acmpca

package
v6.32.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 19, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Certificate 

type Certificate struct {
	pulumi.CustomResourceState

	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrOutput `pulumi:"apiPassthrough"`
	// ARN of the certificate.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// PEM-encoded certificate value.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain pulumi.StringOutput `pulumi:"certificateChain"`
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringOutput `pulumi:"certificateSigningRequest"`
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringOutput `pulumi:"signingAlgorithm"`
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrOutput `pulumi:"templateArn"`
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityOutput `pulumi:"validity"`
}

Provides a resource to issue a certificate using AWS Certificate Manager Private Certificate Authority (ACM PCA).

Certificates created using `acmpca.Certificate` are not eligible for automatic renewal, and must be replaced instead. To issue a renewable certificate using an ACM PCA, create a `acm.Certificate` with the parameter `certificateAuthorityArn`.

## Example Usage

### Basic

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi-tls/sdk/v4/go/tls"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
			PermanentDeletionTimeInDays: pulumi.Int(7),
		})
		if err != nil {
			return err
		}
		key, err := tls.NewPrivateKey(ctx, "key", &tls.PrivateKeyArgs{
			Algorithm: pulumi.String("RSA"),
		})
		if err != nil {
			return err
		}
		csr, err := tls.NewCertRequest(ctx, "csr", &tls.CertRequestArgs{
			PrivateKeyPem: key.PrivateKeyPem,
			Subject: &tls.CertRequestSubjectArgs{
				CommonName: pulumi.String("example"),
			},
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificate(ctx, "example", &acmpca.CertificateArgs{
			CertificateAuthorityArn:   exampleCertificateAuthority.Arn,
			CertificateSigningRequest: csr.CertRequestPem,
			SigningAlgorithm:          pulumi.String("SHA256WITHRSA"),
			Validity: &acmpca.CertificateValidityArgs{
				Type:  pulumi.String("YEARS"),
				Value: pulumi.String("1"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Using `pulumi import`, import ACM PCA Certificates using their ARN. For example:

```sh $ pulumi import aws:acmpca/certificate:Certificate cert arn:aws:acm-pca:eu-west-1:675225743824:certificate-authority/08319ede-83g9-1400-8f21-c7d12b2b6edb/certificate/a4e9c2aa4bcfab625g1b9136464cd3a ```

func GetCertificate 

func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error)

GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificate 

func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error)

NewCertificate registers a new resource with the given unique name, arguments, and options.

func (*Certificate) ElementType 

func (*Certificate) ElementType() reflect.Type

func (*Certificate) ToCertificateOutput 

func (i *Certificate) ToCertificateOutput() CertificateOutput

func (*Certificate) ToCertificateOutputWithContext 

func (i *Certificate) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

type CertificateArgs 

type CertificateArgs struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrInput
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringInput
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringInput
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringInput
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrInput
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityInput
}

The set of arguments for constructing a Certificate resource.

func (CertificateArgs) ElementType 

func (CertificateArgs) ElementType() reflect.Type

type CertificateArray 

type CertificateArray []CertificateInput

func (CertificateArray) ElementType 

func (CertificateArray) ElementType() reflect.Type

func (CertificateArray) ToCertificateArrayOutput 

func (i CertificateArray) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArray) ToCertificateArrayOutputWithContext 

func (i CertificateArray) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateArrayInput 

type CertificateArrayInput interface {
	pulumi.Input

	ToCertificateArrayOutput() CertificateArrayOutput
	ToCertificateArrayOutputWithContext(context.Context) CertificateArrayOutput
}

CertificateArrayInput is an input type that accepts CertificateArray and CertificateArrayOutput values. You can construct a concrete instance of `CertificateArrayInput` via: 

CertificateArray{ CertificateArgs{...} }

type CertificateArrayOutput 

type CertificateArrayOutput struct{ *pulumi.OutputState }

func (CertificateArrayOutput) ElementType 

func (CertificateArrayOutput) ElementType() reflect.Type

func (CertificateArrayOutput) Index 

func (o CertificateArrayOutput) Index(i pulumi.IntInput) CertificateOutput

func (CertificateArrayOutput) ToCertificateArrayOutput 

func (o CertificateArrayOutput) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArrayOutput) ToCertificateArrayOutputWithContext 

func (o CertificateArrayOutput) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateAuthority 

type CertificateAuthority struct {
	pulumi.CustomResourceState

	// ARN of the certificate authority.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// Nested argument containing algorithms and certificate subject information. Defined below.
	CertificateAuthorityConfiguration CertificateAuthorityCertificateAuthorityConfigurationOutput `pulumi:"certificateAuthorityConfiguration"`
	// Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
	CertificateChain pulumi.StringOutput `pulumi:"certificateChain"`
	// The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
	CertificateSigningRequest pulumi.StringOutput `pulumi:"certificateSigningRequest"`
	// Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).
	KeyStorageSecurityStandard pulumi.StringOutput `pulumi:"keyStorageSecurityStandard"`
	// Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotAfter pulumi.StringOutput `pulumi:"notAfter"`
	// Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotBefore pulumi.StringOutput `pulumi:"notBefore"`
	// Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.
	PermanentDeletionTimeInDays pulumi.IntPtrOutput `pulumi:"permanentDeletionTimeInDays"`
	// Nested argument containing revocation configuration. Defined below.
	RevocationConfiguration CertificateAuthorityRevocationConfigurationPtrOutput `pulumi:"revocationConfiguration"`
	// Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
	Serial pulumi.StringOutput `pulumi:"serial"`
	// Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	//
	// Deprecated: Please use `tags` instead.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.
	Type pulumi.StringPtrOutput `pulumi:"type"`
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.
	UsageMode pulumi.StringOutput `pulumi:"usageMode"`
}

Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).

> **NOTE:** Creating this resource will leave the certificate authority in a `PENDING_CERTIFICATE` status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the `certificateSigningRequest` attribute. The `acmpca.CertificateAuthorityCertificate` resource can be used for this purpose.

## Example Usage

### Basic

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
			PermanentDeletionTimeInDays: pulumi.Int(7),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Short-lived certificate

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			UsageMode: pulumi.String("SHORT_LIVED_CERTIFICATE"),
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Enable Certificate Revocation List

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := s3.NewBucketV2(ctx, "example", &s3.BucketV2Args{
			Bucket:       pulumi.String("example"),
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		acmpcaBucketAccess := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
			Statements: iam.GetPolicyDocumentStatementArray{
				&iam.GetPolicyDocumentStatementArgs{
					Actions: pulumi.StringArray{
						pulumi.String("s3:GetBucketAcl"),
						pulumi.String("s3:GetBucketLocation"),
						pulumi.String("s3:PutObject"),
						pulumi.String("s3:PutObjectAcl"),
					},
					Resources: pulumi.StringArray{
						example.Arn,
						example.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v/*", arn), nil
						}).(pulumi.StringOutput),
					},
					Principals: iam.GetPolicyDocumentStatementPrincipalArray{
						&iam.GetPolicyDocumentStatementPrincipalArgs{
							Identifiers: pulumi.StringArray{
								pulumi.String("acm-pca.amazonaws.com"),
							},
							Type: pulumi.String("Service"),
						},
					},
				},
			},
		}, nil)
		exampleBucketPolicy, err := s3.NewBucketPolicy(ctx, "example", &s3.BucketPolicyArgs{
			Bucket: example.ID(),
			Policy: acmpcaBucketAccess.ApplyT(func(acmpcaBucketAccess iam.GetPolicyDocumentResult) (*string, error) {
				return &acmpcaBucketAccess.Json, nil
			}).(pulumi.StringPtrOutput),
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
			RevocationConfiguration: &acmpca.CertificateAuthorityRevocationConfigurationArgs{
				CrlConfiguration: &acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{
					CustomCname:      pulumi.String("crl.example.com"),
					Enabled:          pulumi.Bool(true),
					ExpirationInDays: pulumi.Int(7),
					S3BucketName:     example.ID(),
					S3ObjectAcl:      pulumi.String("BUCKET_OWNER_FULL_CONTROL"),
				},
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			exampleBucketPolicy,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Using `pulumi import`, import `aws_acmpca_certificate_authority` using the certificate authority ARN. For example:

```sh $ pulumi import aws:acmpca/certificateAuthority:CertificateAuthority example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 ```

func GetCertificateAuthority 

func GetCertificateAuthority(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateAuthorityState, opts ...pulumi.ResourceOption) (*CertificateAuthority, error)

GetCertificateAuthority gets an existing CertificateAuthority resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateAuthority 

func NewCertificateAuthority(ctx *pulumi.Context,
	name string, args *CertificateAuthorityArgs, opts ...pulumi.ResourceOption) (*CertificateAuthority, error)

NewCertificateAuthority registers a new resource with the given unique name, arguments, and options.

