tls

package
v5.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2024 License: Apache-2.0 Imports: 7 Imported by: 6

Documentation

Overview

A Pulumi package to create TLS resources in Pulumi programs.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertRequest 

type CertRequest struct {
	pulumi.CustomResourceState

	// The certificate request data in PEM (RFC 1421).
	CertRequestPem pulumi.StringOutput `pulumi:"certRequestPem"`
	// List of DNS names for which a certificate is being requested (i.e. certificate subjects).
	DnsNames pulumi.StringArrayOutput `pulumi:"dnsNames"`
	// List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
	IpAddresses pulumi.StringArrayOutput `pulumi:"ipAddresses"`
	// Name of the algorithm used when generating the private key provided in `privateKeyPem`.
	KeyAlgorithm pulumi.StringOutput `pulumi:"keyAlgorithm"`
	// Private key in PEM (RFC 1421) interpolation function.
	PrivateKeyPem pulumi.StringOutput `pulumi:"privateKeyPem"`
	// The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
	Subject CertRequestSubjectPtrOutput `pulumi:"subject"`
	// List of URIs for which a certificate is being requested (i.e. certificate subjects).
	Uris pulumi.StringArrayOutput `pulumi:"uris"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"os"

"github.com/pulumi/pulumi-tls/sdk/v5/go/tls"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := tls.NewCertRequest(ctx, "example", &tls.CertRequestArgs{
			PrivateKeyPem: readFileOrPanic("private_key.pem"),
			Subject: &tls.CertRequestSubjectArgs{
				CommonName:   pulumi.String("example.com"),
				Organization: pulumi.String("ACME Examples, Inc"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetCertRequest 

func GetCertRequest(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertRequestState, opts ...pulumi.ResourceOption) (*CertRequest, error)

GetCertRequest gets an existing CertRequest resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertRequest 

func NewCertRequest(ctx *pulumi.Context,
	name string, args *CertRequestArgs, opts ...pulumi.ResourceOption) (*CertRequest, error)

NewCertRequest registers a new resource with the given unique name, arguments, and options.

func (*CertRequest) ElementType 

func (*CertRequest) ElementType() reflect.Type

func (*CertRequest) ToCertRequestOutput 

func (i *CertRequest) ToCertRequestOutput() CertRequestOutput

func (*CertRequest) ToCertRequestOutputWithContext 

func (i *CertRequest) ToCertRequestOutputWithContext(ctx context.Context) CertRequestOutput

type CertRequestArgs 

type CertRequestArgs struct {
	// List of DNS names for which a certificate is being requested (i.e. certificate subjects).
	DnsNames pulumi.StringArrayInput
	// List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
	IpAddresses pulumi.StringArrayInput
	// Private key in PEM (RFC 1421) interpolation function.
	PrivateKeyPem pulumi.StringInput
	// The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
	Subject CertRequestSubjectPtrInput
	// List of URIs for which a certificate is being requested (i.e. certificate subjects).
	Uris pulumi.StringArrayInput
}

The set of arguments for constructing a CertRequest resource.

func (CertRequestArgs) ElementType 

func (CertRequestArgs) ElementType() reflect.Type

type CertRequestArray 

type CertRequestArray []CertRequestInput

func (CertRequestArray) ElementType 

func (CertRequestArray) ElementType() reflect.Type

func (CertRequestArray) ToCertRequestArrayOutput 

func (i CertRequestArray) ToCertRequestArrayOutput() CertRequestArrayOutput

func (CertRequestArray) ToCertRequestArrayOutputWithContext 

func (i CertRequestArray) ToCertRequestArrayOutputWithContext(ctx context.Context) CertRequestArrayOutput

type CertRequestArrayInput 

type CertRequestArrayInput interface {
	pulumi.Input

	ToCertRequestArrayOutput() CertRequestArrayOutput
	ToCertRequestArrayOutputWithContext(context.Context) CertRequestArrayOutput
}

CertRequestArrayInput is an input type that accepts CertRequestArray and CertRequestArrayOutput values. You can construct a concrete instance of `CertRequestArrayInput` via: 

CertRequestArray{ CertRequestArgs{...} }

type CertRequestArrayOutput 

type CertRequestArrayOutput struct{ *pulumi.OutputState }

func (CertRequestArrayOutput) ElementType 

func (CertRequestArrayOutput) ElementType() reflect.Type

func (CertRequestArrayOutput) Index 

func (o CertRequestArrayOutput) Index(i pulumi.IntInput) CertRequestOutput

func (CertRequestArrayOutput) ToCertRequestArrayOutput 

func (o CertRequestArrayOutput) ToCertRequestArrayOutput() CertRequestArrayOutput

func (CertRequestArrayOutput) ToCertRequestArrayOutputWithContext 

func (o CertRequestArrayOutput) ToCertRequestArrayOutputWithContext(ctx context.Context) CertRequestArrayOutput

type CertRequestInput 

type CertRequestInput interface {
	pulumi.Input

	ToCertRequestOutput() CertRequestOutput
	ToCertRequestOutputWithContext(ctx context.Context) CertRequestOutput
}

type CertRequestMap 

type CertRequestMap map[string]CertRequestInput

func (CertRequestMap) ElementType 

func (CertRequestMap) ElementType() reflect.Type

func (CertRequestMap) ToCertRequestMapOutput 

func (i CertRequestMap) ToCertRequestMapOutput() CertRequestMapOutput

func (CertRequestMap) ToCertRequestMapOutputWithContext 

func (i CertRequestMap) ToCertRequestMapOutputWithContext(ctx context.Context) CertRequestMapOutput

type CertRequestMapInput 

type CertRequestMapInput interface {
	pulumi.Input

	ToCertRequestMapOutput() CertRequestMapOutput
	ToCertRequestMapOutputWithContext(context.Context) CertRequestMapOutput
}

CertRequestMapInput is an input type that accepts CertRequestMap and CertRequestMapOutput values. You can construct a concrete instance of `CertRequestMapInput` via: 

CertRequestMap{ "key": CertRequestArgs{...} }

type CertRequestMapOutput 

type CertRequestMapOutput struct{ *pulumi.OutputState }

func (CertRequestMapOutput) ElementType 

func (CertRequestMapOutput) ElementType() reflect.Type

func (CertRequestMapOutput) MapIndex 

func (o CertRequestMapOutput) MapIndex(k pulumi.StringInput) CertRequestOutput

func (CertRequestMapOutput) ToCertRequestMapOutput 

func (o CertRequestMapOutput) ToCertRequestMapOutput() CertRequestMapOutput

func (CertRequestMapOutput) ToCertRequestMapOutputWithContext 

func (o CertRequestMapOutput) ToCertRequestMapOutputWithContext(ctx context.Context) CertRequestMapOutput

type CertRequestOutput 

type CertRequestOutput struct{ *pulumi.OutputState }

func (CertRequestOutput) CertRequestPem 

func (o CertRequestOutput) CertRequestPem() pulumi.StringOutput

The certificate request data in PEM (RFC 1421).

func (CertRequestOutput) DnsNames 

func (o CertRequestOutput) DnsNames() pulumi.StringArrayOutput

List of DNS names for which a certificate is being requested (i.e. certificate subjects).

func (CertRequestOutput) ElementType 

func (CertRequestOutput) ElementType() reflect.Type

func (CertRequestOutput) IpAddresses 

func (o CertRequestOutput) IpAddresses() pulumi.StringArrayOutput

List of IP addresses for which a certificate is being requested (i.e. certificate subjects).

func (CertRequestOutput) KeyAlgorithm 

func (o CertRequestOutput) KeyAlgorithm() pulumi.StringOutput

Name of the algorithm used when generating the private key provided in `privateKeyPem`.

func (CertRequestOutput) PrivateKeyPem 

func (o CertRequestOutput) PrivateKeyPem() pulumi.StringOutput

Private key in PEM (RFC 1421) interpolation function.

func (CertRequestOutput) Subject 

func (o CertRequestOutput) Subject() CertRequestSubjectPtrOutput

The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.

func (CertRequestOutput) ToCertRequestOutput 

func (o CertRequestOutput) ToCertRequestOutput() CertRequestOutput

func (CertRequestOutput) ToCertRequestOutputWithContext 

func (o CertRequestOutput) ToCertRequestOutputWithContext(ctx context.Context) CertRequestOutput

func (CertRequestOutput) Uris 

func (o CertRequestOutput) Uris() pulumi.StringArrayOutput

List of URIs for which a certificate is being requested (i.e. certificate subjects).

type CertRequestState 

type CertRequestState struct {
	// The certificate request data in PEM (RFC 1421).
	CertRequestPem pulumi.StringPtrInput
	// List of DNS names for which a certificate is being requested (i.e. certificate subjects).
	DnsNames pulumi.StringArrayInput
	// List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
	IpAddresses pulumi.StringArrayInput
	// Name of the algorithm used when generating the private key provided in `privateKeyPem`.
	KeyAlgorithm pulumi.StringPtrInput
	// Private key in PEM (RFC 1421) interpolation function.
	PrivateKeyPem pulumi.StringPtrInput
	// The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
	Subject CertRequestSubjectPtrInput
	// List of URIs for which a certificate is being requested (i.e. certificate subjects).
	Uris pulumi.StringArrayInput
}

func (CertRequestState) ElementType 

func (CertRequestState) ElementType() reflect.Type

type CertRequestSubject 

type CertRequestSubject struct {
	// Distinguished name: `CN`
	CommonName *string `pulumi:"commonName"`
	// Distinguished name: `C`
	Country *string `pulumi:"country"`
	// Distinguished name: `L`
	Locality *string `pulumi:"locality"`
	// Distinguished name: `O`
	Organization *string `pulumi:"organization"`
	// Distinguished name: `OU`
	OrganizationalUnit *string `pulumi:"organizationalUnit"`
	// Distinguished name: `PC`
	PostalCode *string `pulumi:"postalCode"`
	// Distinguished name: `ST`
	Province *string `pulumi:"province"`
	// Distinguished name: `SERIALNUMBER`
	SerialNumber *string `pulumi:"serialNumber"`
	// Distinguished name: `STREET`
	StreetAddresses []string `pulumi:"streetAddresses"`
}

type CertRequestSubjectArgs 

type CertRequestSubjectArgs struct {
	// Distinguished name: `CN`
	CommonName pulumi.StringPtrInput `pulumi:"commonName"`
	// Distinguished name: `C`
	Country pulumi.StringPtrInput `pulumi:"country"`
	// Distinguished name: `L`
	Locality pulumi.StringPtrInput `pulumi:"locality"`
	// Distinguished name: `O`
	Organization pulumi.StringPtrInput `pulumi:"organization"`
	// Distinguished name: `OU`
	OrganizationalUnit pulumi.StringPtrInput `pulumi:"organizationalUnit"`
	// Distinguished name: `PC`
	PostalCode pulumi.StringPtrInput `pulumi:"postalCode"`
	// Distinguished name: `ST`
	Province pulumi.StringPtrInput `pulumi:"province"`
	// Distinguished name: `SERIALNUMBER`
	SerialNumber pulumi.StringPtrInput `pulumi:"serialNumber"`
	// Distinguished name: `STREET`
	StreetAddresses pulumi.StringArrayInput `pulumi:"streetAddresses"`
}

func (CertRequestSubjectArgs) ElementType 

func (CertRequestSubjectArgs) ElementType() reflect.Type

func (CertRequestSubjectArgs) ToCertRequestSubjectOutput 

func (i CertRequestSubjectArgs) ToCertRequestSubjectOutput() CertRequestSubjectOutput

func (CertRequestSubjectArgs) ToCertRequestSubjectOutputWithContext 

func (i CertRequestSubjectArgs) ToCertRequestSubjectOutputWithContext(ctx context.Context) CertRequestSubjectOutput

func (CertRequestSubjectArgs) ToCertRequestSubjectPtrOutput 

func (i CertRequestSubjectArgs) ToCertRequestSubjectPtrOutput() CertRequestSubjectPtrOutput

func (CertRequestSubjectArgs) ToCertRequestSubjectPtrOutputWithContext 

func (i CertRequestSubjectArgs) ToCertRequestSubjectPtrOutputWithContext(ctx context.Context) CertRequestSubjectPtrOutput

type CertRequestSubjectInput 

type CertRequestSubjectInput interface {
	pulumi.Input

	ToCertRequestSubjectOutput() CertRequestSubjectOutput
	ToCertRequestSubjectOutputWithContext(context.Context) CertRequestSubjectOutput
}

