Module acmpca

@pulumi/aws > acmpca

Index

acmpca/certificateAuthority.ts acmpca/getCertificateAuthority.ts

class CertificateAuthority

Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).

~> NOTE: Creating this resource will leave the certificate authority in a PENDING_CERTIFICATE status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the certificate_signing_request attribute and import the signed certificate outside of Terraform. Terraform can support another resource to manage that workflow automatically in the future.

constructor

new CertificateAuthority(name: string, args: CertificateAuthorityArgs, opts?: pulumi.CustomResourceOptions)

Create a CertificateAuthority resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CertificateAuthorityState): CertificateAuthority

Get an existing CertificateAuthority resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

Amazon Resource Name (ARN) of the certificate authority.

property certificate

public certificate: pulumi.Output<string>;

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

property certificateAuthorityConfiguration

public certificateAuthorityConfiguration: pulumi.Output<{ ... }>;

Nested argument containing algorithms and certificate subject information. Defined below.

property certificateChain

public certificateChain: pulumi.Output<string>;

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

property certificateSigningRequest

public certificateSigningRequest: pulumi.Output<string>;

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

property enabled

public enabled: pulumi.Output<boolean | undefined>;

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property notAfter

public notAfter: pulumi.Output<string>;

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

property notBefore

public notBefore: pulumi.Output<string>;

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

property revocationConfiguration

public revocationConfiguration: pulumi.Output<{ ... } | undefined>;

Nested argument containing revocation configuration. Defined below.

property serial

public serial: pulumi.Output<string>;

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

property status

public status: pulumi.Output<string>;

Status of the certificate authority.

property tags

public tags: pulumi.Output<Tags | undefined>;

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

property type

public type: pulumi.Output<string | undefined>;

The type of the certificate authority. Currently, this must be SUBORDINATE.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

function getCertificateAuthority

getCertificateAuthority(args: GetCertificateAuthorityArgs, opts?: pulumi.InvokeOptions): Promise<GetCertificateAuthorityResult>

Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).

interface CertificateAuthorityArgs

The set of arguments for constructing a CertificateAuthority resource.

property certificateAuthorityConfiguration

certificateAuthorityConfiguration: pulumi.Input<{ ... }>;

Nested argument containing algorithms and certificate subject information. Defined below.

property enabled

enabled?: pulumi.Input<boolean>;

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to false.

property revocationConfiguration

revocationConfiguration?: pulumi.Input<{ ... }>;

Nested argument containing revocation configuration. Defined below.

property tags

tags?: pulumi.Input<Tags>;

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

property type

type?: pulumi.Input<string>;

The type of the certificate authority. Currently, this must be SUBORDINATE.

interface CertificateAuthorityState

Input properties used for looking up and filtering CertificateAuthority resources.

property arn

arn?: pulumi.Input<string>;

Amazon Resource Name (ARN) of the certificate authority.

property certificate

certificate?: pulumi.Input<string>;

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

property certificateAuthorityConfiguration

certificateAuthorityConfiguration?: pulumi.Input<{ ... }>;

Nested argument containing algorithms and certificate subject information. Defined below.

property certificateChain

certificateChain?: pulumi.Input<string>;

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

property certificateSigningRequest

certificateSigningRequest?: pulumi.Input<string>;

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

property enabled

enabled?: pulumi.Input<boolean>;

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to false.

property notAfter

notAfter?: pulumi.Input<string>;

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

property notBefore

notBefore?: pulumi.Input<string>;

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

property revocationConfiguration

revocationConfiguration?: pulumi.Input<{ ... }>;

Nested argument containing revocation configuration. Defined below.

property serial

serial?: pulumi.Input<string>;

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

property status

status?: pulumi.Input<string>;

Status of the certificate authority.

property tags

tags?: pulumi.Input<Tags>;

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

property type

type?: pulumi.Input<string>;

The type of the certificate authority. Currently, this must be SUBORDINATE.

interface GetCertificateAuthorityArgs

A collection of arguments for invoking getCertificateAuthority.

property arn

arn: string;

Amazon Resource Name (ARN) of the certificate authority.

property revocationConfigurations

revocationConfigurations?: { ... }[];

property tags

tags?: { ... };

interface GetCertificateAuthorityResult

A collection of values returned by getCertificateAuthority.

property certificate

certificate: string;

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

property certificateChain

certificateChain: string;

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

property certificateSigningRequest

certificateSigningRequest: string;

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property notAfter

notAfter: string;

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

property notBefore

notBefore: string;

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

property revocationConfigurations

revocationConfigurations: { ... }[];

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.

property serial

serial: string;

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

property status

status: string;

Status of the certificate authority.

property tags

tags: { ... };

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

property type

type: string;

The type of the certificate authority.