Documentation ¶
Overview ¶
A Pulumi package for creating and managing venafi cloud resources.
Index ¶
- type Certificate
- type CertificateArgs
- type CertificateArray
- type CertificateArrayInput
- type CertificateArrayOutput
- func (CertificateArrayOutput) ElementType() reflect.Type
- func (o CertificateArrayOutput) Index(i pulumi.IntInput) CertificateOutput
- func (o CertificateArrayOutput) ToCertificateArrayOutput() CertificateArrayOutput
- func (o CertificateArrayOutput) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput
- type CertificateInput
- type CertificateMap
- type CertificateMapInput
- type CertificateMapOutput
- func (CertificateMapOutput) ElementType() reflect.Type
- func (o CertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateOutput
- func (o CertificateMapOutput) ToCertificateMapOutput() CertificateMapOutput
- func (o CertificateMapOutput) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput
- type CertificateOutput
- func (o CertificateOutput) Algorithm() pulumi.StringPtrOutput
- func (o CertificateOutput) Certificate() pulumi.StringOutput
- func (o CertificateOutput) CertificateDn() pulumi.StringOutput
- func (o CertificateOutput) Chain() pulumi.StringOutput
- func (o CertificateOutput) CommonName() pulumi.StringOutput
- func (o CertificateOutput) CsrOrigin() pulumi.StringPtrOutput
- func (o CertificateOutput) CsrPem() pulumi.StringOutput
- func (o CertificateOutput) CustomFields() pulumi.StringMapOutput
- func (o CertificateOutput) EcdsaCurve() pulumi.StringPtrOutput
- func (CertificateOutput) ElementType() reflect.Type
- func (o CertificateOutput) ExpirationWindow() pulumi.IntPtrOutput
- func (o CertificateOutput) IssuerHint() pulumi.StringPtrOutput
- func (o CertificateOutput) KeyPassword() pulumi.StringPtrOutput
- func (o CertificateOutput) Nickname() pulumi.StringPtrOutput
- func (o CertificateOutput) Pkcs12() pulumi.StringOutput
- func (o CertificateOutput) PrivateKeyPem() pulumi.StringOutput
- func (o CertificateOutput) RsaBits() pulumi.IntPtrOutput
- func (o CertificateOutput) SanDns() pulumi.StringArrayOutput
- func (o CertificateOutput) SanEmails() pulumi.StringArrayOutput
- func (o CertificateOutput) SanIps() pulumi.StringArrayOutput
- func (o CertificateOutput) SanUris() pulumi.StringArrayOutput
- func (o CertificateOutput) ToCertificateOutput() CertificateOutput
- func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
- func (o CertificateOutput) ValidDays() pulumi.IntPtrOutput
- type CertificateState
- type Policy
- type PolicyArgs
- type PolicyArray
- type PolicyArrayInput
- type PolicyArrayOutput
- type PolicyInput
- type PolicyMap
- type PolicyMapInput
- type PolicyMapOutput
- type PolicyOutput
- type PolicyState
- type Provider
- type ProviderArgs
- type ProviderInput
- type ProviderOutput
- func (o ProviderOutput) AccessToken() pulumi.StringPtrOutput
- func (o ProviderOutput) ApiKey() pulumi.StringPtrOutput
- func (o ProviderOutput) ClientId() pulumi.StringPtrOutput
- func (ProviderOutput) ElementType() reflect.Type
- func (o ProviderOutput) ExternalJwt() pulumi.StringPtrOutput
- func (o ProviderOutput) P12CertFilename() pulumi.StringPtrOutput
- func (o ProviderOutput) P12CertPassword() pulumi.StringPtrOutput
- func (o ProviderOutput) ToProviderOutput() ProviderOutput
- func (o ProviderOutput) ToProviderOutputWithContext(ctx context.Context) ProviderOutput
- func (o ProviderOutput) TokenUrl() pulumi.StringPtrOutput
- func (o ProviderOutput) TppPassword() pulumi.StringPtrOutputdeprecated
- func (o ProviderOutput) TppUsername() pulumi.StringPtrOutputdeprecated
- func (o ProviderOutput) TrustBundle() pulumi.StringPtrOutput
- func (o ProviderOutput) Url() pulumi.StringPtrOutput
- func (o ProviderOutput) Zone() pulumi.StringPtrOutput
- type SshCertificate
- type SshCertificateArgs
- type SshCertificateArray
- type SshCertificateArrayInput
- type SshCertificateArrayOutput
- func (SshCertificateArrayOutput) ElementType() reflect.Type
- func (o SshCertificateArrayOutput) Index(i pulumi.IntInput) SshCertificateOutput
- func (o SshCertificateArrayOutput) ToSshCertificateArrayOutput() SshCertificateArrayOutput
- func (o SshCertificateArrayOutput) ToSshCertificateArrayOutputWithContext(ctx context.Context) SshCertificateArrayOutput
- type SshCertificateInput
- type SshCertificateMap
- type SshCertificateMapInput
- type SshCertificateMapOutput
- func (SshCertificateMapOutput) ElementType() reflect.Type
- func (o SshCertificateMapOutput) MapIndex(k pulumi.StringInput) SshCertificateOutput
- func (o SshCertificateMapOutput) ToSshCertificateMapOutput() SshCertificateMapOutput
- func (o SshCertificateMapOutput) ToSshCertificateMapOutputWithContext(ctx context.Context) SshCertificateMapOutput
- type SshCertificateOutput
- func (o SshCertificateOutput) Certificate() pulumi.StringOutput
- func (o SshCertificateOutput) CertificateType() pulumi.StringOutput
- func (o SshCertificateOutput) DestinationAddresses() pulumi.StringArrayOutput
- func (SshCertificateOutput) ElementType() reflect.Type
- func (o SshCertificateOutput) Extensions() pulumi.StringArrayOutput
- func (o SshCertificateOutput) Folder() pulumi.StringPtrOutput
- func (o SshCertificateOutput) ForceCommand() pulumi.StringPtrOutput
- func (o SshCertificateOutput) KeyId() pulumi.StringOutput
- func (o SshCertificateOutput) KeyPassphrase() pulumi.StringPtrOutput
- func (o SshCertificateOutput) KeySize() pulumi.IntPtrOutput
- func (o SshCertificateOutput) ObjectName() pulumi.StringPtrOutput
- func (o SshCertificateOutput) Principal() pulumi.StringArrayOutputdeprecated
- func (o SshCertificateOutput) Principals() pulumi.StringArrayOutput
- func (o SshCertificateOutput) PrivateKey() pulumi.StringOutput
- func (o SshCertificateOutput) PublicKey() pulumi.StringPtrOutput
- func (o SshCertificateOutput) PublicKeyFingerprint() pulumi.StringOutput
- func (o SshCertificateOutput) PublicKeyMethod() pulumi.StringPtrOutput
- func (o SshCertificateOutput) Serial() pulumi.StringOutput
- func (o SshCertificateOutput) SigningCa() pulumi.StringOutput
- func (o SshCertificateOutput) SourceAddresses() pulumi.StringArrayOutput
- func (o SshCertificateOutput) Template() pulumi.StringOutput
- func (o SshCertificateOutput) ToSshCertificateOutput() SshCertificateOutput
- func (o SshCertificateOutput) ToSshCertificateOutputWithContext(ctx context.Context) SshCertificateOutput
- func (o SshCertificateOutput) ValidFrom() pulumi.StringOutput
- func (o SshCertificateOutput) ValidHours() pulumi.IntPtrOutput
- func (o SshCertificateOutput) ValidTo() pulumi.StringOutput
- func (o SshCertificateOutput) Windows() pulumi.BoolPtrOutput
- type SshCertificateState
- type SshConfig
- type SshConfigArgs
- type SshConfigArray
- type SshConfigArrayInput
- type SshConfigArrayOutput
- func (SshConfigArrayOutput) ElementType() reflect.Type
- func (o SshConfigArrayOutput) Index(i pulumi.IntInput) SshConfigOutput
- func (o SshConfigArrayOutput) ToSshConfigArrayOutput() SshConfigArrayOutput
- func (o SshConfigArrayOutput) ToSshConfigArrayOutputWithContext(ctx context.Context) SshConfigArrayOutput
- type SshConfigInput
- type SshConfigMap
- type SshConfigMapInput
- type SshConfigMapOutput
- type SshConfigOutput
- func (o SshConfigOutput) CaPublicKey() pulumi.StringOutput
- func (SshConfigOutput) ElementType() reflect.Type
- func (o SshConfigOutput) Principals() pulumi.StringArrayOutput
- func (o SshConfigOutput) Template() pulumi.StringOutput
- func (o SshConfigOutput) ToSshConfigOutput() SshConfigOutput
- func (o SshConfigOutput) ToSshConfigOutputWithContext(ctx context.Context) SshConfigOutput
- type SshConfigState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Certificate ¶
