pulumi-tls 5.2.0a1745465678__py3-none-any.whl → 5.2.1a1753398320__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. pulumi_tls/__init__.py +2 -2
  2. pulumi_tls/_inputs.py +148 -149
  3. pulumi_tls/_utilities.py +1 -1
  4. pulumi_tls/cert_request.py +92 -92
  5. pulumi_tls/config/__init__.py +2 -2
  6. pulumi_tls/config/__init__.pyi +2 -3
  7. pulumi_tls/config/outputs.py +18 -19
  8. pulumi_tls/config/vars.py +3 -4
  9. pulumi_tls/get_certificate.py +23 -24
  10. pulumi_tls/get_public_key.py +26 -27
  11. pulumi_tls/locally_signed_cert.py +180 -180
  12. pulumi_tls/outputs.py +129 -130
  13. pulumi_tls/private_key.py +117 -117
  14. pulumi_tls/provider.py +24 -4
  15. pulumi_tls/pulumi-plugin.json +1 -1
  16. pulumi_tls/self_signed_cert.py +217 -217
  17. {pulumi_tls-5.2.0a1745465678.dist-info → pulumi_tls-5.2.1a1753398320.dist-info}/METADATA +3 -3
  18. pulumi_tls-5.2.1a1753398320.dist-info/RECORD +21 -0
  19. {pulumi_tls-5.2.0a1745465678.dist-info → pulumi_tls-5.2.1a1753398320.dist-info}/WHEEL +1 -1
  20. pulumi_tls-5.2.0a1745465678.dist-info/RECORD +0 -21
  21. {pulumi_tls-5.2.0a1745465678.dist-info → pulumi_tls-5.2.1a1753398320.dist-info}/top_level.txt +0 -0
pulumi_tls/locally_signed_cert.py CHANGED
@@ -1,9 +1,8 @@
1
1
  # coding=utf-8
2
- # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
2
+ # *** WARNING: this file was generated by pulumi-language-python. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
- import builtins
6
- import copy
5
+ import builtins as _builtins
7
6
  import warnings
8
7
  import sys
9
8
  import pulumi
@@ -20,23 +19,23 @@ __all__ = ['LocallySignedCertArgs', 'LocallySignedCert']
20
19
  @pulumi.input_type
21
20
  class LocallySignedCertArgs:
22
21
  def __init__(__self__, *,
23
- allowed_uses: pulumi.Input[Sequence[pulumi.Input[builtins.str]]],
24
- ca_cert_pem: pulumi.Input[builtins.str],
25
- ca_private_key_pem: pulumi.Input[builtins.str],
26
- cert_request_pem: pulumi.Input[builtins.str],
27
- validity_period_hours: pulumi.Input[builtins.int],
28
- early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
29
- is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
30
- set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None):
22
+ allowed_uses: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
23
+ ca_cert_pem: pulumi.Input[_builtins.str],
24
+ ca_private_key_pem: pulumi.Input[_builtins.str],
25
+ cert_request_pem: pulumi.Input[_builtins.str],
26
+ validity_period_hours: pulumi.Input[_builtins.int],
27
+ early_renewal_hours: Optional[pulumi.Input[_builtins.int]] = None,
28
+ is_ca_certificate: Optional[pulumi.Input[_builtins.bool]] = None,
29
+ set_subject_key_id: Optional[pulumi.Input[_builtins.bool]] = None):
31
30
  """
32
31
  The set of arguments for constructing a LocallySignedCert resource.
33
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
34
- :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
35
- :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
36
- :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
37
- :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
38
- :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
39
- :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
32
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
33
+ :param pulumi.Input[_builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
34
+ :param pulumi.Input[_builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
35
+ :param pulumi.Input[_builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
36
+ :param pulumi.Input[_builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
37
+ :param pulumi.Input[_builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
38
+ :param pulumi.Input[_builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
40
39
  """
41
40
  pulumi.set(__self__, "allowed_uses", allowed_uses)
42
41
  pulumi.set(__self__, "ca_cert_pem", ca_cert_pem)
@@ -50,130 +49,130 @@ class LocallySignedCertArgs:
50
49
  if set_subject_key_id is not None:
51
50
  pulumi.set(__self__, "set_subject_key_id", set_subject_key_id)
52
51
 
