acmpca

package
v6.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation ¶

Index ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Certificate ¶ 

type Certificate struct {
	pulumi.CustomResourceState

	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrOutput `pulumi:"apiPassthrough"`
	// ARN of the certificate.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// PEM-encoded certificate value.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain pulumi.StringOutput `pulumi:"certificateChain"`
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringOutput `pulumi:"certificateSigningRequest"`
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringOutput `pulumi:"signingAlgorithm"`
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrOutput `pulumi:"templateArn"`
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityOutput `pulumi:"validity"`
}

Provides a resource to issue a certificate using AWS Certificate Manager Private Certificate Authority (ACM PCA).

Certificates created using `acmpca.Certificate` are not eligible for automatic renewal, and must be replaced instead. To issue a renewable certificate using an ACM PCA, create a `acm.Certificate` with the parameter `certificateAuthorityArn`.

## Example Usage

## Import

Using `pulumi import`, import ACM PCA Certificates using their ARN. For example:

```sh 

$ pulumi import aws:acmpca/certificate:Certificate cert arn:aws:acm-pca:eu-west-1:675225743824:certificate-authority/08319ede-83g9-1400-8f21-c7d12b2b6edb/certificate/a4e9c2aa4bcfab625g1b9136464cd3a

```

func GetCertificate ¶ 

func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error)

GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificate ¶ 

func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error)

NewCertificate registers a new resource with the given unique name, arguments, and options.

func (*Certificate) ElementType ¶ 

func (*Certificate) ElementType() reflect.Type

func (*Certificate) ToCertificateOutput ¶ 

func (i *Certificate) ToCertificateOutput() CertificateOutput

func (*Certificate) ToCertificateOutputWithContext ¶ 

func (i *Certificate) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

type CertificateArgs ¶ 

type CertificateArgs struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrInput
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringInput
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringInput
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringInput
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrInput
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityInput
}

The set of arguments for constructing a Certificate resource.

func (CertificateArgs) ElementType ¶ 

func (CertificateArgs) ElementType() reflect.Type

type CertificateArray ¶ 

type CertificateArray []CertificateInput

func (CertificateArray) ElementType ¶ 

func (CertificateArray) ElementType() reflect.Type

func (CertificateArray) ToCertificateArrayOutput ¶ 

func (i CertificateArray) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArray) ToCertificateArrayOutputWithContext ¶ 

func (i CertificateArray) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateArrayInput ¶ 

type CertificateArrayInput interface {
	pulumi.Input

	ToCertificateArrayOutput() CertificateArrayOutput
	ToCertificateArrayOutputWithContext(context.Context) CertificateArrayOutput
}

CertificateArrayInput is an input type that accepts CertificateArray and CertificateArrayOutput values. You can construct a concrete instance of `CertificateArrayInput` via: 

CertificateArray{ CertificateArgs{...} }

type CertificateArrayOutput ¶ 

type CertificateArrayOutput struct{ *pulumi.OutputState }

func (CertificateArrayOutput) ElementType ¶ 

func (CertificateArrayOutput) ElementType() reflect.Type

func (CertificateArrayOutput) Index ¶ 

func (o CertificateArrayOutput) Index(i pulumi.IntInput) CertificateOutput

func (CertificateArrayOutput) ToCertificateArrayOutput ¶ 

func (o CertificateArrayOutput) ToCertificateArrayOutput() CertificateArrayOutput

func (CertificateArrayOutput) ToCertificateArrayOutputWithContext ¶ 

func (o CertificateArrayOutput) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput

type CertificateAuthority ¶ 

type CertificateAuthority struct {
	pulumi.CustomResourceState

	// ARN of the certificate authority.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// Nested argument containing algorithms and certificate subject information. Defined below.
	CertificateAuthorityConfiguration CertificateAuthorityCertificateAuthorityConfigurationOutput `pulumi:"certificateAuthorityConfiguration"`
	// Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
	CertificateChain pulumi.StringOutput `pulumi:"certificateChain"`
	// The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
	CertificateSigningRequest pulumi.StringOutput `pulumi:"certificateSigningRequest"`
	// Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).
	KeyStorageSecurityStandard pulumi.StringOutput `pulumi:"keyStorageSecurityStandard"`
	// Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotAfter pulumi.StringOutput `pulumi:"notAfter"`
	// Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotBefore pulumi.StringOutput `pulumi:"notBefore"`
	// Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.
	PermanentDeletionTimeInDays pulumi.IntPtrOutput `pulumi:"permanentDeletionTimeInDays"`
	// Nested argument containing revocation configuration. Defined below.
	RevocationConfiguration CertificateAuthorityRevocationConfigurationPtrOutput `pulumi:"revocationConfiguration"`
	// Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
	Serial pulumi.StringOutput `pulumi:"serial"`
	// Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	//
	// Deprecated: Please use `tags` instead.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.
	Type pulumi.StringPtrOutput `pulumi:"type"`
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.
	UsageMode pulumi.StringOutput `pulumi:"usageMode"`
}

Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).

> **NOTE:** Creating this resource will leave the certificate authority in a `PENDING_CERTIFICATE` status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the `certificateSigningRequest` attribute. The `acmpca.CertificateAuthorityCertificate` resource can be used for this purpose.

## Example Usage ### Basic

```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
			PermanentDeletionTimeInDays: pulumi.Int(7),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Short-lived certificate

```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
			UsageMode: pulumi.String("SHORT_LIVED_CERTIFICATE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Enable Certificate Revocation List

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleBucketV2, err := s3.NewBucketV2(ctx, "exampleBucketV2", &s3.BucketV2Args{
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		acmpcaBucketAccess := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
			Statements: iam.GetPolicyDocumentStatementArray{
				&iam.GetPolicyDocumentStatementArgs{
					Actions: pulumi.StringArray{
						pulumi.String("s3:GetBucketAcl"),
						pulumi.String("s3:GetBucketLocation"),
						pulumi.String("s3:PutObject"),
						pulumi.String("s3:PutObjectAcl"),
					},
					Resources: pulumi.StringArray{
						exampleBucketV2.Arn,
						exampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v/*", arn), nil
						}).(pulumi.StringOutput),
					},
					Principals: iam.GetPolicyDocumentStatementPrincipalArray{
						&iam.GetPolicyDocumentStatementPrincipalArgs{
							Identifiers: pulumi.StringArray{
								pulumi.String("acm-pca.amazonaws.com"),
							},
							Type: pulumi.String("Service"),
						},
					},
				},
			},
		}, nil)
		exampleBucketPolicy, err := s3.NewBucketPolicy(ctx, "exampleBucketPolicy", &s3.BucketPolicyArgs{
			Bucket: exampleBucketV2.ID(),
			Policy: acmpcaBucketAccess.ApplyT(func(acmpcaBucketAccess iam.GetPolicyDocumentResult) (*string, error) {
				return &acmpcaBucketAccess.Json, nil
			}).(pulumi.StringPtrOutput),
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthority(ctx, "exampleCertificateAuthority", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
			RevocationConfiguration: &acmpca.CertificateAuthorityRevocationConfigurationArgs{
				CrlConfiguration: &acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{
					CustomCname:      pulumi.String("crl.example.com"),
					Enabled:          pulumi.Bool(true),
					ExpirationInDays: pulumi.Int(7),
					S3BucketName:     exampleBucketV2.ID(),
					S3ObjectAcl:      pulumi.String("BUCKET_OWNER_FULL_CONTROL"),
				},
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			exampleBucketPolicy,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Using `pulumi import`, import `aws_acmpca_certificate_authority` using the certificate authority ARN. For example:

```sh 

$ pulumi import aws:acmpca/certificateAuthority:CertificateAuthority example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012

```

func GetCertificateAuthority ¶ 

func GetCertificateAuthority(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateAuthorityState, opts ...pulumi.ResourceOption) (*CertificateAuthority, error)

GetCertificateAuthority gets an existing CertificateAuthority resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateAuthority ¶ 

func NewCertificateAuthority(ctx *pulumi.Context,
	name string, args *CertificateAuthorityArgs, opts ...pulumi.ResourceOption) (*CertificateAuthority, error)

NewCertificateAuthority registers a new resource with the given unique name, arguments, and options.

func (*CertificateAuthority) ElementType ¶ 

func (*CertificateAuthority) ElementType() reflect.Type

func (*CertificateAuthority) ToCertificateAuthorityOutput ¶ 

func (i *CertificateAuthority) ToCertificateAuthorityOutput() CertificateAuthorityOutput

func (*CertificateAuthority) ToCertificateAuthorityOutputWithContext ¶ 

func (i *CertificateAuthority) ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput

type CertificateAuthorityArgs ¶ 

type CertificateAuthorityArgs struct {
	// Nested argument containing algorithms and certificate subject information. Defined below.
	CertificateAuthorityConfiguration CertificateAuthorityCertificateAuthorityConfigurationInput
	// Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.
	Enabled pulumi.BoolPtrInput
	// Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).
	KeyStorageSecurityStandard pulumi.StringPtrInput
	// Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.
	PermanentDeletionTimeInDays pulumi.IntPtrInput
	// Nested argument containing revocation configuration. Defined below.
	RevocationConfiguration CertificateAuthorityRevocationConfigurationPtrInput
	// Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.
	Type pulumi.StringPtrInput
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.
	UsageMode pulumi.StringPtrInput
}

The set of arguments for constructing a CertificateAuthority resource.

func (CertificateAuthorityArgs) ElementType ¶ 

func (CertificateAuthorityArgs) ElementType() reflect.Type

type CertificateAuthorityArray ¶ 

type CertificateAuthorityArray []CertificateAuthorityInput

func (CertificateAuthorityArray) ElementType ¶ 

func (CertificateAuthorityArray) ElementType() reflect.Type

func (CertificateAuthorityArray) ToCertificateAuthorityArrayOutput ¶ 

func (i CertificateAuthorityArray) ToCertificateAuthorityArrayOutput() CertificateAuthorityArrayOutput

func (CertificateAuthorityArray) ToCertificateAuthorityArrayOutputWithContext ¶ 

func (i CertificateAuthorityArray) ToCertificateAuthorityArrayOutputWithContext(ctx context.Context) CertificateAuthorityArrayOutput

type CertificateAuthorityArrayInput ¶ 

type CertificateAuthorityArrayInput interface {
	pulumi.Input

	ToCertificateAuthorityArrayOutput() CertificateAuthorityArrayOutput
	ToCertificateAuthorityArrayOutputWithContext(context.Context) CertificateAuthorityArrayOutput
}

