pulumi-venafi 1.10.0a1715766105__py3-none-any.whl → 1.11.0a1736835975__py3-none-any.whl

pulumi_venafi/cloud_keystore_installation.py

@@ -0,0 +1,409 @@
+# coding=utf-8
+# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import copy
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from . import _utilities
+
+__all__ = ['CloudKeystoreInstallationArgs', 'CloudKeystoreInstallation']
+
+@pulumi.input_type
+class CloudKeystoreInstallationArgs:
+    def __init__(__self__, *,
+                 certificate_id: pulumi.Input[str],
+                 cloud_keystore_id: pulumi.Input[str],
+                 arn: Optional[pulumi.Input[str]] = None,
+                 cloud_certificate_name: Optional[pulumi.Input[str]] = None):
+        """
+        The set of arguments for constructing a CloudKeystoreInstallation resource.
+        :param pulumi.Input[str] certificate_id: ID of the certificate to be provisioned to the given `keystore_id`.
+        :param pulumi.Input[str] cloud_keystore_id: ID of the cloud keystore where the certificate will be provisioned.
+        :param pulumi.Input[str] arn: ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
+        :param pulumi.Input[str] cloud_certificate_name: Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from `certificate_id`. Only valid for AKV and GCM keystores.
+        """
+        pulumi.set(__self__, "certificate_id", certificate_id)
+        pulumi.set(__self__, "cloud_keystore_id", cloud_keystore_id)
+        if arn is not None:
+            pulumi.set(__self__, "arn", arn)
+        if cloud_certificate_name is not None:
+            pulumi.set(__self__, "cloud_certificate_name", cloud_certificate_name)
+
+    @property
+    @pulumi.getter(name="certificateId")
+    def certificate_id(self) -> pulumi.Input[str]:
+        """
+        ID of the certificate to be provisioned to the given `keystore_id`.
+        """
+        return pulumi.get(self, "certificate_id")
+
+    @certificate_id.setter
+    def certificate_id(self, value: pulumi.Input[str]):
+        pulumi.set(self, "certificate_id", value)
+
+    @property
+    @pulumi.getter(name="cloudKeystoreId")
+    def cloud_keystore_id(self) -> pulumi.Input[str]:
+        """
+        ID of the cloud keystore where the certificate will be provisioned.
+        """
+        return pulumi.get(self, "cloud_keystore_id")
+
+    @cloud_keystore_id.setter
+    def cloud_keystore_id(self, value: pulumi.Input[str]):
+        pulumi.set(self, "cloud_keystore_id", value)
+
+    @property
+    @pulumi.getter
+    def arn(self) -> Optional[pulumi.Input[str]]:
+        """
+        ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
+        """
+        return pulumi.get(self, "arn")
+
+    @arn.setter
+    def arn(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "arn", value)
+
+    @property
+    @pulumi.getter(name="cloudCertificateName")
+    def cloud_certificate_name(self) -> Optional[pulumi.Input[str]]:
+        """
+        Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from `certificate_id`. Only valid for AKV and GCM keystores.
+        """
+        return pulumi.get(self, "cloud_certificate_name")
+
+    @cloud_certificate_name.setter
+    def cloud_certificate_name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "cloud_certificate_name", value)
+
+
+@pulumi.input_type
+class _CloudKeystoreInstallationState:
+    def __init__(__self__, *,
+                 arn: Optional[pulumi.Input[str]] = None,
+                 certificate_id: Optional[pulumi.Input[str]] = None,
+                 cloud_certificate_id: Optional[pulumi.Input[str]] = None,
+                 cloud_certificate_metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
+                 cloud_certificate_name: Optional[pulumi.Input[str]] = None,
+                 cloud_keystore_id: Optional[pulumi.Input[str]] = None):
+        """
+        Input properties used for looking up and filtering CloudKeystoreInstallation resources.
+        :param pulumi.Input[str] arn: ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
+        :param pulumi.Input[str] certificate_id: ID of the certificate to be provisioned to the given `keystore_id`.
