github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/website/source/docs/providers/tls/r/private_key.html.md

github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/website/source/docs/providers/tls/r/private_key.html.md (about)

     1  ---
     2  layout: "tls"
     3  page_title: "TLS: tls_private_key"
     4  sidebar_current: "docs-tls-resourse-private-key"
     5  description: |-
     6    Creates a PEM-encoded private key.
     7  ---
     8  
     9  # tls\_private\_key
    10  
    11  Generates a secure private key and encodes it as PEM. This resource is
    12  primarily intended for easily bootstrapping throwaway development
    13  environments.
    14  
    15  ~> **Important Security Notice** The private key generated by this resource will
    16  be stored *unencrypted* in your Terraform state file. **Use of this resource
    17  for production deployments is *not* recommended**. Instead, generate
    18  a private key file outside of Terraform and distribute it securely
    19  to the system where Terraform will be run.
    20  
    21  This is a *logical resource*, so it contributes only to the current Terraform
    22  state and does not create any external managed resources.
    23  
    24  ## Example Usage
    25  
    26  ```
    27  resource "tls_private_key" "example" {
    28      algorithm = "ECDSA"
    29      ecdsa_curve = "P384"
    30  }
    31  ```
    32  
    33  ## Argument Reference
    34  
    35  The following arguments are supported:
    36  
    37  * `algorithm` - (Required) The name of the algorithm to use for
    38  the key. Currently-supported values are "RSA" and "ECDSA".
    39  
    40  * `rsa_bits` - (Optional) When `algorithm` is "RSA", the size of the generated
    41  RSA key in bits. Defaults to 2048.
    42  
    43  * `ecdsa_curve` - (Optional) When `algorithm` is "ECDSA", the name of the elliptic
    44  curve to use. May be any one of "P224", "P256", "P384" or "P521", with "P224" as the
    45  default.
    46  
    47  ## Attributes Reference
    48  
    49  The following attributes are exported:
    50  
    51  * `algorithm` - The algorithm that was selected for the key.
    52  * `private_key_pem` - The private key data in PEM format.
    53  
    54  ## Generating a New Key
    55  
    56  Since a private key is a logical resource that lives only in the Terraform state,
    57  it will persist until it is explicitly destroyed by the user.
    58  
    59  In order to force the generation of a new key within an existing state, the
    60  private key instance can be "tainted":
    61  
    62  ```
    63  terraform taint tls_private_key.example
    64  ```
    65  
    66  A new key will then be generated on the next ``terraform apply``.