pulumi-tls 5.2.0a1744070303__py3-none-any.whl → 5.2.0a1744267160__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. pulumi_tls/__init__.py +1 -0
  2. pulumi_tls/_inputs.py +113 -112
  3. pulumi_tls/cert_request.py +71 -70
  4. pulumi_tls/config/__init__.py +1 -0
  5. pulumi_tls/config/__init__.pyi +1 -0
  6. pulumi_tls/config/outputs.py +13 -12
  7. pulumi_tls/config/vars.py +1 -0
  8. pulumi_tls/get_certificate.py +17 -16
  9. pulumi_tls/get_public_key.py +17 -16
  10. pulumi_tls/locally_signed_cert.py +144 -143
  11. pulumi_tls/outputs.py +91 -90
  12. pulumi_tls/private_key.py +92 -91
  13. pulumi_tls/provider.py +1 -0
  14. pulumi_tls/pulumi-plugin.json +1 -1
  15. pulumi_tls/self_signed_cert.py +172 -171
  16. {pulumi_tls-5.2.0a1744070303.dist-info → pulumi_tls-5.2.0a1744267160.dist-info}/METADATA +1 -1
  17. pulumi_tls-5.2.0a1744267160.dist-info/RECORD +21 -0
  18. pulumi_tls-5.2.0a1744070303.dist-info/RECORD +0 -21
  19. {pulumi_tls-5.2.0a1744070303.dist-info → pulumi_tls-5.2.0a1744267160.dist-info}/WHEEL +0 -0
  20. {pulumi_tls-5.2.0a1744070303.dist-info → pulumi_tls-5.2.0a1744267160.dist-info}/top_level.txt +0 -0
pulumi_tls/locally_signed_cert.py CHANGED
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,23 +20,23 @@ __all__ = ['LocallySignedCertArgs', 'LocallySignedCert']
19
20
  @pulumi.input_type
20
21
  class LocallySignedCertArgs:
21
22
  def __init__(__self__, *,
22
- allowed_uses: pulumi.Input[Sequence[pulumi.Input[str]]],
23
- ca_cert_pem: pulumi.Input[str],
24
- ca_private_key_pem: pulumi.Input[str],
25
- cert_request_pem: pulumi.Input[str],
26
- validity_period_hours: pulumi.Input[int],
27
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
28
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
29
- set_subject_key_id: Optional[pulumi.Input[bool]] = None):
23
+ allowed_uses: pulumi.Input[Sequence[pulumi.Input[builtins.str]]],
24
+ ca_cert_pem: pulumi.Input[builtins.str],
25
+ ca_private_key_pem: pulumi.Input[builtins.str],
26
+ cert_request_pem: pulumi.Input[builtins.str],
27
+ validity_period_hours: pulumi.Input[builtins.int],
28
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
29
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
30
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None):
30
31
  """
31
32
  The set of arguments for constructing a LocallySignedCert resource.
32
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
33
- :param pulumi.Input[str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
34
- :param pulumi.Input[str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
35
- :param pulumi.Input[str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
36
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
37
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
38
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
33
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
34
+ :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
35
+ :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
36
+ :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
37
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
38
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
39
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
39
40
  """
40
41
  pulumi.set(__self__, "allowed_uses", allowed_uses)
41
42
  pulumi.set(__self__, "ca_cert_pem", ca_cert_pem)
@@ -51,128 +52,128 @@ class LocallySignedCertArgs:
51
52
 
52
53
  @property
53
54
  @pulumi.getter(name="allowedUses")
54
- def allowed_uses(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
55
+ def allowed_uses(self) -> pulumi.Input[Sequence[pulumi.Input[builtins.str]]]:
55
56
  """
56
57
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
57
58
  """
58
59
  return pulumi.get(self, "allowed_uses")
59
60
 
60
61
  @allowed_uses.setter
61
- def allowed_uses(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]):
62
+ def allowed_uses(self, value: pulumi.Input[Sequence[pulumi.Input[builtins.str]]]):
62
63
  pulumi.set(self, "allowed_uses", value)
63
64
 
64
65
  @property
65
66
  @pulumi.getter(name="caCertPem")
66
- def ca_cert_pem(self) -> pulumi.Input[str]:
67
+ def ca_cert_pem(self) -> pulumi.Input[builtins.str]:
67
68
  """
68
69
  Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
69
70
  """
70
71
  return pulumi.get(self, "ca_cert_pem")
71
72
 