53
- @property
52
+ @_builtins.property
54
53
  @pulumi.getter(name="allowedUses")
55
- def allowed_uses(self) -> pulumi.Input[Sequence[pulumi.Input[builtins.str]]]:
54
+ def allowed_uses(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
56
55
  """
57
56
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
58
57
  """
59
58
  return pulumi.get(self, "allowed_uses")
60
59
 
61
60
  @allowed_uses.setter
62
- def allowed_uses(self, value: pulumi.Input[Sequence[pulumi.Input[builtins.str]]]):
61
+ def allowed_uses(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
63
62
  pulumi.set(self, "allowed_uses", value)
64
63
 
65
- @property
64
+ @_builtins.property
66
65
  @pulumi.getter(name="caCertPem")
67
- def ca_cert_pem(self) -> pulumi.Input[builtins.str]:
66
+ def ca_cert_pem(self) -> pulumi.Input[_builtins.str]:
68
67
  """
69
68
  Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
70
69
  """
71
70
  return pulumi.get(self, "ca_cert_pem")
72
71
 
73
72
  @ca_cert_pem.setter
74
- def ca_cert_pem(self, value: pulumi.Input[builtins.str]):
73
+ def ca_cert_pem(self, value: pulumi.Input[_builtins.str]):
75
74
  pulumi.set(self, "ca_cert_pem", value)
76
75
 
77
- @property
76
+ @_builtins.property
78
77
  @pulumi.getter(name="caPrivateKeyPem")
79
- def ca_private_key_pem(self) -> pulumi.Input[builtins.str]:
78
+ def ca_private_key_pem(self) -> pulumi.Input[_builtins.str]:
80
79
  """
81
80
  Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
82
81
  """
83
82
  return pulumi.get(self, "ca_private_key_pem")
84
83
 
85
84
  @ca_private_key_pem.setter
86
- def ca_private_key_pem(self, value: pulumi.Input[builtins.str]):
85
+ def ca_private_key_pem(self, value: pulumi.Input[_builtins.str]):
87
86
  pulumi.set(self, "ca_private_key_pem", value)
88
87
 
89
- @property
88
+ @_builtins.property
90
89
  @pulumi.getter(name="certRequestPem")
91
- def cert_request_pem(self) -> pulumi.Input[builtins.str]:
90
+ def cert_request_pem(self) -> pulumi.Input[_builtins.str]:
92
91
  """
93
92
  Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
94
93
  """
95
94
  return pulumi.get(self, "cert_request_pem")
96
95
 
97
96
  @cert_request_pem.setter
98
- def cert_request_pem(self, value: pulumi.Input[builtins.str]):
97
+ def cert_request_pem(self, value: pulumi.Input[_builtins.str]):
99
98
  pulumi.set(self, "cert_request_pem", value)
100
99
 
101
- @property
100
+ @_builtins.property
102
101
  @pulumi.getter(name="validityPeriodHours")
103
- def validity_period_hours(self) -> pulumi.Input[builtins.int]:
102
+ def validity_period_hours(self) -> pulumi.Input[_builtins.int]:
104
103
  """
105
104
  Number of hours, after initial issuing, that the certificate will remain valid for.
106
105
  """
107
106
  return pulumi.get(self, "validity_period_hours")
108
107
 
109
108
  @validity_period_hours.setter
110
- def validity_period_hours(self, value: pulumi.Input[builtins.int]):
109
+ def validity_period_hours(self, value: pulumi.Input[_builtins.int]):
111
110
  pulumi.set(self, "validity_period_hours", value)
112
111
 
113
- @property
112
+ @_builtins.property
114
113
  @pulumi.getter(name="earlyRenewalHours")
115
- def early_renewal_hours(self) -> Optional[pulumi.Input[builtins.int]]:
114
+ def early_renewal_hours(self) -> Optional[pulumi.Input[_builtins.int]]:
116
115
  return pulumi.get(self, "early_renewal_hours")
117
116
 
118
117
  @early_renewal_hours.setter
119
- def early_renewal_hours(self, value: Optional[pulumi.Input[builtins.int]]):
118
+ def early_renewal_hours(self, value: Optional[pulumi.Input[_builtins.int]]):
120
119
  pulumi.set(self, "early_renewal_hours", value)
121
120
 
122
- @property
121
+ @_builtins.property
123
122
  @pulumi.getter(name="isCaCertificate")
124
- def is_ca_certificate(self) -> Optional[pulumi.Input[builtins.bool]]:
123
+ def is_ca_certificate(self) -> Optional[pulumi.Input[_builtins.bool]]:
125
124
  """
126
125
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
127
126
  """
128
127
  return pulumi.get(self, "is_ca_certificate")
129
128
 