CertificateAuthorityArrayInput is an input type that accepts CertificateAuthorityArray and CertificateAuthorityArrayOutput values. You can construct a concrete instance of `CertificateAuthorityArrayInput` via: 

CertificateAuthorityArray{ CertificateAuthorityArgs{...} }

type CertificateAuthorityArrayOutput ¶ 

type CertificateAuthorityArrayOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityArrayOutput) ElementType ¶ 

func (CertificateAuthorityArrayOutput) ElementType() reflect.Type

func (CertificateAuthorityArrayOutput) Index ¶ 

func (o CertificateAuthorityArrayOutput) Index(i pulumi.IntInput) CertificateAuthorityOutput

func (CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutput ¶ 

func (o CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutput() CertificateAuthorityArrayOutput

func (CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutputWithContext ¶ 

func (o CertificateAuthorityArrayOutput) ToCertificateAuthorityArrayOutputWithContext(ctx context.Context) CertificateAuthorityArrayOutput

type CertificateAuthorityCertificate ¶ 

type CertificateAuthorityCertificate struct {
	pulumi.CustomResourceState

	// PEM-encoded certificate for the Certificate Authority.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// ARN of the Certificate Authority.
	CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.
	CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"`
}

Associates a certificate with an AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority). An ACM PCA Certificate Authority is unable to issue certificates until it has a certificate associated with it. A root level ACM PCA Certificate Authority is able to self-sign its own root certificate.

## Example Usage ### Self-Signed Root Certificate Authority Certificate

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "exampleCertificateAuthority", &acmpca.CertificateAuthorityArgs{
			Type: pulumi.String("ROOT"),
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		current, err := aws.GetPartition(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleCertificate, err := acmpca.NewCertificate(ctx, "exampleCertificate", &acmpca.CertificateArgs{
			CertificateAuthorityArn:   exampleCertificateAuthority.Arn,
			CertificateSigningRequest: exampleCertificateAuthority.CertificateSigningRequest,
			SigningAlgorithm:          pulumi.String("SHA512WITHRSA"),
			TemplateArn:               pulumi.String(fmt.Sprintf("arn:%v:acm-pca:::template/RootCACertificate/V1", current.Partition)),
			Validity: &acmpca.CertificateValidityArgs{
				Type:  pulumi.String("YEARS"),
				Value: pulumi.String("1"),
			},
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthorityCertificate(ctx, "exampleCertificateAuthorityCertificate", &acmpca.CertificateAuthorityCertificateArgs{
			CertificateAuthorityArn: exampleCertificateAuthority.Arn,
			Certificate:             exampleCertificate.Certificate,
			CertificateChain:        exampleCertificate.CertificateChain,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Certificate for Subordinate Certificate Authority

Note that the certificate for the subordinate certificate authority must be issued by the root certificate authority using a signing request from the subordinate certificate authority.

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		subordinateCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "subordinateCertificateAuthority", &acmpca.CertificateAuthorityArgs{
			Type: pulumi.String("SUBORDINATE"),
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_2048"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("sub.example.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		rootCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "rootCertificateAuthority", nil)
		if err != nil {
			return err
		}
		current, err := aws.GetPartition(ctx, nil, nil)
		if err != nil {
			return err
		}
		subordinateCertificate, err := acmpca.NewCertificate(ctx, "subordinateCertificate", &acmpca.CertificateArgs{
			CertificateAuthorityArn:   rootCertificateAuthority.Arn,
			CertificateSigningRequest: subordinateCertificateAuthority.CertificateSigningRequest,
			SigningAlgorithm:          pulumi.String("SHA512WITHRSA"),
			TemplateArn:               pulumi.String(fmt.Sprintf("arn:%v:acm-pca:::template/SubordinateCACertificate_PathLen0/V1", current.Partition)),
			Validity: &acmpca.CertificateValidityArgs{
				Type:  pulumi.String("YEARS"),
				Value: pulumi.String("1"),
			},
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthorityCertificate(ctx, "subordinateCertificateAuthorityCertificate", &acmpca.CertificateAuthorityCertificateArgs{
			CertificateAuthorityArn: subordinateCertificateAuthority.Arn,
			Certificate:             subordinateCertificate.Certificate,
			CertificateChain:        subordinateCertificate.CertificateChain,
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificateAuthorityCertificate(ctx, "rootCertificateAuthorityCertificate", nil)
		if err != nil {
			return err
		}
		_, err = acmpca.NewCertificate(ctx, "rootCertificate", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetCertificateAuthorityCertificate ¶ 

func GetCertificateAuthorityCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateAuthorityCertificateState, opts ...pulumi.ResourceOption) (*CertificateAuthorityCertificate, error)

GetCertificateAuthorityCertificate gets an existing CertificateAuthorityCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateAuthorityCertificate ¶ 

func NewCertificateAuthorityCertificate(ctx *pulumi.Context,
	name string, args *CertificateAuthorityCertificateArgs, opts ...pulumi.ResourceOption) (*CertificateAuthorityCertificate, error)

NewCertificateAuthorityCertificate registers a new resource with the given unique name, arguments, and options.

func (*CertificateAuthorityCertificate) ElementType ¶ 

func (*CertificateAuthorityCertificate) ElementType() reflect.Type

func (*CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutput ¶ 

func (i *CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput

func (*CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutputWithContext ¶ 

func (i *CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput

type CertificateAuthorityCertificateArgs ¶ 

type CertificateAuthorityCertificateArgs struct {
	// PEM-encoded certificate for the Certificate Authority.
	Certificate pulumi.StringInput
	// ARN of the Certificate Authority.
	CertificateAuthorityArn pulumi.StringInput
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.
	CertificateChain pulumi.StringPtrInput
}

The set of arguments for constructing a CertificateAuthorityCertificate resource.

func (CertificateAuthorityCertificateArgs) ElementType ¶ 

func (CertificateAuthorityCertificateArgs) ElementType() reflect.Type

type CertificateAuthorityCertificateArray ¶ 

type CertificateAuthorityCertificateArray []CertificateAuthorityCertificateInput

func (CertificateAuthorityCertificateArray) ElementType ¶ 

func (CertificateAuthorityCertificateArray) ElementType() reflect.Type

func (CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutput ¶ 

func (i CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput

func (CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutputWithContext ¶ 

func (i CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutputWithContext(ctx context.Context) CertificateAuthorityCertificateArrayOutput

type CertificateAuthorityCertificateArrayInput ¶ 

type CertificateAuthorityCertificateArrayInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput
	ToCertificateAuthorityCertificateArrayOutputWithContext(context.Context) CertificateAuthorityCertificateArrayOutput
}

CertificateAuthorityCertificateArrayInput is an input type that accepts CertificateAuthorityCertificateArray and CertificateAuthorityCertificateArrayOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateArrayInput` via: 

CertificateAuthorityCertificateArray{ CertificateAuthorityCertificateArgs{...} }

type CertificateAuthorityCertificateArrayOutput ¶ 

type CertificateAuthorityCertificateArrayOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateArrayOutput) ElementType ¶ 

func (CertificateAuthorityCertificateArrayOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateArrayOutput) Index ¶ 

func (o CertificateAuthorityCertificateArrayOutput) Index(i pulumi.IntInput) CertificateAuthorityCertificateOutput

func (CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutput ¶ 

func (o CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput

func (CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutputWithContext ¶ 

func (o CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutputWithContext(ctx context.Context) CertificateAuthorityCertificateArrayOutput

type CertificateAuthorityCertificateAuthorityConfiguration ¶ 

type CertificateAuthorityCertificateAuthorityConfiguration struct {
	// Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	KeyAlgorithm string `pulumi:"keyAlgorithm"`
	// Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	SigningAlgorithm string `pulumi:"signingAlgorithm"`
	// Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.
	Subject CertificateAuthorityCertificateAuthorityConfigurationSubject `pulumi:"subject"`
}

type CertificateAuthorityCertificateAuthorityConfigurationArgs ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationArgs struct {
	// Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	KeyAlgorithm pulumi.StringInput `pulumi:"keyAlgorithm"`
	// Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).
	SigningAlgorithm pulumi.StringInput `pulumi:"signingAlgorithm"`
	// Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.
	Subject CertificateAuthorityCertificateAuthorityConfigurationSubjectInput `pulumi:"subject"`
}

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ElementType ¶ 

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutput ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutput() CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationArgs) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationInput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationOutput() CertificateAuthorityCertificateAuthorityConfigurationOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationOutput
}

CertificateAuthorityCertificateAuthorityConfigurationInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationArgs and CertificateAuthorityCertificateAuthorityConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationInput` via: 

CertificateAuthorityCertificateAuthorityConfigurationArgs{...}

type CertificateAuthorityCertificateAuthorityConfigurationOutput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ElementType ¶ 

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) KeyAlgorithm ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) KeyAlgorithm() pulumi.StringOutput

Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) SigningAlgorithm ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) SigningAlgorithm() pulumi.StringOutput

Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) Subject ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) Subject() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutput ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutput() CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationPtrInput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput
}

CertificateAuthorityCertificateAuthorityConfigurationPtrInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationArgs, CertificateAuthorityCertificateAuthorityConfigurationPtr and CertificateAuthorityCertificateAuthorityConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationPtrInput` via: 

        CertificateAuthorityCertificateAuthorityConfigurationArgs{...}

or:

        nil

func CertificateAuthorityCertificateAuthorityConfigurationPtr ¶ 

func CertificateAuthorityCertificateAuthorityConfigurationPtr(v *CertificateAuthorityCertificateAuthorityConfigurationArgs) CertificateAuthorityCertificateAuthorityConfigurationPtrInput

type CertificateAuthorityCertificateAuthorityConfigurationPtrOutput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Elem ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Elem() CertificateAuthorityCertificateAuthorityConfigurationOutput

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ElementType ¶ 

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) KeyAlgorithm ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) KeyAlgorithm() pulumi.StringPtrOutput

Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) SigningAlgorithm ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) SigningAlgorithm() pulumi.StringPtrOutput

Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Subject ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) Subject() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationSubject ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationSubject struct {
	// Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.
	CommonName *string `pulumi:"commonName"`
	// Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.
	Country *string `pulumi:"country"`
	// Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.
	DistinguishedNameQualifier *string `pulumi:"distinguishedNameQualifier"`
	// Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.
	GenerationQualifier *string `pulumi:"generationQualifier"`
	// First name. Must be less than or equal to 16 characters in length.
	GivenName *string `pulumi:"givenName"`
	// Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.
	Initials *string `pulumi:"initials"`
	// Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.
	Locality *string `pulumi:"locality"`
	// Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	Organization *string `pulumi:"organization"`
	// Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	OrganizationalUnit *string `pulumi:"organizationalUnit"`
	// Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.
	Pseudonym *string `pulumi:"pseudonym"`
	// State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.
	State *string `pulumi:"state"`
	// Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.
	Surname *string `pulumi:"surname"`
	// Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.
	Title *string `pulumi:"title"`
}

type CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs struct {
	// Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.
	CommonName pulumi.StringPtrInput `pulumi:"commonName"`
	// Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.
	Country pulumi.StringPtrInput `pulumi:"country"`
	// Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.
	DistinguishedNameQualifier pulumi.StringPtrInput `pulumi:"distinguishedNameQualifier"`
	// Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.
	GenerationQualifier pulumi.StringPtrInput `pulumi:"generationQualifier"`
	// First name. Must be less than or equal to 16 characters in length.
	GivenName pulumi.StringPtrInput `pulumi:"givenName"`
	// Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.
	Initials pulumi.StringPtrInput `pulumi:"initials"`
	// Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.
	Locality pulumi.StringPtrInput `pulumi:"locality"`
	// Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	Organization pulumi.StringPtrInput `pulumi:"organization"`
	// Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.
	OrganizationalUnit pulumi.StringPtrInput `pulumi:"organizationalUnit"`
	// Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.
	Pseudonym pulumi.StringPtrInput `pulumi:"pseudonym"`
	// State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.
	State pulumi.StringPtrInput `pulumi:"state"`
	// Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.
	Surname pulumi.StringPtrInput `pulumi:"surname"`
	// Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ElementType ¶ 

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext ¶ 

func (i CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationSubjectInput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput
}

CertificateAuthorityCertificateAuthorityConfigurationSubjectInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs and CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationSubjectInput` via: 

CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{...}

type CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) CommonName ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) CommonName() pulumi.StringPtrOutput

Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Country ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Country() pulumi.StringPtrOutput

Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) DistinguishedNameQualifier ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) DistinguishedNameQualifier() pulumi.StringPtrOutput

Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ElementType ¶ 

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GenerationQualifier ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GenerationQualifier() pulumi.StringPtrOutput

Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GivenName ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) GivenName() pulumi.StringPtrOutput

First name. Must be less than or equal to 16 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Initials ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Initials() pulumi.StringPtrOutput

Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Locality ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Locality() pulumi.StringPtrOutput

Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Organization ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Organization() pulumi.StringPtrOutput

Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) OrganizationalUnit ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) OrganizationalUnit() pulumi.StringPtrOutput

Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Pseudonym ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Pseudonym() pulumi.StringPtrOutput

Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) State ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) State() pulumi.StringPtrOutput

State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Surname ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Surname() pulumi.StringPtrOutput

Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Title ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) Title() pulumi.StringPtrOutput

Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput
	ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput
}

CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput is an input type that accepts CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs, CertificateAuthorityCertificateAuthorityConfigurationSubjectPtr and CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput` via: 

        CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{...}

or:

        nil

func CertificateAuthorityCertificateAuthorityConfigurationSubjectPtr ¶ 

func CertificateAuthorityCertificateAuthorityConfigurationSubjectPtr(v *CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrInput

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput ¶ 

type CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) CommonName ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) CommonName() pulumi.StringPtrOutput

Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Country ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Country() pulumi.StringPtrOutput

Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) DistinguishedNameQualifier ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) DistinguishedNameQualifier() pulumi.StringPtrOutput

Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Elem ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Elem() CertificateAuthorityCertificateAuthorityConfigurationSubjectOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ElementType ¶ 

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GenerationQualifier ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GenerationQualifier() pulumi.StringPtrOutput

Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GivenName ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) GivenName() pulumi.StringPtrOutput

First name. Must be less than or equal to 16 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Initials ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Initials() pulumi.StringPtrOutput

Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Locality ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Locality() pulumi.StringPtrOutput

Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Organization ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Organization() pulumi.StringPtrOutput

Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) OrganizationalUnit ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) OrganizationalUnit() pulumi.StringPtrOutput

Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Pseudonym ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Pseudonym() pulumi.StringPtrOutput

Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) State ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) State() pulumi.StringPtrOutput

State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Surname ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Surname() pulumi.StringPtrOutput

Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Title ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) Title() pulumi.StringPtrOutput

Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput() CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

func (CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext ¶ 

func (o CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput) ToCertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutputWithContext(ctx context.Context) CertificateAuthorityCertificateAuthorityConfigurationSubjectPtrOutput

type CertificateAuthorityCertificateInput ¶ 

type CertificateAuthorityCertificateInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput
	ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput
}

type CertificateAuthorityCertificateMap ¶ 

type CertificateAuthorityCertificateMap map[string]CertificateAuthorityCertificateInput

func (CertificateAuthorityCertificateMap) ElementType ¶ 

func (CertificateAuthorityCertificateMap) ElementType() reflect.Type

func (CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutput ¶ 

func (i CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput

func (CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutputWithContext ¶ 

func (i CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutputWithContext(ctx context.Context) CertificateAuthorityCertificateMapOutput

type CertificateAuthorityCertificateMapInput ¶ 

type CertificateAuthorityCertificateMapInput interface {
	pulumi.Input

	ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput
	ToCertificateAuthorityCertificateMapOutputWithContext(context.Context) CertificateAuthorityCertificateMapOutput
}

CertificateAuthorityCertificateMapInput is an input type that accepts CertificateAuthorityCertificateMap and CertificateAuthorityCertificateMapOutput values. You can construct a concrete instance of `CertificateAuthorityCertificateMapInput` via: 

CertificateAuthorityCertificateMap{ "key": CertificateAuthorityCertificateArgs{...} }

type CertificateAuthorityCertificateMapOutput ¶ 

type CertificateAuthorityCertificateMapOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateMapOutput) ElementType ¶ 

func (CertificateAuthorityCertificateMapOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateMapOutput) MapIndex ¶ 

func (o CertificateAuthorityCertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateAuthorityCertificateOutput

func (CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutput ¶ 

func (o CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput

func (CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutputWithContext ¶ 

func (o CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutputWithContext(ctx context.Context) CertificateAuthorityCertificateMapOutput

type CertificateAuthorityCertificateOutput ¶ 

type CertificateAuthorityCertificateOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityCertificateOutput) Certificate ¶ 

func (o CertificateAuthorityCertificateOutput) Certificate() pulumi.StringOutput

PEM-encoded certificate for the Certificate Authority.

func (CertificateAuthorityCertificateOutput) CertificateAuthorityArn ¶ 

func (o CertificateAuthorityCertificateOutput) CertificateAuthorityArn() pulumi.StringOutput

ARN of the Certificate Authority.

func (CertificateAuthorityCertificateOutput) CertificateChain ¶ 

func (o CertificateAuthorityCertificateOutput) CertificateChain() pulumi.StringPtrOutput

PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.

func (CertificateAuthorityCertificateOutput) ElementType ¶ 

func (CertificateAuthorityCertificateOutput) ElementType() reflect.Type

func (CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutput ¶ 

func (o CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput

func (CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutputWithContext ¶ 

func (o CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput

type CertificateAuthorityCertificateState ¶ 

type CertificateAuthorityCertificateState struct {
	// PEM-encoded certificate for the Certificate Authority.
	Certificate pulumi.StringPtrInput
	// ARN of the Certificate Authority.
	CertificateAuthorityArn pulumi.StringPtrInput
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.
	CertificateChain pulumi.StringPtrInput
}

func (CertificateAuthorityCertificateState) ElementType ¶ 

func (CertificateAuthorityCertificateState) ElementType() reflect.Type

type CertificateAuthorityInput ¶ 

type CertificateAuthorityInput interface {
	pulumi.Input

	ToCertificateAuthorityOutput() CertificateAuthorityOutput
	ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput
}

type CertificateAuthorityMap ¶ 

type CertificateAuthorityMap map[string]CertificateAuthorityInput

func (CertificateAuthorityMap) ElementType ¶ 

func (CertificateAuthorityMap) ElementType() reflect.Type

func (CertificateAuthorityMap) ToCertificateAuthorityMapOutput ¶ 

func (i CertificateAuthorityMap) ToCertificateAuthorityMapOutput() CertificateAuthorityMapOutput

func (CertificateAuthorityMap) ToCertificateAuthorityMapOutputWithContext ¶ 

func (i CertificateAuthorityMap) ToCertificateAuthorityMapOutputWithContext(ctx context.Context) CertificateAuthorityMapOutput

type CertificateAuthorityMapInput ¶ 

type CertificateAuthorityMapInput interface {
	pulumi.Input

	ToCertificateAuthorityMapOutput() CertificateAuthorityMapOutput
	ToCertificateAuthorityMapOutputWithContext(context.Context) CertificateAuthorityMapOutput
}

CertificateAuthorityMapInput is an input type that accepts CertificateAuthorityMap and CertificateAuthorityMapOutput values. You can construct a concrete instance of `CertificateAuthorityMapInput` via: 

CertificateAuthorityMap{ "key": CertificateAuthorityArgs{...} }

type CertificateAuthorityMapOutput ¶ 

type CertificateAuthorityMapOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityMapOutput) ElementType ¶ 

func (CertificateAuthorityMapOutput) ElementType() reflect.Type

func (CertificateAuthorityMapOutput) MapIndex ¶ 

func (o CertificateAuthorityMapOutput) MapIndex(k pulumi.StringInput) CertificateAuthorityOutput

func (CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutput ¶ 

func (o CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutput() CertificateAuthorityMapOutput

func (CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutputWithContext ¶ 

func (o CertificateAuthorityMapOutput) ToCertificateAuthorityMapOutputWithContext(ctx context.Context) CertificateAuthorityMapOutput

type CertificateAuthorityOutput ¶ 

type CertificateAuthorityOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityOutput) Arn ¶ 

func (o CertificateAuthorityOutput) Arn() pulumi.StringOutput

ARN of the certificate authority.

