acm

package
v1.27.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 13, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

nolint: lll

nolint: lll

nolint: lll

nolint: lll

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Certificate 

type Certificate struct {
	pulumi.CustomResourceState

	// The ARN of the certificate
	Arn pulumi.StringOutput `pulumi:"arn"`
	// ARN of an ACMPCA
	CertificateAuthorityArn pulumi.StringPtrOutput `pulumi:"certificateAuthorityArn"`
	// The certificate's PEM-formatted public key
	CertificateBody pulumi.StringPtrOutput `pulumi:"certificateBody"`
	// The certificate's PEM-formatted chain
	// * Creating a private CA issued certificate
	CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"`
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringOutput `pulumi:"domainName"`
	// A list of attributes to feed into other resources to complete certificate validation. Can have more than one element, e.g. if SANs are defined. Only set if `DNS`-validation was used.
	DomainValidationOptions CertificateDomainValidationOptionArrayOutput `pulumi:"domainValidationOptions"`
	Options                 CertificateOptionsPtrOutput                  `pulumi:"options"`
	// The certificate's PEM-formatted private key
	PrivateKey pulumi.StringPtrOutput `pulumi:"privateKey"`
	// A list of domains that should be SANs in the issued certificate
	SubjectAlternativeNames pulumi.StringArrayOutput `pulumi:"subjectAlternativeNames"`
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapOutput `pulumi:"tags"`
	// A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used.
	ValidationEmails pulumi.StringArrayOutput `pulumi:"validationEmails"`
	// Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into state managed by this provider.
	// * Importing an existing certificate
	ValidationMethod pulumi.StringOutput `pulumi:"validationMethod"`
}

The ACM certificate resource allows requesting and management of certificates from the Amazon Certificate Manager.

It deals with requesting certificates and managing their attributes and life-cycle. This resource does not deal with validation of a certificate but can provide inputs for other resources implementing the validation. It does not wait for a certificate to be issued. Use a `acm.CertificateValidation` resource for this.

Most commonly, this resource is used to together with `route53.Record` and `acm.CertificateValidation` to request a DNS validated certificate, deploy the required validation records and wait for validation to complete.

Domain validation through E-Mail is also supported but should be avoided as it requires a manual step outside of this provider.

It's recommended to specify `createBeforeDestroy = true` in a [lifecycle][1] block to replace a certificate which is currently in use (eg, by `lb.Listener`).

## options Configuration Block

Supported nested arguments for the `options` configuration block:

* `certificateTransparencyLoggingPreference` - (Optional) Specifies whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/acm_certificate.html.markdown.

func GetCertificate 

func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error)

GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificate 

func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error)

NewCertificate registers a new resource with the given unique name, arguments, and options.

type CertificateArgs 

type CertificateArgs struct {
	// ARN of an ACMPCA
	CertificateAuthorityArn pulumi.StringPtrInput
	// The certificate's PEM-formatted public key
	CertificateBody pulumi.StringPtrInput
	// The certificate's PEM-formatted chain
	// * Creating a private CA issued certificate
	CertificateChain pulumi.StringPtrInput
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringPtrInput
	Options    CertificateOptionsPtrInput
	// The certificate's PEM-formatted private key
	PrivateKey pulumi.StringPtrInput
	// A list of domains that should be SANs in the issued certificate
	SubjectAlternativeNames pulumi.StringArrayInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
	// Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into state managed by this provider.
	// * Importing an existing certificate
	ValidationMethod pulumi.StringPtrInput
}

The set of arguments for constructing a Certificate resource.

func (CertificateArgs) ElementType added in v1.19.0 

func (CertificateArgs) ElementType() reflect.Type

type CertificateDomainValidationOption added in v1.19.0 

type CertificateDomainValidationOption struct {
	// A domain name for which the certificate should be issued
	DomainName *string `pulumi:"domainName"`
	// The name of the DNS record to create to validate the certificate
	ResourceRecordName *string `pulumi:"resourceRecordName"`
	// The type of DNS record to create
	ResourceRecordType *string `pulumi:"resourceRecordType"`
	// The value the DNS record needs to have
	ResourceRecordValue *string `pulumi:"resourceRecordValue"`
}

type CertificateDomainValidationOptionArgs added in v1.19.0 

type CertificateDomainValidationOptionArgs struct {
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringPtrInput `pulumi:"domainName"`
	// The name of the DNS record to create to validate the certificate
	ResourceRecordName pulumi.StringPtrInput `pulumi:"resourceRecordName"`
	// The type of DNS record to create
	ResourceRecordType pulumi.StringPtrInput `pulumi:"resourceRecordType"`
	// The value the DNS record needs to have
	ResourceRecordValue pulumi.StringPtrInput `pulumi:"resourceRecordValue"`
}