130
129
  @is_ca_certificate.setter
131
- def is_ca_certificate(self, value: Optional[pulumi.Input[builtins.bool]]):
130
+ def is_ca_certificate(self, value: Optional[pulumi.Input[_builtins.bool]]):
132
131
  pulumi.set(self, "is_ca_certificate", value)
133
132
 
134
- @property
133
+ @_builtins.property
135
134
  @pulumi.getter(name="setSubjectKeyId")
136
- def set_subject_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
135
+ def set_subject_key_id(self) -> Optional[pulumi.Input[_builtins.bool]]:
137
136
  """
138
137
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
139
138
  """
140
139
  return pulumi.get(self, "set_subject_key_id")
141
140
 
142
141
  @set_subject_key_id.setter
143
- def set_subject_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
142
+ def set_subject_key_id(self, value: Optional[pulumi.Input[_builtins.bool]]):
144
143
  pulumi.set(self, "set_subject_key_id", value)
145
144
 
146
145
 
147
146
  @pulumi.input_type
148
147
  class _LocallySignedCertState:
149
148
  def __init__(__self__, *,
150
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
151
- ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
152
- ca_key_algorithm: Optional[pulumi.Input[builtins.str]] = None,
153
- ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
154
- cert_pem: Optional[pulumi.Input[builtins.str]] = None,
155
- cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
156
- early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
157
- is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
158
- ready_for_renewal: Optional[pulumi.Input[builtins.bool]] = None,
159
- set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
160
- validity_end_time: Optional[pulumi.Input[builtins.str]] = None,
161
- validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
162
- validity_start_time: Optional[pulumi.Input[builtins.str]] = None):
149
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
150
+ ca_cert_pem: Optional[pulumi.Input[_builtins.str]] = None,
151
+ ca_key_algorithm: Optional[pulumi.Input[_builtins.str]] = None,
152
+ ca_private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
153
+ cert_pem: Optional[pulumi.Input[_builtins.str]] = None,
154
+ cert_request_pem: Optional[pulumi.Input[_builtins.str]] = None,
155
+ early_renewal_hours: Optional[pulumi.Input[_builtins.int]] = None,
156
+ is_ca_certificate: Optional[pulumi.Input[_builtins.bool]] = None,
157
+ ready_for_renewal: Optional[pulumi.Input[_builtins.bool]] = None,
158
+ set_subject_key_id: Optional[pulumi.Input[_builtins.bool]] = None,
159
+ validity_end_time: Optional[pulumi.Input[_builtins.str]] = None,
160
+ validity_period_hours: Optional[pulumi.Input[_builtins.int]] = None,
161
+ validity_start_time: Optional[pulumi.Input[_builtins.str]] = None):
163
162
  """
164
163
  Input properties used for looking up and filtering LocallySignedCert resources.
165
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
166
- :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
167
- :param pulumi.Input[builtins.str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
168
- :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
169
- :param pulumi.Input[builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
170
- :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
171
- :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
172
- :param pulumi.Input[builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
173
- :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
174
- :param pulumi.Input[builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
175
- :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
176
- :param pulumi.Input[builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
164
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
165
+ :param pulumi.Input[_builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
166
+ :param pulumi.Input[_builtins.str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
167
+ :param pulumi.Input[_builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
168
+ :param pulumi.Input[_builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
169
+ :param pulumi.Input[_builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
170
+ :param pulumi.Input[_builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
171
+ :param pulumi.Input[_builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
172
+ :param pulumi.Input[_builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
173
+ :param pulumi.Input[_builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
174
+ :param pulumi.Input[_builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
175
+ :param pulumi.Input[_builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
177
176
  """
178
177
  if allowed_uses is not None:
179
178
  pulumi.set(__self__, "allowed_uses", allowed_uses)
@@ -202,185 +201,186 @@ class _LocallySignedCertState:
202
201
  if validity_start_time is not None:
203
202
  pulumi.set(__self__, "validity_start_time", validity_start_time)
204
203
 
205
- @property
204
+ @_builtins.property
206
205
  @pulumi.getter(name="allowedUses")
207
- def allowed_uses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
206
+ def allowed_uses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
208
207
  """
209
208
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
210
209
  """
211
210
  return pulumi.get(self, "allowed_uses")
212
211
 