72
73
  @ca_cert_pem.setter
73
- def ca_cert_pem(self, value: pulumi.Input[str]):
74
+ def ca_cert_pem(self, value: pulumi.Input[builtins.str]):
74
75
  pulumi.set(self, "ca_cert_pem", value)
75
76
 
76
77
  @property
77
78
  @pulumi.getter(name="caPrivateKeyPem")
78
- def ca_private_key_pem(self) -> pulumi.Input[str]:
79
+ def ca_private_key_pem(self) -> pulumi.Input[builtins.str]:
79
80
  """
80
81
  Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
81
82
  """
82
83
  return pulumi.get(self, "ca_private_key_pem")
83
84
 
84
85
  @ca_private_key_pem.setter
85
- def ca_private_key_pem(self, value: pulumi.Input[str]):
86
+ def ca_private_key_pem(self, value: pulumi.Input[builtins.str]):
86
87
  pulumi.set(self, "ca_private_key_pem", value)
87
88
 
88
89
  @property
89
90
  @pulumi.getter(name="certRequestPem")
90
- def cert_request_pem(self) -> pulumi.Input[str]:
91
+ def cert_request_pem(self) -> pulumi.Input[builtins.str]:
91
92
  """
92
93
  Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
93
94
  """
94
95
  return pulumi.get(self, "cert_request_pem")
95
96
 
96
97
  @cert_request_pem.setter
97
- def cert_request_pem(self, value: pulumi.Input[str]):
98
+ def cert_request_pem(self, value: pulumi.Input[builtins.str]):
98
99
  pulumi.set(self, "cert_request_pem", value)
99
100
 
100
101
  @property
101
102
  @pulumi.getter(name="validityPeriodHours")
102
- def validity_period_hours(self) -> pulumi.Input[int]:
103
+ def validity_period_hours(self) -> pulumi.Input[builtins.int]:
103
104
  """
104
105
  Number of hours, after initial issuing, that the certificate will remain valid for.
105
106
  """
106
107
  return pulumi.get(self, "validity_period_hours")
107
108
 
108
109
  @validity_period_hours.setter
109
- def validity_period_hours(self, value: pulumi.Input[int]):
110
+ def validity_period_hours(self, value: pulumi.Input[builtins.int]):
110
111
  pulumi.set(self, "validity_period_hours", value)
111
112
 
112
113
  @property
113
114
  @pulumi.getter(name="earlyRenewalHours")
114
- def early_renewal_hours(self) -> Optional[pulumi.Input[int]]:
115
+ def early_renewal_hours(self) -> Optional[pulumi.Input[builtins.int]]:
115
116
  return pulumi.get(self, "early_renewal_hours")
116
117
 
117
118
  @early_renewal_hours.setter
118
- def early_renewal_hours(self, value: Optional[pulumi.Input[int]]):
119
+ def early_renewal_hours(self, value: Optional[pulumi.Input[builtins.int]]):
119
120
  pulumi.set(self, "early_renewal_hours", value)
120
121
 
121
122
  @property
122
123
  @pulumi.getter(name="isCaCertificate")
123
- def is_ca_certificate(self) -> Optional[pulumi.Input[bool]]:
124
+ def is_ca_certificate(self) -> Optional[pulumi.Input[builtins.bool]]:
124
125
  """
125
126
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
126
127
  """
127
128
  return pulumi.get(self, "is_ca_certificate")
128
129
 
129
130
  @is_ca_certificate.setter
130
- def is_ca_certificate(self, value: Optional[pulumi.Input[bool]]):
131
+ def is_ca_certificate(self, value: Optional[pulumi.Input[builtins.bool]]):
131
132
  pulumi.set(self, "is_ca_certificate", value)
132
133
 
133
134
  @property
134
135
  @pulumi.getter(name="setSubjectKeyId")
135
- def set_subject_key_id(self) -> Optional[pulumi.Input[bool]]:
136
+ def set_subject_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
136
137
  """
137
138
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
138
139
  """
139
140
  return pulumi.get(self, "set_subject_key_id")
140
141
 
141
142
  @set_subject_key_id.setter
142
- def set_subject_key_id(self, value: Optional[pulumi.Input[bool]]):
143
+ def set_subject_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
143
144
  pulumi.set(self, "set_subject_key_id", value)
144
145
 
