@pulumi/tls 4.6.0 → 4.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/certRequest.d.ts +7 -13
- package/certRequest.js +1 -1
- package/certRequest.js.map +1 -1
- package/getCertificate.d.ts +33 -0
- package/getCertificate.js.map +1 -1
- package/getPublicKey.d.ts +31 -1
- package/getPublicKey.js +1 -1
- package/getPublicKey.js.map +1 -1
- package/locallySignedCert.d.ts +19 -56
- package/locallySignedCert.js.map +1 -1
- package/package.json +4 -3
- package/package.json.bak +2 -1
- package/package.json.dev +4 -3
- package/privateKey.d.ts +10 -24
- package/privateKey.js.map +1 -1
- package/selfSignedCert.d.ts +19 -62
- package/selfSignedCert.js.map +1 -1
- package/types/input.d.ts +54 -0
- package/types/output.d.ts +85 -0
package/certRequest.d.ts
CHANGED
|
@@ -5,8 +5,8 @@ import { input as inputs, output as outputs } from "./types";
|
|
|
5
5
|
*
|
|
6
6
|
* ```typescript
|
|
7
7
|
* import * as pulumi from "@pulumi/pulumi";
|
|
8
|
+
* import * as fs from "fs";
|
|
8
9
|
* import * as tls from "@pulumi/tls";
|
|
9
|
-
* import * from "fs";
|
|
10
10
|
*
|
|
11
11
|
* const example = new tls.CertRequest("example", {
|
|
12
12
|
* privateKeyPem: fs.readFileSync("private_key.pem"),
|
|
@@ -50,8 +50,7 @@ export declare class CertRequest extends pulumi.CustomResource {
|
|
|
50
50
|
*/
|
|
51
51
|
readonly ipAddresses: pulumi.Output<string[] | undefined>;
|
|
52
52
|
/**
|
|
53
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
54
|
-
* and ignored, as the key algorithm is now inferred from the key.
|
|
53
|
+
* Name of the algorithm used when generating the private key provided in `privateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
55
54
|
*
|
|
56
55
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `private_key_pem`.
|
|
57
56
|
*/
|
|
@@ -63,8 +62,7 @@ export declare class CertRequest extends pulumi.CustomResource {
|
|
|
63
62
|
*/
|
|
64
63
|
readonly privateKeyPem: pulumi.Output<string>;
|
|
65
64
|
/**
|
|
66
|
-
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is
|
|
67
|
-
* based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
65
|
+
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
68
66
|
*/
|
|
69
67
|
readonly subject: pulumi.Output<outputs.CertRequestSubject | undefined>;
|
|
70
68
|
/**
|
|
@@ -101,8 +99,7 @@ export interface CertRequestState {
|
|
|
101
99
|
*/
|
|
102
100
|
ipAddresses?: pulumi.Input<pulumi.Input<string>[]>;
|
|
103
101
|
/**
|
|
104
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
105
|
-
* and ignored, as the key algorithm is now inferred from the key.
|
|
102
|
+
* Name of the algorithm used when generating the private key provided in `privateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
106
103
|
*
|
|
107
104
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `private_key_pem`.
|
|
108
105
|
*/
|
|
@@ -114,8 +111,7 @@ export interface CertRequestState {
|
|
|
114
111
|
*/
|
|
115
112
|
privateKeyPem?: pulumi.Input<string>;
|
|
116
113
|
/**
|
|
117
|
-
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is
|
|
118
|
-
* based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
114
|
+
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
119
115
|
*/
|
|
120
116
|
subject?: pulumi.Input<inputs.CertRequestSubject>;
|
|
121
117
|
/**
|
|
@@ -136,8 +132,7 @@ export interface CertRequestArgs {
|
|
|
136
132
|
*/
|
|
137
133
|
ipAddresses?: pulumi.Input<pulumi.Input<string>[]>;
|
|
138
134
|
/**
|
|
139
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
140
|
-
* and ignored, as the key algorithm is now inferred from the key.
|
|
135
|
+
* Name of the algorithm used when generating the private key provided in `privateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
141
136
|
*
|
|
142
137
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `private_key_pem`.
|
|
143
138
|
*/
|
|
@@ -149,8 +144,7 @@ export interface CertRequestArgs {
|
|
|
149
144
|
*/
|
|
150
145
|
privateKeyPem: pulumi.Input<string>;
|
|
151
146
|
/**
|
|
152
|
-
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is
|
|
153
|
-
* based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
147
|
+
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
154
148
|
*/
|
|
155
149
|
subject?: pulumi.Input<inputs.CertRequestSubject>;
|
|
156
150
|
/**
|
package/certRequest.js
CHANGED
|
@@ -10,8 +10,8 @@ const utilities = require("./utilities");
|
|
|
10
10
|
*
|
|
11
11
|
* ```typescript
|
|
12
12
|
* import * as pulumi from "@pulumi/pulumi";
|
|
13
|
+
* import * as fs from "fs";
|
|
13
14
|
* import * as tls from "@pulumi/tls";
|
|
14
|
-
* import * from "fs";
|
|
15
15
|
*
|
|
16
16
|
* const example = new tls.CertRequest("example", {
|
|
17
17
|
* privateKeyPem: fs.readFileSync("private_key.pem"),
|
package/certRequest.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"certRequest.js","sourceRoot":"","sources":["../certRequest.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;GAgBG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;
|
|
1
|
+
{"version":3,"file":"certRequest.js","sourceRoot":"","sources":["../certRequest.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;GAgBG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;IAyElD,YAAY,IAAY,EAAE,WAAgD,EAAE,IAAmC;QAC3G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2C,CAAC;YAC1D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAA0C,CAAC;YACxD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,gBAAgB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACxD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,WAAW,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAChE,CAAC;IAnGD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwB,EAAE,IAAmC;QACtH,OAAO,IAAI,WAAW,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAClE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,YAAY,CAAC;IAC5D,CAAC;;AA1BL,kCAqGC;AAvFG,gBAAgB;AACO,wBAAY,GAAG,mCAAmC,CAAC"}
|
package/getCertificate.d.ts
CHANGED
|
@@ -5,18 +5,42 @@ export declare function getCertificate(args?: GetCertificateArgs, opts?: pulumi.
|
|
|
5
5
|
* A collection of arguments for invoking getCertificate.
|
|
6
6
|
*/
|
|
7
7
|
export interface GetCertificateArgs {
|
|
8
|
+
/**
|
|
9
|
+
* The content of the certificate in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. Cannot be used with `url`.
|
|
10
|
+
*/
|
|
8
11
|
content?: string;
|
|
12
|
+
/**
|
|
13
|
+
* The URL of the website to get the certificates from. Cannot be used with `content`.