+        :param pulumi.Input[str] cloud_certificate_id: The ID of the provisioned certificate within the Cloud Keystore
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] cloud_certificate_metadata: Metadata of the provisioned certificate from the Cloud Keystore
+        :param pulumi.Input[str] cloud_certificate_name: Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from `certificate_id`. Only valid for AKV and GCM keystores.
+        :param pulumi.Input[str] cloud_keystore_id: ID of the cloud keystore where the certificate will be provisioned.
+        """
+        if arn is not None:
+            pulumi.set(__self__, "arn", arn)
+        if certificate_id is not None:
+            pulumi.set(__self__, "certificate_id", certificate_id)
+        if cloud_certificate_id is not None:
+            pulumi.set(__self__, "cloud_certificate_id", cloud_certificate_id)
+        if cloud_certificate_metadata is not None:
+            pulumi.set(__self__, "cloud_certificate_metadata", cloud_certificate_metadata)
+        if cloud_certificate_name is not None:
+            pulumi.set(__self__, "cloud_certificate_name", cloud_certificate_name)
+        if cloud_keystore_id is not None:
+            pulumi.set(__self__, "cloud_keystore_id", cloud_keystore_id)
+
+    @property
+    @pulumi.getter
+    def arn(self) -> Optional[pulumi.Input[str]]:
+        """
+        ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
+        """
+        return pulumi.get(self, "arn")
+
+    @arn.setter
+    def arn(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "arn", value)
+
+    @property
+    @pulumi.getter(name="certificateId")
+    def certificate_id(self) -> Optional[pulumi.Input[str]]:
+        """
+        ID of the certificate to be provisioned to the given `keystore_id`.
+        """
+        return pulumi.get(self, "certificate_id")
+
+    @certificate_id.setter
+    def certificate_id(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "certificate_id", value)
+
+    @property
+    @pulumi.getter(name="cloudCertificateId")
+    def cloud_certificate_id(self) -> Optional[pulumi.Input[str]]:
+        """
+        The ID of the provisioned certificate within the Cloud Keystore
+        """
+        return pulumi.get(self, "cloud_certificate_id")
+
+    @cloud_certificate_id.setter
+    def cloud_certificate_id(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "cloud_certificate_id", value)
+
+    @property
+    @pulumi.getter(name="cloudCertificateMetadata")
+    def cloud_certificate_metadata(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+        """
+        Metadata of the provisioned certificate from the Cloud Keystore
+        """
+        return pulumi.get(self, "cloud_certificate_metadata")
+
+    @cloud_certificate_metadata.setter
+    def cloud_certificate_metadata(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+        pulumi.set(self, "cloud_certificate_metadata", value)
+
+    @property
+    @pulumi.getter(name="cloudCertificateName")
+    def cloud_certificate_name(self) -> Optional[pulumi.Input[str]]:
+        """
+        Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from `certificate_id`. Only valid for AKV and GCM keystores.
+        """
+        return pulumi.get(self, "cloud_certificate_name")
+
+    @cloud_certificate_name.setter
+    def cloud_certificate_name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "cloud_certificate_name", value)
+
+    @property
+    @pulumi.getter(name="cloudKeystoreId")
+    def cloud_keystore_id(self) -> Optional[pulumi.Input[str]]:
+        """
+        ID of the cloud keystore where the certificate will be provisioned.
+        """
+        return pulumi.get(self, "cloud_keystore_id")
+
+    @cloud_keystore_id.setter
+    def cloud_keystore_id(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "cloud_keystore_id", value)
+
+
+class CloudKeystoreInstallation(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 arn: Optional[pulumi.Input[str]] = None,
+                 certificate_id: Optional[pulumi.Input[str]] = None,
+                 cloud_certificate_name: Optional[pulumi.Input[str]] = None,
+                 cloud_keystore_id: Optional[pulumi.Input[str]] = None,
+                 __props__=None):
+        """
+        Provisions a certificate from Venafi Control Plane's inventory to any of the supported Cloud Providers: Amazon
+        Certificate Manager, Azure KeyVault or Google Certificate Manager. Exports the ID of the provisioned certificate:
+        certificate name for AKV and GCM or ARN for ACM.