145
146
 
146
147
  @pulumi.input_type
147
148
  class _LocallySignedCertState:
148
149
  def __init__(__self__, *,
149
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
150
- ca_cert_pem: Optional[pulumi.Input[str]] = None,
151
- ca_key_algorithm: Optional[pulumi.Input[str]] = None,
152
- ca_private_key_pem: Optional[pulumi.Input[str]] = None,
153
- cert_pem: Optional[pulumi.Input[str]] = None,
154
- cert_request_pem: Optional[pulumi.Input[str]] = None,
155
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
156
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
157
- ready_for_renewal: Optional[pulumi.Input[bool]] = None,
158
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
159
- validity_end_time: Optional[pulumi.Input[str]] = None,
160
- validity_period_hours: Optional[pulumi.Input[int]] = None,
161
- validity_start_time: Optional[pulumi.Input[str]] = None):
150
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
151
+ ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
152
+ ca_key_algorithm: Optional[pulumi.Input[builtins.str]] = None,
153
+ ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
154
+ cert_pem: Optional[pulumi.Input[builtins.str]] = None,
155
+ cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
156
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
157
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
158
+ ready_for_renewal: Optional[pulumi.Input[builtins.bool]] = None,
159
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
160
+ validity_end_time: Optional[pulumi.Input[builtins.str]] = None,
161
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
162
+ validity_start_time: Optional[pulumi.Input[builtins.str]] = None):
162
163
  """
163
164
  Input properties used for looking up and filtering LocallySignedCert resources.
164
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
165
- :param pulumi.Input[str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
166
- :param pulumi.Input[str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
167
- :param pulumi.Input[str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
168
- :param pulumi.Input[str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
169
- :param pulumi.Input[str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
170
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
171
- :param pulumi.Input[bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
172
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
173
- :param pulumi.Input[str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
174
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
175
- :param pulumi.Input[str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
165
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
166
+ :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
167
+ :param pulumi.Input[builtins.str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
168
+ :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
169
+ :param pulumi.Input[builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
170
+ :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
171
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
172
+ :param pulumi.Input[builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
173
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
174
+ :param pulumi.Input[builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
175
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
176
+ :param pulumi.Input[builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
176
177
  """
177
178
  if allowed_uses is not None:
178
179
  pulumi.set(__self__, "allowed_uses", allowed_uses)
@@ -203,155 +204,155 @@ class _LocallySignedCertState:
203
204
 
204
205
  @property
205
206
  @pulumi.getter(name="allowedUses")
206
- def allowed_uses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
207
+ def allowed_uses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
207
208
  """
208
209
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
209
210
  """
210
211
  return pulumi.get(self, "allowed_uses")
211
212
 
212
213
  @allowed_uses.setter
213
- def allowed_uses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
214
+ def allowed_uses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
214
215
  pulumi.set(self, "allowed_uses", value)
215
216
 
216
217
  @property
217
218
  @pulumi.getter(name="caCertPem")
218
- def ca_cert_pem(self) -> Optional[pulumi.Input[str]]:
219
+ def ca_cert_pem(self) -> Optional[pulumi.Input[builtins.str]]:
219
220
  """
220
221
  Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
221
222
  """
222
223
  return pulumi.get(self, "ca_cert_pem")
223
224
 
224
225
  @ca_cert_pem.setter
225
- def ca_cert_pem(self, value: Optional[pulumi.Input[str]]):
226
+ def ca_cert_pem(self, value: Optional[pulumi.Input[builtins.str]]):
226
227
  pulumi.set(self, "ca_cert_pem", value)
227
228
 
228
229
  @property
229
230
  @pulumi.getter(name="caKeyAlgorithm")
230
- def ca_key_algorithm(self) -> Optional[pulumi.Input[str]]:
231
+ def ca_key_algorithm(self) -> Optional[pulumi.Input[builtins.str]]:
231
232
  """
232
233
  Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
233
234
  """
234
235
  return pulumi.get(self, "ca_key_algorithm")
235
236
 
236
237
  @ca_key_algorithm.setter
237
- def ca_key_algorithm(self, value: Optional[pulumi.Input[str]]):
238
+ def ca_key_algorithm(self, value: Optional[pulumi.Input[builtins.str]]):
238
239
  pulumi.set(self, "ca_key_algorithm", value)
239
240
 
