Package com.pulumi.gcp.certificatemanager

Class CertificateIssuanceConfig

  • public class CertificateIssuanceConfig
extends com.pulumi.resources.CustomResource
    Certificate represents a HTTP-reachable backend for a Certificate. To get more information about CertificateIssuanceConfig, see: * [API documentation](https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.certificateIssuanceConfigs) * How-to Guides * [Manage certificate issuance configs](https://cloud.google.com/certificate-manager/docs/issuance-configs) ## Example Usage ### Certificate Manager Certificate Issuance Config ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.certificateauthority.CaPool; import com.pulumi.gcp.certificateauthority.CaPoolArgs; import com.pulumi.gcp.certificateauthority.Authority; import com.pulumi.gcp.certificateauthority.AuthorityArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs; import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfig; import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs; import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs; import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs; import com.pulumi.resources.CustomResourceOptions; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var pool = new CaPool("pool", CaPoolArgs.builder() .location("us-central1") .tier("ENTERPRISE") .build()); var caAuthority = new Authority("caAuthority", AuthorityArgs.builder() .location("us-central1") .pool(pool.name()) .certificateAuthorityId("ca-authority") .config(AuthorityConfigArgs.builder() .subjectConfig(AuthorityConfigSubjectConfigArgs.builder() .subject(AuthorityConfigSubjectConfigSubjectArgs.builder() .organization("HashiCorp") .commonName("my-certificate-authority") .build()) .subjectAltName(AuthorityConfigSubjectConfigSubjectAltNameArgs.builder() .dnsNames("hashicorp.com") .build()) .build()) .x509Config(AuthorityConfigX509ConfigArgs.builder() .caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder() .isCa(true) .build()) .keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder() .baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder() .certSign(true) .crlSign(true) .build()) .extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder() .serverAuth(true) .build()) .build()) .build()) .build()) .keySpec(AuthorityKeySpecArgs.builder() .algorithm("RSA_PKCS1_4096_SHA256") .build()) .deletionProtection(false) .skipGracePeriod(true) .ignoreActiveCertificatesOnDeletion(true) .build()); var default_ = new CertificateIssuanceConfig("default", CertificateIssuanceConfigArgs.builder() .description("sample description for the certificate issuanceConfigs") .certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder() .certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder() .caPool(pool.id()) .build()) .build()) .lifetime("1814400s") .rotationWindowPercentage(34) .keyAlgorithm("ECDSA_P256") .labels(Map.ofEntries( Map.entry("name", "wrench"), Map.entry("count", "3") )) .build(), CustomResourceOptions.builder() .dependsOn(caAuthority) .build()); } } ``` ## Import CertificateIssuanceConfig can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}` * `{{project}}/{{location}}/{{name}}` * `{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import CertificateIssuanceConfig using one of the formats above. For exampletf import { id = "projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}" to = google_certificate_manager_certificate_issuance_config.default } ```sh $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), CertificateIssuanceConfig can be imported using one of the formats above. For example ``` ```sh $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}} ``` ```sh $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{project}}/{{location}}/{{name}} ``` ```sh $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{location}}/{{name}} ```

    • Nested Class Summary

      • Nested classes/interfaces inherited from class com.pulumi.resources.CustomResource

        com.pulumi.resources.CustomResource.CustomResourceInternal

      • Nested classes/interfaces inherited from class com.pulumi.resources.Resource

        com.pulumi.resources.Resource.LazyField<T extends java.lang.Object>, com.pulumi.resources.Resource.LazyFields, com.pulumi.resources.Resource.ResourceInternal