213
212
  @allowed_uses.setter
214
- def allowed_uses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
213
+ def allowed_uses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
215
214
  pulumi.set(self, "allowed_uses", value)
216
215
 
217
- @property
216
+ @_builtins.property
218
217
  @pulumi.getter(name="caCertPem")
219
- def ca_cert_pem(self) -> Optional[pulumi.Input[builtins.str]]:
218
+ def ca_cert_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
220
219
  """
221
220
  Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
222
221
  """
223
222
  return pulumi.get(self, "ca_cert_pem")
224
223
 
225
224
  @ca_cert_pem.setter
226
- def ca_cert_pem(self, value: Optional[pulumi.Input[builtins.str]]):
225
+ def ca_cert_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
227
226
  pulumi.set(self, "ca_cert_pem", value)
228
227
 
229
- @property
228
+ @_builtins.property
230
229
  @pulumi.getter(name="caKeyAlgorithm")
231
- def ca_key_algorithm(self) -> Optional[pulumi.Input[builtins.str]]:
230
+ def ca_key_algorithm(self) -> Optional[pulumi.Input[_builtins.str]]:
232
231
  """
233
232
  Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
234
233
  """
235
234
  return pulumi.get(self, "ca_key_algorithm")
236
235
 
237
236
  @ca_key_algorithm.setter
238
- def ca_key_algorithm(self, value: Optional[pulumi.Input[builtins.str]]):
237
+ def ca_key_algorithm(self, value: Optional[pulumi.Input[_builtins.str]]):
239
238
  pulumi.set(self, "ca_key_algorithm", value)
240
239
 
241
- @property
240
+ @_builtins.property
242
241
  @pulumi.getter(name="caPrivateKeyPem")
243
- def ca_private_key_pem(self) -> Optional[pulumi.Input[builtins.str]]:
242
+ def ca_private_key_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
244
243
  """
245
244
  Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
246
245
  """
247
246
  return pulumi.get(self, "ca_private_key_pem")
248
247
 
249
248
  @ca_private_key_pem.setter
250
- def ca_private_key_pem(self, value: Optional[pulumi.Input[builtins.str]]):
249
+ def ca_private_key_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
251
250
  pulumi.set(self, "ca_private_key_pem", value)
252
251
 
253
- @property
252
+ @_builtins.property
254
253
  @pulumi.getter(name="certPem")
255
- def cert_pem(self) -> Optional[pulumi.Input[builtins.str]]:
254
+ def cert_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
256
255
  """
257
256
  Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
258
257
  """
259
258
  return pulumi.get(self, "cert_pem")
260
259
 
261
260
  @cert_pem.setter
262
- def cert_pem(self, value: Optional[pulumi.Input[builtins.str]]):
261
+ def cert_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
263
262
  pulumi.set(self, "cert_pem", value)
264
263
 
265
- @property
264
+ @_builtins.property
266
265
  @pulumi.getter(name="certRequestPem")
267
- def cert_request_pem(self) -> Optional[pulumi.Input[builtins.str]]:
266
+ def cert_request_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
268
267
  """
269
268
  Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
270
269
  """
271
270
  return pulumi.get(self, "cert_request_pem")
272
271
 
273
272
  @cert_request_pem.setter
274
- def cert_request_pem(self, value: Optional[pulumi.Input[builtins.str]]):
273
+ def cert_request_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
275
274
  pulumi.set(self, "cert_request_pem", value)
276
275
 
277
- @property
276
+ @_builtins.property
278
277
  @pulumi.getter(name="earlyRenewalHours")
279
- def early_renewal_hours(self) -> Optional[pulumi.Input[builtins.int]]:
278
+ def early_renewal_hours(self) -> Optional[pulumi.Input[_builtins.int]]:
280
279
  return pulumi.get(self, "early_renewal_hours")
281
280
 
282
281
  @early_renewal_hours.setter
283
- def early_renewal_hours(self, value: Optional[pulumi.Input[builtins.int]]):
282
+ def early_renewal_hours(self, value: Optional[pulumi.Input[_builtins.int]]):
284
283
  pulumi.set(self, "early_renewal_hours", value)
285
284
 
286
- @property
285
+ @_builtins.property
287
286
  @pulumi.getter(name="isCaCertificate")
288
- def is_ca_certificate(self) -> Optional[pulumi.Input[builtins.bool]]:
287
+ def is_ca_certificate(self) -> Optional[pulumi.Input[_builtins.bool]]:
289
288
  """
290
289
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
291
290
  """
292
291
  return pulumi.get(self, "is_ca_certificate")
293
292
 
