pulumi-venafi 1.12.0a1753339650__py3-none-any.whl → 1.12.0a1753512344__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pulumi-venafi might be problematic. Click here for more details.
- pulumi_venafi/__init__.py +1 -1
- pulumi_venafi/certificate.py +445 -446
- pulumi_venafi/cloud_keystore_installation.py +104 -105
- pulumi_venafi/config/__init__.py +1 -1
- pulumi_venafi/config/__init__.pyi +1 -2
- pulumi_venafi/config/vars.py +15 -16
- pulumi_venafi/get_cloud_keystore.py +19 -20
- pulumi_venafi/get_cloud_provider.py +17 -18
- pulumi_venafi/policy.py +35 -36
- pulumi_venafi/provider.py +136 -137
- pulumi_venafi/pulumi-plugin.json +1 -1
- pulumi_venafi/ssh_certificate.py +345 -346
- pulumi_venafi/ssh_config.py +36 -37
- {pulumi_venafi-1.12.0a1753339650.dist-info → pulumi_venafi-1.12.0a1753512344.dist-info}/METADATA +1 -1
- pulumi_venafi-1.12.0a1753512344.dist-info/RECORD +19 -0
- pulumi_venafi-1.12.0a1753339650.dist-info/RECORD +0 -19
- {pulumi_venafi-1.12.0a1753339650.dist-info → pulumi_venafi-1.12.0a1753512344.dist-info}/WHEEL +0 -0
- {pulumi_venafi-1.12.0a1753339650.dist-info → pulumi_venafi-1.12.0a1753512344.dist-info}/top_level.txt +0 -0
pulumi_venafi/certificate.py
CHANGED
|
@@ -2,8 +2,7 @@
|
|
|
2
2
|
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
-
import builtins
|
|
6
|
-
import copy
|
|
5
|
+
import builtins as _builtins
|
|
7
6
|
import warnings
|
|
8
7
|
import sys
|
|
9
8
|
import pulumi
|
|
@@ -20,63 +19,63 @@ __all__ = ['CertificateArgs', 'Certificate']
|
|
|
20
19
|
@pulumi.input_type
|
|
21
20
|
class CertificateArgs:
|
|
22
21
|
def __init__(__self__, *,
|
|
23
|
-
common_name: pulumi.Input[
|
|
24
|
-
algorithm: Optional[pulumi.Input[
|
|
25
|
-
certificate_dn: Optional[pulumi.Input[
|
|
26
|
-
country: Optional[pulumi.Input[
|
|
27
|
-
csr_origin: Optional[pulumi.Input[
|
|
28
|
-
csr_pem: Optional[pulumi.Input[
|
|
29
|
-
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
30
|
-
ecdsa_curve: Optional[pulumi.Input[
|
|
31
|
-
expiration_window: Optional[pulumi.Input[
|
|
32
|
-
issuer_hint: Optional[pulumi.Input[
|
|
33
|
-
key_password: Optional[pulumi.Input[
|
|
34
|
-
locality: Optional[pulumi.Input[
|
|
35
|
-
nickname: Optional[pulumi.Input[
|
|
36
|
-
organization: Optional[pulumi.Input[
|
|
37
|
-
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
38
|
-
pkcs12: Optional[pulumi.Input[
|
|
39
|
-
private_key_pem: Optional[pulumi.Input[
|
|
40
|
-
renew_required: Optional[pulumi.Input[
|
|
41
|
-
rsa_bits: Optional[pulumi.Input[
|
|
42
|
-
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
43
|
-
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
44
|
-
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
45
|
-
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
46
|
-
state: Optional[pulumi.Input[
|
|
47
|
-
valid_days: Optional[pulumi.Input[
|
|
22
|
+
common_name: pulumi.Input[_builtins.str],
|
|
23
|
+
algorithm: Optional[pulumi.Input[_builtins.str]] = None,
|
|
24
|
+
certificate_dn: Optional[pulumi.Input[_builtins.str]] = None,
|
|
25
|
+
country: Optional[pulumi.Input[_builtins.str]] = None,
|
|
26
|
+
csr_origin: Optional[pulumi.Input[_builtins.str]] = None,
|
|
27
|
+
csr_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
28
|
+
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
|
|
29
|
+
ecdsa_curve: Optional[pulumi.Input[_builtins.str]] = None,
|
|
30
|
+
expiration_window: Optional[pulumi.Input[_builtins.int]] = None,
|
|
31
|
+
issuer_hint: Optional[pulumi.Input[_builtins.str]] = None,
|
|
32
|
+
key_password: Optional[pulumi.Input[_builtins.str]] = None,
|
|
33
|
+
locality: Optional[pulumi.Input[_builtins.str]] = None,
|
|
34
|
+
nickname: Optional[pulumi.Input[_builtins.str]] = None,
|
|
35
|
+
organization: Optional[pulumi.Input[_builtins.str]] = None,
|
|
36
|
+
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
37
|
+
pkcs12: Optional[pulumi.Input[_builtins.str]] = None,
|
|
38
|
+
private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
39
|
+
renew_required: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
40
|
+
rsa_bits: Optional[pulumi.Input[_builtins.int]] = None,
|
|
41
|
+
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
42
|
+
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
43
|
+
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
44
|
+
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
45
|
+
state: Optional[pulumi.Input[_builtins.str]] = None,
|
|
46
|
+
valid_days: Optional[pulumi.Input[_builtins.int]] = None):
|
|
48
47
|
"""
|
|
49
48
|
The set of arguments for constructing a Certificate resource.
|
|
50
|
-
:param pulumi.Input[
|
|
51
|
-
:param pulumi.Input[
|
|
52
|
-
:param pulumi.Input[
|
|
53
|
-
:param pulumi.Input[
|
|
49
|
+
:param pulumi.Input[_builtins.str] common_name: The common name of the certificate.
|
|
50
|
+
:param pulumi.Input[_builtins.str] algorithm: Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
|
|
51
|
+
:param pulumi.Input[_builtins.str] country: Country of the certificate (C)
|
|
52
|
+
:param pulumi.Input[_builtins.str] csr_origin: Whether key-pair generation will be `local` or `service` generated. Default is
|
|
54
53
|
`local`.
|
|
55
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[
|
|
56
|
-
:param pulumi.Input[
|
|
57
|
-
:param pulumi.Input[
|
|
54
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] custom_fields: Collection of Custom Field name-value pairs to assign to the certificate.
|
|
55
|
+
:param pulumi.Input[_builtins.str] ecdsa_curve: ECDSA curve to use when generating a key
|
|
56
|
+
:param pulumi.Input[_builtins.int] expiration_window: Number of hours before certificate expiry to request a new certificate.
|
|
58
57
|
Defaults to `168`.
|
|
59
|
-
:param pulumi.Input[
|
|
58
|
+
:param pulumi.Input[_builtins.str] issuer_hint: Used with `valid_days` to indicate the target issuer when using Trust Protection
|
|
60
59
|
Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
|
|
61
|
-
:param pulumi.Input[
|
|
62
|
-
:param pulumi.Input[
|
|
63
|
-
:param pulumi.Input[
|
|
60
|
+
:param pulumi.Input[_builtins.str] key_password: The password used to encrypt the private key.
|
|
61
|
+
:param pulumi.Input[_builtins.str] locality: Locality/City of the certificate (L)
|
|
62
|
+
:param pulumi.Input[_builtins.str] nickname: Use to specify a name for the new certificate object that will be created and placed
|
|
64
63
|
in a policy. Only valid for Trust Protection Platform.
|
|
65
|
-
:param pulumi.Input[
|
|
66
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
67
|
-
:param pulumi.Input[
|
|
64
|
+
:param pulumi.Input[_builtins.str] organization: Organization of the certificate (O)
|
|
65
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] organizational_units: List of Organizational Units of the certificate (OU)
|
|
66
|
+
:param pulumi.Input[_builtins.str] pkcs12: A base64-encoded PKCS#12 keystore secured by the `key_password`. Useful when working with resources like
|
|
68
67
|
azure key_vault_certificate.
|
|
69
|
-
:param pulumi.Input[
|
|
70
|
-
:param pulumi.Input[
|
|
71
|
-
:param pulumi.Input[
|
|
68
|
+
:param pulumi.Input[_builtins.str] private_key_pem: The private key in PEM format.
|
|
69
|
+
:param pulumi.Input[_builtins.bool] renew_required: Indicates the certificate should be reissued. This means the resource will destroyed and recreated
|
|
70
|
+
:param pulumi.Input[_builtins.int] rsa_bits: Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
|
|
72
71
|
Defaults to `2048`.
|
|
73
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
74
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
75
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
76
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
72
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_dns: List of DNS names to use as alternative subjects of the certificate.
|
|
73
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_emails: List of email addresses to use as alternative subjects of the certificate.
|
|
74
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_ips: List of IP addresses to use as alternative subjects of the certificate.
|
|
75
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_uris: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
|
|
77
76
|
the certificate.
|
|
78
|
-
:param pulumi.Input[
|
|
79
|
-
:param pulumi.Input[
|
|
77
|
+
:param pulumi.Input[_builtins.str] state: State of the certificate (S)
|
|
78
|
+
:param pulumi.Input[_builtins.int] valid_days: Desired number of days for which the new certificate will be valid.
|
|
80
79
|
"""
|
|
81
80
|
pulumi.set(__self__, "common_name", common_name)
|
|
82
81
|
if algorithm is not None:
|
|
@@ -128,54 +127,54 @@ class CertificateArgs:
|
|
|
128
127
|
if valid_days is not None:
|
|
129
128
|
pulumi.set(__self__, "valid_days", valid_days)
|
|
130
129
|
|
|
131
|
-
@property
|
|
130
|
+
@_builtins.property
|
|
132
131
|
@pulumi.getter(name="commonName")
|
|
133
|
-
def common_name(self) -> pulumi.Input[
|
|
132
|
+
def common_name(self) -> pulumi.Input[_builtins.str]:
|
|
134
133
|
"""
|
|
135
134
|
The common name of the certificate.