func (CertificateAuthorityOutput) Certificate ¶ 

func (o CertificateAuthorityOutput) Certificate() pulumi.StringOutput

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) CertificateAuthorityConfiguration ¶ 

func (o CertificateAuthorityOutput) CertificateAuthorityConfiguration() CertificateAuthorityCertificateAuthorityConfigurationOutput

Nested argument containing algorithms and certificate subject information. Defined below.

func (CertificateAuthorityOutput) CertificateChain ¶ 

func (o CertificateAuthorityOutput) CertificateChain() pulumi.StringOutput

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) CertificateSigningRequest ¶ 

func (o CertificateAuthorityOutput) CertificateSigningRequest() pulumi.StringOutput

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

func (CertificateAuthorityOutput) ElementType ¶ 

func (CertificateAuthorityOutput) ElementType() reflect.Type

func (CertificateAuthorityOutput) Enabled ¶ 

func (o CertificateAuthorityOutput) Enabled() pulumi.BoolPtrOutput

Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.

func (CertificateAuthorityOutput) KeyStorageSecurityStandard ¶ 

func (o CertificateAuthorityOutput) KeyStorageSecurityStandard() pulumi.StringOutput

Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).

func (CertificateAuthorityOutput) NotAfter ¶ 

func (o CertificateAuthorityOutput) NotAfter() pulumi.StringOutput

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) NotBefore ¶ 

func (o CertificateAuthorityOutput) NotBefore() pulumi.StringOutput

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) PermanentDeletionTimeInDays ¶ 

func (o CertificateAuthorityOutput) PermanentDeletionTimeInDays() pulumi.IntPtrOutput

Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.

func (CertificateAuthorityOutput) RevocationConfiguration ¶ 

func (o CertificateAuthorityOutput) RevocationConfiguration() CertificateAuthorityRevocationConfigurationPtrOutput

Nested argument containing revocation configuration. Defined below.

func (CertificateAuthorityOutput) Serial ¶ 

func (o CertificateAuthorityOutput) Serial() pulumi.StringOutput

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

func (CertificateAuthorityOutput) Tags ¶ 

func (o CertificateAuthorityOutput) Tags() pulumi.StringMapOutput

Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (CertificateAuthorityOutput) TagsAll deprecated 

func (o CertificateAuthorityOutput) TagsAll() pulumi.StringMapOutput

Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

Deprecated: Please use `tags` instead.

func (CertificateAuthorityOutput) ToCertificateAuthorityOutput ¶ 

func (o CertificateAuthorityOutput) ToCertificateAuthorityOutput() CertificateAuthorityOutput

func (CertificateAuthorityOutput) ToCertificateAuthorityOutputWithContext ¶ 

func (o CertificateAuthorityOutput) ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput

func (CertificateAuthorityOutput) Type ¶ 

func (o CertificateAuthorityOutput) Type() pulumi.StringPtrOutput

Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.

func (CertificateAuthorityOutput) UsageMode ¶ 

func (o CertificateAuthorityOutput) UsageMode() pulumi.StringOutput

Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.

type CertificateAuthorityRevocationConfiguration ¶ 

type CertificateAuthorityRevocationConfiguration struct {
	// Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.
	CrlConfiguration *CertificateAuthorityRevocationConfigurationCrlConfiguration `pulumi:"crlConfiguration"`
	// Nested argument containing configuration of
	// the custom OCSP responder endpoint. Defined below.
	OcspConfiguration *CertificateAuthorityRevocationConfigurationOcspConfiguration `pulumi:"ocspConfiguration"`
}

type CertificateAuthorityRevocationConfigurationArgs ¶ 

type CertificateAuthorityRevocationConfigurationArgs struct {
	// Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.
	CrlConfiguration CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput `pulumi:"crlConfiguration"`
	// Nested argument containing configuration of
	// the custom OCSP responder endpoint. Defined below.
	OcspConfiguration CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput `pulumi:"ocspConfiguration"`
}

func (CertificateAuthorityRevocationConfigurationArgs) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutput ¶ 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutput() CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutputWithContext ¶ 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutput ¶ 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext ¶ 

func (i CertificateAuthorityRevocationConfigurationArgs) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationCrlConfiguration ¶ 

type CertificateAuthorityRevocationConfigurationCrlConfiguration struct {
	// Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.
	CustomCname *string `pulumi:"customCname"`
	// Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.
	Enabled *bool `pulumi:"enabled"`
	// Number of days until a certificate expires. Must be between 1 and 5000.
	ExpirationInDays *int `pulumi:"expirationInDays"`
	// Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.
	S3BucketName *string `pulumi:"s3BucketName"`
	// Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.
	S3ObjectAcl *string `pulumi:"s3ObjectAcl"`
}

type CertificateAuthorityRevocationConfigurationCrlConfigurationArgs ¶ 

type CertificateAuthorityRevocationConfigurationCrlConfigurationArgs struct {
	// Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.
	CustomCname pulumi.StringPtrInput `pulumi:"customCname"`
	// Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.
	Enabled pulumi.BoolPtrInput `pulumi:"enabled"`
	// Number of days until a certificate expires. Must be between 1 and 5000.
	ExpirationInDays pulumi.IntPtrInput `pulumi:"expirationInDays"`
	// Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.
	S3BucketName pulumi.StringPtrInput `pulumi:"s3BucketName"`
	// Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.
	S3ObjectAcl pulumi.StringPtrInput `pulumi:"s3ObjectAcl"`
}

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput ¶ 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext ¶ 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput ¶ 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext ¶ 

func (i CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationCrlConfigurationInput ¶ 

type CertificateAuthorityRevocationConfigurationCrlConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput
	ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationOutput
}

CertificateAuthorityRevocationConfigurationCrlConfigurationInput is an input type that accepts CertificateAuthorityRevocationConfigurationCrlConfigurationArgs and CertificateAuthorityRevocationConfigurationCrlConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationCrlConfigurationInput` via: 

CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...}

type CertificateAuthorityRevocationConfigurationCrlConfigurationOutput ¶ 

type CertificateAuthorityRevocationConfigurationCrlConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname() pulumi.StringPtrOutput

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled() pulumi.BoolPtrOutput

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays() pulumi.IntPtrOutput

Number of days until a certificate expires. Must be between 1 and 5000.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName() pulumi.StringPtrOutput

Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl() pulumi.StringPtrOutput

Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput ¶ 

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput
	ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput
}

CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput is an input type that accepts CertificateAuthorityRevocationConfigurationCrlConfigurationArgs, CertificateAuthorityRevocationConfigurationCrlConfigurationPtr and CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput` via: 

        CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...}

or:

        nil

func CertificateAuthorityRevocationConfigurationCrlConfigurationPtr ¶ 

func CertificateAuthorityRevocationConfigurationCrlConfigurationPtr(v *CertificateAuthorityRevocationConfigurationCrlConfigurationArgs) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrInput

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput ¶ 

type CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) CustomCname ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) CustomCname() pulumi.StringPtrOutput

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Elem ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Elem() CertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Enabled ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) Enabled() pulumi.BoolPtrOutput

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ExpirationInDays ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ExpirationInDays() pulumi.IntPtrOutput

Number of days until a certificate expires. Must be between 1 and 5000.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3BucketName ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3BucketName() pulumi.StringPtrOutput

Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3ObjectAcl ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) S3ObjectAcl() pulumi.StringPtrOutput

Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationInput ¶ 

type CertificateAuthorityRevocationConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationOutput() CertificateAuthorityRevocationConfigurationOutput
	ToCertificateAuthorityRevocationConfigurationOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationOutput
}

CertificateAuthorityRevocationConfigurationInput is an input type that accepts CertificateAuthorityRevocationConfigurationArgs and CertificateAuthorityRevocationConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationInput` via: 

CertificateAuthorityRevocationConfigurationArgs{...}

type CertificateAuthorityRevocationConfigurationOcspConfiguration ¶ 

type CertificateAuthorityRevocationConfigurationOcspConfiguration struct {
	// Boolean value that specifies whether a custom OCSP responder is enabled.
	Enabled bool `pulumi:"enabled"`
	// CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".
	OcspCustomCname *string `pulumi:"ocspCustomCname"`
}

type CertificateAuthorityRevocationConfigurationOcspConfigurationArgs ¶ 

type CertificateAuthorityRevocationConfigurationOcspConfigurationArgs struct {
	// Boolean value that specifies whether a custom OCSP responder is enabled.
	Enabled pulumi.BoolInput `pulumi:"enabled"`
	// CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".
	OcspCustomCname pulumi.StringPtrInput `pulumi:"ocspCustomCname"`
}

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput ¶ 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext ¶ 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput ¶ 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext ¶ 

func (i CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationOcspConfigurationInput ¶ 

type CertificateAuthorityRevocationConfigurationOcspConfigurationInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput
	ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationOutput
}

CertificateAuthorityRevocationConfigurationOcspConfigurationInput is an input type that accepts CertificateAuthorityRevocationConfigurationOcspConfigurationArgs and CertificateAuthorityRevocationConfigurationOcspConfigurationOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationOcspConfigurationInput` via: 

CertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...}

type CertificateAuthorityRevocationConfigurationOcspConfigurationOutput ¶ 

type CertificateAuthorityRevocationConfigurationOcspConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled() pulumi.BoolOutput

Boolean value that specifies whether a custom OCSP responder is enabled.

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname() pulumi.StringPtrOutput

CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput ¶ 

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput
	ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput
}

CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput is an input type that accepts CertificateAuthorityRevocationConfigurationOcspConfigurationArgs, CertificateAuthorityRevocationConfigurationOcspConfigurationPtr and CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput` via: 

        CertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...}

or:

        nil

func CertificateAuthorityRevocationConfigurationOcspConfigurationPtr ¶ 

func CertificateAuthorityRevocationConfigurationOcspConfigurationPtr(v *CertificateAuthorityRevocationConfigurationOcspConfigurationArgs) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrInput

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput ¶ 

type CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Elem ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Elem() CertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Enabled ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) Enabled() pulumi.BoolPtrOutput

Boolean value that specifies whether a custom OCSP responder is enabled.