294
293
  @is_ca_certificate.setter
295
- def is_ca_certificate(self, value: Optional[pulumi.Input[builtins.bool]]):
294
+ def is_ca_certificate(self, value: Optional[pulumi.Input[_builtins.bool]]):
296
295
  pulumi.set(self, "is_ca_certificate", value)
297
296
 
298
- @property
297
+ @_builtins.property
299
298
  @pulumi.getter(name="readyForRenewal")
300
- def ready_for_renewal(self) -> Optional[pulumi.Input[builtins.bool]]:
299
+ def ready_for_renewal(self) -> Optional[pulumi.Input[_builtins.bool]]:
301
300
  """
302
301
  Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
303
302
  """
304
303
  return pulumi.get(self, "ready_for_renewal")
305
304
 
306
305
  @ready_for_renewal.setter
307
- def ready_for_renewal(self, value: Optional[pulumi.Input[builtins.bool]]):
306
+ def ready_for_renewal(self, value: Optional[pulumi.Input[_builtins.bool]]):
308
307
  pulumi.set(self, "ready_for_renewal", value)
309
308
 
310
- @property
309
+ @_builtins.property
311
310
  @pulumi.getter(name="setSubjectKeyId")
312
- def set_subject_key_id(self) -> Optional[pulumi.Input[builtins.bool]]:
311
+ def set_subject_key_id(self) -> Optional[pulumi.Input[_builtins.bool]]:
313
312
  """
314
313
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
315
314
  """
316
315
  return pulumi.get(self, "set_subject_key_id")
317
316
 
318
317
  @set_subject_key_id.setter
319
- def set_subject_key_id(self, value: Optional[pulumi.Input[builtins.bool]]):
318
+ def set_subject_key_id(self, value: Optional[pulumi.Input[_builtins.bool]]):
320
319
  pulumi.set(self, "set_subject_key_id", value)
321
320
 
322
- @property
321
+ @_builtins.property
323
322
  @pulumi.getter(name="validityEndTime")
324
- def validity_end_time(self) -> Optional[pulumi.Input[builtins.str]]:
323
+ def validity_end_time(self) -> Optional[pulumi.Input[_builtins.str]]:
325
324
  """
326
325
  The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
327
326
  """
328
327
  return pulumi.get(self, "validity_end_time")
329
328
 
330
329
  @validity_end_time.setter
331
- def validity_end_time(self, value: Optional[pulumi.Input[builtins.str]]):
330
+ def validity_end_time(self, value: Optional[pulumi.Input[_builtins.str]]):
332
331
  pulumi.set(self, "validity_end_time", value)
333
332
 
334
- @property
333
+ @_builtins.property
335
334
  @pulumi.getter(name="validityPeriodHours")
336
- def validity_period_hours(self) -> Optional[pulumi.Input[builtins.int]]:
335
+ def validity_period_hours(self) -> Optional[pulumi.Input[_builtins.int]]:
337
336
  """
338
337
  Number of hours, after initial issuing, that the certificate will remain valid for.
339
338
  """
340
339
  return pulumi.get(self, "validity_period_hours")
341
340
 
342
341
  @validity_period_hours.setter
343
- def validity_period_hours(self, value: Optional[pulumi.Input[builtins.int]]):
342
+ def validity_period_hours(self, value: Optional[pulumi.Input[_builtins.int]]):
344
343
  pulumi.set(self, "validity_period_hours", value)
345
344
 
346
- @property
345
+ @_builtins.property
347
346
  @pulumi.getter(name="validityStartTime")
348
- def validity_start_time(self) -> Optional[pulumi.Input[builtins.str]]:
347
+ def validity_start_time(self) -> Optional[pulumi.Input[_builtins.str]]:
349
348
  """
350
349
  The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
351
350
  """
352
351
  return pulumi.get(self, "validity_start_time")
353
352
 
354
353
  @validity_start_time.setter
355
- def validity_start_time(self, value: Optional[pulumi.Input[builtins.str]]):
354
+ def validity_start_time(self, value: Optional[pulumi.Input[_builtins.str]]):
356
355
  pulumi.set(self, "validity_start_time", value)
357
356
 