|
|
136
135
|
"""
|
|
137
136
|
return pulumi.get(self, "common_name")
|
|
138
137
|
|
|
139
138
|
@common_name.setter
|
|
140
|
-
def common_name(self, value: pulumi.Input[
|
|
139
|
+
def common_name(self, value: pulumi.Input[_builtins.str]):
|
|
141
140
|
pulumi.set(self, "common_name", value)
|
|
142
141
|
|
|
143
|
-
@property
|
|
142
|
+
@_builtins.property
|
|
144
143
|
@pulumi.getter
|
|
145
|
-
def algorithm(self) -> Optional[pulumi.Input[
|
|
144
|
+
def algorithm(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
146
145
|
"""
|
|
147
146
|
Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
|
|
148
147
|
"""
|
|
149
148
|
return pulumi.get(self, "algorithm")
|
|
150
149
|
|
|
151
150
|
@algorithm.setter
|
|
152
|
-
def algorithm(self, value: Optional[pulumi.Input[
|
|
151
|
+
def algorithm(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
153
152
|
pulumi.set(self, "algorithm", value)
|
|
154
153
|
|
|
155
|
-
@property
|
|
154
|
+
@_builtins.property
|
|
156
155
|
@pulumi.getter(name="certificateDn")
|
|
157
|
-
def certificate_dn(self) -> Optional[pulumi.Input[
|
|
156
|
+
def certificate_dn(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
158
157
|
return pulumi.get(self, "certificate_dn")
|
|
159
158
|
|
|
160
159
|
@certificate_dn.setter
|
|
161
|
-
def certificate_dn(self, value: Optional[pulumi.Input[
|
|
160
|
+
def certificate_dn(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
162
161
|
pulumi.set(self, "certificate_dn", value)
|
|
163
162
|
|
|
164
|
-
@property
|
|
163
|
+
@_builtins.property
|
|
165
164
|
@pulumi.getter
|
|
166
|
-
def country(self) -> Optional[pulumi.Input[
|
|
165
|
+
def country(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
167
166
|
"""
|
|
168
167
|
Country of the certificate (C)
|
|
169
168
|
"""
|
|
170
169
|
return pulumi.get(self, "country")
|
|
171
170
|
|
|
172
171
|
@country.setter
|
|
173
|
-
def country(self, value: Optional[pulumi.Input[
|
|
172
|
+
def country(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
174
173
|
pulumi.set(self, "country", value)
|
|
175
174
|
|
|
176
|
-
@property
|
|
175
|
+
@_builtins.property
|
|
177
176
|
@pulumi.getter(name="csrOrigin")
|
|
178
|
-
def csr_origin(self) -> Optional[pulumi.Input[
|
|
177
|
+
def csr_origin(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
179
178
|
"""
|
|
180
179
|
Whether key-pair generation will be `local` or `service` generated. Default is
|
|
181
180
|
`local`.
|
|
@@ -183,45 +182,45 @@ class CertificateArgs:
|
|
|
183
182
|
return pulumi.get(self, "csr_origin")
|
|
184
183
|
|
|
185
184
|
@csr_origin.setter
|
|
186
|
-
def csr_origin(self, value: Optional[pulumi.Input[
|
|
185
|
+
def csr_origin(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
187
186
|
pulumi.set(self, "csr_origin", value)
|
|
188
187
|
|
|
189
|
-
@property
|
|
188
|
+
@_builtins.property
|
|
190
189
|
@pulumi.getter(name="csrPem")
|
|
191
|
-
def csr_pem(self) -> Optional[pulumi.Input[
|
|
190
|
+
def csr_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
192
191
|
return pulumi.get(self, "csr_pem")
|
|
193
192
|
|
|
194
193
|
@csr_pem.setter
|
|
195
|
-
def csr_pem(self, value: Optional[pulumi.Input[
|
|
194
|
+
def csr_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
196
195
|
pulumi.set(self, "csr_pem", value)
|
|
197
196
|
|
|
198
|
-
@property
|
|
197
|
+
@_builtins.property
|
|
199
198
|
@pulumi.getter(name="customFields")
|
|
200
|
-
def custom_fields(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
199
|
+
def custom_fields(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
|
|
201
200
|
"""
|
|
202
201
|
Collection of Custom Field name-value pairs to assign to the certificate.
|
|
203
202
|
"""
|
|
204
203
|
return pulumi.get(self, "custom_fields")
|
|
205
204
|
|
|
206
205
|
@custom_fields.setter
|
|
207
|
-
def custom_fields(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
206
|
+
def custom_fields(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
|
|
208
207
|
pulumi.set(self, "custom_fields", value)
|
|
209
208
|
|
|
210
|
-
@property
|
|
209
|
+
@_builtins.property
|
|
211
210
|
@pulumi.getter(name="ecdsaCurve")
|
|
212
|
-
def ecdsa_curve(self) -> Optional[pulumi.Input[
|
|
211
|
+
def ecdsa_curve(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
213
212
|
"""
|
|
214
213
|
ECDSA curve to use when generating a key
|
|
215
214
|
"""
|
|
216
215
|
return pulumi.get(self, "ecdsa_curve")
|
|
217
216
|
|
|
218
217
|
@ecdsa_curve.setter
|
|
219
|
-
def ecdsa_curve(self, value: Optional[pulumi.Input[
|
|
218
|
+
def ecdsa_curve(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
220
219
|
pulumi.set(self, "ecdsa_curve", value)
|
|
221
220
|
|
|
222
|
-
@property
|
|
221
|
+
@_builtins.property
|
|
223
222
|
@pulumi.getter(name="expirationWindow")
|
|
224
|
-
def expiration_window(self) -> Optional[pulumi.Input[
|
|
223
|
+
def expiration_window(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
225
224
|
"""
|
|
226
225
|
Number of hours before certificate expiry to request a new certificate.
|
|
227
226
|
Defaults to `168`.
|
|
@@ -229,12 +228,12 @@ class CertificateArgs:
|
|
|
229
228
|
return pulumi.get(self, "expiration_window")
|
|
230
229
|
|
|
231
230
|
@expiration_window.setter
|
|
232
|
-
def expiration_window(self, value: Optional[pulumi.Input[
|
|
231
|
+
def expiration_window(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
233
232
|
pulumi.set(self, "expiration_window", value)
|
|
234
233
|
|
|
235
|
-
@property
|
|
234
|
+
@_builtins.property
|
|
236
235
|
@pulumi.getter(name="issuerHint")
|
|
237
|
-
def issuer_hint(self) -> Optional[pulumi.Input[
|
|
236
|
+
def issuer_hint(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
238
237
|
"""
|
|
239
238
|
Used with `valid_days` to indicate the target issuer when using Trust Protection
|
|
240
239
|
Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
|
|
@@ -242,36 +241,36 @@ class CertificateArgs:
|
|
|
242
241
|
return pulumi.get(self, "issuer_hint")
|
|
243
242
|
|
|
244
243
|
@issuer_hint.setter
|
|
245
|
-
def issuer_hint(self, value: Optional[pulumi.Input[
|
|
244
|
+
def issuer_hint(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
246
245
|
pulumi.set(self, "issuer_hint", value)
|
|
247
246
|
|
|
248
|
-
@property
|
|
247
|
+
@_builtins.property
|
|
249
248
|
@pulumi.getter(name="keyPassword")
|
|
250
|
-
def key_password(self) -> Optional[pulumi.Input[
|
|
249
|
+
def key_password(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
251
250
|
"""
|
|
252
251
|
The password used to encrypt the private key.
|
|
253
252
|
"""
|
|
254
253
|
return pulumi.get(self, "key_password")
|
|
255
254
|
|
|
256
255
|
@key_password.setter
|
|
257
|
-
def key_password(self, value: Optional[pulumi.Input[
|
|
256
|
+
def key_password(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
258
257
|
pulumi.set(self, "key_password", value)
|
|
259
258
|
|
|
260
|
-
@property
|
|
259
|
+
@_builtins.property
|
|
261
260
|
@pulumi.getter
|
|
262
|
-
def locality(self) -> Optional[pulumi.Input[
|
|
261
|
+
def locality(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
263
262
|
"""
|
|
264
263
|
Locality/City of the certificate (L)
|
|
265
264
|
"""
|
|
266
265
|
return pulumi.get(self, "locality")
|
|
267
266
|
|
|
268
267
|
@locality.setter
|
|
269
|
-
def locality(self, value: Optional[pulumi.Input[
|
|
268
|
+
def locality(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
270
269
|
pulumi.set(self, "locality", value)
|
|
271
270
|
|
|
272
|
-
@property
|
|
271
|
+
@_builtins.property
|
|
273
272
|
@pulumi.getter
|
|
274
|
-
def nickname(self) -> Optional[pulumi.Input[
|
|
273
|
+
def nickname(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
275
274
|
"""
|
|
276
275
|
Use to specify a name for the new certificate object that will be created and placed
|
|
277
276
|
in a policy. Only valid for Trust Protection Platform.
|
|
@@ -279,36 +278,36 @@ class CertificateArgs:
|
|
|
279
278
|
return pulumi.get(self, "nickname")
|
|
280
279
|
|
|
281
280
|
@nickname.setter
|
|
282
|
-
def nickname(self, value: Optional[pulumi.Input[
|
|
281
|
+
def nickname(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
283
282
|
pulumi.set(self, "nickname", value)
|
|
284
283
|
|
|
285
|
-
@property
|
|
284
|
+
@_builtins.property
|
|
286
285
|
@pulumi.getter
|
|
287
|
-
def organization(self) -> Optional[pulumi.Input[
|
|
286
|
+
def organization(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
288
287
|
"""
|
|
289
288
|
Organization of the certificate (O)
|
|
290
289
|
"""
|
|
291
290
|
return pulumi.get(self, "organization")
|
|
292
291
|
|
|
293
292
|
@organization.setter
|
|
294
|
-
def organization(self, value: Optional[pulumi.Input[
|
|
293
|
+
def organization(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
295
294
|
pulumi.set(self, "organization", value)
|
|
296
295
|
|
|
297
|
-
@property
|
|
296
|
+
@_builtins.property
|
|
298
297
|
@pulumi.getter(name="organizationalUnits")
|
|
299
|
-
def organizational_units(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
298
|
+
def organizational_units(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
300
299
|
"""
|
|
301
300
|
List of Organizational Units of the certificate (OU)
|
|
302
301
|
"""
|
|
303
302
|
return pulumi.get(self, "organizational_units")
|
|
304
303
|
|
|
305
304
|
@organizational_units.setter
|
|
306
|
-
def organizational_units(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
305
|
+
def organizational_units(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
307
306
|
pulumi.set(self, "organizational_units", value)
|
|
308
307
|
|
|
309
|
-
@property
|
|
308
|
+
@_builtins.property
|
|
310
309
|
@pulumi.getter
|
|
311
|
-
def pkcs12(self) -> Optional[pulumi.Input[
|
|
310
|
+
def pkcs12(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
312
311
|
"""
|
|
313
312
|
A base64-encoded PKCS#12 keystore secured by the `key_password`. Useful when working with resources like
|
|
314
313
|
azure key_vault_certificate.
|
|
@@ -316,36 +315,36 @@ class CertificateArgs:
|
|
|
316
315
|
return pulumi.get(self, "pkcs12")
|
|
317
316
|
|
|
318
317
|
@pkcs12.setter
|
|
319
|
-
def pkcs12(self, value: Optional[pulumi.Input[
|
|
318
|
+
def pkcs12(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
320
319
|
pulumi.set(self, "pkcs12", value)
|
|
321
320
|
|
|
322
|
-
@property
|
|
321
|
+
@_builtins.property
|
|
323
322
|
@pulumi.getter(name="privateKeyPem")
|
|
324
|
-
def private_key_pem(self) -> Optional[pulumi.Input[
|
|
323
|
+
def private_key_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
325
324
|
"""
|
|
326
325
|
The private key in PEM format.
|
|
327
326
|
"""
|
|
328
327
|
return pulumi.get(self, "private_key_pem")
|
|
329
328
|
|
|
330
329
|
@private_key_pem.setter
|
|
331
|
-
def private_key_pem(self, value: Optional[pulumi.Input[
|
|
330
|
+
def private_key_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
332
331
|
pulumi.set(self, "private_key_pem", value)
|
|
333
332
|
|
|
334
|
-
@property
|
|
333
|
+
@_builtins.property
|
|
335
334
|
@pulumi.getter(name="renewRequired")
|
|
336
|
-
def renew_required(self) -> Optional[pulumi.Input[
|
|
335
|
+
def renew_required(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
337
336
|
"""
|
|
338
337
|
Indicates the certificate should be reissued. This means the resource will destroyed and recreated
|
|
339
338
|
"""
|
|
340
339
|
return pulumi.get(self, "renew_required")
|
|
341
340
|
|
|
342
341
|
@renew_required.setter
|
|
343
|
-
def renew_required(self, value: Optional[pulumi.Input[
|
|
342
|
+
def renew_required(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
344
343
|
pulumi.set(self, "renew_required", value)
|
|
345
344
|
|
|
346
|
-
@property
|
|
345
|
+
@_builtins.property
|
|
347
346
|
@pulumi.getter(name="rsaBits")
|
|
348
|
-
def rsa_bits(self) -> Optional[pulumi.Input[
|
|
347
|
+
def rsa_bits(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
349
348
|
"""
|
|
350
349
|
Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
|
|
351
350
|
Defaults to `2048`.