+
+        ## Example Usage
+
+        ```python
+        import pulumi
+        import pulumi_venafi as venafi
+
+        # Provision a certificate to cloud keystore with static values
+        ck_installation_example_by_id = venafi.CloudKeystoreInstallation("ck_installation_example_by_id",
+            cloud_keystore_id="e48897d0-2762-11ef-198k-79ac590dd358",
+            certificate_id="1877af16-2762-11ef-8fab-cc123456ff7",
+            cloud_certificate_name="com-terraform-example-com")
+        # Provision a certificate to cloud keystore
+        ck_installation_example = venafi.CloudKeystoreInstallation("ck_installation_example",
+            cloud_keystore_id=ck_example["id"],
+            certificate_id=certificate_example["certificateId"],
+            cloud_certificate_name=certificate_example["commonName"])
+        ```
+
+        ## Import
+
+        Using `pulumi import`, import a Machine Identity from Venafi Control Plane using their ID. For example:
+
+        console
+
+        ```sh
+        $ pulumi import venafi:index/cloudKeystoreInstallation:CloudKeystoreInstallation example 2155bd32-2234-22ac-7cfd-ff1198845aa2
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[str] arn: ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
+        :param pulumi.Input[str] certificate_id: ID of the certificate to be provisioned to the given `keystore_id`.
+        :param pulumi.Input[str] cloud_certificate_name: Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from `certificate_id`. Only valid for AKV and GCM keystores.
+        :param pulumi.Input[str] cloud_keystore_id: ID of the cloud keystore where the certificate will be provisioned.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: CloudKeystoreInstallationArgs,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        Provisions a certificate from Venafi Control Plane's inventory to any of the supported Cloud Providers: Amazon
+        Certificate Manager, Azure KeyVault or Google Certificate Manager. Exports the ID of the provisioned certificate:
+        certificate name for AKV and GCM or ARN for ACM.
+
+        ## Example Usage
+
+        ```python
+        import pulumi
+        import pulumi_venafi as venafi
+
+        # Provision a certificate to cloud keystore with static values
+        ck_installation_example_by_id = venafi.CloudKeystoreInstallation("ck_installation_example_by_id",
+            cloud_keystore_id="e48897d0-2762-11ef-198k-79ac590dd358",
+            certificate_id="1877af16-2762-11ef-8fab-cc123456ff7",
+            cloud_certificate_name="com-terraform-example-com")
+        # Provision a certificate to cloud keystore
+        ck_installation_example = venafi.CloudKeystoreInstallation("ck_installation_example",
+            cloud_keystore_id=ck_example["id"],
+            certificate_id=certificate_example["certificateId"],
+            cloud_certificate_name=certificate_example["commonName"])
+        ```
+
+        ## Import
+
+        Using `pulumi import`, import a Machine Identity from Venafi Control Plane using their ID. For example:
+
+        console
+
+        ```sh
+        $ pulumi import venafi:index/cloudKeystoreInstallation:CloudKeystoreInstallation example 2155bd32-2234-22ac-7cfd-ff1198845aa2
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param CloudKeystoreInstallationArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(CloudKeystoreInstallationArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 arn: Optional[pulumi.Input[str]] = None,
+                 certificate_id: Optional[pulumi.Input[str]] = None,
+                 cloud_certificate_name: Optional[pulumi.Input[str]] = None,
+                 cloud_keystore_id: Optional[pulumi.Input[str]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = CloudKeystoreInstallationArgs.__new__(CloudKeystoreInstallationArgs)
+
+            __props__.__dict__["arn"] = arn
+            if certificate_id is None and not opts.urn:
+                raise TypeError("Missing required property 'certificate_id'")