func (CertificateDomainValidationOptionArgs) ElementType added in v1.19.0 

func (CertificateDomainValidationOptionArgs) ElementType() reflect.Type

func (CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutput added in v1.19.0 

func (i CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutput() CertificateDomainValidationOptionOutput

func (CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutputWithContext added in v1.19.0 

func (i CertificateDomainValidationOptionArgs) ToCertificateDomainValidationOptionOutputWithContext(ctx context.Context) CertificateDomainValidationOptionOutput

type CertificateDomainValidationOptionArray added in v1.19.0 

type CertificateDomainValidationOptionArray []CertificateDomainValidationOptionInput

func (CertificateDomainValidationOptionArray) ElementType added in v1.19.0 

func (CertificateDomainValidationOptionArray) ElementType() reflect.Type

func (CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutput added in v1.19.0 

func (i CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutput() CertificateDomainValidationOptionArrayOutput

func (CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutputWithContext added in v1.19.0 

func (i CertificateDomainValidationOptionArray) ToCertificateDomainValidationOptionArrayOutputWithContext(ctx context.Context) CertificateDomainValidationOptionArrayOutput

type CertificateDomainValidationOptionArrayInput added in v1.19.0 

type CertificateDomainValidationOptionArrayInput interface {
	pulumi.Input

	ToCertificateDomainValidationOptionArrayOutput() CertificateDomainValidationOptionArrayOutput
	ToCertificateDomainValidationOptionArrayOutputWithContext(context.Context) CertificateDomainValidationOptionArrayOutput
}

type CertificateDomainValidationOptionArrayOutput added in v1.19.0 

type CertificateDomainValidationOptionArrayOutput struct{ *pulumi.OutputState }

func (CertificateDomainValidationOptionArrayOutput) ElementType added in v1.19.0 

func (CertificateDomainValidationOptionArrayOutput) ElementType() reflect.Type

func (CertificateDomainValidationOptionArrayOutput) Index added in v1.19.0 

func (o CertificateDomainValidationOptionArrayOutput) Index(i pulumi.IntInput) CertificateDomainValidationOptionOutput

func (CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutput added in v1.19.0 

func (o CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutput() CertificateDomainValidationOptionArrayOutput

func (CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutputWithContext added in v1.19.0 

func (o CertificateDomainValidationOptionArrayOutput) ToCertificateDomainValidationOptionArrayOutputWithContext(ctx context.Context) CertificateDomainValidationOptionArrayOutput

type CertificateDomainValidationOptionInput added in v1.19.0 

type CertificateDomainValidationOptionInput interface {
	pulumi.Input

	ToCertificateDomainValidationOptionOutput() CertificateDomainValidationOptionOutput
	ToCertificateDomainValidationOptionOutputWithContext(context.Context) CertificateDomainValidationOptionOutput
}

type CertificateDomainValidationOptionOutput added in v1.19.0 

type CertificateDomainValidationOptionOutput struct{ *pulumi.OutputState }

func (CertificateDomainValidationOptionOutput) DomainName added in v1.19.0 

func (o CertificateDomainValidationOptionOutput) DomainName() pulumi.StringPtrOutput

A domain name for which the certificate should be issued

func (CertificateDomainValidationOptionOutput) ElementType added in v1.19.0 

func (CertificateDomainValidationOptionOutput) ElementType() reflect.Type

func (CertificateDomainValidationOptionOutput) ResourceRecordName added in v1.19.0 

func (o CertificateDomainValidationOptionOutput) ResourceRecordName() pulumi.StringPtrOutput

The name of the DNS record to create to validate the certificate

func (CertificateDomainValidationOptionOutput) ResourceRecordType added in v1.19.0 

func (o CertificateDomainValidationOptionOutput) ResourceRecordType() pulumi.StringPtrOutput

The type of DNS record to create

func (CertificateDomainValidationOptionOutput) ResourceRecordValue added in v1.19.0 

func (o CertificateDomainValidationOptionOutput) ResourceRecordValue() pulumi.StringPtrOutput