CertRequestSubjectInput is an input type that accepts CertRequestSubjectArgs and CertRequestSubjectOutput values. You can construct a concrete instance of `CertRequestSubjectInput` via: 

CertRequestSubjectArgs{...}

type CertRequestSubjectOutput 

type CertRequestSubjectOutput struct{ *pulumi.OutputState }

func (CertRequestSubjectOutput) CommonName 

func (o CertRequestSubjectOutput) CommonName() pulumi.StringPtrOutput

Distinguished name: `CN`

func (CertRequestSubjectOutput) Country 

func (o CertRequestSubjectOutput) Country() pulumi.StringPtrOutput

Distinguished name: `C`

func (CertRequestSubjectOutput) ElementType 

func (CertRequestSubjectOutput) ElementType() reflect.Type

func (CertRequestSubjectOutput) Locality 

func (o CertRequestSubjectOutput) Locality() pulumi.StringPtrOutput

Distinguished name: `L`

func (CertRequestSubjectOutput) Organization 

func (o CertRequestSubjectOutput) Organization() pulumi.StringPtrOutput

Distinguished name: `O`

func (CertRequestSubjectOutput) OrganizationalUnit 

func (o CertRequestSubjectOutput) OrganizationalUnit() pulumi.StringPtrOutput

Distinguished name: `OU`

func (CertRequestSubjectOutput) PostalCode 

func (o CertRequestSubjectOutput) PostalCode() pulumi.StringPtrOutput

Distinguished name: `PC`

func (CertRequestSubjectOutput) Province 

func (o CertRequestSubjectOutput) Province() pulumi.StringPtrOutput

Distinguished name: `ST`

func (CertRequestSubjectOutput) SerialNumber 

func (o CertRequestSubjectOutput) SerialNumber() pulumi.StringPtrOutput

Distinguished name: `SERIALNUMBER`

func (CertRequestSubjectOutput) StreetAddresses 

func (o CertRequestSubjectOutput) StreetAddresses() pulumi.StringArrayOutput

Distinguished name: `STREET`

func (CertRequestSubjectOutput) ToCertRequestSubjectOutput 

func (o CertRequestSubjectOutput) ToCertRequestSubjectOutput() CertRequestSubjectOutput

func (CertRequestSubjectOutput) ToCertRequestSubjectOutputWithContext 

func (o CertRequestSubjectOutput) ToCertRequestSubjectOutputWithContext(ctx context.Context) CertRequestSubjectOutput

func (CertRequestSubjectOutput) ToCertRequestSubjectPtrOutput 

func (o CertRequestSubjectOutput) ToCertRequestSubjectPtrOutput() CertRequestSubjectPtrOutput

func (CertRequestSubjectOutput) ToCertRequestSubjectPtrOutputWithContext 

func (o CertRequestSubjectOutput) ToCertRequestSubjectPtrOutputWithContext(ctx context.Context) CertRequestSubjectPtrOutput

type CertRequestSubjectPtrInput 

type CertRequestSubjectPtrInput interface {
	pulumi.Input

	ToCertRequestSubjectPtrOutput() CertRequestSubjectPtrOutput
	ToCertRequestSubjectPtrOutputWithContext(context.Context) CertRequestSubjectPtrOutput
}

CertRequestSubjectPtrInput is an input type that accepts CertRequestSubjectArgs, CertRequestSubjectPtr and CertRequestSubjectPtrOutput values. You can construct a concrete instance of `CertRequestSubjectPtrInput` via: 

        CertRequestSubjectArgs{...}

or:

        nil

func CertRequestSubjectPtr 

func CertRequestSubjectPtr(v *CertRequestSubjectArgs) CertRequestSubjectPtrInput

type CertRequestSubjectPtrOutput 

type CertRequestSubjectPtrOutput struct{ *pulumi.OutputState }

func (CertRequestSubjectPtrOutput) CommonName 

func (o CertRequestSubjectPtrOutput) CommonName() pulumi.StringPtrOutput

Distinguished name: `CN`

func (CertRequestSubjectPtrOutput) Country 

func (o CertRequestSubjectPtrOutput) Country() pulumi.StringPtrOutput

Distinguished name: `C`

func (CertRequestSubjectPtrOutput) Elem 

func (o CertRequestSubjectPtrOutput) Elem() CertRequestSubjectOutput

func (CertRequestSubjectPtrOutput) ElementType 

func (CertRequestSubjectPtrOutput) ElementType() reflect.Type

func (CertRequestSubjectPtrOutput) Locality 

func (o CertRequestSubjectPtrOutput) Locality() pulumi.StringPtrOutput

Distinguished name: `L`

func (CertRequestSubjectPtrOutput) Organization 

func (o CertRequestSubjectPtrOutput) Organization() pulumi.StringPtrOutput

Distinguished name: `O`

func (CertRequestSubjectPtrOutput) OrganizationalUnit 

func (o CertRequestSubjectPtrOutput) OrganizationalUnit() pulumi.StringPtrOutput

Distinguished name: `OU`

func (CertRequestSubjectPtrOutput) PostalCode 

func (o CertRequestSubjectPtrOutput) PostalCode() pulumi.StringPtrOutput

Distinguished name: `PC`

func (CertRequestSubjectPtrOutput) Province 

func (o CertRequestSubjectPtrOutput) Province() pulumi.StringPtrOutput

Distinguished name: `ST`

func (CertRequestSubjectPtrOutput) SerialNumber 

func (o CertRequestSubjectPtrOutput) SerialNumber() pulumi.StringPtrOutput

Distinguished name: `SERIALNUMBER`

func (CertRequestSubjectPtrOutput) StreetAddresses 

func (o CertRequestSubjectPtrOutput) StreetAddresses() pulumi.StringArrayOutput

Distinguished name: `STREET`

func (CertRequestSubjectPtrOutput) ToCertRequestSubjectPtrOutput 

func (o CertRequestSubjectPtrOutput) ToCertRequestSubjectPtrOutput() CertRequestSubjectPtrOutput

func (CertRequestSubjectPtrOutput) ToCertRequestSubjectPtrOutputWithContext 

func (o CertRequestSubjectPtrOutput) ToCertRequestSubjectPtrOutputWithContext(ctx context.Context) CertRequestSubjectPtrOutput

type GetCertificateArgs 

type GetCertificateArgs struct {
	// The content of the certificate in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. Cannot be used with `url`.
	Content *string `pulumi:"content"`
	// The URL of the website to get the certificates from. Cannot be used with `content`.
	Url *string `pulumi:"url"`
	// Whether to verify the certificate chain while parsing it or not (default: `true`). Cannot be used with `content`.
	VerifyChain *bool `pulumi:"verifyChain"`
}

A collection of arguments for invoking getCertificate.

type GetCertificateCertificate 

type GetCertificateCertificate struct {
	// Certificate data in PEM (RFC 1421).
	CertPem string `pulumi:"certPem"`
	// `true` if the certificate is of a CA (Certificate Authority).
	IsCa bool `pulumi:"isCa"`
	// Who verified and signed the certificate, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).
	Issuer string `pulumi:"issuer"`
	// The time until which the certificate is invalid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	NotAfter string `pulumi:"notAfter"`
	// The time after which the certificate is valid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	NotBefore string `pulumi:"notBefore"`
	// The key algorithm used to create the certificate.
	PublicKeyAlgorithm string `pulumi:"publicKeyAlgorithm"`
	// Number that uniquely identifies the certificate with the CA's system.
	// The `format` function can be used to convert this *base 10* number into other bases, such as hex.
	SerialNumber string `pulumi:"serialNumber"`
	// The SHA1 fingerprint of the public key of the certificate.
	Sha1Fingerprint string `pulumi:"sha1Fingerprint"`
	// The algorithm used to sign the certificate.
	SignatureAlgorithm string `pulumi:"signatureAlgorithm"`
	// The entity the certificate belongs to, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).
	Subject string `pulumi:"subject"`
	// The version the certificate is in.
	Version int `pulumi:"version"`
}

type GetCertificateCertificateArgs 

type GetCertificateCertificateArgs struct {
	// Certificate data in PEM (RFC 1421).
	CertPem pulumi.StringInput `pulumi:"certPem"`
	// `true` if the certificate is of a CA (Certificate Authority).
	IsCa pulumi.BoolInput `pulumi:"isCa"`
	// Who verified and signed the certificate, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).
	Issuer pulumi.StringInput `pulumi:"issuer"`
	// The time until which the certificate is invalid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	NotAfter pulumi.StringInput `pulumi:"notAfter"`
	// The time after which the certificate is valid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	NotBefore pulumi.StringInput `pulumi:"notBefore"`
	// The key algorithm used to create the certificate.
	PublicKeyAlgorithm pulumi.StringInput `pulumi:"publicKeyAlgorithm"`
	// Number that uniquely identifies the certificate with the CA's system.
	// The `format` function can be used to convert this *base 10* number into other bases, such as hex.
	SerialNumber pulumi.StringInput `pulumi:"serialNumber"`
	// The SHA1 fingerprint of the public key of the certificate.
	Sha1Fingerprint pulumi.StringInput `pulumi:"sha1Fingerprint"`
	// The algorithm used to sign the certificate.
	SignatureAlgorithm pulumi.StringInput `pulumi:"signatureAlgorithm"`
	// The entity the certificate belongs to, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).
	Subject pulumi.StringInput `pulumi:"subject"`
	// The version the certificate is in.
	Version pulumi.IntInput `pulumi:"version"`
}

func (GetCertificateCertificateArgs) ElementType 

func (GetCertificateCertificateArgs) ElementType() reflect.Type

func (GetCertificateCertificateArgs) ToGetCertificateCertificateOutput 

func (i GetCertificateCertificateArgs) ToGetCertificateCertificateOutput() GetCertificateCertificateOutput

func (GetCertificateCertificateArgs) ToGetCertificateCertificateOutputWithContext 

func (i GetCertificateCertificateArgs) ToGetCertificateCertificateOutputWithContext(ctx context.Context) GetCertificateCertificateOutput

type GetCertificateCertificateArray 

type GetCertificateCertificateArray []GetCertificateCertificateInput

func (GetCertificateCertificateArray) ElementType 

func (GetCertificateCertificateArray) ElementType() reflect.Type

func (GetCertificateCertificateArray) ToGetCertificateCertificateArrayOutput 

func (i GetCertificateCertificateArray) ToGetCertificateCertificateArrayOutput() GetCertificateCertificateArrayOutput

func (GetCertificateCertificateArray) ToGetCertificateCertificateArrayOutputWithContext 

func (i GetCertificateCertificateArray) ToGetCertificateCertificateArrayOutputWithContext(ctx context.Context) GetCertificateCertificateArrayOutput

type GetCertificateCertificateArrayInput 

type GetCertificateCertificateArrayInput interface {
	pulumi.Input

	ToGetCertificateCertificateArrayOutput() GetCertificateCertificateArrayOutput
	ToGetCertificateCertificateArrayOutputWithContext(context.Context) GetCertificateCertificateArrayOutput
}