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) OcspCustomCname ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) OcspCustomCname() pulumi.StringPtrOutput

CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationOutput ¶ 

type CertificateAuthorityRevocationConfigurationOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationOutput) CrlConfiguration ¶ 

func (o CertificateAuthorityRevocationConfigurationOutput) CrlConfiguration() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.

func (CertificateAuthorityRevocationConfigurationOutput) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationOutput) OcspConfiguration ¶ 

func (o CertificateAuthorityRevocationConfigurationOutput) OcspConfiguration() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

Nested argument containing configuration of the custom OCSP responder endpoint. Defined below.

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutput() CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationPtrOutput

type CertificateAuthorityRevocationConfigurationPtrInput ¶ 

type CertificateAuthorityRevocationConfigurationPtrInput interface {
	pulumi.Input

	ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput
	ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(context.Context) CertificateAuthorityRevocationConfigurationPtrOutput
}

CertificateAuthorityRevocationConfigurationPtrInput is an input type that accepts CertificateAuthorityRevocationConfigurationArgs, CertificateAuthorityRevocationConfigurationPtr and CertificateAuthorityRevocationConfigurationPtrOutput values. You can construct a concrete instance of `CertificateAuthorityRevocationConfigurationPtrInput` via: 

        CertificateAuthorityRevocationConfigurationArgs{...}

or:

        nil

func CertificateAuthorityRevocationConfigurationPtr ¶ 

func CertificateAuthorityRevocationConfigurationPtr(v *CertificateAuthorityRevocationConfigurationArgs) CertificateAuthorityRevocationConfigurationPtrInput

type CertificateAuthorityRevocationConfigurationPtrOutput ¶ 

type CertificateAuthorityRevocationConfigurationPtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityRevocationConfigurationPtrOutput) CrlConfiguration ¶ 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) CrlConfiguration() CertificateAuthorityRevocationConfigurationCrlConfigurationPtrOutput

Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.

func (CertificateAuthorityRevocationConfigurationPtrOutput) Elem ¶ 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) Elem() CertificateAuthorityRevocationConfigurationOutput

func (CertificateAuthorityRevocationConfigurationPtrOutput) ElementType ¶ 

func (CertificateAuthorityRevocationConfigurationPtrOutput) ElementType() reflect.Type

func (CertificateAuthorityRevocationConfigurationPtrOutput) OcspConfiguration ¶ 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) OcspConfiguration() CertificateAuthorityRevocationConfigurationOcspConfigurationPtrOutput

Nested argument containing configuration of the custom OCSP responder endpoint. Defined below.

func (CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput ¶ 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutput() CertificateAuthorityRevocationConfigurationPtrOutput

func (CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext ¶ 

func (o CertificateAuthorityRevocationConfigurationPtrOutput) ToCertificateAuthorityRevocationConfigurationPtrOutputWithContext(ctx context.Context) CertificateAuthorityRevocationConfigurationPtrOutput

type CertificateAuthorityState ¶ 

type CertificateAuthorityState struct {
	// ARN of the certificate authority.
	Arn pulumi.StringPtrInput
	// Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
	Certificate pulumi.StringPtrInput
	// Nested argument containing algorithms and certificate subject information. Defined below.
	CertificateAuthorityConfiguration CertificateAuthorityCertificateAuthorityConfigurationPtrInput
	// Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
	CertificateChain pulumi.StringPtrInput
	// The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
	CertificateSigningRequest pulumi.StringPtrInput
	// Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.
	Enabled pulumi.BoolPtrInput
	// Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).
	KeyStorageSecurityStandard pulumi.StringPtrInput
	// Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotAfter pulumi.StringPtrInput
	// Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotBefore pulumi.StringPtrInput
	// Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.
	PermanentDeletionTimeInDays pulumi.IntPtrInput
	// Nested argument containing revocation configuration. Defined below.
	RevocationConfiguration CertificateAuthorityRevocationConfigurationPtrInput
	// Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
	Serial pulumi.StringPtrInput
	// Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	//
	// Deprecated: Please use `tags` instead.
	TagsAll pulumi.StringMapInput
	// Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.
	Type pulumi.StringPtrInput
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.
	UsageMode pulumi.StringPtrInput
}

func (CertificateAuthorityState) ElementType ¶ 

func (CertificateAuthorityState) ElementType() reflect.Type

type CertificateInput ¶ 

type CertificateInput interface {
	pulumi.Input

	ToCertificateOutput() CertificateOutput
	ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
}

type CertificateMap ¶ 

type CertificateMap map[string]CertificateInput

func (CertificateMap) ElementType ¶ 

func (CertificateMap) ElementType() reflect.Type

func (CertificateMap) ToCertificateMapOutput ¶ 

func (i CertificateMap) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMap) ToCertificateMapOutputWithContext ¶ 

func (i CertificateMap) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateMapInput ¶ 

type CertificateMapInput interface {
	pulumi.Input

	ToCertificateMapOutput() CertificateMapOutput
	ToCertificateMapOutputWithContext(context.Context) CertificateMapOutput
}

CertificateMapInput is an input type that accepts CertificateMap and CertificateMapOutput values. You can construct a concrete instance of `CertificateMapInput` via: 

CertificateMap{ "key": CertificateArgs{...} }

type CertificateMapOutput ¶ 

type CertificateMapOutput struct{ *pulumi.OutputState }

func (CertificateMapOutput) ElementType ¶ 

func (CertificateMapOutput) ElementType() reflect.Type

func (CertificateMapOutput) MapIndex ¶ 

func (o CertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateOutput

func (CertificateMapOutput) ToCertificateMapOutput ¶ 

func (o CertificateMapOutput) ToCertificateMapOutput() CertificateMapOutput

func (CertificateMapOutput) ToCertificateMapOutputWithContext ¶ 

func (o CertificateMapOutput) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput

type CertificateOutput ¶ 

type CertificateOutput struct{ *pulumi.OutputState }

func (CertificateOutput) ApiPassthrough ¶ 

func (o CertificateOutput) ApiPassthrough() pulumi.StringPtrOutput

Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates

func (CertificateOutput) Arn ¶ 

func (o CertificateOutput) Arn() pulumi.StringOutput

ARN of the certificate.

func (CertificateOutput) Certificate ¶ 

func (o CertificateOutput) Certificate() pulumi.StringOutput

PEM-encoded certificate value.

func (CertificateOutput) CertificateAuthorityArn ¶ 

func (o CertificateOutput) CertificateAuthorityArn() pulumi.StringOutput

ARN of the certificate authority.

func (CertificateOutput) CertificateChain ¶ 

func (o CertificateOutput) CertificateChain() pulumi.StringOutput

PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.

func (CertificateOutput) CertificateSigningRequest ¶ 

func (o CertificateOutput) CertificateSigningRequest() pulumi.StringOutput

Certificate Signing Request in PEM format.

func (CertificateOutput) ElementType ¶ 

func (CertificateOutput) ElementType() reflect.Type

func (CertificateOutput) SigningAlgorithm ¶ 

func (o CertificateOutput) SigningAlgorithm() pulumi.StringOutput

Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.

func (CertificateOutput) TemplateArn ¶ 

func (o CertificateOutput) TemplateArn() pulumi.StringPtrOutput

Template to use when issuing a certificate. See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.

func (CertificateOutput) ToCertificateOutput ¶ 

func (o CertificateOutput) ToCertificateOutput() CertificateOutput

func (CertificateOutput) ToCertificateOutputWithContext ¶ 

func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

func (CertificateOutput) Validity ¶ 

func (o CertificateOutput) Validity() CertificateValidityOutput

Configures end of the validity period for the certificate. See validity block below.

type CertificateState ¶ 

type CertificateState struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrInput
	// ARN of the certificate.
	Arn pulumi.StringPtrInput
	// PEM-encoded certificate value.
	Certificate pulumi.StringPtrInput
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringPtrInput
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain pulumi.StringPtrInput
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringPtrInput
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringPtrInput
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrInput
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityPtrInput
}

func (CertificateState) ElementType ¶ 

func (CertificateState) ElementType() reflect.Type

type CertificateValidity ¶ 

type CertificateValidity struct {
	// Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.
	Type string `pulumi:"type"`
	// If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the  date in RFC 3339 format.
	Value string `pulumi:"value"`
}

type CertificateValidityArgs ¶ 

type CertificateValidityArgs struct {
	// Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.
	Type pulumi.StringInput `pulumi:"type"`
	// If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the  date in RFC 3339 format.
	Value pulumi.StringInput `pulumi:"value"`
}

func (CertificateValidityArgs) ElementType ¶ 

func (CertificateValidityArgs) ElementType() reflect.Type

func (CertificateValidityArgs) ToCertificateValidityOutput ¶ 

func (i CertificateValidityArgs) ToCertificateValidityOutput() CertificateValidityOutput

func (CertificateValidityArgs) ToCertificateValidityOutputWithContext ¶ 

func (i CertificateValidityArgs) ToCertificateValidityOutputWithContext(ctx context.Context) CertificateValidityOutput

func (CertificateValidityArgs) ToCertificateValidityPtrOutput ¶ 

func (i CertificateValidityArgs) ToCertificateValidityPtrOutput() CertificateValidityPtrOutput

func (CertificateValidityArgs) ToCertificateValidityPtrOutputWithContext ¶ 

func (i CertificateValidityArgs) ToCertificateValidityPtrOutputWithContext(ctx context.Context) CertificateValidityPtrOutput

type CertificateValidityInput ¶ 

type CertificateValidityInput interface {
	pulumi.Input

	ToCertificateValidityOutput() CertificateValidityOutput
	ToCertificateValidityOutputWithContext(context.Context) CertificateValidityOutput
}

CertificateValidityInput is an input type that accepts CertificateValidityArgs and CertificateValidityOutput values. You can construct a concrete instance of `CertificateValidityInput` via: 