func (*CertificateAuthority) ElementType 

func (*CertificateAuthority) ElementType() reflect.Type

func (*CertificateAuthority) ToCertificateAuthorityOutput 

func (i *CertificateAuthority) ToCertificateAuthorityOutput() CertificateAuthorityOutput

func (*CertificateAuthority) ToCertificateAuthorityOutputWithContext 

func (i *CertificateAuthority) ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput

type CertificateAuthorityArgs 

type CertificateAuthorityArgs struct {
	// Nested argument containing algorithms and certificate subject information. Defined below.
	CertificateAuthorityConfiguration CertificateAuthorityCertificateAuthorityConfigurationInput
	// Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.
	Enabled pulumi.BoolPtrInput
	// Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).
	KeyStorageSecurityStandard pulumi.StringPtrInput
	// Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.
	PermanentDeletionTimeInDays pulumi.IntPtrInput
	// Nested argument containing revocation configuration. Defined below.
	RevocationConfiguration CertificateAuthorityRevocationConfigurationPtrInput
	// Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.
	Type pulumi.StringPtrInput
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.
	UsageMode pulumi.StringPtrInput
}

The set of arguments for constructing a CertificateAuthority resource.

func (CertificateAuthorityArgs) ElementType 

func (CertificateAuthorityArgs) ElementType() reflect.Type

type CertificateAuthorityArray 

type CertificateAuthorityArray []CertificateAuthorityInput

func (CertificateAuthorityArray) ElementType 

func (CertificateAuthorityArray) ElementType() reflect.Type

func (CertificateAuthorityArray) ToCertificateAuthorityArrayOutput 

func (i CertificateAuthorityArray) ToCertificateAuthorityArrayOutput() CertificateAuthorityArrayOutput

func (CertificateAuthorityArray) ToCertificateAuthorityArrayOutputWithContext 

func (i CertificateAuthorityArray) ToCertificateAuthorityArrayOutputWithContext(ctx context.Context) CertificateAuthorityArrayOutput

type CertificateAuthorityArrayInput 

type CertificateAuthorityArrayInput interface {
	pulumi.Input

	ToCertificateAuthorityArrayOutput() CertificateAuthorityArrayOutput
	ToCertificateAuthorityArrayOutputWithContext(context.Context) CertificateAuthorityArrayOutput
}

CertificateAuthorityArrayInput is an input type that accepts CertificateAuthorityArray and CertificateAuthorityArrayOutput values. You can construct a concrete instance of `CertificateAuthorityArrayInput` via: 

CertificateAuthorityArray{ CertificateAuthorityArgs{...} }

type CertificateAuthorityArrayOutput 

type CertificateAuthorityArrayOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityArrayOutput) ElementType 

func (CertificateAuthorityArrayOutput) ElementType() reflect.Type

func (CertificateAuthorityArrayOutput) Index 

func (o CertificateAuthorityArrayOutput) Index(i pulumi.IntInput) CertificateAuthorityOutput

func (CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutput 

func (o CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutput() CertificateAuthorityArrayOutput

func (CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutputWithContext 

func (o CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutputWithContext(ctx context.Context) CertificateAuthorityArrayOutput

type CertificateAuthorityCertificate 

type CertificateAuthorityCertificate struct {
	pulumi.CustomResourceState

	// PEM-encoded certificate for the Certificate Authority.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// ARN of the Certificate Authority.
	CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.
	CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"`
}

Associates a certificate with an AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority). An ACM PCA Certificate Authority is unable to issue certificates until it has a certificate associated with it. A root level ACM PCA Certificate Authority is able to self-sign its own root certificate.

## Example Usage

### Self-Signed Root Certificate Authority Certificate

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			Type: pulumi.String("ROOT"),
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		current, err := aws.GetPartition(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleCertificate, err := acmpca.NewCertificate(ctx, "example", &acmpca.CertificateArgs{
			CertificateAuthorityArn:   exampleCertificateAuthority.Arn,
			CertificateSigningRequest: exampleCertificateAuthority.CertificateSigningRequest,
			SigningAlgorithm:          pulumi.String("SHA512WITHRSA"),
			TemplateArn:               pulumi.String(fmt.Sprintf("arn:%v:acm-pca:::template/RootCACertificate/V1", current.Partition)),
			Validity: &acmpca.CertificateValidityArgs{
				Type:  pulumi.String("YEARS"),
				Value: pulumi.String("1"),
			},
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthorityCertificate(ctx, "example", &acmpca.CertificateAuthorityCertificateArgs{
			CertificateAuthorityArn: exampleCertificateAuthority.Arn,
			Certificate:             exampleCertificate.Certificate,
			CertificateChain:        exampleCertificate.CertificateChain,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Certificate for Subordinate Certificate Authority

Note that the certificate for the subordinate certificate authority must be issued by the root certificate authority using a signing request from the subordinate certificate authority.

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		subordinateCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "subordinate", &acmpca.CertificateAuthorityArgs{
			Type: pulumi.String("SUBORDINATE"),
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_2048"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("sub.example.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		root, err := acmpca.NewCertificateAuthority(ctx, "root", nil)
		if err != nil {
			return err
		}
		current, err := aws.GetPartition(ctx, nil, nil)
		if err != nil {
			return err
		}
		subordinateCertificate, err := acmpca.NewCertificate(ctx, "subordinate", &acmpca.CertificateArgs{
			CertificateAuthorityArn:   root.Arn,
			CertificateSigningRequest: subordinateCertificateAuthority.CertificateSigningRequest,
			SigningAlgorithm:          pulumi.String("SHA512WITHRSA"),
			TemplateArn:               pulumi.String(fmt.Sprintf("arn:%v:acm-pca:::template/SubordinateCACertificate_PathLen0/V1", current.Partition)),
			Validity: &acmpca.CertificateValidityArgs{
				Type:  pulumi.String("YEARS"),
				Value: pulumi.String("1"),
			},
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthorityCertificate(ctx, "subordinate", &acmpca.CertificateAuthorityCertificateArgs{
			CertificateAuthorityArn: subordinateCertificateAuthority.Arn,
			Certificate:             subordinateCertificate.Certificate,
			CertificateChain:        subordinateCertificate.CertificateChain,
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthorityCertificate(ctx, "root", nil)
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificate(ctx, "root", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetCertificateAuthorityCertificate 

func GetCertificateAuthorityCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateAuthorityCertificateState, opts ...pulumi.ResourceOption) (*CertificateAuthorityCertificate, error)

GetCertificateAuthorityCertificate gets an existing CertificateAuthorityCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateAuthorityCertificate 

func NewCertificateAuthorityCertificate(ctx *pulumi.Context,
	name string, args *CertificateAuthorityCertificateArgs, opts ...pulumi.ResourceOption) (*CertificateAuthorityCertificate, error)

NewCertificateAuthorityCertificate registers a new resource with the given unique name, arguments, and options.

func (*CertificateAuthorityCertificate) ElementType 

func (*CertificateAuthorityCertificate) ElementType() reflect.Type

func (*CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutput 

func (i *CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput

func (*CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutputWithContext 

func (i *CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput

type CertificateAuthorityCertificateArgs 

type CertificateAuthorityCertificateArgs struct {
	// PEM-encoded certificate for the Certificate Authority.
	Certificate pulumi.StringInput
	// ARN of the Certificate Authority.
	CertificateAuthorityArn pulumi.StringInput
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.
	CertificateChain pulumi.StringPtrInput
}

The set of arguments for constructing a CertificateAuthorityCertificate resource.

func (CertificateAuthorityCertificateArgs) ElementType 

func (CertificateAuthorityCertificateArgs) ElementType() reflect.Type

type CertificateAuthorityCertificateArray 

type CertificateAuthorityCertificateArray []CertificateAuthorityCertificateInput

func (CertificateAuthorityCertificateArray) ElementType 

func (CertificateAuthorityCertificateArray) ElementType() reflect.Type

func (CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutput 

func (i CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput

func (CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutputWithContext 

func (i CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutputWithContext(ctx context.Context) CertificateAuthorityCertificateArrayOutput

type CertificateAuthorityCertificateArrayInput 

type CertificateAuthorityCertificateArrayInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput
	ToCertificateAuthorityCertificateArrayOutputWithContext(context.Context) CertificateAuthorityCertificateArrayOutput
}

CertificateAuthorityCertificateArrayInput is an input type that accepts CertificateAuthorityCertificateArray and CertificateAuthorityCertificateArrayOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateArrayInput` via: 

CertificateAuthorityCertificateArray{ CertificateAuthorityCertificateArgs{...} }

type CertificateAuthorityCertificateArrayOutput 

type CertificateAuthorityCertificateArrayOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateArrayOutput) ElementType 

func (CertificateAuthorityCertificateArrayOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateArrayOutput) Index 

func (o CertificateAuthorityCertificateArrayOutput) Index(i pulumi.IntInput) CertificateAuthorityCertificateOutput

func (CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutput 

func (o CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput

func (CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutputWithContext 

func (o CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutputWithContext(ctx context.Context) CertificateAuthorityCertificateArrayOutput

type CertificateAuthorityCertificateAuthorityConfiguration 

type CertificateAuthorityCertificateAuthorityConfiguration struct {
	// Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	KeyAlgorithm string `pulumi:"keyAlgorithm"`
	// Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	SigningAlgorithm string `pulumi:"signingAlgorithm"`
	// Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.
	Subject CertificateAuthorityCertificateAuthorityConfigurationSubject `pulumi:"subject"`
}

type CertificateAuthorityCertificateAuthorityConfigurationArgs 

type CertificateAuthorityCertificateAuthorityConfigurationArgs struct {
	// Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	KeyAlgorithm pulumi.StringInput `pulumi:"keyAlgorithm"`
	// Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	SigningAlgorithm pulumi.StringInput `pulumi:"signingAlgorithm"`
	// Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.
	Subject CertificateAuthorityCertificateAuthorityConfigurationSubjectInput `pulumi:"subject"`
}