type Certificate struct { pulumi.CustomResourceState // Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`. Algorithm pulumi.StringPtrOutput `pulumi:"algorithm"` // The X509 certificate in PEM format. Certificate pulumi.StringOutput `pulumi:"certificate"` CertificateDn pulumi.StringOutput `pulumi:"certificateDn"` // The trust chain of X509 certificate authority certificates in PEM format concatenated together. Chain pulumi.StringOutput `pulumi:"chain"` // The common name of the certificate. CommonName pulumi.StringOutput `pulumi:"commonName"` // Whether key-pair generation will be `local` or `service` generated. Default is // `local`. CsrOrigin pulumi.StringPtrOutput `pulumi:"csrOrigin"` CsrPem pulumi.StringOutput `pulumi:"csrPem"` // Collection of Custom Field name-value pairs to assign to the certificate. CustomFields pulumi.StringMapOutput `pulumi:"customFields"` // ECDSA curve to use when generating a key EcdsaCurve pulumi.StringPtrOutput `pulumi:"ecdsaCurve"` // Number of hours before certificate expiry to request a new certificate. // Defaults to `168`. ExpirationWindow pulumi.IntPtrOutput `pulumi:"expirationWindow"` // Used with `validDays` to indicate the target issuer when using Trust Protection // Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`. IssuerHint pulumi.StringPtrOutput `pulumi:"issuerHint"` // The password used to encrypt the private key. KeyPassword pulumi.StringPtrOutput `pulumi:"keyPassword"` // Use to specify a name for the new certificate object that will be created and placed // in a policy. Only valid for Trust Protection Platform. Nickname pulumi.StringPtrOutput `pulumi:"nickname"` // A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like // azure key_vault_certificate. Pkcs12 pulumi.StringOutput `pulumi:"pkcs12"` // The private key in PEM format. PrivateKeyPem pulumi.StringOutput `pulumi:"privateKeyPem"` // Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. // Defaults to `2048`. RsaBits pulumi.IntPtrOutput `pulumi:"rsaBits"` // List of DNS names to use as alternative subjects of the certificate. SanDns pulumi.StringArrayOutput `pulumi:"sanDns"` // List of email addresses to use as alternative subjects of the certificate. SanEmails pulumi.StringArrayOutput `pulumi:"sanEmails"` // List of IP addresses to use as alternative subjects of the certificate. SanIps pulumi.StringArrayOutput `pulumi:"sanIps"` // List of Uniform Resource Identifiers (URIs) to use as alternative subjects of // the certificate. SanUris pulumi.StringArrayOutput `pulumi:"sanUris"` // Desired number of days for which the new certificate will be valid. ValidDays pulumi.IntPtrOutput `pulumi:"validDays"` }
func GetCertificate ¶
func GetCertificate(ctx *pulumi.Context, name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error)
GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewCertificate ¶
func NewCertificate(ctx *pulumi.Context, name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error)
NewCertificate registers a new resource with the given unique name, arguments, and options.
func (*Certificate) ElementType ¶ added in v0.1.1
func (*Certificate) ElementType() reflect.Type
func (*Certificate) ToCertificateOutput ¶ added in v0.1.1
func (i *Certificate) ToCertificateOutput() CertificateOutput
func (*Certificate) ToCertificateOutputWithContext ¶ added in v0.1.1
func (i *Certificate) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
type CertificateArgs ¶
type CertificateArgs struct { // Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`. Algorithm pulumi.StringPtrInput CertificateDn pulumi.StringPtrInput // The common name of the certificate. CommonName pulumi.StringInput // Whether key-pair generation will be `local` or `service` generated. Default is // `local`. CsrOrigin pulumi.StringPtrInput CsrPem pulumi.StringPtrInput // Collection of Custom Field name-value pairs to assign to the certificate. CustomFields pulumi.StringMapInput // ECDSA curve to use when generating a key EcdsaCurve pulumi.StringPtrInput // Number of hours before certificate expiry to request a new certificate. // Defaults to `168`. ExpirationWindow pulumi.IntPtrInput // Used with `validDays` to indicate the target issuer when using Trust Protection // Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`. IssuerHint pulumi.StringPtrInput // The password used to encrypt the private key. KeyPassword pulumi.StringPtrInput // Use to specify a name for the new certificate object that will be created and placed // in a policy. Only valid for Trust Protection Platform. Nickname pulumi.StringPtrInput // A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like // azure key_vault_certificate. Pkcs12 pulumi.StringPtrInput // The private key in PEM format. PrivateKeyPem pulumi.StringPtrInput // Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. // Defaults to `2048`. RsaBits pulumi.IntPtrInput // List of DNS names to use as alternative subjects of the certificate. SanDns pulumi.StringArrayInput // List of email addresses to use as alternative subjects of the certificate. SanEmails pulumi.StringArrayInput // List of IP addresses to use as alternative subjects of the certificate. SanIps pulumi.StringArrayInput // List of Uniform Resource Identifiers (URIs) to use as alternative subjects of // the certificate. SanUris pulumi.StringArrayInput // Desired number of days for which the new certificate will be valid. ValidDays pulumi.IntPtrInput }
The set of arguments for constructing a Certificate resource.
func (CertificateArgs) ElementType ¶
func (CertificateArgs) ElementType() reflect.Type
type CertificateArray ¶ added in v0.3.1
type CertificateArray []CertificateInput
func (CertificateArray) ElementType ¶ added in v0.3.1
func (CertificateArray) ElementType() reflect.Type
func (CertificateArray) ToCertificateArrayOutput ¶ added in v0.3.1
func (i CertificateArray) ToCertificateArrayOutput() CertificateArrayOutput
func (CertificateArray) ToCertificateArrayOutputWithContext ¶ added in v0.3.1
func (i CertificateArray) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput
type CertificateArrayInput ¶ added in v0.3.1
type CertificateArrayInput interface { pulumi.Input ToCertificateArrayOutput() CertificateArrayOutput ToCertificateArrayOutputWithContext(context.Context) CertificateArrayOutput }
CertificateArrayInput is an input type that accepts CertificateArray and CertificateArrayOutput values. You can construct a concrete instance of `CertificateArrayInput` via:
CertificateArray{ CertificateArgs{...} }
type CertificateArrayOutput ¶ added in v0.3.1
type CertificateArrayOutput struct{ *pulumi.OutputState }
func (CertificateArrayOutput) ElementType ¶ added in v0.3.1
func (CertificateArrayOutput) ElementType() reflect.Type
func (CertificateArrayOutput) Index ¶ added in v0.3.1
func (o CertificateArrayOutput) Index(i pulumi.IntInput) CertificateOutput
func (CertificateArrayOutput) ToCertificateArrayOutput ¶ added in v0.3.1
func (o CertificateArrayOutput) ToCertificateArrayOutput() CertificateArrayOutput
func (CertificateArrayOutput) ToCertificateArrayOutputWithContext ¶ added in v0.3.1
func (o CertificateArrayOutput) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput
type CertificateInput ¶ added in v0.1.1
type CertificateInput interface { pulumi.Input ToCertificateOutput() CertificateOutput ToCertificateOutputWithContext(ctx context.Context) CertificateOutput }
type CertificateMap ¶ added in v0.3.1
type CertificateMap map[string]CertificateInput
func (CertificateMap) ElementType ¶ added in v0.3.1
func (CertificateMap) ElementType() reflect.Type
func (CertificateMap) ToCertificateMapOutput ¶ added in v0.3.1
func (i CertificateMap) ToCertificateMapOutput() CertificateMapOutput
func (CertificateMap) ToCertificateMapOutputWithContext ¶ added in v0.3.1
func (i CertificateMap) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput
type CertificateMapInput ¶ added in v0.3.1
type CertificateMapInput interface { pulumi.Input ToCertificateMapOutput() CertificateMapOutput ToCertificateMapOutputWithContext(context.Context) CertificateMapOutput }
CertificateMapInput is an input type that accepts CertificateMap and CertificateMapOutput values. You can construct a concrete instance of `CertificateMapInput` via:
CertificateMap{ "key": CertificateArgs{...} }
type CertificateMapOutput ¶ added in v0.3.1
type CertificateMapOutput struct{ *pulumi.OutputState }
func (CertificateMapOutput) ElementType ¶ added in v0.3.1
func (CertificateMapOutput) ElementType() reflect.Type
func (CertificateMapOutput) MapIndex ¶ added in v0.3.1
func (o CertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateOutput
func (CertificateMapOutput) ToCertificateMapOutput ¶ added in v0.3.1
func (o CertificateMapOutput) ToCertificateMapOutput() CertificateMapOutput
func (CertificateMapOutput) ToCertificateMapOutputWithContext ¶ added in v0.3.1
func (o CertificateMapOutput) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput
type CertificateOutput ¶ added in v0.1.1
type CertificateOutput struct{ *pulumi.OutputState }
func (CertificateOutput) Algorithm ¶ added in v1.5.0
func (o CertificateOutput) Algorithm() pulumi.StringPtrOutput
Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
func (CertificateOutput) Certificate ¶ added in v1.5.0
func (o CertificateOutput) Certificate() pulumi.StringOutput
The X509 certificate in PEM format.
