Venafi v1.5.0, Feb 4 23

Venafi v1.5.0 published on Saturday, Feb 4, 2023 by Pulumi

venafi.Certificate

Explore with Pulumi AI

Venafi v1.5.0 published on Saturday, Feb 4, 2023 by Pulumi

Create Certificate Resource

new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);

@overload
def Certificate(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                algorithm: Optional[str] = None,
                certificate_dn: Optional[str] = None,
                common_name: Optional[str] = None,
                csr_origin: Optional[str] = None,
                csr_pem: Optional[str] = None,
                custom_fields: Optional[Mapping[str, str]] = None,
                ecdsa_curve: Optional[str] = None,
                expiration_window: Optional[int] = None,
                issuer_hint: Optional[str] = None,
                key_password: Optional[str] = None,
                nickname: Optional[str] = None,
                pkcs12: Optional[str] = None,
                private_key_pem: Optional[str] = None,
                rsa_bits: Optional[int] = None,
                san_dns: Optional[Sequence[str]] = None,
                san_emails: Optional[Sequence[str]] = None,
                san_ips: Optional[Sequence[str]] = None,
                san_uris: Optional[Sequence[str]] = None,
                valid_days: Optional[int] = None)
@overload
def Certificate(resource_name: str,
                args: CertificateArgs,
                opts: Optional[ResourceOptions] = None)

func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)

public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)

public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)

type: venafi:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args CertificateArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Certificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Certificate resource accepts the following input properties:

CommonName string: The common name of the certificate.
Algorithm string: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
CertificateDn string
CsrOrigin string: Whether key-pair generation will be local or service generated. Default is local.
CsrPem string
CustomFields Dictionary<string, string>: Collection of Custom Field name-value pairs to assign to the certificate.
EcdsaCurve string: ECDSA curve to use when generating a key
ExpirationWindow int: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
IssuerHint string: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
KeyPassword string: The password used to encrypt the private key.
Nickname string: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
Pkcs12 string
PrivateKeyPem string: The private key in PEM format.
RsaBits int: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
SanDns List<string>: List of DNS names to use as alternative subjects of the certificate.
SanEmails List<string>: List of email addresses to use as alternative subjects of the certificate.
SanIps List<string>: List of IP addresses to use as alternative subjects of the certificate.
SanUris List<string>: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
ValidDays int: Desired number of days for which the new certificate will be valid.

CommonName string: The common name of the certificate.
Algorithm string: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
CertificateDn string
CsrOrigin string: Whether key-pair generation will be local or service generated. Default is local.
CsrPem string
CustomFields map[string]string: Collection of Custom Field name-value pairs to assign to the certificate.
EcdsaCurve string: ECDSA curve to use when generating a key
ExpirationWindow int: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
IssuerHint string: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
KeyPassword string: The password used to encrypt the private key.
Nickname string: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
Pkcs12 string
PrivateKeyPem string: The private key in PEM format.
RsaBits int: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
SanDns []string: List of DNS names to use as alternative subjects of the certificate.
SanEmails []string: List of email addresses to use as alternative subjects of the certificate.
SanIps []string: List of IP addresses to use as alternative subjects of the certificate.
SanUris []string: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
ValidDays int: Desired number of days for which the new certificate will be valid.

commonName String: The common name of the certificate.
algorithm String: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificateDn String
csrOrigin String: Whether key-pair generation will be local or service generated. Default is local.
csrPem String
customFields Map<String,String>: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsaCurve String: ECDSA curve to use when generating a key
expirationWindow Integer: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuerHint String: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
keyPassword String: The password used to encrypt the private key.
nickname String: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 String
privateKeyPem String: The private key in PEM format.
rsaBits Integer: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
sanDns List<String>: List of DNS names to use as alternative subjects of the certificate.
sanEmails List<String>: List of email addresses to use as alternative subjects of the certificate.
sanIps List<String>: List of IP addresses to use as alternative subjects of the certificate.
sanUris List<String>: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
validDays Integer: Desired number of days for which the new certificate will be valid.

commonName string: The common name of the certificate.
algorithm string: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificateDn string
csrOrigin string: Whether key-pair generation will be local or service generated. Default is local.
csrPem string
customFields {[key: string]: string}: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsaCurve string: ECDSA curve to use when generating a key
expirationWindow number: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuerHint string: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
keyPassword string: The password used to encrypt the private key.
nickname string: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 string
privateKeyPem string: The private key in PEM format.
rsaBits number: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
sanDns string[]: List of DNS names to use as alternative subjects of the certificate.
sanEmails string[]: List of email addresses to use as alternative subjects of the certificate.
sanIps string[]: List of IP addresses to use as alternative subjects of the certificate.
sanUris string[]: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
validDays number: Desired number of days for which the new certificate will be valid.

