github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/acmpca/certificate.go

// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***

package acmpca

import (
	"context"
	"reflect"

	"errors"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

// Provides a resource to issue a certificate using AWS Certificate Manager Private Certificate Authority (ACM PCA).
//
// Certificates created using `acmpca.Certificate` are not eligible for automatic renewal,
// and must be replaced instead.
// To issue a renewable certificate using an ACM PCA, create a `acm.Certificate`
// with the parameter `certificateAuthorityArn`.
//
// ## Example Usage
//
// ### Basic
//
// <!--Start PulumiCodeChooser -->
// ```go
// package main
//
// import (
//
//	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
//	"github.com/pulumi/pulumi-tls/sdk/v4/go/tls"
//	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
//	func main() {
//		pulumi.Run(func(ctx *pulumi.Context) error {
//			exampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{
//				CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{
//					KeyAlgorithm:     pulumi.String("RSA_4096"),
//					SigningAlgorithm: pulumi.String("SHA512WITHRSA"),
//					Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{
//						CommonName: pulumi.String("example.com"),
//					},
//				},
//				PermanentDeletionTimeInDays: pulumi.Int(7),
//			})
//			if err != nil {
//				return err
//			}
//			key, err := tls.NewPrivateKey(ctx, "key", &tls.PrivateKeyArgs{
//				Algorithm: pulumi.String("RSA"),
//			})
//			if err != nil {
//				return err
//			}
//			csr, err := tls.NewCertRequest(ctx, "csr", &tls.CertRequestArgs{
//				PrivateKeyPem: key.PrivateKeyPem,
//				Subject: &tls.CertRequestSubjectArgs{
//					CommonName: pulumi.String("example"),
//				},
//			})
//			if err != nil {
//				return err
//			}
//			_, err = acmpca.NewCertificate(ctx, "example", &acmpca.CertificateArgs{
//				CertificateAuthorityArn:   exampleCertificateAuthority.Arn,
//				CertificateSigningRequest: csr.CertRequestPem,
//				SigningAlgorithm:          pulumi.String("SHA256WITHRSA"),
//				Validity: &acmpca.CertificateValidityArgs{
//					Type:  pulumi.String("YEARS"),
//					Value: pulumi.String("1"),
//				},
//			})
//			if err != nil {
//				return err
//			}
//			return nil
//		})
//	}
//
// ```
// <!--End PulumiCodeChooser -->
//
// ## Import
//
// Using `pulumi import`, import ACM PCA Certificates using their ARN. For example:
//
// ```sh
// $ pulumi import aws:acmpca/certificate:Certificate cert arn:aws:acm-pca:eu-west-1:675225743824:certificate-authority/08319ede-83g9-1400-8f21-c7d12b2b6edb/certificate/a4e9c2aa4bcfab625g1b9136464cd3a
// ```
type Certificate struct {
	pulumi.CustomResourceState

	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrOutput `pulumi:"apiPassthrough"`
	// ARN of the certificate.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// PEM-encoded certificate value.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain pulumi.StringOutput `pulumi:"certificateChain"`
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringOutput `pulumi:"certificateSigningRequest"`
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringOutput `pulumi:"signingAlgorithm"`
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrOutput `pulumi:"templateArn"`
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityOutput `pulumi:"validity"`
}

// NewCertificate registers a new resource with the given unique name, arguments, and options.
func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error) {
	if args == nil {
		return nil, errors.New("missing one or more required arguments")
	}