func (CertificateOutput) CertificateDn ¶ added in v1.5.0
func (o CertificateOutput) CertificateDn() pulumi.StringOutput
func (CertificateOutput) Chain ¶ added in v1.5.0
func (o CertificateOutput) Chain() pulumi.StringOutput
The trust chain of X509 certificate authority certificates in PEM format concatenated together.
func (CertificateOutput) CommonName ¶ added in v1.5.0
func (o CertificateOutput) CommonName() pulumi.StringOutput
The common name of the certificate.
func (CertificateOutput) CsrOrigin ¶ added in v1.5.0
func (o CertificateOutput) CsrOrigin() pulumi.StringPtrOutput
Whether key-pair generation will be `local` or `service` generated. Default is `local`.
func (CertificateOutput) CsrPem ¶ added in v1.5.0
func (o CertificateOutput) CsrPem() pulumi.StringOutput
func (CertificateOutput) CustomFields ¶ added in v1.5.0
func (o CertificateOutput) CustomFields() pulumi.StringMapOutput
Collection of Custom Field name-value pairs to assign to the certificate.
func (CertificateOutput) EcdsaCurve ¶ added in v1.5.0
func (o CertificateOutput) EcdsaCurve() pulumi.StringPtrOutput
ECDSA curve to use when generating a key
func (CertificateOutput) ElementType ¶ added in v0.1.1
func (CertificateOutput) ElementType() reflect.Type
func (CertificateOutput) ExpirationWindow ¶ added in v1.5.0
func (o CertificateOutput) ExpirationWindow() pulumi.IntPtrOutput
Number of hours before certificate expiry to request a new certificate. Defaults to `168`.
func (CertificateOutput) IssuerHint ¶ added in v1.5.0
func (o CertificateOutput) IssuerHint() pulumi.StringPtrOutput
Used with `validDays` to indicate the target issuer when using Trust Protection Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
func (CertificateOutput) KeyPassword ¶ added in v1.5.0
func (o CertificateOutput) KeyPassword() pulumi.StringPtrOutput
The password used to encrypt the private key.
func (CertificateOutput) Nickname ¶ added in v1.5.0
func (o CertificateOutput) Nickname() pulumi.StringPtrOutput
Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
func (CertificateOutput) Pkcs12 ¶ added in v1.5.0
func (o CertificateOutput) Pkcs12() pulumi.StringOutput
A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like azure key_vault_certificate.
func (CertificateOutput) PrivateKeyPem ¶ added in v1.5.0
func (o CertificateOutput) PrivateKeyPem() pulumi.StringOutput
The private key in PEM format.
func (CertificateOutput) RsaBits ¶ added in v1.5.0
func (o CertificateOutput) RsaBits() pulumi.IntPtrOutput
Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. Defaults to `2048`.
func (CertificateOutput) SanDns ¶ added in v1.5.0
func (o CertificateOutput) SanDns() pulumi.StringArrayOutput
List of DNS names to use as alternative subjects of the certificate.
func (CertificateOutput) SanEmails ¶ added in v1.5.0
func (o CertificateOutput) SanEmails() pulumi.StringArrayOutput
List of email addresses to use as alternative subjects of the certificate.
func (CertificateOutput) SanIps ¶ added in v1.5.0
func (o CertificateOutput) SanIps() pulumi.StringArrayOutput
List of IP addresses to use as alternative subjects of the certificate.
func (CertificateOutput) SanUris ¶ added in v1.5.0
func (o CertificateOutput) SanUris() pulumi.StringArrayOutput
List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
func (CertificateOutput) ToCertificateOutput ¶ added in v0.1.1
func (o CertificateOutput) ToCertificateOutput() CertificateOutput
func (CertificateOutput) ToCertificateOutputWithContext ¶ added in v0.1.1
func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
func (CertificateOutput) ValidDays ¶ added in v1.5.0
func (o CertificateOutput) ValidDays() pulumi.IntPtrOutput
Desired number of days for which the new certificate will be valid.
type CertificateState ¶
type CertificateState struct { // Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`. Algorithm pulumi.StringPtrInput // The X509 certificate in PEM format. Certificate pulumi.StringPtrInput CertificateDn pulumi.StringPtrInput // The trust chain of X509 certificate authority certificates in PEM format concatenated together. Chain pulumi.StringPtrInput // The common name of the certificate. CommonName pulumi.StringPtrInput // Whether key-pair generation will be `local` or `service` generated. Default is // `local`. CsrOrigin pulumi.StringPtrInput CsrPem pulumi.StringPtrInput // Collection of Custom Field name-value pairs to assign to the certificate. CustomFields pulumi.StringMapInput // ECDSA curve to use when generating a key EcdsaCurve pulumi.StringPtrInput // Number of hours before certificate expiry to request a new certificate. // Defaults to `168`. ExpirationWindow pulumi.IntPtrInput // Used with `validDays` to indicate the target issuer when using Trust Protection // Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`. IssuerHint pulumi.StringPtrInput // The password used to encrypt the private key. KeyPassword pulumi.StringPtrInput // Use to specify a name for the new certificate object that will be created and placed // in a policy. Only valid for Trust Protection Platform. Nickname pulumi.StringPtrInput // A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like // azure key_vault_certificate. Pkcs12 pulumi.StringPtrInput // The private key in PEM format. PrivateKeyPem pulumi.StringPtrInput // Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. // Defaults to `2048`. RsaBits pulumi.IntPtrInput // List of DNS names to use as alternative subjects of the certificate. SanDns pulumi.StringArrayInput // List of email addresses to use as alternative subjects of the certificate. SanEmails pulumi.StringArrayInput // List of IP addresses to use as alternative subjects of the certificate. SanIps pulumi.StringArrayInput // List of Uniform Resource Identifiers (URIs) to use as alternative subjects of // the certificate. SanUris pulumi.StringArrayInput // Desired number of days for which the new certificate will be valid. ValidDays pulumi.IntPtrInput }
func (CertificateState) ElementType ¶
func (CertificateState) ElementType() reflect.Type
type Policy ¶ added in v1.1.0
type Policy struct { pulumi.CustomResourceState // The JSON-formatted certificate policy specification as documented // [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file` // function. PolicySpecification pulumi.StringPtrOutput `pulumi:"policySpecification"` // The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and // issuing template. Zone pulumi.StringPtrOutput `pulumi:"zone"` }
Provides access to read and write certificate policy in Venafi. This can be used to define a new policy (folder in *Trust Protection Platform*; application and issuing template in *Venafi Control Plane*).