common_name str: The common name of the certificate.
algorithm str: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificate_dn str
csr_origin str: Whether key-pair generation will be local or service generated. Default is local.
csr_pem str
custom_fields Mapping[str, str]: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsa_curve str: ECDSA curve to use when generating a key
expiration_window int: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuer_hint str: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
key_password str: The password used to encrypt the private key.
nickname str: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 str
private_key_pem str: The private key in PEM format.
rsa_bits int: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
san_dns Sequence[str]: List of DNS names to use as alternative subjects of the certificate.
san_emails Sequence[str]: List of email addresses to use as alternative subjects of the certificate.
san_ips Sequence[str]: List of IP addresses to use as alternative subjects of the certificate.
san_uris Sequence[str]: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
valid_days int: Desired number of days for which the new certificate will be valid.

commonName String: The common name of the certificate.
algorithm String: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificateDn String
csrOrigin String: Whether key-pair generation will be local or service generated. Default is local.
csrPem String
customFields Map<String>: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsaCurve String: ECDSA curve to use when generating a key
expirationWindow Number: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuerHint String: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
keyPassword String: The password used to encrypt the private key.
nickname String: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 String
privateKeyPem String: The private key in PEM format.
rsaBits Number: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
sanDns List<String>: List of DNS names to use as alternative subjects of the certificate.
sanEmails List<String>: List of email addresses to use as alternative subjects of the certificate.
sanIps List<String>: List of IP addresses to use as alternative subjects of the certificate.
sanUris List<String>: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
validDays Number: Desired number of days for which the new certificate will be valid.

Outputs

All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:

CertificateDetails string: The X509 certificate in PEM format.
Chain string: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
Id string: The provider-assigned unique ID for this managed resource.

Certificate string: The X509 certificate in PEM format.
Chain string: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
Id string: The provider-assigned unique ID for this managed resource.

certificate String: The X509 certificate in PEM format.
chain String: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
id String: The provider-assigned unique ID for this managed resource.

certificate string: The X509 certificate in PEM format.
chain string: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
id string: The provider-assigned unique ID for this managed resource.

certificate str: The X509 certificate in PEM format.
chain str: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
id str: The provider-assigned unique ID for this managed resource.

certificate String: The X509 certificate in PEM format.
chain String: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
id String: The provider-assigned unique ID for this managed resource.

Look up Existing Certificate Resource

Get an existing Certificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CertificateState, opts?: CustomResourceOptions): Certificate

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        algorithm: Optional[str] = None,
        certificate: Optional[str] = None,
        certificate_dn: Optional[str] = None,
        chain: Optional[str] = None,
        common_name: Optional[str] = None,
        csr_origin: Optional[str] = None,
        csr_pem: Optional[str] = None,
        custom_fields: Optional[Mapping[str, str]] = None,
        ecdsa_curve: Optional[str] = None,
        expiration_window: Optional[int] = None,
        issuer_hint: Optional[str] = None,
        key_password: Optional[str] = None,
        nickname: Optional[str] = None,
        pkcs12: Optional[str] = None,
        private_key_pem: Optional[str] = None,
        rsa_bits: Optional[int] = None,
        san_dns: Optional[Sequence[str]] = None,
        san_emails: Optional[Sequence[str]] = None,
        san_ips: Optional[Sequence[str]] = None,
        san_uris: Optional[Sequence[str]] = None,
        valid_days: Optional[int] = None) -> Certificate

func GetCertificate(ctx *Context, name string, id IDInput, state *CertificateState, opts ...ResourceOption) (*Certificate, error)

public static Certificate Get(string name, Input<string> id, CertificateState? state, CustomResourceOptions? opts = null)

public static Certificate get(String name, Output<String> id, CertificateState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Algorithm string: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
CertificateDetails string: The X509 certificate in PEM format.
CertificateDn string
Chain string: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
CommonName string: The common name of the certificate.
CsrOrigin string: Whether key-pair generation will be local or service generated. Default is local.
CsrPem string
CustomFields Dictionary<string, string>: Collection of Custom Field name-value pairs to assign to the certificate.
EcdsaCurve string: ECDSA curve to use when generating a key
ExpirationWindow int: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
IssuerHint string: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
KeyPassword string: The password used to encrypt the private key.
Nickname string: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
Pkcs12 string
PrivateKeyPem string: The private key in PEM format.
RsaBits int: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
SanDns List<string>: List of DNS names to use as alternative subjects of the certificate.
SanEmails List<string>: List of email addresses to use as alternative subjects of the certificate.
SanIps List<string>: List of IP addresses to use as alternative subjects of the certificate.
SanUris List<string>: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
ValidDays int: Desired number of days for which the new certificate will be valid.