|
|
@@ -353,48 +352,48 @@ class CertificateArgs:
|
|
|
353
352
|
return pulumi.get(self, "rsa_bits")
|
|
354
353
|
|
|
355
354
|
@rsa_bits.setter
|
|
356
|
-
def rsa_bits(self, value: Optional[pulumi.Input[
|
|
355
|
+
def rsa_bits(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
357
356
|
pulumi.set(self, "rsa_bits", value)
|
|
358
357
|
|
|
359
|
-
@property
|
|
358
|
+
@_builtins.property
|
|
360
359
|
@pulumi.getter(name="sanDns")
|
|
361
|
-
def san_dns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
360
|
+
def san_dns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
362
361
|
"""
|
|
363
362
|
List of DNS names to use as alternative subjects of the certificate.
|
|
364
363
|
"""
|
|
365
364
|
return pulumi.get(self, "san_dns")
|
|
366
365
|
|
|
367
366
|
@san_dns.setter
|
|
368
|
-
def san_dns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
367
|
+
def san_dns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
369
368
|
pulumi.set(self, "san_dns", value)
|
|
370
369
|
|
|
371
|
-
@property
|
|
370
|
+
@_builtins.property
|
|
372
371
|
@pulumi.getter(name="sanEmails")
|
|
373
|
-
def san_emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
372
|
+
def san_emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
374
373
|
"""
|
|
375
374
|
List of email addresses to use as alternative subjects of the certificate.
|
|
376
375
|
"""
|
|
377
376
|
return pulumi.get(self, "san_emails")
|
|
378
377
|
|
|
379
378
|
@san_emails.setter
|
|
380
|
-
def san_emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
379
|
+
def san_emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
381
380
|
pulumi.set(self, "san_emails", value)
|
|
382
381
|
|
|
383
|
-
@property
|
|
382
|
+
@_builtins.property
|
|
384
383
|
@pulumi.getter(name="sanIps")
|
|
385
|
-
def san_ips(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
384
|
+
def san_ips(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
386
385
|
"""
|
|
387
386
|
List of IP addresses to use as alternative subjects of the certificate.
|
|
388
387
|
"""
|
|
389
388
|
return pulumi.get(self, "san_ips")
|
|
390
389
|
|
|
391
390
|
@san_ips.setter
|
|
392
|
-
def san_ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
391
|
+
def san_ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
393
392
|
pulumi.set(self, "san_ips", value)
|
|
394
393
|
|
|
395
|
-
@property
|
|
394
|
+
@_builtins.property
|
|
396
395
|
@pulumi.getter(name="sanUris")
|
|
397
|
-
def san_uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
396
|
+
def san_uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
398
397
|
"""
|
|
399
398
|
List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
|
|
400
399
|
the certificate.
|
|
@@ -402,100 +401,100 @@ class CertificateArgs:
|
|
|
402
401
|
return pulumi.get(self, "san_uris")
|
|
403
402
|
|
|
404
403
|
@san_uris.setter
|
|
405
|
-
def san_uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
404
|
+
def san_uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
406
405
|
pulumi.set(self, "san_uris", value)
|
|
407
406
|
|
|
408
|
-
@property
|
|
407
|
+
@_builtins.property
|
|
409
408
|
@pulumi.getter
|
|
410
|
-
def state(self) -> Optional[pulumi.Input[
|
|
409
|
+
def state(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
411
410
|
"""
|
|
412
411
|
State of the certificate (S)
|
|
413
412
|
"""
|
|
414
413
|
return pulumi.get(self, "state")
|
|
415
414
|
|
|
416
415
|
@state.setter
|
|
417
|
-
def state(self, value: Optional[pulumi.Input[
|
|
416
|
+
def state(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
418
417
|
pulumi.set(self, "state", value)
|
|
419
418
|
|
|
420
|
-
@property
|
|
419
|
+
@_builtins.property
|
|
421
420
|
@pulumi.getter(name="validDays")
|
|
422
|
-
def valid_days(self) -> Optional[pulumi.Input[
|
|
421
|
+
def valid_days(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
423
422
|
"""
|
|
424
423
|
Desired number of days for which the new certificate will be valid.
|
|
425
424
|
"""
|
|
426
425
|
return pulumi.get(self, "valid_days")
|
|
427
426
|
|
|
428
427
|
@valid_days.setter
|
|
429
|
-
def valid_days(self, value: Optional[pulumi.Input[
|
|
428
|
+
def valid_days(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
430
429
|
pulumi.set(self, "valid_days", value)
|
|
431
430
|
|
|
432
431
|
|
|
433
432
|
@pulumi.input_type
|
|
434
433
|
class _CertificateState:
|
|
435
434
|
def __init__(__self__, *,
|
|
436
|
-
algorithm: Optional[pulumi.Input[
|
|
437
|
-
certificate: Optional[pulumi.Input[
|
|
438
|
-
certificate_dn: Optional[pulumi.Input[
|
|
439
|
-
certificate_id: Optional[pulumi.Input[
|
|
440
|
-
chain: Optional[pulumi.Input[
|
|
441
|
-
common_name: Optional[pulumi.Input[
|
|
442
|
-
country: Optional[pulumi.Input[
|
|
443
|
-
csr_origin: Optional[pulumi.Input[
|
|
444
|
-
csr_pem: Optional[pulumi.Input[
|
|
445
|
-
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
446
|
-
ecdsa_curve: Optional[pulumi.Input[
|
|
447
|
-
expiration_window: Optional[pulumi.Input[
|
|
448
|
-
issuer_hint: Optional[pulumi.Input[
|
|
449
|
-
key_password: Optional[pulumi.Input[
|
|
450
|
-
locality: Optional[pulumi.Input[
|
|
451
|
-
nickname: Optional[pulumi.Input[
|
|
452
|
-
organization: Optional[pulumi.Input[
|
|
453
|
-
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
454
|
-
pkcs12: Optional[pulumi.Input[
|
|
455
|
-
private_key_pem: Optional[pulumi.Input[
|
|
456
|
-
renew_required: Optional[pulumi.Input[
|
|
457
|
-
rsa_bits: Optional[pulumi.Input[
|
|
458
|
-
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
459
|
-
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
460
|
-
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
461
|
-
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
462
|
-
state: Optional[pulumi.Input[
|
|
463
|
-
valid_days: Optional[pulumi.Input[
|
|
435
|
+
algorithm: Optional[pulumi.Input[_builtins.str]] = None,
|
|
436
|
+
certificate: Optional[pulumi.Input[_builtins.str]] = None,
|
|
437
|
+
certificate_dn: Optional[pulumi.Input[_builtins.str]] = None,
|
|
438
|
+
certificate_id: Optional[pulumi.Input[_builtins.str]] = None,
|
|
439
|
+
chain: Optional[pulumi.Input[_builtins.str]] = None,
|
|
440
|
+
common_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
441
|
+
country: Optional[pulumi.Input[_builtins.str]] = None,
|
|
442
|
+
csr_origin: Optional[pulumi.Input[_builtins.str]] = None,
|
|
443
|
+
csr_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
444
|
+
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
|
|
445
|
+
ecdsa_curve: Optional[pulumi.Input[_builtins.str]] = None,
|
|
446
|
+
expiration_window: Optional[pulumi.Input[_builtins.int]] = None,
|
|
447
|
+
issuer_hint: Optional[pulumi.Input[_builtins.str]] = None,
|
|
448
|
+
key_password: Optional[pulumi.Input[_builtins.str]] = None,
|
|
449
|
+
locality: Optional[pulumi.Input[_builtins.str]] = None,
|
|
450
|
+
nickname: Optional[pulumi.Input[_builtins.str]] = None,
|
|
451
|
+
organization: Optional[pulumi.Input[_builtins.str]] = None,
|
|
452
|
+
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
453
|
+
pkcs12: Optional[pulumi.Input[_builtins.str]] = None,
|
|
454
|
+
private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
455
|
+
renew_required: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
456
|
+
rsa_bits: Optional[pulumi.Input[_builtins.int]] = None,
|
|
457
|
+
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
458
|
+
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
459
|
+
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
460
|
+
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
461
|
+
state: Optional[pulumi.Input[_builtins.str]] = None,
|
|
462
|
+
valid_days: Optional[pulumi.Input[_builtins.int]] = None):
|
|
464
463
|
"""
|
|
465
464
|
Input properties used for looking up and filtering Certificate resources.
|
|
466
|
-
:param pulumi.Input[
|
|
467
|
-
:param pulumi.Input[
|
|
468
|
-
:param pulumi.Input[
|
|
469
|
-
:param pulumi.Input[
|
|
470
|
-
:param pulumi.Input[
|
|
471
|
-
:param pulumi.Input[
|
|
472
|
-
:param pulumi.Input[
|
|
465
|
+
:param pulumi.Input[_builtins.str] algorithm: Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
|
|
466
|
+
:param pulumi.Input[_builtins.str] certificate: The X509 certificate in PEM format.
|
|
467
|
+
:param pulumi.Input[_builtins.str] certificate_id: ID of the issued certificate
|
|
468
|
+
:param pulumi.Input[_builtins.str] chain: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
|
|
469
|
+
:param pulumi.Input[_builtins.str] common_name: The common name of the certificate.
|
|
470
|
+
:param pulumi.Input[_builtins.str] country: Country of the certificate (C)
|
|
471
|
+
:param pulumi.Input[_builtins.str] csr_origin: Whether key-pair generation will be `local` or `service` generated. Default is
|
|
473
472
|
`local`.
|
|
474
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[
|
|
475
|
-
:param pulumi.Input[
|
|
476
|
-
:param pulumi.Input[
|
|
473
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] custom_fields: Collection of Custom Field name-value pairs to assign to the certificate.
|
|
474
|
+
:param pulumi.Input[_builtins.str] ecdsa_curve: ECDSA curve to use when generating a key
|
|
475
|
+
:param pulumi.Input[_builtins.int] expiration_window: Number of hours before certificate expiry to request a new certificate.
|
|
477
476
|
Defaults to `168`.
|
|
478
|
-
:param pulumi.Input[
|
|
477
|
+
:param pulumi.Input[_builtins.str] issuer_hint: Used with `valid_days` to indicate the target issuer when using Trust Protection
|
|
479
478
|
Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
|
|
480
|
-
:param pulumi.Input[
|
|
481
|
-
:param pulumi.Input[
|
|
482
|
-
:param pulumi.Input[
|
|
479
|
+
:param pulumi.Input[_builtins.str] key_password: The password used to encrypt the private key.
|
|
480
|
+
:param pulumi.Input[_builtins.str] locality: Locality/City of the certificate (L)
|
|
481
|
+
:param pulumi.Input[_builtins.str] nickname: Use to specify a name for the new certificate object that will be created and placed
|
|
483
482
|
in a policy. Only valid for Trust Protection Platform.
