github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/acmpca/certificateAuthorityCertificate.go (about) 1 // Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. 2 // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** 3 4 package acmpca 5 6 import ( 7 "context" 8 "reflect" 9 10 "errors" 11 "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal" 12 "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 13 ) 14 15 // Associates a certificate with an AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority). An ACM PCA Certificate Authority is unable to issue certificates until it has a certificate associated with it. A root level ACM PCA Certificate Authority is able to self-sign its own root certificate. 16 // 17 // ## Example Usage 18 // 19 // ### Self-Signed Root Certificate Authority Certificate 20 // 21 // <!--Start PulumiCodeChooser --> 22 // ```go 23 // package main 24 // 25 // import ( 26 // 27 // "fmt" 28 // 29 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws" 30 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca" 31 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 32 // 33 // ) 34 // 35 // func main() { 36 // pulumi.Run(func(ctx *pulumi.Context) error { 37 // exampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "example", &acmpca.CertificateAuthorityArgs{ 38 // Type: pulumi.String("ROOT"), 39 // CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{ 40 // KeyAlgorithm: pulumi.String("RSA_4096"), 41 // SigningAlgorithm: pulumi.String("SHA512WITHRSA"), 42 // Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{ 43 // CommonName: pulumi.String("example.com"), 44 // }, 45 // }, 46 // }) 47 // if err != nil { 48 // return err 49 // } 50 // current, err := aws.GetPartition(ctx, nil, nil) 51 // if err != nil { 52 // return err 53 // } 54 // exampleCertificate, err := acmpca.NewCertificate(ctx, "example", &acmpca.CertificateArgs{ 55 // CertificateAuthorityArn: exampleCertificateAuthority.Arn, 56 // CertificateSigningRequest: exampleCertificateAuthority.CertificateSigningRequest, 57 // SigningAlgorithm: pulumi.String("SHA512WITHRSA"), 58 // TemplateArn: pulumi.String(fmt.Sprintf("arn:%v:acm-pca:::template/RootCACertificate/V1", current.Partition)), 59 // Validity: &acmpca.CertificateValidityArgs{ 60 // Type: pulumi.String("YEARS"), 61 // Value: pulumi.String("1"), 62 // }, 63 // }) 64 // if err != nil { 65 // return err 66 // } 67 // _, err = acmpca.NewCertificateAuthorityCertificate(ctx, "example", &acmpca.CertificateAuthorityCertificateArgs{ 68 // CertificateAuthorityArn: exampleCertificateAuthority.Arn, 69 // Certificate: exampleCertificate.Certificate, 70 // CertificateChain: exampleCertificate.CertificateChain, 71 // }) 72 // if err != nil { 73 // return err 74 // } 75 // return nil 76 // }) 77 // } 78 // 79 // ``` 80 // <!--End PulumiCodeChooser --> 81 // 82 // ### Certificate for Subordinate Certificate Authority 83 // 84 // Note that the certificate for the subordinate certificate authority must be issued by the root certificate authority using a signing request from the subordinate certificate authority. 85 // 86 // <!--Start PulumiCodeChooser --> 87 // ```go 88 // package main 89 // 90 // import ( 91 // 92 // "fmt" 93 // 94 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws" 95 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca" 96 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 97 // 98 // ) 99 // 100 // func main() { 101 // pulumi.Run(func(ctx *pulumi.Context) error { 102 // subordinateCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, "subordinate", &acmpca.CertificateAuthorityArgs{ 103 // Type: pulumi.String("SUBORDINATE"), 104 // CertificateAuthorityConfiguration: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{ 105 // KeyAlgorithm: pulumi.String("RSA_2048"), 106 // SigningAlgorithm: pulumi.String("SHA512WITHRSA"), 107 // Subject: &acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{ 108 // CommonName: pulumi.String("sub.example.com"), 109 // }, 110 // }, 111 // }) 112 // if err != nil { 113 // return err 114 // } 115 // root, err := acmpca.NewCertificateAuthority(ctx, "root", nil) 116 // if err != nil { 117 // return err 118 // } 119 // current, err := aws.GetPartition(ctx, nil, nil) 120 // if err != nil { 121 // return err 122 // } 123 // subordinateCertificate, err := acmpca.NewCertificate(ctx, "subordinate", &acmpca.CertificateArgs{ 124 // CertificateAuthorityArn: root.Arn, 125 // CertificateSigningRequest: subordinateCertificateAuthority.CertificateSigningRequest, 126 // SigningAlgorithm: pulumi.String("SHA512WITHRSA"), 127 // TemplateArn: pulumi.String(fmt.Sprintf("arn:%v:acm-pca:::template/SubordinateCACertificate_PathLen0/V1", current.Partition)), 128 // Validity: &acmpca.CertificateValidityArgs{ 129 // Type: pulumi.String("YEARS"), 130 // Value: pulumi.String("1"), 131 // }, 132 // }) 133 // if err != nil { 134 // return err 135 // } 136 // _, err = acmpca.NewCertificateAuthorityCertificate(ctx, "subordinate", &acmpca.CertificateAuthorityCertificateArgs{ 137 // CertificateAuthorityArn: subordinateCertificateAuthority.Arn, 138 // Certificate: subordinateCertificate.Certificate, 139 // CertificateChain: subordinateCertificate.CertificateChain, 140 // }) 141 // if err != nil { 142 // return err 143 // } 144 // _, err = acmpca.NewCertificateAuthorityCertificate(ctx, "root", nil) 145 // if err != nil { 146 // return err 147 // } 148 // _, err = acmpca.NewCertificate(ctx, "root", nil) 149 // if err != nil { 150 // return err 151 // } 152 // return nil 153 // }) 154 // } 155 // 156 // ``` 157 // <!--End PulumiCodeChooser --> 158 type CertificateAuthorityCertificate struct { 159 pulumi.CustomResourceState 160 161 // PEM-encoded certificate for the Certificate Authority. 162 Certificate pulumi.StringOutput `pulumi:"certificate"` 163 // ARN of the Certificate Authority. 164 CertificateAuthorityArn pulumi.StringOutput `pulumi:"certificateAuthorityArn"` 165 // PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities. 166 CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"` 167 } 168 169 // NewCertificateAuthorityCertificate registers a new resource with the given unique name, arguments, and options. 170 func NewCertificateAuthorityCertificate(ctx *pulumi.Context, 171 name string, args *CertificateAuthorityCertificateArgs, opts ...pulumi.ResourceOption) (*CertificateAuthorityCertificate, error) { 172 if args == nil { 173 return nil, errors.New("missing one or more required arguments") 174 } 175 176 if args.Certificate == nil { 177 return nil, errors.New("invalid value for required argument 'Certificate'") 178 } 179 if args.CertificateAuthorityArn == nil { 180 return nil, errors.New("invalid value for required argument 'CertificateAuthorityArn'") 181 } 182 opts = internal.PkgResourceDefaultOpts(opts) 183 var resource CertificateAuthorityCertificate 184 err := ctx.RegisterResource("aws:acmpca/certificateAuthorityCertificate:CertificateAuthorityCertificate", name, args, &resource, opts...) 185 if err != nil { 186 return nil, err 187 } 188 return &resource, nil 189 } 190 191 // GetCertificateAuthorityCertificate gets an existing CertificateAuthorityCertificate resource's state with the given name, ID, and optional 192 // state properties that are used to uniquely qualify the lookup (nil if not required). 193 func GetCertificateAuthorityCertificate(ctx *pulumi.Context, 194 name string, id pulumi.IDInput, state *CertificateAuthorityCertificateState, opts ...pulumi.ResourceOption) (*CertificateAuthorityCertificate, error) { 195 var resource CertificateAuthorityCertificate 196 err := ctx.ReadResource("aws:acmpca/certificateAuthorityCertificate:CertificateAuthorityCertificate", name, id, state, &resource, opts...) 197 if err != nil { 198 return nil, err 199 } 200 return &resource, nil 201 } 202 203 // Input properties used for looking up and filtering CertificateAuthorityCertificate resources. 204 type certificateAuthorityCertificateState struct { 205 // PEM-encoded certificate for the Certificate Authority. 206 Certificate *string `pulumi:"certificate"` 207 // ARN of the Certificate Authority. 208 CertificateAuthorityArn *string `pulumi:"certificateAuthorityArn"` 209 // PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities. 210 CertificateChain *string `pulumi:"certificateChain"` 211 } 212 213 type CertificateAuthorityCertificateState struct { 214 // PEM-encoded certificate for the Certificate Authority. 215 Certificate pulumi.StringPtrInput 216 // ARN of the Certificate Authority. 217 CertificateAuthorityArn pulumi.StringPtrInput 218 // PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities. 