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"os" "github.com/pulumi/pulumi-venafi/sdk/go/venafi" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput { data, err := os.ReadFile(path) if err != nil { panic(err.Error()) } return pulumi.String(string(data)) } func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := venafi.NewPolicy(ctx, "internalPolicy", &venafi.PolicyArgs{ Zone: pulumi.String("My Business App\\Enterprise Trusted Certs"), PolicySpecification: readFileOrPanic("/path-to/internal-policy.json"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
The `venafi_policy` resource supports the Terraform import method.
When used, the `zone` and `policy_specification` resource arguments are not required since the zone is a required
parameter of the import method and the policy specification is populated from the existing infrastructure. Policy that
is successfully imported is also output to a file named after the zone that was specified.
hcl
resource "venafi_policy" "existing_policy" {}
```sh $ pulumi import venafi:index/policy:Policy existing_policy" "My Business App\\Enterprise Trusted Certs" ```
func GetPolicy ¶ added in v1.1.0
func GetPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)
GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewPolicy ¶ added in v1.1.0
func NewPolicy(ctx *pulumi.Context, name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)
NewPolicy registers a new resource with the given unique name, arguments, and options.
func (*Policy) ElementType ¶ added in v1.1.0
func (*Policy) ToPolicyOutput ¶ added in v1.1.0
func (i *Policy) ToPolicyOutput() PolicyOutput
func (*Policy) ToPolicyOutputWithContext ¶ added in v1.1.0
func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
type PolicyArgs ¶ added in v1.1.0
type PolicyArgs struct { // The JSON-formatted certificate policy specification as documented // [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file` // function. PolicySpecification pulumi.StringPtrInput // The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and // issuing template. Zone pulumi.StringPtrInput }
The set of arguments for constructing a Policy resource.
func (PolicyArgs) ElementType ¶ added in v1.1.0
func (PolicyArgs) ElementType() reflect.Type
type PolicyArray ¶ added in v1.1.0
type PolicyArray []PolicyInput
func (PolicyArray) ElementType ¶ added in v1.1.0
func (PolicyArray) ElementType() reflect.Type
func (PolicyArray) ToPolicyArrayOutput ¶ added in v1.1.0
func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput
func (PolicyArray) ToPolicyArrayOutputWithContext ¶ added in v1.1.0
func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput
type PolicyArrayInput ¶ added in v1.1.0
type PolicyArrayInput interface { pulumi.Input ToPolicyArrayOutput() PolicyArrayOutput ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput }
PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via:
PolicyArray{ PolicyArgs{...} }
type PolicyArrayOutput ¶ added in v1.1.0
type PolicyArrayOutput struct{ *pulumi.OutputState }
func (PolicyArrayOutput) ElementType ¶ added in v1.1.0
func (PolicyArrayOutput) ElementType() reflect.Type
func (PolicyArrayOutput) Index ¶ added in v1.1.0
func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput
func (PolicyArrayOutput) ToPolicyArrayOutput ¶ added in v1.1.0
func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput
func (PolicyArrayOutput) ToPolicyArrayOutputWithContext ¶ added in v1.1.0
func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput
type PolicyInput ¶ added in v1.1.0
type PolicyInput interface { pulumi.Input ToPolicyOutput() PolicyOutput ToPolicyOutputWithContext(ctx context.Context) PolicyOutput }
type PolicyMap ¶ added in v1.1.0
type PolicyMap map[string]PolicyInput
func (PolicyMap) ElementType ¶ added in v1.1.0
func (PolicyMap) ToPolicyMapOutput ¶ added in v1.1.0
func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput
func (PolicyMap) ToPolicyMapOutputWithContext ¶ added in v1.1.0
func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput
type PolicyMapInput ¶ added in v1.1.0
type PolicyMapInput interface { pulumi.Input ToPolicyMapOutput() PolicyMapOutput ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput }
PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via:
PolicyMap{ "key": PolicyArgs{...} }
type PolicyMapOutput ¶ added in v1.1.0
type PolicyMapOutput struct{ *pulumi.OutputState }
func (PolicyMapOutput) ElementType ¶ added in v1.1.0
func (PolicyMapOutput) ElementType() reflect.Type
func (PolicyMapOutput) MapIndex ¶ added in v1.1.0
func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput
func (PolicyMapOutput) ToPolicyMapOutput ¶ added in v1.1.0
func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput
func (PolicyMapOutput) ToPolicyMapOutputWithContext ¶ added in v1.1.0
func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput
type PolicyOutput ¶ added in v1.1.0
type PolicyOutput struct{ *pulumi.OutputState }
func (PolicyOutput) ElementType ¶ added in v1.1.0
func (PolicyOutput) ElementType() reflect.Type
func (PolicyOutput) PolicySpecification ¶ added in v1.5.0
func (o PolicyOutput) PolicySpecification() pulumi.StringPtrOutput
The JSON-formatted certificate policy specification as documented [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file` function.
func (PolicyOutput) ToPolicyOutput ¶ added in v1.1.0
func (o PolicyOutput) ToPolicyOutput() PolicyOutput
func (PolicyOutput) ToPolicyOutputWithContext ¶ added in v1.1.0
func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
func (PolicyOutput) Zone ¶ added in v1.5.0
func (o PolicyOutput) Zone() pulumi.StringPtrOutput
The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and issuing template.
type PolicyState ¶ added in v1.1.0
type PolicyState struct { // The JSON-formatted certificate policy specification as documented // [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file` // function. PolicySpecification pulumi.StringPtrInput // The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and // issuing template. Zone pulumi.StringPtrInput }
func (PolicyState) ElementType ¶ added in v1.1.0
func (PolicyState) ElementType() reflect.Type
type Provider ¶
type Provider struct { pulumi.ProviderResourceState // Access token for Venafi TLSPDC, user should use this for authentication AccessToken pulumi.StringPtrOutput `pulumi:"accessToken"` // API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d ApiKey pulumi.StringPtrOutput `pulumi:"apiKey"` // application that will be using the token ClientId pulumi.StringPtrOutput `pulumi:"clientId"` // JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token ExternalJwt pulumi.StringPtrOutput `pulumi:"externalJwt"` // Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to // TLSPDC P12CertFilename pulumi.StringPtrOutput `pulumi:"p12CertFilename"` // Password for the PKCS#12 keystore declared in p12_cert P12CertPassword pulumi.StringPtrOutput `pulumi:"p12CertPassword"` // Endpoint URL to request new Venafi Control Plane access tokens TokenUrl pulumi.StringPtrOutput `pulumi:"tokenUrl"` // Password for WebSDK user. Example: password // // Deprecated: , please use accessToken instead TppPassword pulumi.StringPtrOutput `pulumi:"tppPassword"` // WebSDK user for Venafi TLSPDC. Example: admin // // Deprecated: , please use accessToken instead TppUsername pulumi.StringPtrOutput `pulumi:"tppUsername"` // Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the // Venafi Web Service. Example: trust_bundle = "${file("chain.pem")}" TrustBundle pulumi.StringPtrOutput `pulumi:"trustBundle"` // The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk Url pulumi.StringPtrOutput `pulumi:"url"` // DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias. // Example for Platform: testPolicy\\vault Example for Venafi as a Service: myApp\\Default Zone pulumi.StringPtrOutput `pulumi:"zone"` }
The provider type for the venafi package. By default, resources use package-wide configuration settings, however an explicit `Provider` instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the [documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.
func NewProvider ¶
func NewProvider(ctx *pulumi.Context, name string, args *ProviderArgs, opts ...pulumi.ResourceOption) (*Provider, error)
NewProvider registers a new resource with the given unique name, arguments, and options.