GetCertificateCertificateArrayInput is an input type that accepts GetCertificateCertificateArray and GetCertificateCertificateArrayOutput values. You can construct a concrete instance of `GetCertificateCertificateArrayInput` via: 

GetCertificateCertificateArray{ GetCertificateCertificateArgs{...} }

type GetCertificateCertificateArrayOutput 

type GetCertificateCertificateArrayOutput struct{ *pulumi.OutputState }

func (GetCertificateCertificateArrayOutput) ElementType 

func (GetCertificateCertificateArrayOutput) ElementType() reflect.Type

func (GetCertificateCertificateArrayOutput) Index 

func (o GetCertificateCertificateArrayOutput) Index(i pulumi.IntInput) GetCertificateCertificateOutput

func (GetCertificateCertificateArrayOutput) ToGetCertificateCertificateArrayOutput 

func (o GetCertificateCertificateArrayOutput) ToGetCertificateCertificateArrayOutput() GetCertificateCertificateArrayOutput

func (GetCertificateCertificateArrayOutput) ToGetCertificateCertificateArrayOutputWithContext 

func (o GetCertificateCertificateArrayOutput) ToGetCertificateCertificateArrayOutputWithContext(ctx context.Context) GetCertificateCertificateArrayOutput

type GetCertificateCertificateInput 

type GetCertificateCertificateInput interface {
	pulumi.Input

	ToGetCertificateCertificateOutput() GetCertificateCertificateOutput
	ToGetCertificateCertificateOutputWithContext(context.Context) GetCertificateCertificateOutput
}

GetCertificateCertificateInput is an input type that accepts GetCertificateCertificateArgs and GetCertificateCertificateOutput values. You can construct a concrete instance of `GetCertificateCertificateInput` via: 

GetCertificateCertificateArgs{...}

type GetCertificateCertificateOutput 

type GetCertificateCertificateOutput struct{ *pulumi.OutputState }

func (GetCertificateCertificateOutput) CertPem 

func (o GetCertificateCertificateOutput) CertPem() pulumi.StringOutput

Certificate data in PEM (RFC 1421).

func (GetCertificateCertificateOutput) ElementType 

func (GetCertificateCertificateOutput) ElementType() reflect.Type

func (GetCertificateCertificateOutput) IsCa 

func (o GetCertificateCertificateOutput) IsCa() pulumi.BoolOutput

`true` if the certificate is of a CA (Certificate Authority).

func (GetCertificateCertificateOutput) Issuer 

func (o GetCertificateCertificateOutput) Issuer() pulumi.StringOutput

Who verified and signed the certificate, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).

func (GetCertificateCertificateOutput) NotAfter 

func (o GetCertificateCertificateOutput) NotAfter() pulumi.StringOutput

The time until which the certificate is invalid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.

func (GetCertificateCertificateOutput) NotBefore 

func (o GetCertificateCertificateOutput) NotBefore() pulumi.StringOutput

The time after which the certificate is valid, as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.

func (GetCertificateCertificateOutput) PublicKeyAlgorithm 

func (o GetCertificateCertificateOutput) PublicKeyAlgorithm() pulumi.StringOutput

The key algorithm used to create the certificate.

func (GetCertificateCertificateOutput) SerialNumber 

func (o GetCertificateCertificateOutput) SerialNumber() pulumi.StringOutput

Number that uniquely identifies the certificate with the CA's system. The `format` function can be used to convert this *base 10* number into other bases, such as hex.

func (GetCertificateCertificateOutput) Sha1Fingerprint 

func (o GetCertificateCertificateOutput) Sha1Fingerprint() pulumi.StringOutput

The SHA1 fingerprint of the public key of the certificate.

func (GetCertificateCertificateOutput) SignatureAlgorithm 

func (o GetCertificateCertificateOutput) SignatureAlgorithm() pulumi.StringOutput

The algorithm used to sign the certificate.

func (GetCertificateCertificateOutput) Subject 

func (o GetCertificateCertificateOutput) Subject() pulumi.StringOutput

The entity the certificate belongs to, roughly following [RFC2253](https://tools.ietf.org/html/rfc2253).

func (GetCertificateCertificateOutput) ToGetCertificateCertificateOutput 

func (o GetCertificateCertificateOutput) ToGetCertificateCertificateOutput() GetCertificateCertificateOutput

func (GetCertificateCertificateOutput) ToGetCertificateCertificateOutputWithContext 

func (o GetCertificateCertificateOutput) ToGetCertificateCertificateOutputWithContext(ctx context.Context) GetCertificateCertificateOutput

func (GetCertificateCertificateOutput) Version 

func (o GetCertificateCertificateOutput) Version() pulumi.IntOutput

The version the certificate is in.

type GetCertificateOutputArgs 

type GetCertificateOutputArgs struct {
	// The content of the certificate in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. Cannot be used with `url`.
	Content pulumi.StringPtrInput `pulumi:"content"`
	// The URL of the website to get the certificates from. Cannot be used with `content`.
	Url pulumi.StringPtrInput `pulumi:"url"`
	// Whether to verify the certificate chain while parsing it or not (default: `true`). Cannot be used with `content`.
	VerifyChain pulumi.BoolPtrInput `pulumi:"verifyChain"`
}

A collection of arguments for invoking getCertificate.

func (GetCertificateOutputArgs) ElementType 

func (GetCertificateOutputArgs) ElementType() reflect.Type

type GetCertificateResult 

type GetCertificateResult struct {
	// The certificates protecting the site, with the root of the chain first.
	Certificates []GetCertificateCertificate `pulumi:"certificates"`
	// The content of the certificate in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. Cannot be used with `url`.
	Content *string `pulumi:"content"`
	// Unique identifier of this data source: hashing of the certificates in the chain.
	Id string `pulumi:"id"`
	// The URL of the website to get the certificates from. Cannot be used with `content`.
	Url *string `pulumi:"url"`
	// Whether to verify the certificate chain while parsing it or not (default: `true`). Cannot be used with `content`.
	VerifyChain *bool `pulumi:"verifyChain"`
}

A collection of values returned by getCertificate.

func GetCertificate 

func GetCertificate(ctx *pulumi.Context, args *GetCertificateArgs, opts ...pulumi.InvokeOption) (*GetCertificateResult, error)

type GetCertificateResultOutput 

type GetCertificateResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getCertificate.

func GetCertificateOutput 

func GetCertificateOutput(ctx *pulumi.Context, args GetCertificateOutputArgs, opts ...pulumi.InvokeOption) GetCertificateResultOutput

func (GetCertificateResultOutput) Certificates 

func (o GetCertificateResultOutput) Certificates() GetCertificateCertificateArrayOutput

The certificates protecting the site, with the root of the chain first.

func (GetCertificateResultOutput) Content 

func (o GetCertificateResultOutput) Content() pulumi.StringPtrOutput

The content of the certificate in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. Cannot be used with `url`.

func (GetCertificateResultOutput) ElementType 

func (GetCertificateResultOutput) ElementType() reflect.Type

func (GetCertificateResultOutput) Id 

func (o GetCertificateResultOutput) Id() pulumi.StringOutput

Unique identifier of this data source: hashing of the certificates in the chain.

func (GetCertificateResultOutput) ToGetCertificateResultOutput 

func (o GetCertificateResultOutput) ToGetCertificateResultOutput() GetCertificateResultOutput

func (GetCertificateResultOutput) ToGetCertificateResultOutputWithContext 

func (o GetCertificateResultOutput) ToGetCertificateResultOutputWithContext(ctx context.Context) GetCertificateResultOutput

func (GetCertificateResultOutput) Url 

func (o GetCertificateResultOutput) Url() pulumi.StringPtrOutput

The URL of the website to get the certificates from. Cannot be used with `content`.

func (GetCertificateResultOutput) VerifyChain 

func (o GetCertificateResultOutput) VerifyChain() pulumi.BoolPtrOutput

Whether to verify the certificate chain while parsing it or not (default: `true`). Cannot be used with `content`.

type GetPublicKeyArgs 

type GetPublicKeyArgs struct {
	// The private key (in  [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. This is *mutually exclusive* with `privateKeyPem`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.
	PrivateKeyOpenssh *string `pulumi:"privateKeyOpenssh"`
	// The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. This is *mutually exclusive* with `privateKeyOpenssh`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.
	PrivateKeyPem *string `pulumi:"privateKeyPem"`
}

A collection of arguments for invoking getPublicKey.

type GetPublicKeyOutputArgs 

type GetPublicKeyOutputArgs struct {
	// The private key (in  [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. This is *mutually exclusive* with `privateKeyPem`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.
	PrivateKeyOpenssh pulumi.StringPtrInput `pulumi:"privateKeyOpenssh"`
	// The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. This is *mutually exclusive* with `privateKeyOpenssh`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.
	PrivateKeyPem pulumi.StringPtrInput `pulumi:"privateKeyPem"`
}

A collection of arguments for invoking getPublicKey.

func (GetPublicKeyOutputArgs) ElementType 

func (GetPublicKeyOutputArgs) ElementType() reflect.Type

type GetPublicKeyResult 

type GetPublicKeyResult struct {
	// The name of the algorithm used by the given private key. Possible values are: `RSA`, `ECDSA`, `ED25519`.
	Algorithm string `pulumi:"algorithm"`
	// Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.
	Id string `pulumi:"id"`
	// The private key (in  [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. This is *mutually exclusive* with `privateKeyPem`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.
	PrivateKeyOpenssh *string `pulumi:"privateKeyOpenssh"`
	// The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. This is *mutually exclusive* with `privateKeyOpenssh`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.
	PrivateKeyPem *string `pulumi:"privateKeyPem"`
	// The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations.
	PublicKeyFingerprintMd5 string `pulumi:"publicKeyFingerprintMd5"`
	// The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations.
	PublicKeyFingerprintSha256 string `pulumi:"publicKeyFingerprintSha256"`
	// The public key, in  OpenSSH PEM (RFC 4716).
	PublicKeyOpenssh string `pulumi:"publicKeyOpenssh"`
	// The public key, in PEM (RFC 1421).
	PublicKeyPem string `pulumi:"publicKeyPem"`
}

A collection of values returned by getPublicKey.

func GetPublicKey 

func GetPublicKey(ctx *pulumi.Context, args *GetPublicKeyArgs, opts ...pulumi.InvokeOption) (*GetPublicKeyResult, error)

Get a public key from a PEM-encoded private key.