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ElementType 

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutput 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutput() CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationInput 

type CertificateAuthorityCertificateAuthorityConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationOutput() CertificateAuthorityCertificateAuthorityConfigurationOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationOutput
}

CertificateAuthorityCertificateAuthorityConfigurationInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationArgs and CertificateAuthorityCertificateAuthorityConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationInput` via: 

CertificateAuthorityCertificateAuthorityConfigurationArgs{...}

type CertificateAuthorityCertificateAuthorityConfigurationOutput 

type CertificateAuthorityCertificateAuthorityConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ElementType 

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) KeyAlgorithm 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) KeyAlgorithm() pulumi.StringOutput

Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) SigningAlgorithm 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) SigningAlgorithm() pulumi.StringOutput

Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) Subject 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) Subject() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutput 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutput() CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationPtrInput 

type CertificateAuthorityCertificateAuthorityConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput
}

CertificateAuthorityCertificateAuthorityConfigurationPtrInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationArgs, CertificateAuthorityCertificateAuthorityConfigurationPtr and CertificateAuthorityCertificateAuthorityConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationPtrInput` via: 

        CertificateAuthorityCertificateAuthorityConfigurationArgs{...}

or:

        nil

func CertificateAuthorityCertificateAuthorityConfigurationPtr 

func CertificateAuthorityCertificateAuthorityConfigurationPtr(v *CertificateAuthorityCertificateAuthorityConfigurationArgs) CertificateAuthorityCertificateAuthorityConfigurationPtrInput

type CertificateAuthorityCertificateAuthorityConfigurationPtrOutput 

type CertificateAuthorityCertificateAuthorityConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Elem 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Elem() CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ElementType 

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) KeyAlgorithm 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) KeyAlgorithm() pulumi.StringPtrOutput

Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) SigningAlgorithm 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) SigningAlgorithm() pulumi.StringPtrOutput

Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Subject 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Subject() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationSubject 

type CertificateAuthorityCertificateAuthorityConfigurationSubject struct {
	// Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.
	CommonName *string `pulumi:"commonName"`
	// Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.
	Country *string `pulumi:"country"`
	// Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.
	DistinguishedNameQualifier *string `pulumi:"distinguishedNameQualifier"`
	// Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.
	GenerationQualifier *string `pulumi:"generationQualifier"`
	// First name. Must be less than or equal to 16 characters in length.
	GivenName *string `pulumi:"givenName"`
	// Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.
	Initials *string `pulumi:"initials"`
	// Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.
	Locality *string `pulumi:"locality"`
	// Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	Organization *string `pulumi:"organization"`
	// Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	OrganizationalUnit *string `pulumi:"organizationalUnit"`
	// Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.
	Pseudonym *string `pulumi:"pseudonym"`
	// State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.
	State *string `pulumi:"state"`
	// Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.
	Surname *string `pulumi:"surname"`
	// Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.
	Title *string `pulumi:"title"`
}

type CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs struct {
	// Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.
	CommonName pulumi.StringPtrInput `pulumi:"commonName"`
	// Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.
	Country pulumi.StringPtrInput `pulumi:"country"`
	// Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.
	DistinguishedNameQualifier pulumi.StringPtrInput `pulumi:"distinguishedNameQualifier"`
	// Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.
	GenerationQualifier pulumi.StringPtrInput `pulumi:"generationQualifier"`
	// First name. Must be less than or equal to 16 characters in length.
	GivenName pulumi.StringPtrInput `pulumi:"givenName"`
	// Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.
	Initials pulumi.StringPtrInput `pulumi:"initials"`
	// Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.
	Locality pulumi.StringPtrInput `pulumi:"locality"`
	// Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	Organization pulumi.StringPtrInput `pulumi:"organization"`
	// Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	OrganizationalUnit pulumi.StringPtrInput `pulumi:"organizationalUnit"`
	// Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.
	Pseudonym pulumi.StringPtrInput `pulumi:"pseudonym"`
	// State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.
	State pulumi.StringPtrInput `pulumi:"state"`
	// Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.
	Surname pulumi.StringPtrInput `pulumi:"surname"`
	// Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ElementType 

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationSubjectInput 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput
}

CertificateAuthorityCertificateAuthorityConfigurationSubjectInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs and CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationSubjectInput` via: 

CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{...}

type CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) CommonName 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) CommonName() pulumi.StringPtrOutput

Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Country 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Country() pulumi.StringPtrOutput

Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) DistinguishedNameQualifier 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) DistinguishedNameQualifier() pulumi.StringPtrOutput

Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ElementType 

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GenerationQualifier 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GenerationQualifier() pulumi.StringPtrOutput

Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GivenName 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GivenName() pulumi.StringPtrOutput

First name. Must be less than or equal to 16 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Initials 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Initials() pulumi.StringPtrOutput

Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Locality 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Locality() pulumi.StringPtrOutput

Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Organization 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Organization() pulumi.StringPtrOutput

Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) OrganizationalUnit 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) OrganizationalUnit() pulumi.StringPtrOutput

Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Pseudonym 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Pseudonym() pulumi.StringPtrOutput

Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) State 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) State() pulumi.StringPtrOutput

State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Surname 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Surname() pulumi.StringPtrOutput

Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Title 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Title() pulumi.StringPtrOutput

Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput
}

CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs, CertificateAuthorityCertificateAuthorityConfigurationSubjectPtr and CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput` via: 

        CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{...}

or:

        nil

func CertificateAuthorityCertificateAuthorityConfigurationSubjectPtr 

func CertificateAuthorityCertificateAuthorityConfigurationSubjectPtr(v *CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) CommonName 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) CommonName() pulumi.StringPtrOutput

Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Country 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Country() pulumi.StringPtrOutput

Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) DistinguishedNameQualifier 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) DistinguishedNameQualifier() pulumi.StringPtrOutput

Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Elem 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Elem() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ElementType 

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GenerationQualifier 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GenerationQualifier() pulumi.StringPtrOutput

Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GivenName 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GivenName() pulumi.StringPtrOutput

First name. Must be less than or equal to 16 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Initials 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Initials() pulumi.StringPtrOutput

Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Locality 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Locality() pulumi.StringPtrOutput

Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Organization 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Organization() pulumi.StringPtrOutput

Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) OrganizationalUnit 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) OrganizationalUnit() pulumi.StringPtrOutput

Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Pseudonym 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Pseudonym() pulumi.StringPtrOutput

Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) State 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) State() pulumi.StringPtrOutput

State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Surname 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Surname() pulumi.StringPtrOutput

Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Title 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Title() pulumi.StringPtrOutput

Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

type CertificateAuthorityCertificateInput 

type CertificateAuthorityCertificateInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput
	ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput
}

type CertificateAuthorityCertificateMap 

type CertificateAuthorityCertificateMap map[string]CertificateAuthorityCertificateInput

func (CertificateAuthorityCertificateMap) ElementType 

func (CertificateAuthorityCertificateMap) ElementType() reflect.Type

func (CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutput 

func (i CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput

func (CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutputWithContext 

func (i CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutputWithContext(ctx context.Context) CertificateAuthorityCertificateMapOutput

type CertificateAuthorityCertificateMapInput 

type CertificateAuthorityCertificateMapInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput
	ToCertificateAuthorityCertificateMapOutputWithContext(context.Context) CertificateAuthorityCertificateMapOutput
}

CertificateAuthorityCertificateMapInput is an input type that accepts CertificateAuthorityCertificateMap and CertificateAuthorityCertificateMapOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateMapInput` via: 

CertificateAuthorityCertificateMap{ "key": CertificateAuthorityCertificateArgs{...} }

type CertificateAuthorityCertificateMapOutput 

type CertificateAuthorityCertificateMapOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateMapOutput) ElementType 

func (CertificateAuthorityCertificateMapOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateMapOutput) MapIndex 

func (o CertificateAuthorityCertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateAuthorityCertificateOutput

func (CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutput 

func (o CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput

func (CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutputWithContext 

func (o CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutputWithContext(ctx context.Context) CertificateAuthorityCertificateMapOutput

type CertificateAuthorityCertificateOutput 

type CertificateAuthorityCertificateOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateOutput) Certificate 

func (o CertificateAuthorityCertificateOutput) Certificate() pulumi.StringOutput

PEM-encoded certificate for the Certificate Authority.

func (CertificateAuthorityCertificateOutput) CertificateAuthorityArn 

func (o CertificateAuthorityCertificateOutput) CertificateAuthorityArn() pulumi.StringOutput

ARN of the Certificate Authority.

func (CertificateAuthorityCertificateOutput) CertificateChain 

func (o CertificateAuthorityCertificateOutput) CertificateChain() pulumi.StringPtrOutput

PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.

