@pulumi/digitalocean
Version:
A Pulumi package for creating and managing DigitalOcean cloud resources.
239 lines (238 loc) • 8.43 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as enums from "./types/enums";
/**
* Provides a DigitalOcean Certificate resource that allows you to manage
* certificates for configuring TLS termination in Load Balancers.
* Certificates created with this resource can be referenced in your
* Load Balancer configuration via their ID. The certificate can either
* be a custom one provided by you or automatically generated one with
* Let's Encrypt.
*
* ## Example Usage
*
* ### Custom Certificate
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as digitalocean from "@pulumi/digitalocean";
* import * as std from "@pulumi/std";
*
* const cert = new digitalocean.Certificate("cert", {
* name: "custom-example",
* type: digitalocean.CertificateType.Custom,
* privateKey: std.file({
* input: "/Users/myuser/certs/privkey.pem",
* }).then(invoke => invoke.result),
* leafCertificate: std.file({
* input: "/Users/myuser/certs/cert.pem",
* }).then(invoke => invoke.result),
* certificateChain: std.file({
* input: "/Users/myuser/certs/fullchain.pem",
* }).then(invoke => invoke.result),
* });
* ```
*
* ### Let's Encrypt Certificate
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as digitalocean from "@pulumi/digitalocean";
*
* const cert = new digitalocean.Certificate("cert", {
* name: "le-example",
* type: digitalocean.CertificateType.LetsEncrypt,
* domains: ["example.com"],
* });
* ```
*
* ### Use with Other Resources
*
* Both custom and Let's Encrypt certificates can be used with other resources
* including the `digitalocean.LoadBalancer` and `digitalocean.Cdn` resources.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as digitalocean from "@pulumi/digitalocean";
*
* const cert = new digitalocean.Certificate("cert", {
* name: "le-example",
* type: digitalocean.CertificateType.LetsEncrypt,
* domains: ["example.com"],
* });
* // Create a new Load Balancer with TLS termination
* const _public = new digitalocean.LoadBalancer("public", {
* name: "secure-loadbalancer-1",
* region: digitalocean.Region.NYC3,
* dropletTag: "backend",
* forwardingRules: [{
* entryPort: 443,
* entryProtocol: "https",
* targetPort: 80,
* targetProtocol: "http",
* certificateName: cert.name,
* }],
* });
* ```
*
* ## Import
*
* Certificates can be imported using the certificate `name`, e.g.
*
* ```sh
* $ pulumi import digitalocean:index/certificate:Certificate mycertificate cert-01
* ```
*/
export declare class Certificate extends pulumi.CustomResource {
/**
* Get an existing Certificate resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CertificateState, opts?: pulumi.CustomResourceOptions): Certificate;
/**
* Returns true if the given object is an instance of Certificate. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Certificate;
/**
* The full PEM-formatted trust chain
* between the certificate authority's certificate and your domain's TLS
* certificate. Only valid when type is `custom`.
*/
readonly certificateChain: pulumi.Output<string | undefined>;
/**
* List of fully qualified domain names (FQDNs) for
* which the certificate will be issued. The domains must be managed using
* DigitalOcean's DNS. Only valid when type is `letsEncrypt`.
*/
readonly domains: pulumi.Output<string[] | undefined>;
/**
* The contents of a PEM-formatted public
* TLS certificate. Only valid when type is `custom`.
*/
readonly leafCertificate: pulumi.Output<string | undefined>;
/**
* The name of the certificate for identification.
*/
readonly name: pulumi.Output<string>;
/**
* The expiration date of the certificate
*/
readonly notAfter: pulumi.Output<string>;
/**
* The contents of a PEM-formatted private-key
* corresponding to the SSL certificate. Only valid when type is `custom`.
*/
readonly privateKey: pulumi.Output<string | undefined>;
/**
* The SHA-1 fingerprint of the certificate
*/
readonly sha1Fingerprint: pulumi.Output<string>;
readonly state: pulumi.Output<string>;
/**
* The type of certificate to provision. Can be either
* `custom` or `letsEncrypt`. Defaults to `custom`.
*/
readonly type: pulumi.Output<string | undefined>;
/**
* The UUID of the certificate
*/
readonly uuid: pulumi.Output<string>;
/**
* Create a Certificate resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args?: CertificateArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Certificate resources.
*/
export interface CertificateState {
/**
* The full PEM-formatted trust chain
* between the certificate authority's certificate and your domain's TLS
* certificate. Only valid when type is `custom`.
*/
certificateChain?: pulumi.Input<string>;
/**
* List of fully qualified domain names (FQDNs) for
* which the certificate will be issued. The domains must be managed using
* DigitalOcean's DNS. Only valid when type is `letsEncrypt`.
*/
domains?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The contents of a PEM-formatted public
* TLS certificate. Only valid when type is `custom`.
*/
leafCertificate?: pulumi.Input<string>;
/**
* The name of the certificate for identification.
*/
name?: pulumi.Input<string>;
/**
* The expiration date of the certificate
*/
notAfter?: pulumi.Input<string>;
/**
* The contents of a PEM-formatted private-key
* corresponding to the SSL certificate. Only valid when type is `custom`.
*/
privateKey?: pulumi.Input<string>;
/**
* The SHA-1 fingerprint of the certificate
*/
sha1Fingerprint?: pulumi.Input<string>;
state?: pulumi.Input<string>;
/**
* The type of certificate to provision. Can be either
* `custom` or `letsEncrypt`. Defaults to `custom`.
*/
type?: pulumi.Input<string | enums.CertificateType>;
/**
* The UUID of the certificate
*/
uuid?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a Certificate resource.
*/
export interface CertificateArgs {
/**
* The full PEM-formatted trust chain
* between the certificate authority's certificate and your domain's TLS
* certificate. Only valid when type is `custom`.
*/
certificateChain?: pulumi.Input<string>;
/**
* List of fully qualified domain names (FQDNs) for
* which the certificate will be issued. The domains must be managed using
* DigitalOcean's DNS. Only valid when type is `letsEncrypt`.
*/
domains?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The contents of a PEM-formatted public
* TLS certificate. Only valid when type is `custom`.
*/
leafCertificate?: pulumi.Input<string>;
/**
* The name of the certificate for identification.
*/
name?: pulumi.Input<string>;
/**
* The contents of a PEM-formatted private-key
* corresponding to the SSL certificate. Only valid when type is `custom`.
*/
privateKey?: pulumi.Input<string>;
/**
* The type of certificate to provision. Can be either
* `custom` or `letsEncrypt`. Defaults to `custom`.
*/
type?: pulumi.Input<string | enums.CertificateType>;
}