acm

package
v3.28.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 10, 2021 License: Apache-2.0 Imports: 7 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Certificate

type Certificate struct {
	pulumi.CustomResourceState

	// The ARN of the certificate
	Arn pulumi.StringOutput `pulumi:"arn"`
	// ARN of an ACMPCA
	CertificateAuthorityArn pulumi.StringPtrOutput `pulumi:"certificateAuthorityArn"`
	// The certificate's PEM-formatted public key
	CertificateBody pulumi.StringPtrOutput `pulumi:"certificateBody"`
	// The certificate's PEM-formatted chain
	// * Creating a private CA issued certificate
	CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"`
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringOutput `pulumi:"domainName"`
	// Set of domain validation objects which can be used to complete certificate validation. Can have more than one element, e.g. if SANs are defined. Only set if `DNS`-validation was used.
	DomainValidationOptions CertificateDomainValidationOptionArrayOutput `pulumi:"domainValidationOptions"`
	// Configuration block used to set certificate options. Detailed below.
	// * Importing an existing certificate
	Options CertificateOptionsPtrOutput `pulumi:"options"`
	// The certificate's PEM-formatted private key
	PrivateKey pulumi.StringPtrOutput `pulumi:"privateKey"`
	// Status of the certificate.
	Status pulumi.StringOutput `pulumi:"status"`
	// Set of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`) to trigger recreation.
	SubjectAlternativeNames pulumi.StringArrayOutput `pulumi:"subjectAlternativeNames"`
	// A map of tags to assign to the resource.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used.
	ValidationEmails pulumi.StringArrayOutput `pulumi:"validationEmails"`
	// Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into the provider.
	ValidationMethod pulumi.StringOutput `pulumi:"validationMethod"`
}

The ACM certificate resource allows requesting and management of certificates from the Amazon Certificate Manager.

It deals with requesting certificates and managing their attributes and life-cycle. This resource does not deal with validation of a certificate but can provide inputs for other resources implementing the validation. It does not wait for a certificate to be issued. Use a `acm.CertificateValidation` resource for this.

Most commonly, this resource is used together with `route53.Record` and `acm.CertificateValidation` to request a DNS validated certificate, deploy the required validation records and wait for validation to complete.

Domain validation through E-Mail is also supported but should be avoided as it requires a manual step outside of this provider.

It's recommended to specify `createBeforeDestroy = true` in a [lifecycle](https://www.terraform.io/docs/configuration/meta-arguments/lifecycle.html) block to replace a certificate which is currently in use (eg, by `lb.Listener`).

## Example Usage ### Certificate creation

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/acm"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acm.NewCertificate(ctx, "cert", &acm.CertificateArgs{
			DomainName: pulumi.String("example.com"),
			Tags: pulumi.StringMap{
				"Environment": pulumi.String("test"),
			},
			ValidationMethod: pulumi.String("DNS"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Importing an existing certificate

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/acm"
"github.com/pulumi/pulumi-tls/sdk/v2/go/tls"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplePrivateKey, err := tls.NewPrivateKey(ctx, "examplePrivateKey", &tls.PrivateKeyArgs{
			Algorithm: pulumi.String("RSA"),
		})
		if err != nil {
			return err
		}
		exampleSelfSignedCert, err := tls.NewSelfSignedCert(ctx, "exampleSelfSignedCert", &tls.SelfSignedCertArgs{
			KeyAlgorithm:  pulumi.String("RSA"),
			PrivateKeyPem: examplePrivateKey.PrivateKeyPem,
			Subjects: tls.SelfSignedCertSubjectArray{
				&tls.SelfSignedCertSubjectArgs{
					CommonName:   pulumi.String("example.com"),
					Organization: pulumi.String("ACME Examples, Inc"),
				},
			},
			ValidityPeriodHours: pulumi.Int(12),
			AllowedUses: pulumi.StringArray{
				pulumi.String("key_encipherment"),
				pulumi.String("digital_signature"),
				pulumi.String("server_auth"),
			},
		})
		if err != nil {
			return err
		}
		_, err = acm.NewCertificate(ctx, "cert", &acm.CertificateArgs{
			PrivateKey:      examplePrivateKey.PrivateKeyPem,
			CertificateBody: exampleSelfSignedCert.CertPem,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Certificates can be imported using their ARN, e.g.

```sh

$ pulumi import aws:acm/certificate:Certificate cert arn:aws:acm:eu-central-1:123456789012:certificate/7e7a28d2-163f-4b8f-b9cd-822f96c08d6a