CertificateValidityArgs{...}

type CertificateValidityOutput ¶ 

type CertificateValidityOutput struct{ *pulumi.OutputState }

func (CertificateValidityOutput) ElementType ¶ 

func (CertificateValidityOutput) ElementType() reflect.Type

func (CertificateValidityOutput) ToCertificateValidityOutput ¶ 

func (o CertificateValidityOutput) ToCertificateValidityOutput() CertificateValidityOutput

func (CertificateValidityOutput) ToCertificateValidityOutputWithContext ¶ 

func (o CertificateValidityOutput) ToCertificateValidityOutputWithContext(ctx context.Context) CertificateValidityOutput

func (CertificateValidityOutput) ToCertificateValidityPtrOutput ¶ 

func (o CertificateValidityOutput) ToCertificateValidityPtrOutput() CertificateValidityPtrOutput

func (CertificateValidityOutput) ToCertificateValidityPtrOutputWithContext ¶ 

func (o CertificateValidityOutput) ToCertificateValidityPtrOutputWithContext(ctx context.Context) CertificateValidityPtrOutput

func (CertificateValidityOutput) Type ¶ 

func (o CertificateValidityOutput) Type() pulumi.StringOutput

Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.

func (CertificateValidityOutput) Value ¶ 

func (o CertificateValidityOutput) Value() pulumi.StringOutput

If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the date in RFC 3339 format.

type CertificateValidityPtrInput ¶ 

type CertificateValidityPtrInput interface {
	pulumi.Input

	ToCertificateValidityPtrOutput() CertificateValidityPtrOutput
	ToCertificateValidityPtrOutputWithContext(context.Context) CertificateValidityPtrOutput
}

CertificateValidityPtrInput is an input type that accepts CertificateValidityArgs, CertificateValidityPtr and CertificateValidityPtrOutput values. You can construct a concrete instance of `CertificateValidityPtrInput` via: 

        CertificateValidityArgs{...}

or:

        nil

func CertificateValidityPtr ¶ 

func CertificateValidityPtr(v *CertificateValidityArgs) CertificateValidityPtrInput

type CertificateValidityPtrOutput ¶ 

type CertificateValidityPtrOutput struct{ *pulumi.OutputState }

func (CertificateValidityPtrOutput) Elem ¶ 

func (o CertificateValidityPtrOutput) Elem() CertificateValidityOutput

func (CertificateValidityPtrOutput) ElementType ¶ 

func (CertificateValidityPtrOutput) ElementType() reflect.Type

func (CertificateValidityPtrOutput) ToCertificateValidityPtrOutput ¶ 

func (o CertificateValidityPtrOutput) ToCertificateValidityPtrOutput() CertificateValidityPtrOutput

func (CertificateValidityPtrOutput) ToCertificateValidityPtrOutputWithContext ¶ 

func (o CertificateValidityPtrOutput) ToCertificateValidityPtrOutputWithContext(ctx context.Context) CertificateValidityPtrOutput

func (CertificateValidityPtrOutput) Type ¶ 

func (o CertificateValidityPtrOutput) Type() pulumi.StringPtrOutput

Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.

func (CertificateValidityPtrOutput) Value ¶ 

func (o CertificateValidityPtrOutput) Value() pulumi.StringPtrOutput

If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the date in RFC 3339 format.

type GetCertificateAuthorityRevocationConfiguration ¶ 

type GetCertificateAuthorityRevocationConfiguration struct {
	CrlConfigurations  []GetCertificateAuthorityRevocationConfigurationCrlConfiguration  `pulumi:"crlConfigurations"`
	OcspConfigurations []GetCertificateAuthorityRevocationConfigurationOcspConfiguration `pulumi:"ocspConfigurations"`
}

type GetCertificateAuthorityRevocationConfigurationArgs ¶ 

type GetCertificateAuthorityRevocationConfigurationArgs struct {
	CrlConfigurations  GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput  `pulumi:"crlConfigurations"`
	OcspConfigurations GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput `pulumi:"ocspConfigurations"`
}

func (GetCertificateAuthorityRevocationConfigurationArgs) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationArgs) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutput ¶ 

func (i GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext ¶ 

func (i GetCertificateAuthorityRevocationConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationArray ¶ 

type GetCertificateAuthorityRevocationConfigurationArray []GetCertificateAuthorityRevocationConfigurationInput

func (GetCertificateAuthorityRevocationConfigurationArray) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationArray) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutput ¶ 

func (i GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext ¶ 

func (i GetCertificateAuthorityRevocationConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationArrayInput ¶ 

type GetCertificateAuthorityRevocationConfigurationArrayInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationArrayOutput
	ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationArrayOutput
}

GetCertificateAuthorityRevocationConfigurationArrayInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationArray and GetCertificateAuthorityRevocationConfigurationArrayOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationArrayInput` via: 

GetCertificateAuthorityRevocationConfigurationArray{ GetCertificateAuthorityRevocationConfigurationArgs{...} }

type GetCertificateAuthorityRevocationConfigurationArrayOutput ¶ 

type GetCertificateAuthorityRevocationConfigurationArrayOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) Index ¶ 

func (o GetCertificateAuthorityRevocationConfigurationArrayOutput) Index(i pulumi.IntInput) GetCertificateAuthorityRevocationConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutput ¶ 

func (o GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext ¶ 

func (o GetCertificateAuthorityRevocationConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfiguration ¶ 

type GetCertificateAuthorityRevocationConfigurationCrlConfiguration struct {
	CustomCname      string `pulumi:"customCname"`
	Enabled          bool   `pulumi:"enabled"`
	ExpirationInDays int    `pulumi:"expirationInDays"`
	S3BucketName     string `pulumi:"s3BucketName"`
	S3ObjectAcl      string `pulumi:"s3ObjectAcl"`
}

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs ¶ 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs struct {
	CustomCname      pulumi.StringInput `pulumi:"customCname"`
	Enabled          pulumi.BoolInput   `pulumi:"enabled"`
	ExpirationInDays pulumi.IntInput    `pulumi:"expirationInDays"`
	S3BucketName     pulumi.StringInput `pulumi:"s3BucketName"`
	S3ObjectAcl      pulumi.StringInput `pulumi:"s3ObjectAcl"`
}

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput ¶ 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext ¶ 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray ¶ 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray []GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput ¶ 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext ¶ 

func (i GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput ¶ 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput
	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput
}

GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray and GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayInput` via: 

GetCertificateAuthorityRevocationConfigurationCrlConfigurationArray{ GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...} }

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput ¶ 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) Index ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) Index(i pulumi.IntInput) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput ¶ 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput
	ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput
}

GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs and GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationCrlConfigurationInput` via: 

GetCertificateAuthorityRevocationConfigurationCrlConfigurationArgs{...}

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput ¶ 

type GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) CustomCname() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) Enabled() pulumi.BoolOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ExpirationInDays() pulumi.IntOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3BucketName() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) S3ObjectAcl() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput() GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext ¶ 

func (o GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationCrlConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationCrlConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationInput ¶ 

type GetCertificateAuthorityRevocationConfigurationInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOutput
	ToGetCertificateAuthorityRevocationConfigurationOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationOutput
}

GetCertificateAuthorityRevocationConfigurationInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationArgs and GetCertificateAuthorityRevocationConfigurationOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationInput` via: 

GetCertificateAuthorityRevocationConfigurationArgs{...}

type GetCertificateAuthorityRevocationConfigurationOcspConfiguration ¶ 

type GetCertificateAuthorityRevocationConfigurationOcspConfiguration struct {
	Enabled         bool   `pulumi:"enabled"`
	OcspCustomCname string `pulumi:"ocspCustomCname"`
}

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs ¶ 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs struct {
	Enabled         pulumi.BoolInput   `pulumi:"enabled"`
	OcspCustomCname pulumi.StringInput `pulumi:"ocspCustomCname"`
}

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput ¶ 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext ¶ 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray ¶ 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray []GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput ¶ 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext ¶ 

func (i GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput ¶ 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput
	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput
}

GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray and GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayInput` via: 

GetCertificateAuthorityRevocationConfigurationOcspConfigurationArray{ GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...} }

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput ¶ 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) Index ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) Index(i pulumi.IntInput) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput ¶ 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput interface {
	pulumi.Input

	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput
	ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput
}

GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput is an input type that accepts GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs and GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput values. You can construct a concrete instance of `GetCertificateAuthorityRevocationConfigurationOcspConfigurationInput` via: 

GetCertificateAuthorityRevocationConfigurationOcspConfigurationArgs{...}

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput ¶ 

type GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) Enabled() pulumi.BoolOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) OcspCustomCname() pulumi.StringOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOcspConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOcspConfigurationOutput

type GetCertificateAuthorityRevocationConfigurationOutput ¶ 

type GetCertificateAuthorityRevocationConfigurationOutput struct{ *pulumi.OutputState }

func (GetCertificateAuthorityRevocationConfigurationOutput) CrlConfigurations ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOutput) CrlConfigurations() GetCertificateAuthorityRevocationConfigurationCrlConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationOutput) ElementType ¶ 

func (GetCertificateAuthorityRevocationConfigurationOutput) ElementType() reflect.Type

func (GetCertificateAuthorityRevocationConfigurationOutput) OcspConfigurations ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOutput) OcspConfigurations() GetCertificateAuthorityRevocationConfigurationOcspConfigurationArrayOutput

func (GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutput ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutput() GetCertificateAuthorityRevocationConfigurationOutput

func (GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext ¶ 

func (o GetCertificateAuthorityRevocationConfigurationOutput) ToGetCertificateAuthorityRevocationConfigurationOutputWithContext(ctx context.Context) GetCertificateAuthorityRevocationConfigurationOutput

type LookupCertificateArgs ¶ 

type LookupCertificateArgs struct {
	// ARN of the certificate issued by the private certificate authority.
	Arn string `pulumi:"arn"`
	// ARN of the certificate authority.
	CertificateAuthorityArn string `pulumi:"certificateAuthorityArn"`
}

A collection of arguments for invoking getCertificate.

type LookupCertificateAuthorityArgs ¶ 

type LookupCertificateAuthorityArgs struct {
	// ARN of the certificate authority.
	Arn string `pulumi:"arn"`
	// Key-value map of user-defined tags that are attached to the certificate authority.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getCertificateAuthority.

type LookupCertificateAuthorityOutputArgs ¶ 

type LookupCertificateAuthorityOutputArgs struct {
	// ARN of the certificate authority.
	Arn pulumi.StringInput `pulumi:"arn"`
	// Key-value map of user-defined tags that are attached to the certificate authority.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getCertificateAuthority.