|
|
484
|
-
:param pulumi.Input[
|
|
485
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
486
|
-
:param pulumi.Input[
|
|
483
|
+
:param pulumi.Input[_builtins.str] organization: Organization of the certificate (O)
|
|
484
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] organizational_units: List of Organizational Units of the certificate (OU)
|
|
485
|
+
:param pulumi.Input[_builtins.str] pkcs12: A base64-encoded PKCS#12 keystore secured by the `key_password`. Useful when working with resources like
|
|
487
486
|
azure key_vault_certificate.
|
|
488
|
-
:param pulumi.Input[
|
|
489
|
-
:param pulumi.Input[
|
|
490
|
-
:param pulumi.Input[
|
|
487
|
+
:param pulumi.Input[_builtins.str] private_key_pem: The private key in PEM format.
|
|
488
|
+
:param pulumi.Input[_builtins.bool] renew_required: Indicates the certificate should be reissued. This means the resource will destroyed and recreated
|
|
489
|
+
:param pulumi.Input[_builtins.int] rsa_bits: Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
|
|
491
490
|
Defaults to `2048`.
|
|
492
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
493
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
494
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
495
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
491
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_dns: List of DNS names to use as alternative subjects of the certificate.
|
|
492
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_emails: List of email addresses to use as alternative subjects of the certificate.
|
|
493
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_ips: List of IP addresses to use as alternative subjects of the certificate.
|
|
494
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_uris: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
|
|
496
495
|
the certificate.
|
|
497
|
-
:param pulumi.Input[
|
|
498
|
-
:param pulumi.Input[
|
|
496
|
+
:param pulumi.Input[_builtins.str] state: State of the certificate (S)
|
|
497
|
+
:param pulumi.Input[_builtins.int] valid_days: Desired number of days for which the new certificate will be valid.
|
|
499
498
|
"""
|
|
500
499
|
if algorithm is not None:
|
|
501
500
|
pulumi.set(__self__, "algorithm", algorithm)
|
|
@@ -554,90 +553,90 @@ class _CertificateState:
|
|
|
554
553
|
if valid_days is not None:
|
|
555
554
|
pulumi.set(__self__, "valid_days", valid_days)
|
|
556
555
|
|
|
557
|
-
@property
|
|
556
|
+
@_builtins.property
|
|
558
557
|
@pulumi.getter
|
|
559
|
-
def algorithm(self) -> Optional[pulumi.Input[
|
|
558
|
+
def algorithm(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
560
559
|
"""
|
|
561
560
|
Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
|
|
562
561
|
"""
|
|
563
562
|
return pulumi.get(self, "algorithm")
|
|
564
563
|
|
|
565
564
|
@algorithm.setter
|
|
566
|
-
def algorithm(self, value: Optional[pulumi.Input[
|
|
565
|
+
def algorithm(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
567
566
|
pulumi.set(self, "algorithm", value)
|
|
568
567
|
|
|
569
|
-
@property
|
|
568
|
+
@_builtins.property
|
|
570
569
|
@pulumi.getter
|
|
571
|
-
def certificate(self) -> Optional[pulumi.Input[
|
|
570
|
+
def certificate(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
572
571
|
"""
|
|
573
572
|
The X509 certificate in PEM format.
|
|
574
573
|
"""
|
|
575
574
|
return pulumi.get(self, "certificate")
|
|
576
575
|
|
|
577
576
|
@certificate.setter
|
|
578
|
-
def certificate(self, value: Optional[pulumi.Input[
|
|
577
|
+
def certificate(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
579
578
|
pulumi.set(self, "certificate", value)
|
|
580
579
|
|
|
581
|
-
@property
|
|
580
|
+
@_builtins.property
|
|
582
581
|
@pulumi.getter(name="certificateDn")
|
|
583
|
-
def certificate_dn(self) -> Optional[pulumi.Input[
|
|
582
|
+
def certificate_dn(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
584
583
|
return pulumi.get(self, "certificate_dn")
|
|
585
584
|
|
|
586
585
|
@certificate_dn.setter
|
|
587
|
-
def certificate_dn(self, value: Optional[pulumi.Input[
|
|
586
|
+
def certificate_dn(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
588
587
|
pulumi.set(self, "certificate_dn", value)
|
|
589
588
|
|
|
590
|
-
@property
|
|
589
|
+
@_builtins.property
|
|
591
590
|
@pulumi.getter(name="certificateId")
|
|
592
|
-
def certificate_id(self) -> Optional[pulumi.Input[
|
|
591
|
+
def certificate_id(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
593
592
|
"""
|
|
594
593
|
ID of the issued certificate
|
|
595
594
|
"""
|
|
596
595
|
return pulumi.get(self, "certificate_id")
|
|
597
596
|
|
|
598
597
|
@certificate_id.setter
|
|
599
|
-
def certificate_id(self, value: Optional[pulumi.Input[
|
|
598
|
+
def certificate_id(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
600
599
|
pulumi.set(self, "certificate_id", value)
|
|
601
600
|
|
|
602
|
-
@property
|
|
601
|
+
@_builtins.property
|
|
603
602
|
@pulumi.getter
|
|
604
|
-
def chain(self) -> Optional[pulumi.Input[
|
|
603
|
+
def chain(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
605
604
|
"""
|
|
606
605
|
The trust chain of X509 certificate authority certificates in PEM format concatenated together.
|
|
607
606
|
"""
|
|
608
607
|
return pulumi.get(self, "chain")
|
|
609
608
|
|
|
610
609
|
@chain.setter
|
|
611
|
-
def chain(self, value: Optional[pulumi.Input[
|
|
610
|
+
def chain(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
612
611
|
pulumi.set(self, "chain", value)
|
|
613
612
|
|
|
614
|
-
@property
|
|
613
|
+
@_builtins.property
|
|
615
614
|
@pulumi.getter(name="commonName")
|
|
616
|
-
def common_name(self) -> Optional[pulumi.Input[
|
|
615
|
+
def common_name(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
617
616
|
"""
|
|
618
617
|
The common name of the certificate.
|
|
619
618
|
"""
|
|
620
619
|
return pulumi.get(self, "common_name")
|
|
621
620
|
|
|
622
621
|
@common_name.setter
|
|
623
|
-
def common_name(self, value: Optional[pulumi.Input[
|
|
622
|
+
def common_name(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
624
623
|
pulumi.set(self, "common_name", value)
|
|
625
624
|
|
|
626
|
-
@property
|
|
625
|
+
@_builtins.property
|
|
627
626
|
@pulumi.getter
|
|
628
|
-
def country(self) -> Optional[pulumi.Input[
|
|
627
|
+
def country(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
629
628
|
"""
|
|
630
629
|
Country of the certificate (C)
|
|
631
630
|
"""
|
|
632
631
|
return pulumi.get(self, "country")
|
|
633
632
|
|
|
634
633
|
@country.setter
|
|
635
|
-
def country(self, value: Optional[pulumi.Input[
|
|
634
|
+
def country(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
636
635
|
pulumi.set(self, "country", value)
|
|
637
636
|
|
|
638
|
-
@property
|
|
637
|
+
@_builtins.property
|
|
639
638
|
@pulumi.getter(name="csrOrigin")
|
|
640
|
-
def csr_origin(self) -> Optional[pulumi.Input[
|
|
639
|
+
def csr_origin(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
641
640
|
"""
|
|
642
641
|
Whether key-pair generation will be `local` or `service` generated. Default is
|
|
643
642
|
`local`.
|
|
@@ -645,45 +644,45 @@ class _CertificateState:
|
|
|
645
644
|
return pulumi.get(self, "csr_origin")
|
|
646
645
|
|
|
647
646
|
@csr_origin.setter
|
|
648
|
-
def csr_origin(self, value: Optional[pulumi.Input[
|
|
647
|
+
def csr_origin(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
649
648
|
pulumi.set(self, "csr_origin", value)
|
|
650
649
|
|
|
651
|
-
@property
|
|
650
|
+
@_builtins.property
|
|
652
651
|
@pulumi.getter(name="csrPem")
|
|
653
|
-
def csr_pem(self) -> Optional[pulumi.Input[
|
|
652
|
+
def csr_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
654
653
|
return pulumi.get(self, "csr_pem")
|
|
655
654
|
|
|
656
655
|
@csr_pem.setter
|
|
657
|
-
def csr_pem(self, value: Optional[pulumi.Input[
|
|
656
|
+
def csr_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
658
657
|
pulumi.set(self, "csr_pem", value)
|
|
659
658
|
|
|
660
|
-
@property
|
|
659
|
+
@_builtins.property
|
|
661
660
|
@pulumi.getter(name="customFields")
|
|
662
|
-
def custom_fields(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
661
|
+
def custom_fields(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
|
|
663
662
|
"""
|
|
664
663
|
Collection of Custom Field name-value pairs to assign to the certificate.
|
|
665
664
|
"""
|
|
666
665
|
return pulumi.get(self, "custom_fields")
|
|
667
666
|
|
|
668
667
|
@custom_fields.setter
|
|
669
|
-
def custom_fields(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
668
|
+
def custom_fields(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
|
|
670
669
|
pulumi.set(self, "custom_fields", value)
|
|
671
670
|
|
|
672
|
-
@property
|
|
671
|
+
@_builtins.property
|
|
673
672
|
@pulumi.getter(name="ecdsaCurve")
|
|
674
|
-
def ecdsa_curve(self) -> Optional[pulumi.Input[
|
|
673
|
+
def ecdsa_curve(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
675
674
|
"""
|
|
676
675
|
ECDSA curve to use when generating a key
|
|
677
676
|
"""
|
|
678
677
|
return pulumi.get(self, "ecdsa_curve")
|
|
679
678
|
|
|
680
679
|
@ecdsa_curve.setter
|
|
681
|
-
def ecdsa_curve(self, value: Optional[pulumi.Input[
|
|
680
|
+
def ecdsa_curve(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
682
681
|
pulumi.set(self, "ecdsa_curve", value)
|
|
683
682
|
|
|
684
|
-
@property
|
|
683
|
+
@_builtins.property
|
|
685
684
|
@pulumi.getter(name="expirationWindow")
|
|
686
|
-
def expiration_window(self) -> Optional[pulumi.Input[
|
|
685
|
+
def expiration_window(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
687
686
|
"""
|
|
688
687
|
Number of hours before certificate expiry to request a new certificate.
|
|
689
688
|
Defaults to `168`.
|
|
@@ -691,12 +690,12 @@ class _CertificateState:
|
|
|
691
690
|
return pulumi.get(self, "expiration_window")
|
|
692
691
|
|
|
693
692
|
@expiration_window.setter
|
|
694
|
-
def expiration_window(self, value: Optional[pulumi.Input[
|
|
693
|
+
def expiration_window(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
695
694
|
pulumi.set(self, "expiration_window", value)
|
|
696
695
|
|
|
697
|
-
@property
|
|
696
|
+
@_builtins.property
|
|
698
697
|
@pulumi.getter(name="issuerHint")
|
|
699
|
-
def issuer_hint(self) -> Optional[pulumi.Input[
|
|
698
|
+
def issuer_hint(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
700
699
|
"""
|
|
701
700
|
Used with `valid_days` to indicate the target issuer when using Trust Protection
|
|
702
701
|
Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
|
|
@@ -704,36 +703,36 @@ class _CertificateState:
|
|
|
704
703
|
return pulumi.get(self, "issuer_hint")
|
|
705
704
|
|
|
706
705
|
@issuer_hint.setter
|
|
707
|
-
def issuer_hint(self, value: Optional[pulumi.Input[
|
|
706
|
+
def issuer_hint(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
708
707
|
pulumi.set(self, "issuer_hint", value)
|
|
709
708
|
|
|
710
|
-
@property
|
|
709
|
+
@_builtins.property
|
|
711
710
|
@pulumi.getter(name="keyPassword")
|
|
712
|
-
def key_password(self) -> Optional[pulumi.Input[
|
|
711
|
+
def key_password(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
713
712
|
"""
|
|
714
713
|
The password used to encrypt the private key.
