Package com.pulumi.aws.acmpca
Class Permission
- java.lang.Object
-
- com.pulumi.resources.Resource
-
- com.pulumi.resources.CustomResource
-
- com.pulumi.aws.acmpca.Permission
-
public class Permission extends com.pulumi.resources.CustomResourceProvides a resource to manage an AWS Certificate Manager Private Certificate Authorities Permission. Currently, this is only required in order to allow the ACM service to automatically renew certificates issued by a PCA. ## Example Usage <!--Start PulumiCodeChooser -->
<!--End PulumiCodeChooser -->package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.acmpca.CertificateAuthority; import com.pulumi.aws.acmpca.CertificateAuthorityArgs; import com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs; import com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs; import com.pulumi.aws.acmpca.Permission; import com.pulumi.aws.acmpca.PermissionArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var exampleCertificateAuthority = new CertificateAuthority("exampleCertificateAuthority", CertificateAuthorityArgs.builder() .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder() .keyAlgorithm("RSA_4096") .signingAlgorithm("SHA512WITHRSA") .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder() .commonName("example.com") .build()) .build()) .build()); var example = new Permission("example", PermissionArgs.builder() .certificateAuthorityArn(exampleCertificateAuthority.arn()) .actions( "IssueCertificate", "GetCertificate", "ListPermissions") .principal("acm.amazonaws.com") .build()); } }
-
-
Constructor Summary
Constructors Constructor Description Permission(java.lang.String name)Permission(java.lang.String name, PermissionArgs args)Permission(java.lang.String name, PermissionArgs args, com.pulumi.resources.CustomResourceOptions options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description com.pulumi.core.Output<java.util.List<java.lang.String>>actions()com.pulumi.core.Output<java.lang.String>certificateAuthorityArn()static Permissionget(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, PermissionState state, com.pulumi.resources.CustomResourceOptions options)Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.com.pulumi.core.Output<java.lang.String>policy()com.pulumi.core.Output<java.lang.String>principal()com.pulumi.core.Output<java.lang.String>sourceAccount()
-
-
-
Constructor Detail
-
Permission
public Permission(java.lang.String name)
- Parameters:
name- The _unique_ name of the resulting resource.
-
Permission
public Permission(java.lang.String name, PermissionArgs args)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.
-
Permission
public Permission(java.lang.String name, PermissionArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.options- A bag of options that control this resource's behavior.
-
-
Method Detail
-
actions
public com.pulumi.core.Output<java.util.List<java.lang.String>> actions()
- Returns:
- Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.
-
certificateAuthorityArn
public com.pulumi.core.Output<java.lang.String> certificateAuthorityArn()
- Returns:
- ARN of the CA that grants the permissions.
-
policy
public com.pulumi.core.Output<java.lang.String> policy()
- Returns:
- IAM policy that is associated with the permission.
-
principal
public com.pulumi.core.Output<java.lang.String> principal()
- Returns:
- AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.
-
sourceAccount
public com.pulumi.core.Output<java.lang.String> sourceAccount()
- Returns:
- ID of the calling account
-
get
public static Permission get(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, @Nullable PermissionState state, @Nullable com.pulumi.resources.CustomResourceOptions options)
Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.- Parameters:
name- The _unique_ name of the resulting resource.id- The _unique_ provider ID of the resource to lookup.state-options- Optional settings to control the behavior of the CustomResource.
-
-