func (*Provider) ElementType ¶ added in v0.1.1
func (*Provider) ToProviderOutput ¶ added in v0.1.1
func (i *Provider) ToProviderOutput() ProviderOutput
func (*Provider) ToProviderOutputWithContext ¶ added in v0.1.1
func (i *Provider) ToProviderOutputWithContext(ctx context.Context) ProviderOutput
type ProviderArgs ¶
type ProviderArgs struct { // Access token for Venafi TLSPDC, user should use this for authentication AccessToken pulumi.StringPtrInput // API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d ApiKey pulumi.StringPtrInput // application that will be using the token ClientId pulumi.StringPtrInput // When set to true, the resulting certificate will be issued by an ephemeral, no trust CA rather than enrolling using // Venafi as a Service or Trust Protection Platform. Useful for development and testing. DevMode pulumi.BoolPtrInput // JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token ExternalJwt pulumi.StringPtrInput // Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to // TLSPDC P12CertFilename pulumi.StringPtrInput // Password for the PKCS#12 keystore declared in p12_cert P12CertPassword pulumi.StringPtrInput // When true, certificates will not be retired on Venafi platforms when terraform destroy is run. Default is false. SkipRetirement pulumi.BoolPtrInput // Endpoint URL to request new Venafi Control Plane access tokens TokenUrl pulumi.StringPtrInput // Password for WebSDK user. Example: password // // Deprecated: , please use accessToken instead TppPassword pulumi.StringPtrInput // WebSDK user for Venafi TLSPDC. Example: admin // // Deprecated: , please use accessToken instead TppUsername pulumi.StringPtrInput // Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the // Venafi Web Service. Example: trust_bundle = "${file("chain.pem")}" TrustBundle pulumi.StringPtrInput // The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk Url pulumi.StringPtrInput // DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias. // Example for Platform: testPolicy\\vault Example for Venafi as a Service: myApp\\Default Zone pulumi.StringPtrInput }
The set of arguments for constructing a Provider resource.
func (ProviderArgs) ElementType ¶
func (ProviderArgs) ElementType() reflect.Type
type ProviderInput ¶ added in v0.1.1
type ProviderInput interface { pulumi.Input ToProviderOutput() ProviderOutput ToProviderOutputWithContext(ctx context.Context) ProviderOutput }
type ProviderOutput ¶ added in v0.1.1
type ProviderOutput struct{ *pulumi.OutputState }
func (ProviderOutput) AccessToken ¶ added in v1.5.0
func (o ProviderOutput) AccessToken() pulumi.StringPtrOutput
Access token for Venafi TLSPDC, user should use this for authentication
func (ProviderOutput) ApiKey ¶ added in v1.5.0
func (o ProviderOutput) ApiKey() pulumi.StringPtrOutput
API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d
func (ProviderOutput) ClientId ¶ added in v1.6.0
func (o ProviderOutput) ClientId() pulumi.StringPtrOutput
application that will be using the token
func (ProviderOutput) ElementType ¶ added in v0.1.1
func (ProviderOutput) ElementType() reflect.Type
func (ProviderOutput) ExternalJwt ¶ added in v1.9.0
func (o ProviderOutput) ExternalJwt() pulumi.StringPtrOutput
JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token
func (ProviderOutput) P12CertFilename ¶ added in v1.6.0
func (o ProviderOutput) P12CertFilename() pulumi.StringPtrOutput
Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC
func (ProviderOutput) P12CertPassword ¶ added in v1.6.0
func (o ProviderOutput) P12CertPassword() pulumi.StringPtrOutput
Password for the PKCS#12 keystore declared in p12_cert
func (ProviderOutput) ToProviderOutput ¶ added in v0.1.1
func (o ProviderOutput) ToProviderOutput() ProviderOutput
func (ProviderOutput) ToProviderOutputWithContext ¶ added in v0.1.1
func (o ProviderOutput) ToProviderOutputWithContext(ctx context.Context) ProviderOutput
func (ProviderOutput) TokenUrl ¶ added in v1.8.0
func (o ProviderOutput) TokenUrl() pulumi.StringPtrOutput
Endpoint URL to request new Venafi Control Plane access tokens
func (ProviderOutput) TppPassword
deprecated
added in
v1.5.0
func (o ProviderOutput) TppPassword() pulumi.StringPtrOutput
Password for WebSDK user. Example: password
Deprecated: , please use accessToken instead
func (ProviderOutput) TppUsername
deprecated
added in
v1.5.0
func (o ProviderOutput) TppUsername() pulumi.StringPtrOutput
WebSDK user for Venafi TLSPDC. Example: admin
Deprecated: , please use accessToken instead
func (ProviderOutput) TrustBundle ¶ added in v1.5.0
func (o ProviderOutput) TrustBundle() pulumi.StringPtrOutput
Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the Venafi Web Service. Example: trust_bundle = "${file("chain.pem")}"
func (ProviderOutput) Url ¶ added in v1.5.0
func (o ProviderOutput) Url() pulumi.StringPtrOutput
The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk
func (ProviderOutput) Zone ¶ added in v1.5.0
func (o ProviderOutput) Zone() pulumi.StringPtrOutput
DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias. Example for Platform: testPolicy\\vault Example for Venafi as a Service: myApp\\Default
type SshCertificate ¶ added in v1.2.0
type SshCertificate struct { pulumi.CustomResourceState // The issued SSH certificate. Certificate pulumi.StringOutput `pulumi:"certificate"` // Indicates whether the SSH certificate is for client or server authentication. CertificateType pulumi.StringOutput `pulumi:"certificateType"` // A list of one or more valid IP or CIDR destination hosts where the // certificate will authenticate. DestinationAddresses pulumi.StringArrayOutput `pulumi:"destinationAddresses"` // A list of key-value pairs that contain certificate extensions from the CA // template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`, // `permit-port-forwarding`, `permit-pty`, `permit-user-rc`. Extensions pulumi.StringArrayOutput `pulumi:"extensions"` // The DN of the policy folder where the SSH certificate object will be created. Folder pulumi.StringPtrOutput `pulumi:"folder"` // A command to run after successful login. ForceCommand pulumi.StringPtrOutput `pulumi:"forceCommand"` // The identifier of the requested SSH certificate. KeyId pulumi.StringOutput `pulumi:"keyId"` // Passphrase for encrypting the private key. KeyPassphrase pulumi.StringPtrOutput `pulumi:"keyPassphrase"` // Number of bits to use when creating a key pair. (e.g. `3072`). KeySize pulumi.IntPtrOutput `pulumi:"keySize"` // The friendly name of the SSH certificate object. When not specified the `keyId` // is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new // certificate. ObjectName pulumi.StringPtrOutput `pulumi:"objectName"` // [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the // requested certificate will be valid. // // Deprecated: This will be removed in the future. Use "principals" instead Principal pulumi.StringArrayOutput `pulumi:"principal"` // A list of usernames for whom the requested certificate will be valid. Principals pulumi.StringArrayOutput `pulumi:"principals"` // The private key for the SSH certificate if generated by Venafi. PrivateKey pulumi.StringOutput `pulumi:"privateKey"` // The OpenSSH formatted public key that will be used to generate the SSH certificate. PublicKey pulumi.StringPtrOutput `pulumi:"publicKey"` // The SHA256 fingerprint of the SSH certificate's public key. PublicKeyFingerprint pulumi.StringOutput `pulumi:"publicKeyFingerprint"` // Specifies whether the public key will be `local` (default), `file` or // `service` generated. PublicKeyMethod pulumi.StringPtrOutput `pulumi:"publicKeyMethod"` // The serial number of the SSH certificate. Serial pulumi.StringOutput `pulumi:"serial"` // The SHA256 fingerprint of the CA that signed the SSH certificate. SigningCa pulumi.StringOutput `pulumi:"signingCa"` // A list of one or more valid IP or CIDR addresses that can use the SSH // certificate. SourceAddresses pulumi.StringArrayOutput `pulumi:"sourceAddresses"` // The SSH certificate issuing template. Template pulumi.StringOutput `pulumi:"template"` // The date the SSH certificate was issued. ValidFrom pulumi.StringOutput `pulumi:"validFrom"` // Desired number of hours for which the certificate will be valid. ValidHours pulumi.IntPtrOutput `pulumi:"validHours"` // The date the SSH certificate will expire. ValidTo pulumi.StringOutput `pulumi:"validTo"` // Specifies whether the private key will use Windows/DOS style line breaks. Windows pulumi.BoolPtrOutput `pulumi:"windows"` }
Provides access to request and retrieve SSH certificates from *Venafi Trust Protection Platform*.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-venafi/sdk/go/venafi" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := venafi.NewSshCertificate(ctx, "sshCert", &venafi.SshCertificateArgs{ KeyId: pulumi.String("my-first-ssh-certificate"), KeyPassphrase: pulumi.String("passw0rd"), KeySize: pulumi.Int(3072), Principals: pulumi.StringArray{ pulumi.String("seamus"), }, PublicKeyMethod: pulumi.String("local"), Template: pulumi.String("Sample SSH CA"), ValidHours: pulumi.Int(24), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetSshCertificate ¶ added in v1.2.0
func GetSshCertificate(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SshCertificateState, opts ...pulumi.ResourceOption) (*SshCertificate, error)
GetSshCertificate gets an existing SshCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSshCertificate ¶ added in v1.2.0
func NewSshCertificate(ctx *pulumi.Context, name string, args *SshCertificateArgs, opts ...pulumi.ResourceOption) (*SshCertificate, error)
NewSshCertificate registers a new resource with the given unique name, arguments, and options.
