pulumi-tls 5.2.0a1743575896__py3-none-any.whl → 5.2.0a1744183475__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -21,29 +22,29 @@ __all__ = ['SelfSignedCertArgs', 'SelfSignedCert']
21
22
  @pulumi.input_type
22
23
  class SelfSignedCertArgs:
23
24
  def __init__(__self__, *,
24
- allowed_uses: pulumi.Input[Sequence[pulumi.Input[str]]],
25
- private_key_pem: pulumi.Input[str],
26
- validity_period_hours: pulumi.Input[int],
27
- dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
28
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
29
- ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
30
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
31
- set_authority_key_id: Optional[pulumi.Input[bool]] = None,
32
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
25
+ allowed_uses: pulumi.Input[Sequence[pulumi.Input[builtins.str]]],
26
+ private_key_pem: pulumi.Input[builtins.str],
27
+ validity_period_hours: pulumi.Input[builtins.int],
28
+ dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
29
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
30
+ ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
31
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
32
+ set_authority_key_id: Optional[pulumi.Input[builtins.bool]] = None,
33
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
33
34
  subject: Optional[pulumi.Input['SelfSignedCertSubjectArgs']] = None,
34
- uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
35
+ uris: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None):
35
36
  """
36
37
  The set of arguments for constructing a SelfSignedCert resource.
37
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
38
- :param pulumi.Input[str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to. This can be read from a separate file using the `file` interpolation function.
39
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
40
- :param pulumi.Input[Sequence[pulumi.Input[str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
41
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
42
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
43
- :param pulumi.Input[bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
44
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
38
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
39
+ :param pulumi.Input[builtins.str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to.
40
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
41
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
42
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
43
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
44
+ :param pulumi.Input[builtins.bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
45
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
45
46
  :param pulumi.Input['SelfSignedCertSubjectArgs'] subject: The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
46
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
47
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
47
48
  """
48
49
  pulumi.set(__self__, "allowed_uses", allowed_uses)
49
50
  pulumi.set(__self__, "private_key_pem", private_key_pem)
@@ -67,107 +68,107 @@ class SelfSignedCertArgs:
67
68
 
68
69
  @property
69
70
  @pulumi.getter(name="allowedUses")
70
- def allowed_uses(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
71
+ def allowed_uses(self) -> pulumi.Input[Sequence[pulumi.Input[builtins.str]]]:
71
72
  """
72
73
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
73
74
  """
74
75
  return pulumi.get(self, "allowed_uses")
75
76
 
76
77
  @allowed_uses.setter
77
- def allowed_uses(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]):
78
+ def allowed_uses(self, value: pulumi.Input[Sequence[pulumi.Input[builtins.str]]]):
78
79
  pulumi.set(self, "allowed_uses", value)
79
80
 
80
81
  @property
81
82
  @pulumi.getter(name="privateKeyPem")
82
- def private_key_pem(self) -> pulumi.Input[str]:
83
+ def private_key_pem(self) -> pulumi.Input[builtins.str]:
83
84
  """
84
- Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to. This can be read from a separate file using the `file` interpolation function.
85
+ Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to.
85
86
  """
86
87
  return pulumi.get(self, "private_key_pem")
87
88
 
88
89
  @private_key_pem.setter
89
- def private_key_pem(self, value: pulumi.Input[str]):
90
+ def private_key_pem(self, value: pulumi.Input[builtins.str]):
90
91
  pulumi.set(self, "private_key_pem", value)
91
92
 
92
93
  @property
93
94
  @pulumi.getter(name="validityPeriodHours")
94
- def validity_period_hours(self) -> pulumi.Input[int]:
95
+ def validity_period_hours(self) -> pulumi.Input[builtins.int]:
95
96
  """
96
97
  Number of hours, after initial issuing, that the certificate will remain valid for.
97
98
  """
98
99
  return pulumi.get(self, "validity_period_hours")
99
100
 
100
101
  @validity_period_hours.setter
101
- def validity_period_hours(self, value: pulumi.Input[int]):
102
+ def validity_period_hours(self, value: pulumi.Input[builtins.int]):
102
103
  pulumi.set(self, "validity_period_hours", value)
103
104
 