240
241
  @property
241
242
  @pulumi.getter(name="caPrivateKeyPem")
242
- def ca_private_key_pem(self) -> Optional[pulumi.Input[str]]:
243
+ def ca_private_key_pem(self) -> Optional[pulumi.Input[builtins.str]]:
243
244
  """
244
245
  Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
245
246
  """
246
247
  return pulumi.get(self, "ca_private_key_pem")
247
248
 
248
249
  @ca_private_key_pem.setter
249
- def ca_private_key_pem(self, value: Optional[pulumi.Input[str]]):
250
+ def ca_private_key_pem(self, value: Optional[pulumi.Input[builtins.str]]):
250
251
  pulumi.set(self, "ca_private_key_pem", value)
251
252
 
252
253
  @property
253
254
  @pulumi.getter(name="certPem")
254
- def cert_pem(self) -> Optional[pulumi.Input[str]]:
255
+ def cert_pem(self) -> Optional[pulumi.Input[builtins.str]]:
255
256
  """
256
257
  Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
257
258
  """
258
259
  return pulumi.get(self, "cert_pem")
259
260
 
260
261
  @cert_pem.setter
261
- def cert_pem(self, value: Optional[pulumi.Input[str]]):
262
+ def cert_pem(self, value: Optional[pulumi.Input[builtins.str]]):
262
263
  pulumi.set(self, "cert_pem", value)
263
264
 
264
265
  @property
265
266
  @pulumi.getter(name="certRequestPem")
266
- def cert_request_pem(self) -> Optional[pulumi.Input[str]]:
267
+ def cert_request_pem(self) -> Optional[pulumi.Input[builtins.str]]:
267
268
  """
268
269
  Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
269
270
  """
270
271
  return pulumi.get(self, "cert_request_pem")
271
272
 
272
273
  @cert_request_pem.setter
273
- def cert_request_pem(self, value: Optional[pulumi.Input[str]]):
274
+ def cert_request_pem(self, value: Optional[pulumi.Input[builtins.str]]):
274
275
  pulumi.set(self, "cert_request_pem", value)
275
276
 
276
277
  @property
277
278
  @pulumi.getter(name="earlyRenewalHours")
278
- def early_renewal_hours(self) -> Optional[pulumi.Input[int]]:
279
+ def early_renewal_hours(self) -> Optional[pulumi.Input[builtins.int]]:
279
280
  return pulumi.get(self, "early_renewal_hours")
280
281
 
281
282
  @early_renewal_hours.setter
282
- def early_renewal_hours(self, value: Optional[pulumi.Input[int]]):
283
+ def early_renewal_hours(self, value: Optional[pulumi.Input[builtins.int]]):
283
284
  pulumi.set(self, "early_renewal_hours", value)
284
285
 
285
286
  @property
286
287
  @pulumi.getter(name="isCaCertificate")
287
- def is_ca_certificate(self) -> Optional[pulumi.Input[bool]]:
288
+ def is_ca_certificate(self) -> Optional[pulumi.Input[builtins.bool]]:
288
289
  """
289
290
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
290
291
  """
291
292
  return pulumi.get(self, "is_ca_certificate")
292
293
 
293
294
  @is_ca_certificate.setter
294
- def is_ca_certificate(self, value: Optional[pulumi.Input[bool]]):
295
+ def is_ca_certificate(self, value: Optional[pulumi.Input[builtins.bool]]):
295
296
  pulumi.set(self, "is_ca_certificate", value)
296
297
 
297
298
  @property
298
299
  @pulumi.getter(name="readyForRenewal")
299
- def ready_for_renewal(self) -> Optional[pulumi.Input[bool]]:
300
+ def ready_for_renewal(self) -> Optional[pulumi.Input[builtins.bool]]:
300
301
  """
301
302
  Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
302
303
  """
303
304
  return pulumi.get(self, "ready_for_renewal")
304
305
 
305
306
  @ready_for_renewal.setter
306
- def ready_for_renewal(self, value: Optional[pulumi.Input[bool]]):
307
+ def ready_for_renewal(self, value: Optional[pulumi.Input[builtins.bool]]):
307
308
  pulumi.set(self, "ready_for_renewal", value)
308
309
 