219 CertificateChain pulumi.StringPtrInput 220 } 221 222 func (CertificateAuthorityCertificateState) ElementType() reflect.Type { 223 return reflect.TypeOf((*certificateAuthorityCertificateState)(nil)).Elem() 224 } 225 226 type certificateAuthorityCertificateArgs struct { 227 // PEM-encoded certificate for the Certificate Authority. 228 Certificate string `pulumi:"certificate"` 229 // ARN of the Certificate Authority. 230 CertificateAuthorityArn string `pulumi:"certificateAuthorityArn"` 231 // PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities. 232 CertificateChain *string `pulumi:"certificateChain"` 233 } 234 235 // The set of arguments for constructing a CertificateAuthorityCertificate resource. 236 type CertificateAuthorityCertificateArgs struct { 237 // PEM-encoded certificate for the Certificate Authority. 238 Certificate pulumi.StringInput 239 // ARN of the Certificate Authority. 240 CertificateAuthorityArn pulumi.StringInput 241 // PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities. 242 CertificateChain pulumi.StringPtrInput 243 } 244 245 func (CertificateAuthorityCertificateArgs) ElementType() reflect.Type { 246 return reflect.TypeOf((*certificateAuthorityCertificateArgs)(nil)).Elem() 247 } 248 249 type CertificateAuthorityCertificateInput interface { 250 pulumi.Input 251 252 ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput 253 ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput 254 } 255 256 func (*CertificateAuthorityCertificate) ElementType() reflect.Type { 257 return reflect.TypeOf((**CertificateAuthorityCertificate)(nil)).Elem() 258 } 259 260 func (i *CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput { 261 return i.ToCertificateAuthorityCertificateOutputWithContext(context.Background()) 262 } 263 264 func (i *CertificateAuthorityCertificate) ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput { 265 return pulumi.ToOutputWithContext(ctx, i).(CertificateAuthorityCertificateOutput) 266 } 267 268 // CertificateAuthorityCertificateArrayInput is an input type that accepts CertificateAuthorityCertificateArray and CertificateAuthorityCertificateArrayOutput values. 269 // You can construct a concrete instance of `CertificateAuthorityCertificateArrayInput` via: 270 // 271 // CertificateAuthorityCertificateArray{ CertificateAuthorityCertificateArgs{...} } 272 type CertificateAuthorityCertificateArrayInput interface { 273 pulumi.Input 274 275 ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput 276 ToCertificateAuthorityCertificateArrayOutputWithContext(context.Context) CertificateAuthorityCertificateArrayOutput 277 } 278 279 type CertificateAuthorityCertificateArray []CertificateAuthorityCertificateInput 280 281 func (CertificateAuthorityCertificateArray) ElementType() reflect.Type { 282 return reflect.TypeOf((*[]*CertificateAuthorityCertificate)(nil)).Elem() 283 } 284 285 func (i CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput { 286 return i.ToCertificateAuthorityCertificateArrayOutputWithContext(context.Background()) 287 } 288 289 func (i CertificateAuthorityCertificateArray) ToCertificateAuthorityCertificateArrayOutputWithContext(ctx context.Context) CertificateAuthorityCertificateArrayOutput { 290 return pulumi.ToOutputWithContext(ctx, i).(CertificateAuthorityCertificateArrayOutput) 291 } 292 293 // CertificateAuthorityCertificateMapInput is an input type that accepts CertificateAuthorityCertificateMap and CertificateAuthorityCertificateMapOutput values. 294 // You can construct a concrete instance of `CertificateAuthorityCertificateMapInput` via: 295 // 296 // CertificateAuthorityCertificateMap{ "key": CertificateAuthorityCertificateArgs{...} } 297 type CertificateAuthorityCertificateMapInput interface { 298 pulumi.Input 299 300 ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput 301 ToCertificateAuthorityCertificateMapOutputWithContext(context.Context) CertificateAuthorityCertificateMapOutput 302 } 303 304 type CertificateAuthorityCertificateMap map[string]CertificateAuthorityCertificateInput 305 306 func (CertificateAuthorityCertificateMap) ElementType() reflect.Type { 307 return reflect.TypeOf((*map[string]*CertificateAuthorityCertificate)(nil)).Elem() 308 } 309 310 func (i CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput { 311 return i.ToCertificateAuthorityCertificateMapOutputWithContext(context.Background()) 312 } 313 314 func (i CertificateAuthorityCertificateMap) ToCertificateAuthorityCertificateMapOutputWithContext(ctx context.Context) CertificateAuthorityCertificateMapOutput { 315 return pulumi.ToOutputWithContext(ctx, i).