104
105
  @property
105
106
  @pulumi.getter(name="dnsNames")
106
- def dns_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
107
+ def dns_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
107
108
  """
108
109
  List of DNS names for which a certificate is being requested (i.e. certificate subjects).
109
110
  """
110
111
  return pulumi.get(self, "dns_names")
111
112
 
112
113
  @dns_names.setter
113
- def dns_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
114
+ def dns_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
114
115
  pulumi.set(self, "dns_names", value)
115
116
 
116
117
  @property
117
118
  @pulumi.getter(name="earlyRenewalHours")
118
- def early_renewal_hours(self) -> Optional[pulumi.Input[int]]:
119
+ def early_renewal_hours(self) -> Optional[pulumi.Input[builtins.int]]:
119
120
  return pulumi.get(self, "early_renewal_hours")
120
121
 
121
122
  @early_renewal_hours.setter
122
- def early_renewal_hours(self, value: Optional[pulumi.Input[int]]):
123
+ def early_renewal_hours(self, value: Optional[pulumi.Input[builtins.int]]):
123
124
  pulumi.set(self, "early_renewal_hours", value)
124
125
 
125
126
  @property
126
127
  @pulumi.getter(name="ipAddresses")
127
- def ip_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
128
+ def ip_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
128
129
  """
129
130
  List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
130
131
  """
131
132
  return pulumi.get(self, "ip_addresses")
132
133
 
133
134
  @ip_addresses.setter
134
- def ip_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
135
+ def ip_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
135
136
  pulumi.set(self, "ip_addresses", value)
136
137
 
137
138
  @property
138
139
  @pulumi.getter(name="isCaCertificate")
139
- def is_ca_certificate(self) -> Optional[pulumi.Input[bool]]:
140
+ def is_ca_certificate(self) -> Optional[pulumi.Input[builtins.bool]]:
140
141
  """
141
142
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
142
143
  """
143
144
  return pulumi.get(self, "is_ca_certificate")
144
145
 
145
146
  @is_ca_certificate.setter
146
- def is_ca_certificate(self, value: Optional[pulumi.Input[bool]]):
147
+ def is_ca_certificate(self, value: Optional[pulumi.Input[builtins.bool]]):
147
148
  pulumi.set(self, "is_ca_certificate", value)
148
149
 
149
150
  @property
150
151
  @pulumi.getter(name="setAuthorityKeyId")
151
- def set_authority_key_id(self) -> Optional[pulumi.Input[bool]]:
152
+ def set_authority_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
152
153
  """
153
154
  Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
154
155
  """
155
156
  return pulumi.get(self, "set_authority_key_id")
156
157
 
157
158
  @set_authority_key_id.setter
158
- def set_authority_key_id(self, value: Optional[pulumi.Input[bool]]):
159
+ def set_authority_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
159
160
  pulumi.set(self, "set_authority_key_id", value)
160
161
 
161
162
  @property
162
163
  @pulumi.getter(name="setSubjectKeyId")
163
- def set_subject_key_id(self) -> Optional[pulumi.Input[bool]]:
164
+ def set_subject_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
164
165
  """
165
166
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
166
167
  """
167
168
  return pulumi.get(self, "set_subject_key_id")
168
169
 
169
170
  @set_subject_key_id.setter
170
- def set_subject_key_id(self, value: Optional[pulumi.Input[bool]]):
171
+ def set_subject_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
171
172
  pulumi.set(self, "set_subject_key_id", value)
172
173
 
173
174
  @property
@@ -184,53 +185,53 @@ class SelfSignedCertArgs:
184
185
 
185
186
  @property
186
187
  @pulumi.getter
187
- def uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
188
+ def uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
188
189
  """
189
190
  List of URIs for which a certificate is being requested (i.e. certificate subjects).
190
191
  """
191
192
  return pulumi.get(self, "uris")
192
193
 
193
194
  @uris.setter
194
- def uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
195
+ def uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
195
196
  pulumi.set(self, "uris", value)
196
197
 
