acmpca

class pulumi_aws.acmpca.CertificateAuthority(resource_name, opts=None, certificate_authority_configuration=None, enabled=None, revocation_configuration=None, tags=None, type=None, __name__=None, __opts__=None)

Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).

NOTE: Creating this resource will leave the certificate authority in a PENDING_CERTIFICATE status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the certificate_signing_request attribute and import the signed certificate outside of Terraform. Terraform can support another resource to manage that workflow automatically in the future.
Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • certificate_authority_configuration (pulumi.Input[dict]) – Nested argument containing algorithms and certificate subject information. Defined below.
  • enabled (pulumi.Input[bool]) – Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to false.
  • revocation_configuration (pulumi.Input[dict]) – Nested argument containing revocation configuration. Defined below.
  • tags (pulumi.Input[dict]) – Specifies a key-value map of user-defined tags that are attached to the certificate authority.
  • type (pulumi.Input[str]) – The type of the certificate authority. Currently, this must be SUBORDINATE.
arn = None

Amazon Resource Name (ARN) of the certificate authority.

certificate = None

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

certificate_authority_configuration = None

Nested argument containing algorithms and certificate subject information. Defined below.

certificate_chain = None

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

certificate_signing_request = None

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

enabled = None

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to false.

not_after = None

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

not_before = None

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

revocation_configuration = None

Nested argument containing revocation configuration. Defined below.

serial = None

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

status = None

Status of the certificate authority.

tags = None

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

type = None

The type of the certificate authority. Currently, this must be SUBORDINATE.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.acmpca.GetCertificateAuthorityResult(certificate=None, certificate_chain=None, certificate_signing_request=None, not_after=None, not_before=None, revocation_configurations=None, serial=None, status=None, tags=None, type=None, id=None)

A collection of values returned by getCertificateAuthority.

certificate = None

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

certificate_chain = None

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

certificate_signing_request = None

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

not_after = None

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

not_before = None

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

revocation_configurations = None

Nested attribute containing revocation configuration.

  • revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
  • revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
  • revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
  • revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires.
  • revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
serial = None

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

status = None

Status of the certificate authority.

tags = None

Specifies a key-value map of user-defined tags that are attached to the certificate authority.

type = None

The type of the certificate authority.

id = None

id is the provider-assigned unique ID for this managed resource.

pulumi_aws.acmpca.get_certificate_authority(arn=None, revocation_configurations=None, tags=None, opts=None)

Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).