```

func GetCertificate

func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error)

GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificate

func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error)

NewCertificate registers a new resource with the given unique name, arguments, and options.

func (*Certificate) ElementType added in v3.13.0

func (*Certificate) ElementType() reflect.Type

func (*Certificate) ToCertificateOutput added in v3.13.0

func (i *Certificate) ToCertificateOutput() CertificateOutput

func (*Certificate) ToCertificateOutputWithContext added in v3.13.0

func (i *Certificate) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

func (*Certificate) ToCertificatePtrOutput added in v3.25.0

func (i *Certificate) ToCertificatePtrOutput() CertificatePtrOutput

func (*Certificate) ToCertificatePtrOutputWithContext added in v3.25.0

func (i *Certificate) ToCertificatePtrOutputWithContext(ctx context.Context) CertificatePtrOutput

type CertificateArgs

type CertificateArgs struct {
	// ARN of an ACMPCA
	CertificateAuthorityArn pulumi.StringPtrInput
	// The certificate's PEM-formatted public key
	CertificateBody pulumi.StringPtrInput
	// The certificate's PEM-formatted chain
	// * Creating a private CA issued certificate
	CertificateChain pulumi.StringPtrInput
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringPtrInput
	// Configuration block used to set certificate options. Detailed below.
	// * Importing an existing certificate
	Options CertificateOptionsPtrInput
	// The certificate's PEM-formatted private key
	PrivateKey pulumi.StringPtrInput
	// Set of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`) to trigger recreation.
	SubjectAlternativeNames pulumi.StringArrayInput
	// A map of tags to assign to the resource.
	Tags pulumi.StringMapInput
	// Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into the provider.
	ValidationMethod pulumi.StringPtrInput
}

The set of arguments for constructing a Certificate resource.

func (CertificateArgs) ElementType

func (CertificateArgs) ElementType() reflect.Type

type CertificateArray added in v3.25.0

type CertificateArray []CertificateInput

func (CertificateArray) ElementType added in v3.25.0

func (CertificateArray) ElementType() reflect.Type

func (CertificateArray) ToCertificateArrayOutput added in v3.25.0

func (i CertificateArray) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArray) ToCertificateArrayOutputWithContext added in v3.25.0

func (i CertificateArray) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateArrayInput added in v3.25.0

type CertificateArrayInput interface {
	pulumi.Input

	ToCertificateArrayOutput() CertificateArrayOutput
	ToCertificateArrayOutputWithContext(context.Context) CertificateArrayOutput
}

CertificateArrayInput is an input type that accepts CertificateArray and CertificateArrayOutput values. You can construct a concrete instance of `CertificateArrayInput` via:

CertificateArray{ CertificateArgs{...} }

type CertificateArrayOutput added in v3.25.0

type CertificateArrayOutput struct{ *pulumi.OutputState }

func (CertificateArrayOutput) ElementType added in v3.25.0

func (CertificateArrayOutput) ElementType() reflect.Type

func (CertificateArrayOutput) Index added in v3.25.0

func (CertificateArrayOutput) ToCertificateArrayOutput added in v3.25.0

func (o CertificateArrayOutput) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArrayOutput) ToCertificateArrayOutputWithContext added in v3.25.0

func (o CertificateArrayOutput) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateDomainValidationOption

type CertificateDomainValidationOption struct {
	// A domain name for which the certificate should be issued
	DomainName *string `pulumi:"domainName"`
	// The name of the DNS record to create to validate the certificate
	ResourceRecordName *string `pulumi:"resourceRecordName"`
	// The type of DNS record to create
	ResourceRecordType *string `pulumi:"resourceRecordType"`
	// The value the DNS record needs to have
	ResourceRecordValue *string `pulumi:"resourceRecordValue"`
}