|
|
14
|
+
*/
|
|
9
15
|
url?: string;
|
|
16
|
+
/**
|
|
17
|
+
* Whether to verify the certificate chain while parsing it or not (default: `true`). Cannot be used with `content`.
|
|
18
|
+
*/
|
|
10
19
|
verifyChain?: boolean;
|
|
11
20
|
}
|
|
12
21
|
/**
|
|
13
22
|
* A collection of values returned by getCertificate.
|
|
14
23
|
*/
|
|
15
24
|
export interface GetCertificateResult {
|
|
25
|
+
/**
|
|
26
|
+
* The certificates protecting the site, with the root of the chain first.
|
|
27
|
+
*/
|
|
16
28
|
readonly certificates: outputs.GetCertificateCertificate[];
|
|
29
|
+
/**
|
|
30
|
+
* The content of the certificate in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. Cannot be used with `url`.
|
|
31
|
+
*/
|
|
17
32
|
readonly content?: string;
|
|
33
|
+
/**
|
|
34
|
+
* Unique identifier of this data source: hashing of the certificates in the chain.
|
|
35
|
+
*/
|
|
18
36
|
readonly id: string;
|
|
37
|
+
/**
|
|
38
|
+
* The URL of the website to get the certificates from. Cannot be used with `content`.
|
|
39
|
+
*/
|
|
19
40
|
readonly url?: string;
|
|
41
|
+
/**
|
|
42
|
+
* Whether to verify the certificate chain while parsing it or not (default: `true`). Cannot be used with `content`.
|
|
43
|
+
*/
|
|
20
44
|
readonly verifyChain?: boolean;
|
|
21
45
|
}
|
|
22
46
|
export declare function getCertificateOutput(args?: GetCertificateOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output<GetCertificateResult>;
|
|
@@ -24,7 +48,16 @@ export declare function getCertificateOutput(args?: GetCertificateOutputArgs, op
|
|
|
24
48
|
* A collection of arguments for invoking getCertificate.
|
|
25
49
|
*/
|
|
26
50
|
export interface GetCertificateOutputArgs {
|
|
51
|
+
/**
|
|
52
|
+
* The content of the certificate in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. Cannot be used with `url`.
|
|
53
|
+
*/
|
|
27
54
|
content?: pulumi.Input<string>;
|
|
55
|
+
/**
|
|
56
|
+
* The URL of the website to get the certificates from. Cannot be used with `content`.
|
|
57
|
+
*/
|
|
28
58
|
url?: pulumi.Input<string>;
|
|
59
|
+
/**
|
|
60
|
+
* Whether to verify the certificate chain while parsing it or not (default: `true`). Cannot be used with `content`.
|
|
61
|
+
*/
|
|
29
62
|
verifyChain?: pulumi.Input<boolean>;
|
|
30
63
|
}
|
package/getCertificate.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getCertificate.js","sourceRoot":"","sources":["../getCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC,SAAgB,cAAc,CAAC,IAAyB,EAAE,IAA2B;IACjF,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IAClB,IAAI,CAAC,IAAI,EAAE;QACP,IAAI,GAAG,EAAE,CAAA;KACZ;IAED,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;IACnE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,yCAAyC,EAAE;QACpE,SAAS,EAAE,IAAI,CAAC,OAAO;QACvB,KAAK,EAAE,IAAI,CAAC,GAAG;QACf,aAAa,EAAE,IAAI,CAAC,WAAW;KAClC,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAZD,wCAYC;
|
|
1
|
+
{"version":3,"file":"getCertificate.js","sourceRoot":"","sources":["../getCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC,SAAgB,cAAc,CAAC,IAAyB,EAAE,IAA2B;IACjF,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IAClB,IAAI,CAAC,IAAI,EAAE;QACP,IAAI,GAAG,EAAE,CAAA;KACZ;IAED,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;IACnE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,yCAAyC,EAAE;QACpE,SAAS,EAAE,IAAI,CAAC,OAAO;QACvB,KAAK,EAAE,IAAI,CAAC,GAAG;QACf,aAAa,EAAE,IAAI,CAAC,WAAW;KAClC,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAZD,wCAYC;AA8CD,SAAgB,oBAAoB,CAAC,IAA+B,EAAE,IAA2B;IAC7F,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;AAClE,CAAC;AAFD,oDAEC"}
|
package/getPublicKey.d.ts
CHANGED
|
@@ -8,8 +8,8 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
8
8
|
*
|
|
9
9
|
* ```typescript
|
|
10
10
|
* import * as pulumi from "@pulumi/pulumi";
|
|
11
|
+
* import * as fs from "fs";
|
|
11
12
|
* import * as tls from "@pulumi/tls";
|
|
12
|
-
* import * from "fs";
|
|
13
13
|
*
|
|
14
14
|
* const ed25519_example = new tls.PrivateKey("ed25519-example", {algorithm: "ED25519"});
|
|
15
15
|
* const privateKeyPem-example = tls.getPublicKeyOutput({
|
|
@@ -25,18 +25,42 @@ export declare function getPublicKey(args?: GetPublicKeyArgs, opts?: pulumi.Invo
|
|
|
25
25
|
* A collection of arguments for invoking getPublicKey.
|
|
26
26
|
*/
|
|
27
27
|
export interface GetPublicKeyArgs {
|
|
28
|
+
/**
|
|
29
|
+
* The private key (in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. Currently-supported algorithms for keys are `RSA`, `ECDSA` and `ED25519`. This is *mutually exclusive* with `privateKeyPem`.
|
|
30
|
+
*/
|
|
28
31
|
privateKeyOpenssh?: string;
|
|
32
|
+
/**
|
|
33
|
+
* The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. Currently-supported algorithms for keys are `RSA`, `ECDSA` and `ED25519`. This is *mutually exclusive* with `privateKeyOpenssh`.
|
|
34
|
+
*/
|
|
29
35
|
privateKeyPem?: string;
|
|
30
36
|
}
|
|
31
37
|
/**
|
|
32
38
|
* A collection of values returned by getPublicKey.
|
|
33
39
|
*/
|
|
34
40
|
export interface GetPublicKeyResult {
|
|
41
|
+
/**
|
|
42
|
+
* The name of the algorithm used by the given private key. Possible values are: `RSA`, `ECDSA` and `ED25519`.
|
|
43
|
+
*/
|
|
35
44
|
readonly algorithm: string;
|
|
45
|
+
/**
|
|
46
|
+
* Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
|
|
47
|
+
*/
|
|
36
48
|
readonly id: string;
|
|
49
|
+
/**
|
|
50
|
+
* The private key (in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. Currently-supported algorithms for keys are `RSA`, `ECDSA` and `ED25519`. This is *mutually exclusive* with `privateKeyPem`.
|
|
51
|
+
*/
|
|
37
52
|
readonly privateKeyOpenssh?: string;
|
|
53
|
+
/**
|
|
54
|
+
* The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. Currently-supported algorithms for keys are `RSA`, `ECDSA` and `ED25519`. This is *mutually exclusive* with `privateKeyOpenssh`.