Use this data source to get the public key from a [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) or [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) formatted private key, for use in other resources.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"os"

"github.com/pulumi/pulumi-tls/sdk/v5/go/tls"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := tls.NewPrivateKey(ctx, "ed25519-example", &tls.PrivateKeyArgs{
			Algorithm: pulumi.String("ED25519"),
		})
		if err != nil {
			return err
		}
		_ = tls.GetPublicKeyOutput(ctx, tls.GetPublicKeyOutputArgs{
			PrivateKeyPem: ed25519_example.PrivateKeyPem,
		}, nil)
		_, err = tls.GetPublicKey(ctx, &tls.GetPublicKeyArgs{
			PrivateKeyOpenssh: pulumi.StringRef(readFileOrPanic("~/.ssh/id_rsa_rfc4716")),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetPublicKeyResultOutput 

type GetPublicKeyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPublicKey.

func GetPublicKeyOutput 

func GetPublicKeyOutput(ctx *pulumi.Context, args GetPublicKeyOutputArgs, opts ...pulumi.InvokeOption) GetPublicKeyResultOutput

func (GetPublicKeyResultOutput) Algorithm 

func (o GetPublicKeyResultOutput) Algorithm() pulumi.StringOutput

The name of the algorithm used by the given private key. Possible values are: `RSA`, `ECDSA`, `ED25519`.

func (GetPublicKeyResultOutput) ElementType 

func (GetPublicKeyResultOutput) ElementType() reflect.Type

func (GetPublicKeyResultOutput) Id 

func (o GetPublicKeyResultOutput) Id() pulumi.StringOutput

Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source.

func (GetPublicKeyResultOutput) PrivateKeyOpenssh 

func (o GetPublicKeyResultOutput) PrivateKeyOpenssh() pulumi.StringPtrOutput

The private key (in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. This is *mutually exclusive* with `privateKeyPem`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.

func (GetPublicKeyResultOutput) PrivateKeyPem 

func (o GetPublicKeyResultOutput) PrivateKeyPem() pulumi.StringPtrOutput

The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. This is *mutually exclusive* with `privateKeyOpenssh`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`.

func (GetPublicKeyResultOutput) PublicKeyFingerprintMd5 

func (o GetPublicKeyResultOutput) PublicKeyFingerprintMd5() pulumi.StringOutput

The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations.

func (GetPublicKeyResultOutput) PublicKeyFingerprintSha256 

func (o GetPublicKeyResultOutput) PublicKeyFingerprintSha256() pulumi.StringOutput

The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations.

func (GetPublicKeyResultOutput) PublicKeyOpenssh 

func (o GetPublicKeyResultOutput) PublicKeyOpenssh() pulumi.StringOutput

The public key, in OpenSSH PEM (RFC 4716).

func (GetPublicKeyResultOutput) PublicKeyPem 

func (o GetPublicKeyResultOutput) PublicKeyPem() pulumi.StringOutput

The public key, in PEM (RFC 1421).

func (GetPublicKeyResultOutput) ToGetPublicKeyResultOutput 

func (o GetPublicKeyResultOutput) ToGetPublicKeyResultOutput() GetPublicKeyResultOutput

func (GetPublicKeyResultOutput) ToGetPublicKeyResultOutputWithContext 

func (o GetPublicKeyResultOutput) ToGetPublicKeyResultOutputWithContext(ctx context.Context) GetPublicKeyResultOutput

type LocallySignedCert 

type LocallySignedCert struct {
	pulumi.CustomResourceState

	// List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
	AllowedUses pulumi.StringArrayOutput `pulumi:"allowedUses"`
	// Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CaCertPem pulumi.StringOutput `pulumi:"caCertPem"`
	// Name of the algorithm used when generating the private key provided in `caPrivateKeyPem`.
	CaKeyAlgorithm pulumi.StringOutput `pulumi:"caKeyAlgorithm"`
	// Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CaPrivateKeyPem pulumi.StringOutput `pulumi:"caPrivateKeyPem"`
	// Certificate data in PEM (RFC 1421).
	CertPem pulumi.StringOutput `pulumi:"certPem"`
	// Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CertRequestPem pulumi.StringOutput `pulumi:"certRequestPem"`
	// The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This
	// can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old
	// certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate
	// revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the
	// early renewal period. (default: `0`)
	EarlyRenewalHours pulumi.IntOutput `pulumi:"earlyRenewalHours"`
	// Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
	IsCaCertificate pulumi.BoolOutput `pulumi:"isCaCertificate"`
	// Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
	ReadyForRenewal pulumi.BoolOutput `pulumi:"readyForRenewal"`
	// Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetSubjectKeyId pulumi.BoolOutput `pulumi:"setSubjectKeyId"`
	// The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityEndTime pulumi.StringOutput `pulumi:"validityEndTime"`
	// Number of hours, after initial issuing, that the certificate will remain valid for.
	ValidityPeriodHours pulumi.IntOutput `pulumi:"validityPeriodHours"`
	// The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityStartTime pulumi.StringOutput `pulumi:"validityStartTime"`
}

func GetLocallySignedCert 

func GetLocallySignedCert(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *LocallySignedCertState, opts ...pulumi.ResourceOption) (*LocallySignedCert, error)

GetLocallySignedCert gets an existing LocallySignedCert resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewLocallySignedCert 

func NewLocallySignedCert(ctx *pulumi.Context,
	name string, args *LocallySignedCertArgs, opts ...pulumi.ResourceOption) (*LocallySignedCert, error)

NewLocallySignedCert registers a new resource with the given unique name, arguments, and options.

func (*LocallySignedCert) ElementType 

func (*LocallySignedCert) ElementType() reflect.Type

func (*LocallySignedCert) ToLocallySignedCertOutput 

func (i *LocallySignedCert) ToLocallySignedCertOutput() LocallySignedCertOutput

func (*LocallySignedCert) ToLocallySignedCertOutputWithContext 

func (i *LocallySignedCert) ToLocallySignedCertOutputWithContext(ctx context.Context) LocallySignedCertOutput

type LocallySignedCertArgs 

type LocallySignedCertArgs struct {
	// List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
	AllowedUses pulumi.StringArrayInput
	// Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CaCertPem pulumi.StringInput
	// Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CaPrivateKeyPem pulumi.StringInput
	// Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CertRequestPem pulumi.StringInput
	// The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This
	// can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old
	// certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate
	// revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the
	// early renewal period. (default: `0`)
	EarlyRenewalHours pulumi.IntPtrInput
	// Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
	IsCaCertificate pulumi.BoolPtrInput
	// Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetSubjectKeyId pulumi.BoolPtrInput
	// Number of hours, after initial issuing, that the certificate will remain valid for.
	ValidityPeriodHours pulumi.IntInput
}

The set of arguments for constructing a LocallySignedCert resource.

func (LocallySignedCertArgs) ElementType 

func (LocallySignedCertArgs) ElementType() reflect.Type

type LocallySignedCertArray 

type LocallySignedCertArray []LocallySignedCertInput

func (LocallySignedCertArray) ElementType 

func (LocallySignedCertArray) ElementType() reflect.Type

func (LocallySignedCertArray) ToLocallySignedCertArrayOutput 

func (i LocallySignedCertArray) ToLocallySignedCertArrayOutput() LocallySignedCertArrayOutput

func (LocallySignedCertArray) ToLocallySignedCertArrayOutputWithContext 

func (i LocallySignedCertArray) ToLocallySignedCertArrayOutputWithContext(ctx context.Context) LocallySignedCertArrayOutput

type LocallySignedCertArrayInput 

type LocallySignedCertArrayInput interface {
	pulumi.Input

	ToLocallySignedCertArrayOutput() LocallySignedCertArrayOutput
	ToLocallySignedCertArrayOutputWithContext(context.Context) LocallySignedCertArrayOutput
}

LocallySignedCertArrayInput is an input type that accepts LocallySignedCertArray and LocallySignedCertArrayOutput values. You can construct a concrete instance of `LocallySignedCertArrayInput` via: 

LocallySignedCertArray{ LocallySignedCertArgs{...} }

type LocallySignedCertArrayOutput 

type LocallySignedCertArrayOutput struct{ *pulumi.OutputState }

func (LocallySignedCertArrayOutput) ElementType 

func (LocallySignedCertArrayOutput) ElementType() reflect.Type

func (LocallySignedCertArrayOutput) Index 

func (o LocallySignedCertArrayOutput) Index(i pulumi.IntInput) LocallySignedCertOutput

func (LocallySignedCertArrayOutput) ToLocallySignedCertArrayOutput 

func (o LocallySignedCertArrayOutput) ToLocallySignedCertArrayOutput() LocallySignedCertArrayOutput

func (LocallySignedCertArrayOutput) ToLocallySignedCertArrayOutputWithContext 

func (o LocallySignedCertArrayOutput) ToLocallySignedCertArrayOutputWithContext(ctx context.Context) LocallySignedCertArrayOutput

type LocallySignedCertInput 

type LocallySignedCertInput interface {
	pulumi.Input

	ToLocallySignedCertOutput() LocallySignedCertOutput
	ToLocallySignedCertOutputWithContext(ctx context.Context) LocallySignedCertOutput
}

type LocallySignedCertMap 

type LocallySignedCertMap map[string]LocallySignedCertInput

func (LocallySignedCertMap) ElementType 

func (LocallySignedCertMap) ElementType() reflect.Type

func (LocallySignedCertMap) ToLocallySignedCertMapOutput 

func (i LocallySignedCertMap) ToLocallySignedCertMapOutput() LocallySignedCertMapOutput

func (LocallySignedCertMap) ToLocallySignedCertMapOutputWithContext 

func (i LocallySignedCertMap) ToLocallySignedCertMapOutputWithContext(ctx context.Context) LocallySignedCertMapOutput

type LocallySignedCertMapInput 

type LocallySignedCertMapInput interface {
	pulumi.Input

	ToLocallySignedCertMapOutput() LocallySignedCertMapOutput
	ToLocallySignedCertMapOutputWithContext(context.Context) LocallySignedCertMapOutput
}

LocallySignedCertMapInput is an input type that accepts LocallySignedCertMap and LocallySignedCertMapOutput values. You can construct a concrete instance of `LocallySignedCertMapInput` via: 

LocallySignedCertMap{ "key": LocallySignedCertArgs{...} }

type LocallySignedCertMapOutput 

type LocallySignedCertMapOutput struct{ *pulumi.OutputState }

func (LocallySignedCertMapOutput) ElementType 

func (LocallySignedCertMapOutput) ElementType() reflect.Type

func (LocallySignedCertMapOutput) MapIndex 

func (o LocallySignedCertMapOutput) MapIndex(k pulumi.StringInput) LocallySignedCertOutput

func (LocallySignedCertMapOutput) ToLocallySignedCertMapOutput 

func (o LocallySignedCertMapOutput) ToLocallySignedCertMapOutput() LocallySignedCertMapOutput

func (LocallySignedCertMapOutput) ToLocallySignedCertMapOutputWithContext 

func (o LocallySignedCertMapOutput) ToLocallySignedCertMapOutputWithContext(ctx context.Context) LocallySignedCertMapOutput

type LocallySignedCertOutput 

type LocallySignedCertOutput struct{ *pulumi.OutputState }

func (LocallySignedCertOutput) AllowedUses 

func (o LocallySignedCertOutput) AllowedUses() pulumi.StringArrayOutput

List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.

func (LocallySignedCertOutput) CaCertPem 

func (o LocallySignedCertOutput) CaCertPem() pulumi.StringOutput

Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.

func (LocallySignedCertOutput) CaKeyAlgorithm 

func (o LocallySignedCertOutput) CaKeyAlgorithm() pulumi.StringOutput

Name of the algorithm used when generating the private key provided in `caPrivateKeyPem`.

func (LocallySignedCertOutput) CaPrivateKeyPem 

func (o LocallySignedCertOutput) CaPrivateKeyPem() pulumi.StringOutput

Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.

func (LocallySignedCertOutput) CertPem 

func (o LocallySignedCertOutput) CertPem() pulumi.StringOutput

Certificate data in PEM (RFC 1421).

func (LocallySignedCertOutput) CertRequestPem 

func (o LocallySignedCertOutput) CertRequestPem() pulumi.StringOutput

Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.

func (LocallySignedCertOutput) EarlyRenewalHours 

func (o LocallySignedCertOutput) EarlyRenewalHours() pulumi.IntOutput

The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the early renewal period. (default: `0`)

func (LocallySignedCertOutput) ElementType 

func (LocallySignedCertOutput) ElementType() reflect.Type

func (LocallySignedCertOutput) IsCaCertificate 

func (o LocallySignedCertOutput) IsCaCertificate() pulumi.BoolOutput

Is the generated certificate representing a Certificate Authority (CA) (default: `false`).

func (LocallySignedCertOutput) ReadyForRenewal 

func (o LocallySignedCertOutput) ReadyForRenewal() pulumi.BoolOutput

Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?

func (LocallySignedCertOutput) SetSubjectKeyId 

func (o LocallySignedCertOutput) SetSubjectKeyId() pulumi.BoolOutput

Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).