	if args.CertificateAuthorityArn == nil {
		return nil, errors.New("invalid value for required argument 'CertificateAuthorityArn'")
	}
	if args.CertificateSigningRequest == nil {
		return nil, errors.New("invalid value for required argument 'CertificateSigningRequest'")
	}
	if args.SigningAlgorithm == nil {
		return nil, errors.New("invalid value for required argument 'SigningAlgorithm'")
	}
	if args.Validity == nil {
		return nil, errors.New("invalid value for required argument 'Validity'")
	}
	opts = internal.PkgResourceDefaultOpts(opts)
	var resource Certificate
	err := ctx.RegisterResource("aws:acmpca/certificate:Certificate", name, args, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional
// state properties that are used to uniquely qualify the lookup (nil if not required).
func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error) {
	var resource Certificate
	err := ctx.ReadResource("aws:acmpca/certificate:Certificate", name, id, state, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// Input properties used for looking up and filtering Certificate resources.
type certificateState struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough *string `pulumi:"apiPassthrough"`
	// ARN of the certificate.
	Arn *string `pulumi:"arn"`
	// PEM-encoded certificate value.
	Certificate *string `pulumi:"certificate"`
	// ARN of the certificate authority.
	CertificateAuthorityArn *string `pulumi:"certificateAuthorityArn"`
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain *string `pulumi:"certificateChain"`
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest *string `pulumi:"certificateSigningRequest"`
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm *string `pulumi:"signingAlgorithm"`
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn *string `pulumi:"templateArn"`
	// Configures end of the validity period for the certificate. See validity block below.
	Validity *CertificateValidity `pulumi:"validity"`
}

type CertificateState struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrInput
	// ARN of the certificate.
	Arn pulumi.StringPtrInput
	// PEM-encoded certificate value.
	Certificate pulumi.StringPtrInput
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringPtrInput
	// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
	CertificateChain pulumi.StringPtrInput
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringPtrInput
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringPtrInput
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrInput
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityPtrInput
}

func (CertificateState) ElementType() reflect.Type {
	return reflect.TypeOf((*certificateState)(nil)).Elem()
}

type certificateArgs struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough *string `pulumi:"apiPassthrough"`
	// ARN of the certificate authority.
	CertificateAuthorityArn string `pulumi:"certificateAuthorityArn"`
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest string `pulumi:"certificateSigningRequest"`
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm string `pulumi:"signingAlgorithm"`
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn *string `pulumi:"templateArn"`
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidity `pulumi:"validity"`
}

// The set of arguments for constructing a Certificate resource.
type CertificateArgs struct {
	// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
	ApiPassthrough pulumi.StringPtrInput
	// ARN of the certificate authority.
	CertificateAuthorityArn pulumi.StringInput
	// Certificate Signing Request in PEM format.
	CertificateSigningRequest pulumi.StringInput
	// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
	SigningAlgorithm pulumi.StringInput
	// Template to use when issuing a certificate.
	// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
	TemplateArn pulumi.StringPtrInput
	// Configures end of the validity period for the certificate. See validity block below.
	Validity CertificateValidityInput
}

func (CertificateArgs) ElementType() reflect.Type {
	return reflect.TypeOf((*certificateArgs)(nil)).Elem()
}

type CertificateInput interface {
	pulumi.Input

	ToCertificateOutput() CertificateOutput
	ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
}

func (*Certificate) ElementType() reflect.Type {
	return reflect.TypeOf((**Certificate)(nil)).Elem()
}

func (i *Certificate) ToCertificateOutput() CertificateOutput {
	return i.ToCertificateOutputWithContext(context.Background())
}

func (i *Certificate) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput {
	return pulumi.ToOutputWithContext(ctx, i).(CertificateOutput)
}

// CertificateArrayInput is an input type that accepts CertificateArray and CertificateArrayOutput values.
// You can construct a concrete instance of `CertificateArrayInput` via:
//
//	CertificateArray{ CertificateArgs{...} }
type CertificateArrayInput interface {
	pulumi.Input

	ToCertificateArrayOutput() CertificateArrayOutput
	ToCertificateArrayOutputWithContext(context.Context) CertificateArrayOutput
}

type CertificateArray []CertificateInput

func (CertificateArray) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*Certificate)(nil)).Elem()
}

func (i CertificateArray) ToCertificateArrayOutput() CertificateArrayOutput {
	return i.ToCertificateArrayOutputWithContext(context.Background())
}

func (i CertificateArray) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput {
	return pulumi.ToOutputWithContext(ctx, i).(CertificateArrayOutput)
}

// CertificateMapInput is an input type that accepts CertificateMap and CertificateMapOutput values.
// You can construct a concrete instance of `CertificateMapInput` via:
//
//	CertificateMap{ "key": CertificateArgs{...} }
type CertificateMapInput interface {
	pulumi.Input