Algorithm string: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
Certificate string: The X509 certificate in PEM format.
CertificateDn string
Chain string: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
CommonName string: The common name of the certificate.
CsrOrigin string: Whether key-pair generation will be local or service generated. Default is local.
CsrPem string
CustomFields map[string]string: Collection of Custom Field name-value pairs to assign to the certificate.
EcdsaCurve string: ECDSA curve to use when generating a key
ExpirationWindow int: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
IssuerHint string: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
KeyPassword string: The password used to encrypt the private key.
Nickname string: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
Pkcs12 string
PrivateKeyPem string: The private key in PEM format.
RsaBits int: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
SanDns []string: List of DNS names to use as alternative subjects of the certificate.
SanEmails []string: List of email addresses to use as alternative subjects of the certificate.
SanIps []string: List of IP addresses to use as alternative subjects of the certificate.
SanUris []string: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
ValidDays int: Desired number of days for which the new certificate will be valid.

algorithm String: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificate String: The X509 certificate in PEM format.
certificateDn String
chain String: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
commonName String: The common name of the certificate.
csrOrigin String: Whether key-pair generation will be local or service generated. Default is local.
csrPem String
customFields Map<String,String>: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsaCurve String: ECDSA curve to use when generating a key
expirationWindow Integer: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuerHint String: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
keyPassword String: The password used to encrypt the private key.
nickname String: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 String
privateKeyPem String: The private key in PEM format.
rsaBits Integer: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
sanDns List<String>: List of DNS names to use as alternative subjects of the certificate.
sanEmails List<String>: List of email addresses to use as alternative subjects of the certificate.
sanIps List<String>: List of IP addresses to use as alternative subjects of the certificate.
sanUris List<String>: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
validDays Integer: Desired number of days for which the new certificate will be valid.

algorithm string: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificate string: The X509 certificate in PEM format.
certificateDn string
chain string: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
commonName string: The common name of the certificate.
csrOrigin string: Whether key-pair generation will be local or service generated. Default is local.
csrPem string
customFields {[key: string]: string}: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsaCurve string: ECDSA curve to use when generating a key
expirationWindow number: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuerHint string: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
keyPassword string: The password used to encrypt the private key.
nickname string: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 string
privateKeyPem string: The private key in PEM format.
rsaBits number: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
sanDns string[]: List of DNS names to use as alternative subjects of the certificate.
sanEmails string[]: List of email addresses to use as alternative subjects of the certificate.
sanIps string[]: List of IP addresses to use as alternative subjects of the certificate.
sanUris string[]: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
validDays number: Desired number of days for which the new certificate will be valid.

algorithm str: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificate str: The X509 certificate in PEM format.
certificate_dn str
chain str: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
common_name str: The common name of the certificate.
csr_origin str: Whether key-pair generation will be local or service generated. Default is local.
csr_pem str
custom_fields Mapping[str, str]: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsa_curve str: ECDSA curve to use when generating a key
expiration_window int: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuer_hint str: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
key_password str: The password used to encrypt the private key.
nickname str: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 str
private_key_pem str: The private key in PEM format.
rsa_bits int: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
san_dns Sequence[str]: List of DNS names to use as alternative subjects of the certificate.
san_emails Sequence[str]: List of email addresses to use as alternative subjects of the certificate.
san_ips Sequence[str]: List of IP addresses to use as alternative subjects of the certificate.
san_uris Sequence[str]: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
valid_days int: Desired number of days for which the new certificate will be valid.

algorithm String: Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
certificate String: The X509 certificate in PEM format.
certificateDn String
chain String: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
commonName String: The common name of the certificate.
csrOrigin String: Whether key-pair generation will be local or service generated. Default is local.
csrPem String
customFields Map<String>: Collection of Custom Field name-value pairs to assign to the certificate.
ecdsaCurve String: ECDSA curve to use when generating a key
expirationWindow Number: Number of hours before certificate expiry to request a new certificate. Defaults to 168.
issuerHint String: Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
keyPassword String: The password used to encrypt the private key.
nickname String: Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
pkcs12 String
privateKeyPem String: The private key in PEM format.
rsaBits Number: Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
sanDns List<String>: List of DNS names to use as alternative subjects of the certificate.
sanEmails List<String>: List of email addresses to use as alternative subjects of the certificate.
sanIps List<String>: List of IP addresses to use as alternative subjects of the certificate.
sanUris List<String>: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
validDays Number: Desired number of days for which the new certificate will be valid.

Package Details

Repository: Venafi pulumi/pulumi-venafi
License: Apache-2.0
Notes: This Pulumi package is based on the venafi Terraform Provider.

Venafi v1.5.0 published on Saturday, Feb 4, 2023 by Pulumi

pulumi/pulumi-venafi

venafi.Certificate

On this page

On this page

Create Certificate Resource

Certificate Resource Properties

Inputs

Outputs

Look up Existing Certificate Resource

Package Details

On this page

On this page