github.com/erriapo/terraform@v0.6.12-0.20160203182612-0340ea72354f/website/source/docs/providers/aws/r/iam_server_certificate.html.markdown (about) 1 --- 2 layout: "aws" 3 page_title: "AWS: aws_iam_server_certificate" 4 sidebar_current: "docs-aws-resource-iam-server-certificate" 5 description: |- 6 Provides an IAM Server Certificate 7 --- 8 9 # aws\_iam\_server\_certificate 10 11 Provides an IAM Server Certificate resource to upload Server Certificates. 12 Certs uploaded to IAM can easily work with other AWS services such as: 13 14 - AWS Elastic Beanstalk 15 - Elastic Load Balancing 16 - CloudFront 17 - AWS OpsWorks 18 19 For information about server certificates in IAM, see [Managing Server 20 Certficates][2] in AWS Documentation. 21 22 ## Example Usage 23 24 **Using certs on file:** 25 26 ``` 27 resource "aws_iam_server_certificate" "test_cert" { 28 name = "some_test_cert" 29 certificate_body = "${file("self-ca-cert.pem")}" 30 private_key = "${file("test-key.pem")}" 31 } 32 ``` 33 34 **Example with cert in-line:** 35 36 ``` 37 resource "aws_iam_server_certificate" "test_cert_alt" { 38 name = "alt_test_cert" 39 certificate_body = <<EOF 40 -----BEGIN CERTIFICATE----- 41 [......] # cert contents 42 -----END CERTIFICATE----- 43 EOF 44 45 private_key = <<EOF 46 -----BEGIN RSA PRIVATE KEY----- 47 [......] # cert contents 48 -----END CERTIFICATE----- 49 EOF 50 } 51 ``` 52 53 **Use in combination with an AWS ELB resource:** 54 55 ``` 56 resource "aws_iam_server_certificate" "test_cert" { 57 name = "some_test_cert" 58 certificate_body = "${file("self-ca-cert.pem")}" 59 private_key = "${file("test-key.pem")}" 60 } 61 62 resource "aws_elb" "ourapp" { 63 name = "terraform-asg-deployment-example" 64 availability_zones = ["us-west-2a"] 65 cross_zone_load_balancing = true 66 67 listener { 68 instance_port = 8000 69 instance_protocol = "http" 70 lb_port = 443 71 lb_protocol = "https" 72 ssl_certificate_id = "${aws_iam_server_certificate.test_cert.arn}" 73 } 74 } 75 ``` 76 77 ## Argument Reference 78 79 The following arguments are supported: 80 81 * `name` - (Required) The name of the Server Certificate. Do not include the 82 path in this value. 83 * `certificate_body` – (Required) The contents of the public key certificate in 84 PEM-encoded format. 85 * `certificate_chain` – (Optional) The contents of the certificate chain. 86 This is typically a concatenation of the PEM-encoded public key certificates 87 of the chain. 88 * `private_key` – (Required) The contents of the private key in PEM-encoded format. 89 * `path` - (Optional) The IAM path for the server certificate. If it is not 90 included, it defaults to a slash (/). If this certificate is for use with 91 AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. 92 See [IAM Identifiers][1] for more details on IAM Paths. 93 94 ~> **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in terraform forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificate_body` contains only one certificate. All other certificates should go in `certificate_chain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain. 95 96 ## Attributes Reference 97 98 * `id` - The unique Server Certificate name 99 * `name` - The name of the Server Certificate 100 * `arn` - The Amazon Resource Name (ARN) specifying the server certificate. 101 102 103 [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html 104 [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html