+            __props__.__dict__["certificate_id"] = certificate_id
+            __props__.__dict__["cloud_certificate_name"] = cloud_certificate_name
+            if cloud_keystore_id is None and not opts.urn:
+                raise TypeError("Missing required property 'cloud_keystore_id'")
+            __props__.__dict__["cloud_keystore_id"] = cloud_keystore_id
+            __props__.__dict__["cloud_certificate_id"] = None
+            __props__.__dict__["cloud_certificate_metadata"] = None
+        super(CloudKeystoreInstallation, __self__).__init__(
+            'venafi:index/cloudKeystoreInstallation:CloudKeystoreInstallation',
+            resource_name,
+            __props__,
+            opts)
+
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            arn: Optional[pulumi.Input[str]] = None,
+            certificate_id: Optional[pulumi.Input[str]] = None,
+            cloud_certificate_id: Optional[pulumi.Input[str]] = None,
+            cloud_certificate_metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
+            cloud_certificate_name: Optional[pulumi.Input[str]] = None,
+            cloud_keystore_id: Optional[pulumi.Input[str]] = None) -> 'CloudKeystoreInstallation':
+        """
+        Get an existing CloudKeystoreInstallation resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[str] arn: ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
+        :param pulumi.Input[str] certificate_id: ID of the certificate to be provisioned to the given `keystore_id`.
+        :param pulumi.Input[str] cloud_certificate_id: The ID of the provisioned certificate within the Cloud Keystore
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] cloud_certificate_metadata: Metadata of the provisioned certificate from the Cloud Keystore
+        :param pulumi.Input[str] cloud_certificate_name: Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from `certificate_id`. Only valid for AKV and GCM keystores.
+        :param pulumi.Input[str] cloud_keystore_id: ID of the cloud keystore where the certificate will be provisioned.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+
+        __props__ = _CloudKeystoreInstallationState.__new__(_CloudKeystoreInstallationState)
+
+        __props__.__dict__["arn"] = arn
+        __props__.__dict__["certificate_id"] = certificate_id
+        __props__.__dict__["cloud_certificate_id"] = cloud_certificate_id
+        __props__.__dict__["cloud_certificate_metadata"] = cloud_certificate_metadata
+        __props__.__dict__["cloud_certificate_name"] = cloud_certificate_name
+        __props__.__dict__["cloud_keystore_id"] = cloud_keystore_id
+        return CloudKeystoreInstallation(resource_name, opts=opts, __props__=__props__)
+
+    @property
+    @pulumi.getter
+    def arn(self) -> pulumi.Output[Optional[str]]:
+        """
+        ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
+        """
+        return pulumi.get(self, "arn")
+
+    @property
+    @pulumi.getter(name="certificateId")
+    def certificate_id(self) -> pulumi.Output[str]:
+        """
+        ID of the certificate to be provisioned to the given `keystore_id`.
+        """
+        return pulumi.get(self, "certificate_id")
+
+    @property
+    @pulumi.getter(name="cloudCertificateId")
+    def cloud_certificate_id(self) -> pulumi.Output[str]:
+        """
+        The ID of the provisioned certificate within the Cloud Keystore
+        """
+        return pulumi.get(self, "cloud_certificate_id")
+
+    @property
+    @pulumi.getter(name="cloudCertificateMetadata")
+    def cloud_certificate_metadata(self) -> pulumi.Output[Mapping[str, str]]:
+        """
+        Metadata of the provisioned certificate from the Cloud Keystore
+        """
+        return pulumi.get(self, "cloud_certificate_metadata")
+
+    @property
+    @pulumi.getter(name="cloudCertificateName")
+    def cloud_certificate_name(self) -> pulumi.Output[Optional[str]]:
+        """
+        Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from `certificate_id`. Only valid for AKV and GCM keystores.