197
198
 
198
199
  @pulumi.input_type
199
200
  class _SelfSignedCertState:
200
201
  def __init__(__self__, *,
201
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
202
- cert_pem: Optional[pulumi.Input[str]] = None,
203
- dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
204
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
205
- ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
206
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
207
- key_algorithm: Optional[pulumi.Input[str]] = None,
208
- private_key_pem: Optional[pulumi.Input[str]] = None,
209
- ready_for_renewal: Optional[pulumi.Input[bool]] = None,
210
- set_authority_key_id: Optional[pulumi.Input[bool]] = None,
211
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
202
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
203
+ cert_pem: Optional[pulumi.Input[builtins.str]] = None,
204
+ dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
205
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
206
+ ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
207
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
208
+ key_algorithm: Optional[pulumi.Input[builtins.str]] = None,
209
+ private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
210
+ ready_for_renewal: Optional[pulumi.Input[builtins.bool]] = None,
211
+ set_authority_key_id: Optional[pulumi.Input[builtins.bool]] = None,
212
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
212
213
  subject: Optional[pulumi.Input['SelfSignedCertSubjectArgs']] = None,
213
- uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
214
- validity_end_time: Optional[pulumi.Input[str]] = None,
215
- validity_period_hours: Optional[pulumi.Input[int]] = None,
216
- validity_start_time: Optional[pulumi.Input[str]] = None):
214
+ uris: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
215
+ validity_end_time: Optional[pulumi.Input[builtins.str]] = None,
216
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
217
+ validity_start_time: Optional[pulumi.Input[builtins.str]] = None):
217
218
  """
218
219
  Input properties used for looking up and filtering SelfSignedCert resources.
219
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
220
- :param pulumi.Input[str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
221
- :param pulumi.Input[Sequence[pulumi.Input[str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
222
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
223
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
224
- :param pulumi.Input[str] key_algorithm: Name of the algorithm used when generating the private key provided in `private_key_pem`.
225
- :param pulumi.Input[str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to. This can be read from a separate file using the `file` interpolation function.
226
- :param pulumi.Input[bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
227
- :param pulumi.Input[bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
228
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
220
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
221
+ :param pulumi.Input[builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
222
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
223
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
224
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
225
+ :param pulumi.Input[builtins.str] key_algorithm: Name of the algorithm used when generating the private key provided in `private_key_pem`.
226
+ :param pulumi.Input[builtins.str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to.
227
+ :param pulumi.Input[builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
228
+ :param pulumi.Input[builtins.bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
229
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
229
230
  :param pulumi.Input['SelfSignedCertSubjectArgs'] subject: The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
230
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
231
- :param pulumi.Input[str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
232
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
233
- :param pulumi.Input[str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
231
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
232
+ :param pulumi.Input[builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
233
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
234
+ :param pulumi.Input[builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
234
235
  """
235
236
  if allowed_uses is not None:
236
237
  pulumi.set(__self__, "allowed_uses", allowed_uses)
@@ -267,131 +268,131 @@ class _SelfSignedCertState:
267
268
 
268
269
  @property
269
270
  @pulumi.getter(name="allowedUses")
270
- def allowed_uses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
271
+ def allowed_uses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
271
272
  """
272
273
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
273
274
  """
274
275
  return pulumi.get(self, "allowed_uses")
275
276
 
276
277
  @allowed_uses.setter
277
- def allowed_uses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
278
+ def allowed_uses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
278
279
  pulumi.set(self, "allowed_uses", value)
279
280
 
280
281
  @property
281
282
  @pulumi.getter(name="certPem")
282
- def cert_pem(self) -> Optional[pulumi.Input[str]]:
283
+ def cert_pem(self) -> Optional[pulumi.Input[builtins.str]]:
283
284
  """
284
285
  Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
285
286
  """
286
287
  return pulumi.get(self, "cert_pem")
287
288
 
288
289
  @cert_pem.setter
289
- def cert_pem(self, value: Optional[pulumi.Input[str]]):
290
+ def cert_pem(self, value: Optional[pulumi.Input[builtins.str]]):
290
291
  pulumi.set(self, "cert_pem", value)
291
292
 
292
293
  @property
293
294
  @pulumi.getter(name="dnsNames")
294
- def dns_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
295
+ def dns_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
295
296
  """
296
297
  List of DNS names for which a certificate is being requested (i.e. certificate subjects).
297
298
  """
298
299
  return pulumi.get(self, "dns_names")
299
300
 