|
|
715
714
|
"""
|
|
716
715
|
return pulumi.get(self, "key_password")
|
|
717
716
|
|
|
718
717
|
@key_password.setter
|
|
719
|
-
def key_password(self, value: Optional[pulumi.Input[
|
|
718
|
+
def key_password(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
720
719
|
pulumi.set(self, "key_password", value)
|
|
721
720
|
|
|
722
|
-
@property
|
|
721
|
+
@_builtins.property
|
|
723
722
|
@pulumi.getter
|
|
724
|
-
def locality(self) -> Optional[pulumi.Input[
|
|
723
|
+
def locality(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
725
724
|
"""
|
|
726
725
|
Locality/City of the certificate (L)
|
|
727
726
|
"""
|
|
728
727
|
return pulumi.get(self, "locality")
|
|
729
728
|
|
|
730
729
|
@locality.setter
|
|
731
|
-
def locality(self, value: Optional[pulumi.Input[
|
|
730
|
+
def locality(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
732
731
|
pulumi.set(self, "locality", value)
|
|
733
732
|
|
|
734
|
-
@property
|
|
733
|
+
@_builtins.property
|
|
735
734
|
@pulumi.getter
|
|
736
|
-
def nickname(self) -> Optional[pulumi.Input[
|
|
735
|
+
def nickname(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
737
736
|
"""
|
|
738
737
|
Use to specify a name for the new certificate object that will be created and placed
|
|
739
738
|
in a policy. Only valid for Trust Protection Platform.
|
|
@@ -741,36 +740,36 @@ class _CertificateState:
|
|
|
741
740
|
return pulumi.get(self, "nickname")
|
|
742
741
|
|
|
743
742
|
@nickname.setter
|
|
744
|
-
def nickname(self, value: Optional[pulumi.Input[
|
|
743
|
+
def nickname(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
745
744
|
pulumi.set(self, "nickname", value)
|
|
746
745
|
|
|
747
|
-
@property
|
|
746
|
+
@_builtins.property
|
|
748
747
|
@pulumi.getter
|
|
749
|
-
def organization(self) -> Optional[pulumi.Input[
|
|
748
|
+
def organization(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
750
749
|
"""
|
|
751
750
|
Organization of the certificate (O)
|
|
752
751
|
"""
|
|
753
752
|
return pulumi.get(self, "organization")
|
|
754
753
|
|
|
755
754
|
@organization.setter
|
|
756
|
-
def organization(self, value: Optional[pulumi.Input[
|
|
755
|
+
def organization(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
757
756
|
pulumi.set(self, "organization", value)
|
|
758
757
|
|
|
759
|
-
@property
|
|
758
|
+
@_builtins.property
|
|
760
759
|
@pulumi.getter(name="organizationalUnits")
|
|
761
|
-
def organizational_units(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
760
|
+
def organizational_units(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
762
761
|
"""
|
|
763
762
|
List of Organizational Units of the certificate (OU)
|
|
764
763
|
"""
|
|
765
764
|
return pulumi.get(self, "organizational_units")
|
|
766
765
|
|
|
767
766
|
@organizational_units.setter
|
|
768
|
-
def organizational_units(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
767
|
+
def organizational_units(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
769
768
|
pulumi.set(self, "organizational_units", value)
|
|
770
769
|
|
|
771
|
-
@property
|
|
770
|
+
@_builtins.property
|
|
772
771
|
@pulumi.getter
|
|
773
|
-
def pkcs12(self) -> Optional[pulumi.Input[
|
|
772
|
+
def pkcs12(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
774
773
|
"""
|
|
775
774
|
A base64-encoded PKCS#12 keystore secured by the `key_password`. Useful when working with resources like
|
|
776
775
|
azure key_vault_certificate.
|
|
@@ -778,36 +777,36 @@ class _CertificateState:
|
|
|
778
777
|
return pulumi.get(self, "pkcs12")
|
|
779
778
|
|
|
780
779
|
@pkcs12.setter
|
|
781
|
-
def pkcs12(self, value: Optional[pulumi.Input[
|
|
780
|
+
def pkcs12(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
782
781
|
pulumi.set(self, "pkcs12", value)
|
|
783
782
|
|
|
784
|
-
@property
|
|
783
|
+
@_builtins.property
|
|
785
784
|
@pulumi.getter(name="privateKeyPem")
|
|
786
|
-
def private_key_pem(self) -> Optional[pulumi.Input[
|
|
785
|
+
def private_key_pem(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
787
786
|
"""
|
|
788
787
|
The private key in PEM format.
|
|
789
788
|
"""
|
|
790
789
|
return pulumi.get(self, "private_key_pem")
|
|
791
790
|
|
|
792
791
|
@private_key_pem.setter
|
|
793
|
-
def private_key_pem(self, value: Optional[pulumi.Input[
|
|
792
|
+
def private_key_pem(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
794
793
|
pulumi.set(self, "private_key_pem", value)
|
|
795
794
|
|
|
796
|
-
@property
|
|
795
|
+
@_builtins.property
|
|
797
796
|
@pulumi.getter(name="renewRequired")
|
|
798
|
-
def renew_required(self) -> Optional[pulumi.Input[
|
|
797
|
+
def renew_required(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
799
798
|
"""
|
|
800
799
|
Indicates the certificate should be reissued. This means the resource will destroyed and recreated
|
|
801
800
|
"""
|
|
802
801
|
return pulumi.get(self, "renew_required")
|
|
803
802
|
|
|
804
803
|
@renew_required.setter
|
|
805
|
-
def renew_required(self, value: Optional[pulumi.Input[
|
|
804
|
+
def renew_required(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
806
805
|
pulumi.set(self, "renew_required", value)
|
|
807
806
|
|
|
808
|
-
@property
|
|
807
|
+
@_builtins.property
|
|
809
808
|
@pulumi.getter(name="rsaBits")
|
|
810
|
-
def rsa_bits(self) -> Optional[pulumi.Input[
|
|
809
|
+
def rsa_bits(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
811
810
|
"""
|
|
812
811
|
Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
|
|
813
812
|
Defaults to `2048`.
|
|
@@ -815,48 +814,48 @@ class _CertificateState:
|
|
|
815
814
|
return pulumi.get(self, "rsa_bits")
|
|
816
815
|
|
|
817
816
|
@rsa_bits.setter
|
|
818
|
-
def rsa_bits(self, value: Optional[pulumi.Input[
|
|
817
|
+
def rsa_bits(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
819
818
|
pulumi.set(self, "rsa_bits", value)
|
|
820
819
|
|
|
821
|
-
@property
|
|
820
|
+
@_builtins.property
|
|
822
821
|
@pulumi.getter(name="sanDns")
|
|
823
|
-
def san_dns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
822
|
+
def san_dns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
824
823
|
"""
|
|
825
824
|
List of DNS names to use as alternative subjects of the certificate.
|
|
826
825
|
"""
|
|
827
826
|
return pulumi.get(self, "san_dns")
|
|
828
827
|
|
|
829
828
|
@san_dns.setter
|
|
830
|
-
def san_dns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
829
|
+
def san_dns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
831
830
|
pulumi.set(self, "san_dns", value)
|
|
832
831
|
|
|
833
|
-
@property
|
|
832
|
+
@_builtins.property
|
|
834
833
|
@pulumi.getter(name="sanEmails")
|
|
835
|
-
def san_emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
834
|
+
def san_emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
836
835
|
"""
|
|
837
836
|
List of email addresses to use as alternative subjects of the certificate.
|
|
838
837
|
"""
|
|
839
838
|
return pulumi.get(self, "san_emails")
|
|
840
839
|
|
|
841
840
|
@san_emails.setter
|
|
842
|
-
def san_emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
841
|
+
def san_emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
843
842
|
pulumi.set(self, "san_emails", value)
|
|
844
843
|
|
|
845
|
-
@property
|
|
844
|
+
@_builtins.property
|
|
846
845
|
@pulumi.getter(name="sanIps")
|
|
847
|
-
def san_ips(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
846
|
+
def san_ips(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
848
847
|
"""
|
|
849
848
|
List of IP addresses to use as alternative subjects of the certificate.
|
|
850
849
|
"""
|
|
851
850
|
return pulumi.get(self, "san_ips")
|
|
852
851
|
|
|
853
852
|
@san_ips.setter
|
|
854
|
-
def san_ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
853
|
+
def san_ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
855
854
|
pulumi.set(self, "san_ips", value)
|
|
856
855
|
|
|
857
|
-
@property
|
|
856
|
+
@_builtins.property
|
|
858
857
|
@pulumi.getter(name="sanUris")
|
|
859
|
-
def san_uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
858
|
+
def san_uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
860
859
|
"""
|
|
861
860
|
List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
|
|
862
861
|
the certificate.
|
|
@@ -864,31 +863,31 @@ class _CertificateState:
|
|
|
864
863
|
return pulumi.get(self, "san_uris")
|
|
865
864
|
|
|
866
865
|
@san_uris.setter
|
|
867
|
-
def san_uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
866
|
+
def san_uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
868
867
|
pulumi.set(self, "san_uris", value)
|
|
869
868
|
|
|
870
|
-
@property
|
|
869
|
+
@_builtins.property
|
|
871
870
|
@pulumi.getter
|
|
872
|
-
def state(self) -> Optional[pulumi.Input[
|
|
871
|
+
def state(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
873
872
|
"""
|
|
874
873
|
State of the certificate (S)
|
|
875
874
|
"""
|
|
876
875
|
return pulumi.get(self, "state")
|
|
877
876
|
|
|
878
877
|
@state.setter
|
|
879
|
-
def state(self, value: Optional[pulumi.Input[
|
|
878
|
+
def state(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
880
879
|
pulumi.set(self, "state", value)
|
|
881
880
|
|
|
882
|
-
@property
|
|
881
|
+
@_builtins.property
|
|
883
882
|
@pulumi.getter(name="validDays")
|
|
884
|
-
def valid_days(self) -> Optional[pulumi.Input[
|
|
883
|
+
def valid_days(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
885
884
|
"""
|
|
886
885
|
Desired number of days for which the new certificate will be valid.