type CertificateDomainValidationOptionArgs

type CertificateDomainValidationOptionArgs struct {
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringPtrInput `pulumi:"domainName"`
	// The name of the DNS record to create to validate the certificate
	ResourceRecordName pulumi.StringPtrInput `pulumi:"resourceRecordName"`
	// The type of DNS record to create
	ResourceRecordType pulumi.StringPtrInput `pulumi:"resourceRecordType"`
	// The value the DNS record needs to have
	ResourceRecordValue pulumi.StringPtrInput `pulumi:"resourceRecordValue"`
}

func (CertificateDomainValidationOptionArgs) ElementType

func (CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutput

func (i CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutput() CertificateDomainValidationOptionOutput

func (CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutputWithContext

func (i CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutputWithContext(ctx context.Context) CertificateDomainValidationOptionOutput

type CertificateDomainValidationOptionArray

type CertificateDomainValidationOptionArray []CertificateDomainValidationOptionInput

func (CertificateDomainValidationOptionArray) ElementType

func (CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutput

func (i CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutput() CertificateDomainValidationOptionArrayOutput

func (CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutputWithContext

func (i CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutputWithContext(ctx context.Context) CertificateDomainValidationOptionArrayOutput

type CertificateDomainValidationOptionArrayInput

type CertificateDomainValidationOptionArrayInput interface {
	pulumi.Input

	ToCertificateDomainValidationOptionArrayOutput() CertificateDomainValidationOptionArrayOutput
	ToCertificateDomainValidationOptionArrayOutputWithContext(context.Context) CertificateDomainValidationOptionArrayOutput
}

CertificateDomainValidationOptionArrayInput is an input type that accepts CertificateDomainValidationOptionArray and CertificateDomainValidationOptionArrayOutput values. You can construct a concrete instance of `CertificateDomainValidationOptionArrayInput` via:

CertificateDomainValidationOptionArray{ CertificateDomainValidationOptionArgs{...} }

type CertificateDomainValidationOptionArrayOutput

type CertificateDomainValidationOptionArrayOutput struct{ *pulumi.OutputState }

func (CertificateDomainValidationOptionArrayOutput) ElementType

func (CertificateDomainValidationOptionArrayOutput) Index

func (CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutput

func (o CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutput() CertificateDomainValidationOptionArrayOutput

func (CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutputWithContext

func (o CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutputWithContext(ctx context.Context) CertificateDomainValidationOptionArrayOutput

type CertificateDomainValidationOptionInput

type CertificateDomainValidationOptionInput interface {
	pulumi.Input

	ToCertificateDomainValidationOptionOutput() CertificateDomainValidationOptionOutput
	ToCertificateDomainValidationOptionOutputWithContext(context.Context) CertificateDomainValidationOptionOutput
}

CertificateDomainValidationOptionInput is an input type that accepts CertificateDomainValidationOptionArgs and CertificateDomainValidationOptionOutput values. You can construct a concrete instance of `CertificateDomainValidationOptionInput` via:

CertificateDomainValidationOptionArgs{...}

type CertificateDomainValidationOptionOutput

type CertificateDomainValidationOptionOutput struct{ *pulumi.OutputState }

func (CertificateDomainValidationOptionOutput) DomainName

A domain name for which the certificate should be issued

func (CertificateDomainValidationOptionOutput) ElementType

func (CertificateDomainValidationOptionOutput) ResourceRecordName

The name of the DNS record to create to validate the certificate

func (CertificateDomainValidationOptionOutput) ResourceRecordType

The type of DNS record to create

func (CertificateDomainValidationOptionOutput) ResourceRecordValue

The value the DNS record needs to have

func (CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutput

func (o CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutput() CertificateDomainValidationOptionOutput

func (CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutputWithContext

func (o CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutputWithContext(ctx context.Context) CertificateDomainValidationOptionOutput

type CertificateInput added in v3.13.0

type CertificateInput interface {
	pulumi.Input

	ToCertificateOutput() CertificateOutput
	ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
}

type CertificateMap added in v3.25.0

type CertificateMap map[string]CertificateInput

func (CertificateMap) ElementType added in v3.25.0

func (CertificateMap) ElementType() reflect.Type

func (CertificateMap) ToCertificateMapOutput added in v3.25.0

func (i CertificateMap) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMap) ToCertificateMapOutputWithContext added in v3.25.0

func (i CertificateMap) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateMapInput added in v3.25.0

type CertificateMapInput interface {
	pulumi.Input

	ToCertificateMapOutput() CertificateMapOutput
	ToCertificateMapOutputWithContext(context.Context) CertificateMapOutput
}