    • Field Summary

      • Fields inherited from class com.pulumi.resources.Resource

        childResources, remote

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      com.pulumi.core.Output<CertificateIssuanceConfigCertificateAuthorityConfig> certificateAuthorityConfig()  
      com.pulumi.core.Output<java.lang.String> createTime()  
      com.pulumi.core.Output<java.util.Optional<java.lang.String>> description()  
      com.pulumi.core.Output<java.util.Map<java.lang.String,​java.lang.String>> effectiveLabels()  
      static CertificateIssuanceConfig get​(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, CertificateIssuanceConfigState state, com.pulumi.resources.CustomResourceOptions options)
      Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
      com.pulumi.core.Output<java.lang.String> keyAlgorithm()  
      com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,​java.lang.String>>> labels()  
      com.pulumi.core.Output<java.lang.String> lifetime()  
      com.pulumi.core.Output<java.util.Optional<java.lang.String>> location()  
      com.pulumi.core.Output<java.lang.String> name()  
      com.pulumi.core.Output<java.lang.String> project()  
      com.pulumi.core.Output<java.util.Map<java.lang.String,​java.lang.String>> pulumiLabels()  
      com.pulumi.core.Output<java.lang.Integer> rotationWindowPercentage()  
      com.pulumi.core.Output<java.lang.String> updateTime()  

      • Methods inherited from class com.pulumi.resources.CustomResource

        getId, id, idFuture

      • Methods inherited from class com.pulumi.resources.Resource

        getChildResources, getResourceName, getResourceType, getUrn, pulumiChildResources, pulumiResourceName, pulumiResourceType, urn

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • CertificateIssuanceConfig

        public CertificateIssuanceConfig​(java.lang.String name)
        Parameters:
        name - The _unique_ name of the resulting resource.

      • CertificateIssuanceConfig

        public CertificateIssuanceConfig​(java.lang.String name,
                                 CertificateIssuanceConfigArgs args)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.

      • CertificateIssuanceConfig

        public CertificateIssuanceConfig​(java.lang.String name,
                                 CertificateIssuanceConfigArgs args,
                                 @Nullable
                                 com.pulumi.resources.CustomResourceOptions options)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.
        options - A bag of options that control this resource's behavior.

    • Method Detail

      • certificateAuthorityConfig

        public com.pulumi.core.Output<CertificateIssuanceConfigCertificateAuthorityConfig> certificateAuthorityConfig()
        Returns:
        The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. Structure is documented below.

      • createTime

        public com.pulumi.core.Output<java.lang.String> createTime()
        Returns:
        The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

      • description

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> description()
        Returns:
        One or more paragraphs of text description of a CertificateIssuanceConfig.

      • effectiveLabels

        public com.pulumi.core.Output<java.util.Map<java.lang.String,​java.lang.String>> effectiveLabels()
        Returns:
        All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

      • keyAlgorithm

        public com.pulumi.core.Output<java.lang.String> keyAlgorithm()
        Returns:
        Key algorithm to use when generating the private key. Possible values are: `RSA_2048`, `ECDSA_P256`.

      • labels

        public com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,​java.lang.String>>> labels()
        Returns:
        'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the resource.

      • lifetime

        public com.pulumi.core.Output<java.lang.String> lifetime()
        Returns:
        Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)

      • location

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> location()
        Returns:
        The Certificate Manager location. If not specified, "global" is used.

      • name

        public com.pulumi.core.Output<java.lang.String> name()
        Returns:
        A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally.

      • project

        public com.pulumi.core.Output<java.lang.String> project()
        Returns:
        The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

      • pulumiLabels

        public com.pulumi.core.Output<java.util.Map<java.lang.String,​java.lang.String>> pulumiLabels()
        Returns:
        The combination of labels configured directly on the resource and default labels configured on the provider.

      • rotationWindowPercentage

        public com.pulumi.core.Output<java.lang.Integer> rotationWindowPercentage()
        Returns:
        It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires.

      • updateTime

        public com.pulumi.core.Output<java.lang.String> updateTime()
        Returns:
        The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

      • get

        public static CertificateIssuanceConfig get​(java.lang.String name,
                                            com.pulumi.core.Output<java.lang.String> id,
                                            @Nullable
                                            CertificateIssuanceConfigState state,
                                            @Nullable
                                            com.pulumi.resources.CustomResourceOptions options)
        Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
        Parameters:
        name - The _unique_ name of the resulting resource.
        id - The _unique_ provider ID of the resource to lookup.
        state -
        options - Optional settings to control the behavior of the CustomResource.