@pulumi/f5bigip
Version:
A Pulumi package for creating and managing F5 BigIP resources.
267 lines (266 loc) • 10.6 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
/**
* `f5bigip.sys.Ocsp` Manages F5 BIG-IP OCSP responder using iControl REST.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as f5bigip from "@pulumi/f5bigip";
*
* const test_ocsp = new f5bigip.sys.Ocsp("test-ocsp", {
* name: "/Uncommon/test-ocsp",
* proxyServerPool: "/Common/test-poolxyz",
* signerKey: "/Common/le-ssl",
* signerCert: "/Common/le-ssl",
* passphrase: "testabcdef",
* });
* ```
*
* ## Importing
*
* An existing OCSP can be imported into this resource by supplying the full path name ex : `/partition/name`
* An example is below:
* ```sh
* $ terraform import bigip_sys_ocsp.test-ocsp /Common/test-ocsp
* ```
*/
export declare class Ocsp extends pulumi.CustomResource {
/**
* Get an existing Ocsp resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: OcspState, opts?: pulumi.CustomResourceOptions): Ocsp;
/**
* Returns true if the given object is an instance of Ocsp. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Ocsp;
/**
* Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is `3600`.
*/
readonly cacheErrorTimeout: pulumi.Output<number | undefined>;
/**
* Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is `indefinite`.
*/
readonly cacheTimeout: pulumi.Output<string | undefined>;
/**
* Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is `300`.
*/
readonly clockSkew: pulumi.Output<number | undefined>;
/**
* Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is `50`.
*/
readonly concurrentConnectionsLimit: pulumi.Output<number | undefined>;
/**
* Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is `8`.
*/
readonly connectionTimeout: pulumi.Output<number | undefined>;
/**
* Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
*/
readonly dnsResolver: pulumi.Output<string | undefined>;
/**
* Name of the OCSP Responder. Name should be in pattern `/partition/ocsp_name`.
*/
readonly name: pulumi.Output<string>;
/**
* Specifies a passphrase used to sign an OCSP request.
*/
readonly passphrase: pulumi.Output<string | undefined>;
/**
* Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
*/
readonly proxyServerPool: pulumi.Output<string | undefined>;
/**
* Specifies the URL of the OCSP responder.
*/
readonly responderUrl: pulumi.Output<string | undefined>;
/**
* Specifies the route domain for the OCSP responder.
*/
readonly routeDomain: pulumi.Output<string | undefined>;
/**
* Specifies the hash algorithm used to sign the OCSP request. The default value is `sha256`.
*/
readonly signHash: pulumi.Output<string | undefined>;
/**
* Specifies the certificate used to sign the OCSP request.
*/
readonly signerCert: pulumi.Output<string | undefined>;
/**
* Specifies the key used to sign the OCSP request.
*/
readonly signerKey: pulumi.Output<string | undefined>;
/**
* Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is `0`.
*/
readonly statusAge: pulumi.Output<number | undefined>;
/**
* Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is `enabled`.
*/
readonly strictRespCertCheck: pulumi.Output<string | undefined>;
/**
* Specifies the certificates used for validating the OCSP response.
*/
readonly trustedResponders: pulumi.Output<string | undefined>;
/**
* Create a Ocsp resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: OcspArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Ocsp resources.
*/
export interface OcspState {
/**
* Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is `3600`.
*/
cacheErrorTimeout?: pulumi.Input<number>;
/**
* Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is `indefinite`.
*/
cacheTimeout?: pulumi.Input<string>;
/**
* Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is `300`.
*/
clockSkew?: pulumi.Input<number>;
/**
* Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is `50`.
*/
concurrentConnectionsLimit?: pulumi.Input<number>;
/**
* Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is `8`.
*/
connectionTimeout?: pulumi.Input<number>;
/**
* Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
*/
dnsResolver?: pulumi.Input<string>;
/**
* Name of the OCSP Responder. Name should be in pattern `/partition/ocsp_name`.
*/
name?: pulumi.Input<string>;
/**
* Specifies a passphrase used to sign an OCSP request.
*/
passphrase?: pulumi.Input<string>;
/**
* Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
*/
proxyServerPool?: pulumi.Input<string>;
/**
* Specifies the URL of the OCSP responder.
*/
responderUrl?: pulumi.Input<string>;
/**
* Specifies the route domain for the OCSP responder.
*/
routeDomain?: pulumi.Input<string>;
/**
* Specifies the hash algorithm used to sign the OCSP request. The default value is `sha256`.
*/
signHash?: pulumi.Input<string>;
/**
* Specifies the certificate used to sign the OCSP request.
*/
signerCert?: pulumi.Input<string>;
/**
* Specifies the key used to sign the OCSP request.
*/
signerKey?: pulumi.Input<string>;
/**
* Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is `0`.
*/
statusAge?: pulumi.Input<number>;
/**
* Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is `enabled`.
*/
strictRespCertCheck?: pulumi.Input<string>;
/**
* Specifies the certificates used for validating the OCSP response.
*/
trustedResponders?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a Ocsp resource.
*/
export interface OcspArgs {
/**
* Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is `3600`.
*/
cacheErrorTimeout?: pulumi.Input<number>;
/**
* Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is `indefinite`.
*/
cacheTimeout?: pulumi.Input<string>;
/**
* Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is `300`.
*/
clockSkew?: pulumi.Input<number>;
/**
* Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is `50`.
*/
concurrentConnectionsLimit?: pulumi.Input<number>;
/**
* Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is `8`.
*/
connectionTimeout?: pulumi.Input<number>;
/**
* Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
*/
dnsResolver?: pulumi.Input<string>;
/**
* Name of the OCSP Responder. Name should be in pattern `/partition/ocsp_name`.
*/
name: pulumi.Input<string>;
/**
* Specifies a passphrase used to sign an OCSP request.
*/
passphrase?: pulumi.Input<string>;
/**
* Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
*/
proxyServerPool?: pulumi.Input<string>;
/**
* Specifies the URL of the OCSP responder.
*/
responderUrl?: pulumi.Input<string>;
/**
* Specifies the route domain for the OCSP responder.
*/
routeDomain?: pulumi.Input<string>;
/**
* Specifies the hash algorithm used to sign the OCSP request. The default value is `sha256`.
*/
signHash?: pulumi.Input<string>;
/**
* Specifies the certificate used to sign the OCSP request.
*/
signerCert?: pulumi.Input<string>;
/**
* Specifies the key used to sign the OCSP request.
*/
signerKey?: pulumi.Input<string>;
/**
* Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is `0`.
*/
statusAge?: pulumi.Input<number>;
/**
* Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is `enabled`.
*/
strictRespCertCheck?: pulumi.Input<string>;
/**
* Specifies the certificates used for validating the OCSP response.
*/
trustedResponders?: pulumi.Input<string>;
}