CertificateMapInput is an input type that accepts CertificateMap and CertificateMapOutput values. You can construct a concrete instance of `CertificateMapInput` via:

CertificateMap{ "key": CertificateArgs{...} }

type CertificateMapOutput added in v3.25.0

type CertificateMapOutput struct{ *pulumi.OutputState }

func (CertificateMapOutput) ElementType added in v3.25.0

func (CertificateMapOutput) ElementType() reflect.Type

func (CertificateMapOutput) MapIndex added in v3.25.0

func (CertificateMapOutput) ToCertificateMapOutput added in v3.25.0

func (o CertificateMapOutput) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMapOutput) ToCertificateMapOutputWithContext added in v3.25.0

func (o CertificateMapOutput) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateOptions

type CertificateOptions struct {
	// Specifies whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details.
	CertificateTransparencyLoggingPreference *string `pulumi:"certificateTransparencyLoggingPreference"`
}

type CertificateOptionsArgs

type CertificateOptionsArgs struct {
	// Specifies whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details.
	CertificateTransparencyLoggingPreference pulumi.StringPtrInput `pulumi:"certificateTransparencyLoggingPreference"`
}

func (CertificateOptionsArgs) ElementType

func (CertificateOptionsArgs) ElementType() reflect.Type

func (CertificateOptionsArgs) ToCertificateOptionsOutput

func (i CertificateOptionsArgs) ToCertificateOptionsOutput() CertificateOptionsOutput

func (CertificateOptionsArgs) ToCertificateOptionsOutputWithContext

func (i CertificateOptionsArgs) ToCertificateOptionsOutputWithContext(ctx context.Context) CertificateOptionsOutput

func (CertificateOptionsArgs) ToCertificateOptionsPtrOutput

func (i CertificateOptionsArgs) ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput

func (CertificateOptionsArgs) ToCertificateOptionsPtrOutputWithContext

func (i CertificateOptionsArgs) ToCertificateOptionsPtrOutputWithContext(ctx context.Context) CertificateOptionsPtrOutput

type CertificateOptionsInput

type CertificateOptionsInput interface {
	pulumi.Input

	ToCertificateOptionsOutput() CertificateOptionsOutput
	ToCertificateOptionsOutputWithContext(context.Context) CertificateOptionsOutput
}

CertificateOptionsInput is an input type that accepts CertificateOptionsArgs and CertificateOptionsOutput values. You can construct a concrete instance of `CertificateOptionsInput` via:

CertificateOptionsArgs{...}

type CertificateOptionsOutput

type CertificateOptionsOutput struct{ *pulumi.OutputState }

func (CertificateOptionsOutput) CertificateTransparencyLoggingPreference

func (o CertificateOptionsOutput) CertificateTransparencyLoggingPreference() pulumi.StringPtrOutput

Specifies whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details.

func (CertificateOptionsOutput) ElementType

func (CertificateOptionsOutput) ElementType() reflect.Type

func (CertificateOptionsOutput) ToCertificateOptionsOutput

func (o CertificateOptionsOutput) ToCertificateOptionsOutput() CertificateOptionsOutput

func (CertificateOptionsOutput) ToCertificateOptionsOutputWithContext

func (o CertificateOptionsOutput) ToCertificateOptionsOutputWithContext(ctx context.Context) CertificateOptionsOutput

func (CertificateOptionsOutput) ToCertificateOptionsPtrOutput

func (o CertificateOptionsOutput) ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput

func (CertificateOptionsOutput) ToCertificateOptionsPtrOutputWithContext

func (o CertificateOptionsOutput) ToCertificateOptionsPtrOutputWithContext(ctx context.Context) CertificateOptionsPtrOutput

type CertificateOptionsPtrInput

type CertificateOptionsPtrInput interface {
	pulumi.Input

	ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput
	ToCertificateOptionsPtrOutputWithContext(context.Context) CertificateOptionsPtrOutput
}