358
357
 
358
+ @pulumi.type_token("tls:index/locallySignedCert:LocallySignedCert")
359
359
  class LocallySignedCert(pulumi.CustomResource):
360
360
  @overload
361
361
  def __init__(__self__,
362
362
  resource_name: str,
363
363
  opts: Optional[pulumi.ResourceOptions] = None,
364
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
365
- ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
366
- ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
367
- cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
368
- early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
369
- is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
370
- set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
371
- validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
364
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
365
+ ca_cert_pem: Optional[pulumi.Input[_builtins.str]] = None,
366
+ ca_private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
367
+ cert_request_pem: Optional[pulumi.Input[_builtins.str]] = None,
368
+ early_renewal_hours: Optional[pulumi.Input[_builtins.int]] = None,
369
+ is_ca_certificate: Optional[pulumi.Input[_builtins.bool]] = None,
370
+ set_subject_key_id: Optional[pulumi.Input[_builtins.bool]] = None,
371
+ validity_period_hours: Optional[pulumi.Input[_builtins.int]] = None,
372
372
  __props__=None):
373
373
  """
374
374
  Create a LocallySignedCert resource with the given unique name, props, and options.
375
375
  :param str resource_name: The name of the resource.
376
376
  :param pulumi.ResourceOptions opts: Options for the resource.
377
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
378
- :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
379
- :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
380
- :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
381
- :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
382
- :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
383
- :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
377
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
378
+ :param pulumi.Input[_builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
379
+ :param pulumi.Input[_builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
380
+ :param pulumi.Input[_builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
381
+ :param pulumi.Input[_builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
382
+ :param pulumi.Input[_builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
383
+ :param pulumi.Input[_builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
384
384
  """
385
385
  ...
386
386
  @overload
@@ -405,14 +405,14 @@ class LocallySignedCert(pulumi.CustomResource):
405
405
  def _internal_init(__self__,
406
406
  resource_name: str,
407
407
  opts: Optional[pulumi.ResourceOptions] = None,
408
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
409
- ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
410
- ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
411
- cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
412
- early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
413
- is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
414
- set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
415
- validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
408
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
409
+ ca_cert_pem: Optional[pulumi.Input[_builtins.str]] = None,
410
+ ca_private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
411
+ cert_request_pem: Optional[pulumi.Input[_builtins.str]] = None,
412
+ early_renewal_hours: Optional[pulumi.Input[_builtins.int]] = None,
413
+ is_ca_certificate: Optional[pulumi.Input[_builtins.bool]] = None,
414
+ set_subject_key_id: Optional[pulumi.Input[_builtins.bool]] = None,
415
+ validity_period_hours: Optional[pulumi.Input[_builtins.int]] = None,
416
416
  __props__=None):
417
417
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
418
418
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -457,19 +457,19 @@ class LocallySignedCert(pulumi.CustomResource):
457
457
  def get(resource_name: str,
458
458
  id: pulumi.Input[str],
459
459
  opts: Optional[pulumi.ResourceOptions] = None,
460
- allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
461
- ca_cert_pem: Optional[pulumi.Input[builtins.str]] = None,
462
- ca_key_algorithm: Optional[pulumi.Input[builtins.str]] = None,
463
- ca_private_key_pem: Optional[pulumi.Input[builtins.str]] = None,
464
- cert_pem: Optional[pulumi.Input[builtins.str]] = None,
465
- cert_request_pem: Optional[pulumi.Input[builtins.str]] = None,
466
- early_renewal_hours: Optional[pulumi.Input[builtins.int]] = None,
467
- is_ca_certificate: Optional[pulumi.Input[builtins.bool]] = None,
468
- ready_for_renewal: Optional[pulumi.Input[builtins.bool]] = None,
469
- set_subject_key_id: Optional[pulumi.Input[builtins.bool]] = None,
470
- validity_end_time: Optional[pulumi.Input[builtins.str]] = None,
471
- validity_period_hours: Optional[pulumi.Input[builtins.int]] = None,
472
- validity_start_time: Optional[pulumi.Input[builtins.str]] = None) -> 'LocallySignedCert':
460
+ allowed_uses: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
461
+ ca_cert_pem: Optional[pulumi.Input[_builtins.str]] = None,
462
+ ca_key_algorithm: Optional[pulumi.Input[_builtins.str]] = None,
463
+ ca_private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
464
+ cert_pem: Optional[pulumi.Input[_builtins.str]] = None,
465
+ cert_request_pem: Optional[pulumi.Input[_builtins.str]] = None,
466
+ early_renewal_hours: Optional[pulumi.Input[_builtins.int]] = None,
467
+ is_ca_certificate: Optional[pulumi.Input[_builtins.bool]] = None,
468
+ ready_for_renewal: Optional[pulumi.Input[_builtins.bool]] = None,
469
+ set_subject_key_id: Optional[pulumi.Input[_builtins.bool]] = None,
470
+ validity_end_time: Optional[pulumi.Input[_builtins.str]] = None,
471
+ validity_period_hours: Optional[pulumi.Input[_builtins.int]] = None,
472
+ validity_start_time: Optional[pulumi.Input[_builtins.str]] = None) -> 'LocallySignedCert':
473
473
  """
474
474
  Get an existing LocallySignedCert resource's state with the given name, id, and optional extra
475
475
  properties used to qualify the lookup.
@@ -477,18 +477,18 @@ class LocallySignedCert(pulumi.CustomResource):
477
477
  :param str resource_name: The unique name of the resulting resource.
478
478
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
479
479
  :param pulumi.ResourceOptions opts: Options for the resource.
480
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
481
- :param pulumi.Input[builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
482
- :param pulumi.Input[builtins.str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
483
- :param pulumi.Input[builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
484
- :param pulumi.Input[builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
485
- :param pulumi.Input[builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
486
- :param pulumi.Input[builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
487
- :param pulumi.Input[builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
488
- :param pulumi.Input[builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
489
- :param pulumi.Input[builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
490
- :param pulumi.Input[builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
491
- :param pulumi.Input[builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
480
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_uses: List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
481
+ :param pulumi.Input[_builtins.str] ca_cert_pem: Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
482
+ :param pulumi.Input[_builtins.str] ca_key_algorithm: Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
483
+ :param pulumi.Input[_builtins.str] ca_private_key_pem: Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
484
+ :param pulumi.Input[_builtins.str] cert_pem: Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
485
+ :param pulumi.Input[_builtins.str] cert_request_pem: Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
486
+ :param pulumi.Input[_builtins.bool] is_ca_certificate: Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
487
+ :param pulumi.Input[_builtins.bool] ready_for_renewal: Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
488
+ :param pulumi.Input[_builtins.bool] set_subject_key_id: Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
489
+ :param pulumi.Input[_builtins.str] validity_end_time: The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
490
+ :param pulumi.Input[_builtins.int] validity_period_hours: Number of hours, after initial issuing, that the certificate will remain valid for.
491
+ :param pulumi.Input[_builtins.str] validity_start_time: The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
492
492
  """
493
493
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
494
494
 