|
|
55
|
+
*/
|
|
38
56
|
readonly privateKeyPem?: string;
|
|
57
|
+
/**
|
|
58
|
+
* The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations.
|
|
59
|
+
*/
|
|
39
60
|
readonly publicKeyFingerprintMd5: string;
|
|
61
|
+
/**
|
|
62
|
+
* The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations.
|
|
63
|
+
*/
|
|
40
64
|
readonly publicKeyFingerprintSha256: string;
|
|
41
65
|
readonly publicKeyOpenssh: string;
|
|
42
66
|
readonly publicKeyPem: string;
|
|
@@ -46,6 +70,12 @@ export declare function getPublicKeyOutput(args?: GetPublicKeyOutputArgs, opts?:
|
|
|
46
70
|
* A collection of arguments for invoking getPublicKey.
|
|
47
71
|
*/
|
|
48
72
|
export interface GetPublicKeyOutputArgs {
|
|
73
|
+
/**
|
|
74
|
+
* The private key (in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. Currently-supported algorithms for keys are `RSA`, `ECDSA` and `ED25519`. This is *mutually exclusive* with `privateKeyPem`.
|
|
75
|
+
*/
|
|
49
76
|
privateKeyOpenssh?: pulumi.Input<string>;
|
|
77
|
+
/**
|
|
78
|
+
* The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. Currently-supported algorithms for keys are `RSA`, `ECDSA` and `ED25519`. This is *mutually exclusive* with `privateKeyOpenssh`.
|
|
79
|
+
*/
|
|
50
80
|
privateKeyPem?: pulumi.Input<string>;
|
|
51
81
|
}
|
package/getPublicKey.js
CHANGED
|
@@ -14,8 +14,8 @@ const utilities = require("./utilities");
|
|
|
14
14
|
*
|
|
15
15
|
* ```typescript
|
|
16
16
|
* import * as pulumi from "@pulumi/pulumi";
|
|
17
|
+
* import * as fs from "fs";
|
|
17
18
|
* import * as tls from "@pulumi/tls";
|
|
18
|
-
* import * from "fs";
|
|
19
19
|
*
|
|
20
20
|
* const ed25519_example = new tls.PrivateKey("ed25519-example", {algorithm: "ED25519"});
|
|
21
21
|
* const privateKeyPem-example = tls.getPublicKeyOutput({
|
package/getPublicKey.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getPublicKey.js","sourceRoot":"","sources":["../getPublicKey.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,YAAY,CAAC,IAAuB,EAAE,IAA2B;IAC7E,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IAClB,IAAI,CAAC,IAAI,EAAE;QACP,IAAI,GAAG,EAAE,CAAA;KACZ;IAED,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;IACnE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,qCAAqC,EAAE;QAChE,mBAAmB,EAAE,IAAI,CAAC,iBAAiB;QAC3C,eAAe,EAAE,IAAI,CAAC,aAAa;KACtC,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAXD,oCAWC;
|
|
1
|
+
{"version":3,"file":"getPublicKey.js","sourceRoot":"","sources":["../getPublicKey.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,YAAY,CAAC,IAAuB,EAAE,IAA2B;IAC7E,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IAClB,IAAI,CAAC,IAAI,EAAE;QACP,IAAI,GAAG,EAAE,CAAA;KACZ;IAED,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;IACnE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,qCAAqC,EAAE;QAChE,mBAAmB,EAAE,IAAI,CAAC,iBAAiB;QAC3C,eAAe,EAAE,IAAI,CAAC,aAAa;KACtC,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAXD,oCAWC;AAgDD,SAAgB,kBAAkB,CAAC,IAA6B,EAAE,IAA2B;IACzF,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;AAChE,CAAC;AAFD,gDAEC"}
|
package/locallySignedCert.d.ts
CHANGED
|
@@ -16,31 +16,21 @@ export declare class LocallySignedCert extends pulumi.CustomResource {
|
|
|
16
16
|
*/
|
|
17
17
|
static isInstance(obj: any): obj is LocallySignedCert;
|
|
18
18
|
/**
|
|
19
|
-
* List of key usages allowed for the issued certificate. Values are defined in [RFC
|
|
20
|
-
* 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key
|
|
21
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key
|
|
22
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`,
|
|
23
|
-
* `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`,
|
|
24
|
-
* `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`,
|
|
25
|
-
* `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`,
|
|
26
|
-
* `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
|
|
19
|
+
* List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
|
|
27
20
|
*/
|
|
28
21
|
readonly allowedUses: pulumi.Output<string[]>;
|
|
29
22
|
/**
|
|
30
|
-
* Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421)
|
|
31
|
-
* format.
|
|
23
|
+
* Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
32
24
|
*/
|
|
33
25
|
readonly caCertPem: pulumi.Output<string>;
|
|
34
26
|
/**
|
|
35
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
36
|
-
* deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
27
|
+
* Name of the algorithm used when generating the private key provided in `caPrivateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
37
28
|
*
|
|
38
29
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `ca_private_key_pem`.
|
|
39
30
|
*/
|
|
40
31
|
readonly caKeyAlgorithm: pulumi.Output<string>;
|
|
41
32
|
/**
|
|
42
|
-
* Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC
|
|
43
|
-
* 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
33
|
+
* Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
44
34
|
*/
|
|
45
35
|
readonly caPrivateKeyPem: pulumi.Output<string>;
|
|
46
36
|
/**
|
|
@@ -68,18 +58,15 @@ export declare class LocallySignedCert extends pulumi.CustomResource {
|
|
|
68
58
|
*/
|
|
69
59
|
readonly isCaCertificate: pulumi.Output<boolean | undefined>;
|
|
70
60
|
/**
|
|
71
|
-
* Is the certificate either expired (i.e. beyond the `
|
|
72
|
-
* the `early_renewal_hours`)?
|
|
61
|
+
* Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
|
|
73
62
|
*/
|
|
74
63
|
readonly readyForRenewal: pulumi.Output<boolean>;
|
|
75
64
|
/**
|
|
76
|
-
* Should the generated certificate include a [subject key
|
|
77
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
65
|
+
* Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
78
66
|
*/
|
|
79
67
|
readonly setSubjectKeyId: pulumi.Output<boolean | undefined>;
|
|
80
68
|
/**
|
|
81
|
-
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339)
|
|
82
|
-
* timestamp.