func (LocallySignedCertOutput) ToLocallySignedCertOutput 

func (o LocallySignedCertOutput) ToLocallySignedCertOutput() LocallySignedCertOutput

func (LocallySignedCertOutput) ToLocallySignedCertOutputWithContext 

func (o LocallySignedCertOutput) ToLocallySignedCertOutputWithContext(ctx context.Context) LocallySignedCertOutput

func (LocallySignedCertOutput) ValidityEndTime 

func (o LocallySignedCertOutput) ValidityEndTime() pulumi.StringOutput

The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.

func (LocallySignedCertOutput) ValidityPeriodHours 

func (o LocallySignedCertOutput) ValidityPeriodHours() pulumi.IntOutput

Number of hours, after initial issuing, that the certificate will remain valid for.

func (LocallySignedCertOutput) ValidityStartTime 

func (o LocallySignedCertOutput) ValidityStartTime() pulumi.StringOutput

The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.

type LocallySignedCertState 

type LocallySignedCertState struct {
	// List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
	AllowedUses pulumi.StringArrayInput
	// Certificate data of the Certificate Authority (CA) in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CaCertPem pulumi.StringPtrInput
	// Name of the algorithm used when generating the private key provided in `caPrivateKeyPem`.
	CaKeyAlgorithm pulumi.StringPtrInput
	// Private key of the Certificate Authority (CA) used to sign the certificate, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CaPrivateKeyPem pulumi.StringPtrInput
	// Certificate data in PEM (RFC 1421).
	CertPem pulumi.StringPtrInput
	// Certificate request data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	CertRequestPem pulumi.StringPtrInput
	// The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This
	// can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old
	// certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate
	// revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the
	// early renewal period. (default: `0`)
	EarlyRenewalHours pulumi.IntPtrInput
	// Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
	IsCaCertificate pulumi.BoolPtrInput
	// Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
	ReadyForRenewal pulumi.BoolPtrInput
	// Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetSubjectKeyId pulumi.BoolPtrInput
	// The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityEndTime pulumi.StringPtrInput
	// Number of hours, after initial issuing, that the certificate will remain valid for.
	ValidityPeriodHours pulumi.IntPtrInput
	// The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityStartTime pulumi.StringPtrInput
}

func (LocallySignedCertState) ElementType 

func (LocallySignedCertState) ElementType() reflect.Type

type PrivateKey 

type PrivateKey struct {
	pulumi.CustomResourceState

	// Name of the algorithm to use when generating the private key. Currently-supported values are: `RSA`, `ECDSA`, `ED25519`.
	Algorithm pulumi.StringOutput `pulumi:"algorithm"`
	// When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are: `P224`, `P256`, `P384`, `P521`. (default: `P224`).
	EcdsaCurve pulumi.StringOutput `pulumi:"ecdsaCurve"`
	// Private key data in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format.
	PrivateKeyOpenssh pulumi.StringOutput `pulumi:"privateKeyOpenssh"`
	// Private key data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	PrivateKeyPem pulumi.StringOutput `pulumi:"privateKeyPem"`
	// Private key data in [PKCS#8 PEM (RFC 5208)](https://datatracker.ietf.org/doc/html/rfc5208) format.
	PrivateKeyPemPkcs8 pulumi.StringOutput `pulumi:"privateKeyPemPkcs8"`
	// The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
	PublicKeyFingerprintMd5 pulumi.StringOutput `pulumi:"publicKeyFingerprintMd5"`
	// The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
	PublicKeyFingerprintSha256 pulumi.StringOutput `pulumi:"publicKeyFingerprintSha256"`
	// The public key data in "Authorized Keys".
	PublicKeyOpenssh pulumi.StringOutput `pulumi:"publicKeyOpenssh"`
	// Public key data in PEM (RFC 1421).
	PublicKeyPem pulumi.StringOutput `pulumi:"publicKeyPem"`
	// When `algorithm` is `RSA`, the size of the generated RSA key, in bits (default: `2048`).
	RsaBits pulumi.IntOutput `pulumi:"rsaBits"`
}

func GetPrivateKey 

func GetPrivateKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PrivateKeyState, opts ...pulumi.ResourceOption) (*PrivateKey, error)

GetPrivateKey gets an existing PrivateKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPrivateKey 

func NewPrivateKey(ctx *pulumi.Context,
	name string, args *PrivateKeyArgs, opts ...pulumi.ResourceOption) (*PrivateKey, error)

NewPrivateKey registers a new resource with the given unique name, arguments, and options.

func (*PrivateKey) ElementType 

func (*PrivateKey) ElementType() reflect.Type

func (*PrivateKey) ToPrivateKeyOutput 

func (i *PrivateKey) ToPrivateKeyOutput() PrivateKeyOutput

func (*PrivateKey) ToPrivateKeyOutputWithContext 

func (i *PrivateKey) ToPrivateKeyOutputWithContext(ctx context.Context) PrivateKeyOutput

type PrivateKeyArgs 

type PrivateKeyArgs struct {
	// Name of the algorithm to use when generating the private key. Currently-supported values are: `RSA`, `ECDSA`, `ED25519`.
	Algorithm pulumi.StringInput
	// When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are: `P224`, `P256`, `P384`, `P521`. (default: `P224`).
	EcdsaCurve pulumi.StringPtrInput
	// When `algorithm` is `RSA`, the size of the generated RSA key, in bits (default: `2048`).
	RsaBits pulumi.IntPtrInput
}

The set of arguments for constructing a PrivateKey resource.

func (PrivateKeyArgs) ElementType 

func (PrivateKeyArgs) ElementType() reflect.Type

type PrivateKeyArray 

type PrivateKeyArray []PrivateKeyInput

func (PrivateKeyArray) ElementType 

func (PrivateKeyArray) ElementType() reflect.Type

func (PrivateKeyArray) ToPrivateKeyArrayOutput 

func (i PrivateKeyArray) ToPrivateKeyArrayOutput() PrivateKeyArrayOutput

func (PrivateKeyArray) ToPrivateKeyArrayOutputWithContext 

func (i PrivateKeyArray) ToPrivateKeyArrayOutputWithContext(ctx context.Context) PrivateKeyArrayOutput

type PrivateKeyArrayInput 

type PrivateKeyArrayInput interface {
	pulumi.Input

	ToPrivateKeyArrayOutput() PrivateKeyArrayOutput
	ToPrivateKeyArrayOutputWithContext(context.Context) PrivateKeyArrayOutput
}

PrivateKeyArrayInput is an input type that accepts PrivateKeyArray and PrivateKeyArrayOutput values. You can construct a concrete instance of `PrivateKeyArrayInput` via: 

PrivateKeyArray{ PrivateKeyArgs{...} }

type PrivateKeyArrayOutput 

type PrivateKeyArrayOutput struct{ *pulumi.OutputState }

func (PrivateKeyArrayOutput) ElementType 

func (PrivateKeyArrayOutput) ElementType() reflect.Type

func (PrivateKeyArrayOutput) Index 

func (o PrivateKeyArrayOutput) Index(i pulumi.IntInput) PrivateKeyOutput

func (PrivateKeyArrayOutput) ToPrivateKeyArrayOutput 

func (o PrivateKeyArrayOutput) ToPrivateKeyArrayOutput() PrivateKeyArrayOutput

func (PrivateKeyArrayOutput) ToPrivateKeyArrayOutputWithContext 

func (o PrivateKeyArrayOutput) ToPrivateKeyArrayOutputWithContext(ctx context.Context) PrivateKeyArrayOutput

type PrivateKeyInput 

type PrivateKeyInput interface {
	pulumi.Input

	ToPrivateKeyOutput() PrivateKeyOutput
	ToPrivateKeyOutputWithContext(ctx context.Context) PrivateKeyOutput
}

type PrivateKeyMap 

type PrivateKeyMap map[string]PrivateKeyInput

func (PrivateKeyMap) ElementType 

func (PrivateKeyMap) ElementType() reflect.Type

func (PrivateKeyMap) ToPrivateKeyMapOutput 

func (i PrivateKeyMap) ToPrivateKeyMapOutput() PrivateKeyMapOutput

func (PrivateKeyMap) ToPrivateKeyMapOutputWithContext 

func (i PrivateKeyMap) ToPrivateKeyMapOutputWithContext(ctx context.Context) PrivateKeyMapOutput

type PrivateKeyMapInput 

type PrivateKeyMapInput interface {
	pulumi.Input

	ToPrivateKeyMapOutput() PrivateKeyMapOutput
	ToPrivateKeyMapOutputWithContext(context.Context) PrivateKeyMapOutput
}

PrivateKeyMapInput is an input type that accepts PrivateKeyMap and PrivateKeyMapOutput values. You can construct a concrete instance of `PrivateKeyMapInput` via: 

PrivateKeyMap{ "key": PrivateKeyArgs{...} }

type PrivateKeyMapOutput 

type PrivateKeyMapOutput struct{ *pulumi.OutputState }

func (PrivateKeyMapOutput) ElementType 

func (PrivateKeyMapOutput) ElementType() reflect.Type

func (PrivateKeyMapOutput) MapIndex 

func (o PrivateKeyMapOutput) MapIndex(k pulumi.StringInput) PrivateKeyOutput

func (PrivateKeyMapOutput) ToPrivateKeyMapOutput 

func (o PrivateKeyMapOutput) ToPrivateKeyMapOutput() PrivateKeyMapOutput

func (PrivateKeyMapOutput) ToPrivateKeyMapOutputWithContext 

func (o PrivateKeyMapOutput) ToPrivateKeyMapOutputWithContext(ctx context.Context) PrivateKeyMapOutput

type PrivateKeyOutput 

type PrivateKeyOutput struct{ *pulumi.OutputState }

func (PrivateKeyOutput) Algorithm 

func (o PrivateKeyOutput) Algorithm() pulumi.StringOutput

Name of the algorithm to use when generating the private key. Currently-supported values are: `RSA`, `ECDSA`, `ED25519`.

func (PrivateKeyOutput) EcdsaCurve 

func (o PrivateKeyOutput) EcdsaCurve() pulumi.StringOutput

When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are: `P224`, `P256`, `P384`, `P521`. (default: `P224`).

func (PrivateKeyOutput) ElementType 

func (PrivateKeyOutput) ElementType() reflect.Type

func (PrivateKeyOutput) PrivateKeyOpenssh 

func (o PrivateKeyOutput) PrivateKeyOpenssh() pulumi.StringOutput

Private key data in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format.

func (PrivateKeyOutput) PrivateKeyPem 

func (o PrivateKeyOutput) PrivateKeyPem() pulumi.StringOutput

Private key data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.

func (PrivateKeyOutput) PrivateKeyPemPkcs8 

func (o PrivateKeyOutput) PrivateKeyPemPkcs8() pulumi.StringOutput

Private key data in [PKCS#8 PEM (RFC 5208)](https://datatracker.ietf.org/doc/html/rfc5208) format.

func (PrivateKeyOutput) PublicKeyFingerprintMd5 

func (o PrivateKeyOutput) PublicKeyFingerprintMd5() pulumi.StringOutput

The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.

func (PrivateKeyOutput) PublicKeyFingerprintSha256 

func (o PrivateKeyOutput) PublicKeyFingerprintSha256() pulumi.StringOutput

The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.

func (PrivateKeyOutput) PublicKeyOpenssh 

func (o PrivateKeyOutput) PublicKeyOpenssh() pulumi.StringOutput

The public key data in "Authorized Keys".

func (PrivateKeyOutput) PublicKeyPem 

func (o PrivateKeyOutput) PublicKeyPem() pulumi.StringOutput

Public key data in PEM (RFC 1421).

func (PrivateKeyOutput) RsaBits 

func (o PrivateKeyOutput) RsaBits() pulumi.IntOutput

When `algorithm` is `RSA`, the size of the generated RSA key, in bits (default: `2048`).