300
301
  @dns_names.setter
301
- def dns_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
302
+ def dns_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
302
303
  pulumi.set(self, "dns_names", value)
303
304
 
304
305
  @property
305
306
  @pulumi.getter(name="earlyRenewalHours")
306
- def early_renewal_hours(self) -> Optional[pulumi.Input[int]]:
307
+ def early_renewal_hours(self) -> Optional[pulumi.Input[builtins.int]]:
307
308
  return pulumi.get(self, "early_renewal_hours")
308
309
 
309
310
  @early_renewal_hours.setter
310
- def early_renewal_hours(self, value: Optional[pulumi.Input[int]]):
311
+ def early_renewal_hours(self, value: Optional[pulumi.Input[builtins.int]]):
311
312
  pulumi.set(self, "early_renewal_hours", value)
312
313
 
313
314
  @property
314
315
  @pulumi.getter(name="ipAddresses")
315
- def ip_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
316
+ def ip_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
316
317
  """
317
318
  List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
318
319
  """
319
320
  return pulumi.get(self, "ip_addresses")
320
321
 
321
322
  @ip_addresses.setter
322
- def ip_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
323
+ def ip_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
323
324
  pulumi.set(self, "ip_addresses", value)
324
325
 
325
326
  @property
326
327
  @pulumi.getter(name="isCaCertificate")
327
- def is_ca_certificate(self) -> Optional[pulumi.Input[bool]]:
328
+ def is_ca_certificate(self) -> Optional[pulumi.Input[builtins.bool]]:
328
329
  """
329
330
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
330
331
  """
331
332
  return pulumi.get(self, "is_ca_certificate")
332
333
 
333
334
  @is_ca_certificate.setter
334
- def is_ca_certificate(self, value: Optional[pulumi.Input[bool]]):
335
+ def is_ca_certificate(self, value: Optional[pulumi.Input[builtins.bool]]):
335
336
  pulumi.set(self, "is_ca_certificate", value)
336
337
 
337
338
  @property
338
339
  @pulumi.getter(name="keyAlgorithm")
339
- def key_algorithm(self) -> Optional[pulumi.Input[str]]:
340
+ def key_algorithm(self) -> Optional[pulumi.Input[builtins.str]]:
340
341
  """
341
342
  Name of the algorithm used when generating the private key provided in `private_key_pem`.
342
343
  """
343
344
  return pulumi.get(self, "key_algorithm")
344
345
 
345
346
  @key_algorithm.setter
346
- def key_algorithm(self, value: Optional[pulumi.Input[str]]):
347
+ def key_algorithm(self, value: Optional[pulumi.Input[builtins.str]]):
347
348
  pulumi.set(self, "key_algorithm", value)
348
349
 
349
350
  @property
350
351
  @pulumi.getter(name="privateKeyPem")
351
- def private_key_pem(self) -> Optional[pulumi.Input[str]]:
352
+ def private_key_pem(self) -> Optional[pulumi.Input[builtins.str]]:
352
353
  """
353
- Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to. This can be read from a separate file using the `file` interpolation function.
354
+ Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to.
354
355
  """
355
356
  return pulumi.get(self, "private_key_pem")
356
357
 
357
358
  @private_key_pem.setter
358
- def private_key_pem(self, value: Optional[pulumi.Input[str]]):
359
+ def private_key_pem(self, value: Optional[pulumi.Input[builtins.str]]):
359
360
  pulumi.set(self, "private_key_pem", value)
360
361
 
361
362
  @property
362
363
  @pulumi.getter(name="readyForRenewal")
363
- def ready_for_renewal(self) -> Optional[pulumi.Input[bool]]:
364
+ def ready_for_renewal(self) -> Optional[pulumi.Input[builtins.bool]]:
364
365
  """
365
366
  Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
366
367
  """
367
368
  return pulumi.get(self, "ready_for_renewal")
368
369
 