func (CertificateAuthorityCertificateOutput) ElementType 

func (CertificateAuthorityCertificateOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutput 

func (o CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput

func (CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutputWithContext 

func (o CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput

type CertificateAuthorityCertificateState 

type CertificateAuthorityCertificateState struct {
	// PEM-encoded certificate for the Certificate Authority.
	Certificate pulumi.StringPtrInput
	// ARN of the Certificate Authority.
	CertificateAuthorityArn pulumi.StringPtrInput
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.
	CertificateChain pulumi.StringPtrInput
}

func (CertificateAuthorityCertificateState) ElementType 

func (CertificateAuthorityCertificateState) ElementType() reflect.Type

type CertificateAuthorityInput 

type CertificateAuthorityInput interface {
	pulumi.Input

	ToCertificateAuthorityOutput() CertificateAuthorityOutput
	ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput
}

type CertificateAuthorityMap 

type CertificateAuthorityMap map[string]CertificateAuthorityInput

func (CertificateAuthorityMap) ElementType 

func (CertificateAuthorityMap) ElementType() reflect.Type

func (CertificateAuthorityMap) ToCertificateAuthorityMapOutput 

func (i CertificateAuthorityMap) ToCertificateAuthorityMapOutput() CertificateAuthorityMapOutput

func (CertificateAuthorityMap) ToCertificateAuthorityMapOutputWithContext 

func (i CertificateAuthorityMap) ToCertificateAuthorityMapOutputWithContext(ctx context.Context) CertificateAuthorityMapOutput

type CertificateAuthorityMapInput 

type CertificateAuthorityMapInput interface {
	pulumi.Input

	ToCertificateAuthorityMapOutput() CertificateAuthorityMapOutput
	ToCertificateAuthorityMapOutputWithContext(context.Context) CertificateAuthorityMapOutput
}

CertificateAuthorityMapInput is an input type that accepts CertificateAuthorityMap and CertificateAuthorityMapOutput values. You can construct a concrete instance of `CertificateAuthorityMapInput` via: 

CertificateAuthorityMap{ "key": CertificateAuthorityArgs{...} }

type CertificateAuthorityMapOutput 

type CertificateAuthorityMapOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityMapOutput) ElementType 

func (CertificateAuthorityMapOutput) ElementType() reflect.Type

func (CertificateAuthorityMapOutput) MapIndex 

func (o CertificateAuthorityMapOutput) MapIndex(k pulumi.StringInput) CertificateAuthorityOutput

func (CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutput 

func (o CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutput() CertificateAuthorityMapOutput

func (CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutputWithContext 

func (o CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutputWithContext(ctx context.Context) CertificateAuthorityMapOutput

type CertificateAuthorityOutput 

type CertificateAuthorityOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityOutput) Arn 

func (o CertificateAuthorityOutput) Arn() pulumi.StringOutput

ARN of the certificate authority.

func (CertificateAuthorityOutput) Certificate 

func (o CertificateAuthorityOutput) Certificate() pulumi.StringOutput

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) CertificateAuthorityConfiguration 

func (o CertificateAuthorityOutput) CertificateAuthorityConfiguration() CertificateAuthorityCertificateAuthorityConfigurationOutput

Nested argument containing algorithms and certificate subject information. Defined below.

func (CertificateAuthorityOutput) CertificateChain 

func (o CertificateAuthorityOutput) CertificateChain() pulumi.StringOutput

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) CertificateSigningRequest 

func (o CertificateAuthorityOutput) CertificateSigningRequest() pulumi.StringOutput

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

func (CertificateAuthorityOutput) ElementType 

func (CertificateAuthorityOutput) ElementType() reflect.Type

func (CertificateAuthorityOutput) Enabled 

func (o CertificateAuthorityOutput) Enabled() pulumi.BoolPtrOutput

Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.

func (CertificateAuthorityOutput) KeyStorageSecurityStandard 

func (o CertificateAuthorityOutput) KeyStorageSecurityStandard() pulumi.StringOutput

Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).

func (CertificateAuthorityOutput) NotAfter 

func (o CertificateAuthorityOutput) NotAfter() pulumi.StringOutput

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) NotBefore 

func (o CertificateAuthorityOutput) NotBefore() pulumi.StringOutput

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) PermanentDeletionTimeInDays 

func (o CertificateAuthorityOutput) PermanentDeletionTimeInDays() pulumi.IntPtrOutput

Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.

func (CertificateAuthorityOutput) RevocationConfiguration 

func (o CertificateAuthorityOutput) RevocationConfiguration() CertificateAuthorityRevocationConfigurationPtrOutput

Nested argument containing revocation configuration. Defined below.

func (CertificateAuthorityOutput) Serial 

func (o CertificateAuthorityOutput) Serial() pulumi.StringOutput

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) Tags 

func (o CertificateAuthorityOutput) Tags() pulumi.StringMapOutput

Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (CertificateAuthorityOutput) TagsAll deprecated 

func (o CertificateAuthorityOutput) TagsAll() pulumi.StringMapOutput

Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

Deprecated: Please use `tags` instead.

func (CertificateAuthorityOutput) ToCertificateAuthorityOutput 

func (o CertificateAuthorityOutput) ToCertificateAuthorityOutput() CertificateAuthorityOutput

func (CertificateAuthorityOutput) ToCertificateAuthorityOutputWithContext 

func (o CertificateAuthorityOutput) ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput

func (CertificateAuthorityOutput) Type 

func (o CertificateAuthorityOutput) Type() pulumi.StringPtrOutput

Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.

func (CertificateAuthorityOutput) UsageMode 

func (o CertificateAuthorityOutput) UsageMode() pulumi.StringOutput

Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.

type CertificateAuthorityRevocationConfiguration 

type CertificateAuthorityRevocationConfiguration struct {
	// Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.
	CrlConfiguration *CertificateAuthorityRevocationConfigurationCrlConfiguration `pulumi:"crlConfiguration"`
	// Nested argument containing configuration of
	// the custom OCSP responder endpoint. Defined below.
	OcspConfiguration *CertificateAuthorityRevocationConfigurationOcspConfiguration `pulumi:"ocspConfiguration"`
}

type CertificateAuthorityRevocationConfigurationArgs 

type CertificateAuthorityRevocationConfigurationArgs struct {
	// Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.
	CrlConfiguration CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput `pulumi:"crlConfiguration"`
	// Nested argument containing configuration of
	// the custom OCSP responder endpoint. Defined below.
	OcspConfiguration CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput `pulumi:"ocspConfiguration"`
}

func (CertificateAuthorityRevocationConfigurationArgs) ElementType 

func (CertificateAuthorityRevocationConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutput 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutput() CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutputWithContext 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutput 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationCrlConfiguration 

type CertificateAuthorityRevocationConfigurationCrlConfiguration struct {
	// Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.
	CustomCname *string `pulumi:"customCname"`
	// Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.
	Enabled *bool `pulumi:"enabled"`
	// Number of days until a certificate expires. Must be between 1 and 5000.
	ExpirationInDays *int `pulumi:"expirationInDays"`
	// Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.
	S3BucketName *string `pulumi:"s3BucketName"`
	// Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.
	S3ObjectAcl *string `pulumi:"s3ObjectAcl"`
}

type CertificateAuthorityRevocationConfigurationCrlConfigurationArgs 

type CertificateAuthorityRevocationConfigurationCrlConfigurationArgs struct {
	// Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.
	CustomCname pulumi.StringPtrInput `pulumi:"customCname"`
	// Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.
	Enabled pulumi.BoolPtrInput `pulumi:"enabled"`
	// Number of days until a certificate expires. Must be between 1 and 5000.
	ExpirationInDays pulumi.IntPtrInput `pulumi:"expirationInDays"`
	// Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.
	S3BucketName pulumi.StringPtrInput `pulumi:"s3BucketName"`
	// Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.
	S3ObjectAcl pulumi.StringPtrInput `pulumi:"s3ObjectAcl"`
}

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType 

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationCrlConfigurationInput 

type CertificateAuthorityRevocationConfigurationCrlConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput
	ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationOutput
}

CertificateAuthorityRevocationConfigurationCrlConfigurationInput is an input type that accepts CertificateAuthorityRevocationConfigurationCrlConfigurationArgs and CertificateAuthorityRevocationConfigurationCrlConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationCrlConfigurationInput` via: 

CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...}

type CertificateAuthorityRevocationConfigurationCrlConfigurationOutput 

type CertificateAuthorityRevocationConfigurationCrlConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname() pulumi.StringPtrOutput

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType 

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled() pulumi.BoolPtrOutput

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays() pulumi.IntPtrOutput

Number of days until a certificate expires. Must be between 1 and 5000.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName() pulumi.StringPtrOutput

Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl() pulumi.StringPtrOutput

Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput 

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput
	ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput
}

CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput is an input type that accepts CertificateAuthorityRevocationConfigurationCrlConfigurationArgs, CertificateAuthorityRevocationConfigurationCrlConfigurationPtr and CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput` via: 

        CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...}

or:

        nil

func CertificateAuthorityRevocationConfigurationCrlConfigurationPtr 

func CertificateAuthorityRevocationConfigurationCrlConfigurationPtr(v *CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput 

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) CustomCname 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) CustomCname() pulumi.StringPtrOutput

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Elem 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Elem() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ElementType 

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Enabled 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Enabled() pulumi.BoolPtrOutput

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ExpirationInDays 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ExpirationInDays() pulumi.IntPtrOutput

Number of days until a certificate expires. Must be between 1 and 5000.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3BucketName 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3BucketName() pulumi.StringPtrOutput

Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3ObjectAcl 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3ObjectAcl() pulumi.StringPtrOutput

Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationInput 

type CertificateAuthorityRevocationConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationOutput() CertificateAuthorityRevocationConfigurationOutput
	ToCertificateAuthorityRevocationConfigurationOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationOutput
}

CertificateAuthorityRevocationConfigurationInput is an input type that accepts CertificateAuthorityRevocationConfigurationArgs and CertificateAuthorityRevocationConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationInput` via: 

CertificateAuthorityRevocationConfigurationArgs{...}

type CertificateAuthorityRevocationConfigurationOcspConfiguration 

type CertificateAuthorityRevocationConfigurationOcspConfiguration struct {
	// Boolean value that specifies whether a custom OCSP responder is enabled.
	Enabled bool `pulumi:"enabled"`
	// CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".
	OcspCustomCname *string `pulumi:"ocspCustomCname"`
}

type CertificateAuthorityRevocationConfigurationOcspConfigurationArgs 

type CertificateAuthorityRevocationConfigurationOcspConfigurationArgs struct {
	// Boolean value that specifies whether a custom OCSP responder is enabled.
	Enabled pulumi.BoolInput `pulumi:"enabled"`
	// CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".
	OcspCustomCname pulumi.StringPtrInput `pulumi:"ocspCustomCname"`
}

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType 

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationOcspConfigurationInput 

type CertificateAuthorityRevocationConfigurationOcspConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput
	ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationOutput
}

CertificateAuthorityRevocationConfigurationOcspConfigurationInput is an input type that accepts CertificateAuthorityRevocationConfigurationOcspConfigurationArgs and CertificateAuthorityRevocationConfigurationOcspConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationOcspConfigurationInput` via: 

CertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...}

type CertificateAuthorityRevocationConfigurationOcspConfigurationOutput 

type CertificateAuthorityRevocationConfigurationOcspConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType 

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled() pulumi.BoolOutput

Boolean value that specifies whether a custom OCSP responder is enabled.

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname() pulumi.StringPtrOutput

CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput 

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput
	ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput
}

CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput is an input type that accepts CertificateAuthorityRevocationConfigurationOcspConfigurationArgs, CertificateAuthorityRevocationConfigurationOcspConfigurationPtr and CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput` via: 

        CertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...}

or:

        nil

func CertificateAuthorityRevocationConfigurationOcspConfigurationPtr 

func CertificateAuthorityRevocationConfigurationOcspConfigurationPtr(v *CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput 

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Elem 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Elem() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ElementType 

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Enabled 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Enabled() pulumi.BoolPtrOutput

Boolean value that specifies whether a custom OCSP responder is enabled.

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) OcspCustomCname 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) OcspCustomCname() pulumi.StringPtrOutput

CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationOutput 

type CertificateAuthorityRevocationConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationOutput) CrlConfiguration 

func (o CertificateAuthorityRevocationConfigurationOutput) CrlConfiguration() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.

func (CertificateAuthorityRevocationConfigurationOutput) ElementType 

func (CertificateAuthorityRevocationConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOutput) OcspConfiguration 

func (o CertificateAuthorityRevocationConfigurationOutput) OcspConfiguration() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

Nested argument containing configuration of the custom OCSP responder endpoint. Defined below.

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutput 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutput() CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationPtrInput 

type CertificateAuthorityRevocationConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput
	ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationPtrOutput
}

CertificateAuthorityRevocationConfigurationPtrInput is an input type that accepts CertificateAuthorityRevocationConfigurationArgs, CertificateAuthorityRevocationConfigurationPtr and CertificateAuthorityRevocationConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationPtrInput` via: 

        CertificateAuthorityRevocationConfigurationArgs{...}

or:

        nil

func CertificateAuthorityRevocationConfigurationPtr 

func CertificateAuthorityRevocationConfigurationPtr(v *CertificateAuthorityRevocationConfigurationArgs) CertificateAuthorityRevocationConfigurationPtrInput

type CertificateAuthorityRevocationConfigurationPtrOutput 

type CertificateAuthorityRevocationConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationPtrOutput) CrlConfiguration 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) CrlConfiguration() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.

func (CertificateAuthorityRevocationConfigurationPtrOutput) Elem 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) Elem() CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationPtrOutput) ElementType 

func (CertificateAuthorityRevocationConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationPtrOutput) OcspConfiguration 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) OcspConfiguration() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

Nested argument containing configuration of the custom OCSP responder endpoint. Defined below.

func (CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationPtrOutput

type CertificateAuthorityState 

type CertificateAuthorityState struct {
	// ARN of the certificate authority.
	Arn pulumi.StringPtrInput
	// Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
	Certificate pulumi.StringPtrInput
	// Nested argument containing algorithms and certificate subject information. Defined below.
	CertificateAuthorityConfiguration CertificateAuthorityCertificateAuthorityConfigurationPtrInput
	// Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
	CertificateChain pulumi.StringPtrInput
	// The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
	CertificateSigningRequest pulumi.StringPtrInput
	// Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.
	Enabled pulumi.BoolPtrInput
	// Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).
	KeyStorageSecurityStandard pulumi.StringPtrInput
	// Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotAfter pulumi.StringPtrInput
	// Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotBefore pulumi.StringPtrInput
	// Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.
	PermanentDeletionTimeInDays pulumi.IntPtrInput
	// Nested argument containing revocation configuration. Defined below.
	RevocationConfiguration CertificateAuthorityRevocationConfigurationPtrInput
	// Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
	Serial pulumi.StringPtrInput
	// Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	//
	// Deprecated: Please use `tags` instead.
	TagsAll pulumi.StringMapInput
	// Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.
	Type pulumi.StringPtrInput
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.
	UsageMode pulumi.StringPtrInput
}

func (CertificateAuthorityState) ElementType 

func (CertificateAuthorityState) ElementType() reflect.Type

type CertificateInput 

type CertificateInput interface {
	pulumi.Input

	ToCertificateOutput() CertificateOutput
	ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
}

type CertificateMap 

type CertificateMap map[string]CertificateInput

func (CertificateMap) ElementType 

func (CertificateMap) ElementType() reflect.Type

func (CertificateMap) ToCertificateMapOutput 

func (i CertificateMap) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMap) ToCertificateMapOutputWithContext 

func (i CertificateMap) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateMapInput 

type CertificateMapInput interface {
	pulumi.Input

	ToCertificateMapOutput() CertificateMapOutput
	ToCertificateMapOutputWithContext(context.Context) CertificateMapOutput
}

CertificateMapInput is an input type that accepts CertificateMap and CertificateMapOutput values. You can construct a concrete instance of `CertificateMapInput` via: 

CertificateMap{ "key": CertificateArgs{...} }

type CertificateMapOutput 

type CertificateMapOutput struct{ *pulumi.OutputState }

func (CertificateMapOutput) ElementType 

func (CertificateMapOutput) ElementType() reflect.Type

func (CertificateMapOutput) MapIndex 

func (o CertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateOutput

func (CertificateMapOutput) ToCertificateMapOutput 

func (o CertificateMapOutput) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMapOutput) ToCertificateMapOutputWithContext 

func (o CertificateMapOutput) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateOutput 

type CertificateOutput struct{ *pulumi.OutputState }

func (CertificateOutput) ApiPassthrough 

func (o CertificateOutput) ApiPassthrough() pulumi.StringPtrOutput

Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates

func (CertificateOutput) Arn 

func (o CertificateOutput) Arn() pulumi.StringOutput

ARN of the certificate.

func (CertificateOutput) Certificate 

func (o CertificateOutput) Certificate() pulumi.StringOutput

PEM-encoded certificate value.

func (CertificateOutput) CertificateAuthorityArn 

func (o CertificateOutput) CertificateAuthorityArn() pulumi.StringOutput

ARN of the certificate authority.

func (CertificateOutput) CertificateChain 

func (o CertificateOutput) CertificateChain() pulumi.StringOutput

PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.

func (CertificateOutput) CertificateSigningRequest 

func (o CertificateOutput) CertificateSigningRequest() pulumi.StringOutput

Certificate Signing Request in PEM format.

func (CertificateOutput) ElementType 

func (CertificateOutput) ElementType() reflect.Type

func (CertificateOutput) SigningAlgorithm 

func (o CertificateOutput) SigningAlgorithm() pulumi.StringOutput

Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.

func (CertificateOutput) TemplateArn 

func (o CertificateOutput) TemplateArn() pulumi.StringPtrOutput

Template to use when issuing a certificate. See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.

func (CertificateOutput) ToCertificateOutput 

func (o CertificateOutput) ToCertificateOutput() CertificateOutput

func (CertificateOutput) ToCertificateOutputWithContext 

func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

func (CertificateOutput) Validity 

func (o CertificateOutput) Validity() CertificateValidityOutput

Configures end of the validity period for the certificate. See validity block below.