func (PrivateKeyOutput) ToPrivateKeyOutput 

func (o PrivateKeyOutput) ToPrivateKeyOutput() PrivateKeyOutput

func (PrivateKeyOutput) ToPrivateKeyOutputWithContext 

func (o PrivateKeyOutput) ToPrivateKeyOutputWithContext(ctx context.Context) PrivateKeyOutput

type PrivateKeyState 

type PrivateKeyState struct {
	// Name of the algorithm to use when generating the private key. Currently-supported values are: `RSA`, `ECDSA`, `ED25519`.
	Algorithm pulumi.StringPtrInput
	// When `algorithm` is `ECDSA`, the name of the elliptic curve to use. Currently-supported values are: `P224`, `P256`, `P384`, `P521`. (default: `P224`).
	EcdsaCurve pulumi.StringPtrInput
	// Private key data in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format.
	PrivateKeyOpenssh pulumi.StringPtrInput
	// Private key data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format.
	PrivateKeyPem pulumi.StringPtrInput
	// Private key data in [PKCS#8 PEM (RFC 5208)](https://datatracker.ietf.org/doc/html/rfc5208) format.
	PrivateKeyPemPkcs8 pulumi.StringPtrInput
	// The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
	PublicKeyFingerprintMd5 pulumi.StringPtrInput
	// The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, similarly to `publicKeyOpenssh` and the ECDSA P224 limitations.
	PublicKeyFingerprintSha256 pulumi.StringPtrInput
	// The public key data in "Authorized Keys".
	PublicKeyOpenssh pulumi.StringPtrInput
	// Public key data in PEM (RFC 1421).
	PublicKeyPem pulumi.StringPtrInput
	// When `algorithm` is `RSA`, the size of the generated RSA key, in bits (default: `2048`).
	RsaBits pulumi.IntPtrInput
}

func (PrivateKeyState) ElementType 

func (PrivateKeyState) ElementType() reflect.Type

type Provider 

type Provider struct {
	pulumi.ProviderResourceState
}

The provider type for the tls package. By default, resources use package-wide configuration settings, however an explicit `Provider` instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the [documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.

func NewProvider 

func NewProvider(ctx *pulumi.Context,
	name string, args *ProviderArgs, opts ...pulumi.ResourceOption) (*Provider, error)

NewProvider registers a new resource with the given unique name, arguments, and options.

func (*Provider) ElementType 

func (*Provider) ElementType() reflect.Type

func (*Provider) ToProviderOutput 

func (i *Provider) ToProviderOutput() ProviderOutput

func (*Provider) ToProviderOutputWithContext 

func (i *Provider) ToProviderOutputWithContext(ctx context.Context) ProviderOutput

type ProviderArgs 

type ProviderArgs struct {
	// Proxy used by resources and data sources that connect to external endpoints.
	Proxy ProviderProxyPtrInput
}

The set of arguments for constructing a Provider resource.

func (ProviderArgs) ElementType 

func (ProviderArgs) ElementType() reflect.Type

type ProviderInput 

type ProviderInput interface {
	pulumi.Input

	ToProviderOutput() ProviderOutput
	ToProviderOutputWithContext(ctx context.Context) ProviderOutput
}

type ProviderOutput 

type ProviderOutput struct{ *pulumi.OutputState }

func (ProviderOutput) ElementType 

func (ProviderOutput) ElementType() reflect.Type

func (ProviderOutput) ToProviderOutput 

func (o ProviderOutput) ToProviderOutput() ProviderOutput

func (ProviderOutput) ToProviderOutputWithContext 

func (o ProviderOutput) ToProviderOutputWithContext(ctx context.Context) ProviderOutput

type ProviderProxy 

type ProviderProxy struct {
	// When `true` the provider will discover the proxy configuration from environment variables. This is based upon [`http.ProxyFromEnvironment`](https://pkg.go.dev/net/http#ProxyFromEnvironment) and it supports the same environment variables (default: `true`).
	FromEnv *bool `pulumi:"fromEnv"`
	// Password used for Basic authentication against the Proxy.
	Password *string `pulumi:"password"`
	// URL used to connect to the Proxy. Accepted schemes are: `http`, `https`, `socks5`.
	Url *string `pulumi:"url"`
	// Username (or Token) used for Basic authentication against the Proxy.
	Username *string `pulumi:"username"`
}

type ProviderProxyArgs 

type ProviderProxyArgs struct {
	// When `true` the provider will discover the proxy configuration from environment variables. This is based upon [`http.ProxyFromEnvironment`](https://pkg.go.dev/net/http#ProxyFromEnvironment) and it supports the same environment variables (default: `true`).
	FromEnv pulumi.BoolPtrInput `pulumi:"fromEnv"`
	// Password used for Basic authentication against the Proxy.
	Password pulumi.StringPtrInput `pulumi:"password"`
	// URL used to connect to the Proxy. Accepted schemes are: `http`, `https`, `socks5`.
	Url pulumi.StringPtrInput `pulumi:"url"`
	// Username (or Token) used for Basic authentication against the Proxy.
	Username pulumi.StringPtrInput `pulumi:"username"`
}

func (ProviderProxyArgs) ElementType 

func (ProviderProxyArgs) ElementType() reflect.Type

func (ProviderProxyArgs) ToProviderProxyOutput 

func (i ProviderProxyArgs) ToProviderProxyOutput() ProviderProxyOutput

func (ProviderProxyArgs) ToProviderProxyOutputWithContext 

func (i ProviderProxyArgs) ToProviderProxyOutputWithContext(ctx context.Context) ProviderProxyOutput

func (ProviderProxyArgs) ToProviderProxyPtrOutput 

func (i ProviderProxyArgs) ToProviderProxyPtrOutput() ProviderProxyPtrOutput

func (ProviderProxyArgs) ToProviderProxyPtrOutputWithContext 

func (i ProviderProxyArgs) ToProviderProxyPtrOutputWithContext(ctx context.Context) ProviderProxyPtrOutput

type ProviderProxyInput 

type ProviderProxyInput interface {
	pulumi.Input

	ToProviderProxyOutput() ProviderProxyOutput
	ToProviderProxyOutputWithContext(context.Context) ProviderProxyOutput
}

ProviderProxyInput is an input type that accepts ProviderProxyArgs and ProviderProxyOutput values. You can construct a concrete instance of `ProviderProxyInput` via: 

ProviderProxyArgs{...}

type ProviderProxyOutput 

type ProviderProxyOutput struct{ *pulumi.OutputState }

func (ProviderProxyOutput) ElementType 

func (ProviderProxyOutput) ElementType() reflect.Type

func (ProviderProxyOutput) FromEnv 

func (o ProviderProxyOutput) FromEnv() pulumi.BoolPtrOutput

When `true` the provider will discover the proxy configuration from environment variables. This is based upon [`http.ProxyFromEnvironment`](https://pkg.go.dev/net/http#ProxyFromEnvironment) and it supports the same environment variables (default: `true`).

func (ProviderProxyOutput) Password 

func (o ProviderProxyOutput) Password() pulumi.StringPtrOutput

Password used for Basic authentication against the Proxy.

func (ProviderProxyOutput) ToProviderProxyOutput 

func (o ProviderProxyOutput) ToProviderProxyOutput() ProviderProxyOutput

func (ProviderProxyOutput) ToProviderProxyOutputWithContext 

func (o ProviderProxyOutput) ToProviderProxyOutputWithContext(ctx context.Context) ProviderProxyOutput

func (ProviderProxyOutput) ToProviderProxyPtrOutput 

func (o ProviderProxyOutput) ToProviderProxyPtrOutput() ProviderProxyPtrOutput

func (ProviderProxyOutput) ToProviderProxyPtrOutputWithContext 

func (o ProviderProxyOutput) ToProviderProxyPtrOutputWithContext(ctx context.Context) ProviderProxyPtrOutput

func (ProviderProxyOutput) Url 

func (o ProviderProxyOutput) Url() pulumi.StringPtrOutput

URL used to connect to the Proxy. Accepted schemes are: `http`, `https`, `socks5`.

func (ProviderProxyOutput) Username 

func (o ProviderProxyOutput) Username() pulumi.StringPtrOutput

Username (or Token) used for Basic authentication against the Proxy.

type ProviderProxyPtrInput 

type ProviderProxyPtrInput interface {
	pulumi.Input

	ToProviderProxyPtrOutput() ProviderProxyPtrOutput
	ToProviderProxyPtrOutputWithContext(context.Context) ProviderProxyPtrOutput
}

ProviderProxyPtrInput is an input type that accepts ProviderProxyArgs, ProviderProxyPtr and ProviderProxyPtrOutput values. You can construct a concrete instance of `ProviderProxyPtrInput` via: 

        ProviderProxyArgs{...}

or:

        nil

func ProviderProxyPtr 

func ProviderProxyPtr(v *ProviderProxyArgs) ProviderProxyPtrInput

type ProviderProxyPtrOutput 

type ProviderProxyPtrOutput struct{ *pulumi.OutputState }

func (ProviderProxyPtrOutput) Elem 

func (o ProviderProxyPtrOutput) Elem() ProviderProxyOutput

func (ProviderProxyPtrOutput) ElementType 

func (ProviderProxyPtrOutput) ElementType() reflect.Type

func (ProviderProxyPtrOutput) FromEnv 

func (o ProviderProxyPtrOutput) FromEnv() pulumi.BoolPtrOutput

When `true` the provider will discover the proxy configuration from environment variables. This is based upon [`http.ProxyFromEnvironment`](https://pkg.go.dev/net/http#ProxyFromEnvironment) and it supports the same environment variables (default: `true`).

func (ProviderProxyPtrOutput) Password 

func (o ProviderProxyPtrOutput) Password() pulumi.StringPtrOutput

Password used for Basic authentication against the Proxy.

func (ProviderProxyPtrOutput) ToProviderProxyPtrOutput 

func (o ProviderProxyPtrOutput) ToProviderProxyPtrOutput() ProviderProxyPtrOutput

func (ProviderProxyPtrOutput) ToProviderProxyPtrOutputWithContext 

func (o ProviderProxyPtrOutput) ToProviderProxyPtrOutputWithContext(ctx context.Context) ProviderProxyPtrOutput

func (ProviderProxyPtrOutput) Url 

func (o ProviderProxyPtrOutput) Url() pulumi.StringPtrOutput

URL used to connect to the Proxy. Accepted schemes are: `http`, `https`, `socks5`.

func (ProviderProxyPtrOutput) Username 

func (o ProviderProxyPtrOutput) Username() pulumi.StringPtrOutput

Username (or Token) used for Basic authentication against the Proxy.

