UNPKG

@pulumi/aws-native

Version:

The Pulumi AWS Cloud Control Provider enables you to build, deploy, and manage [any AWS resource that's supported by the AWS Cloud Control API](https://github.com/pulumi/pulumi-aws-native/blob/master/provider/cmd/pulumi-gen-aws-native/supported-types.txt)

pulumi.com

pulumi/pulumi-aws-native

105 lines (104 loc) 5.57 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
import * as pulumi from "@pulumi/pulumi"; import * as enums from "../types/enums"; /** * Use the AWS::IoT::Certificate resource to declare an AWS IoT X.509 certificate. */ export declare class Certificate extends pulumi.CustomResource { /** * Get an existing Certificate resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): Certificate; /** * Returns true if the given object is an instance of Certificate. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Certificate; /** * Returns the Amazon Resource Name (ARN) for the certificate. For example: * * `{ "Fn::GetAtt": ["MyCertificate", "Arn"] }` * * A value similar to the following is returned: * * `arn:aws:iot:ap-southeast-2:123456789012:cert/a1234567b89c012d3e4fg567hij8k9l01mno1p23q45678901rs234567890t1u2` */ readonly arn: pulumi.Output<string>; /** * The certificate ID. */ readonly awsId: pulumi.Output<string>; /** * The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY. */ readonly caCertificatePem: pulumi.Output<string | undefined>; /** * Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest. * * `DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core . * * `SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core . */ readonly certificateMode: pulumi.Output<enums.iot.CertificateMode | undefined>; /** * The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration. */ readonly certificatePem: pulumi.Output<string | undefined>; /** * The certificate signing request (CSR). */ readonly certificateSigningRequest: pulumi.Output<string | undefined>; /** * The status of the certificate. * * Valid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION. * * The status value REGISTER_INACTIVE is deprecated and should not be used. */ readonly status: pulumi.Output<enums.iot.CertificateStatus>; /** * Create a Certificate resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: CertificateArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a Certificate resource. */ export interface CertificateArgs { /** * The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY. */ caCertificatePem?: pulumi.Input<string>; /** * Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest. * * `DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core . * * `SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core . */ certificateMode?: pulumi.Input<enums.iot.CertificateMode>; /** * The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration. */ certificatePem?: pulumi.Input<string>; /** * The certificate signing request (CSR). */ certificateSigningRequest?: pulumi.Input<string>; /** * The status of the certificate. * * Valid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION. * * The status value REGISTER_INACTIVE is deprecated and should not be used. */ status: pulumi.Input<enums.iot.CertificateStatus>; }