The value the DNS record needs to have

func (CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutput added in v1.19.0 

func (o CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutput() CertificateDomainValidationOptionOutput

func (CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutputWithContext added in v1.19.0 

func (o CertificateDomainValidationOptionOutput) ToCertificateDomainValidationOptionOutputWithContext(ctx context.Context) CertificateDomainValidationOptionOutput

type CertificateOptions added in v1.19.0 

type CertificateOptions struct {
	CertificateTransparencyLoggingPreference *string `pulumi:"certificateTransparencyLoggingPreference"`
}

type CertificateOptionsArgs added in v1.19.0 

type CertificateOptionsArgs struct {
	CertificateTransparencyLoggingPreference pulumi.StringPtrInput `pulumi:"certificateTransparencyLoggingPreference"`
}

func (CertificateOptionsArgs) ElementType added in v1.19.0 

func (CertificateOptionsArgs) ElementType() reflect.Type

func (CertificateOptionsArgs) ToCertificateOptionsOutput added in v1.19.0 

func (i CertificateOptionsArgs) ToCertificateOptionsOutput() CertificateOptionsOutput

func (CertificateOptionsArgs) ToCertificateOptionsOutputWithContext added in v1.19.0 

func (i CertificateOptionsArgs) ToCertificateOptionsOutputWithContext(ctx context.Context) CertificateOptionsOutput

func (CertificateOptionsArgs) ToCertificateOptionsPtrOutput added in v1.19.0 

func (i CertificateOptionsArgs) ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput

func (CertificateOptionsArgs) ToCertificateOptionsPtrOutputWithContext added in v1.19.0 

func (i CertificateOptionsArgs) ToCertificateOptionsPtrOutputWithContext(ctx context.Context) CertificateOptionsPtrOutput

type CertificateOptionsInput added in v1.19.0 

type CertificateOptionsInput interface {
	pulumi.Input

	ToCertificateOptionsOutput() CertificateOptionsOutput
	ToCertificateOptionsOutputWithContext(context.Context) CertificateOptionsOutput
}

type CertificateOptionsOutput added in v1.19.0 

type CertificateOptionsOutput struct{ *pulumi.OutputState }

func (CertificateOptionsOutput) CertificateTransparencyLoggingPreference added in v1.19.0 

func (o CertificateOptionsOutput) CertificateTransparencyLoggingPreference() pulumi.StringPtrOutput

func (CertificateOptionsOutput) ElementType added in v1.19.0 

func (CertificateOptionsOutput) ElementType() reflect.Type

func (CertificateOptionsOutput) ToCertificateOptionsOutput added in v1.19.0 

func (o CertificateOptionsOutput) ToCertificateOptionsOutput() CertificateOptionsOutput

func (CertificateOptionsOutput) ToCertificateOptionsOutputWithContext added in v1.19.0 

func (o CertificateOptionsOutput) ToCertificateOptionsOutputWithContext(ctx context.Context) CertificateOptionsOutput

func (CertificateOptionsOutput) ToCertificateOptionsPtrOutput added in v1.19.0 

func (o CertificateOptionsOutput) ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput

func (CertificateOptionsOutput) ToCertificateOptionsPtrOutputWithContext added in v1.19.0 

func (o CertificateOptionsOutput) ToCertificateOptionsPtrOutputWithContext(ctx context.Context) CertificateOptionsPtrOutput

type CertificateOptionsPtrInput added in v1.19.0 

type CertificateOptionsPtrInput interface {
	pulumi.Input

	ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput
	ToCertificateOptionsPtrOutputWithContext(context.Context) CertificateOptionsPtrOutput
}

func CertificateOptionsPtr added in v1.19.0 

func CertificateOptionsPtr(v *CertificateOptionsArgs) CertificateOptionsPtrInput

type CertificateOptionsPtrOutput added in v1.19.0 

type CertificateOptionsPtrOutput struct{ *pulumi.OutputState }

func (CertificateOptionsPtrOutput) CertificateTransparencyLoggingPreference added in v1.19.0 

func (o CertificateOptionsPtrOutput) CertificateTransparencyLoggingPreference() pulumi.StringPtrOutput

func (CertificateOptionsPtrOutput) Elem added in v1.19.0 

func (o CertificateOptionsPtrOutput) Elem() CertificateOptionsOutput

func (CertificateOptionsPtrOutput) ElementType added in v1.19.0 

func (CertificateOptionsPtrOutput) ElementType() reflect.Type

func (CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutput added in v1.19.0 

func (o CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutput() CertificateOptionsPtrOutput

func (CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutputWithContext added in v1.19.0 

func (o CertificateOptionsPtrOutput) ToCertificateOptionsPtrOutputWithContext(ctx context.Context) CertificateOptionsPtrOutput