369
370
  @ready_for_renewal.setter
370
- def ready_for_renewal(self, value: Optional[pulumi.Input[bool]]):
371
+ def ready_for_renewal(self, value: Optional[pulumi.Input[builtins.bool]]):
371
372
  pulumi.set(self, "ready_for_renewal", value)
372
373
 
373
374
  @property
374
375
  @pulumi.getter(name="setAuthorityKeyId")
375
- def set_authority_key_id(self) -> Optional[pulumi.Input[bool]]:
376
+ def set_authority_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
376
377
  """
377
378
  Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
378
379
  """
379
380
  return pulumi.get(self, "set_authority_key_id")
380
381
 
381
382
  @set_authority_key_id.setter
382
- def set_authority_key_id(self, value: Optional[pulumi.Input[bool]]):
383
+ def set_authority_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
383
384
  pulumi.set(self, "set_authority_key_id", value)
384
385
 
385
386
  @property
386
387
  @pulumi.getter(name="setSubjectKeyId")
387
- def set_subject_key_id(self) -> Optional[pulumi.Input[bool]]:
388
+ def set_subject_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
388
389
  """
389
390
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
390
391
  """
391
392
  return pulumi.get(self, "set_subject_key_id")
392
393
 
393
394
  @set_subject_key_id.setter
394
- def set_subject_key_id(self, value: Optional[pulumi.Input[bool]]):
395
+ def set_subject_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
395
396
  pulumi.set(self, "set_subject_key_id", value)
396
397
 
397
398
  @property
@@ -408,50 +409,50 @@ class _SelfSignedCertState:
408
409
 
409
410
  @property
410
411
  @pulumi.getter
411
- def uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
412
+ def uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
412
413
  """
413
414
  List of URIs for which a certificate is being requested (i.e. certificate subjects).
414
415
  """
415
416
  return pulumi.get(self, "uris")
416
417
 
417
418
  @uris.setter
418
- def uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
419
+ def uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
419
420
  pulumi.set(self, "uris", value)
420
421
 
421
422
  @property
422
423
  @pulumi.getter(name="validityEndTime")
423
- def validity_end_time(self) -> Optional[pulumi.Input[str]]:
424
+ def validity_end_time(self) -> Optional[pulumi.Input[builtins.str]]:
424
425
  """
425
426
  The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
426
427
  """
427
428
  return pulumi.get(self, "validity_end_time")
428
429
 
429
430
  @validity_end_time.setter
430
- def validity_end_time(self, value: Optional[pulumi.Input[str]]):
431
+ def validity_end_time(self, value: Optional[pulumi.Input[builtins.str]]):
431
432
  pulumi.set(self, "validity_end_time", value)
432
433
 
433
434
  @property
434
435
  @pulumi.getter(name="validityPeriodHours")
435
- def validity_period_hours(self) -> Optional[pulumi.Input[int]]:
436
+ def validity_period_hours(self) -> Optional[pulumi.Input[builtins.int]]:
436
437
  """
437
438
  Number of hours, after initial issuing, that the certificate will remain valid for.
438
439
  """
439
440
  return pulumi.get(self, "validity_period_hours")
440
441
 
441
442
  @validity_period_hours.setter
442
- def validity_period_hours(self, value: Optional[pulumi.Input[int]]):
443
+ def validity_period_hours(self, value: Optional[pulumi.Input[builtins.int]]):
443
444
  pulumi.set(self, "validity_period_hours", value)
444
445
 
445
446
  @property
446
447
  @pulumi.getter(name="validityStartTime")
447
- def validity_start_time(self) -> Optional[pulumi.Input[str]]:
448
+ def validity_start_time(self) -> Optional[pulumi.Input[builtins.str]]:
448
449
  """
449
450
  The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
450
451
  """
451
452
  return pulumi.get(self, "validity_start_time")
452
453
 
453
454
  @validity_start_time.setter
454
- def validity_start_time(self, value: Optional[pulumi.Input[str]]):
455
+ def validity_start_time(self, value: Optional[pulumi.Input[builtins.str]]):
455
456
  pulumi.set(self, "validity_start_time", value)
456
457
 