type SelfSignedCert 

type SelfSignedCert struct {
	pulumi.CustomResourceState

	// List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
	AllowedUses pulumi.StringArrayOutput `pulumi:"allowedUses"`
	// Certificate data in PEM (RFC 1421).
	CertPem pulumi.StringOutput `pulumi:"certPem"`
	// List of DNS names for which a certificate is being requested (i.e. certificate subjects).
	DnsNames pulumi.StringArrayOutput `pulumi:"dnsNames"`
	// The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This
	// can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old
	// certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate
	// revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the
	// early renewal period. (default: `0`)
	EarlyRenewalHours pulumi.IntOutput `pulumi:"earlyRenewalHours"`
	// List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
	IpAddresses pulumi.StringArrayOutput `pulumi:"ipAddresses"`
	// Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
	IsCaCertificate pulumi.BoolOutput `pulumi:"isCaCertificate"`
	// Name of the algorithm used when generating the private key provided in `privateKeyPem`.
	KeyAlgorithm pulumi.StringOutput `pulumi:"keyAlgorithm"`
	// Private key in PEM (RFC 1421) interpolation function.
	PrivateKeyPem pulumi.StringOutput `pulumi:"privateKeyPem"`
	// Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
	ReadyForRenewal pulumi.BoolOutput `pulumi:"readyForRenewal"`
	// Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetAuthorityKeyId pulumi.BoolOutput `pulumi:"setAuthorityKeyId"`
	// Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetSubjectKeyId pulumi.BoolOutput `pulumi:"setSubjectKeyId"`
	// The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
	Subject SelfSignedCertSubjectPtrOutput `pulumi:"subject"`
	// List of URIs for which a certificate is being requested (i.e. certificate subjects).
	Uris pulumi.StringArrayOutput `pulumi:"uris"`
	// The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityEndTime pulumi.StringOutput `pulumi:"validityEndTime"`
	// Number of hours, after initial issuing, that the certificate will remain valid for.
	ValidityPeriodHours pulumi.IntOutput `pulumi:"validityPeriodHours"`
	// The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityStartTime pulumi.StringOutput `pulumi:"validityStartTime"`
}

func GetSelfSignedCert 

func GetSelfSignedCert(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SelfSignedCertState, opts ...pulumi.ResourceOption) (*SelfSignedCert, error)

GetSelfSignedCert gets an existing SelfSignedCert resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSelfSignedCert 

func NewSelfSignedCert(ctx *pulumi.Context,
	name string, args *SelfSignedCertArgs, opts ...pulumi.ResourceOption) (*SelfSignedCert, error)

NewSelfSignedCert registers a new resource with the given unique name, arguments, and options.

func (*SelfSignedCert) ElementType 

func (*SelfSignedCert) ElementType() reflect.Type

func (*SelfSignedCert) ToSelfSignedCertOutput 

func (i *SelfSignedCert) ToSelfSignedCertOutput() SelfSignedCertOutput

func (*SelfSignedCert) ToSelfSignedCertOutputWithContext 

func (i *SelfSignedCert) ToSelfSignedCertOutputWithContext(ctx context.Context) SelfSignedCertOutput

type SelfSignedCertArgs 

type SelfSignedCertArgs struct {
	// List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
	AllowedUses pulumi.StringArrayInput
	// List of DNS names for which a certificate is being requested (i.e. certificate subjects).
	DnsNames pulumi.StringArrayInput
	// The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This
	// can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old
	// certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate
	// revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the
	// early renewal period. (default: `0`)
	EarlyRenewalHours pulumi.IntPtrInput
	// List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
	IpAddresses pulumi.StringArrayInput
	// Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
	IsCaCertificate pulumi.BoolPtrInput
	// Private key in PEM (RFC 1421) interpolation function.
	PrivateKeyPem pulumi.StringInput
	// Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetAuthorityKeyId pulumi.BoolPtrInput
	// Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetSubjectKeyId pulumi.BoolPtrInput
	// The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
	Subject SelfSignedCertSubjectPtrInput
	// List of URIs for which a certificate is being requested (i.e. certificate subjects).
	Uris pulumi.StringArrayInput
	// Number of hours, after initial issuing, that the certificate will remain valid for.
	ValidityPeriodHours pulumi.IntInput
}

The set of arguments for constructing a SelfSignedCert resource.

func (SelfSignedCertArgs) ElementType 

func (SelfSignedCertArgs) ElementType() reflect.Type

type SelfSignedCertArray 

type SelfSignedCertArray []SelfSignedCertInput

func (SelfSignedCertArray) ElementType 

func (SelfSignedCertArray) ElementType() reflect.Type

func (SelfSignedCertArray) ToSelfSignedCertArrayOutput 

func (i SelfSignedCertArray) ToSelfSignedCertArrayOutput() SelfSignedCertArrayOutput

func (SelfSignedCertArray) ToSelfSignedCertArrayOutputWithContext 

func (i SelfSignedCertArray) ToSelfSignedCertArrayOutputWithContext(ctx context.Context) SelfSignedCertArrayOutput

type SelfSignedCertArrayInput 

type SelfSignedCertArrayInput interface {
	pulumi.Input

	ToSelfSignedCertArrayOutput() SelfSignedCertArrayOutput
	ToSelfSignedCertArrayOutputWithContext(context.Context) SelfSignedCertArrayOutput
}

SelfSignedCertArrayInput is an input type that accepts SelfSignedCertArray and SelfSignedCertArrayOutput values. You can construct a concrete instance of `SelfSignedCertArrayInput` via: 

SelfSignedCertArray{ SelfSignedCertArgs{...} }

type SelfSignedCertArrayOutput 

type SelfSignedCertArrayOutput struct{ *pulumi.OutputState }

func (SelfSignedCertArrayOutput) ElementType 

func (SelfSignedCertArrayOutput) ElementType() reflect.Type

func (SelfSignedCertArrayOutput) Index 

func (o SelfSignedCertArrayOutput) Index(i pulumi.IntInput) SelfSignedCertOutput

func (SelfSignedCertArrayOutput) ToSelfSignedCertArrayOutput 

func (o SelfSignedCertArrayOutput) ToSelfSignedCertArrayOutput() SelfSignedCertArrayOutput

func (SelfSignedCertArrayOutput) ToSelfSignedCertArrayOutputWithContext 

func (o SelfSignedCertArrayOutput) ToSelfSignedCertArrayOutputWithContext(ctx context.Context) SelfSignedCertArrayOutput

type SelfSignedCertInput 

type SelfSignedCertInput interface {
	pulumi.Input

	ToSelfSignedCertOutput() SelfSignedCertOutput
	ToSelfSignedCertOutputWithContext(ctx context.Context) SelfSignedCertOutput
}

type SelfSignedCertMap 

type SelfSignedCertMap map[string]SelfSignedCertInput

func (SelfSignedCertMap) ElementType 

func (SelfSignedCertMap) ElementType() reflect.Type

func (SelfSignedCertMap) ToSelfSignedCertMapOutput 

func (i SelfSignedCertMap) ToSelfSignedCertMapOutput() SelfSignedCertMapOutput

func (SelfSignedCertMap) ToSelfSignedCertMapOutputWithContext 

func (i SelfSignedCertMap) ToSelfSignedCertMapOutputWithContext(ctx context.Context) SelfSignedCertMapOutput

type SelfSignedCertMapInput 

type SelfSignedCertMapInput interface {
	pulumi.Input

	ToSelfSignedCertMapOutput() SelfSignedCertMapOutput
	ToSelfSignedCertMapOutputWithContext(context.Context) SelfSignedCertMapOutput
}

SelfSignedCertMapInput is an input type that accepts SelfSignedCertMap and SelfSignedCertMapOutput values. You can construct a concrete instance of `SelfSignedCertMapInput` via: 

SelfSignedCertMap{ "key": SelfSignedCertArgs{...} }

type SelfSignedCertMapOutput 

type SelfSignedCertMapOutput struct{ *pulumi.OutputState }

func (SelfSignedCertMapOutput) ElementType 

func (SelfSignedCertMapOutput) ElementType() reflect.Type

func (SelfSignedCertMapOutput) MapIndex 

func (o SelfSignedCertMapOutput) MapIndex(k pulumi.StringInput) SelfSignedCertOutput

func (SelfSignedCertMapOutput) ToSelfSignedCertMapOutput 

func (o SelfSignedCertMapOutput) ToSelfSignedCertMapOutput() SelfSignedCertMapOutput

func (SelfSignedCertMapOutput) ToSelfSignedCertMapOutputWithContext 

func (o SelfSignedCertMapOutput) ToSelfSignedCertMapOutputWithContext(ctx context.Context) SelfSignedCertMapOutput

type SelfSignedCertOutput 

type SelfSignedCertOutput struct{ *pulumi.OutputState }

func (SelfSignedCertOutput) AllowedUses 

func (o SelfSignedCertOutput) AllowedUses() pulumi.StringArrayOutput

List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.

func (SelfSignedCertOutput) CertPem 

func (o SelfSignedCertOutput) CertPem() pulumi.StringOutput

Certificate data in PEM (RFC 1421).

func (SelfSignedCertOutput) DnsNames 

func (o SelfSignedCertOutput) DnsNames() pulumi.StringArrayOutput

List of DNS names for which a certificate is being requested (i.e. certificate subjects).

func (SelfSignedCertOutput) EarlyRenewalHours 

func (o SelfSignedCertOutput) EarlyRenewalHours() pulumi.IntOutput

The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the early renewal period. (default: `0`)

func (SelfSignedCertOutput) ElementType 

func (SelfSignedCertOutput) ElementType() reflect.Type

func (SelfSignedCertOutput) IpAddresses 

func (o SelfSignedCertOutput) IpAddresses() pulumi.StringArrayOutput

List of IP addresses for which a certificate is being requested (i.e. certificate subjects).

func (SelfSignedCertOutput) IsCaCertificate 

func (o SelfSignedCertOutput) IsCaCertificate() pulumi.BoolOutput

Is the generated certificate representing a Certificate Authority (CA) (default: `false`).

func (SelfSignedCertOutput) KeyAlgorithm 

func (o SelfSignedCertOutput) KeyAlgorithm() pulumi.StringOutput

Name of the algorithm used when generating the private key provided in `privateKeyPem`.

func (SelfSignedCertOutput) PrivateKeyPem 

func (o SelfSignedCertOutput) PrivateKeyPem() pulumi.StringOutput

Private key in PEM (RFC 1421) interpolation function.

func (SelfSignedCertOutput) ReadyForRenewal 

func (o SelfSignedCertOutput) ReadyForRenewal() pulumi.BoolOutput

Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?

func (SelfSignedCertOutput) SetAuthorityKeyId 

func (o SelfSignedCertOutput) SetAuthorityKeyId() pulumi.BoolOutput

Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).

func (SelfSignedCertOutput) SetSubjectKeyId 

func (o SelfSignedCertOutput) SetSubjectKeyId() pulumi.BoolOutput

Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).

func (SelfSignedCertOutput) Subject 

func (o SelfSignedCertOutput) Subject() SelfSignedCertSubjectPtrOutput

The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.

func (SelfSignedCertOutput) ToSelfSignedCertOutput 

func (o SelfSignedCertOutput) ToSelfSignedCertOutput() SelfSignedCertOutput

func (SelfSignedCertOutput) ToSelfSignedCertOutputWithContext 

func (o SelfSignedCertOutput) ToSelfSignedCertOutputWithContext(ctx context.Context) SelfSignedCertOutput

func (SelfSignedCertOutput) Uris 

func (o SelfSignedCertOutput) Uris() pulumi.StringArrayOutput

List of URIs for which a certificate is being requested (i.e. certificate subjects).

func (SelfSignedCertOutput) ValidityEndTime 

func (o SelfSignedCertOutput) ValidityEndTime() pulumi.StringOutput

The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.

func (SelfSignedCertOutput) ValidityPeriodHours 

func (o SelfSignedCertOutput) ValidityPeriodHours() pulumi.IntOutput

Number of hours, after initial issuing, that the certificate will remain valid for.

func (SelfSignedCertOutput) ValidityStartTime 

func (o SelfSignedCertOutput) ValidityStartTime() pulumi.StringOutput

The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.