func (*SshCertificate) ElementType ¶ added in v1.2.0
func (*SshCertificate) ElementType() reflect.Type
func (*SshCertificate) ToSshCertificateOutput ¶ added in v1.2.0
func (i *SshCertificate) ToSshCertificateOutput() SshCertificateOutput
func (*SshCertificate) ToSshCertificateOutputWithContext ¶ added in v1.2.0
func (i *SshCertificate) ToSshCertificateOutputWithContext(ctx context.Context) SshCertificateOutput
type SshCertificateArgs ¶ added in v1.2.0
type SshCertificateArgs struct { // A list of one or more valid IP or CIDR destination hosts where the // certificate will authenticate. DestinationAddresses pulumi.StringArrayInput // A list of key-value pairs that contain certificate extensions from the CA // template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`, // `permit-port-forwarding`, `permit-pty`, `permit-user-rc`. Extensions pulumi.StringArrayInput // The DN of the policy folder where the SSH certificate object will be created. Folder pulumi.StringPtrInput // A command to run after successful login. ForceCommand pulumi.StringPtrInput // The identifier of the requested SSH certificate. KeyId pulumi.StringInput // Passphrase for encrypting the private key. KeyPassphrase pulumi.StringPtrInput // Number of bits to use when creating a key pair. (e.g. `3072`). KeySize pulumi.IntPtrInput // The friendly name of the SSH certificate object. When not specified the `keyId` // is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new // certificate. ObjectName pulumi.StringPtrInput // [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the // requested certificate will be valid. // // Deprecated: This will be removed in the future. Use "principals" instead Principal pulumi.StringArrayInput // A list of usernames for whom the requested certificate will be valid. Principals pulumi.StringArrayInput // The OpenSSH formatted public key that will be used to generate the SSH certificate. PublicKey pulumi.StringPtrInput // Specifies whether the public key will be `local` (default), `file` or // `service` generated. PublicKeyMethod pulumi.StringPtrInput // A list of one or more valid IP or CIDR addresses that can use the SSH // certificate. SourceAddresses pulumi.StringArrayInput // The SSH certificate issuing template. Template pulumi.StringInput // Desired number of hours for which the certificate will be valid. ValidHours pulumi.IntPtrInput // Specifies whether the private key will use Windows/DOS style line breaks. Windows pulumi.BoolPtrInput }
The set of arguments for constructing a SshCertificate resource.
func (SshCertificateArgs) ElementType ¶ added in v1.2.0
func (SshCertificateArgs) ElementType() reflect.Type
type SshCertificateArray ¶ added in v1.2.0
type SshCertificateArray []SshCertificateInput
func (SshCertificateArray) ElementType ¶ added in v1.2.0
func (SshCertificateArray) ElementType() reflect.Type
func (SshCertificateArray) ToSshCertificateArrayOutput ¶ added in v1.2.0
func (i SshCertificateArray) ToSshCertificateArrayOutput() SshCertificateArrayOutput
func (SshCertificateArray) ToSshCertificateArrayOutputWithContext ¶ added in v1.2.0
func (i SshCertificateArray) ToSshCertificateArrayOutputWithContext(ctx context.Context) SshCertificateArrayOutput
type SshCertificateArrayInput ¶ added in v1.2.0
type SshCertificateArrayInput interface { pulumi.Input ToSshCertificateArrayOutput() SshCertificateArrayOutput ToSshCertificateArrayOutputWithContext(context.Context) SshCertificateArrayOutput }
SshCertificateArrayInput is an input type that accepts SshCertificateArray and SshCertificateArrayOutput values. You can construct a concrete instance of `SshCertificateArrayInput` via:
SshCertificateArray{ SshCertificateArgs{...} }
type SshCertificateArrayOutput ¶ added in v1.2.0
type SshCertificateArrayOutput struct{ *pulumi.OutputState }
func (SshCertificateArrayOutput) ElementType ¶ added in v1.2.0
func (SshCertificateArrayOutput) ElementType() reflect.Type
func (SshCertificateArrayOutput) Index ¶ added in v1.2.0
func (o SshCertificateArrayOutput) Index(i pulumi.IntInput) SshCertificateOutput
func (SshCertificateArrayOutput) ToSshCertificateArrayOutput ¶ added in v1.2.0
func (o SshCertificateArrayOutput) ToSshCertificateArrayOutput() SshCertificateArrayOutput
func (SshCertificateArrayOutput) ToSshCertificateArrayOutputWithContext ¶ added in v1.2.0
func (o SshCertificateArrayOutput) ToSshCertificateArrayOutputWithContext(ctx context.Context) SshCertificateArrayOutput
type SshCertificateInput ¶ added in v1.2.0
type SshCertificateInput interface { pulumi.Input ToSshCertificateOutput() SshCertificateOutput ToSshCertificateOutputWithContext(ctx context.Context) SshCertificateOutput }
type SshCertificateMap ¶ added in v1.2.0
type SshCertificateMap map[string]SshCertificateInput
func (SshCertificateMap) ElementType ¶ added in v1.2.0
func (SshCertificateMap) ElementType() reflect.Type
func (SshCertificateMap) ToSshCertificateMapOutput ¶ added in v1.2.0
func (i SshCertificateMap) ToSshCertificateMapOutput() SshCertificateMapOutput
func (SshCertificateMap) ToSshCertificateMapOutputWithContext ¶ added in v1.2.0
func (i SshCertificateMap) ToSshCertificateMapOutputWithContext(ctx context.Context) SshCertificateMapOutput
type SshCertificateMapInput ¶ added in v1.2.0
type SshCertificateMapInput interface { pulumi.Input ToSshCertificateMapOutput() SshCertificateMapOutput ToSshCertificateMapOutputWithContext(context.Context) SshCertificateMapOutput }
SshCertificateMapInput is an input type that accepts SshCertificateMap and SshCertificateMapOutput values. You can construct a concrete instance of `SshCertificateMapInput` via:
SshCertificateMap{ "key": SshCertificateArgs{...} }
type SshCertificateMapOutput ¶ added in v1.2.0
type SshCertificateMapOutput struct{ *pulumi.OutputState }
func (SshCertificateMapOutput) ElementType ¶ added in v1.2.0
func (SshCertificateMapOutput) ElementType() reflect.Type
func (SshCertificateMapOutput) MapIndex ¶ added in v1.2.0
func (o SshCertificateMapOutput) MapIndex(k pulumi.StringInput) SshCertificateOutput
func (SshCertificateMapOutput) ToSshCertificateMapOutput ¶ added in v1.2.0
func (o SshCertificateMapOutput) ToSshCertificateMapOutput() SshCertificateMapOutput
func (SshCertificateMapOutput) ToSshCertificateMapOutputWithContext ¶ added in v1.2.0
func (o SshCertificateMapOutput) ToSshCertificateMapOutputWithContext(ctx context.Context) SshCertificateMapOutput
type SshCertificateOutput ¶ added in v1.2.0
type SshCertificateOutput struct{ *pulumi.OutputState }
func (SshCertificateOutput) Certificate ¶ added in v1.5.0
func (o SshCertificateOutput) Certificate() pulumi.StringOutput
The issued SSH certificate.