457
458
 
@@ -460,32 +461,32 @@ class SelfSignedCert(pulumi.CustomResource):
460
461
  def __init__(__self__,
461
462
  resource_name: str,
462
463
  opts: Optional[pulumi.ResourceOptions] = None,
463
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
464
- dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
465
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
466
- ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
467
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
468
- private_key_pem: Optional[pulumi.Input[str]] = None,
469
- set_authority_key_id: Optional[pulumi.Input[bool]] = None,
470
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
464
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
465
+ dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
466
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
467
+ ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
468
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
469
+ private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
470
+ set_authority_key_id: Optional[pulumi.Input[builtins.bool]] = None,
471
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
471
472
  subject: Optional[pulumi.Input[Union['SelfSignedCertSubjectArgs', 'SelfSignedCertSubjectArgsDict']]] = None,
472
- uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
473
- validity_period_hours: Optional[pulumi.Input[int]] = None,
473
+ uris: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
474
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
474
475
  __props__=None):
475
476
  """
476
477
  Create a SelfSignedCert resource with the given unique name, props, and options.
477
478
  :param str resource_name: The name of the resource.
478
479
  :param pulumi.ResourceOptions opts: Options for the resource.
479
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
480
- :param pulumi.Input[Sequence[pulumi.Input[str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
481
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
482
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
483
- :param pulumi.Input[str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to. This can be read from a separate file using the `file` interpolation function.
484
- :param pulumi.Input[bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
485
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
480
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
481
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
482
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
483
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
484
+ :param pulumi.Input[builtins.str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to.
485
+ :param pulumi.Input[builtins.bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
486
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
486
487
  :param pulumi.Input[Union['SelfSignedCertSubjectArgs', 'SelfSignedCertSubjectArgsDict']] subject: The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
487
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
488
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
488
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
489
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
489
490
  """
490
491
  ...
491
492
  @overload
@@ -510,17 +511,17 @@ class SelfSignedCert(pulumi.CustomResource):
510
511
  def _internal_init(__self__,
511
512
  resource_name: str,
512
513
  opts: Optional[pulumi.ResourceOptions] = None,
513
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
514
- dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
515
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
516
- ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
517
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
518
- private_key_pem: Optional[pulumi.Input[str]] = None,
519
- set_authority_key_id: Optional[pulumi.Input[bool]] = None,
520
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
514
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
515
+ dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
516
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
517
+ ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
518
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
519
+ private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
520
+ set_authority_key_id: Optional[pulumi.Input[builtins.bool]] = None,
521
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
521
522
  subject: Optional[pulumi.Input[Union['SelfSignedCertSubjectArgs', 'SelfSignedCertSubjectArgsDict']]] = None,
522
- uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
523
- validity_period_hours: Optional[pulumi.Input[int]] = None,
523
+ uris: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
524
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
524
525
  __props__=None):
525
526
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
526
527
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -564,22 +565,22 @@ class SelfSignedCert(pulumi.CustomResource):
564
565
  def get(resource_name: str,
565
566
  id: pulumi.Input[str],
566
567
  opts: Optional[pulumi.ResourceOptions] = None,
567
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
568
- cert_pem: Optional[pulumi.Input[str]] = None,
569
- dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
570
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
571
- ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
572
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
573
- key_algorithm: Optional[pulumi.Input[str]] = None,
574
- private_key_pem: Optional[pulumi.Input[str]] = None,
575
- ready_for_renewal: Optional[pulumi.Input[bool]] = None,
576
- set_authority_key_id: Optional[pulumi.Input[bool]] = None,
577
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
568
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
569
+ cert_pem: Optional[pulumi.Input[builtins.str]] = None,
570
+ dns_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
571
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
572
+ ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
573
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
574
+ key_algorithm: Optional[pulumi.Input[builtins.str]] = None,
575
+ private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
576
+ ready_for_renewal: Optional[pulumi.Input[builtins.bool]] = None,
577
+ set_authority_key_id: Optional[pulumi.Input[builtins.bool]] = None,
578
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
578
579
  subject: Optional[pulumi.Input[Union['SelfSignedCertSubjectArgs', 'SelfSignedCertSubjectArgsDict']]] = None,
579
- uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
580
- validity_end_time: Optional[pulumi.Input[str]] = None,
581
- validity_period_hours: Optional[pulumi.Input[int]] = None,
582
- validity_start_time: Optional[pulumi.Input[str]] = None) -> 'SelfSignedCert':
580
+ uris: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
581
+ validity_end_time: Optional[pulumi.Input[builtins.str]] = None,
582
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
583
+ validity_start_time: Optional[pulumi.Input[builtins.str]] = None) -> 'SelfSignedCert':
583
584
  """
584
585
  Get an existing SelfSignedCert resource's state with the given name, id, and optional extra
585
586
  properties used to qualify the lookup.
@@ -587,21 +588,21 @@ class SelfSignedCert(pulumi.CustomResource):
587
588
  :param str resource_name: The unique name of the resulting resource.
588
589
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
589
590
  :param pulumi.ResourceOptions opts: Options for the resource.
590
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
591
- :param pulumi.Input[str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
592
- :param pulumi.Input[Sequence[pulumi.Input[str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
593
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
594
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
595
- :param pulumi.Input[str] key_algorithm: Name of the algorithm used when generating the private key provided in `private_key_pem`.
596
- :param pulumi.Input[str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to. This can be read from a separate file using the `file` interpolation function.
597
- :param pulumi.Input[bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
598
- :param pulumi.Input[bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
599
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
591
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
592
+ :param pulumi.Input[builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
593
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] dns_names: List of DNS names for which a certificate is being requested (i.e. certificate subjects).
594
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_addresses: List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
595
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
596
+ :param pulumi.Input[builtins.str] key_algorithm: Name of the algorithm used when generating the private key provided in `private_key_pem`.
597
+ :param pulumi.Input[builtins.str] private_key_pem: Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to.
598
+ :param pulumi.Input[builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
599
+ :param pulumi.Input[builtins.bool] set_authority_key_id: Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
600
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
600
601
  :param pulumi.Input[Union['SelfSignedCertSubjectArgs', 'SelfSignedCertSubjectArgsDict']] subject: The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
601
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
602
- :param pulumi.Input[str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
603
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
604
- :param pulumi.Input[str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
602
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uris: List of URIs for which a certificate is being requested (i.e. certificate subjects).
603
+ :param pulumi.Input[builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
604
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
605
+ :param pulumi.Input[builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
605
606
  """
606
607
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
607
608
 