+        """
+        return pulumi.get(self, "cloud_certificate_name")
+
+    @property
+    @pulumi.getter(name="cloudKeystoreId")
+    def cloud_keystore_id(self) -> pulumi.Output[str]:
+        """
+        ID of the cloud keystore where the certificate will be provisioned.
+        """
+        return pulumi.get(self, "cloud_keystore_id")
+

pulumi_venafi/config/__init__.pyi

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 accessToken: Optional[str]
@@ -27,7 +32,7 @@ application that will be using the token
 devMode: Optional[bool]
 """
 When set to true, the resulting certificate will be issued by an ephemeral, no trust CA rather than enrolling using
-Venafi as a Service or Trust Protection Platform. Useful for development and testing.
+Venafi as a Service or Trust Protection Platform. Useful for development and testing
 """
 
 externalJwt: Optional[str]

pulumi_venafi/config/vars.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 import types
@@ -40,7 +45,7 @@ class _ExportableConfig(types.ModuleType):
     def dev_mode(self) -> Optional[bool]:
         """
         When set to true, the resulting certificate will be issued by an ephemeral, no trust CA rather than enrolling using
-        Venafi as a Service or Trust Protection Platform. Useful for development and testing.
+        Venafi as a Service or Trust Protection Platform. Useful for development and testing
         """
         return __config__.get_bool('devMode')
 

pulumi_venafi/get_cloud_keystore.py

@@ -0,0 +1,166 @@
+# coding=utf-8
+# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import copy
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from . import _utilities
+
+__all__ = [
+    'GetCloudKeystoreResult',
+    'AwaitableGetCloudKeystoreResult',
+    'get_cloud_keystore',
+    'get_cloud_keystore_output',
+]
+
+@pulumi.output_type
+class GetCloudKeystoreResult:
+    """
+    A collection of values returned by getCloudKeystore.
+    """
+    def __init__(__self__, cloud_provider_id=None, id=None, machine_identities_count=None, name=None, type=None):
+        if cloud_provider_id and not isinstance(cloud_provider_id, str):
+            raise TypeError("Expected argument 'cloud_provider_id' to be a str")
+        pulumi.set(__self__, "cloud_provider_id", cloud_provider_id)
+        if id and not isinstance(id, str):
+            raise TypeError("Expected argument 'id' to be a str")
+        pulumi.set(__self__, "id", id)
+        if machine_identities_count and not isinstance(machine_identities_count, int):
+            raise TypeError("Expected argument 'machine_identities_count' to be a int")
+        pulumi.set(__self__, "machine_identities_count", machine_identities_count)
+        if name and not isinstance(name, str):
+            raise TypeError("Expected argument 'name' to be a str")
+        pulumi.set(__self__, "name", name)
+        if type and not isinstance(type, str):
+            raise TypeError("Expected argument 'type' to be a str")
+        pulumi.set(__self__, "type", type)
+
+    @property
+    @pulumi.getter(name="cloudProviderId")
+    def cloud_provider_id(self) -> str:
+        return pulumi.get(self, "cloud_provider_id")
+
+    @property
+    @pulumi.getter
+    def id(self) -> str:
+        """
+        The provider-assigned unique ID for this managed resource.
+        """
+        return pulumi.get(self, "id")
+
+    @property
+    @pulumi.getter(name="machineIdentitiesCount")
+    def machine_identities_count(self) -> int:
+        """
+        Number of machine identities provisioned to the cloud keystore.
+        """
+        return pulumi.get(self, "machine_identities_count")
+
+    @property
+    @pulumi.getter
+    def name(self) -> str:
+        return pulumi.get(self, "name")
+
+    @property
+    @pulumi.getter
+    def type(self) -> str:
+        """
+        The cloud keystore type. Either `ACM`, `AKV` or `GCM`.