|
|
887
886
|
"""
|
|
888
887
|
return pulumi.get(self, "valid_days")
|
|
889
888
|
|
|
890
889
|
@valid_days.setter
|
|
891
|
-
def valid_days(self, value: Optional[pulumi.Input[
|
|
890
|
+
def valid_days(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
892
891
|
pulumi.set(self, "valid_days", value)
|
|
893
892
|
|
|
894
893
|
|
|
@@ -898,66 +897,66 @@ class Certificate(pulumi.CustomResource):
|
|
|
898
897
|
def __init__(__self__,
|
|
899
898
|
resource_name: str,
|
|
900
899
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
901
|
-
algorithm: Optional[pulumi.Input[
|
|
902
|
-
certificate_dn: Optional[pulumi.Input[
|
|
903
|
-
common_name: Optional[pulumi.Input[
|
|
904
|
-
country: Optional[pulumi.Input[
|
|
905
|
-
csr_origin: Optional[pulumi.Input[
|
|
906
|
-
csr_pem: Optional[pulumi.Input[
|
|
907
|
-
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
908
|
-
ecdsa_curve: Optional[pulumi.Input[
|
|
909
|
-
expiration_window: Optional[pulumi.Input[
|
|
910
|
-
issuer_hint: Optional[pulumi.Input[
|
|
911
|
-
key_password: Optional[pulumi.Input[
|
|
912
|
-
locality: Optional[pulumi.Input[
|
|
913
|
-
nickname: Optional[pulumi.Input[
|
|
914
|
-
organization: Optional[pulumi.Input[
|
|
915
|
-
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
916
|
-
pkcs12: Optional[pulumi.Input[
|
|
917
|
-
private_key_pem: Optional[pulumi.Input[
|
|
918
|
-
renew_required: Optional[pulumi.Input[
|
|
919
|
-
rsa_bits: Optional[pulumi.Input[
|
|
920
|
-
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
921
|
-
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
922
|
-
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
923
|
-
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
924
|
-
state: Optional[pulumi.Input[
|
|
925
|
-
valid_days: Optional[pulumi.Input[
|
|
900
|
+
algorithm: Optional[pulumi.Input[_builtins.str]] = None,
|
|
901
|
+
certificate_dn: Optional[pulumi.Input[_builtins.str]] = None,
|
|
902
|
+
common_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
903
|
+
country: Optional[pulumi.Input[_builtins.str]] = None,
|
|
904
|
+
csr_origin: Optional[pulumi.Input[_builtins.str]] = None,
|
|
905
|
+
csr_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
906
|
+
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
|
|
907
|
+
ecdsa_curve: Optional[pulumi.Input[_builtins.str]] = None,
|
|
908
|
+
expiration_window: Optional[pulumi.Input[_builtins.int]] = None,
|
|
909
|
+
issuer_hint: Optional[pulumi.Input[_builtins.str]] = None,
|
|
910
|
+
key_password: Optional[pulumi.Input[_builtins.str]] = None,
|
|
911
|
+
locality: Optional[pulumi.Input[_builtins.str]] = None,
|
|
912
|
+
nickname: Optional[pulumi.Input[_builtins.str]] = None,
|
|
913
|
+
organization: Optional[pulumi.Input[_builtins.str]] = None,
|
|
914
|
+
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
915
|
+
pkcs12: Optional[pulumi.Input[_builtins.str]] = None,
|
|
916
|
+
private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
917
|
+
renew_required: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
918
|
+
rsa_bits: Optional[pulumi.Input[_builtins.int]] = None,
|
|
919
|
+
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
920
|
+
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
921
|
+
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
922
|
+
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
923
|
+
state: Optional[pulumi.Input[_builtins.str]] = None,
|
|
924
|
+
valid_days: Optional[pulumi.Input[_builtins.int]] = None,
|
|
926
925
|
__props__=None):
|
|
927
926
|
"""
|
|
928
927
|
Create a Certificate resource with the given unique name, props, and options.
|
|
929
928
|
:param str resource_name: The name of the resource.
|
|
930
929
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
931
|
-
:param pulumi.Input[
|
|
932
|
-
:param pulumi.Input[
|
|
933
|
-
:param pulumi.Input[
|
|
934
|
-
:param pulumi.Input[
|
|
930
|
+
:param pulumi.Input[_builtins.str] algorithm: Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
|
|
931
|
+
:param pulumi.Input[_builtins.str] common_name: The common name of the certificate.
|
|
932
|
+
:param pulumi.Input[_builtins.str] country: Country of the certificate (C)
|
|
933
|
+
:param pulumi.Input[_builtins.str] csr_origin: Whether key-pair generation will be `local` or `service` generated. Default is
|
|
935
934
|
`local`.
|
|
936
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[
|
|
937
|
-
:param pulumi.Input[
|
|
938
|
-
:param pulumi.Input[
|
|
935
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] custom_fields: Collection of Custom Field name-value pairs to assign to the certificate.
|
|
936
|
+
:param pulumi.Input[_builtins.str] ecdsa_curve: ECDSA curve to use when generating a key
|
|
937
|
+
:param pulumi.Input[_builtins.int] expiration_window: Number of hours before certificate expiry to request a new certificate.
|
|
939
938
|
Defaults to `168`.
|
|
940
|
-
:param pulumi.Input[
|
|
939
|
+
:param pulumi.Input[_builtins.str] issuer_hint: Used with `valid_days` to indicate the target issuer when using Trust Protection
|
|
941
940
|
Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
|
|
942
|
-
:param pulumi.Input[
|
|
943
|
-
:param pulumi.Input[
|
|
944
|
-
:param pulumi.Input[
|
|
941
|
+
:param pulumi.Input[_builtins.str] key_password: The password used to encrypt the private key.
|
|
942
|
+
:param pulumi.Input[_builtins.str] locality: Locality/City of the certificate (L)
|
|
943
|
+
:param pulumi.Input[_builtins.str] nickname: Use to specify a name for the new certificate object that will be created and placed
|
|
945
944
|
in a policy. Only valid for Trust Protection Platform.
|
|
946
|
-
:param pulumi.Input[
|
|
947
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
948
|
-
:param pulumi.Input[
|
|
945
|
+
:param pulumi.Input[_builtins.str] organization: Organization of the certificate (O)
|
|
946
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] organizational_units: List of Organizational Units of the certificate (OU)
|
|
947
|
+
:param pulumi.Input[_builtins.str] pkcs12: A base64-encoded PKCS#12 keystore secured by the `key_password`. Useful when working with resources like
|
|
949
948
|
azure key_vault_certificate.
|
|
950
|
-
:param pulumi.Input[
|
|
951
|
-
:param pulumi.Input[
|
|
952
|
-
:param pulumi.Input[
|
|
949
|
+
:param pulumi.Input[_builtins.str] private_key_pem: The private key in PEM format.
|
|
950
|
+
:param pulumi.Input[_builtins.bool] renew_required: Indicates the certificate should be reissued. This means the resource will destroyed and recreated
|
|
951
|
+
:param pulumi.Input[_builtins.int] rsa_bits: Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
|
|
953
952
|
Defaults to `2048`.
|
|
954
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
955
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
956
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
957
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
953
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_dns: List of DNS names to use as alternative subjects of the certificate.
|
|
954
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_emails: List of email addresses to use as alternative subjects of the certificate.
|
|
955
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_ips: List of IP addresses to use as alternative subjects of the certificate.
|
|
956
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_uris: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
|
|
958
957
|
the certificate.
|
|
959
|
-
:param pulumi.Input[
|
|
960
|
-
:param pulumi.Input[
|
|
958
|
+
:param pulumi.Input[_builtins.str] state: State of the certificate (S)
|
|
959
|
+
:param pulumi.Input[_builtins.int] valid_days: Desired number of days for which the new certificate will be valid.
|
|
961
960
|
"""
|
|
962
961
|
...
|
|
963
962
|
@overload
|
|
@@ -982,31 +981,31 @@ class Certificate(pulumi.CustomResource):
|
|
|
982
981
|
def _internal_init(__self__,
|
|
983
982
|
resource_name: str,
|
|
984
983
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
985
|
-
algorithm: Optional[pulumi.Input[
|
|
986
|
-
certificate_dn: Optional[pulumi.Input[
|
|
987
|
-
common_name: Optional[pulumi.Input[
|
|
988
|
-
country: Optional[pulumi.Input[
|
|
989
|
-
csr_origin: Optional[pulumi.Input[
|
|
990
|
-
csr_pem: Optional[pulumi.Input[
|
|
991
|
-
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
992
|
-
ecdsa_curve: Optional[pulumi.Input[
|
|
993
|
-
expiration_window: Optional[pulumi.Input[
|
|
994
|
-
issuer_hint: Optional[pulumi.Input[
|
|
995
|
-
key_password: Optional[pulumi.Input[
|
|
996
|
-
locality: Optional[pulumi.Input[
|
|
997
|
-
nickname: Optional[pulumi.Input[
|
|
998
|
-
organization: Optional[pulumi.Input[
|
|
999
|
-
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1000
|
-
pkcs12: Optional[pulumi.Input[
|
|
1001
|
-
private_key_pem: Optional[pulumi.Input[
|
|
1002
|
-
renew_required: Optional[pulumi.Input[
|
|
1003
|
-
rsa_bits: Optional[pulumi.Input[
|
|
1004
|
-
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1005
|
-
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1006
|
-
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1007
|
-
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1008
|
-
state: Optional[pulumi.Input[
|
|
1009
|
-
valid_days: Optional[pulumi.Input[
|
|
984
|
+
algorithm: Optional[pulumi.Input[_builtins.str]] = None,
|
|
985
|
+
certificate_dn: Optional[pulumi.Input[_builtins.str]] = None,
|
|
986
|
+
common_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
987
|
+
country: Optional[pulumi.Input[_builtins.str]] = None,
|
|
988
|
+
csr_origin: Optional[pulumi.Input[_builtins.str]] = None,
|
|
989
|
+
csr_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
990
|
+
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
|
|
991
|
+
ecdsa_curve: Optional[pulumi.Input[_builtins.str]] = None,
|
|
992
|
+
expiration_window: Optional[pulumi.Input[_builtins.int]] = None,
|
|
993
|
+
issuer_hint: Optional[pulumi.Input[_builtins.str]] = None,
|
|
994
|
+
key_password: Optional[pulumi.Input[_builtins.str]] = None,
|
|
995
|
+
locality: Optional[pulumi.Input[_builtins.str]] = None,
|
|
996
|
+
nickname: Optional[pulumi.Input[_builtins.str]] = None,
|
|
997
|
+
organization: Optional[pulumi.Input[_builtins.str]] = None,
|
|
998
|
+
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
999
|
+
pkcs12: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1000
|
+
private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1001
|
+
renew_required: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
1002
|
+
rsa_bits: Optional[pulumi.Input[_builtins.int]] = None,
|
|
1003
|
+
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1004
|
+
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1005
|
+
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1006
|
+
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1007
|
+
state: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1008
|
+
valid_days: Optional[pulumi.Input[_builtins.int]] = None,
|
|
1010
1009
|
__props__=None):
|
|
1011
1010
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
|
1012
1011
|
if not isinstance(opts, pulumi.ResourceOptions):
|
|
@@ -1058,34 +1057,34 @@ class Certificate(pulumi.CustomResource):
|
|
|
1058
1057
|
def get(resource_name: str,
|
|
1059
1058
|
id: pulumi.Input[str],
|
|
1060
1059
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
1061
|
-
algorithm: Optional[pulumi.Input[
|
|
1062
|
-
certificate: Optional[pulumi.Input[
|
|
1063
|
-
certificate_dn: Optional[pulumi.Input[
|
|
1064
|
-
certificate_id: Optional[pulumi.Input[
|
|
1065
|
-
chain: Optional[pulumi.Input[
|
|
1066
|
-
common_name: Optional[pulumi.Input[
|
|
1067
|
-
country: Optional[pulumi.Input[
|
|
1068
|
-
csr_origin: Optional[pulumi.Input[
|
|
1069
|
-
csr_pem: Optional[pulumi.Input[
|
|
1070
|
-
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[
|
|
1071
|
-
ecdsa_curve: Optional[pulumi.Input[
|
|
1072
|
-
expiration_window: Optional[pulumi.Input[
|
|
1073
|
-
issuer_hint: Optional[pulumi.Input[
|
|
1074
|
-
key_password: Optional[pulumi.Input[
|
|
1075
|
-
locality: Optional[pulumi.Input[
|
|
1076
|
-
nickname: Optional[pulumi.Input[
|
|
1077
|
-
organization: Optional[pulumi.Input[
|
|
1078
|
-
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1079
|
-
pkcs12: Optional[pulumi.Input[
|
|
1080
|
-
private_key_pem: Optional[pulumi.Input[
|
|
1081
|
-
renew_required: Optional[pulumi.Input[
|
|
1082
|
-
rsa_bits: Optional[pulumi.Input[
|
|
1083
|
-
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1084
|
-
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1085
|
-
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1086
|
-
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
1087
|
-
state: Optional[pulumi.Input[
|
|
1088
|
-
valid_days: Optional[pulumi.Input[
|
|
1060
|
+
algorithm: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1061
|
+
certificate: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1062
|
+
certificate_dn: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1063
|
+
certificate_id: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1064
|
+
chain: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1065
|
+
common_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1066
|
+
country: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1067
|
+
csr_origin: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1068
|
+
csr_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1069
|
+
custom_fields: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
|
|
1070
|
+
ecdsa_curve: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1071
|
+
expiration_window: Optional[pulumi.Input[_builtins.int]] = None,
|
|
1072
|
+
issuer_hint: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1073
|
+
key_password: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1074
|
+
locality: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1075
|
+
nickname: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1076
|
+
organization: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1077
|
+
organizational_units: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1078
|
+
pkcs12: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1079
|
+
private_key_pem: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1080
|
+
renew_required: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
1081
|
+
rsa_bits: Optional[pulumi.Input[_builtins.int]] = None,
|
|
1082
|
+
san_dns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1083
|
+
san_emails: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1084
|
+
san_ips: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1085
|
+
san_uris: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
1086
|
+
state: Optional[pulumi.Input[_builtins.str]] = None,
|
|
1087
|
+
valid_days: Optional[pulumi.Input[_builtins.int]] = None) -> 'Certificate':
|
|
1089
1088
|
"""
|
|
1090
1089
|
Get an existing Certificate resource's state with the given name, id, and optional extra
|
|
1091
1090
|
properties used to qualify the lookup.