func (LookupCertificateAuthorityOutputArgs) ElementType ¶ 

func (LookupCertificateAuthorityOutputArgs) ElementType() reflect.Type

type LookupCertificateAuthorityResult ¶ 

type LookupCertificateAuthorityResult struct {
	Arn string `pulumi:"arn"`
	// Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
	Certificate string `pulumi:"certificate"`
	// Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
	CertificateChain string `pulumi:"certificateChain"`
	// The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
	CertificateSigningRequest string `pulumi:"certificateSigningRequest"`
	// The provider-assigned unique ID for this managed resource.
	Id                         string `pulumi:"id"`
	KeyStorageSecurityStandard string `pulumi:"keyStorageSecurityStandard"`
	// Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotAfter string `pulumi:"notAfter"`
	// Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
	NotBefore string `pulumi:"notBefore"`
	// Nested attribute containing revocation configuration.
	// * `revocation_configuration.0.crl_configuration` - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
	// * `revocation_configuration.0.crl_configuration.0.custom_cname` - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
	// * `revocation_configuration.0.crl_configuration.0.enabled` - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
	// * `revocation_configuration.0.crl_configuration.0.expiration_in_days` - Number of days until a certificate expires.
	// * `revocation_configuration.0.crl_configuration.0.s3_bucket_name` - Name of the S3 bucket that contains the CRL.
	// * `revocation_configuration.0.crl_configuration.0.s3_object_acl` - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
	// * `revocation_configuration.0.ocsp_configuration.0.enabled` - Boolean value that specifies whether a custom OCSP responder is enabled.
	// * `revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname` - A CNAME specifying a customized OCSP domain.
	RevocationConfigurations []GetCertificateAuthorityRevocationConfiguration `pulumi:"revocationConfigurations"`
	// Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
	Serial string `pulumi:"serial"`
	// Status of the certificate authority.
	Status string `pulumi:"status"`
	// Key-value map of user-defined tags that are attached to the certificate authority.
	Tags map[string]string `pulumi:"tags"`
	// Type of the certificate authority.
	Type string `pulumi:"type"`
	// Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
	UsageMode string `pulumi:"usageMode"`
}

A collection of values returned by getCertificateAuthority.

func LookupCertificateAuthority ¶ 

func LookupCertificateAuthority(ctx *pulumi.Context, args *LookupCertificateAuthorityArgs, opts ...pulumi.InvokeOption) (*LookupCertificateAuthorityResult, error)

Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.LookupCertificateAuthority(ctx, &acmpca.LookupCertificateAuthorityArgs{
			Arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupCertificateAuthorityResultOutput ¶ 

type LookupCertificateAuthorityResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getCertificateAuthority.

func LookupCertificateAuthorityOutput ¶ 

func LookupCertificateAuthorityOutput(ctx *pulumi.Context, args LookupCertificateAuthorityOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) Arn ¶ 

func (o LookupCertificateAuthorityResultOutput) Arn() pulumi.StringOutput

func (LookupCertificateAuthorityResultOutput) Certificate ¶ 

func (o LookupCertificateAuthorityResultOutput) Certificate() pulumi.StringOutput

Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) CertificateChain ¶ 

func (o LookupCertificateAuthorityResultOutput) CertificateChain() pulumi.StringOutput

Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) CertificateSigningRequest ¶ 

func (o LookupCertificateAuthorityResultOutput) CertificateSigningRequest() pulumi.StringOutput

The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

func (LookupCertificateAuthorityResultOutput) ElementType ¶ 

func (LookupCertificateAuthorityResultOutput) ElementType() reflect.Type

func (LookupCertificateAuthorityResultOutput) Id ¶ 

func (o LookupCertificateAuthorityResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupCertificateAuthorityResultOutput) KeyStorageSecurityStandard ¶ 

func (o LookupCertificateAuthorityResultOutput) KeyStorageSecurityStandard() pulumi.StringOutput

func (LookupCertificateAuthorityResultOutput) NotAfter ¶ 

func (o LookupCertificateAuthorityResultOutput) NotAfter() pulumi.StringOutput

Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) NotBefore ¶ 

func (o LookupCertificateAuthorityResultOutput) NotBefore() pulumi.StringOutput

Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) RevocationConfigurations ¶ 

func (o LookupCertificateAuthorityResultOutput) RevocationConfigurations() GetCertificateAuthorityRevocationConfigurationArrayOutput

Nested attribute containing revocation configuration. * `revocation_configuration.0.crl_configuration` - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * `revocation_configuration.0.crl_configuration.0.custom_cname` - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * `revocation_configuration.0.crl_configuration.0.enabled` - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * `revocation_configuration.0.crl_configuration.0.expiration_in_days` - Number of days until a certificate expires. * `revocation_configuration.0.crl_configuration.0.s3_bucket_name` - Name of the S3 bucket that contains the CRL. * `revocation_configuration.0.crl_configuration.0.s3_object_acl` - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket. * `revocation_configuration.0.ocsp_configuration.0.enabled` - Boolean value that specifies whether a custom OCSP responder is enabled. * `revocation_configuration.0.ocsp_configuration.0.ocsp_custom_cname` - A CNAME specifying a customized OCSP domain.

func (LookupCertificateAuthorityResultOutput) Serial ¶ 

func (o LookupCertificateAuthorityResultOutput) Serial() pulumi.StringOutput

Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.

func (LookupCertificateAuthorityResultOutput) Status ¶ 

func (o LookupCertificateAuthorityResultOutput) Status() pulumi.StringOutput

Status of the certificate authority.

func (LookupCertificateAuthorityResultOutput) Tags ¶ 

func (o LookupCertificateAuthorityResultOutput) Tags() pulumi.StringMapOutput

Key-value map of user-defined tags that are attached to the certificate authority.

func (LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutput ¶ 

func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutput() LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutputWithContext ¶ 

func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutputWithContext(ctx context.Context) LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) Type ¶ 

func (o LookupCertificateAuthorityResultOutput) Type() pulumi.StringOutput

Type of the certificate authority.

func (LookupCertificateAuthorityResultOutput) UsageMode ¶ 

func (o LookupCertificateAuthorityResultOutput) UsageMode() pulumi.StringOutput

Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.

type LookupCertificateOutputArgs ¶ 

type LookupCertificateOutputArgs struct {
	// ARN of the certificate issued by the private certificate authority.
	Arn pulumi.StringInput `pulumi:"arn"`
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringInput `pulumi:"certificateAuthorityArn"`
}

A collection of arguments for invoking getCertificate.

func (LookupCertificateOutputArgs) ElementType ¶ 

func (LookupCertificateOutputArgs) ElementType() reflect.Type

type LookupCertificateResult ¶ 

type LookupCertificateResult struct {
	Arn string `pulumi:"arn"`
	// PEM-encoded certificate value.
	Certificate             string `pulumi:"certificate"`
	CertificateAuthorityArn string `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain string `pulumi:"certificateChain"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
}

A collection of values returned by getCertificate.

func LookupCertificate ¶ 

func LookupCertificate(ctx *pulumi.Context, args *LookupCertificateArgs, opts ...pulumi.InvokeOption) (*LookupCertificateResult, error)

Get information on a Certificate issued by a AWS Certificate Manager Private Certificate Authority.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := acmpca.LookupCertificate(ctx, &acmpca.LookupCertificateArgs{
			Arn:                     "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23",
			CertificateAuthorityArn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupCertificateResultOutput ¶ 

type LookupCertificateResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getCertificate.

func LookupCertificateOutput ¶ 

func LookupCertificateOutput(ctx *pulumi.Context, args LookupCertificateOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateResultOutput

func (LookupCertificateResultOutput) Arn ¶ 

func (o LookupCertificateResultOutput) Arn() pulumi.StringOutput

func (LookupCertificateResultOutput) Certificate ¶ 

func (o LookupCertificateResultOutput) Certificate() pulumi.StringOutput

PEM-encoded certificate value.

func (LookupCertificateResultOutput) CertificateAuthorityArn ¶ 

func (o LookupCertificateResultOutput) CertificateAuthorityArn() pulumi.StringOutput

func (LookupCertificateResultOutput) CertificateChain ¶ 

func (o LookupCertificateResultOutput) CertificateChain() pulumi.StringOutput

PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.

func (LookupCertificateResultOutput) ElementType ¶ 

func (LookupCertificateResultOutput) ElementType() reflect.Type

func (LookupCertificateResultOutput) Id ¶ 

func (o LookupCertificateResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupCertificateResultOutput) ToLookupCertificateResultOutput ¶ 

func (o LookupCertificateResultOutput) ToLookupCertificateResultOutput() LookupCertificateResultOutput

func (LookupCertificateResultOutput) ToLookupCertificateResultOutputWithContext ¶ 

func (o LookupCertificateResultOutput) ToLookupCertificateResultOutputWithContext(ctx context.Context) LookupCertificateResultOutput

type Permission ¶ 

type Permission struct {
	pulumi.CustomResourceState

	// Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.
	Actions pulumi.StringArrayOutput `pulumi:"actions"`
	// ARN of the CA that grants the permissions.
	CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"`
	// IAM policy that is associated with the permission.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.
	Principal pulumi.StringOutput `pulumi:"principal"`
	// ID of the calling account
	SourceAccount pulumi.StringOutput `pulumi:"sourceAccount"`
}

Provides a resource to manage an AWS Certificate Manager Private Certificate Authorities Permission. Currently, this is only required in order to allow the ACM service to automatically renew certificates issued by a PCA.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "exampleCertificateAuthority", &acmpca.CertificateAuthorityArgs{
			CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
				KeyAlgorithm:     pulumi.String("RSA_4096"),
				SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
				Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
					CommonName: pulumi.String("example.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = acmpca.NewPermission(ctx, "examplePermission", &acmpca.PermissionArgs{
			CertificateAuthorityArn: exampleCertificateAuthority.Arn,
			Actions: pulumi.StringArray{
				pulumi.String("IssueCertificate"),
				pulumi.String("GetCertificate"),
				pulumi.String("ListPermissions"),
			},
			Principal: pulumi.String("acm.amazonaws.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetPermission ¶ 

func GetPermission(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PermissionState, opts ...pulumi.ResourceOption) (*Permission, error)