+        """
+        return pulumi.get(self, "type")
+
+
+class AwaitableGetCloudKeystoreResult(GetCloudKeystoreResult):
+    # pylint: disable=using-constant-test
+    def __await__(self):
+        if False:
+            yield self
+        return GetCloudKeystoreResult(
+            cloud_provider_id=self.cloud_provider_id,
+            id=self.id,
+            machine_identities_count=self.machine_identities_count,
+            name=self.name,
+            type=self.type)
+
+
+def get_cloud_keystore(cloud_provider_id: Optional[str] = None,
+                       name: Optional[str] = None,
+                       opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetCloudKeystoreResult:
+    """
+    Use this data source to get the `ID` of a cloud keystore in Venafi Control Plane, referenced by its name and parent
+    cloud provider ID. You can use `get_cloud_provider` data source to obtain the ID of the parent cloud provider.
+
+    ## Example Usage
+
+    ```python
+    import pulumi
+    import pulumi_venafi as venafi
+
+    # Find a cloud keystore with a static cloud provider id
+    ck_example_by_id = venafi.get_cloud_keystore(cloud_provider_id="e48897d0-2762-11ef-8fab-79ac590dd358",
+        name="Cloud Keystore Example")
+    # Find a cloud keystore by using venafi_cloud_provider data source as input
+    ck_example = venafi.get_cloud_keystore(cloud_provider_id=cp_example["id"],
+        name="Cloud Keystore example")
+    ```
+
+
+    :param str cloud_provider_id: ID of the cloud provider whom the cloud keystore to look up belongs to.
+    :param str name: Name of the cloud keystore to look up.
+    """
+    __args__ = dict()
+    __args__['cloudProviderId'] = cloud_provider_id
+    __args__['name'] = name
+    opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke('venafi:index/getCloudKeystore:getCloudKeystore', __args__, opts=opts, typ=GetCloudKeystoreResult).value
+
+    return AwaitableGetCloudKeystoreResult(
+        cloud_provider_id=pulumi.get(__ret__, 'cloud_provider_id'),
+        id=pulumi.get(__ret__, 'id'),
+        machine_identities_count=pulumi.get(__ret__, 'machine_identities_count'),
+        name=pulumi.get(__ret__, 'name'),
+        type=pulumi.get(__ret__, 'type'))
+def get_cloud_keystore_output(cloud_provider_id: Optional[pulumi.Input[str]] = None,
+                              name: Optional[pulumi.Input[str]] = None,
+                              opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetCloudKeystoreResult]:
+    """
+    Use this data source to get the `ID` of a cloud keystore in Venafi Control Plane, referenced by its name and parent
+    cloud provider ID. You can use `get_cloud_provider` data source to obtain the ID of the parent cloud provider.
+
+    ## Example Usage
+
+    ```python
+    import pulumi
+    import pulumi_venafi as venafi
+
+    # Find a cloud keystore with a static cloud provider id
+    ck_example_by_id = venafi.get_cloud_keystore(cloud_provider_id="e48897d0-2762-11ef-8fab-79ac590dd358",
+        name="Cloud Keystore Example")
+    # Find a cloud keystore by using venafi_cloud_provider data source as input
+    ck_example = venafi.get_cloud_keystore(cloud_provider_id=cp_example["id"],
+        name="Cloud Keystore example")
+    ```
+
+
+    :param str cloud_provider_id: ID of the cloud provider whom the cloud keystore to look up belongs to.
+    :param str name: Name of the cloud keystore to look up.
+    """
+    __args__ = dict()
+    __args__['cloudProviderId'] = cloud_provider_id
+    __args__['name'] = name
+    opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke_output('venafi:index/getCloudKeystore:getCloudKeystore', __args__, opts=opts, typ=GetCloudKeystoreResult)
+    return __ret__.apply(lambda __response__: GetCloudKeystoreResult(
+        cloud_provider_id=pulumi.get(__response__, 'cloud_provider_id'),
+        id=pulumi.get(__response__, 'id'),
+        machine_identities_count=pulumi.get(__response__, 'machine_identities_count'),
+        name=pulumi.get(__response__, 'name'),
+        type=pulumi.get(__response__, 'type')))