|
|
@@ -1093,39 +1092,39 @@ class Certificate(pulumi.CustomResource):
|
|
|
1093
1092
|
:param str resource_name: The unique name of the resulting resource.
|
|
1094
1093
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
|
1095
1094
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
1096
|
-
:param pulumi.Input[
|
|
1097
|
-
:param pulumi.Input[
|
|
1098
|
-
:param pulumi.Input[
|
|
1099
|
-
:param pulumi.Input[
|
|
1100
|
-
:param pulumi.Input[
|
|
1101
|
-
:param pulumi.Input[
|
|
1102
|
-
:param pulumi.Input[
|
|
1095
|
+
:param pulumi.Input[_builtins.str] algorithm: Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
|
|
1096
|
+
:param pulumi.Input[_builtins.str] certificate: The X509 certificate in PEM format.
|
|
1097
|
+
:param pulumi.Input[_builtins.str] certificate_id: ID of the issued certificate
|
|
1098
|
+
:param pulumi.Input[_builtins.str] chain: The trust chain of X509 certificate authority certificates in PEM format concatenated together.
|
|
1099
|
+
:param pulumi.Input[_builtins.str] common_name: The common name of the certificate.
|
|
1100
|
+
:param pulumi.Input[_builtins.str] country: Country of the certificate (C)
|
|
1101
|
+
:param pulumi.Input[_builtins.str] csr_origin: Whether key-pair generation will be `local` or `service` generated. Default is
|
|
1103
1102
|
`local`.
|
|
1104
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[
|
|
1105
|
-
:param pulumi.Input[
|
|
1106
|
-
:param pulumi.Input[
|
|
1103
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] custom_fields: Collection of Custom Field name-value pairs to assign to the certificate.
|
|
1104
|
+
:param pulumi.Input[_builtins.str] ecdsa_curve: ECDSA curve to use when generating a key
|
|
1105
|
+
:param pulumi.Input[_builtins.int] expiration_window: Number of hours before certificate expiry to request a new certificate.
|
|
1107
1106
|
Defaults to `168`.
|
|
1108
|
-
:param pulumi.Input[
|
|
1107
|
+
:param pulumi.Input[_builtins.str] issuer_hint: Used with `valid_days` to indicate the target issuer when using Trust Protection
|
|
1109
1108
|
Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
|
|
1110
|
-
:param pulumi.Input[
|
|
1111
|
-
:param pulumi.Input[
|
|
1112
|
-
:param pulumi.Input[
|
|
1109
|
+
:param pulumi.Input[_builtins.str] key_password: The password used to encrypt the private key.
|
|
1110
|
+
:param pulumi.Input[_builtins.str] locality: Locality/City of the certificate (L)
|
|
1111
|
+
:param pulumi.Input[_builtins.str] nickname: Use to specify a name for the new certificate object that will be created and placed
|
|
1113
1112
|
in a policy. Only valid for Trust Protection Platform.
|
|
1114
|
-
:param pulumi.Input[
|
|
1115
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
1116
|
-
:param pulumi.Input[
|
|
1113
|
+
:param pulumi.Input[_builtins.str] organization: Organization of the certificate (O)
|
|
1114
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] organizational_units: List of Organizational Units of the certificate (OU)
|
|
1115
|
+
:param pulumi.Input[_builtins.str] pkcs12: A base64-encoded PKCS#12 keystore secured by the `key_password`. Useful when working with resources like
|
|
1117
1116
|
azure key_vault_certificate.
|
|
1118
|
-
:param pulumi.Input[
|
|
1119
|
-
:param pulumi.Input[
|
|
1120
|
-
:param pulumi.Input[
|
|
1117
|
+
:param pulumi.Input[_builtins.str] private_key_pem: The private key in PEM format.
|
|
1118
|
+
:param pulumi.Input[_builtins.bool] renew_required: Indicates the certificate should be reissued. This means the resource will destroyed and recreated
|
|
1119
|
+
:param pulumi.Input[_builtins.int] rsa_bits: Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
|
|
1121
1120
|
Defaults to `2048`.
|
|
1122
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
1123
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
1124
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
1125
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
1121
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_dns: List of DNS names to use as alternative subjects of the certificate.
|
|
1122
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_emails: List of email addresses to use as alternative subjects of the certificate.
|
|
1123
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_ips: List of IP addresses to use as alternative subjects of the certificate.
|
|
1124
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] san_uris: List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
|
|
1126
1125
|
the certificate.
|
|
1127
|
-
:param pulumi.Input[
|
|
1128
|
-
:param pulumi.Input[
|
|
1126
|
+
:param pulumi.Input[_builtins.str] state: State of the certificate (S)
|
|
1127
|
+
:param pulumi.Input[_builtins.int] valid_days: Desired number of days for which the new certificate will be valid.
|
|
1129
1128
|
"""
|
|
1130
1129
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
|
1131
1130
|
|
|
@@ -1161,226 +1160,226 @@ class Certificate(pulumi.CustomResource):
|
|
|
1161
1160
|
__props__.__dict__["valid_days"] = valid_days
|
|
1162
1161
|
return Certificate(resource_name, opts=opts, __props__=__props__)
|
|
1163
1162
|
|
|
1164
|
-
@property
|
|
1163
|
+
@_builtins.property
|
|
1165
1164
|
@pulumi.getter
|
|
1166
|
-
def algorithm(self) -> pulumi.Output[Optional[
|
|
1165
|
+
def algorithm(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1167
1166
|
"""
|
|
1168
1167
|
Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
|
|
1169
1168
|
"""
|
|
1170
1169
|
return pulumi.get(self, "algorithm")
|
|
1171
1170
|
|
|
1172
|
-
@property
|
|
1171
|
+
@_builtins.property
|
|
1173
1172
|
@pulumi.getter
|
|
1174
|
-
def certificate(self) -> pulumi.Output[
|
|
1173
|
+
def certificate(self) -> pulumi.Output[_builtins.str]:
|
|
1175
1174
|
"""
|
|
1176
1175
|
The X509 certificate in PEM format.
|
|
1177
1176
|
"""
|
|
1178
1177
|
return pulumi.get(self, "certificate")
|
|
1179
1178
|
|
|
1180
|
-
@property
|
|
1179
|
+
@_builtins.property
|
|
1181
1180
|
@pulumi.getter(name="certificateDn")
|
|
1182
|
-
def certificate_dn(self) -> pulumi.Output[
|
|
1181
|
+
def certificate_dn(self) -> pulumi.Output[_builtins.str]:
|
|
1183
1182
|
return pulumi.get(self, "certificate_dn")
|
|
1184
1183
|
|
|
1185
|
-
@property
|
|
1184
|
+
@_builtins.property
|
|
1186
1185
|
@pulumi.getter(name="certificateId")
|
|
1187
|
-
def certificate_id(self) -> pulumi.Output[
|
|
1186
|
+
def certificate_id(self) -> pulumi.Output[_builtins.str]:
|
|
1188
1187
|
"""
|
|
1189
1188
|
ID of the issued certificate
|
|
1190
1189
|
"""
|
|
1191
1190
|
return pulumi.get(self, "certificate_id")
|
|
1192
1191
|
|
|
1193
|
-
@property
|
|
1192
|
+
@_builtins.property
|
|
1194
1193
|
@pulumi.getter
|
|
1195
|
-
def chain(self) -> pulumi.Output[
|
|
1194
|
+
def chain(self) -> pulumi.Output[_builtins.str]:
|
|
1196
1195
|
"""
|
|
1197
1196
|
The trust chain of X509 certificate authority certificates in PEM format concatenated together.
|
|
1198
1197
|
"""
|
|
1199
1198
|
return pulumi.get(self, "chain")
|
|
1200
1199
|
|
|
1201
|
-
@property
|
|
1200
|
+
@_builtins.property
|
|
1202
1201
|
@pulumi.getter(name="commonName")
|
|
1203
|
-
def common_name(self) -> pulumi.Output[
|
|
1202
|
+
def common_name(self) -> pulumi.Output[_builtins.str]:
|
|
1204
1203
|
"""
|
|
1205
1204
|
The common name of the certificate.
|
|
1206
1205
|
"""
|
|
1207
1206
|
return pulumi.get(self, "common_name")
|
|
1208
1207
|
|
|
1209
|
-
@property
|
|
1208
|
+
@_builtins.property
|
|
1210
1209
|
@pulumi.getter
|
|
1211
|
-
def country(self) -> pulumi.Output[Optional[
|
|
1210
|
+
def country(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1212
1211
|
"""
|
|
1213
1212
|
Country of the certificate (C)
|
|
1214
1213
|
"""
|
|
1215
1214
|
return pulumi.get(self, "country")
|
|
1216
1215
|
|
|
1217
|
-
@property
|
|
1216
|
+
@_builtins.property
|
|
1218
1217
|
@pulumi.getter(name="csrOrigin")
|
|
1219
|
-
def csr_origin(self) -> pulumi.Output[Optional[
|
|
1218
|
+
def csr_origin(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1220
1219
|
"""
|
|
1221
1220
|
Whether key-pair generation will be `local` or `service` generated. Default is
|
|
1222
1221
|
`local`.