CertificateOptionsPtrInput is an input type that accepts CertificateOptionsArgs, CertificateOptionsPtr and CertificateOptionsPtrOutput values. You can construct a concrete instance of `CertificateOptionsPtrInput` via:

        CertificateOptionsArgs{...}

or:

        nil

type CertificateOptionsPtrOutput

type CertificateOptionsPtrOutput struct{ *pulumi.OutputState }

func (CertificateOptionsPtrOutput) CertificateTransparencyLoggingPreference

func (o CertificateOptionsPtrOutput) CertificateTransparencyLoggingPreference() pulumi.StringPtrOutput

Specifies whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details.

func (CertificateOptionsPtrOutput) Elem

func (CertificateOptionsPtrOutput) ElementType

func (CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutput

func (o CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput

func (CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutputWithContext

func (o CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutputWithContext(ctx context.Context) CertificateOptionsPtrOutput

type CertificateOutput added in v3.13.0

type CertificateOutput struct {
	*pulumi.OutputState
}

func (CertificateOutput) ElementType added in v3.13.0

func (CertificateOutput) ElementType() reflect.Type

func (CertificateOutput) ToCertificateOutput added in v3.13.0

func (o CertificateOutput) ToCertificateOutput() CertificateOutput

func (CertificateOutput) ToCertificateOutputWithContext added in v3.13.0

func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

func (CertificateOutput) ToCertificatePtrOutput added in v3.25.0

func (o CertificateOutput) ToCertificatePtrOutput() CertificatePtrOutput

func (CertificateOutput) ToCertificatePtrOutputWithContext added in v3.25.0

func (o CertificateOutput) ToCertificatePtrOutputWithContext(ctx context.Context) CertificatePtrOutput

type CertificatePtrInput added in v3.25.0

type CertificatePtrInput interface {
	pulumi.Input

	ToCertificatePtrOutput() CertificatePtrOutput
	ToCertificatePtrOutputWithContext(ctx context.Context) CertificatePtrOutput
}

type CertificatePtrOutput added in v3.25.0

type CertificatePtrOutput struct {
	*pulumi.OutputState
}

func (CertificatePtrOutput) ElementType added in v3.25.0

func (CertificatePtrOutput) ElementType() reflect.Type

func (CertificatePtrOutput) ToCertificatePtrOutput added in v3.25.0

func (o CertificatePtrOutput) ToCertificatePtrOutput() CertificatePtrOutput

func (CertificatePtrOutput) ToCertificatePtrOutputWithContext added in v3.25.0

func (o CertificatePtrOutput) ToCertificatePtrOutputWithContext(ctx context.Context) CertificatePtrOutput

type CertificateState

type CertificateState struct {
	// The ARN of the certificate
	Arn pulumi.StringPtrInput
	// ARN of an ACMPCA
	CertificateAuthorityArn pulumi.StringPtrInput
	// The certificate's PEM-formatted public key
	CertificateBody pulumi.StringPtrInput
	// The certificate's PEM-formatted chain
	// * Creating a private CA issued certificate
	CertificateChain pulumi.StringPtrInput
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringPtrInput
	// Set of domain validation objects which can be used to complete certificate validation. Can have more than one element, e.g. if SANs are defined. Only set if `DNS`-validation was used.
	DomainValidationOptions CertificateDomainValidationOptionArrayInput
	// Configuration block used to set certificate options. Detailed below.
	// * Importing an existing certificate
	Options CertificateOptionsPtrInput
	// The certificate's PEM-formatted private key
	PrivateKey pulumi.StringPtrInput
	// Status of the certificate.
	Status pulumi.StringPtrInput
	// Set of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`) to trigger recreation.
	SubjectAlternativeNames pulumi.StringArrayInput
	// A map of tags to assign to the resource.
	Tags pulumi.StringMapInput
	// A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used.
	ValidationEmails pulumi.StringArrayInput
	// Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into the provider.
	ValidationMethod pulumi.StringPtrInput
}

func (CertificateState) ElementType

func (CertificateState) ElementType() reflect.Type

type CertificateValidation

type CertificateValidation struct {
	pulumi.CustomResourceState

	// The ARN of the certificate that is being validated.
	CertificateArn pulumi.StringOutput `pulumi:"certificateArn"`
	// List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation
	ValidationRecordFqdns pulumi.StringArrayOutput `pulumi:"validationRecordFqdns"`
}

This resource represents a successful validation of an ACM certificate in concert with other resources.