func (SshCertificateOutput) CertificateType ¶ added in v1.5.0
func (o SshCertificateOutput) CertificateType() pulumi.StringOutput
Indicates whether the SSH certificate is for client or server authentication.
func (SshCertificateOutput) DestinationAddresses ¶ added in v1.5.0
func (o SshCertificateOutput) DestinationAddresses() pulumi.StringArrayOutput
A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
func (SshCertificateOutput) ElementType ¶ added in v1.2.0
func (SshCertificateOutput) ElementType() reflect.Type
func (SshCertificateOutput) Extensions ¶ added in v1.5.0
func (o SshCertificateOutput) Extensions() pulumi.StringArrayOutput
A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`, `permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
func (SshCertificateOutput) Folder ¶ added in v1.5.0
func (o SshCertificateOutput) Folder() pulumi.StringPtrOutput
The DN of the policy folder where the SSH certificate object will be created.
func (SshCertificateOutput) ForceCommand ¶ added in v1.5.0
func (o SshCertificateOutput) ForceCommand() pulumi.StringPtrOutput
A command to run after successful login.
func (SshCertificateOutput) KeyId ¶ added in v1.5.0
func (o SshCertificateOutput) KeyId() pulumi.StringOutput
The identifier of the requested SSH certificate.
func (SshCertificateOutput) KeyPassphrase ¶ added in v1.5.0
func (o SshCertificateOutput) KeyPassphrase() pulumi.StringPtrOutput
Passphrase for encrypting the private key.
func (SshCertificateOutput) KeySize ¶ added in v1.5.0
func (o SshCertificateOutput) KeySize() pulumi.IntPtrOutput
Number of bits to use when creating a key pair. (e.g. `3072`).
func (SshCertificateOutput) ObjectName ¶ added in v1.5.0
func (o SshCertificateOutput) ObjectName() pulumi.StringPtrOutput
The friendly name of the SSH certificate object. When not specified the `keyId` is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
func (SshCertificateOutput) Principal
deprecated
added in
v1.6.0
func (o SshCertificateOutput) Principal() pulumi.StringArrayOutput
[DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.
Deprecated: This will be removed in the future. Use "principals" instead
func (SshCertificateOutput) Principals ¶ added in v1.5.0
func (o SshCertificateOutput) Principals() pulumi.StringArrayOutput
A list of usernames for whom the requested certificate will be valid.
func (SshCertificateOutput) PrivateKey ¶ added in v1.5.0
func (o SshCertificateOutput) PrivateKey() pulumi.StringOutput
The private key for the SSH certificate if generated by Venafi.
func (SshCertificateOutput) PublicKey ¶ added in v1.5.0
func (o SshCertificateOutput) PublicKey() pulumi.StringPtrOutput
The OpenSSH formatted public key that will be used to generate the SSH certificate.
func (SshCertificateOutput) PublicKeyFingerprint ¶ added in v1.5.0
func (o SshCertificateOutput) PublicKeyFingerprint() pulumi.StringOutput
The SHA256 fingerprint of the SSH certificate's public key.
func (SshCertificateOutput) PublicKeyMethod ¶ added in v1.5.0
func (o SshCertificateOutput) PublicKeyMethod() pulumi.StringPtrOutput
Specifies whether the public key will be `local` (default), `file` or `service` generated.
func (SshCertificateOutput) Serial ¶ added in v1.5.0
func (o SshCertificateOutput) Serial() pulumi.StringOutput
The serial number of the SSH certificate.
func (SshCertificateOutput) SigningCa ¶ added in v1.5.0
func (o SshCertificateOutput) SigningCa() pulumi.StringOutput
The SHA256 fingerprint of the CA that signed the SSH certificate.
func (SshCertificateOutput) SourceAddresses ¶ added in v1.5.0
func (o SshCertificateOutput) SourceAddresses() pulumi.StringArrayOutput
A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
func (SshCertificateOutput) Template ¶ added in v1.5.0
func (o SshCertificateOutput) Template() pulumi.StringOutput
The SSH certificate issuing template.
func (SshCertificateOutput) ToSshCertificateOutput ¶ added in v1.2.0
func (o SshCertificateOutput) ToSshCertificateOutput() SshCertificateOutput
func (SshCertificateOutput) ToSshCertificateOutputWithContext ¶ added in v1.2.0
func (o SshCertificateOutput) ToSshCertificateOutputWithContext(ctx context.Context) SshCertificateOutput
func (SshCertificateOutput) ValidFrom ¶ added in v1.5.0
func (o SshCertificateOutput) ValidFrom() pulumi.StringOutput
The date the SSH certificate was issued.
func (SshCertificateOutput) ValidHours ¶ added in v1.5.0
func (o SshCertificateOutput) ValidHours() pulumi.IntPtrOutput
Desired number of hours for which the certificate will be valid.
func (SshCertificateOutput) ValidTo ¶ added in v1.5.0
func (o SshCertificateOutput) ValidTo() pulumi.StringOutput
The date the SSH certificate will expire.
func (SshCertificateOutput) Windows ¶ added in v1.5.0
func (o SshCertificateOutput) Windows() pulumi.BoolPtrOutput
Specifies whether the private key will use Windows/DOS style line breaks.
type SshCertificateState ¶ added in v1.2.0
type SshCertificateState struct { // The issued SSH certificate. Certificate pulumi.StringPtrInput // Indicates whether the SSH certificate is for client or server authentication. CertificateType pulumi.StringPtrInput // A list of one or more valid IP or CIDR destination hosts where the // certificate will authenticate. DestinationAddresses pulumi.StringArrayInput // A list of key-value pairs that contain certificate extensions from the CA // template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`, // `permit-port-forwarding`, `permit-pty`, `permit-user-rc`. Extensions pulumi.StringArrayInput // The DN of the policy folder where the SSH certificate object will be created. Folder pulumi.StringPtrInput // A command to run after successful login. ForceCommand pulumi.StringPtrInput // The identifier of the requested SSH certificate. KeyId pulumi.StringPtrInput // Passphrase for encrypting the private key. KeyPassphrase pulumi.StringPtrInput // Number of bits to use when creating a key pair. (e.g. `3072`). KeySize pulumi.IntPtrInput // The friendly name of the SSH certificate object. When not specified the `keyId` // is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new // certificate. ObjectName pulumi.StringPtrInput // [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the // requested certificate will be valid. // // Deprecated: This will be removed in the future. Use "principals" instead Principal pulumi.StringArrayInput // A list of usernames for whom the requested certificate will be valid. Principals pulumi.StringArrayInput // The private key for the SSH certificate if generated by Venafi. PrivateKey pulumi.StringPtrInput // The OpenSSH formatted public key that will be used to generate the SSH certificate. PublicKey pulumi.StringPtrInput // The SHA256 fingerprint of the SSH certificate's public key. PublicKeyFingerprint pulumi.StringPtrInput // Specifies whether the public key will be `local` (default), `file` or // `service` generated. PublicKeyMethod pulumi.StringPtrInput // The serial number of the SSH certificate. Serial pulumi.StringPtrInput // The SHA256 fingerprint of the CA that signed the SSH certificate. SigningCa pulumi.StringPtrInput // A list of one or more valid IP or CIDR addresses that can use the SSH // certificate. SourceAddresses pulumi.StringArrayInput // The SSH certificate issuing template. Template pulumi.StringPtrInput // The date the SSH certificate was issued. ValidFrom pulumi.StringPtrInput // Desired number of hours for which the certificate will be valid. ValidHours pulumi.IntPtrInput // The date the SSH certificate will expire. ValidTo pulumi.StringPtrInput // Specifies whether the private key will use Windows/DOS style line breaks. Windows pulumi.BoolPtrInput }
func (SshCertificateState) ElementType ¶ added in v1.2.0
func (SshCertificateState) ElementType() reflect.Type
type SshConfig ¶ added in v1.4.0
type SshConfig struct { pulumi.CustomResourceState // (Optional, string) The template's CA public key. CaPublicKey pulumi.StringOutput `pulumi:"caPublicKey"` // (Optional, set of strings) A list of user names exported from the template. Principals pulumi.StringArrayOutput `pulumi:"principals"` // The SSH certificate issuing template. Template pulumi.StringOutput `pulumi:"template"` }
Provides access to retrieve configuration from SSH certificate issuance template from *Venafi Trust Protection Platform*.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-venafi/sdk/go/venafi" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := venafi.NewSshConfig(ctx, "cit", &venafi.SshConfigArgs{ Template: pulumi.String("devops-terraform-cit"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetSshConfig ¶ added in v1.4.0
func GetSshConfig(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SshConfigState, opts ...pulumi.ResourceOption) (*SshConfig, error)
GetSshConfig gets an existing SshConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSshConfig ¶ added in v1.4.0
func NewSshConfig(ctx *pulumi.Context, name string, args *SshConfigArgs, opts ...pulumi.ResourceOption) (*SshConfig, error)
NewSshConfig registers a new resource with the given unique name, arguments, and options.