309
310
  @property
310
311
  @pulumi.getter(name="setSubjectKeyId")
311
- def set_subject_key_id(self) -> Optional[pulumi.Input[bool]]:
312
+ def set_subject_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
312
313
  """
313
314
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
314
315
  """
315
316
  return pulumi.get(self, "set_subject_key_id")
316
317
 
317
318
  @set_subject_key_id.setter
318
- def set_subject_key_id(self, value: Optional[pulumi.Input[bool]]):
319
+ def set_subject_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
319
320
  pulumi.set(self, "set_subject_key_id", value)
320
321
 
321
322
  @property
322
323
  @pulumi.getter(name="validityEndTime")
323
- def validity_end_time(self) -> Optional[pulumi.Input[str]]:
324
+ def validity_end_time(self) -> Optional[pulumi.Input[builtins.str]]:
324
325
  """
325
326
  The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
326
327
  """
327
328
  return pulumi.get(self, "validity_end_time")
328
329
 
329
330
  @validity_end_time.setter
330
- def validity_end_time(self, value: Optional[pulumi.Input[str]]):
331
+ def validity_end_time(self, value: Optional[pulumi.Input[builtins.str]]):
331
332
  pulumi.set(self, "validity_end_time", value)
332
333
 
333
334
  @property
334
335
  @pulumi.getter(name="validityPeriodHours")
335
- def validity_period_hours(self) -> Optional[pulumi.Input[int]]:
336
+ def validity_period_hours(self) -> Optional[pulumi.Input[builtins.int]]:
336
337
  """
337
338
  Number of hours, after initial issuing, that the certificate will remain valid for.
338
339
  """
339
340
  return pulumi.get(self, "validity_period_hours")
340
341
 
341
342
  @validity_period_hours.setter
342
- def validity_period_hours(self, value: Optional[pulumi.Input[int]]):
343
+ def validity_period_hours(self, value: Optional[pulumi.Input[builtins.int]]):
343
344
  pulumi.set(self, "validity_period_hours", value)
344
345
 
345
346
  @property
346
347
  @pulumi.getter(name="validityStartTime")
347
- def validity_start_time(self) -> Optional[pulumi.Input[str]]:
348
+ def validity_start_time(self) -> Optional[pulumi.Input[builtins.str]]:
348
349
  """
349
350
  The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
350
351
  """
351
352
  return pulumi.get(self, "validity_start_time")
352
353
 
353
354
  @validity_start_time.setter
354
- def validity_start_time(self, value: Optional[pulumi.Input[str]]):
355
+ def validity_start_time(self, value: Optional[pulumi.Input[builtins.str]]):
355
356
  pulumi.set(self, "validity_start_time", value)
356
357
 