Most commonly, this resource is used together with `route53.Record` and `acm.Certificate` to request a DNS validated certificate, deploy the required validation records and wait for validation to complete.

> **WARNING:** This resource implements a part of the validation workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.

## Example Usage ### Email Validation

In this situation, the resource is simply a waiter for manual email approval of ACM certificates.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/acm"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleCertificate, err := acm.NewCertificate(ctx, "exampleCertificate", &acm.CertificateArgs{
			DomainName:       pulumi.String("example.com"),
			ValidationMethod: pulumi.String("EMAIL"),
		})
		if err != nil {
			return err
		}
		_, err = acm.NewCertificateValidation(ctx, "exampleCertificateValidation", &acm.CertificateValidationArgs{
			CertificateArn: exampleCertificate.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetCertificateValidation

func GetCertificateValidation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateValidationState, opts ...pulumi.ResourceOption) (*CertificateValidation, error)

GetCertificateValidation gets an existing CertificateValidation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateValidation

func NewCertificateValidation(ctx *pulumi.Context,
	name string, args *CertificateValidationArgs, opts ...pulumi.ResourceOption) (*CertificateValidation, error)

NewCertificateValidation registers a new resource with the given unique name, arguments, and options.

func (*CertificateValidation) ElementType added in v3.13.0

func (*CertificateValidation) ElementType() reflect.Type

func (*CertificateValidation) ToCertificateValidationOutput added in v3.13.0

func (i *CertificateValidation) ToCertificateValidationOutput() CertificateValidationOutput

func (*CertificateValidation) ToCertificateValidationOutputWithContext added in v3.13.0

func (i *CertificateValidation) ToCertificateValidationOutputWithContext(ctx context.Context) CertificateValidationOutput

func (*CertificateValidation) ToCertificateValidationPtrOutput added in v3.25.0

func (i *CertificateValidation) ToCertificateValidationPtrOutput() CertificateValidationPtrOutput

func (*CertificateValidation) ToCertificateValidationPtrOutputWithContext added in v3.25.0

func (i *CertificateValidation) ToCertificateValidationPtrOutputWithContext(ctx context.Context) CertificateValidationPtrOutput

type CertificateValidationArgs

type CertificateValidationArgs struct {
	// The ARN of the certificate that is being validated.
	CertificateArn pulumi.StringInput
	// List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation
	ValidationRecordFqdns pulumi.StringArrayInput
}

The set of arguments for constructing a CertificateValidation resource.

func (CertificateValidationArgs) ElementType

func (CertificateValidationArgs) ElementType() reflect.Type

type CertificateValidationArray added in v3.25.0

type CertificateValidationArray []CertificateValidationInput

func (CertificateValidationArray) ElementType added in v3.25.0

func (CertificateValidationArray) ElementType() reflect.Type

func (CertificateValidationArray) ToCertificateValidationArrayOutput added in v3.25.0

func (i CertificateValidationArray) ToCertificateValidationArrayOutput() CertificateValidationArrayOutput

func (CertificateValidationArray) ToCertificateValidationArrayOutputWithContext added in v3.25.0

func (i CertificateValidationArray) ToCertificateValidationArrayOutputWithContext(ctx context.Context) CertificateValidationArrayOutput

type CertificateValidationArrayInput added in v3.25.0

type CertificateValidationArrayInput interface {
	pulumi.Input

	ToCertificateValidationArrayOutput() CertificateValidationArrayOutput
	ToCertificateValidationArrayOutputWithContext(context.Context) CertificateValidationArrayOutput
}