|
|
69
|
+
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
|
|
83
70
|
*/
|
|
84
71
|
readonly validityEndTime: pulumi.Output<string>;
|
|
85
72
|
/**
|
|
@@ -104,31 +91,21 @@ export declare class LocallySignedCert extends pulumi.CustomResource {
|
|
|
104
91
|
*/
|
|
105
92
|
export interface LocallySignedCertState {
|
|
106
93
|
/**
|
|
107
|
-
* List of key usages allowed for the issued certificate. Values are defined in [RFC
|
|
108
|
-
* 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key
|
|
109
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key
|
|
110
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`,
|
|
111
|
-
* `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`,
|
|
112
|
-
* `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`,
|
|
113
|
-
* `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`,
|
|
114
|
-
* `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
|
|
94
|
+
* List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
|
|
115
95
|
*/
|
|
116
96
|
allowedUses?: pulumi.Input<pulumi.Input<string>[]>;
|
|
117
97
|
/**
|
|
118
|
-
* Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421)
|
|
119
|
-
* format.
|
|
98
|
+
* Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
120
99
|
*/
|
|
121
100
|
caCertPem?: pulumi.Input<string>;
|
|
122
101
|
/**
|
|
123
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
124
|
-
* deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
102
|
+
* Name of the algorithm used when generating the private key provided in `caPrivateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
125
103
|
*
|
|
126
104
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `ca_private_key_pem`.
|
|
127
105
|
*/
|
|
128
106
|
caKeyAlgorithm?: pulumi.Input<string>;
|
|
129
107
|
/**
|
|
130
|
-
* Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC
|
|
131
|
-
* 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
108
|
+
* Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
132
109
|
*/
|
|
133
110
|
caPrivateKeyPem?: pulumi.Input<string>;
|
|
134
111
|
/**
|
|
@@ -156,18 +133,15 @@ export interface LocallySignedCertState {
|
|
|
156
133
|
*/
|
|
157
134
|
isCaCertificate?: pulumi.Input<boolean>;
|
|
158
135
|
/**
|
|
159
|
-
* Is the certificate either expired (i.e. beyond the `
|
|
160
|
-
* the `early_renewal_hours`)?
|
|
136
|
+
* Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
|
|
161
137
|
*/
|
|
162
138
|
readyForRenewal?: pulumi.Input<boolean>;
|
|
163
139
|
/**
|
|
164
|
-
* Should the generated certificate include a [subject key
|
|
165
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
140
|
+
* Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
166
141
|
*/
|
|
167
142
|
setSubjectKeyId?: pulumi.Input<boolean>;
|
|
168
143
|
/**
|
|
169
|
-
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339)
|
|
170
|
-
* timestamp.
|
|
144
|
+
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
|
|
171
145
|
*/
|
|
172
146
|
validityEndTime?: pulumi.Input<string>;
|
|
173
147
|
/**
|
|
@@ -184,31 +158,21 @@ export interface LocallySignedCertState {
|
|
|
184
158
|
*/
|
|
185
159
|
export interface LocallySignedCertArgs {
|
|
186
160
|
/**
|
|
187
|
-
* List of key usages allowed for the issued certificate. Values are defined in [RFC
|
|
188
|
-
* 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key
|
|
189
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key
|
|
190
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`,
|
|
191
|
-
* `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`,
|
|
192
|
-
* `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`,
|
|
193
|
-
* `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`,
|
|
194
|
-
* `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
|
|
161
|
+
* List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
|
|
195
162
|
*/
|
|
196
163
|
allowedUses: pulumi.Input<pulumi.Input<string>[]>;
|
|
197
164
|
/**
|
|
198
|
-
* Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421)
|
|
199
|
-
* format.
|
|
165
|
+
* Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
200
166
|
*/
|
|
201
167
|
caCertPem: pulumi.Input<string>;
|
|
202
168
|
/**
|
|
203
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
204
|
-
* deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
169
|
+
* Name of the algorithm used when generating the private key provided in `caPrivateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
205
170
|
*
|
|
206
171
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `ca_private_key_pem`.
|
|
207
172
|
*/
|
|
208
173
|
caKeyAlgorithm?: pulumi.Input<string>;
|
|
209
174
|
/**
|
|
210
|
-
* Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC
|
|
211
|
-
* 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
175
|
+
* Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
|
|
212
176
|
*/
|
|
213
177
|
caPrivateKeyPem: pulumi.Input<string>;
|
|
214
178
|
/**
|
|
@@ -228,8 +192,7 @@ export interface LocallySignedCertArgs {
|
|
|
228
192
|
*/
|
|
229
193
|
isCaCertificate?: pulumi.Input<boolean>;
|
|
230
194
|
/**
|
|
231
|
-
* Should the generated certificate include a [subject key
|
|
232
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
195
|
+
* Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
233
196
|
*/
|
|
234
197
|
setSubjectKeyId?: pulumi.Input<boolean>;
|
|
235
198
|
/**
|
package/locallySignedCert.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"locallySignedCert.js","sourceRoot":"","sources":["../locallySignedCert.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;
|
|
1
|
+
{"version":3,"file":"locallySignedCert.js","sourceRoot":"","sources":["../locallySignedCert.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IAmGxD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;SACrF;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC9D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;aAC5D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,eAAe,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC5D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;aAClE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC3D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aACjE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,mBAAmB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAChE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;aACtE;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC9C,cAAc,CAAC,iBAAiB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACtD,cAAc,CAAC,iBAAiB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACtD,cAAc,CAAC,mBAAmB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC3D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;IArJD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;;AA1BL,8CAuJC;AAzIG,gBAAgB;AACO,8BAAY,GAAG,+CAA+C,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pulumi/tls",
|
|
3
|
-
"version": "v4.6.
|
|
3
|
+
"version": "v4.6.1",
|
|
4
4
|
"description": "A Pulumi package to create TLS resources in Pulumi programs.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"pulumi",
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
"license": "Apache-2.0",
|
|
12
12
|
"scripts": {
|
|
13
13
|
"build": "tsc",
|
|
14
|
-
"install": "node scripts/install-pulumi-plugin.js resource tls v4.6.
|
|
14
|
+
"install": "node scripts/install-pulumi-plugin.js resource tls v4.6.1"
|
|
15
15
|
},
|
|
16
16
|
"dependencies": {
|
|
17
17
|
"@pulumi/pulumi": "^3.0.0"
|
|
@@ -21,6 +21,7 @@
|
|
|
21
21
|
"typescript": "^4.3.5"
|
|
22
22
|
},
|
|
23
23
|
"pulumi": {
|
|
24
|
-
"resource": true
|
|
24
|
+
"resource": true,
|
|
25
|
+
"name": "tls"
|
|
25
26
|
}
|
|
26
27
|
}
|
package/package.json.bak
CHANGED
package/package.json.dev
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pulumi/tls",
|
|
3
|
-
"version": "v4.6.
|
|
3
|
+
"version": "v4.6.1",
|
|
4
4
|
"description": "A Pulumi package to create TLS resources in Pulumi programs.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"pulumi",
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
"license": "Apache-2.0",
|
|
12
12
|
"scripts": {
|
|
13
13
|
"build": "tsc",
|
|
14
|
-
"install": "node scripts/install-pulumi-plugin.js resource tls v4.6.