@@ -509,102 +509,102 @@ class LocallySignedCert(pulumi.CustomResource):
509
509
  __props__.__dict__["validity_start_time"] = validity_start_time
510
510
  return LocallySignedCert(resource_name, opts=opts, __props__=__props__)
511
511
 
512
- @property
512
+ @_builtins.property
513
513
  @pulumi.getter(name="allowedUses")
514
- def allowed_uses(self) -> pulumi.Output[Sequence[builtins.str]]:
514
+ def allowed_uses(self) -> pulumi.Output[Sequence[_builtins.str]]:
515
515
  """
516
516
  List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `any_extended`, `cert_signing`, `client_auth`, `code_signing`, `content_commitment`, `crl_signing`, `data_encipherment`, `decipher_only`, `digital_signature`, `email_protection`, `encipher_only`, `ipsec_end_system`, `ipsec_tunnel`, `ipsec_user`, `key_agreement`, `key_encipherment`, `microsoft_commercial_code_signing`, `microsoft_kernel_code_signing`, `microsoft_server_gated_crypto`, `netscape_server_gated_crypto`, `ocsp_signing`, `server_auth`, `timestamping`.
517
517
  """
518
518
  return pulumi.get(self, "allowed_uses")
519
519
 
520
- @property
520
+ @_builtins.property
521
521
  @pulumi.getter(name="caCertPem")
522
- def ca_cert_pem(self) -> pulumi.Output[builtins.str]:
522
+ def ca_cert_pem(self) -> pulumi.Output[_builtins.str]:
523
523
  """
524
524
  Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
525
525
  """
526
526
  return pulumi.get(self, "ca_cert_pem")
527
527
 