type CertificateState 

type CertificateState struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrInput
	// ARN of the certificate.
	Arn pulumi.StringPtrInput
	// PEM-encoded certificate value.
	Certificate pulumi.StringPtrInput
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringPtrInput
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain pulumi.StringPtrInput
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringPtrInput
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringPtrInput
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrInput
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityPtrInput
}

func (CertificateState) ElementType 

func (CertificateState) ElementType() reflect.Type

type CertificateValidity 

type CertificateValidity struct {
	// Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.
	Type string `pulumi:"type"`
	// If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the  date in RFC 3339 format.
	Value string `pulumi:"value"`
}

type CertificateValidityArgs 

type CertificateValidityArgs struct {
	// Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.
	Type pulumi.StringInput `pulumi:"type"`
	// If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the  date in RFC 3339 format.
	Value pulumi.StringInput `pulumi:"value"`
}

func (CertificateValidityArgs) ElementType 

func (CertificateValidityArgs) ElementType() reflect.Type

func (CertificateValidityArgs) ToCertificateValidityOutput 

func (i CertificateValidityArgs) ToCertificateValidityOutput() CertificateValidityOutput

func (CertificateValidityArgs) ToCertificateValidityOutputWithContext 

func (i CertificateValidityArgs) ToCertificateValidityOutputWithContext(ctx context.Context) CertificateValidityOutput

func (CertificateValidityArgs) ToCertificateValidityPtrOutput 

func (i CertificateValidityArgs) ToCertificateValidityPtrOutput() CertificateValidityPtrOutput

func (CertificateValidityArgs) ToCertificateValidityPtrOutputWithContext 

func (i CertificateValidityArgs) ToCertificateValidityPtrOutputWithContext(ctx context.Context) CertificateValidityPtrOutput

type CertificateValidityInput 

type CertificateValidityInput interface {
	pulumi.Input

	ToCertificateValidityOutput() CertificateValidityOutput
	ToCertificateValidityOutputWithContext(context.Context) CertificateValidityOutput
}

CertificateValidityInput is an input type that accepts CertificateValidityArgs and CertificateValidityOutput values. You can construct a concrete instance of `CertificateValidityInput` via: 

CertificateValidityArgs{...}

type CertificateValidityOutput 

type CertificateValidityOutput struct{ *pulumi.OutputState }

func (CertificateValidityOutput) ElementType 

func (CertificateValidityOutput) ElementType() reflect.Type

func (CertificateValidityOutput) ToCertificateValidityOutput 

func (o CertificateValidityOutput) ToCertificateValidityOutput() CertificateValidityOutput

func (CertificateValidityOutput) ToCertificateValidityOutputWithContext 

func (o CertificateValidityOutput) ToCertificateValidityOutputWithContext(ctx context.Context) CertificateValidityOutput

func (CertificateValidityOutput) ToCertificateValidityPtrOutput 

func (o CertificateValidityOutput) ToCertificateValidityPtrOutput() CertificateValidityPtrOutput

func (CertificateValidityOutput) ToCertificateValidityPtrOutputWithContext 

func (o CertificateValidityOutput) ToCertificateValidityPtrOutputWithContext(ctx context.Context) CertificateValidityPtrOutput

func (CertificateValidityOutput) Type 

func (o CertificateValidityOutput) Type() pulumi.StringOutput

Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.

func (CertificateValidityOutput) Value 

func (o CertificateValidityOutput) Value() pulumi.StringOutput

If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the date in RFC 3339 format.

type CertificateValidityPtrInput 

type CertificateValidityPtrInput interface {
	pulumi.Input

	ToCertificateValidityPtrOutput() CertificateValidityPtrOutput
	ToCertificateValidityPtrOutputWithContext(context.Context) CertificateValidityPtrOutput
}

CertificateValidityPtrInput is an input type that accepts CertificateValidityArgs, CertificateValidityPtr and CertificateValidityPtrOutput values. You can construct a concrete instance of `CertificateValidityPtrInput` via: 

        CertificateValidityArgs{...}

or:

        nil

func CertificateValidityPtr 

func CertificateValidityPtr(v *CertificateValidityArgs) CertificateValidityPtrInput

type CertificateValidityPtrOutput 

type CertificateValidityPtrOutput struct{ *pulumi.OutputState }

func (CertificateValidityPtrOutput) Elem 

func (o CertificateValidityPtrOutput) Elem() CertificateValidityOutput

func (CertificateValidityPtrOutput) ElementType 

func (CertificateValidityPtrOutput) ElementType() reflect.Type

func (CertificateValidityPtrOutput) ToCertificateValidityPtrOutput 

func (o CertificateValidityPtrOutput) ToCertificateValidityPtrOutput() CertificateValidityPtrOutput

func (CertificateValidityPtrOutput) ToCertificateValidityPtrOutputWithContext 

func (o CertificateValidityPtrOutput) ToCertificateValidityPtrOutputWithContext(ctx context.Context) CertificateValidityPtrOutput

func (CertificateValidityPtrOutput) Type 

func (o CertificateValidityPtrOutput) Type() pulumi.StringPtrOutput

Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.

func (CertificateValidityPtrOutput) Value 

func (o CertificateValidityPtrOutput) Value() pulumi.StringPtrOutput

If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the date in RFC 3339 format.

type GetCertificateAuthorityRevocationConfiguration 

type GetCertificateAuthorityRevocationConfiguration struct {
	// Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
	CrlConfigurations  []GetCertificateAuthorityRevocationConfigurationCrlConfiguration  `pulumi:"crlConfigurations"`
	OcspConfigurations []GetCertificateAuthorityRevocationConfigurationOcspConfiguration `pulumi:"ocspConfigurations"`
}

type GetCertificateAuthorityRevocationConfigurationArgs 

type GetCertificateAuthorityRevocationConfigurationArgs struct {
	// Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
	CrlConfigurations  GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput  `pulumi:"crlConfigurations"`
	OcspConfigurations GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput `pulumi:"ocspConfigurations"`
}

func (GetCertificateAuthorityRevocationConfigurationArgs) ElementType 

func (GetCertificateAuthorityRevocationConfigurationArgs) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutput 

func (i GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext 

func (i GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationArray 

type GetCertificateAuthorityRevocationConfigurationArray []GetCertificateAuthorityRevocationConfigurationInput

func (GetCertificateAuthorityRevocationConfigurationArray) ElementType 

func (GetCertificateAuthorityRevocationConfigurationArray) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutput 

func (i GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext 

func (i GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationArrayInput 

type GetCertificateAuthorityRevocationConfigurationArrayInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationArrayOutput
	ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationArrayOutput
}

GetCertificateAuthorityRevocationConfigurationArrayInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationArray and GetCertificateAuthorityRevocationConfigurationArrayOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationArrayInput` via: 

GetCertificateAuthorityRevocationConfigurationArray{ GetCertificateAuthorityRevocationConfigurationArgs{...} }

type GetCertificateAuthorityRevocationConfigurationArrayOutput 

type GetCertificateAuthorityRevocationConfigurationArrayOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ElementType 

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) Index 

func (o GetCertificateAuthorityRevocationConfigurationArrayOutput) Index(i pulumi.IntInput) GetCertificateAuthorityRevocationConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutput 

func (o GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext 

func (o GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfiguration 

type GetCertificateAuthorityRevocationConfigurationCrlConfiguration struct {
	CustomCname      string `pulumi:"customCname"`
	Enabled          bool   `pulumi:"enabled"`
	ExpirationInDays int    `pulumi:"expirationInDays"`
	S3BucketName     string `pulumi:"s3BucketName"`
	S3ObjectAcl      string `pulumi:"s3ObjectAcl"`
}

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs struct {
	CustomCname      pulumi.StringInput `pulumi:"customCname"`
	Enabled          pulumi.BoolInput   `pulumi:"enabled"`
	ExpirationInDays pulumi.IntInput    `pulumi:"expirationInDays"`
	S3BucketName     pulumi.StringInput `pulumi:"s3BucketName"`
	S3ObjectAcl      pulumi.StringInput `pulumi:"s3ObjectAcl"`
}

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray []GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ElementType 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput
	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput
}

GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray and GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput` via: 

GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray{ GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...} }

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ElementType 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) Index 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) Index(i pulumi.IntInput) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput
	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput
}

GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs and GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput` via: 

GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...}

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled() pulumi.BoolOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays() pulumi.IntOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationInput 

type GetCertificateAuthorityRevocationConfigurationInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOutput
	ToGetCertificateAuthorityRevocationConfigurationOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationOutput
}

GetCertificateAuthorityRevocationConfigurationInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationArgs and GetCertificateAuthorityRevocationConfigurationOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationInput` via: 

GetCertificateAuthorityRevocationConfigurationArgs{...}

type GetCertificateAuthorityRevocationConfigurationOcspConfiguration 

type GetCertificateAuthorityRevocationConfigurationOcspConfiguration struct {
	Enabled         bool   `pulumi:"enabled"`
	OcspCustomCname string `pulumi:"ocspCustomCname"`
}

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs struct {
	Enabled         pulumi.BoolInput   `pulumi:"enabled"`
	OcspCustomCname pulumi.StringInput `pulumi:"ocspCustomCname"`
}

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray []GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ElementType 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput
	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput
}

GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray and GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput` via: 

GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray{ GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...} }

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ElementType 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) Index 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) Index(i pulumi.IntInput) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput
	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput
}

GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs and GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput` via: 

GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...}

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled() pulumi.BoolOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationOutput 

type GetCertificateAuthorityRevocationConfigurationOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationOutput) CrlConfigurations 

func (o GetCertificateAuthorityRevocationConfigurationOutput) CrlConfigurations() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.