|
|
14
|
+
"install": "node scripts/install-pulumi-plugin.js resource tls v4.6.1"
|
|
15
15
|
},
|
|
16
16
|
"dependencies": {
|
|
17
17
|
"@pulumi/pulumi": "^3.0.0"
|
|
@@ -21,6 +21,7 @@
|
|
|
21
21
|
"typescript": "^4.3.5"
|
|
22
22
|
},
|
|
23
23
|
"pulumi": {
|
|
24
|
-
"resource": true
|
|
24
|
+
"resource": true,
|
|
25
|
+
"name": "tls"
|
|
25
26
|
}
|
|
26
27
|
}
|
package/privateKey.d.ts
CHANGED
|
@@ -16,13 +16,11 @@ export declare class PrivateKey extends pulumi.CustomResource {
|
|
|
16
16
|
*/
|
|
17
17
|
static isInstance(obj: any): obj is PrivateKey;
|
|
18
18
|
/**
|
|
19
|
-
* Name of the algorithm to use when generating the private key. Currently-supported values are `RSA`, `ECDSA` and
|
|
20
|
-
* `ED25519`.
|
|
19
|
+
* Name of the algorithm to use when generating the private key. Currently-supported values are `RSA`, `ECDSA` and `ED25519`.
|
|
21
20
|
*/
|
|
22
21
|
readonly algorithm: pulumi.Output<string>;
|
|
23
22
|
/**
|
|
24
|
-
* When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are `P224`, `P256`,
|
|
25
|
-
* `P384` or `P521` (default: `P224`).
|
|
23
|
+
* When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are `P224`, `P256`, `P384` or `P521` (default: `P224`).
|
|
26
24
|
*/
|
|
27
25
|
readonly ecdsaCurve: pulumi.Output<string | undefined>;
|
|
28
26
|
/**
|
|
@@ -34,15 +32,11 @@ export declare class PrivateKey extends pulumi.CustomResource {
|
|
|
34
32
|
*/
|
|
35
33
|
readonly privateKeyPem: pulumi.Output<string>;
|
|
36
34
|
/**
|
|
37
|
-
* The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected
|
|
38
|
-
* private key format is compatible, similarly to `public_key_openssh` and the [ECDSA P224
|
|
39
|
-
* limitations](../../docs#limitations).
|
|
35
|
+
* The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
|
|
40
36
|
*/
|
|
41
37
|
readonly publicKeyFingerprintMd5: pulumi.Output<string>;
|
|
42
38
|
/**
|
|
43
|
-
* The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected
|
|
44
|
-
* private key format is compatible, similarly to `public_key_openssh` and the [ECDSA P224
|
|
45
|
-
* limitations](../../docs#limitations).
|
|
39
|
+
* The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
|
|
46
40
|
*/
|
|
47
41
|
readonly publicKeyFingerprintSha256: pulumi.Output<string>;
|
|
48
42
|
/**
|
|
@@ -82,13 +76,11 @@ export declare class PrivateKey extends pulumi.CustomResource {
|
|
|
82
76
|
*/
|
|
83
77
|
export interface PrivateKeyState {
|
|
84
78
|
/**
|
|
85
|
-
* Name of the algorithm to use when generating the private key. Currently-supported values are `RSA`, `ECDSA` and
|
|
86
|
-
* `ED25519`.
|
|
79
|
+
* Name of the algorithm to use when generating the private key. Currently-supported values are `RSA`, `ECDSA` and `ED25519`.
|
|
87
80
|
*/
|
|
88
81
|
algorithm?: pulumi.Input<string>;
|
|
89
82
|
/**
|
|
90
|
-
* When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are `P224`, `P256`,
|
|
91
|
-
* `P384` or `P521` (default: `P224`).
|
|
83
|
+
* When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are `P224`, `P256`, `P384` or `P521` (default: `P224`).
|
|
92
84
|
*/
|
|
93
85
|
ecdsaCurve?: pulumi.Input<string>;
|
|
94
86
|
/**
|
|
@@ -100,15 +92,11 @@ export interface PrivateKeyState {
|
|
|
100
92
|
*/
|
|
101
93
|
privateKeyPem?: pulumi.Input<string>;
|
|
102
94
|
/**
|
|
103
|
-
* The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected
|
|
104
|
-
* private key format is compatible, similarly to `public_key_openssh` and the [ECDSA P224
|
|
105
|
-
* limitations](../../docs#limitations).
|
|
95
|
+
* The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
|
|
106
96
|
*/
|
|
107
97
|
publicKeyFingerprintMd5?: pulumi.Input<string>;
|
|
108
98
|
/**
|
|
109
|
-
* The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected
|
|
110
|
-
* private key format is compatible, similarly to `public_key_openssh` and the [ECDSA P224
|
|
111
|
-
* limitations](../../docs#limitations).
|
|
99
|
+
* The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
|
|
112
100
|
*/
|
|
113
101
|
publicKeyFingerprintSha256?: pulumi.Input<string>;
|
|
114
102
|
/**
|
|
@@ -140,13 +128,11 @@ export interface PrivateKeyState {
|
|
|
140
128
|
*/
|
|
141
129
|
export interface PrivateKeyArgs {
|
|
142
130
|
/**
|
|
143
|
-
* Name of the algorithm to use when generating the private key. Currently-supported values are `RSA`, `ECDSA` and
|
|
144
|
-
* `ED25519`.
|
|
131
|
+
* Name of the algorithm to use when generating the private key. Currently-supported values are `RSA`, `ECDSA` and `ED25519`.
|
|
145
132
|
*/
|
|
146
133
|
algorithm: pulumi.Input<string>;
|
|
147
134
|
/**
|
|
148
|
-
* When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are `P224`, `P256`,
|
|
149
|
-
* `P384` or `P521` (default: `P224`).
|
|
135
|
+
* When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are `P224`, `P256`, `P384` or `P521` (default: `P224`).