type CertificateState 

type CertificateState struct {
	// The ARN of the certificate
	Arn pulumi.StringPtrInput
	// ARN of an ACMPCA
	CertificateAuthorityArn pulumi.StringPtrInput
	// The certificate's PEM-formatted public key
	CertificateBody pulumi.StringPtrInput
	// The certificate's PEM-formatted chain
	// * Creating a private CA issued certificate
	CertificateChain pulumi.StringPtrInput
	// A domain name for which the certificate should be issued
	DomainName pulumi.StringPtrInput
	// A list of attributes to feed into other resources to complete certificate validation. Can have more than one element, e.g. if SANs are defined. Only set if `DNS`-validation was used.
	DomainValidationOptions CertificateDomainValidationOptionArrayInput
	Options                 CertificateOptionsPtrInput
	// The certificate's PEM-formatted private key
	PrivateKey pulumi.StringPtrInput
	// A list of domains that should be SANs in the issued certificate
	SubjectAlternativeNames pulumi.StringArrayInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
	// A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used.
	ValidationEmails pulumi.StringArrayInput
	// Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into state managed by this provider.
	// * Importing an existing certificate
	ValidationMethod pulumi.StringPtrInput
}

func (CertificateState) ElementType added in v1.19.0 

func (CertificateState) ElementType() reflect.Type

type CertificateValidation 

type CertificateValidation struct {
	pulumi.CustomResourceState

	// The ARN of the certificate that is being validated.
	CertificateArn pulumi.StringOutput `pulumi:"certificateArn"`
	// List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation
	ValidationRecordFqdns pulumi.StringArrayOutput `pulumi:"validationRecordFqdns"`
}

This resource represents a successful validation of an ACM certificate in concert with other resources.

Most commonly, this resource is used together with `route53.Record` and `acm.Certificate` to request a DNS validated certificate, deploy the required validation records and wait for validation to complete.

> **WARNING:** This resource implements a part of the validation workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/acm_certificate_validation.html.markdown.

func GetCertificateValidation 

func GetCertificateValidation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateValidationState, opts ...pulumi.ResourceOption) (*CertificateValidation, error)

GetCertificateValidation gets an existing CertificateValidation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateValidation 

func NewCertificateValidation(ctx *pulumi.Context,
	name string, args *CertificateValidationArgs, opts ...pulumi.ResourceOption) (*CertificateValidation, error)

NewCertificateValidation registers a new resource with the given unique name, arguments, and options.

type CertificateValidationArgs 

type CertificateValidationArgs struct {
	// The ARN of the certificate that is being validated.
	CertificateArn pulumi.StringInput
	// List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation
	ValidationRecordFqdns pulumi.StringArrayInput
}

The set of arguments for constructing a CertificateValidation resource.

func (CertificateValidationArgs) ElementType added in v1.19.0 

func (CertificateValidationArgs) ElementType() reflect.Type

type CertificateValidationState 

type CertificateValidationState struct {
	// The ARN of the certificate that is being validated.
	CertificateArn pulumi.StringPtrInput
	// List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation
	ValidationRecordFqdns pulumi.StringArrayInput
}

func (CertificateValidationState) ElementType added in v1.19.0 

func (CertificateValidationState) ElementType() reflect.Type

type LookupCertificateArgs added in v1.19.0 

type LookupCertificateArgs struct {
	// The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.
	Domain string `pulumi:"domain"`
	// A list of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. Valid values are `RSA_1024`, `RSA_2048`, `RSA_4096`, `EC_prime256v1`, `EC_secp384r1`, and `EC_secp521r1`.
	KeyTypes []string `pulumi:"keyTypes"`
	// If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.
	MostRecent *bool `pulumi:"mostRecent"`
	// A list of statuses on which to filter the returned list. Valid values are `PENDING_VALIDATION`, `ISSUED`,
	// `INACTIVE`, `EXPIRED`, `VALIDATION_TIMED_OUT`, `REVOKED` and `FAILED`. If no value is specified, only certificates in the `ISSUED` state
	// are returned.
	Statuses []string `pulumi:"statuses"`
	// A list of types on which to filter the returned list. Valid values are `AMAZON_ISSUED` and `IMPORTED`.
	Types []string `pulumi:"types"`
}

A collection of arguments for invoking getCertificate.

type LookupCertificateResult added in v1.19.0 

type LookupCertificateResult struct {
	// Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.
	Arn    string `pulumi:"arn"`
	Domain string `pulumi:"domain"`
	// id is the provider-assigned unique ID for this managed resource.
	Id         string   `pulumi:"id"`
	KeyTypes   []string `pulumi:"keyTypes"`
	MostRecent *bool    `pulumi:"mostRecent"`
	Statuses   []string `pulumi:"statuses"`
	Types      []string `pulumi:"types"`
}

A collection of values returned by getCertificate.

func LookupCertificate 

func LookupCertificate(ctx *pulumi.Context, args *LookupCertificateArgs, opts ...pulumi.InvokeOption) (*LookupCertificateResult, error)

Use this data source to get the ARN of a certificate in AWS Certificate Manager (ACM), you can reference it by domain without having to hard code the ARNs as input.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/acm_certificate.html.markdown.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.