func (*SshConfig) ElementType ¶ added in v1.4.0
func (*SshConfig) ToSshConfigOutput ¶ added in v1.4.0
func (i *SshConfig) ToSshConfigOutput() SshConfigOutput
func (*SshConfig) ToSshConfigOutputWithContext ¶ added in v1.4.0
func (i *SshConfig) ToSshConfigOutputWithContext(ctx context.Context) SshConfigOutput
type SshConfigArgs ¶ added in v1.4.0
type SshConfigArgs struct { // The SSH certificate issuing template. Template pulumi.StringInput }
The set of arguments for constructing a SshConfig resource.
func (SshConfigArgs) ElementType ¶ added in v1.4.0
func (SshConfigArgs) ElementType() reflect.Type
type SshConfigArray ¶ added in v1.4.0
type SshConfigArray []SshConfigInput
func (SshConfigArray) ElementType ¶ added in v1.4.0
func (SshConfigArray) ElementType() reflect.Type
func (SshConfigArray) ToSshConfigArrayOutput ¶ added in v1.4.0
func (i SshConfigArray) ToSshConfigArrayOutput() SshConfigArrayOutput
func (SshConfigArray) ToSshConfigArrayOutputWithContext ¶ added in v1.4.0
func (i SshConfigArray) ToSshConfigArrayOutputWithContext(ctx context.Context) SshConfigArrayOutput
type SshConfigArrayInput ¶ added in v1.4.0
type SshConfigArrayInput interface { pulumi.Input ToSshConfigArrayOutput() SshConfigArrayOutput ToSshConfigArrayOutputWithContext(context.Context) SshConfigArrayOutput }
SshConfigArrayInput is an input type that accepts SshConfigArray and SshConfigArrayOutput values. You can construct a concrete instance of `SshConfigArrayInput` via:
SshConfigArray{ SshConfigArgs{...} }
type SshConfigArrayOutput ¶ added in v1.4.0
type SshConfigArrayOutput struct{ *pulumi.OutputState }
func (SshConfigArrayOutput) ElementType ¶ added in v1.4.0
func (SshConfigArrayOutput) ElementType() reflect.Type
func (SshConfigArrayOutput) Index ¶ added in v1.4.0
func (o SshConfigArrayOutput) Index(i pulumi.IntInput) SshConfigOutput
func (SshConfigArrayOutput) ToSshConfigArrayOutput ¶ added in v1.4.0
func (o SshConfigArrayOutput) ToSshConfigArrayOutput() SshConfigArrayOutput
func (SshConfigArrayOutput) ToSshConfigArrayOutputWithContext ¶ added in v1.4.0
func (o SshConfigArrayOutput) ToSshConfigArrayOutputWithContext(ctx context.Context) SshConfigArrayOutput
type SshConfigInput ¶ added in v1.4.0
type SshConfigInput interface { pulumi.Input ToSshConfigOutput() SshConfigOutput ToSshConfigOutputWithContext(ctx context.Context) SshConfigOutput }
type SshConfigMap ¶ added in v1.4.0
type SshConfigMap map[string]SshConfigInput
func (SshConfigMap) ElementType ¶ added in v1.4.0
func (SshConfigMap) ElementType() reflect.Type
func (SshConfigMap) ToSshConfigMapOutput ¶ added in v1.4.0
func (i SshConfigMap) ToSshConfigMapOutput() SshConfigMapOutput
func (SshConfigMap) ToSshConfigMapOutputWithContext ¶ added in v1.4.0
func (i SshConfigMap) ToSshConfigMapOutputWithContext(ctx context.Context) SshConfigMapOutput
type SshConfigMapInput ¶ added in v1.4.0
type SshConfigMapInput interface { pulumi.Input ToSshConfigMapOutput() SshConfigMapOutput ToSshConfigMapOutputWithContext(context.Context) SshConfigMapOutput }
SshConfigMapInput is an input type that accepts SshConfigMap and SshConfigMapOutput values. You can construct a concrete instance of `SshConfigMapInput` via:
SshConfigMap{ "key": SshConfigArgs{...} }
type SshConfigMapOutput ¶ added in v1.4.0
type SshConfigMapOutput struct{ *pulumi.OutputState }
func (SshConfigMapOutput) ElementType ¶ added in v1.4.0
func (SshConfigMapOutput) ElementType() reflect.Type
func (SshConfigMapOutput) MapIndex ¶ added in v1.4.0
func (o SshConfigMapOutput) MapIndex(k pulumi.StringInput) SshConfigOutput
func (SshConfigMapOutput) ToSshConfigMapOutput ¶ added in v1.4.0
func (o SshConfigMapOutput) ToSshConfigMapOutput() SshConfigMapOutput
func (SshConfigMapOutput) ToSshConfigMapOutputWithContext ¶ added in v1.4.0
func (o SshConfigMapOutput) ToSshConfigMapOutputWithContext(ctx context.Context) SshConfigMapOutput
type SshConfigOutput ¶ added in v1.4.0
type SshConfigOutput struct{ *pulumi.OutputState }
func (SshConfigOutput) CaPublicKey ¶ added in v1.5.0
func (o SshConfigOutput) CaPublicKey() pulumi.StringOutput
(Optional, string) The template's CA public key.
func (SshConfigOutput) ElementType ¶ added in v1.4.0
func (SshConfigOutput) ElementType() reflect.Type
func (SshConfigOutput) Principals ¶ added in v1.5.0
func (o SshConfigOutput) Principals() pulumi.StringArrayOutput
(Optional, set of strings) A list of user names exported from the template.
func (SshConfigOutput) Template ¶ added in v1.5.0
func (o SshConfigOutput) Template() pulumi.StringOutput
The SSH certificate issuing template.
func (SshConfigOutput) ToSshConfigOutput ¶ added in v1.4.0
func (o SshConfigOutput) ToSshConfigOutput() SshConfigOutput
func (SshConfigOutput) ToSshConfigOutputWithContext ¶ added in v1.4.0
func (o SshConfigOutput) ToSshConfigOutputWithContext(ctx context.Context) SshConfigOutput
type SshConfigState ¶ added in v1.4.0
type SshConfigState struct { // (Optional, string) The template's CA public key. CaPublicKey pulumi.StringPtrInput // (Optional, set of strings) A list of user names exported from the template. Principals pulumi.StringArrayInput // The SSH certificate issuing template. Template pulumi.StringPtrInput }
func (SshConfigState) ElementType ¶ added in v1.4.0
func (SshConfigState) ElementType() reflect.Type