357
358
 
@@ -360,26 +361,26 @@ class LocallySignedCert(pulumi.CustomResource):
360
361
  def __init__(__self__,
361
362
  resource_name: str,
362
363
  opts: Optional[pulumi.ResourceOptions] = None,
363
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
364
- ca_cert_pem: Optional[pulumi.Input[str]] = None,
365
- ca_private_key_pem: Optional[pulumi.Input[str]] = None,
366
- cert_request_pem: Optional[pulumi.Input[str]] = None,
367
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
368
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
369
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
370
- validity_period_hours: Optional[pulumi.Input[int]] = None,
364
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
365
+ ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
366
+ ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
367
+ cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
368
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
369
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
370
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
371
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
371
372
  __props__=None):
372
373
  """
373
374
  Create a LocallySignedCert resource with the given unique name, props, and options.
374
375
  :param str resource_name: The name of the resource.
375
376
  :param pulumi.ResourceOptions opts: Options for the resource.
376
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
377
- :param pulumi.Input[str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
378
- :param pulumi.Input[str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
379
- :param pulumi.Input[str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
380
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
381
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
382
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
377
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
378
+ :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
379
+ :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
380
+ :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
381
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
382
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
383
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
383
384
  """
384
385
  ...
385
386
  @overload
@@ -404,14 +405,14 @@ class LocallySignedCert(pulumi.CustomResource):
404
405
  def _internal_init(__self__,
405
406
  resource_name: str,
406
407
  opts: Optional[pulumi.ResourceOptions] = None,
407
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
408
- ca_cert_pem: Optional[pulumi.Input[str]] = None,
409
- ca_private_key_pem: Optional[pulumi.Input[str]] = None,
410
- cert_request_pem: Optional[pulumi.Input[str]] = None,
411
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
412
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
413
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
414
- validity_period_hours: Optional[pulumi.Input[int]] = None,
408
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
409
+ ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
410
+ ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
411
+ cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
412
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
413
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
414
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
415
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
415
416
  __props__=None):
416
417
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
417
418
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -456,19 +457,19 @@ class LocallySignedCert(pulumi.CustomResource):
456
457
  def get(resource_name: str,
457
458
  id: pulumi.Input[str],
458
459
  opts: Optional[pulumi.ResourceOptions] = None,
459
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
460
- ca_cert_pem: Optional[pulumi.Input[str]] = None,
461
- ca_key_algorithm: Optional[pulumi.Input[str]] = None,
462
- ca_private_key_pem: Optional[pulumi.Input[str]] = None,
463
- cert_pem: Optional[pulumi.Input[str]] = None,
464
- cert_request_pem: Optional[pulumi.Input[str]] = None,
465
- early_renewal_hours: Optional[pulumi.Input[int]] = None,
466
- is_ca_certificate: Optional[pulumi.Input[bool]] = None,
467
- ready_for_renewal: Optional[pulumi.Input[bool]] = None,
468
- set_subject_key_id: Optional[pulumi.Input[bool]] = None,
469
- validity_end_time: Optional[pulumi.Input[str]] = None,
470
- validity_period_hours: Optional[pulumi.Input[int]] = None,
471
- validity_start_time: Optional[pulumi.Input[str]] = None) -> 'LocallySignedCert':
460
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
461
+ ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
462
+ ca_key_algorithm: Optional[pulumi.Input[builtins.str]] = None,
463
+ ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
464
+ cert_pem: Optional[pulumi.Input[builtins.str]] = None,
465
+ cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
466
+ early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
467
+ is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
468
+ ready_for_renewal: Optional[pulumi.Input[builtins.bool]] = None,
469
+ set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
470
+ validity_end_time: Optional[pulumi.Input[builtins.str]] = None,
471
+ validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
472
+ validity_start_time: Optional[pulumi.Input[builtins.str]] = None) -> 'LocallySignedCert':
472
473
  """
473
474
  Get an existing LocallySignedCert resource's state with the given name, id, and optional extra
474
475
  properties used to qualify the lookup.
@@ -476,18 +477,18 @@ class LocallySignedCert(pulumi.CustomResource):
476
477
  :param str resource_name: The unique name of the resulting resource.
477
478
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
478
479
  :param pulumi.ResourceOptions opts: Options for the resource.
479
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
480
- :param pulumi.Input[str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
481
- :param pulumi.Input[str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
482
- :param pulumi.Input[str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
483
- :param pulumi.Input[str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
484
- :param pulumi.Input[str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
485
- :param pulumi.Input[bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
486
- :param pulumi.Input[bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
487
- :param pulumi.Input[bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
488
- :param pulumi.Input[str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
489
- :param pulumi.Input[int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
490
- :param pulumi.Input[str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
480
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
481
+ :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
482
+ :param pulumi.Input[builtins.str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
483
+ :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
484
+ :param pulumi.Input[builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
485
+ :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
486
+ :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
487
+ :param pulumi.Input[builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
488
+ :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
489
+ :param pulumi.Input[builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
490
+ :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
491
+ :param pulumi.Input[builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
491
492
  """
492
493
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
493
494
 
@@ -510,7 +511,7 @@ class LocallySignedCert(pulumi.CustomResource):
510
511
 
511
512
  @property
512
513
  @pulumi.getter(name="allowedUses")
513
- def allowed_uses(self) -> pulumi.Output[Sequence[str]]:
514
+ def allowed_uses(self) -> pulumi.Output[Sequence[builtins.str]]:
514
515
  """
515
516
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
516
517
  """
@@ -518,7 +519,7 @@ class LocallySignedCert(pulumi.CustomResource):
518
519
 
519
520
  @property
520
521
  @pulumi.getter(name="caCertPem")
521
- def ca_cert_pem(self) -> pulumi.Output[str]:
522
+ def ca_cert_pem(self) -> pulumi.Output[builtins.str]:
522
523
  """
523
524
  Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
524
525
  """
@@ -526,7 +527,7 @@ class LocallySignedCert(pulumi.CustomResource):
526
527
 
