPublicKeyResult>
function getPublicKeyOutput(args: GetPublicKeyOutputArgs, opts?: InvokeOptions): Output<GetPublicKeyResult>
def get_public_key(private_key_openssh: Optional[str] = None,
private_key_pem: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetPublicKeyResult
def get_public_key_output(private_key_openssh: Optional[pulumi.Input[str]] = None,
private_key_pem: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPublicKeyResult]
func GetPublicKey(ctx *Context, args *GetPublicKeyArgs, opts ...InvokeOption) (*GetPublicKeyResult, error)
func GetPublicKeyOutput(ctx *Context, args *GetPublicKeyOutputArgs, opts ...InvokeOption) GetPublicKeyResultOutput
> Note: This function is named GetPublicKey
in the Go SDK.
public static class GetPublicKey
{
public static Task<GetPublicKeyResult> InvokeAsync(GetPublicKeyArgs args, InvokeOptions? opts = null)
public static Output<GetPublicKeyResult> Invoke(GetPublicKeyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetPublicKeyResult> getPublicKey(GetPublicKeyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: tls:index/getPublicKey:getPublicKey
arguments:
# arguments dictionary
The following arguments are supported:
- Private
Key stringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- Private
Key stringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- Private
Key stringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- Private
Key stringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- private
Key StringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private
Key StringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- private
Key stringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private
Key stringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- private_
key_ stropenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private_
key_ strpem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- private
Key StringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private
Key StringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
getPublicKey Result
The following output properties are available:
- Algorithm string
The name of the algorithm used by the given private key. Possible values are:
RSA
,ECDSA
andED25519
.- Id string
Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
- Public
Key stringFingerprint Md5 The fingerprint of the public key data in OpenSSH MD5 hash format, e.g.
aa:bb:cc:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- Public
Key stringFingerprint Sha256 The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g.
SHA256:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- Public
Key stringOpenssh - Public
Key stringPem - Private
Key stringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- Private
Key stringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- Algorithm string
The name of the algorithm used by the given private key. Possible values are:
RSA
,ECDSA
andED25519
.- Id string
Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
- Public
Key stringFingerprint Md5 The fingerprint of the public key data in OpenSSH MD5 hash format, e.g.
aa:bb:cc:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- Public
Key stringFingerprint Sha256 The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g.
SHA256:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- Public
Key stringOpenssh - Public
Key stringPem - Private
Key stringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- Private
Key stringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- algorithm String
The name of the algorithm used by the given private key. Possible values are:
RSA
,ECDSA
andED25519
.- id String
Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
- public
Key StringFingerprint Md5 The fingerprint of the public key data in OpenSSH MD5 hash format, e.g.
aa:bb:cc:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public
Key StringFingerprint Sha256 The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g.
SHA256:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public
Key StringOpenssh - public
Key StringPem - private
Key StringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private
Key StringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- algorithm string
The name of the algorithm used by the given private key. Possible values are:
RSA
,ECDSA
andED25519
.- id string
Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
- public
Key stringFingerprint Md5 The fingerprint of the public key data in OpenSSH MD5 hash format, e.g.
aa:bb:cc:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public
Key stringFingerprint Sha256 The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g.
SHA256:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public
Key stringOpenssh - public
Key stringPem - private
Key stringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private
Key stringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- algorithm str
The name of the algorithm used by the given private key. Possible values are:
RSA
,ECDSA
andED25519
.- id str
Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
- public_
key_ strfingerprint_ md5 The fingerprint of the public key data in OpenSSH MD5 hash format, e.g.
aa:bb:cc:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public_
key_ strfingerprint_ sha256 The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g.
SHA256:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public_
key_ stropenssh - public_
key_ strpem - private_
key_ stropenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private_
key_ strpem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
- algorithm String
The name of the algorithm used by the given private key. Possible values are:
RSA
,ECDSA
andED25519
.- id String
Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
- public
Key StringFingerprint Md5 The fingerprint of the public key data in OpenSSH MD5 hash format, e.g.
aa:bb:cc:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public
Key StringFingerprint Sha256 The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g.
SHA256:...
. Only available if the selected private key format is compatible, as per the rules forpublic_key_openssh
and ECDSA P224 limitations.- public
Key StringOpenssh - public
Key StringPem - private
Key StringOpenssh The private key (in OpenSSH PEM (RFC 4716) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_pem
.- private
Key StringPem The private key (in PEM (RFC 1421) format) to extract the public key from. Currently-supported algorithms for keys are
RSA
,ECDSA
andED25519
. This is mutually exclusive withprivate_key_openssh
.
Package Details
- Repository
- TLS pulumi/pulumi-tls
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
tls
Terraform Provider.