CertificateValidationArrayInput is an input type that accepts CertificateValidationArray and CertificateValidationArrayOutput values. You can construct a concrete instance of `CertificateValidationArrayInput` via:

CertificateValidationArray{ CertificateValidationArgs{...} }

type CertificateValidationArrayOutput added in v3.25.0

type CertificateValidationArrayOutput struct{ *pulumi.OutputState }

func (CertificateValidationArrayOutput) ElementType added in v3.25.0

func (CertificateValidationArrayOutput) Index added in v3.25.0

func (CertificateValidationArrayOutput) ToCertificateValidationArrayOutput added in v3.25.0

func (o CertificateValidationArrayOutput) ToCertificateValidationArrayOutput() CertificateValidationArrayOutput

func (CertificateValidationArrayOutput) ToCertificateValidationArrayOutputWithContext added in v3.25.0

func (o CertificateValidationArrayOutput) ToCertificateValidationArrayOutputWithContext(ctx context.Context) CertificateValidationArrayOutput

type CertificateValidationInput added in v3.13.0

type CertificateValidationInput interface {
	pulumi.Input

	ToCertificateValidationOutput() CertificateValidationOutput
	ToCertificateValidationOutputWithContext(ctx context.Context) CertificateValidationOutput
}

type CertificateValidationMap added in v3.25.0

type CertificateValidationMap map[string]CertificateValidationInput

func (CertificateValidationMap) ElementType added in v3.25.0

func (CertificateValidationMap) ElementType() reflect.Type

func (CertificateValidationMap) ToCertificateValidationMapOutput added in v3.25.0

func (i CertificateValidationMap) ToCertificateValidationMapOutput() CertificateValidationMapOutput

func (CertificateValidationMap) ToCertificateValidationMapOutputWithContext added in v3.25.0

func (i CertificateValidationMap) ToCertificateValidationMapOutputWithContext(ctx context.Context) CertificateValidationMapOutput

type CertificateValidationMapInput added in v3.25.0

type CertificateValidationMapInput interface {
	pulumi.Input

	ToCertificateValidationMapOutput() CertificateValidationMapOutput
	ToCertificateValidationMapOutputWithContext(context.Context) CertificateValidationMapOutput
}

CertificateValidationMapInput is an input type that accepts CertificateValidationMap and CertificateValidationMapOutput values. You can construct a concrete instance of `CertificateValidationMapInput` via:

CertificateValidationMap{ "key": CertificateValidationArgs{...} }

type CertificateValidationMapOutput added in v3.25.0

type CertificateValidationMapOutput struct{ *pulumi.OutputState }

func (CertificateValidationMapOutput) ElementType added in v3.25.0

func (CertificateValidationMapOutput) MapIndex added in v3.25.0

func (CertificateValidationMapOutput) ToCertificateValidationMapOutput added in v3.25.0

func (o CertificateValidationMapOutput) ToCertificateValidationMapOutput() CertificateValidationMapOutput

func (CertificateValidationMapOutput) ToCertificateValidationMapOutputWithContext added in v3.25.0

func (o CertificateValidationMapOutput) ToCertificateValidationMapOutputWithContext(ctx context.Context) CertificateValidationMapOutput

type CertificateValidationOutput added in v3.13.0

type CertificateValidationOutput struct {
	*pulumi.OutputState
}

func (CertificateValidationOutput) ElementType added in v3.13.0

func (CertificateValidationOutput) ToCertificateValidationOutput added in v3.13.0

func (o CertificateValidationOutput) ToCertificateValidationOutput() CertificateValidationOutput

func (CertificateValidationOutput) ToCertificateValidationOutputWithContext added in v3.13.0

func (o CertificateValidationOutput) ToCertificateValidationOutputWithContext(ctx context.Context) CertificateValidationOutput

func (CertificateValidationOutput) ToCertificateValidationPtrOutput added in v3.25.0

func (o CertificateValidationOutput) ToCertificateValidationPtrOutput() CertificateValidationPtrOutput

func (CertificateValidationOutput) ToCertificateValidationPtrOutputWithContext added in v3.25.0

func (o CertificateValidationOutput) ToCertificateValidationPtrOutputWithContext(ctx context.Context) CertificateValidationPtrOutput

