github.com/jmbataller/terraform@v0.6.8-0.20151125192640-b7a12e3a580c/website/source/docs/providers/tls/index.html.markdown

github.com/jmbataller/terraform@v0.6.8-0.20151125192640-b7a12e3a580c/website/source/docs/providers/tls/index.html.markdown (about)

     1  ---
     2  layout: "tls"
     3  page_title: "Provider: TLS"
     4  sidebar_current: "docs-tls-index"
     5  description: |-
     6    The TLS provider provides utilities for working with Transport Layer Security keys and certificates.
     7  ---
     8  
     9  # TLS Provider
    10  
    11  The TLS provider provides utilities for working with *Transport Layer Security*
    12  keys and certificates. It provides resources that
    13  allow private keys, certificates and certficate requests to be
    14  created as part of a Terraform deployment.
    15  
    16  Another name for Transport Layer Security is *Secure Sockets Layer*,
    17  or SSL. TLS and SSL are equivalent when considering the resources
    18  managed by this provider.
    19  
    20  This provider is not particularly useful on its own, but it can be
    21  used to create certificates and credentials that can then be used
    22  with other providers when creating resources that expose TLS
    23  services or that themselves provision TLS certificates.
    24  
    25  Use the navigation to the left to read about the available resources.
    26  
    27  ## Example Usage
    28  
    29  ```
    30  ## This example create a self-signed certificate for a development
    31  ## environment.
    32  ## THIS IS NOT RECOMMENDED FOR PRODUCTION SERVICES.
    33  ## See the detailed documentation of each resource for further
    34  ## security considerations and other practical tradeoffs.
    35  
    36  resource "tls_private_key" "example" {
    37      algorithm = "ECDSA"
    38  }
    39  
    40  resource "tls_self_signed_cert" "example" {
    41      key_algorithm = "${tls_private_key.example.algorithm}"
    42      private_key_pem = "${tls_private_key.example.private_key_pem}"
    43  
    44      # Certificate expires after 12 hours.
    45      validity_period_hours = 12
    46  
    47      # Generate a new certificate if Terraform is run within three
    48      # hours of the certificate's expiration time.
    49      early_renewal_hours = 3
    50  
    51      # Reasonable set of uses for a server SSL certificate.
    52      allowed_uses = [
    53          "key_encipherment",
    54          "digital_signature",
    55          "server_auth",
    56      ]
    57  
    58      dns_names = ["example.com", "example.net"]
    59  
    60      subject {
    61          common_name = "example.com"
    62          organization = "ACME Examples, Inc"
    63      }
    64  }
    65  
    66  # For example, this can be used to populate an AWS IAM server certificate.
    67  resource "aws_iam_server_certificate" "example" {
    68      name = "example_self_signed_cert"
    69      certificate_body = "${tls_self_signed_cert.example.cert_pem}"
    70      private_key = "${tls_private_key.example.private_key_pem}"
    71  }
    72  ```