528
- @property
528
+ @_builtins.property
529
529
  @pulumi.getter(name="caKeyAlgorithm")
530
- def ca_key_algorithm(self) -> pulumi.Output[builtins.str]:
530
+ def ca_key_algorithm(self) -> pulumi.Output[_builtins.str]:
531
531
  """
532
532
  Name of the algorithm used when generating the private key provided in `ca_private_key_pem`.
533
533
  """
534
534
  return pulumi.get(self, "ca_key_algorithm")
535
535
 
536
- @property
536
+ @_builtins.property
537
537
  @pulumi.getter(name="caPrivateKeyPem")
538
- def ca_private_key_pem(self) -> pulumi.Output[builtins.str]:
538
+ def ca_private_key_pem(self) -> pulumi.Output[_builtins.str]:
539
539
  """
540
540
  Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
541
541
  """
542
542
  return pulumi.get(self, "ca_private_key_pem")
543
543
 
544
- @property
544
+ @_builtins.property
545
545
  @pulumi.getter(name="certPem")
546
- def cert_pem(self) -> pulumi.Output[builtins.str]:
546
+ def cert_pem(self) -> pulumi.Output[_builtins.str]:
547
547
  """
548
548
  Certificate data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`.
549
549
  """
550
550
  return pulumi.get(self, "cert_pem")
551
551
 
552
- @property
552
+ @_builtins.property
553
553
  @pulumi.getter(name="certRequestPem")
554
- def cert_request_pem(self) -> pulumi.Output[builtins.str]:
554
+ def cert_request_pem(self) -> pulumi.Output[_builtins.str]:
555
555
  """
556
556
  Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
557
557
  """
558
558
  return pulumi.get(self, "cert_request_pem")
559
559
 
560
- @property
560
+ @_builtins.property
561
561
  @pulumi.getter(name="earlyRenewalHours")
562
- def early_renewal_hours(self) -> pulumi.Output[builtins.int]:
562
+ def early_renewal_hours(self) -> pulumi.Output[_builtins.int]:
563
563
  return pulumi.get(self, "early_renewal_hours")
564
564
 
565
- @property
565
+ @_builtins.property
566
566
  @pulumi.getter(name="isCaCertificate")
567
- def is_ca_certificate(self) -> pulumi.Output[builtins.bool]:
567
+ def is_ca_certificate(self) -> pulumi.Output[_builtins.bool]:
568
568
  """
569
569
  Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
570
570
  """
571
571
  return pulumi.get(self, "is_ca_certificate")
572
572
 
573
- @property
573
+ @_builtins.property
574
574
  @pulumi.getter(name="readyForRenewal")
575
- def ready_for_renewal(self) -> pulumi.Output[builtins.bool]:
575
+ def ready_for_renewal(self) -> pulumi.Output[_builtins.bool]:
576
576
  """
577
577
  Is the certificate either expired (i.e. beyond the `validity_period_hours`) or ready for an early renewal (i.e. within the `early_renewal_hours`)?
578
578
  """
579
579
  return pulumi.get(self, "ready_for_renewal")
580
580
 
581
- @property
581
+ @_builtins.property
582
582
  @pulumi.getter(name="setSubjectKeyId")
583
- def set_subject_key_id(self) -> pulumi.Output[builtins.bool]:
583
+ def set_subject_key_id(self) -> pulumi.Output[_builtins.bool]:
584
584
  """
585
585
  Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
586
586
  """
587
587
  return pulumi.get(self, "set_subject_key_id")
588
588
 
589
- @property
589
+ @_builtins.property
590
590
  @pulumi.getter(name="validityEndTime")
591
- def validity_end_time(self) -> pulumi.Output[builtins.str]:
591
+ def validity_end_time(self) -> pulumi.Output[_builtins.str]:
592
592
  """
593
593
  The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
594
594
  """
595
595
  return pulumi.get(self, "validity_end_time")
596
596
 
597
- @property
597
+ @_builtins.property
598
598
  @pulumi.getter(name="validityPeriodHours")
599
- def validity_period_hours(self) -> pulumi.Output[builtins.int]:
599
+ def validity_period_hours(self) -> pulumi.Output[_builtins.int]:
600
600
  """
601
601
  Number of hours, after initial issuing, that the certificate will remain valid for.
602
602
  """
603
603
  return pulumi.get(self, "validity_period_hours")
604
604
 
605
- @property
605
+ @_builtins.property
606
606
  @pulumi.getter(name="validityStartTime")
607
- def validity_start_time(self) -> pulumi.Output[builtins.str]:
607
+ def validity_start_time(self) -> pulumi.Output[_builtins.str]:
608
608
  """
609
609
  The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
610
610
  """