UNPKG

@pulumi/tls

Version:

A Pulumi package to create TLS resources in Pulumi programs.

pulumi.io

pulumi/pulumi-tls

117 lines (116 loc) 6.57 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
import * as pulumi from "@pulumi/pulumi"; /** * Get a public key from a PEM-encoded private key. * * Use this data source to get the public key from a [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) or [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) formatted private key, for use in other resources. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as std from "@pulumi/std"; * import * as tls from "@pulumi/tls"; * * const ed25519_example = new tls.PrivateKey("ed25519-example", {algorithm: "ED25519"}); * // Public key loaded from a terraform-generated private key, using the PEM (RFC 1421) format * const privateKeyPem_example = tls.getPublicKeyOutput({ * privateKeyPem: ed25519_example.privateKeyPem, * }); * // Public key loaded from filesystem, using the Open SSH (RFC 4716) format * const privateKeyOpenssh_example = std.file({ * input: "~/.ssh/id_rsa_rfc4716", * }).then(invoke => tls.getPublicKey({ * privateKeyOpenssh: invoke.result, * })); * ``` */ export declare function getPublicKey(args?: GetPublicKeyArgs, opts?: pulumi.InvokeOptions): Promise<GetPublicKeyResult>; /** * A collection of arguments for invoking getPublicKey. */ export interface GetPublicKeyArgs { /** * The private key (in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. This is *mutually exclusive* with `privateKeyPem`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`. */ privateKeyOpenssh?: string; /** * The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. This is *mutually exclusive* with `privateKeyOpenssh`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`. */ privateKeyPem?: string; } /** * A collection of values returned by getPublicKey. */ export interface GetPublicKeyResult { /** * The name of the algorithm used by the given private key. Possible values are: `RSA`, `ECDSA`, `ED25519`. */ readonly algorithm: string; /** * Unique identifier for this data source: hexadecimal representation of the SHA1 checksum of the data source. */ readonly id: string; /** * The private key (in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. This is *mutually exclusive* with `privateKeyPem`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`. */ readonly privateKeyOpenssh?: string; /** * The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. This is *mutually exclusive* with `privateKeyOpenssh`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`. */ readonly privateKeyPem?: string; /** * The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations. */ readonly publicKeyFingerprintMd5: string; /** * The fingerprint of the public key data in OpenSSH SHA256 hash format, e.g. `SHA256:...`. Only available if the selected private key format is compatible, as per the rules for `publicKeyOpenssh` and ECDSA P224 limitations. */ readonly publicKeyFingerprintSha256: string; /** * The public key, in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format. This is also known as ['Authorized Keys'](https://www.ssh.com/academy/ssh/authorized_keys/openssh#format-of-the-authorized-keys-file) format. This is not populated for `ECDSA` with curve `P224`, as it is not supported. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`. */ readonly publicKeyOpenssh: string; /** * The public key, in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. **NOTE**: the [underlying](https://pkg.go.dev/encoding/pem#Encode) [libraries](https://pkg.go.dev/golang.org/x/crypto/ssh#MarshalAuthorizedKey) that generate this value append a `\n` at the end of the PEM. In case this disrupts your use case, we recommend using `trimspace()`. */ readonly publicKeyPem: string; } /** * Get a public key from a PEM-encoded private key. * * Use this data source to get the public key from a [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) or [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) formatted private key, for use in other resources. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as std from "@pulumi/std"; * import * as tls from "@pulumi/tls"; * * const ed25519_example = new tls.PrivateKey("ed25519-example", {algorithm: "ED25519"}); * // Public key loaded from a terraform-generated private key, using the PEM (RFC 1421) format * const privateKeyPem_example = tls.getPublicKeyOutput({ * privateKeyPem: ed25519_example.privateKeyPem, * }); * // Public key loaded from filesystem, using the Open SSH (RFC 4716) format * const privateKeyOpenssh_example = std.file({ * input: "~/.ssh/id_rsa_rfc4716", * }).then(invoke => tls.getPublicKey({ * privateKeyOpenssh: invoke.result, * })); * ``` */ export declare function getPublicKeyOutput(args?: GetPublicKeyOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetPublicKeyResult>; /** * A collection of arguments for invoking getPublicKey. */ export interface GetPublicKeyOutputArgs { /** * The private key (in [OpenSSH PEM (RFC 4716)](https://datatracker.ietf.org/doc/html/rfc4716) format) to extract the public key from. This is *mutually exclusive* with `privateKeyPem`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`. */ privateKeyOpenssh?: pulumi.Input<string>; /** * The private key (in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format) to extract the public key from. This is *mutually exclusive* with `privateKeyOpenssh`. Currently-supported algorithms for keys are: `RSA`, `ECDSA`, `ED25519`. */ privateKeyPem?: pulumi.Input<string>; }