venafi

package
v1.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 16, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

A Pulumi package for creating and managing venafi cloud resources.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Certificate 

type Certificate struct {
	pulumi.CustomResourceState

	// Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
	Algorithm pulumi.StringPtrOutput `pulumi:"algorithm"`
	// The X509 certificate in PEM format.
	Certificate   pulumi.StringOutput `pulumi:"certificate"`
	CertificateDn pulumi.StringOutput `pulumi:"certificateDn"`
	// The trust chain of X509 certificate authority certificates in PEM format concatenated together.
	Chain pulumi.StringOutput `pulumi:"chain"`
	// The common name of the certificate.
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// Whether key-pair generation will be `local` or `service` generated. Default is
	// `local`.
	CsrOrigin pulumi.StringPtrOutput `pulumi:"csrOrigin"`
	CsrPem    pulumi.StringOutput    `pulumi:"csrPem"`
	// Collection of Custom Field name-value pairs to assign to the certificate.
	CustomFields pulumi.StringMapOutput `pulumi:"customFields"`
	// ECDSA curve to use when generating a key
	EcdsaCurve pulumi.StringPtrOutput `pulumi:"ecdsaCurve"`
	// Number of hours before certificate expiry to request a new certificate.
	// Defaults to `168`.
	ExpirationWindow pulumi.IntPtrOutput `pulumi:"expirationWindow"`
	// Used with `validDays` to indicate the target issuer when using Trust Protection
	// Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
	IssuerHint pulumi.StringPtrOutput `pulumi:"issuerHint"`
	// The password used to encrypt the private key.
	KeyPassword pulumi.StringPtrOutput `pulumi:"keyPassword"`
	// Use to specify a name for the new certificate object that will be created and placed
	// in a policy. Only valid for Trust Protection Platform.
	Nickname pulumi.StringPtrOutput `pulumi:"nickname"`
	// A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like
	// azure key_vault_certificate.
	Pkcs12 pulumi.StringOutput `pulumi:"pkcs12"`
	// The private key in PEM format.
	PrivateKeyPem pulumi.StringOutput `pulumi:"privateKeyPem"`
	// Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
	// Defaults to `2048`.
	RsaBits pulumi.IntPtrOutput `pulumi:"rsaBits"`
	// List of DNS names to use as alternative subjects of the certificate.
	SanDns pulumi.StringArrayOutput `pulumi:"sanDns"`
	// List of email addresses to use as alternative subjects of the certificate.
	SanEmails pulumi.StringArrayOutput `pulumi:"sanEmails"`
	// List of IP addresses to use as alternative subjects of the certificate.
	SanIps pulumi.StringArrayOutput `pulumi:"sanIps"`
	// List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
	// the certificate.
	SanUris pulumi.StringArrayOutput `pulumi:"sanUris"`
	// Desired number of days for which the new certificate will be valid.
	ValidDays pulumi.IntPtrOutput `pulumi:"validDays"`
}

func GetCertificate 

func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error)

GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificate 

func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error)

NewCertificate registers a new resource with the given unique name, arguments, and options.

func (*Certificate) ElementType added in v0.1.1 

func (*Certificate) ElementType() reflect.Type

func (*Certificate) ToCertificateOutput added in v0.1.1 

func (i *Certificate) ToCertificateOutput() CertificateOutput

func (*Certificate) ToCertificateOutputWithContext added in v0.1.1 

func (i *Certificate) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

type CertificateArgs 

type CertificateArgs struct {
	// Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
	Algorithm     pulumi.StringPtrInput
	CertificateDn pulumi.StringPtrInput
	// The common name of the certificate.
	CommonName pulumi.StringInput
	// Whether key-pair generation will be `local` or `service` generated. Default is
	// `local`.
	CsrOrigin pulumi.StringPtrInput
	CsrPem    pulumi.StringPtrInput
	// Collection of Custom Field name-value pairs to assign to the certificate.
	CustomFields pulumi.StringMapInput
	// ECDSA curve to use when generating a key
	EcdsaCurve pulumi.StringPtrInput
	// Number of hours before certificate expiry to request a new certificate.
	// Defaults to `168`.
	ExpirationWindow pulumi.IntPtrInput
	// Used with `validDays` to indicate the target issuer when using Trust Protection
	// Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
	IssuerHint pulumi.StringPtrInput
	// The password used to encrypt the private key.
	KeyPassword pulumi.StringPtrInput
	// Use to specify a name for the new certificate object that will be created and placed
	// in a policy. Only valid for Trust Protection Platform.
	Nickname pulumi.StringPtrInput
	// A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like
	// azure key_vault_certificate.
	Pkcs12 pulumi.StringPtrInput
	// The private key in PEM format.
	PrivateKeyPem pulumi.StringPtrInput
	// Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
	// Defaults to `2048`.
	RsaBits pulumi.IntPtrInput
	// List of DNS names to use as alternative subjects of the certificate.
	SanDns pulumi.StringArrayInput
	// List of email addresses to use as alternative subjects of the certificate.
	SanEmails pulumi.StringArrayInput
	// List of IP addresses to use as alternative subjects of the certificate.
	SanIps pulumi.StringArrayInput
	// List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
	// the certificate.
	SanUris pulumi.StringArrayInput
	// Desired number of days for which the new certificate will be valid.
	ValidDays pulumi.IntPtrInput
}

The set of arguments for constructing a Certificate resource.

func (CertificateArgs) ElementType 

func (CertificateArgs) ElementType() reflect.Type

type CertificateArray added in v0.3.1 

type CertificateArray []CertificateInput

func (CertificateArray) ElementType added in v0.3.1 

func (CertificateArray) ElementType() reflect.Type

func (CertificateArray) ToCertificateArrayOutput added in v0.3.1 

func (i CertificateArray) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArray) ToCertificateArrayOutputWithContext added in v0.3.1 

func (i CertificateArray) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateArrayInput added in v0.3.1 

type CertificateArrayInput interface {
	pulumi.Input

	ToCertificateArrayOutput() CertificateArrayOutput
	ToCertificateArrayOutputWithContext(context.Context) CertificateArrayOutput
}

CertificateArrayInput is an input type that accepts CertificateArray and CertificateArrayOutput values. You can construct a concrete instance of `CertificateArrayInput` via: 

CertificateArray{ CertificateArgs{...} }

type CertificateArrayOutput added in v0.3.1 

type CertificateArrayOutput struct{ *pulumi.OutputState }

func (CertificateArrayOutput) ElementType added in v0.3.1 

func (CertificateArrayOutput) ElementType() reflect.Type

func (CertificateArrayOutput) Index added in v0.3.1 

func (o CertificateArrayOutput) Index(i pulumi.IntInput) CertificateOutput

func (CertificateArrayOutput) ToCertificateArrayOutput added in v0.3.1 

func (o CertificateArrayOutput) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArrayOutput) ToCertificateArrayOutputWithContext added in v0.3.1 

func (o CertificateArrayOutput) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateInput added in v0.1.1 

type CertificateInput interface {
	pulumi.Input

	ToCertificateOutput() CertificateOutput
	ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
}

type CertificateMap added in v0.3.1 

type CertificateMap map[string]CertificateInput

func (CertificateMap) ElementType added in v0.3.1 

func (CertificateMap) ElementType() reflect.Type

func (CertificateMap) ToCertificateMapOutput added in v0.3.1 

func (i CertificateMap) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMap) ToCertificateMapOutputWithContext added in v0.3.1 

func (i CertificateMap) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateMapInput added in v0.3.1 

type CertificateMapInput interface {
	pulumi.Input

	ToCertificateMapOutput() CertificateMapOutput
	ToCertificateMapOutputWithContext(context.Context) CertificateMapOutput
}

CertificateMapInput is an input type that accepts CertificateMap and CertificateMapOutput values. You can construct a concrete instance of `CertificateMapInput` via: 

CertificateMap{ "key": CertificateArgs{...} }

type CertificateMapOutput added in v0.3.1 

type CertificateMapOutput struct{ *pulumi.OutputState }

func (CertificateMapOutput) ElementType added in v0.3.1 

func (CertificateMapOutput) ElementType() reflect.Type

func (CertificateMapOutput) MapIndex added in v0.3.1 

func (o CertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateOutput

func (CertificateMapOutput) ToCertificateMapOutput added in v0.3.1 

func (o CertificateMapOutput) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMapOutput) ToCertificateMapOutputWithContext added in v0.3.1 

func (o CertificateMapOutput) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateOutput added in v0.1.1 

type CertificateOutput struct{ *pulumi.OutputState }

func (CertificateOutput) Algorithm added in v1.5.0 

func (o CertificateOutput) Algorithm() pulumi.StringPtrOutput

Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.

func (CertificateOutput) Certificate added in v1.5.0 

func (o CertificateOutput) Certificate() pulumi.StringOutput

The X509 certificate in PEM format.

func (CertificateOutput) CertificateDn added in v1.5.0 

func (o CertificateOutput) CertificateDn() pulumi.StringOutput

func (CertificateOutput) Chain added in v1.5.0 

func (o CertificateOutput) Chain() pulumi.StringOutput

The trust chain of X509 certificate authority certificates in PEM format concatenated together.

func (CertificateOutput) CommonName added in v1.5.0 

func (o CertificateOutput) CommonName() pulumi.StringOutput

The common name of the certificate.

func (CertificateOutput) CsrOrigin added in v1.5.0 

func (o CertificateOutput) CsrOrigin() pulumi.StringPtrOutput

Whether key-pair generation will be `local` or `service` generated. Default is `local`.

func (CertificateOutput) CsrPem added in v1.5.0 

func (o CertificateOutput) CsrPem() pulumi.StringOutput

func (CertificateOutput) CustomFields added in v1.5.0 

func (o CertificateOutput) CustomFields() pulumi.StringMapOutput

Collection of Custom Field name-value pairs to assign to the certificate.

func (CertificateOutput) EcdsaCurve added in v1.5.0 

func (o CertificateOutput) EcdsaCurve() pulumi.StringPtrOutput

ECDSA curve to use when generating a key

func (CertificateOutput) ElementType added in v0.1.1 

func (CertificateOutput) ElementType() reflect.Type

func (CertificateOutput) ExpirationWindow added in v1.5.0 

func (o CertificateOutput) ExpirationWindow() pulumi.IntPtrOutput

Number of hours before certificate expiry to request a new certificate. Defaults to `168`.

func (CertificateOutput) IssuerHint added in v1.5.0 

func (o CertificateOutput) IssuerHint() pulumi.StringPtrOutput

Used with `validDays` to indicate the target issuer when using Trust Protection Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.

func (CertificateOutput) KeyPassword added in v1.5.0 

func (o CertificateOutput) KeyPassword() pulumi.StringPtrOutput

The password used to encrypt the private key.

func (CertificateOutput) Nickname added in v1.5.0 

func (o CertificateOutput) Nickname() pulumi.StringPtrOutput

Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.

func (CertificateOutput) Pkcs12 added in v1.5.0 

func (o CertificateOutput) Pkcs12() pulumi.StringOutput

A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like azure key_vault_certificate.

func (CertificateOutput) PrivateKeyPem added in v1.5.0 

func (o CertificateOutput) PrivateKeyPem() pulumi.StringOutput

The private key in PEM format.

func (CertificateOutput) RsaBits added in v1.5.0 

func (o CertificateOutput) RsaBits() pulumi.IntPtrOutput

Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. Defaults to `2048`.

func (CertificateOutput) SanDns added in v1.5.0 

func (o CertificateOutput) SanDns() pulumi.StringArrayOutput

List of DNS names to use as alternative subjects of the certificate.

func (CertificateOutput) SanEmails added in v1.5.0 

func (o CertificateOutput) SanEmails() pulumi.StringArrayOutput

List of email addresses to use as alternative subjects of the certificate.

func (CertificateOutput) SanIps added in v1.5.0 

func (o CertificateOutput) SanIps() pulumi.StringArrayOutput

List of IP addresses to use as alternative subjects of the certificate.

func (CertificateOutput) SanUris added in v1.5.0 

func (o CertificateOutput) SanUris() pulumi.StringArrayOutput

List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.

func (CertificateOutput) ToCertificateOutput added in v0.1.1 

func (o CertificateOutput) ToCertificateOutput() CertificateOutput

func (CertificateOutput) ToCertificateOutputWithContext added in v0.1.1 

func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

func (CertificateOutput) ValidDays added in v1.5.0 

func (o CertificateOutput) ValidDays() pulumi.IntPtrOutput

Desired number of days for which the new certificate will be valid.

type CertificateState 

type CertificateState struct {
	// Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.
	Algorithm pulumi.StringPtrInput
	// The X509 certificate in PEM format.
	Certificate   pulumi.StringPtrInput
	CertificateDn pulumi.StringPtrInput
	// The trust chain of X509 certificate authority certificates in PEM format concatenated together.
	Chain pulumi.StringPtrInput
	// The common name of the certificate.
	CommonName pulumi.StringPtrInput
	// Whether key-pair generation will be `local` or `service` generated. Default is
	// `local`.
	CsrOrigin pulumi.StringPtrInput
	CsrPem    pulumi.StringPtrInput
	// Collection of Custom Field name-value pairs to assign to the certificate.
	CustomFields pulumi.StringMapInput
	// ECDSA curve to use when generating a key
	EcdsaCurve pulumi.StringPtrInput
	// Number of hours before certificate expiry to request a new certificate.
	// Defaults to `168`.
	ExpirationWindow pulumi.IntPtrInput
	// Used with `validDays` to indicate the target issuer when using Trust Protection
	// Platform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.
	IssuerHint pulumi.StringPtrInput
	// The password used to encrypt the private key.
	KeyPassword pulumi.StringPtrInput
	// Use to specify a name for the new certificate object that will be created and placed
	// in a policy. Only valid for Trust Protection Platform.
	Nickname pulumi.StringPtrInput
	// A base64-encoded PKCS#12 keystore secured by the `keyPassword`. Useful when working with resources like
	// azure key_vault_certificate.
	Pkcs12 pulumi.StringPtrInput
	// The private key in PEM format.
	PrivateKeyPem pulumi.StringPtrInput
	// Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`.
	// Defaults to `2048`.
	RsaBits pulumi.IntPtrInput
	// List of DNS names to use as alternative subjects of the certificate.
	SanDns pulumi.StringArrayInput
	// List of email addresses to use as alternative subjects of the certificate.
	SanEmails pulumi.StringArrayInput
	// List of IP addresses to use as alternative subjects of the certificate.
	SanIps pulumi.StringArrayInput
	// List of Uniform Resource Identifiers (URIs) to use as alternative subjects of
	// the certificate.
	SanUris pulumi.StringArrayInput
	// Desired number of days for which the new certificate will be valid.
	ValidDays pulumi.IntPtrInput
}

func (CertificateState) ElementType 

func (CertificateState) ElementType() reflect.Type

type Policy added in v1.1.0 

type Policy struct {
	pulumi.CustomResourceState

	// The JSON-formatted certificate policy specification as documented
	// [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file`
	// function.
	PolicySpecification pulumi.StringPtrOutput `pulumi:"policySpecification"`
	// The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and
	// issuing template.
	Zone pulumi.StringPtrOutput `pulumi:"zone"`
}

Provides access to read and write certificate policy in Venafi. This can be used to define a new policy (folder in *Trust Protection Platform*; application and issuing template in *Venafi Control Plane*).

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"os"

"github.com/pulumi/pulumi-venafi/sdk/go/venafi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := venafi.NewPolicy(ctx, "internalPolicy", &venafi.PolicyArgs{
			Zone:                pulumi.String("My Business App\\Enterprise Trusted Certs"),
			PolicySpecification: readFileOrPanic("/path-to/internal-policy.json"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

The `venafi_policy` resource supports the Terraform import method.

When used, the `zone` and `policy_specification` resource arguments are not required since the zone is a required

parameter of the import method and the policy specification is populated from the existing infrastructure. Policy that

is successfully imported is also output to a file named after the zone that was specified.

hcl

resource "venafi_policy" "existing_policy" {}

```sh $ pulumi import venafi:index/policy:Policy existing_policy" "My Business App\\Enterprise Trusted Certs" ```

func GetPolicy added in v1.1.0 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy added in v1.1.0 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType added in v1.1.0 

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput added in v1.1.0 

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext added in v1.1.0 

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs added in v1.1.0 

type PolicyArgs struct {
	// The JSON-formatted certificate policy specification as documented
	// [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file`
	// function.
	PolicySpecification pulumi.StringPtrInput
	// The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and
	// issuing template.
	Zone pulumi.StringPtrInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType added in v1.1.0 

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray added in v1.1.0 

type PolicyArray []PolicyInput

func (PolicyArray) ElementType added in v1.1.0 

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput added in v1.1.0 

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext added in v1.1.0 

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput added in v1.1.0 

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via: 

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput added in v1.1.0 

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType added in v1.1.0 

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index added in v1.1.0 

func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput

func (PolicyArrayOutput) ToPolicyArrayOutput added in v1.1.0 

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext added in v1.1.0 

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyInput added in v1.1.0 

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap added in v1.1.0 

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType added in v1.1.0 

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput added in v1.1.0 

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext added in v1.1.0 

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput added in v1.1.0 

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via: 

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput added in v1.1.0 

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType added in v1.1.0 

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex added in v1.1.0 

func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput

func (PolicyMapOutput) ToPolicyMapOutput added in v1.1.0 

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext added in v1.1.0 

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput added in v1.1.0 

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) ElementType added in v1.1.0 

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) PolicySpecification added in v1.5.0 

func (o PolicyOutput) PolicySpecification() pulumi.StringPtrOutput

The JSON-formatted certificate policy specification as documented [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file` function.

func (PolicyOutput) ToPolicyOutput added in v1.1.0 

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext added in v1.1.0 

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

func (PolicyOutput) Zone added in v1.5.0 

func (o PolicyOutput) Zone() pulumi.StringPtrOutput

The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and issuing template.

type PolicyState added in v1.1.0 

type PolicyState struct {
	// The JSON-formatted certificate policy specification as documented
	// [here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the `file`
	// function.
	PolicySpecification pulumi.StringPtrInput
	// The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and
	// issuing template.
	Zone pulumi.StringPtrInput
}

func (PolicyState) ElementType added in v1.1.0 

func (PolicyState) ElementType() reflect.Type

type Provider 

type Provider struct {
	pulumi.ProviderResourceState

	// Access token for Venafi TLSPDC, user should use this for authentication
	AccessToken pulumi.StringPtrOutput `pulumi:"accessToken"`
	// API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d
	ApiKey pulumi.StringPtrOutput `pulumi:"apiKey"`
	// application that will be using the token
	ClientId pulumi.StringPtrOutput `pulumi:"clientId"`
	// JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token
	ExternalJwt pulumi.StringPtrOutput `pulumi:"externalJwt"`
	// Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to
	// TLSPDC
	P12CertFilename pulumi.StringPtrOutput `pulumi:"p12CertFilename"`
	// Password for the PKCS#12 keystore declared in p12_cert
	P12CertPassword pulumi.StringPtrOutput `pulumi:"p12CertPassword"`
	// Endpoint URL to request new Venafi Control Plane access tokens
	TokenUrl pulumi.StringPtrOutput `pulumi:"tokenUrl"`
	// Password for WebSDK user. Example: password
	//
	// Deprecated: , please use accessToken instead
	TppPassword pulumi.StringPtrOutput `pulumi:"tppPassword"`
	// WebSDK user for Venafi TLSPDC. Example: admin
	//
	// Deprecated: , please use accessToken instead
	TppUsername pulumi.StringPtrOutput `pulumi:"tppUsername"`
	// Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the
	// Venafi Web Service. Example: trust_bundle = "${file("chain.pem")}"
	TrustBundle pulumi.StringPtrOutput `pulumi:"trustBundle"`
	// The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk
	Url pulumi.StringPtrOutput `pulumi:"url"`
	// DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias.
	// Example for Platform: testPolicy\\vault Example for Venafi as a Service: myApp\\Default
	Zone pulumi.StringPtrOutput `pulumi:"zone"`
}

The provider type for the venafi package. By default, resources use package-wide configuration settings, however an explicit `Provider` instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the [documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.

func NewProvider 

func NewProvider(ctx *pulumi.Context,
	name string, args *ProviderArgs, opts ...pulumi.ResourceOption) (*Provider, error)

NewProvider registers a new resource with the given unique name, arguments, and options.

func (*Provider) ElementType added in v0.1.1 

func (*Provider) ElementType() reflect.Type

func (*Provider) ToProviderOutput added in v0.1.1 

func (i *Provider) ToProviderOutput() ProviderOutput

func (*Provider) ToProviderOutputWithContext added in v0.1.1 

func (i *Provider) ToProviderOutputWithContext(ctx context.Context) ProviderOutput

type ProviderArgs 

type ProviderArgs struct {
	// Access token for Venafi TLSPDC, user should use this for authentication
	AccessToken pulumi.StringPtrInput
	// API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d
	ApiKey pulumi.StringPtrInput
	// application that will be using the token
	ClientId pulumi.StringPtrInput
	// When set to true, the resulting certificate will be issued by an ephemeral, no trust CA rather than enrolling using
	// Venafi as a Service or Trust Protection Platform. Useful for development and testing.
	DevMode pulumi.BoolPtrInput
	// JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token
	ExternalJwt pulumi.StringPtrInput
	// Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to
	// TLSPDC
	P12CertFilename pulumi.StringPtrInput
	// Password for the PKCS#12 keystore declared in p12_cert
	P12CertPassword pulumi.StringPtrInput
	// When true, certificates will not be retired on Venafi platforms when terraform destroy is run. Default is false.
	SkipRetirement pulumi.BoolPtrInput
	// Endpoint URL to request new Venafi Control Plane access tokens
	TokenUrl pulumi.StringPtrInput
	// Password for WebSDK user. Example: password
	//
	// Deprecated: , please use accessToken instead
	TppPassword pulumi.StringPtrInput
	// WebSDK user for Venafi TLSPDC. Example: admin
	//
	// Deprecated: , please use accessToken instead
	TppUsername pulumi.StringPtrInput
	// Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the
	// Venafi Web Service. Example: trust_bundle = "${file("chain.pem")}"
	TrustBundle pulumi.StringPtrInput
	// The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk
	Url pulumi.StringPtrInput
	// DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias.
	// Example for Platform: testPolicy\\vault Example for Venafi as a Service: myApp\\Default
	Zone pulumi.StringPtrInput
}

The set of arguments for constructing a Provider resource.

func (ProviderArgs) ElementType 

func (ProviderArgs) ElementType() reflect.Type

type ProviderInput added in v0.1.1 

type ProviderInput interface {
	pulumi.Input

	ToProviderOutput() ProviderOutput
	ToProviderOutputWithContext(ctx context.Context) ProviderOutput
}

type ProviderOutput added in v0.1.1 

type ProviderOutput struct{ *pulumi.OutputState }

func (ProviderOutput) AccessToken added in v1.5.0 

func (o ProviderOutput) AccessToken() pulumi.StringPtrOutput

Access token for Venafi TLSPDC, user should use this for authentication

func (ProviderOutput) ApiKey added in v1.5.0 

func (o ProviderOutput) ApiKey() pulumi.StringPtrOutput

API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d

func (ProviderOutput) ClientId added in v1.6.0 

func (o ProviderOutput) ClientId() pulumi.StringPtrOutput

application that will be using the token

func (ProviderOutput) ElementType added in v0.1.1 

func (ProviderOutput) ElementType() reflect.Type

func (ProviderOutput) ExternalJwt added in v1.9.0 

func (o ProviderOutput) ExternalJwt() pulumi.StringPtrOutput

JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token

func (ProviderOutput) P12CertFilename added in v1.6.0 

func (o ProviderOutput) P12CertFilename() pulumi.StringPtrOutput

Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC

func (ProviderOutput) P12CertPassword added in v1.6.0 

func (o ProviderOutput) P12CertPassword() pulumi.StringPtrOutput

Password for the PKCS#12 keystore declared in p12_cert

func (ProviderOutput) ToProviderOutput added in v0.1.1 

func (o ProviderOutput) ToProviderOutput() ProviderOutput

func (ProviderOutput) ToProviderOutputWithContext added in v0.1.1 

func (o ProviderOutput) ToProviderOutputWithContext(ctx context.Context) ProviderOutput

func (ProviderOutput) TokenUrl added in v1.8.0 

func (o ProviderOutput) TokenUrl() pulumi.StringPtrOutput

Endpoint URL to request new Venafi Control Plane access tokens

func (ProviderOutput) TppPassword deprecated added in v1.5.0 

func (o ProviderOutput) TppPassword() pulumi.StringPtrOutput

Password for WebSDK user. Example: password

Deprecated: , please use accessToken instead

func (ProviderOutput) TppUsername deprecated added in v1.5.0 

func (o ProviderOutput) TppUsername() pulumi.StringPtrOutput

WebSDK user for Venafi TLSPDC. Example: admin

Deprecated: , please use accessToken instead

func (ProviderOutput) TrustBundle added in v1.5.0 

func (o ProviderOutput) TrustBundle() pulumi.StringPtrOutput

Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the Venafi Web Service. Example: trust_bundle = "${file("chain.pem")}"

func (ProviderOutput) Url added in v1.5.0 

func (o ProviderOutput) Url() pulumi.StringPtrOutput

The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk

func (ProviderOutput) Zone added in v1.5.0 

func (o ProviderOutput) Zone() pulumi.StringPtrOutput

DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias. Example for Platform: testPolicy\\vault Example for Venafi as a Service: myApp\\Default

type SshCertificate added in v1.2.0 

type SshCertificate struct {
	pulumi.CustomResourceState

	// The issued SSH certificate.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// Indicates whether the SSH certificate is for client or server authentication.
	CertificateType pulumi.StringOutput `pulumi:"certificateType"`
	// A list of one or more valid IP or CIDR destination hosts where the
	// certificate will authenticate.
	DestinationAddresses pulumi.StringArrayOutput `pulumi:"destinationAddresses"`
	// A list of key-value pairs that contain certificate extensions from the CA
	// template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
	// `permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
	Extensions pulumi.StringArrayOutput `pulumi:"extensions"`
	// The DN of the policy folder where the SSH certificate object will be created.
	Folder pulumi.StringPtrOutput `pulumi:"folder"`
	// A command to run after successful login.
	ForceCommand pulumi.StringPtrOutput `pulumi:"forceCommand"`
	// The identifier of the requested SSH certificate.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// Passphrase for encrypting the private key.
	KeyPassphrase pulumi.StringPtrOutput `pulumi:"keyPassphrase"`
	// Number of bits to use when creating a key pair. (e.g. `3072`).
	KeySize pulumi.IntPtrOutput `pulumi:"keySize"`
	// The friendly name of the SSH certificate object. When not specified the `keyId`
	// is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
	// certificate.
	ObjectName pulumi.StringPtrOutput `pulumi:"objectName"`
	// [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
	// requested certificate will be valid.
	//
	// Deprecated: This will be removed in the future. Use "principals" instead
	Principal pulumi.StringArrayOutput `pulumi:"principal"`
	// A list of usernames for whom the requested certificate will be valid.
	Principals pulumi.StringArrayOutput `pulumi:"principals"`
	// The private key for the SSH certificate if generated by Venafi.
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// The OpenSSH formatted public key that will be used to generate the SSH certificate.
	PublicKey pulumi.StringPtrOutput `pulumi:"publicKey"`
	// The SHA256 fingerprint of the SSH certificate's public key.
	PublicKeyFingerprint pulumi.StringOutput `pulumi:"publicKeyFingerprint"`
	// Specifies whether the public key will be `local` (default), `file` or
	// `service` generated.
	PublicKeyMethod pulumi.StringPtrOutput `pulumi:"publicKeyMethod"`
	// The serial number of the SSH certificate.
	Serial pulumi.StringOutput `pulumi:"serial"`
	// The SHA256 fingerprint of the CA that signed the SSH certificate.
	SigningCa pulumi.StringOutput `pulumi:"signingCa"`
	// A list of one or more valid IP or CIDR addresses that can use the SSH
	// certificate.
	SourceAddresses pulumi.StringArrayOutput `pulumi:"sourceAddresses"`
	// The SSH certificate issuing template.
	Template pulumi.StringOutput `pulumi:"template"`
	// The date the SSH certificate was issued.
	ValidFrom pulumi.StringOutput `pulumi:"validFrom"`
	// Desired number of hours for which the certificate will be valid.
	ValidHours pulumi.IntPtrOutput `pulumi:"validHours"`
	// The date the SSH certificate will expire.
	ValidTo pulumi.StringOutput `pulumi:"validTo"`
	// Specifies whether the private key will use Windows/DOS style line breaks.
	Windows pulumi.BoolPtrOutput `pulumi:"windows"`
}

Provides access to request and retrieve SSH certificates from *Venafi Trust Protection Platform*.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-venafi/sdk/go/venafi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := venafi.NewSshCertificate(ctx, "sshCert", &venafi.SshCertificateArgs{
			KeyId:         pulumi.String("my-first-ssh-certificate"),
			KeyPassphrase: pulumi.String("passw0rd"),
			KeySize:       pulumi.Int(3072),
			Principals: pulumi.StringArray{
				pulumi.String("seamus"),
			},
			PublicKeyMethod: pulumi.String("local"),
			Template:        pulumi.String("Sample SSH CA"),
			ValidHours:      pulumi.Int(24),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSshCertificate added in v1.2.0 

func GetSshCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SshCertificateState, opts ...pulumi.ResourceOption) (*SshCertificate, error)

GetSshCertificate gets an existing SshCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSshCertificate added in v1.2.0 

func NewSshCertificate(ctx *pulumi.Context,
	name string, args *SshCertificateArgs, opts ...pulumi.ResourceOption) (*SshCertificate, error)

NewSshCertificate registers a new resource with the given unique name, arguments, and options.

func (*SshCertificate) ElementType added in v1.2.0 

func (*SshCertificate) ElementType() reflect.Type

func (*SshCertificate) ToSshCertificateOutput added in v1.2.0 

func (i *SshCertificate) ToSshCertificateOutput() SshCertificateOutput

func (*SshCertificate) ToSshCertificateOutputWithContext added in v1.2.0 

func (i *SshCertificate) ToSshCertificateOutputWithContext(ctx context.Context) SshCertificateOutput

type SshCertificateArgs added in v1.2.0 

type SshCertificateArgs struct {
	// A list of one or more valid IP or CIDR destination hosts where the
	// certificate will authenticate.
	DestinationAddresses pulumi.StringArrayInput
	// A list of key-value pairs that contain certificate extensions from the CA
	// template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
	// `permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
	Extensions pulumi.StringArrayInput
	// The DN of the policy folder where the SSH certificate object will be created.
	Folder pulumi.StringPtrInput
	// A command to run after successful login.
	ForceCommand pulumi.StringPtrInput
	// The identifier of the requested SSH certificate.
	KeyId pulumi.StringInput
	// Passphrase for encrypting the private key.
	KeyPassphrase pulumi.StringPtrInput
	// Number of bits to use when creating a key pair. (e.g. `3072`).
	KeySize pulumi.IntPtrInput
	// The friendly name of the SSH certificate object. When not specified the `keyId`
	// is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
	// certificate.
	ObjectName pulumi.StringPtrInput
	// [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
	// requested certificate will be valid.
	//
	// Deprecated: This will be removed in the future. Use "principals" instead
	Principal pulumi.StringArrayInput
	// A list of usernames for whom the requested certificate will be valid.
	Principals pulumi.StringArrayInput
	// The OpenSSH formatted public key that will be used to generate the SSH certificate.
	PublicKey pulumi.StringPtrInput
	// Specifies whether the public key will be `local` (default), `file` or
	// `service` generated.
	PublicKeyMethod pulumi.StringPtrInput
	// A list of one or more valid IP or CIDR addresses that can use the SSH
	// certificate.
	SourceAddresses pulumi.StringArrayInput
	// The SSH certificate issuing template.
	Template pulumi.StringInput
	// Desired number of hours for which the certificate will be valid.
	ValidHours pulumi.IntPtrInput
	// Specifies whether the private key will use Windows/DOS style line breaks.
	Windows pulumi.BoolPtrInput
}

The set of arguments for constructing a SshCertificate resource.

func (SshCertificateArgs) ElementType added in v1.2.0 

func (SshCertificateArgs) ElementType() reflect.Type

type SshCertificateArray added in v1.2.0 

type SshCertificateArray []SshCertificateInput

func (SshCertificateArray) ElementType added in v1.2.0 

func (SshCertificateArray) ElementType() reflect.Type

func (SshCertificateArray) ToSshCertificateArrayOutput added in v1.2.0 

func (i SshCertificateArray) ToSshCertificateArrayOutput() SshCertificateArrayOutput

func (SshCertificateArray) ToSshCertificateArrayOutputWithContext added in v1.2.0 

func (i SshCertificateArray) ToSshCertificateArrayOutputWithContext(ctx context.Context) SshCertificateArrayOutput

type SshCertificateArrayInput added in v1.2.0 

type SshCertificateArrayInput interface {
	pulumi.Input

	ToSshCertificateArrayOutput() SshCertificateArrayOutput
	ToSshCertificateArrayOutputWithContext(context.Context) SshCertificateArrayOutput
}

SshCertificateArrayInput is an input type that accepts SshCertificateArray and SshCertificateArrayOutput values. You can construct a concrete instance of `SshCertificateArrayInput` via: 

SshCertificateArray{ SshCertificateArgs{...} }

type SshCertificateArrayOutput added in v1.2.0 

type SshCertificateArrayOutput struct{ *pulumi.OutputState }

func (SshCertificateArrayOutput) ElementType added in v1.2.0 

func (SshCertificateArrayOutput) ElementType() reflect.Type

func (SshCertificateArrayOutput) Index added in v1.2.0 

func (o SshCertificateArrayOutput) Index(i pulumi.IntInput) SshCertificateOutput

func (SshCertificateArrayOutput) ToSshCertificateArrayOutput added in v1.2.0 

func (o SshCertificateArrayOutput) ToSshCertificateArrayOutput() SshCertificateArrayOutput

func (SshCertificateArrayOutput) ToSshCertificateArrayOutputWithContext added in v1.2.0 

func (o SshCertificateArrayOutput) ToSshCertificateArrayOutputWithContext(ctx context.Context) SshCertificateArrayOutput

type SshCertificateInput added in v1.2.0 

type SshCertificateInput interface {
	pulumi.Input

	ToSshCertificateOutput() SshCertificateOutput
	ToSshCertificateOutputWithContext(ctx context.Context) SshCertificateOutput
}

type SshCertificateMap added in v1.2.0 

type SshCertificateMap map[string]SshCertificateInput

func (SshCertificateMap) ElementType added in v1.2.0 

func (SshCertificateMap) ElementType() reflect.Type

func (SshCertificateMap) ToSshCertificateMapOutput added in v1.2.0 

func (i SshCertificateMap) ToSshCertificateMapOutput() SshCertificateMapOutput

func (SshCertificateMap) ToSshCertificateMapOutputWithContext added in v1.2.0 

func (i SshCertificateMap) ToSshCertificateMapOutputWithContext(ctx context.Context) SshCertificateMapOutput

type SshCertificateMapInput added in v1.2.0 

type SshCertificateMapInput interface {
	pulumi.Input

	ToSshCertificateMapOutput() SshCertificateMapOutput
	ToSshCertificateMapOutputWithContext(context.Context) SshCertificateMapOutput
}

SshCertificateMapInput is an input type that accepts SshCertificateMap and SshCertificateMapOutput values. You can construct a concrete instance of `SshCertificateMapInput` via: 

SshCertificateMap{ "key": SshCertificateArgs{...} }

type SshCertificateMapOutput added in v1.2.0 

type SshCertificateMapOutput struct{ *pulumi.OutputState }

func (SshCertificateMapOutput) ElementType added in v1.2.0 

func (SshCertificateMapOutput) ElementType() reflect.Type

func (SshCertificateMapOutput) MapIndex added in v1.2.0 

func (o SshCertificateMapOutput) MapIndex(k pulumi.StringInput) SshCertificateOutput

func (SshCertificateMapOutput) ToSshCertificateMapOutput added in v1.2.0 

func (o SshCertificateMapOutput) ToSshCertificateMapOutput() SshCertificateMapOutput

func (SshCertificateMapOutput) ToSshCertificateMapOutputWithContext added in v1.2.0 

func (o SshCertificateMapOutput) ToSshCertificateMapOutputWithContext(ctx context.Context) SshCertificateMapOutput

type SshCertificateOutput added in v1.2.0 

type SshCertificateOutput struct{ *pulumi.OutputState }

func (SshCertificateOutput) Certificate added in v1.5.0 

func (o SshCertificateOutput) Certificate() pulumi.StringOutput

The issued SSH certificate.

func (SshCertificateOutput) CertificateType added in v1.5.0 

func (o SshCertificateOutput) CertificateType() pulumi.StringOutput

Indicates whether the SSH certificate is for client or server authentication.

func (SshCertificateOutput) DestinationAddresses added in v1.5.0 

func (o SshCertificateOutput) DestinationAddresses() pulumi.StringArrayOutput

A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.

func (SshCertificateOutput) ElementType added in v1.2.0 

func (SshCertificateOutput) ElementType() reflect.Type

func (SshCertificateOutput) Extensions added in v1.5.0 

func (o SshCertificateOutput) Extensions() pulumi.StringArrayOutput

A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`, `permit-port-forwarding`, `permit-pty`, `permit-user-rc`.

func (SshCertificateOutput) Folder added in v1.5.0 

func (o SshCertificateOutput) Folder() pulumi.StringPtrOutput

The DN of the policy folder where the SSH certificate object will be created.

func (SshCertificateOutput) ForceCommand added in v1.5.0 

func (o SshCertificateOutput) ForceCommand() pulumi.StringPtrOutput

A command to run after successful login.

func (SshCertificateOutput) KeyId added in v1.5.0 

func (o SshCertificateOutput) KeyId() pulumi.StringOutput

The identifier of the requested SSH certificate.

func (SshCertificateOutput) KeyPassphrase added in v1.5.0 

func (o SshCertificateOutput) KeyPassphrase() pulumi.StringPtrOutput

Passphrase for encrypting the private key.

func (SshCertificateOutput) KeySize added in v1.5.0 

func (o SshCertificateOutput) KeySize() pulumi.IntPtrOutput

Number of bits to use when creating a key pair. (e.g. `3072`).

func (SshCertificateOutput) ObjectName added in v1.5.0 

func (o SshCertificateOutput) ObjectName() pulumi.StringPtrOutput

The friendly name of the SSH certificate object. When not specified the `keyId` is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.

func (SshCertificateOutput) Principal deprecated added in v1.6.0 

func (o SshCertificateOutput) Principal() pulumi.StringArrayOutput

[DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

Deprecated: This will be removed in the future. Use "principals" instead

func (SshCertificateOutput) Principals added in v1.5.0 

func (o SshCertificateOutput) Principals() pulumi.StringArrayOutput

A list of usernames for whom the requested certificate will be valid.

func (SshCertificateOutput) PrivateKey added in v1.5.0 

func (o SshCertificateOutput) PrivateKey() pulumi.StringOutput

The private key for the SSH certificate if generated by Venafi.

func (SshCertificateOutput) PublicKey added in v1.5.0 

func (o SshCertificateOutput) PublicKey() pulumi.StringPtrOutput

The OpenSSH formatted public key that will be used to generate the SSH certificate.

func (SshCertificateOutput) PublicKeyFingerprint added in v1.5.0 

func (o SshCertificateOutput) PublicKeyFingerprint() pulumi.StringOutput

The SHA256 fingerprint of the SSH certificate's public key.

func (SshCertificateOutput) PublicKeyMethod added in v1.5.0 

func (o SshCertificateOutput) PublicKeyMethod() pulumi.StringPtrOutput

Specifies whether the public key will be `local` (default), `file` or `service` generated.

func (SshCertificateOutput) Serial added in v1.5.0 

func (o SshCertificateOutput) Serial() pulumi.StringOutput

The serial number of the SSH certificate.

func (SshCertificateOutput) SigningCa added in v1.5.0 

func (o SshCertificateOutput) SigningCa() pulumi.StringOutput

The SHA256 fingerprint of the CA that signed the SSH certificate.

func (SshCertificateOutput) SourceAddresses added in v1.5.0 

func (o SshCertificateOutput) SourceAddresses() pulumi.StringArrayOutput

A list of one or more valid IP or CIDR addresses that can use the SSH certificate.

func (SshCertificateOutput) Template added in v1.5.0 

func (o SshCertificateOutput) Template() pulumi.StringOutput

The SSH certificate issuing template.

func (SshCertificateOutput) ToSshCertificateOutput added in v1.2.0 

func (o SshCertificateOutput) ToSshCertificateOutput() SshCertificateOutput

func (SshCertificateOutput) ToSshCertificateOutputWithContext added in v1.2.0 

func (o SshCertificateOutput) ToSshCertificateOutputWithContext(ctx context.Context) SshCertificateOutput

func (SshCertificateOutput) ValidFrom added in v1.5.0 

func (o SshCertificateOutput) ValidFrom() pulumi.StringOutput

The date the SSH certificate was issued.

func (SshCertificateOutput) ValidHours added in v1.5.0 

func (o SshCertificateOutput) ValidHours() pulumi.IntPtrOutput

Desired number of hours for which the certificate will be valid.

func (SshCertificateOutput) ValidTo added in v1.5.0 

func (o SshCertificateOutput) ValidTo() pulumi.StringOutput

The date the SSH certificate will expire.

func (SshCertificateOutput) Windows added in v1.5.0 

func (o SshCertificateOutput) Windows() pulumi.BoolPtrOutput

Specifies whether the private key will use Windows/DOS style line breaks.

type SshCertificateState added in v1.2.0 

type SshCertificateState struct {
	// The issued SSH certificate.
	Certificate pulumi.StringPtrInput
	// Indicates whether the SSH certificate is for client or server authentication.
	CertificateType pulumi.StringPtrInput
	// A list of one or more valid IP or CIDR destination hosts where the
	// certificate will authenticate.
	DestinationAddresses pulumi.StringArrayInput
	// A list of key-value pairs that contain certificate extensions from the CA
	// template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
	// `permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
	Extensions pulumi.StringArrayInput
	// The DN of the policy folder where the SSH certificate object will be created.
	Folder pulumi.StringPtrInput
	// A command to run after successful login.
	ForceCommand pulumi.StringPtrInput
	// The identifier of the requested SSH certificate.
	KeyId pulumi.StringPtrInput
	// Passphrase for encrypting the private key.
	KeyPassphrase pulumi.StringPtrInput
	// Number of bits to use when creating a key pair. (e.g. `3072`).
	KeySize pulumi.IntPtrInput
	// The friendly name of the SSH certificate object. When not specified the `keyId`
	// is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
	// certificate.
	ObjectName pulumi.StringPtrInput
	// [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
	// requested certificate will be valid.
	//
	// Deprecated: This will be removed in the future. Use "principals" instead
	Principal pulumi.StringArrayInput
	// A list of usernames for whom the requested certificate will be valid.
	Principals pulumi.StringArrayInput
	// The private key for the SSH certificate if generated by Venafi.
	PrivateKey pulumi.StringPtrInput
	// The OpenSSH formatted public key that will be used to generate the SSH certificate.
	PublicKey pulumi.StringPtrInput
	// The SHA256 fingerprint of the SSH certificate's public key.
	PublicKeyFingerprint pulumi.StringPtrInput
	// Specifies whether the public key will be `local` (default), `file` or
	// `service` generated.
	PublicKeyMethod pulumi.StringPtrInput
	// The serial number of the SSH certificate.
	Serial pulumi.StringPtrInput
	// The SHA256 fingerprint of the CA that signed the SSH certificate.
	SigningCa pulumi.StringPtrInput
	// A list of one or more valid IP or CIDR addresses that can use the SSH
	// certificate.
	SourceAddresses pulumi.StringArrayInput
	// The SSH certificate issuing template.
	Template pulumi.StringPtrInput
	// The date the SSH certificate was issued.
	ValidFrom pulumi.StringPtrInput
	// Desired number of hours for which the certificate will be valid.
	ValidHours pulumi.IntPtrInput
	// The date the SSH certificate will expire.
	ValidTo pulumi.StringPtrInput
	// Specifies whether the private key will use Windows/DOS style line breaks.
	Windows pulumi.BoolPtrInput
}

func (SshCertificateState) ElementType added in v1.2.0 

func (SshCertificateState) ElementType() reflect.Type

type SshConfig added in v1.4.0 

type SshConfig struct {
	pulumi.CustomResourceState

	// (Optional, string) The template's CA public key.
	CaPublicKey pulumi.StringOutput `pulumi:"caPublicKey"`
	// (Optional, set of strings) A list of user names exported from the template.
	Principals pulumi.StringArrayOutput `pulumi:"principals"`
	// The SSH certificate issuing template.
	Template pulumi.StringOutput `pulumi:"template"`
}

Provides access to retrieve configuration from SSH certificate issuance template from *Venafi Trust Protection Platform*.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-venafi/sdk/go/venafi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := venafi.NewSshConfig(ctx, "cit", &venafi.SshConfigArgs{
			Template: pulumi.String("devops-terraform-cit"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSshConfig added in v1.4.0 

func GetSshConfig(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SshConfigState, opts ...pulumi.ResourceOption) (*SshConfig, error)

GetSshConfig gets an existing SshConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSshConfig added in v1.4.0 

func NewSshConfig(ctx *pulumi.Context,
	name string, args *SshConfigArgs, opts ...pulumi.ResourceOption) (*SshConfig, error)

NewSshConfig registers a new resource with the given unique name, arguments, and options.

func (*SshConfig) ElementType added in v1.4.0 

func (*SshConfig) ElementType() reflect.Type

func (*SshConfig) ToSshConfigOutput added in v1.4.0 

func (i *SshConfig) ToSshConfigOutput() SshConfigOutput

func (*SshConfig) ToSshConfigOutputWithContext added in v1.4.0 

func (i *SshConfig) ToSshConfigOutputWithContext(ctx context.Context) SshConfigOutput

type SshConfigArgs added in v1.4.0 

type SshConfigArgs struct {
	// The SSH certificate issuing template.
	Template pulumi.StringInput
}

The set of arguments for constructing a SshConfig resource.

func (SshConfigArgs) ElementType added in v1.4.0 

func (SshConfigArgs) ElementType() reflect.Type

type SshConfigArray added in v1.4.0 

type SshConfigArray []SshConfigInput

func (SshConfigArray) ElementType added in v1.4.0 

func (SshConfigArray) ElementType() reflect.Type

func (SshConfigArray) ToSshConfigArrayOutput added in v1.4.0 

func (i SshConfigArray) ToSshConfigArrayOutput() SshConfigArrayOutput

func (SshConfigArray) ToSshConfigArrayOutputWithContext added in v1.4.0 

func (i SshConfigArray) ToSshConfigArrayOutputWithContext(ctx context.Context) SshConfigArrayOutput

type SshConfigArrayInput added in v1.4.0 

type SshConfigArrayInput interface {
	pulumi.Input

	ToSshConfigArrayOutput() SshConfigArrayOutput
	ToSshConfigArrayOutputWithContext(context.Context) SshConfigArrayOutput
}

SshConfigArrayInput is an input type that accepts SshConfigArray and SshConfigArrayOutput values. You can construct a concrete instance of `SshConfigArrayInput` via: 

SshConfigArray{ SshConfigArgs{...} }

type SshConfigArrayOutput added in v1.4.0 

type SshConfigArrayOutput struct{ *pulumi.OutputState }

func (SshConfigArrayOutput) ElementType added in v1.4.0 

func (SshConfigArrayOutput) ElementType() reflect.Type

func (SshConfigArrayOutput) Index added in v1.4.0 

func (o SshConfigArrayOutput) Index(i pulumi.IntInput) SshConfigOutput

func (SshConfigArrayOutput) ToSshConfigArrayOutput added in v1.4.0 

func (o SshConfigArrayOutput) ToSshConfigArrayOutput() SshConfigArrayOutput

func (SshConfigArrayOutput) ToSshConfigArrayOutputWithContext added in v1.4.0 

func (o SshConfigArrayOutput) ToSshConfigArrayOutputWithContext(ctx context.Context) SshConfigArrayOutput

type SshConfigInput added in v1.4.0 

type SshConfigInput interface {
	pulumi.Input

	ToSshConfigOutput() SshConfigOutput
	ToSshConfigOutputWithContext(ctx context.Context) SshConfigOutput
}

type SshConfigMap added in v1.4.0 

type SshConfigMap map[string]SshConfigInput

func (SshConfigMap) ElementType added in v1.4.0 

func (SshConfigMap) ElementType() reflect.Type

func (SshConfigMap) ToSshConfigMapOutput added in v1.4.0 

func (i SshConfigMap) ToSshConfigMapOutput() SshConfigMapOutput

func (SshConfigMap) ToSshConfigMapOutputWithContext added in v1.4.0 

func (i SshConfigMap) ToSshConfigMapOutputWithContext(ctx context.Context) SshConfigMapOutput

type SshConfigMapInput added in v1.4.0 

type SshConfigMapInput interface {
	pulumi.Input

	ToSshConfigMapOutput() SshConfigMapOutput
	ToSshConfigMapOutputWithContext(context.Context) SshConfigMapOutput
}

SshConfigMapInput is an input type that accepts SshConfigMap and SshConfigMapOutput values. You can construct a concrete instance of `SshConfigMapInput` via: 

SshConfigMap{ "key": SshConfigArgs{...} }

type SshConfigMapOutput added in v1.4.0 

type SshConfigMapOutput struct{ *pulumi.OutputState }

func (SshConfigMapOutput) ElementType added in v1.4.0 

func (SshConfigMapOutput) ElementType() reflect.Type

func (SshConfigMapOutput) MapIndex added in v1.4.0 

func (o SshConfigMapOutput) MapIndex(k pulumi.StringInput) SshConfigOutput

func (SshConfigMapOutput) ToSshConfigMapOutput added in v1.4.0 

func (o SshConfigMapOutput) ToSshConfigMapOutput() SshConfigMapOutput

func (SshConfigMapOutput) ToSshConfigMapOutputWithContext added in v1.4.0 

func (o SshConfigMapOutput) ToSshConfigMapOutputWithContext(ctx context.Context) SshConfigMapOutput

type SshConfigOutput added in v1.4.0 

type SshConfigOutput struct{ *pulumi.OutputState }

func (SshConfigOutput) CaPublicKey added in v1.5.0 

func (o SshConfigOutput) CaPublicKey() pulumi.StringOutput

(Optional, string) The template's CA public key.

func (SshConfigOutput) ElementType added in v1.4.0 

func (SshConfigOutput) ElementType() reflect.Type

func (SshConfigOutput) Principals added in v1.5.0 

func (o SshConfigOutput) Principals() pulumi.StringArrayOutput

(Optional, set of strings) A list of user names exported from the template.

func (SshConfigOutput) Template added in v1.5.0 

func (o SshConfigOutput) Template() pulumi.StringOutput

The SSH certificate issuing template.

func (SshConfigOutput) ToSshConfigOutput added in v1.4.0 

func (o SshConfigOutput) ToSshConfigOutput() SshConfigOutput

func (SshConfigOutput) ToSshConfigOutputWithContext added in v1.4.0 

func (o SshConfigOutput) ToSshConfigOutputWithContext(ctx context.Context) SshConfigOutput

type SshConfigState added in v1.4.0 

type SshConfigState struct {
	// (Optional, string) The template's CA public key.
	CaPublicKey pulumi.StringPtrInput
	// (Optional, set of strings) A list of user names exported from the template.
	Principals pulumi.StringArrayInput
	// The SSH certificate issuing template.
	Template pulumi.StringPtrInput
}

func (SshConfigState) ElementType added in v1.4.0 

func (SshConfigState) ElementType() reflect.Type

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.