|
|
150
136
|
*/
|
|
151
137
|
ecdsaCurve?: pulumi.Input<string>;
|
|
152
138
|
/**
|
package/privateKey.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"privateKey.js","sourceRoot":"","sources":["../privateKey.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,UAAW,SAAQ,MAAM,CAAC,cAAc;
|
|
1
|
+
{"version":3,"file":"privateKey.js","sourceRoot":"","sources":["../privateKey.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,UAAW,SAAQ,MAAM,CAAC,cAAc;IAoFjD,YAAY,IAAY,EAAE,WAA8C,EAAE,IAAmC;QACzG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA0C,CAAC;YACzD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,4BAA4B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS,CAAC;YACpG,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;aAAM;YACH,MAAM,IAAI,GAAG,WAAyC,CAAC;YACvD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;aAC5D;YACD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,mBAAmB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACxD,cAAc,CAAC,eAAe,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACpD,cAAc,CAAC,yBAAyB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC9D,cAAc,CAAC,4BAA4B,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACjE,cAAc,CAAC,kBAAkB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACvD,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACtD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC/D,CAAC;IAlHD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAuB,EAAE,IAAmC;QACrH,OAAO,IAAI,UAAU,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACjE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,UAAU,CAAC,YAAY,CAAC;IAC3D,CAAC;;AA1BL,gCAoHC;AAtGG,gBAAgB;AACO,uBAAY,GAAG,iCAAiC,CAAC"}
|
package/selfSignedCert.d.ts
CHANGED
|
@@ -17,14 +17,7 @@ export declare class SelfSignedCert extends pulumi.CustomResource {
|
|
|
17
17
|
*/
|
|
18
18
|
static isInstance(obj: any): obj is SelfSignedCert;
|
|
19
19
|
/**
|
|
20
|
-
* List of key usages allowed for the issued certificate. Values are defined in [RFC
|
|
21
|
-
* 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key
|
|
22
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key
|
|
23
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`,
|
|
24
|
-
* `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`,
|
|
25
|
-
* `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`,
|
|
26
|
-
* `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`,
|
|
27
|
-
* `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
|
|
20
|
+
* List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
|
|
28
21
|
*/
|
|
29
22
|
readonly allowedUses: pulumi.Output<string[]>;
|
|
30
23
|
/**
|
|
@@ -56,8 +49,7 @@ export declare class SelfSignedCert extends pulumi.CustomResource {
|
|
|
56
49
|
*/
|
|
57
50
|
readonly isCaCertificate: pulumi.Output<boolean | undefined>;
|
|
58
51
|
/**
|
|
59
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
60
|
-
* and ignored, as the key algorithm is now inferred from the key.
|
|
52
|
+
* Name of the algorithm used when generating the private key provided in `privateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
61
53
|
*
|
|
62
54
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `private_key_pem`.
|
|
63
55
|
*/
|
|
@@ -69,25 +61,19 @@ export declare class SelfSignedCert extends pulumi.CustomResource {
|
|
|
69
61
|
*/
|
|
70
62
|
readonly privateKeyPem: pulumi.Output<string>;
|
|
71
63
|
/**
|
|
72
|
-
* Is the certificate either expired (i.e. beyond the `
|
|
73
|
-
* the `early_renewal_hours`)?
|
|
64
|
+
* Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
|
|
74
65
|
*/
|
|
75
66
|
readonly readyForRenewal: pulumi.Output<boolean>;
|
|
76
67
|
/**
|
|
77
|
-
* Should the generated certificate include an [authority key
|
|
78
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the
|
|
79
|
-
* same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default:
|
|
80
|
-
* `false`).
|
|
68
|
+
* Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
81
69
|
*/
|
|
82
70
|
readonly setAuthorityKeyId: pulumi.Output<boolean | undefined>;
|
|
83
71
|
/**
|
|
84
|
-
* Should the generated certificate include a [subject key
|
|
85
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
72
|
+
* Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
86
73
|
*/
|
|
87
74
|
readonly setSubjectKeyId: pulumi.Output<boolean | undefined>;
|
|
88
75
|
/**
|
|
89
|
-
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is
|
|
90
|
-
* based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
76
|
+
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
91
77
|
*/
|
|
92
78
|
readonly subject: pulumi.Output<outputs.SelfSignedCertSubject | undefined>;
|
|
93
79
|
/**
|
|
@@ -95,8 +81,7 @@ export declare class SelfSignedCert extends pulumi.CustomResource {
|
|
|
95
81
|
*/
|
|
96
82
|
readonly uris: pulumi.Output<string[] | undefined>;
|
|
97
83
|
/**
|
|
98
|
-
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339)
|
|
99
|
-
* timestamp.
|
|
84
|
+
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
|
|
100
85
|
*/
|
|
101
86
|
readonly validityEndTime: pulumi.Output<string>;
|
|
102
87
|
/**
|
|
@@ -121,14 +106,7 @@ export declare class SelfSignedCert extends pulumi.CustomResource {
|
|
|
121
106
|
*/
|
|
122
107
|
export interface SelfSignedCertState {
|
|
123
108
|
/**
|
|
124
|
-
* List of key usages allowed for the issued certificate. Values are defined in [RFC
|
|
125
|
-
* 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key
|
|
126
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key
|
|
127
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`,
|
|
128
|
-
* `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`,
|
|
129
|
-
* `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`,
|
|
130
|
-
* `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`,
|
|
131
|
-
* `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
|
|
109
|
+
* List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
|
|
132
110
|
*/
|
|
133
111
|
allowedUses?: pulumi.Input<pulumi.Input<string>[]>;
|
|
134
112
|
/**
|
|
@@ -160,8 +138,7 @@ export interface SelfSignedCertState {
|
|
|
160
138
|
*/
|
|
161
139
|
isCaCertificate?: pulumi.Input<boolean>;
|
|
162
140
|
/**
|
|
163
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
164
|
-
* and ignored, as the key algorithm is now inferred from the key.
|
|
141
|
+
* Name of the algorithm used when generating the private key provided in `privateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
165
142
|
*
|
|
166
143
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `private_key_pem`.
|
|
167
144
|
*/
|
|
@@ -173,25 +150,19 @@ export interface SelfSignedCertState {
|
|
|
173
150
|
*/
|
|
174
151
|
privateKeyPem?: pulumi.Input<string>;
|
|
175
152
|
/**
|
|
176
|
-
* Is the certificate either expired (i.e. beyond the `
|
|
177
|
-
* the `early_renewal_hours`)?
|
|
153
|
+
* Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
|
|
178
154
|
*/
|
|
179
155
|
readyForRenewal?: pulumi.Input<boolean>;
|
|
180
156
|
/**
|
|
181
|
-
* Should the generated certificate include an [authority key
|
|
182
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the
|
|
183
|
-
* same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default:
|
|
184
|
-
* `false`).
|
|
157
|
+
* Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
185
158
|
*/
|
|
186
159
|
setAuthorityKeyId?: pulumi.Input<boolean>;
|
|
187
160
|
/**
|
|
188
|
-
* Should the generated certificate include a [subject key
|
|
189
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
161
|
+
* Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
190
162
|
*/
|
|
191
163
|
setSubjectKeyId?: pulumi.Input<boolean>;
|
|
192
164
|
/**
|
|
193
|
-
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is
|
|
194
|
-
* based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
165
|
+
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
195
166
|
*/
|
|
196
167
|
subject?: pulumi.Input<inputs.SelfSignedCertSubject>;
|
|
197
168
|
/**
|
|
@@ -199,8 +170,7 @@ export interface SelfSignedCertState {
|
|
|
199
170
|
*/
|
|
200
171
|
uris?: pulumi.Input<pulumi.Input<string>[]>;
|
|
201
172
|
/**
|
|
202
|
-
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339)
|
|
203
|
-
* timestamp.