	ToCertificateMapOutput() CertificateMapOutput
	ToCertificateMapOutputWithContext(context.Context) CertificateMapOutput
}

type CertificateMap map[string]CertificateInput

func (CertificateMap) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*Certificate)(nil)).Elem()
}

func (i CertificateMap) ToCertificateMapOutput() CertificateMapOutput {
	return i.ToCertificateMapOutputWithContext(context.Background())
}

func (i CertificateMap) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput {
	return pulumi.ToOutputWithContext(ctx, i).(CertificateMapOutput)
}

type CertificateOutput struct{ *pulumi.OutputState }

func (CertificateOutput) ElementType() reflect.Type {
	return reflect.TypeOf((**Certificate)(nil)).Elem()
}

func (o CertificateOutput) ToCertificateOutput() CertificateOutput {
	return o
}

func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput {
	return o
}

// Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates
func (o CertificateOutput) ApiPassthrough() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringPtrOutput { return v.ApiPassthrough }).(pulumi.StringPtrOutput)
}

// ARN of the certificate.
func (o CertificateOutput) Arn() pulumi.StringOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput)
}

// PEM-encoded certificate value.
func (o CertificateOutput) Certificate() pulumi.StringOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringOutput { return v.Certificate }).(pulumi.StringOutput)
}

// ARN of the certificate authority.
func (o CertificateOutput) CertificateAuthorityArn() pulumi.StringOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringOutput { return v.CertificateAuthorityArn }).(pulumi.StringOutput)
}

// PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.
func (o CertificateOutput) CertificateChain() pulumi.StringOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringOutput { return v.CertificateChain }).(pulumi.StringOutput)
}

// Certificate Signing Request in PEM format.
func (o CertificateOutput) CertificateSigningRequest() pulumi.StringOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringOutput { return v.CertificateSigningRequest }).(pulumi.StringOutput)
}

// Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.
func (o CertificateOutput) SigningAlgorithm() pulumi.StringOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringOutput { return v.SigningAlgorithm }).(pulumi.StringOutput)
}

// Template to use when issuing a certificate.
// See [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.
func (o CertificateOutput) TemplateArn() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *Certificate) pulumi.StringPtrOutput { return v.TemplateArn }).(pulumi.StringPtrOutput)
}

// Configures end of the validity period for the certificate. See validity block below.
func (o CertificateOutput) Validity() CertificateValidityOutput {
	return o.ApplyT(func(v *Certificate) CertificateValidityOutput { return v.Validity }).(CertificateValidityOutput)
}

type CertificateArrayOutput struct{ *pulumi.OutputState }

func (CertificateArrayOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*Certificate)(nil)).Elem()
}

func (o CertificateArrayOutput) ToCertificateArrayOutput() CertificateArrayOutput {
	return o
}

func (o CertificateArrayOutput) ToCertificateArrayOutputWithContext(ctx context.Context) CertificateArrayOutput {
	return o
}

func (o CertificateArrayOutput) Index(i pulumi.IntInput) CertificateOutput {
	return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Certificate {
		return vs[0].([]*Certificate)[vs[1].(int)]
	}).(CertificateOutput)
}

type CertificateMapOutput struct{ *pulumi.OutputState }

func (CertificateMapOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*Certificate)(nil)).Elem()
}

func (o CertificateMapOutput) ToCertificateMapOutput() CertificateMapOutput {
	return o
}

func (o CertificateMapOutput) ToCertificateMapOutputWithContext(ctx context.Context) CertificateMapOutput {
	return o
}

func (o CertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateOutput {
	return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Certificate {
		return vs[0].(map[string]*Certificate)[vs[1].(string)]
	}).(CertificateOutput)
}

func init() {
	pulumi.RegisterInputType(reflect.TypeOf((*CertificateInput)(nil)).Elem(), &Certificate{})
	pulumi.RegisterInputType(reflect.TypeOf((*CertificateArrayInput)(nil)).Elem(), CertificateArray{})
	pulumi.RegisterInputType(reflect.TypeOf((*CertificateMapInput)(nil)).Elem(), CertificateMap{})
	pulumi.RegisterOutputType(CertificateOutput{})
	pulumi.RegisterOutputType(CertificateArrayOutput{})
	pulumi.RegisterOutputType(CertificateMapOutput{})
}