type SelfSignedCertState 

type SelfSignedCertState struct {
	// List of key usages allowed for the issued certificate. Values are defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) and combine flags defined by both [Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3) and [Extended Key Usages](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). Accepted values: `anyExtended`, `certSigning`, `clientAuth`, `codeSigning`, `contentCommitment`, `crlSigning`, `dataEncipherment`, `decipherOnly`, `digitalSignature`, `emailProtection`, `encipherOnly`, `ipsecEndSystem`, `ipsecTunnel`, `ipsecUser`, `keyAgreement`, `keyEncipherment`, `microsoftCommercialCodeSigning`, `microsoftKernelCodeSigning`, `microsoftServerGatedCrypto`, `netscapeServerGatedCrypto`, `ocspSigning`, `serverAuth`, `timestamping`.
	AllowedUses pulumi.StringArrayInput
	// Certificate data in PEM (RFC 1421).
	CertPem pulumi.StringPtrInput
	// List of DNS names for which a certificate is being requested (i.e. certificate subjects).
	DnsNames pulumi.StringArrayInput
	// The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This
	// can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old
	// certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate
	// revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the
	// early renewal period. (default: `0`)
	EarlyRenewalHours pulumi.IntPtrInput
	// List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
	IpAddresses pulumi.StringArrayInput
	// Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
	IsCaCertificate pulumi.BoolPtrInput
	// Name of the algorithm used when generating the private key provided in `privateKeyPem`.
	KeyAlgorithm pulumi.StringPtrInput
	// Private key in PEM (RFC 1421) interpolation function.
	PrivateKeyPem pulumi.StringPtrInput
	// Is the certificate either expired (i.e. beyond the `validityPeriodHours`) or ready for an early renewal (i.e. within the `earlyRenewalHours`)?
	ReadyForRenewal pulumi.BoolPtrInput
	// Should the generated certificate include an [authority key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1): for self-signed certificates this is the same value as the [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetAuthorityKeyId pulumi.BoolPtrInput
	// Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
	SetSubjectKeyId pulumi.BoolPtrInput
	// The subject for which a certificate is being requested. The acceptable arguments are all optional and their naming is based upon [Issuer Distinguished Names (RFC5280)](https://tools.ietf.org/html/rfc5280#section-4.1.2.4) section.
	Subject SelfSignedCertSubjectPtrInput
	// List of URIs for which a certificate is being requested (i.e. certificate subjects).
	Uris pulumi.StringArrayInput
	// The time until which the certificate is invalid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityEndTime pulumi.StringPtrInput
	// Number of hours, after initial issuing, that the certificate will remain valid for.
	ValidityPeriodHours pulumi.IntPtrInput
	// The time after which the certificate is valid, expressed as an [RFC3339](https://tools.ietf.org/html/rfc3339) timestamp.
	ValidityStartTime pulumi.StringPtrInput
}

func (SelfSignedCertState) ElementType 

func (SelfSignedCertState) ElementType() reflect.Type

type SelfSignedCertSubject 

type SelfSignedCertSubject struct {
	// Distinguished name: `CN`
	CommonName *string `pulumi:"commonName"`
	// Distinguished name: `C`
	Country *string `pulumi:"country"`
	// Distinguished name: `L`
	Locality *string `pulumi:"locality"`
	// Distinguished name: `O`
	Organization *string `pulumi:"organization"`
	// Distinguished name: `OU`
	OrganizationalUnit *string `pulumi:"organizationalUnit"`
	// Distinguished name: `PC`
	PostalCode *string `pulumi:"postalCode"`
	// Distinguished name: `ST`
	Province *string `pulumi:"province"`
	// Distinguished name: `SERIALNUMBER`
	SerialNumber *string `pulumi:"serialNumber"`
	// Distinguished name: `STREET`
	StreetAddresses []string `pulumi:"streetAddresses"`
}

type SelfSignedCertSubjectArgs 

type SelfSignedCertSubjectArgs struct {
	// Distinguished name: `CN`
	CommonName pulumi.StringPtrInput `pulumi:"commonName"`
	// Distinguished name: `C`
	Country pulumi.StringPtrInput `pulumi:"country"`
	// Distinguished name: `L`
	Locality pulumi.StringPtrInput `pulumi:"locality"`
	// Distinguished name: `O`
	Organization pulumi.StringPtrInput `pulumi:"organization"`
	// Distinguished name: `OU`
	OrganizationalUnit pulumi.StringPtrInput `pulumi:"organizationalUnit"`
	// Distinguished name: `PC`
	PostalCode pulumi.StringPtrInput `pulumi:"postalCode"`
	// Distinguished name: `ST`
	Province pulumi.StringPtrInput `pulumi:"province"`
	// Distinguished name: `SERIALNUMBER`
	SerialNumber pulumi.StringPtrInput `pulumi:"serialNumber"`
	// Distinguished name: `STREET`
	StreetAddresses pulumi.StringArrayInput `pulumi:"streetAddresses"`
}

func (SelfSignedCertSubjectArgs) ElementType 

func (SelfSignedCertSubjectArgs) ElementType() reflect.Type

func (SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectOutput 

func (i SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectOutput() SelfSignedCertSubjectOutput

func (SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectOutputWithContext 

func (i SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectOutputWithContext(ctx context.Context) SelfSignedCertSubjectOutput

func (SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectPtrOutput 

func (i SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectPtrOutput() SelfSignedCertSubjectPtrOutput

func (SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectPtrOutputWithContext 

func (i SelfSignedCertSubjectArgs) ToSelfSignedCertSubjectPtrOutputWithContext(ctx context.Context) SelfSignedCertSubjectPtrOutput

type SelfSignedCertSubjectInput 

type SelfSignedCertSubjectInput interface {
	pulumi.Input

	ToSelfSignedCertSubjectOutput() SelfSignedCertSubjectOutput
	ToSelfSignedCertSubjectOutputWithContext(context.Context) SelfSignedCertSubjectOutput
}

SelfSignedCertSubjectInput is an input type that accepts SelfSignedCertSubjectArgs and SelfSignedCertSubjectOutput values. You can construct a concrete instance of `SelfSignedCertSubjectInput` via: 

SelfSignedCertSubjectArgs{...}

type SelfSignedCertSubjectOutput 

type SelfSignedCertSubjectOutput struct{ *pulumi.OutputState }

func (SelfSignedCertSubjectOutput) CommonName 

func (o SelfSignedCertSubjectOutput) CommonName() pulumi.StringPtrOutput

Distinguished name: `CN`

func (SelfSignedCertSubjectOutput) Country 

func (o SelfSignedCertSubjectOutput) Country() pulumi.StringPtrOutput

Distinguished name: `C`

func (SelfSignedCertSubjectOutput) ElementType 

func (SelfSignedCertSubjectOutput) ElementType() reflect.Type

func (SelfSignedCertSubjectOutput) Locality 

func (o SelfSignedCertSubjectOutput) Locality() pulumi.StringPtrOutput

Distinguished name: `L`

func (SelfSignedCertSubjectOutput) Organization 

func (o SelfSignedCertSubjectOutput) Organization() pulumi.StringPtrOutput

Distinguished name: `O`

func (SelfSignedCertSubjectOutput) OrganizationalUnit 

func (o SelfSignedCertSubjectOutput) OrganizationalUnit() pulumi.StringPtrOutput

Distinguished name: `OU`

func (SelfSignedCertSubjectOutput) PostalCode 

func (o SelfSignedCertSubjectOutput) PostalCode() pulumi.StringPtrOutput

Distinguished name: `PC`

func (SelfSignedCertSubjectOutput) Province 

func (o SelfSignedCertSubjectOutput) Province() pulumi.StringPtrOutput

Distinguished name: `ST`

func (SelfSignedCertSubjectOutput) SerialNumber 

func (o SelfSignedCertSubjectOutput) SerialNumber() pulumi.StringPtrOutput

Distinguished name: `SERIALNUMBER`

func (SelfSignedCertSubjectOutput) StreetAddresses 

func (o SelfSignedCertSubjectOutput) StreetAddresses() pulumi.StringArrayOutput

Distinguished name: `STREET`

func (SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectOutput 

func (o SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectOutput() SelfSignedCertSubjectOutput

func (SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectOutputWithContext 

func (o SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectOutputWithContext(ctx context.Context) SelfSignedCertSubjectOutput

func (SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectPtrOutput 

func (o SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectPtrOutput() SelfSignedCertSubjectPtrOutput

func (SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectPtrOutputWithContext 

func (o SelfSignedCertSubjectOutput) ToSelfSignedCertSubjectPtrOutputWithContext(ctx context.Context) SelfSignedCertSubjectPtrOutput

type SelfSignedCertSubjectPtrInput 

type SelfSignedCertSubjectPtrInput interface {
	pulumi.Input

	ToSelfSignedCertSubjectPtrOutput() SelfSignedCertSubjectPtrOutput
	ToSelfSignedCertSubjectPtrOutputWithContext(context.Context) SelfSignedCertSubjectPtrOutput
}

SelfSignedCertSubjectPtrInput is an input type that accepts SelfSignedCertSubjectArgs, SelfSignedCertSubjectPtr and SelfSignedCertSubjectPtrOutput values. You can construct a concrete instance of `SelfSignedCertSubjectPtrInput` via: 

        SelfSignedCertSubjectArgs{...}

or:

        nil

func SelfSignedCertSubjectPtr 

func SelfSignedCertSubjectPtr(v *SelfSignedCertSubjectArgs) SelfSignedCertSubjectPtrInput

type SelfSignedCertSubjectPtrOutput 

type SelfSignedCertSubjectPtrOutput struct{ *pulumi.OutputState }

func (SelfSignedCertSubjectPtrOutput) CommonName 

func (o SelfSignedCertSubjectPtrOutput) CommonName() pulumi.StringPtrOutput

Distinguished name: `CN`

func (SelfSignedCertSubjectPtrOutput) Country 

func (o SelfSignedCertSubjectPtrOutput) Country() pulumi.StringPtrOutput

Distinguished name: `C`

func (SelfSignedCertSubjectPtrOutput) Elem 

func (o SelfSignedCertSubjectPtrOutput) Elem() SelfSignedCertSubjectOutput

func (SelfSignedCertSubjectPtrOutput) ElementType 

func (SelfSignedCertSubjectPtrOutput) ElementType() reflect.Type

func (SelfSignedCertSubjectPtrOutput) Locality 

func (o SelfSignedCertSubjectPtrOutput) Locality() pulumi.StringPtrOutput

Distinguished name: `L`

func (SelfSignedCertSubjectPtrOutput) Organization 

func (o SelfSignedCertSubjectPtrOutput) Organization() pulumi.StringPtrOutput

Distinguished name: `O`

func (SelfSignedCertSubjectPtrOutput) OrganizationalUnit 

func (o SelfSignedCertSubjectPtrOutput) OrganizationalUnit() pulumi.StringPtrOutput

Distinguished name: `OU`

func (SelfSignedCertSubjectPtrOutput) PostalCode 

func (o SelfSignedCertSubjectPtrOutput) PostalCode() pulumi.StringPtrOutput

Distinguished name: `PC`

func (SelfSignedCertSubjectPtrOutput) Province 

func (o SelfSignedCertSubjectPtrOutput) Province() pulumi.StringPtrOutput

Distinguished name: `ST`

func (SelfSignedCertSubjectPtrOutput) SerialNumber 

func (o SelfSignedCertSubjectPtrOutput) SerialNumber() pulumi.StringPtrOutput

Distinguished name: `SERIALNUMBER`

func (SelfSignedCertSubjectPtrOutput) StreetAddresses 

func (o SelfSignedCertSubjectPtrOutput) StreetAddresses() pulumi.StringArrayOutput

Distinguished name: `STREET`

func (SelfSignedCertSubjectPtrOutput) ToSelfSignedCertSubjectPtrOutput 

func (o SelfSignedCertSubjectPtrOutput) ToSelfSignedCertSubjectPtrOutput() SelfSignedCertSubjectPtrOutput

func (SelfSignedCertSubjectPtrOutput) ToSelfSignedCertSubjectPtrOutputWithContext 

func (o SelfSignedCertSubjectPtrOutput) ToSelfSignedCertSubjectPtrOutputWithContext(ctx context.Context) SelfSignedCertSubjectPtrOutput

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.