|
|
1223
1222
|
"""
|
|
1224
1223
|
return pulumi.get(self, "csr_origin")
|
|
1225
1224
|
|
|
1226
|
-
@property
|
|
1225
|
+
@_builtins.property
|
|
1227
1226
|
@pulumi.getter(name="csrPem")
|
|
1228
|
-
def csr_pem(self) -> pulumi.Output[
|
|
1227
|
+
def csr_pem(self) -> pulumi.Output[_builtins.str]:
|
|
1229
1228
|
return pulumi.get(self, "csr_pem")
|
|
1230
1229
|
|
|
1231
|
-
@property
|
|
1230
|
+
@_builtins.property
|
|
1232
1231
|
@pulumi.getter(name="customFields")
|
|
1233
|
-
def custom_fields(self) -> pulumi.Output[Optional[Mapping[str,
|
|
1232
|
+
def custom_fields(self) -> pulumi.Output[Optional[Mapping[str, _builtins.str]]]:
|
|
1234
1233
|
"""
|
|
1235
1234
|
Collection of Custom Field name-value pairs to assign to the certificate.
|
|
1236
1235
|
"""
|
|
1237
1236
|
return pulumi.get(self, "custom_fields")
|
|
1238
1237
|
|
|
1239
|
-
@property
|
|
1238
|
+
@_builtins.property
|
|
1240
1239
|
@pulumi.getter(name="ecdsaCurve")
|
|
1241
|
-
def ecdsa_curve(self) -> pulumi.Output[Optional[
|
|
1240
|
+
def ecdsa_curve(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1242
1241
|
"""
|
|
1243
1242
|
ECDSA curve to use when generating a key
|
|
1244
1243
|
"""
|
|
1245
1244
|
return pulumi.get(self, "ecdsa_curve")
|
|
1246
1245
|
|
|
1247
|
-
@property
|
|
1246
|
+
@_builtins.property
|
|
1248
1247
|
@pulumi.getter(name="expirationWindow")
|
|
1249
|
-
def expiration_window(self) -> pulumi.Output[Optional[
|
|
1248
|
+
def expiration_window(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1250
1249
|
"""
|
|
1251
1250
|
Number of hours before certificate expiry to request a new certificate.
|
|
1252
1251
|
Defaults to `168`.
|
|
1253
1252
|
"""
|
|
1254
1253
|
return pulumi.get(self, "expiration_window")
|
|
1255
1254
|
|
|
1256
|
-
@property
|
|
1255
|
+
@_builtins.property
|
|
1257
1256
|
@pulumi.getter(name="issuerHint")
|
|
1258
|
-
def issuer_hint(self) -> pulumi.Output[Optional[
|
|
1257
|
+
def issuer_hint(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1259
1258
|
"""
|
|
1260
1259
|
Used with `valid_days` to indicate the target issuer when using Trust Protection
|
|
1261
1260
|
Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
|
|
1262
1261
|
"""
|
|
1263
1262
|
return pulumi.get(self, "issuer_hint")
|
|
1264
1263
|
|
|
1265
|
-
@property
|
|
1264
|
+
@_builtins.property
|
|
1266
1265
|
@pulumi.getter(name="keyPassword")
|
|
1267
|
-
def key_password(self) -> pulumi.Output[Optional[
|
|
1266
|
+
def key_password(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1268
1267
|
"""
|
|
1269
1268
|
The password used to encrypt the private key.
|
|
1270
1269
|
"""
|
|
1271
1270
|
return pulumi.get(self, "key_password")
|
|
1272
1271
|
|
|
1273
|
-
@property
|
|
1272
|
+
@_builtins.property
|
|
1274
1273
|
@pulumi.getter
|
|
1275
|
-
def locality(self) -> pulumi.Output[Optional[
|
|
1274
|
+
def locality(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1276
1275
|
"""
|
|
1277
1276
|
Locality/City of the certificate (L)
|
|
1278
1277
|
"""
|
|
1279
1278
|
return pulumi.get(self, "locality")
|
|
1280
1279
|
|
|
1281
|
-
@property
|
|
1280
|
+
@_builtins.property
|
|
1282
1281
|
@pulumi.getter
|
|
1283
|
-
def nickname(self) -> pulumi.Output[Optional[
|
|
1282
|
+
def nickname(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1284
1283
|
"""
|
|
1285
1284
|
Use to specify a name for the new certificate object that will be created and placed
|
|
1286
1285
|
in a policy. Only valid for Trust Protection Platform.
|
|
1287
1286
|
"""
|
|
1288
1287
|
return pulumi.get(self, "nickname")
|
|
1289
1288
|
|
|
1290
|
-
@property
|
|
1289
|
+
@_builtins.property
|
|
1291
1290
|
@pulumi.getter
|
|
1292
|
-
def organization(self) -> pulumi.Output[Optional[
|
|
1291
|
+
def organization(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1293
1292
|
"""
|
|
1294
1293
|
Organization of the certificate (O)
|
|
1295
1294
|
"""
|
|
1296
1295
|
return pulumi.get(self, "organization")
|
|
1297
1296
|
|
|
1298
|
-
@property
|
|
1297
|
+
@_builtins.property
|
|
1299
1298
|
@pulumi.getter(name="organizationalUnits")
|
|
1300
|
-
def organizational_units(self) -> pulumi.Output[Optional[Sequence[
|
|
1299
|
+
def organizational_units(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
1301
1300
|
"""
|
|
1302
1301
|
List of Organizational Units of the certificate (OU)
|
|
1303
1302
|
"""
|
|
1304
1303
|
return pulumi.get(self, "organizational_units")
|
|
1305
1304
|
|
|
1306
|
-
@property
|
|
1305
|
+
@_builtins.property
|
|
1307
1306
|
@pulumi.getter
|
|
1308
|
-
def pkcs12(self) -> pulumi.Output[
|
|
1307
|
+
def pkcs12(self) -> pulumi.Output[_builtins.str]:
|
|
1309
1308
|
"""
|
|
1310
1309
|
A base64-encoded PKCS#12 keystore secured by the `key_password`. Useful when working with resources like
|
|
1311
1310
|
azure key_vault_certificate.
|
|
1312
1311
|
"""
|
|
1313
1312
|
return pulumi.get(self, "pkcs12")
|
|
1314
1313
|
|
|
1315
|
-
@property
|
|
1314
|
+
@_builtins.property
|
|
1316
1315
|
@pulumi.getter(name="privateKeyPem")
|
|
1317
|
-
def private_key_pem(self) -> pulumi.Output[
|
|
1316
|
+
def private_key_pem(self) -> pulumi.Output[_builtins.str]:
|
|
1318
1317
|
"""
|
|
1319
1318
|
The private key in PEM format.
|
|
1320
1319
|
"""
|
|
1321
1320
|
return pulumi.get(self, "private_key_pem")
|
|
1322
1321
|
|
|
1323
|
-
@property
|
|
1322
|
+
@_builtins.property
|
|
1324
1323
|
@pulumi.getter(name="renewRequired")
|
|
1325
|
-
def renew_required(self) -> pulumi.Output[Optional[
|
|
1324
|
+
def renew_required(self) -> pulumi.Output[Optional[_builtins.bool]]:
|
|
1326
1325
|
"""
|
|
1327
1326
|
Indicates the certificate should be reissued. This means the resource will destroyed and recreated
|
|
1328
1327
|
"""
|
|
1329
1328
|
return pulumi.get(self, "renew_required")
|
|
1330
1329
|
|
|
1331
|
-
@property
|
|
1330
|
+
@_builtins.property
|
|
1332
1331
|
@pulumi.getter(name="rsaBits")
|
|
1333
|
-
def rsa_bits(self) -> pulumi.Output[Optional[
|
|
1332
|
+
def rsa_bits(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1334
1333
|
"""
|
|
1335
1334
|
Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
|
|
1336
1335
|
Defaults to `2048`.
|
|
1337
1336
|
"""
|
|
1338
1337
|
return pulumi.get(self, "rsa_bits")
|
|
1339
1338
|
|
|
1340
|
-
@property
|
|
1339
|
+
@_builtins.property
|
|
1341
1340
|
@pulumi.getter(name="sanDns")
|
|
1342
|
-
def san_dns(self) -> pulumi.Output[Optional[Sequence[
|
|
1341
|
+
def san_dns(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
1343
1342
|
"""
|
|
1344
1343
|
List of DNS names to use as alternative subjects of the certificate.
|
|
1345
1344
|
"""
|
|
1346
1345
|
return pulumi.get(self, "san_dns")
|
|
1347
1346
|
|
|
1348
|
-
@property
|
|
1347
|
+
@_builtins.property
|
|
1349
1348
|
@pulumi.getter(name="sanEmails")
|
|
1350
|
-
def san_emails(self) -> pulumi.Output[Optional[Sequence[
|
|
1349
|
+
def san_emails(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
1351
1350
|
"""
|
|
1352
1351
|
List of email addresses to use as alternative subjects of the certificate.
|
|
1353
1352
|
"""
|
|
1354
1353
|
return pulumi.get(self, "san_emails")
|
|
1355
1354
|
|
|
1356
|
-
@property
|
|
1355
|
+
@_builtins.property
|
|
1357
1356
|
@pulumi.getter(name="sanIps")
|
|
1358
|
-
def san_ips(self) -> pulumi.Output[Optional[Sequence[
|
|
1357
|
+
def san_ips(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
1359
1358
|
"""
|
|
1360
1359
|
List of IP addresses to use as alternative subjects of the certificate.
|
|
1361
1360
|
"""
|
|
1362
1361
|
return pulumi.get(self, "san_ips")
|
|
1363
1362
|
|
|
1364
|
-
@property
|
|
1363
|
+
@_builtins.property
|
|
1365
1364
|
@pulumi.getter(name="sanUris")
|
|
1366
|
-
def san_uris(self) -> pulumi.Output[Optional[Sequence[
|
|
1365
|
+
def san_uris(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
1367
1366
|
"""
|
|
1368
1367
|
List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
|
|
1369
1368
|
the certificate.
|
|
1370
1369
|
"""
|
|
1371
1370
|
return pulumi.get(self, "san_uris")
|
|
1372
1371
|
|
|
1373
|
-
@property
|
|
1372
|
+
@_builtins.property
|
|
1374
1373
|
@pulumi.getter
|
|
1375
|
-
def state(self) -> pulumi.Output[Optional[
|
|
1374
|
+
def state(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1376
1375
|
"""
|
|
1377
1376
|
State of the certificate (S)
|
|
1378
1377
|
"""
|
|
1379
1378
|
return pulumi.get(self, "state")
|
|
1380
1379
|
|
|
1381
|
-
@property
|
|
1380
|
+
@_builtins.property
|
|
1382
1381
|
@pulumi.getter(name="validDays")
|
|
1383
|
-
def valid_days(self) -> pulumi.Output[Optional[
|
|
1382
|
+
def valid_days(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1384
1383
|
"""
|
|
1385
1384
|
Desired number of days for which the new certificate will be valid.
|
|
1386
1385
|
"""
|