527
528
  @property
528
529
  @pulumi.getter(name="caKeyAlgorithm")
529
- def ca_key_algorithm(self) -> pulumi.Output[str]:
530
+ def ca_key_algorithm(self) -> pulumi.Output[builtins.str]:
530
531
  """
531
532
  Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
532
533
  """
@@ -534,7 +535,7 @@ class LocallySignedCert(pulumi.CustomResource):
534
535
 
535
536
  @property
536
537
  @pulumi.getter(name="caPrivateKeyPem")
537
- def ca_private_key_pem(self) -> pulumi.Output[str]:
538
+ def ca_private_key_pem(self) -> pulumi.Output[builtins.str]:
538
539
  """
539
540
  Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
540
541
  """
@@ -542,7 +543,7 @@ class LocallySignedCert(pulumi.CustomResource):
542
543
 
543
544
  @property
544
545
  @pulumi.getter(name="certPem")
545
- def cert_pem(self) -> pulumi.Output[str]:
546
+ def cert_pem(self) -> pulumi.Output[builtins.str]:
546
547
  """
547
548
  Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
548
549
  """
@@ -550,7 +551,7 @@ class LocallySignedCert(pulumi.CustomResource):
550
551
 
551
552
  @property
552
553
  @pulumi.getter(name="certRequestPem")
553
- def cert_request_pem(self) -> pulumi.Output[str]:
554
+ def cert_request_pem(self) -> pulumi.Output[builtins.str]:
554
555
  """
555
556
  Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
556
557
  """
@@ -558,12 +559,12 @@ class LocallySignedCert(pulumi.CustomResource):
558
559
 
559
560
  @property
560
561
  @pulumi.getter(name="earlyRenewalHours")
561
- def early_renewal_hours(self) -> pulumi.Output[int]:
562
+ def early_renewal_hours(self) -> pulumi.Output[builtins.int]:
562
563
  return pulumi.get(self, "early_renewal_hours")
563
564
 
564
565
  @property
565
566
  @pulumi.getter(name="isCaCertificate")
566
- def is_ca_certificate(self) -> pulumi.Output[bool]:
567
+ def is_ca_certificate(self) -> pulumi.Output[builtins.bool]:
567
568
  """
568
569
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
569
570
  """
@@ -571,7 +572,7 @@ class LocallySignedCert(pulumi.CustomResource):
571
572
 
572
573
  @property
573
574
  @pulumi.getter(name="readyForRenewal")
574
- def ready_for_renewal(self) -> pulumi.Output[bool]:
575
+ def ready_for_renewal(self) -> pulumi.Output[builtins.bool]:
575
576
  """
576
577
  Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
577
578
  """
@@ -579,7 +580,7 @@ class LocallySignedCert(pulumi.CustomResource):
579
580
 
580
581
  @property
581
582
  @pulumi.getter(name="setSubjectKeyId")
582
- def set_subject_key_id(self) -> pulumi.Output[bool]:
583
+ def set_subject_key_id(self) -> pulumi.Output[builtins.bool]:
583
584
  """
584
585
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
585
586
  """
@@ -587,7 +588,7 @@ class LocallySignedCert(pulumi.CustomResource):
587
588
 
588
589
  @property
589
590
  @pulumi.getter(name="validityEndTime")
590
- def validity_end_time(self) -> pulumi.Output[str]:
591
+ def validity_end_time(self) -> pulumi.Output[builtins.str]:
591
592
  """
592
593
  The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
593
594
  """
@@ -595,7 +596,7 @@ class LocallySignedCert(pulumi.CustomResource):
595
596
 
596
597
  @property
597
598
  @pulumi.getter(name="validityPeriodHours")
598
- def validity_period_hours(self) -> pulumi.Output[int]:
599
+ def validity_period_hours(self) -> pulumi.Output[builtins.int]:
599
600
  """
600
601
  Number of hours, after initial issuing, that the certificate will remain valid for.
601
602
  """
@@ -603,7 +604,7 @@ class LocallySignedCert(pulumi.CustomResource):
603
604
 
604
605
  @property
605
606
  @pulumi.getter(name="validityStartTime")
606
- def validity_start_time(self) -> pulumi.Output[str]:
607
+ def validity_start_time(self) -> pulumi.Output[builtins.str]:
607
608
  """
608
609
  The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
609
610
  """