func (GetCertificateAuthorityRevocationConfigurationOutput) ElementType 

func (GetCertificateAuthorityRevocationConfigurationOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOutput) OcspConfigurations 

func (o GetCertificateAuthorityRevocationConfigurationOutput) OcspConfigurations() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutput 

func (o GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext 

func (o GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOutput

type LookupCertificateArgs 

type LookupCertificateArgs struct {
	// ARN of the certificate issued by the private certificate authority.
	Arn string `pulumi:"arn"`
	// ARN of the certificate authority.
	CertificateAuthorityArn string `pulumi:"certificateAuthorityArn"`
}

A collection of arguments for invoking getCertificate.

type LookupCertificateAuthorityArgs 

type LookupCertificateAuthorityArgs struct {
	// ARN of the certificate authority.
	Arn string `pulumi:"arn"`
	// Key-value map of user-defined tags that are attached to the certificate authority.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getCertificateAuthority.

type LookupCertificateAuthorityOutputArgs 

type LookupCertificateAuthorityOutputArgs struct {
	// ARN of the certificate authority.
	Arn pulumi.StringInput `pulumi:"arn"`
	// Key-value map of user-defined tags that are attached to the certificate authority.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getCertificateAuthority.

func (LookupCertificateAuthorityOutputArgs) ElementType 

func (LookupCertificateAuthorityOutputArgs) ElementType() reflect.Type

type LookupCertificateAuthorityResult 

type LookupCertificateAuthorityResult struct {
	Arn string `pulumi:"arn"`
	// Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
	Certificate string `pulumi:"certificate"`
	// Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
	CertificateChain string `pulumi:"certificateChain"`
	// The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
	CertificateSigningRequest string `pulumi:"certificateSigningRequest"`
	// The provider-assigned unique ID for this managed resource.
	Id                         string `pulumi:"id"`
	KeyStorageSecurityStandard string `pulumi:"keyStorageSecurityStandard"`
	// Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotAfter string `pulumi:"notAfter"`
	// Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotBefore string `pulumi:"notBefore"`
	// Nested attribute containing revocation configuration.
	RevocationConfigurations []GetCertificateAuthorityRevocationConfiguration `pulumi:"revocationConfigurations"`
	// Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
	Serial string `pulumi:"serial"`
	// Status of the certificate authority.
	Status string `pulumi:"status"`
	// Key-value map of user-defined tags that are attached to the certificate authority.
	Tags map[string]string `pulumi:"tags"`
	// Type of the certificate authority.
	Type string `pulumi:"type"`
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
	UsageMode string `pulumi:"usageMode"`
}

A collection of values returned by getCertificateAuthority.

func LookupCertificateAuthority 

func LookupCertificateAuthority(ctx *pulumi.Context, args *LookupCertificateAuthorityArgs, opts ...pulumi.InvokeOption) (*LookupCertificateAuthorityResult, error)

Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.LookupCertificateAuthority(ctx, &acmpca.LookupCertificateAuthorityArgs{
			Arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type LookupCertificateAuthorityResultOutput 

type LookupCertificateAuthorityResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getCertificateAuthority.

func LookupCertificateAuthorityOutput 

func LookupCertificateAuthorityOutput(ctx *pulumi.Context, args LookupCertificateAuthorityOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) Arn 

func (o LookupCertificateAuthorityResultOutput) Arn() pulumi.StringOutput

func (LookupCertificateAuthorityResultOutput) Certificate 

func (o LookupCertificateAuthorityResultOutput) Certificate() pulumi.StringOutput

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) CertificateChain 

func (o LookupCertificateAuthorityResultOutput) CertificateChain() pulumi.StringOutput

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) CertificateSigningRequest 

func (o LookupCertificateAuthorityResultOutput) CertificateSigningRequest() pulumi.StringOutput

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

func (LookupCertificateAuthorityResultOutput) ElementType 

func (LookupCertificateAuthorityResultOutput) ElementType() reflect.Type

func (LookupCertificateAuthorityResultOutput) Id 

func (o LookupCertificateAuthorityResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupCertificateAuthorityResultOutput) KeyStorageSecurityStandard 

func (o LookupCertificateAuthorityResultOutput) KeyStorageSecurityStandard() pulumi.StringOutput

func (LookupCertificateAuthorityResultOutput) NotAfter 

func (o LookupCertificateAuthorityResultOutput) NotAfter() pulumi.StringOutput

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) NotBefore 

func (o LookupCertificateAuthorityResultOutput) NotBefore() pulumi.StringOutput

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) RevocationConfigurations 

func (o LookupCertificateAuthorityResultOutput) RevocationConfigurations() GetCertificateAuthorityRevocationConfigurationArrayOutput

Nested attribute containing revocation configuration.

func (LookupCertificateAuthorityResultOutput) Serial 

func (o LookupCertificateAuthorityResultOutput) Serial() pulumi.StringOutput

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) Status 

func (o LookupCertificateAuthorityResultOutput) Status() pulumi.StringOutput

Status of the certificate authority.

func (LookupCertificateAuthorityResultOutput) Tags 

func (o LookupCertificateAuthorityResultOutput) Tags() pulumi.StringMapOutput

Key-value map of user-defined tags that are attached to the certificate authority.

func (LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutput 

func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutput() LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutputWithContext 

func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutputWithContext(ctx context.Context) LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) Type 

func (o LookupCertificateAuthorityResultOutput) Type() pulumi.StringOutput

Type of the certificate authority.

func (LookupCertificateAuthorityResultOutput) UsageMode 

func (o LookupCertificateAuthorityResultOutput) UsageMode() pulumi.StringOutput

Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.

type LookupCertificateOutputArgs 

type LookupCertificateOutputArgs struct {
	// ARN of the certificate issued by the private certificate authority.
	Arn pulumi.StringInput `pulumi:"arn"`
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringInput `pulumi:"certificateAuthorityArn"`
}

A collection of arguments for invoking getCertificate.

func (LookupCertificateOutputArgs) ElementType 

func (LookupCertificateOutputArgs) ElementType() reflect.Type

type LookupCertificateResult 

type LookupCertificateResult struct {
	Arn string `pulumi:"arn"`
	// PEM-encoded certificate value.
	Certificate             string `pulumi:"certificate"`
	CertificateAuthorityArn string `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain string `pulumi:"certificateChain"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
}

A collection of values returned by getCertificate.

func LookupCertificate 

func LookupCertificate(ctx *pulumi.Context, args *LookupCertificateArgs, opts ...pulumi.InvokeOption) (*LookupCertificateResult, error)

Get information on a Certificate issued by a AWS Certificate Manager Private Certificate Authority.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.LookupCertificate(ctx, &acmpca.LookupCertificateArgs{
			Arn:                     "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23",
			CertificateAuthorityArn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type LookupCertificateResultOutput 

type LookupCertificateResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getCertificate.

func LookupCertificateOutput 

func LookupCertificateOutput(ctx *pulumi.Context, args LookupCertificateOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateResultOutput

func (LookupCertificateResultOutput) Arn 

func (o LookupCertificateResultOutput) Arn() pulumi.StringOutput

func (LookupCertificateResultOutput) Certificate 

func (o LookupCertificateResultOutput) Certificate() pulumi.StringOutput

PEM-encoded certificate value.

func (LookupCertificateResultOutput) CertificateAuthorityArn 

func (o LookupCertificateResultOutput) CertificateAuthorityArn() pulumi.StringOutput

func (LookupCertificateResultOutput) CertificateChain 

func (o LookupCertificateResultOutput) CertificateChain() pulumi.StringOutput

PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.

func (LookupCertificateResultOutput) ElementType 

func (LookupCertificateResultOutput) ElementType() reflect.Type

func (LookupCertificateResultOutput) Id 

func (o LookupCertificateResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupCertificateResultOutput) ToLookupCertificateResultOutput 

func (o LookupCertificateResultOutput) ToLookupCertificateResultOutput() LookupCertificateResultOutput

func (LookupCertificateResultOutput) ToLookupCertificateResultOutputWithContext 

func (o LookupCertificateResultOutput) ToLookupCertificateResultOutputWithContext(ctx context.Context) LookupCertificateResultOutput

type Permission 

type Permission struct {
	pulumi.CustomResourceState

	// Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.
	Actions pulumi.StringArrayOutput `pulumi:"actions"`
	// ARN of the CA that grants the permissions.
	CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"`
	// IAM policy that is associated with the permission.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.
	Principal pulumi.StringOutput `pulumi:"principal"`
	// ID of the calling account
	SourceAccount pulumi.StringOutput `pulumi:"sourceAccount"`
}

Provides a resource to manage an AWS Certificate Manager Private Certificate Authorities Permission. Currently, this is only required in order to allow the ACM service to automatically renew certificates issued by a PCA.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewPermission(ctx, "example", &acmpca.PermissionArgs{
			CertificateAuthorityArn: exampleCertificateAuthority.Arn,
			Actions: pulumi.StringArray{
				pulumi.String("IssueCertificate"),
				pulumi.String("GetCertificate"),
				pulumi.String("ListPermissions"),
			},
			Principal: pulumi.String("acm.amazonaws.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetPermission 

func GetPermission(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PermissionState, opts ...pulumi.ResourceOption) (*Permission, error)

GetPermission gets an existing Permission resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPermission 

func NewPermission(ctx *pulumi.Context,
	name string, args *PermissionArgs, opts ...pulumi.ResourceOption) (*Permission, error)