GetPermission gets an existing Permission resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPermission ¶ 

func NewPermission(ctx *pulumi.Context,
	name string, args *PermissionArgs, opts ...pulumi.ResourceOption) (*Permission, error)

NewPermission registers a new resource with the given unique name, arguments, and options.

func (*Permission) ElementType ¶ 

func (*Permission) ElementType() reflect.Type

func (*Permission) ToPermissionOutput ¶ 

func (i *Permission) ToPermissionOutput() PermissionOutput

func (*Permission) ToPermissionOutputWithContext ¶ 

func (i *Permission) ToPermissionOutputWithContext(ctx context.Context) PermissionOutput

type PermissionArgs ¶ 

type PermissionArgs struct {
	// Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.
	Actions pulumi.StringArrayInput
	// ARN of the CA that grants the permissions.
	CertificateAuthorityArn pulumi.StringInput
	// AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.
	Principal pulumi.StringInput
	// ID of the calling account
	SourceAccount pulumi.StringPtrInput
}

The set of arguments for constructing a Permission resource.

func (PermissionArgs) ElementType ¶ 

func (PermissionArgs) ElementType() reflect.Type

type PermissionArray ¶ 

type PermissionArray []PermissionInput

func (PermissionArray) ElementType ¶ 

func (PermissionArray) ElementType() reflect.Type

func (PermissionArray) ToPermissionArrayOutput ¶ 

func (i PermissionArray) ToPermissionArrayOutput() PermissionArrayOutput

func (PermissionArray) ToPermissionArrayOutputWithContext ¶ 

func (i PermissionArray) ToPermissionArrayOutputWithContext(ctx context.Context) PermissionArrayOutput

type PermissionArrayInput ¶ 

type PermissionArrayInput interface {
	pulumi.Input

	ToPermissionArrayOutput() PermissionArrayOutput
	ToPermissionArrayOutputWithContext(context.Context) PermissionArrayOutput
}

PermissionArrayInput is an input type that accepts PermissionArray and PermissionArrayOutput values. You can construct a concrete instance of `PermissionArrayInput` via: 

PermissionArray{ PermissionArgs{...} }

type PermissionArrayOutput ¶ 

type PermissionArrayOutput struct{ *pulumi.OutputState }

func (PermissionArrayOutput) ElementType ¶ 

func (PermissionArrayOutput) ElementType() reflect.Type

func (PermissionArrayOutput) Index ¶ 

func (o PermissionArrayOutput) Index(i pulumi.IntInput) PermissionOutput

func (PermissionArrayOutput) ToPermissionArrayOutput ¶ 

func (o PermissionArrayOutput) ToPermissionArrayOutput() PermissionArrayOutput

func (PermissionArrayOutput) ToPermissionArrayOutputWithContext ¶ 

func (o PermissionArrayOutput) ToPermissionArrayOutputWithContext(ctx context.Context) PermissionArrayOutput

type PermissionInput ¶ 

type PermissionInput interface {
	pulumi.Input

	ToPermissionOutput() PermissionOutput
	ToPermissionOutputWithContext(ctx context.Context) PermissionOutput
}

type PermissionMap ¶ 

type PermissionMap map[string]PermissionInput

func (PermissionMap) ElementType ¶ 

func (PermissionMap) ElementType() reflect.Type

func (PermissionMap) ToPermissionMapOutput ¶ 

func (i PermissionMap) ToPermissionMapOutput() PermissionMapOutput

func (PermissionMap) ToPermissionMapOutputWithContext ¶ 

func (i PermissionMap) ToPermissionMapOutputWithContext(ctx context.Context) PermissionMapOutput

type PermissionMapInput ¶ 

type PermissionMapInput interface {
	pulumi.Input

	ToPermissionMapOutput() PermissionMapOutput
	ToPermissionMapOutputWithContext(context.Context) PermissionMapOutput
}

PermissionMapInput is an input type that accepts PermissionMap and PermissionMapOutput values. You can construct a concrete instance of `PermissionMapInput` via: 

PermissionMap{ "key": PermissionArgs{...} }

type PermissionMapOutput ¶ 

type PermissionMapOutput struct{ *pulumi.OutputState }

func (PermissionMapOutput) ElementType ¶ 

func (PermissionMapOutput) ElementType() reflect.Type

func (PermissionMapOutput) MapIndex ¶ 

func (o PermissionMapOutput) MapIndex(k pulumi.StringInput) PermissionOutput

func (PermissionMapOutput) ToPermissionMapOutput ¶ 

func (o PermissionMapOutput) ToPermissionMapOutput() PermissionMapOutput

func (PermissionMapOutput) ToPermissionMapOutputWithContext ¶ 

func (o PermissionMapOutput) ToPermissionMapOutputWithContext(ctx context.Context) PermissionMapOutput

type PermissionOutput ¶ 

type PermissionOutput struct{ *pulumi.OutputState }

func (PermissionOutput) Actions ¶ 

func (o PermissionOutput) Actions() pulumi.StringArrayOutput

Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.

func (PermissionOutput) CertificateAuthorityArn ¶ 

func (o PermissionOutput) CertificateAuthorityArn() pulumi.StringOutput

ARN of the CA that grants the permissions.

func (PermissionOutput) ElementType ¶ 

func (PermissionOutput) ElementType() reflect.Type

func (PermissionOutput) Policy ¶ 

func (o PermissionOutput) Policy() pulumi.StringOutput

IAM policy that is associated with the permission.

func (PermissionOutput) Principal ¶ 

func (o PermissionOutput) Principal() pulumi.StringOutput

AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.

func (PermissionOutput) SourceAccount ¶ 

func (o PermissionOutput) SourceAccount() pulumi.StringOutput

ID of the calling account

func (PermissionOutput) ToPermissionOutput ¶ 

func (o PermissionOutput) ToPermissionOutput() PermissionOutput

func (PermissionOutput) ToPermissionOutputWithContext ¶ 

func (o PermissionOutput) ToPermissionOutputWithContext(ctx context.Context) PermissionOutput

type PermissionState ¶ 

type PermissionState struct {
	// Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.
	Actions pulumi.StringArrayInput
	// ARN of the CA that grants the permissions.
	CertificateAuthorityArn pulumi.StringPtrInput
	// IAM policy that is associated with the permission.
	Policy pulumi.StringPtrInput
	// AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.
	Principal pulumi.StringPtrInput
	// ID of the calling account
	SourceAccount pulumi.StringPtrInput
}

func (PermissionState) ElementType ¶ 

func (PermissionState) ElementType() reflect.Type

type Policy ¶ 

type Policy struct {
	pulumi.CustomResourceState

	// JSON-formatted IAM policy to attach to the specified private CA resource.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// ARN of the private CA to associate with the policy.
	ResourceArn pulumi.StringOutput `pulumi:"resourceArn"`
}

Attaches a resource based policy to a private CA.

## Example Usage ### Basic

```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) func main() { pulumi.Run(func(ctx *pulumi.Context) error { examplePolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("1"), Effect: pulumi.StringRef("Allow"), Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "AWS", Identifiers: interface{}{ data.Aws_caller_identity.Current.Account_id, }, }, }, Actions: []string{ "acm-pca:DescribeCertificateAuthority", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:ListPermissions", "acm-pca:ListTags", }, Resources: interface{}{ aws_acmpca_certificate_authority.Example.Arn, }, }, { Sid: pulumi.StringRef("2"), Effect: pulumi.StringRef(Allow), Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "AWS", Identifiers: interface{}{ data.Aws_caller_identity.Current.Account_id, }, }, }, Actions: []string{ "acm-pca:IssueCertificate", }, Resources: interface{}{ aws_acmpca_certificate_authority.Example.Arn, }, Conditions: []iam.GetPolicyDocumentStatementCondition{ { Test: "StringEquals", Variable: "acm-pca:TemplateArn", Values: []string{ "arn:aws:acm-pca:::template/EndEntityCertificate/V1", }, }, }, }, }, }, nil); if err != nil { return err } _, err = acmpca.NewPolicy(ctx, "examplePolicy", &acmpca.PolicyArgs{ ResourceArn: pulumi.Any(aws_acmpca_certificate_authority.Example.Arn), Policy: *pulumi.String(examplePolicyDocument.Json), }) if err != nil { return err } return nil }) } ```

## Import

Using `pulumi import`, import `aws_acmpca_policy` using the `resource_arn` value. For example:

```sh 

$ pulumi import aws:acmpca/policy:Policy example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012

```

func GetPolicy ¶ 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy ¶ 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType ¶ 

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput ¶ 

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext ¶ 

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs ¶ 

type PolicyArgs struct {
	// JSON-formatted IAM policy to attach to the specified private CA resource.
	Policy pulumi.StringInput
	// ARN of the private CA to associate with the policy.
	ResourceArn pulumi.StringInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType ¶ 

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray ¶ 

type PolicyArray []PolicyInput

func (PolicyArray) ElementType ¶ 

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput ¶ 

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext ¶ 

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput ¶ 

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via: 

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput ¶ 

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType ¶ 

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index ¶ 

func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput

func (PolicyArrayOutput) ToPolicyArrayOutput ¶ 

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext ¶ 

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyInput ¶ 

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap ¶ 

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType ¶ 

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput ¶ 

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext ¶ 

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput ¶ 

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via: 

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput ¶ 

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType ¶ 

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex ¶ 

func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput

func (PolicyMapOutput) ToPolicyMapOutput ¶ 

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext ¶ 

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput ¶ 

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) ElementType ¶ 

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) Policy ¶ 

func (o PolicyOutput) Policy() pulumi.StringOutput

JSON-formatted IAM policy to attach to the specified private CA resource.

func (PolicyOutput) ResourceArn ¶ 

func (o PolicyOutput) ResourceArn() pulumi.StringOutput

ARN of the private CA to associate with the policy.

func (PolicyOutput) ToPolicyOutput ¶ 

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext ¶ 

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyState ¶ 

type PolicyState struct {
	// JSON-formatted IAM policy to attach to the specified private CA resource.
	Policy pulumi.StringPtrInput
	// ARN of the private CA to associate with the policy.
	ResourceArn pulumi.StringPtrInput
}

func (PolicyState) ElementType ¶ 

func (PolicyState) ElementType() reflect.Type

Source Files ¶

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.