|
|
173
|
+
* The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
|
|
204
174
|
*/
|
|
205
175
|
validityEndTime?: pulumi.Input<string>;
|
|
206
176
|
/**
|
|
@@ -217,14 +187,7 @@ export interface SelfSignedCertState {
|
|
|
217
187
|
*/
|
|
218
188
|
export interface SelfSignedCertArgs {
|
|
219
189
|
/**
|
|
220
|
-
* List of key usages allowed for the issued certificate. Values are defined in [RFC
|
|
221
|
-
* 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key
|
|
222
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key
|
|
223
|
-
* Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`,
|
|
224
|
-
* `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`,
|
|
225
|
-
* `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`,
|
|
226
|
-
* `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`,
|
|
227
|
-
* `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
|
|
190
|
+
* List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
|
|
228
191
|
*/
|
|
229
192
|
allowedUses: pulumi.Input<pulumi.Input<string>[]>;
|
|
230
193
|
/**
|
|
@@ -248,8 +211,7 @@ export interface SelfSignedCertArgs {
|
|
|
248
211
|
*/
|
|
249
212
|
isCaCertificate?: pulumi.Input<boolean>;
|
|
250
213
|
/**
|
|
251
|
-
* Name of the algorithm used when generating the private key provided in `
|
|
252
|
-
* and ignored, as the key algorithm is now inferred from the key.
|
|
214
|
+
* Name of the algorithm used when generating the private key provided in `privateKeyPem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
|
|
253
215
|
*
|
|
254
216
|
* @deprecated This is now ignored, as the key algorithm is inferred from the `private_key_pem`.
|
|
255
217
|
*/
|
|
@@ -261,20 +223,15 @@ export interface SelfSignedCertArgs {
|
|
|
261
223
|
*/
|
|
262
224
|
privateKeyPem: pulumi.Input<string>;
|
|
263
225
|
/**
|
|
264
|
-
* Should the generated certificate include an [authority key
|
|
265
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the
|
|
266
|
-
* same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default:
|
|
267
|
-
* `false`).
|
|
226
|
+
* Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
268
227
|
*/
|
|
269
228
|
setAuthorityKeyId?: pulumi.Input<boolean>;
|
|
270
229
|
/**
|
|
271
|
-
* Should the generated certificate include a [subject key
|
|
272
|
-
* identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
230
|
+
* Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
|
|
273
231
|
*/
|
|
274
232
|
setSubjectKeyId?: pulumi.Input<boolean>;
|
|
275
233
|
/**
|
|
276
|
-
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is
|
|
277
|
-
* based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
234
|
+
* The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
|
|
278
235
|
*/
|
|
279
236
|
subject?: pulumi.Input<inputs.SelfSignedCertSubject>;
|
|
280
237
|
/**
|
package/selfSignedCert.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"selfSignedCert.js","sourceRoot":"","sources":["../selfSignedCert.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;
|
|
1
|
+
{"version":3,"file":"selfSignedCert.js","sourceRoot":"","sources":["../selfSignedCert.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;IAiHrD,YAAY,IAAY,EAAE,WAAsD,EAAE,IAAmC;QACjH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA8C,CAAC;YAC7D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;SACrF;aAAM;YACH,MAAM,IAAI,GAAG,WAA6C,CAAC;YAC3D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC9D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,mBAAmB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAChE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;aACtE;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC9C,cAAc,CAAC,iBAAiB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACtD,cAAc,CAAC,iBAAiB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACtD,cAAc,CAAC,mBAAmB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC3D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACnE,CAAC;IAnKD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA2B,EAAE,IAAmC;QACzH,OAAO,IAAI,cAAc,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACrE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,cAAc,CAAC,YAAY,CAAC;IAC/D,CAAC;;AA1BL,wCAqKC;AAvJG,gBAAgB;AACO,2BAAY,GAAG,yCAAyC,CAAC"}
|
package/types/input.d.ts
CHANGED
|
@@ -1,13 +1,40 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
export interface CertRequestSubject {
|
|
3
|
+
/**
|
|
4
|
+
* Distinguished name: `CN`
|
|
5
|
+
*/
|
|
3
6
|
commonName?: pulumi.Input<string>;
|
|
7
|
+
/**
|
|
8
|
+
* Distinguished name: `C`
|
|
9
|
+
*/
|
|
4
10
|
country?: pulumi.Input<string>;
|
|
11
|
+
/**
|
|
12
|
+
* Distinguished name: `L`
|
|
13
|
+
*/
|
|
5
14
|
locality?: pulumi.Input<string>;
|
|
15
|
+
/**
|
|
16
|
+
* Distinguished name: `O`
|
|
17
|
+
*/
|
|
6
18
|
organization?: pulumi.Input<string>;
|
|
19
|
+
/**
|
|
20
|
+
* Distinguished name: `OU`
|
|
21
|
+
*/
|
|
7
22
|
organizationalUnit?: pulumi.Input<string>;
|
|
23
|
+
/**
|
|
24
|
+
* Distinguished name: `PC`
|
|
25
|
+
*/
|
|
8
26
|
postalCode?: pulumi.Input<string>;
|
|
27
|
+
/**
|
|
28
|
+
* Distinguished name: `ST`
|
|
29
|
+
*/
|
|
9
30
|
province?: pulumi.Input<string>;
|
|
31
|
+
/**
|
|
32
|
+
* Distinguished name: `SERIALNUMBER`
|
|
33
|
+
*/
|
|
10
34
|
serialNumber?: pulumi.Input<string>;
|
|
35
|
+
/**
|
|
36
|
+
* Distinguished name: `STREET`
|
|
37
|
+
*/
|
|
11
38
|
streetAddresses?: pulumi.Input<pulumi.Input<string>[]>;
|
|
12
39
|
}
|
|
13
40
|
export interface ProviderProxy {
|
|
@@ -17,14 +44,41 @@ export interface ProviderProxy {
|
|
|
17
44
|
username?: pulumi.Input<string>;
|
|
18
45
|
}
|
|
19
46
|
export interface SelfSignedCertSubject {
|
|
47
|
+
/**
|
|
48
|
+
* Distinguished name: `CN`
|
|
49
|
+
*/
|
|
20
50
|
commonName?: pulumi.Input<string>;
|
|
51
|
+
/**
|
|
52
|
+
* Distinguished name: `C`
|
|
53
|
+
*/
|
|
21
54
|
country?: pulumi.Input<string>;
|
|
55
|
+
/**
|
|
56
|
+
* Distinguished name: `L`
|
|
57
|
+
*/
|
|
22
58
|
locality?: pulumi.Input<string>;
|
|
59
|
+
/**
|
|
60
|
+
* Distinguished name: `O`
|
|
61
|
+
*/
|
|
23
62
|
organization?: pulumi.Input<string>;
|
|
63
|
+
/**
|
|
64
|
+
* Distinguished name: `OU`
|
|
65
|
+
*/
|
|
24
66
|
organizationalUnit?: pulumi.Input<string>;
|
|
67
|
+
/**
|
|
68
|
+
* Distinguished name: `PC`
|
|
69
|
+
*/
|
|
25
70
|
postalCode?: pulumi.Input<string>;
|
|
71
|
+
/**
|
|
72
|
+
* Distinguished name: `ST`
|
|
73
|
+
*/
|
|
26
74
|
province?: pulumi.Input<string>;
|
|
75
|
+
/**
|
|
76
|
+
* Distinguished name: `SERIALNUMBER`
|
|
77
|
+
*/
|
|
27
78
|
serialNumber?: pulumi.Input<string>;
|
|
79
|
+
/**
|
|
80
|
+
* Distinguished name: `STREET`
|
|
81
|
+
*/
|
|
28
82
|
streetAddresses?: pulumi.Input<pulumi.Input<string>[]>;
|
|
29
83
|
}
|
|
30
84
|
export declare namespace config {
|
package/types/output.d.ts
CHANGED
|
@@ -1,36 +1,121 @@
|
|
|
1
1
|
export interface CertRequestSubject {
|
|
2
|
+
/**
|
|
3
|
+
* Distinguished name: `CN`
|
|
4
|
+
*/
|
|
2
5
|
commonName?: string;
|
|
6
|
+
/**
|
|
7
|
+
* Distinguished name: `C`
|
|
8
|
+
*/
|
|
3
9
|
country?: string;
|
|
10
|
+
/**
|
|
11
|
+
* Distinguished name: `L`
|
|
12
|
+
*/
|
|
4
13
|
locality?: string;
|
|
14
|
+
/**
|
|
15
|
+
* Distinguished name: `O`
|
|
16
|
+
*/
|
|
5
17
|
organization?: string;
|
|
18
|
+
/**
|
|
19
|
+
* Distinguished name: `OU`
|
|
20
|
+
*/
|
|
6
21
|
organizationalUnit?: string;
|
|
22
|
+
/**
|
|
23
|
+
* Distinguished name: `PC`
|
|
24
|
+
*/
|
|
7
25
|
postalCode?: string;
|
|
26
|
+
/**
|
|
27
|
+
* Distinguished name: `ST`
|
|
28
|
+
*/
|
|
8
29
|
province?: string;
|
|
30
|
+
/**
|
|
31
|
+
* Distinguished name: `SERIALNUMBER`
|
|
32
|
+
*/
|
|
9
33
|
serialNumber?: string;
|
|
34
|
+
/**
|
|
35
|
+
* Distinguished name: `STREET`
|
|
36
|
+
*/
|
|
10
37
|
streetAddresses?: string[];
|
|
11
38
|
}
|
|
12
39
|
export interface GetCertificateCertificate {
|
|
13
40
|
certPem: string;
|
|
41
|
+
/**
|
|
42
|
+
* `true` if the certificate is of a CA (Certificate Authority).
|
|
43
|
+
*/
|
|
14
44
|
isCa: boolean;
|
|
45
|
+
/**
|
|
46
|
+
* Who verified and signed the certificate, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).
|
|
47
|
+
*/
|
|
15
48
|
issuer: string;
|
|
49
|
+
/**
|
|
50
|
+
* The time until which the certificate is invalid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
|
|
51
|
+
*/
|
|
16
52
|
notAfter: string;
|
|
53
|
+
/**
|
|
54
|
+
* The time after which the certificate is valid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
|
|
55
|
+
*/
|
|
17
56
|
notBefore: string;
|
|
57
|
+
/**
|
|
58
|
+
* The key algorithm used to create the certificate.
|
|
59
|
+
*/
|
|
18
60
|
publicKeyAlgorithm: string;
|
|
61
|
+
/**
|
|
62
|
+
* Number that uniquely identifies the certificate with the CA's system.
|
|
63
|
+
* The `format` function can be used to convert this *base 10* number into other bases, such as hex.
|
|
64
|
+
*/
|
|
19
65
|
serialNumber: string;
|
|
66
|
+
/**
|
|
67
|
+
* The SHA1 fingerprint of the public key of the certificate.
|
|
68
|
+
*/
|
|
20
69
|
sha1Fingerprint: string;
|
|
70
|
+
/**
|
|
71
|
+
* The algorithm used to sign the certificate.
|
|
72
|
+
*/
|
|
21
73
|
signatureAlgorithm: string;
|
|
74
|
+
/**
|
|
75
|
+
* The entity the certificate belongs to, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).
|
|
76
|
+
*/
|
|
22
77
|
subject: string;
|
|
78
|
+
/**
|
|
79
|
+
* The version the certificate is in.
|
|
80
|
+
*/
|
|
23
81
|
version: number;
|
|
24
82
|
}
|
|
25
83
|
export interface SelfSignedCertSubject {
|
|
84
|
+
/**
|
|
85
|
+
* Distinguished name: `CN`
|
|
86
|
+
*/
|
|
26
87
|
commonName?: string;
|
|
88
|
+
/**
|
|
89
|
+
* Distinguished name: `C`
|
|
90
|
+
*/
|
|
27
91
|
country?: string;
|
|
92
|
+
/**
|
|
93
|
+
* Distinguished name: `L`
|
|
94
|
+
*/
|
|
28
95
|
locality?: string;
|
|
96
|
+
/**
|
|
97
|
+
* Distinguished name: `O`
|
|
98
|
+
*/
|
|
29
99
|
organization?: string;
|
|
100
|
+
/**
|
|
101
|
+
* Distinguished name: `OU`
|
|
102
|
+
*/
|
|
30
103
|
organizationalUnit?: string;
|
|
104
|
+
/**
|
|
105
|
+
* Distinguished name: `PC`
|
|
106
|
+
*/
|
|
31
107
|
postalCode?: string;
|
|
108
|
+
/**
|
|
109
|
+
* Distinguished name: `ST`
|
|
110
|
+
*/
|
|
32
111
|
province?: string;
|
|
112
|
+
/**
|
|
113
|
+
* Distinguished name: `SERIALNUMBER`
|
|
114
|
+
*/
|
|
33
115
|
serialNumber?: string;
|
|
116
|
+
/**
|
|
117
|
+
* Distinguished name: `STREET`
|
|
118
|
+
*/
|
|
34
119
|
streetAddresses?: string[];
|
|
35
120
|
}
|
|
36
121
|
export declare namespace config {
|