@@ -627,7 +628,7 @@ class SelfSignedCert(pulumi.CustomResource):
627
628
 
628
629
  @property
629
630
  @pulumi.getter(name="allowedUses")
630
- def allowed_uses(self) -> pulumi.Output[Sequence[str]]:
631
+ def allowed_uses(self) -> pulumi.Output[Sequence[builtins.str]]:
631
632
  """
632
633
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
633
634
  """
@@ -635,7 +636,7 @@ class SelfSignedCert(pulumi.CustomResource):
635
636
 
636
637
  @property
637
638
  @pulumi.getter(name="certPem")
638
- def cert_pem(self) -> pulumi.Output[str]:
639
+ def cert_pem(self) -> pulumi.Output[builtins.str]:
639
640
  """
640
641
  Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
641
642
  """
@@ -643,7 +644,7 @@ class SelfSignedCert(pulumi.CustomResource):
643
644
 
644
645
  @property
645
646
  @pulumi.getter(name="dnsNames")
646
- def dns_names(self) -> pulumi.Output[Optional[Sequence[str]]]:
647
+ def dns_names(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
647
648
  """
648
649
  List of DNS names for which a certificate is being requested (i.e. certificate subjects).
649
650
  """
@@ -651,12 +652,12 @@ class SelfSignedCert(pulumi.CustomResource):
651
652
 
652
653
  @property
653
654
  @pulumi.getter(name="earlyRenewalHours")
654
- def early_renewal_hours(self) -> pulumi.Output[int]:
655
+ def early_renewal_hours(self) -> pulumi.Output[builtins.int]:
655
656
  return pulumi.get(self, "early_renewal_hours")
656
657
 
657
658
  @property
658
659
  @pulumi.getter(name="ipAddresses")
659
- def ip_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]:
660
+ def ip_addresses(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
660
661
  """
661
662
  List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
662
663
  """
@@ -664,7 +665,7 @@ class SelfSignedCert(pulumi.CustomResource):
664
665
 