NewPermission registers a new resource with the given unique name, arguments, and options.

func (*Permission) ElementType 

func (*Permission) ElementType() reflect.Type

func (*Permission) ToPermissionOutput 

func (i *Permission) ToPermissionOutput() PermissionOutput

func (*Permission) ToPermissionOutputWithContext 

func (i *Permission) ToPermissionOutputWithContext(ctx context.Context) PermissionOutput

type PermissionArgs 

type PermissionArgs struct {
	// Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.
	Actions pulumi.StringArrayInput
	// ARN of the CA that grants the permissions.
	CertificateAuthorityArn pulumi.StringInput
	// AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.
	Principal pulumi.StringInput
	// ID of the calling account
	SourceAccount pulumi.StringPtrInput
}

The set of arguments for constructing a Permission resource.

func (PermissionArgs) ElementType 

func (PermissionArgs) ElementType() reflect.Type

type PermissionArray 

type PermissionArray []PermissionInput

func (PermissionArray) ElementType 

func (PermissionArray) ElementType() reflect.Type

func (PermissionArray) ToPermissionArrayOutput 

func (i PermissionArray) ToPermissionArrayOutput() PermissionArrayOutput

func (PermissionArray) ToPermissionArrayOutputWithContext 

func (i PermissionArray) ToPermissionArrayOutputWithContext(ctx context.Context) PermissionArrayOutput

type PermissionArrayInput 

type PermissionArrayInput interface {
	pulumi.Input

	ToPermissionArrayOutput() PermissionArrayOutput
	ToPermissionArrayOutputWithContext(context.Context) PermissionArrayOutput
}

PermissionArrayInput is an input type that accepts PermissionArray and PermissionArrayOutput values. You can construct a concrete instance of `PermissionArrayInput` via: 

PermissionArray{ PermissionArgs{...} }

type PermissionArrayOutput 

type PermissionArrayOutput struct{ *pulumi.OutputState }

func (PermissionArrayOutput) ElementType 

func (PermissionArrayOutput) ElementType() reflect.Type

func (PermissionArrayOutput) Index 

func (o PermissionArrayOutput) Index(i pulumi.IntInput) PermissionOutput

func (PermissionArrayOutput) ToPermissionArrayOutput 

func (o PermissionArrayOutput) ToPermissionArrayOutput() PermissionArrayOutput

func (PermissionArrayOutput) ToPermissionArrayOutputWithContext 

func (o PermissionArrayOutput) ToPermissionArrayOutputWithContext(ctx context.Context) PermissionArrayOutput

type PermissionInput 

type PermissionInput interface {
	pulumi.Input

	ToPermissionOutput() PermissionOutput
	ToPermissionOutputWithContext(ctx context.Context) PermissionOutput
}

type PermissionMap 

type PermissionMap map[string]PermissionInput

func (PermissionMap) ElementType 

func (PermissionMap) ElementType() reflect.Type

func (PermissionMap) ToPermissionMapOutput 

func (i PermissionMap) ToPermissionMapOutput() PermissionMapOutput

func (PermissionMap) ToPermissionMapOutputWithContext 

func (i PermissionMap) ToPermissionMapOutputWithContext(ctx context.Context) PermissionMapOutput

type PermissionMapInput 

type PermissionMapInput interface {
	pulumi.Input

	ToPermissionMapOutput() PermissionMapOutput
	ToPermissionMapOutputWithContext(context.Context) PermissionMapOutput
}

PermissionMapInput is an input type that accepts PermissionMap and PermissionMapOutput values. You can construct a concrete instance of `PermissionMapInput` via: 

PermissionMap{ "key": PermissionArgs{...} }

type PermissionMapOutput 

type PermissionMapOutput struct{ *pulumi.OutputState }

func (PermissionMapOutput) ElementType 

func (PermissionMapOutput) ElementType() reflect.Type

func (PermissionMapOutput) MapIndex 

func (o PermissionMapOutput) MapIndex(k pulumi.StringInput) PermissionOutput

func (PermissionMapOutput) ToPermissionMapOutput 

func (o PermissionMapOutput) ToPermissionMapOutput() PermissionMapOutput

func (PermissionMapOutput) ToPermissionMapOutputWithContext 

func (o PermissionMapOutput) ToPermissionMapOutputWithContext(ctx context.Context) PermissionMapOutput

type PermissionOutput 

type PermissionOutput struct{ *pulumi.OutputState }

func (PermissionOutput) Actions 

func (o PermissionOutput) Actions() pulumi.StringArrayOutput

Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.

func (PermissionOutput) CertificateAuthorityArn 

func (o PermissionOutput) CertificateAuthorityArn() pulumi.StringOutput

ARN of the CA that grants the permissions.

func (PermissionOutput) ElementType 

func (PermissionOutput) ElementType() reflect.Type

func (PermissionOutput) Policy 

func (o PermissionOutput) Policy() pulumi.StringOutput

IAM policy that is associated with the permission.

func (PermissionOutput) Principal 

func (o PermissionOutput) Principal() pulumi.StringOutput

AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.

func (PermissionOutput) SourceAccount 

func (o PermissionOutput) SourceAccount() pulumi.StringOutput

ID of the calling account

func (PermissionOutput) ToPermissionOutput 

func (o PermissionOutput) ToPermissionOutput() PermissionOutput

func (PermissionOutput) ToPermissionOutputWithContext 

func (o PermissionOutput) ToPermissionOutputWithContext(ctx context.Context) PermissionOutput

type PermissionState 

type PermissionState struct {
	// Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.
	Actions pulumi.StringArrayInput
	// ARN of the CA that grants the permissions.
	CertificateAuthorityArn pulumi.StringPtrInput
	// IAM policy that is associated with the permission.
	Policy pulumi.StringPtrInput
	// AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.
	Principal pulumi.StringPtrInput
	// ID of the calling account
	SourceAccount pulumi.StringPtrInput
}

func (PermissionState) ElementType 

func (PermissionState) ElementType() reflect.Type

type Policy 

type Policy struct {
	pulumi.CustomResourceState

	// JSON-formatted IAM policy to attach to the specified private CA resource.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// ARN of the private CA to associate with the policy.
	ResourceArn pulumi.StringOutput `pulumi:"resourceArn"`
}

Attaches a resource based policy to a private CA.

## Example Usage

### Basic

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("1"), Effect: pulumi.StringRef("Allow"), Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "AWS", Identifiers: interface{}{ current.AccountId, }, }, }, Actions: []string{ "acm-pca:DescribeCertificateAuthority", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:ListPermissions", "acm-pca:ListTags", }, Resources: interface{}{ exampleAwsAcmpcaCertificateAuthority.Arn, }, }, { Sid: pulumi.StringRef("2"), Effect: pulumi.StringRef(allow), Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "AWS", Identifiers: interface{}{ current.AccountId, }, }, }, Actions: []string{ "acm-pca:IssueCertificate", }, Resources: interface{}{ exampleAwsAcmpcaCertificateAuthority.Arn, }, Conditions: []iam.GetPolicyDocumentStatementCondition{ { Test: "StringEquals", Variable: "acm-pca:TemplateArn", Values: []string{ "arn:aws:acm-pca:::template/EndEntityCertificate/V1", }, }, }, }, }, }, nil); if err != nil { return err } _, err = acmpca.NewPolicy(ctx, "example", &acmpca.PolicyArgs{ ResourceArn: pulumi.Any(exampleAwsAcmpcaCertificateAuthority.Arn), Policy: pulumi.String(example.Json), }) if err != nil { return err } return nil }) } ``` <!--End PulumiCodeChooser -->

## Import

Using `pulumi import`, import `aws_acmpca_policy` using the `resource_arn` value. For example:

```sh $ pulumi import aws:acmpca/policy:Policy example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 ```

func GetPolicy 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType 

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput 

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext 

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs 

type PolicyArgs struct {
	// JSON-formatted IAM policy to attach to the specified private CA resource.
	Policy pulumi.StringInput
	// ARN of the private CA to associate with the policy.
	ResourceArn pulumi.StringInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType 

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray 

type PolicyArray []PolicyInput

func (PolicyArray) ElementType 

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput 

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext 

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput 

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via: 

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput 

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType 

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index 

func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput

func (PolicyArrayOutput) ToPolicyArrayOutput 

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext 

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyInput 

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap 

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType 

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput 

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext 

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput 

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via: 

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput 

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType 

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex 

func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput

func (PolicyMapOutput) ToPolicyMapOutput 

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext 

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput 

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) ElementType 

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) Policy 

func (o PolicyOutput) Policy() pulumi.StringOutput

JSON-formatted IAM policy to attach to the specified private CA resource.

func (PolicyOutput) ResourceArn 

func (o PolicyOutput) ResourceArn() pulumi.StringOutput

ARN of the private CA to associate with the policy.

func (PolicyOutput) ToPolicyOutput 

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext 

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyState 

type PolicyState struct {
	// JSON-formatted IAM policy to attach to the specified private CA resource.
	Policy pulumi.StringPtrInput
	// ARN of the private CA to associate with the policy.
	ResourceArn pulumi.StringPtrInput
}

func (PolicyState) ElementType 

func (PolicyState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.