(CertificateAuthorityCertificateMapOutput) 316 } 317 318 type CertificateAuthorityCertificateOutput struct{ *pulumi.OutputState } 319 320 func (CertificateAuthorityCertificateOutput) ElementType() reflect.Type { 321 return reflect.TypeOf((**CertificateAuthorityCertificate)(nil)).Elem() 322 } 323 324 func (o CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutput() CertificateAuthorityCertificateOutput { 325 return o 326 } 327 328 func (o CertificateAuthorityCertificateOutput) ToCertificateAuthorityCertificateOutputWithContext(ctx context.Context) CertificateAuthorityCertificateOutput { 329 return o 330 } 331 332 // PEM-encoded certificate for the Certificate Authority. 333 func (o CertificateAuthorityCertificateOutput) Certificate() pulumi.StringOutput { 334 return o.ApplyT(func(v *CertificateAuthorityCertificate) pulumi.StringOutput { return v.Certificate }).(pulumi.StringOutput) 335 } 336 337 // ARN of the Certificate Authority. 338 func (o CertificateAuthorityCertificateOutput) CertificateAuthorityArn() pulumi.StringOutput { 339 return o.ApplyT(func(v *CertificateAuthorityCertificate) pulumi.StringOutput { return v.CertificateAuthorityArn }).(pulumi.StringOutput) 340 } 341 342 // PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities. 343 func (o CertificateAuthorityCertificateOutput) CertificateChain() pulumi.StringPtrOutput { 344 return o.ApplyT(func(v *CertificateAuthorityCertificate) pulumi.StringPtrOutput { return v.CertificateChain }).(pulumi.StringPtrOutput) 345 } 346 347 type CertificateAuthorityCertificateArrayOutput struct{ *pulumi.OutputState } 348 349 func (CertificateAuthorityCertificateArrayOutput) ElementType() reflect.Type { 350 return reflect.TypeOf((*[]*CertificateAuthorityCertificate)(nil)).Elem() 351 } 352 353 func (o CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutput() CertificateAuthorityCertificateArrayOutput { 354 return o 355 } 356 357 func (o CertificateAuthorityCertificateArrayOutput) ToCertificateAuthorityCertificateArrayOutputWithContext(ctx context.Context) CertificateAuthorityCertificateArrayOutput { 358 return o 359 } 360 361 func (o CertificateAuthorityCertificateArrayOutput) Index(i pulumi.IntInput) CertificateAuthorityCertificateOutput { 362 return pulumi.All(o, i).ApplyT(func(vs []interface{}) *CertificateAuthorityCertificate { 363 return vs[0].([]*CertificateAuthorityCertificate)[vs[1].(int)] 364 }).(CertificateAuthorityCertificateOutput) 365 } 366 367 type CertificateAuthorityCertificateMapOutput struct{ *pulumi.OutputState } 368 369 func (CertificateAuthorityCertificateMapOutput) ElementType() reflect.Type { 370 return reflect.TypeOf((*map[string]*CertificateAuthorityCertificate)(nil)).Elem() 371 } 372 373 func (o CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutput() CertificateAuthorityCertificateMapOutput { 374 return o 375 } 376 377 func (o CertificateAuthorityCertificateMapOutput) ToCertificateAuthorityCertificateMapOutputWithContext(ctx context.Context) CertificateAuthorityCertificateMapOutput { 378 return o 379 } 380 381 func (o CertificateAuthorityCertificateMapOutput) MapIndex(k pulumi.StringInput) CertificateAuthorityCertificateOutput { 382 return pulumi.All(o, k).ApplyT(func(vs []interface{}) *CertificateAuthorityCertificate { 383 return vs[0].(map[string]*CertificateAuthorityCertificate)[vs[1].(string)] 384 }).(CertificateAuthorityCertificateOutput) 385 } 386 387 func init() { 388 pulumi.RegisterInputType(reflect.TypeOf((*CertificateAuthorityCertificateInput)(nil)).Elem(), &CertificateAuthorityCertificate{}) 389 pulumi.RegisterInputType(reflect.TypeOf((*CertificateAuthorityCertificateArrayInput)(nil)).Elem(), CertificateAuthorityCertificateArray{}) 390 pulumi.RegisterInputType(reflect.TypeOf((*CertificateAuthorityCertificateMapInput)(nil)).Elem(), CertificateAuthorityCertificateMap{}) 391 pulumi.RegisterOutputType(CertificateAuthorityCertificateOutput{}) 392 pulumi.RegisterOutputType(CertificateAuthorityCertificateArrayOutput{}) 393 pulumi.RegisterOutputType(CertificateAuthorityCertificateMapOutput{}) 394 }