@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
139 lines • 6.42 kB
JavaScript
;
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.CertificateAuthorityCertificate = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
* Associates a certificate with an AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority). An ACM PCA Certificate Authority is unable to issue certificates until it has a certificate associated with it. A root level ACM PCA Certificate Authority is able to self-sign its own root certificate.
*
* ## Example Usage
*
* ### Self-Signed Root Certificate Authority Certificate
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const exampleCertificateAuthority = new aws.acmpca.CertificateAuthority("example", {
* type: "ROOT",
* certificateAuthorityConfiguration: {
* keyAlgorithm: "RSA_4096",
* signingAlgorithm: "SHA512WITHRSA",
* subject: {
* commonName: "example.com",
* },
* },
* });
* const current = aws.getPartition({});
* const exampleCertificate = new aws.acmpca.Certificate("example", {
* certificateAuthorityArn: exampleCertificateAuthority.arn,
* certificateSigningRequest: exampleCertificateAuthority.certificateSigningRequest,
* signingAlgorithm: "SHA512WITHRSA",
* templateArn: current.then(current => `arn:${current.partition}:acm-pca:::template/RootCACertificate/V1`),
* validity: {
* type: "YEARS",
* value: "1",
* },
* });
* const example = new aws.acmpca.CertificateAuthorityCertificate("example", {
* certificateAuthorityArn: exampleCertificateAuthority.arn,
* certificate: exampleCertificate.certificate,
* certificateChain: exampleCertificate.certificateChain,
* });
* ```
*
* ### Certificate for Subordinate Certificate Authority
*
* Note that the certificate for the subordinate certificate authority must be issued by the root certificate authority using a signing request from the subordinate certificate authority.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const subordinateCertificateAuthority = new aws.acmpca.CertificateAuthority("subordinate", {
* type: "SUBORDINATE",
* certificateAuthorityConfiguration: {
* keyAlgorithm: "RSA_2048",
* signingAlgorithm: "SHA512WITHRSA",
* subject: {
* commonName: "sub.example.com",
* },
* },
* });
* const root = new aws.acmpca.CertificateAuthority("root", {});
* const current = aws.getPartition({});
* const subordinateCertificate = new aws.acmpca.Certificate("subordinate", {
* certificateAuthorityArn: root.arn,
* certificateSigningRequest: subordinateCertificateAuthority.certificateSigningRequest,
* signingAlgorithm: "SHA512WITHRSA",
* templateArn: current.then(current => `arn:${current.partition}:acm-pca:::template/SubordinateCACertificate_PathLen0/V1`),
* validity: {
* type: "YEARS",
* value: "1",
* },
* });
* const subordinate = new aws.acmpca.CertificateAuthorityCertificate("subordinate", {
* certificateAuthorityArn: subordinateCertificateAuthority.arn,
* certificate: subordinateCertificate.certificate,
* certificateChain: subordinateCertificate.certificateChain,
* });
* const rootCertificateAuthorityCertificate = new aws.acmpca.CertificateAuthorityCertificate("root", {});
* const rootCertificate = new aws.acmpca.Certificate("root", {});
* ```
*/
class CertificateAuthorityCertificate extends pulumi.CustomResource {
/**
* Get an existing CertificateAuthorityCertificate resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new CertificateAuthorityCertificate(name, state, { ...opts, id: id });
}
/**
* Returns true if the given object is an instance of CertificateAuthorityCertificate. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === CertificateAuthorityCertificate.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["certificate"] = state?.certificate;
resourceInputs["certificateAuthorityArn"] = state?.certificateAuthorityArn;
resourceInputs["certificateChain"] = state?.certificateChain;
resourceInputs["region"] = state?.region;
}
else {
const args = argsOrState;
if (args?.certificate === undefined && !opts.urn) {
throw new Error("Missing required property 'certificate'");
}
if (args?.certificateAuthorityArn === undefined && !opts.urn) {
throw new Error("Missing required property 'certificateAuthorityArn'");
}
resourceInputs["certificate"] = args?.certificate;
resourceInputs["certificateAuthorityArn"] = args?.certificateAuthorityArn;
resourceInputs["certificateChain"] = args?.certificateChain;
resourceInputs["region"] = args?.region;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(CertificateAuthorityCertificate.__pulumiType, name, resourceInputs, opts);
}
}
exports.CertificateAuthorityCertificate = CertificateAuthorityCertificate;
/** @internal */
CertificateAuthorityCertificate.__pulumiType = 'aws:acmpca/certificateAuthorityCertificate:CertificateAuthorityCertificate';
//# sourceMappingURL=certificateAuthorityCertificate.js.map