type CertificateValidationPtrInput added in v3.25.0

type CertificateValidationPtrInput interface {
	pulumi.Input

	ToCertificateValidationPtrOutput() CertificateValidationPtrOutput
	ToCertificateValidationPtrOutputWithContext(ctx context.Context) CertificateValidationPtrOutput
}

type CertificateValidationPtrOutput added in v3.25.0

type CertificateValidationPtrOutput struct {
	*pulumi.OutputState
}

func (CertificateValidationPtrOutput) ElementType added in v3.25.0

func (CertificateValidationPtrOutput) ToCertificateValidationPtrOutput added in v3.25.0

func (o CertificateValidationPtrOutput) ToCertificateValidationPtrOutput() CertificateValidationPtrOutput

func (CertificateValidationPtrOutput) ToCertificateValidationPtrOutputWithContext added in v3.25.0

func (o CertificateValidationPtrOutput) ToCertificateValidationPtrOutputWithContext(ctx context.Context) CertificateValidationPtrOutput

type CertificateValidationState

type CertificateValidationState struct {
	// The ARN of the certificate that is being validated.
	CertificateArn pulumi.StringPtrInput
	// List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation
	ValidationRecordFqdns pulumi.StringArrayInput
}

func (CertificateValidationState) ElementType

func (CertificateValidationState) ElementType() reflect.Type

type LookupCertificateArgs

type LookupCertificateArgs struct {
	// The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.
	Domain string `pulumi:"domain"`
	// A list of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. Valid values are `RSA_1024`, `RSA_2048`, `RSA_4096`, `EC_prime256v1`, `EC_secp384r1`, and `EC_secp521r1`.
	KeyTypes []string `pulumi:"keyTypes"`
	// If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.
	MostRecent *bool `pulumi:"mostRecent"`
	// A list of statuses on which to filter the returned list. Valid values are `PENDING_VALIDATION`, `ISSUED`,
	// `INACTIVE`, `EXPIRED`, `VALIDATION_TIMED_OUT`, `REVOKED` and `FAILED`. If no value is specified, only certificates in the `ISSUED` state
	// are returned.
	Statuses []string `pulumi:"statuses"`
	// A mapping of tags for the resource.
	Tags map[string]string `pulumi:"tags"`
	// A list of types on which to filter the returned list. Valid values are `AMAZON_ISSUED` and `IMPORTED`.
	Types []string `pulumi:"types"`
}

A collection of arguments for invoking getCertificate.

type LookupCertificateResult

type LookupCertificateResult struct {
	// Amazon Resource Name (ARN) of the found certificate, suitable for referencing in other resources that support ACM certificates.
	Arn    string `pulumi:"arn"`
	Domain string `pulumi:"domain"`
	// The provider-assigned unique ID for this managed resource.
	Id         string   `pulumi:"id"`
	KeyTypes   []string `pulumi:"keyTypes"`
	MostRecent *bool    `pulumi:"mostRecent"`
	Statuses   []string `pulumi:"statuses"`
	// A mapping of tags for the resource.
	Tags  map[string]string `pulumi:"tags"`
	Types []string          `pulumi:"types"`
}

A collection of values returned by getCertificate.

func LookupCertificate

func LookupCertificate(ctx *pulumi.Context, args *LookupCertificateArgs, opts ...pulumi.InvokeOption) (*LookupCertificateResult, error)

Use this data source to get the ARN of a certificate in AWS Certificate Manager (ACM), you can reference it by domain without having to hard code the ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/acm"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acm.LookupCertificate(ctx, &acm.LookupCertificateArgs{
			Domain: "tf.example.com",
			Statuses: []string{
				"ISSUED",
			},
		}, nil)
		if err != nil {
			return err
		}
		opt0 := true
		_, err = acm.LookupCertificate(ctx, &acm.LookupCertificateArgs{
			Domain:     "tf.example.com",
			MostRecent: &opt0,
			Types: []string{
				"AMAZON_ISSUED",
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = acm.LookupCertificate(ctx, &acm.LookupCertificateArgs{
			Domain: "tf.example.com",
			KeyTypes: []string{
				"RSA_4096",
			},
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL