Package com.pulumi.aws.acmpca
Class Certificate
- java.lang.Object
-
- com.pulumi.resources.Resource
-
- com.pulumi.resources.CustomResource
-
- com.pulumi.aws.acmpca.Certificate
-
public class Certificate extends com.pulumi.resources.CustomResourceProvides a resource to issue a certificate using AWS Certificate Manager Private Certificate Authority (ACM PCA). Certificates created using `aws.acmpca.Certificate` are not eligible for automatic renewal, and must be replaced instead. To issue a renewable certificate using an ACM PCA, create a `aws.acm.Certificate` with the parameter `certificate_authority_arn`. ## Example Usage ### Basic ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.acmpca.CertificateAuthority; import com.pulumi.aws.acmpca.CertificateAuthorityArgs; import com.pulumi.tls.PrivateKey; import com.pulumi.tls.PrivateKeyArgs; import com.pulumi.tls.CertRequest; import com.pulumi.tls.CertRequestArgs; import com.pulumi.tls.inputs.CertRequestSubjectArgs; import com.pulumi.aws.acmpca.Certificate; import com.pulumi.aws.acmpca.CertificateArgs; import com.pulumi.aws.acmpca.inputs.CertificateValidityArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var exampleCertificateAuthority = new CertificateAuthority("exampleCertificateAuthority", CertificateAuthorityArgs.builder() .privateCertificateConfiguration(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference)) .permanentDeletionTimeInDays(7) .build()); var key = new PrivateKey("key", PrivateKeyArgs.builder() .algorithm("RSA") .build()); var csr = new CertRequest("csr", CertRequestArgs.builder() .keyAlgorithm("RSA") .privateKeyPem(key.privateKeyPem()) .subject(CertRequestSubjectArgs.builder() .commonName("example") .build()) .build()); var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder() .certificateAuthorityArn(exampleCertificateAuthority.arn()) .certificateSigningRequest(csr.certRequestPem()) .signingAlgorithm("SHA256WITHRSA") .validity(CertificateValidityArgs.builder() .type("YEARS") .value(1) .build()) .build()); } } ``` ## Import Using `pulumi import`, import ACM PCA Certificates using their ARN. For example: ```sh $ pulumi import aws:acmpca/certificate:Certificate cert arn:aws:acm-pca:eu-west-1:675225743824:certificate-authority/08319ede-83g9-1400-8f21-c7d12b2b6edb/certificate/a4e9c2aa4bcfab625g1b9136464cd3a ```
-
-
Constructor Summary
Constructors Constructor Description Certificate(java.lang.String name)Certificate(java.lang.String name, CertificateArgs args)Certificate(java.lang.String name, CertificateArgs args, com.pulumi.resources.CustomResourceOptions options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description com.pulumi.core.Output<java.util.Optional<java.lang.String>>apiPassthrough()com.pulumi.core.Output<java.lang.String>arn()com.pulumi.core.Output<java.lang.String>certificate()com.pulumi.core.Output<java.lang.String>certificateAuthorityArn()com.pulumi.core.Output<java.lang.String>certificateChain()com.pulumi.core.Output<java.lang.String>certificateSigningRequest()static Certificateget(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, CertificateState state, com.pulumi.resources.CustomResourceOptions options)Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.com.pulumi.core.Output<java.lang.String>signingAlgorithm()com.pulumi.core.Output<java.util.Optional<java.lang.String>>templateArn()com.pulumi.core.Output<CertificateValidity>validity()
-
-
-
Constructor Detail
-
Certificate
public Certificate(java.lang.String name)
- Parameters:
name- The _unique_ name of the resulting resource.
-
Certificate
public Certificate(java.lang.String name, CertificateArgs args)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.
-
Certificate
public Certificate(java.lang.String name, CertificateArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.options- A bag of options that control this resource's behavior.
-
-
Method Detail
-
apiPassthrough
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> apiPassthrough()
- Returns:
- Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
-
arn
public com.pulumi.core.Output<java.lang.String> arn()
- Returns:
- ARN of the certificate.
-
certificate
public com.pulumi.core.Output<java.lang.String> certificate()
- Returns:
- PEM-encoded certificate value.
-
certificateAuthorityArn
public com.pulumi.core.Output<java.lang.String> certificateAuthorityArn()
- Returns:
- ARN of the certificate authority.
-
certificateChain
public com.pulumi.core.Output<java.lang.String> certificateChain()
- Returns:
- PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
-
certificateSigningRequest
public com.pulumi.core.Output<java.lang.String> certificateSigningRequest()
- Returns:
- Certificate Signing Request in PEM format.
-
signingAlgorithm
public com.pulumi.core.Output<java.lang.String> signingAlgorithm()
- Returns:
- Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
-
templateArn
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> templateArn()
- Returns:
- Template to use when issuing a certificate. See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
-
validity
public com.pulumi.core.Output<CertificateValidity> validity()
- Returns:
- Configures end of the validity period for the certificate. See validity block below.
-
get
public static Certificate get(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, @Nullable CertificateState state, @Nullable com.pulumi.resources.CustomResourceOptions options)
Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.- Parameters:
name- The _unique_ name of the resulting resource.id- The _unique_ provider ID of the resource to lookup.state-options- Optional settings to control the behavior of the CustomResource.
-
-