665
666
  @property
666
667
  @pulumi.getter(name="isCaCertificate")
667
- def is_ca_certificate(self) -> pulumi.Output[bool]:
668
+ def is_ca_certificate(self) -> pulumi.Output[builtins.bool]:
668
669
  """
669
670
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
670
671
  """
@@ -672,7 +673,7 @@ class SelfSignedCert(pulumi.CustomResource):
672
673
 
673
674
  @property
674
675
  @pulumi.getter(name="keyAlgorithm")
675
- def key_algorithm(self) -> pulumi.Output[str]:
676
+ def key_algorithm(self) -> pulumi.Output[builtins.str]:
676
677
  """
677
678
  Name of the algorithm used when generating the private key provided in `private_key_pem`.
678
679
  """
@@ -680,15 +681,15 @@ class SelfSignedCert(pulumi.CustomResource):
680
681
 
681
682
  @property
682
683
  @pulumi.getter(name="privateKeyPem")
683
- def private_key_pem(self) -> pulumi.Output[str]:
684
+ def private_key_pem(self) -> pulumi.Output[builtins.str]:
684
685
  """
685
- Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to. This can be read from a separate file using the `file` interpolation function.
686
+ Private key in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format, that the certificate will belong to.
686
687
  """
687
688
  return pulumi.get(self, "private_key_pem")
688
689
 
689
690
  @property
690
691
  @pulumi.getter(name="readyForRenewal")
691
- def ready_for_renewal(self) -> pulumi.Output[bool]:
692
+ def ready_for_renewal(self) -> pulumi.Output[builtins.bool]:
692
693
  """
693
694
  Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
694
695
  """
@@ -696,7 +697,7 @@ class SelfSignedCert(pulumi.CustomResource):
696
697
 
697
698
  @property
698
699
  @pulumi.getter(name="setAuthorityKeyId")
699
- def set_authority_key_id(self) -> pulumi.Output[bool]:
700
+ def set_authority_key_id(self) -> pulumi.Output[builtins.bool]:
700
701
  """
701
702
  Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
702
703
  """
@@ -704,7 +705,7 @@ class SelfSignedCert(pulumi.CustomResource):
704
705
 
705
706
  @property
706
707
  @pulumi.getter(name="setSubjectKeyId")
707
- def set_subject_key_id(self) -> pulumi.Output[bool]:
708
+ def set_subject_key_id(self) -> pulumi.Output[builtins.bool]:
708
709
  """
709
710
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
710
711
  """
@@ -720,7 +721,7 @@ class SelfSignedCert(pulumi.CustomResource):
720
721
 
721
722
  @property
722
723
  @pulumi.getter
723
- def uris(self) -> pulumi.Output[Optional[Sequence[str]]]:
724
+ def uris(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
724
725
  """
725
726
  List of URIs for which a certificate is being requested (i.e. certificate subjects).
726
727
  """
@@ -728,7 +729,7 @@ class SelfSignedCert(pulumi.CustomResource):
728
729
 
729
730
  @property
730
731
  @pulumi.getter(name="validityEndTime")
731
- def validity_end_time(self) -> pulumi.Output[str]:
732
+ def validity_end_time(self) -> pulumi.Output[builtins.str]:
732
733
  """
733
734
  The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
734
735
  """
@@ -736,7 +737,7 @@ class SelfSignedCert(pulumi.CustomResource):
736
737
 
737
738
  @property
738
739
  @pulumi.getter(name="validityPeriodHours")
739
- def validity_period_hours(self) -> pulumi.Output[int]:
740
+ def validity_period_hours(self) -> pulumi.Output[builtins.int]:
740
741
  """
741
742
  Number of hours, after initial issuing, that the certificate will remain valid for.
742
743
  """
@@ -744,7 +745,7 @@ class SelfSignedCert(pulumi.CustomResource):
744
745
 
745
746
  @property
746
747
  @pulumi.getter(name="validityStartTime")
747
- def validity_start_time(self) -> pulumi.Output[str]:
748
+ def validity_start_time(self) -> pulumi.Output[builtins.str]:
748
749
  """
749
750
  The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
750
751
  """