Docs
PackagesTry AWS Native preview for resources not in the classic version.
AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi
aws.acmpca.getCertificateAuthority
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi
Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.acmpca.getCertificateAuthority({
arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
});
import pulumi
import pulumi_aws as aws
example = aws.acmpca.get_certificate_authority(arn="arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := acmpca.LookupCertificateAuthority(ctx, &acmpca.LookupCertificateAuthorityArgs{
Arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Acmpca.GetCertificateAuthority.Invoke(new()
{
Arn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.acmpca.AcmpcaFunctions;
import com.pulumi.aws.acmpca.inputs.GetCertificateAuthorityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = AcmpcaFunctions.getCertificateAuthority(GetCertificateAuthorityArgs.builder()
.arn("arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
.build());
}
}
variables:
example:
fn::invoke:
Function: aws:acmpca:getCertificateAuthority
Arguments:
arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012
Using getCertificateAuthority
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getCertificateAuthority(args: GetCertificateAuthorityArgs, opts?: InvokeOptions): Promise<GetCertificateAuthorityResult>
function getCertificateAuthorityOutput(args: GetCertificateAuthorityOutputArgs, opts?: InvokeOptions): Output<GetCertificateAuthorityResult>def get_certificate_authority(arn: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
opts: Optional[InvokeOptions] = None) -> GetCertificateAuthorityResult
def get_certificate_authority_output(arn: Optional[pulumi.Input[str]] = None,
tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetCertificateAuthorityResult]func LookupCertificateAuthority(ctx *Context, args *LookupCertificateAuthorityArgs, opts ...InvokeOption) (*LookupCertificateAuthorityResult, error)
func LookupCertificateAuthorityOutput(ctx *Context, args *LookupCertificateAuthorityOutputArgs, opts ...InvokeOption) LookupCertificateAuthorityResultOutput> Note: This function is named LookupCertificateAuthority in the Go SDK.
public static class GetCertificateAuthority
{
public static Task<GetCertificateAuthorityResult> InvokeAsync(GetCertificateAuthorityArgs args, InvokeOptions? opts = null)
public static Output<GetCertificateAuthorityResult> Invoke(GetCertificateAuthorityInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetCertificateAuthorityResult> getCertificateAuthority(GetCertificateAuthorityArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws:acmpca/getCertificateAuthority:getCertificateAuthority
arguments:
# arguments dictionaryThe following arguments are supported:
- Arn string
- ARN of the certificate authority.
- Dictionary<string, string>
- Key-value map of user-defined tags that are attached to the certificate authority.
- Arn string
- ARN of the certificate authority.
- map[string]string
- Key-value map of user-defined tags that are attached to the certificate authority.
- arn String
- ARN of the certificate authority.
- Map<String,String>
- Key-value map of user-defined tags that are attached to the certificate authority.
- arn string
- ARN of the certificate authority.
- {[key: string]: string}
- Key-value map of user-defined tags that are attached to the certificate authority.
- arn str
- ARN of the certificate authority.
- Mapping[str, str]
- Key-value map of user-defined tags that are attached to the certificate authority.
- arn String
- ARN of the certificate authority.
- Map<String>
- Key-value map of user-defined tags that are attached to the certificate authority.
getCertificateAuthority Result
The following output properties are available:
- Arn string
- Certificate string
- Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Chain string - Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Signing stringRequest - The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- Id string
- The provider-assigned unique ID for this managed resource.
- Key
Storage stringSecurity Standard - Not
After string - Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Not
Before string - Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Revocation
Configurations List<GetCertificate Authority Revocation Configuration> - Nested attribute containing revocation configuration.
- Serial string
- Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- Status string
- Status of the certificate authority.
- Dictionary<string, string>
- Key-value map of user-defined tags that are attached to the certificate authority.
- Type string
- Type of the certificate authority.
- Usage
Mode string - Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- Arn string
- Certificate string
- Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Chain string - Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- Certificate
Signing stringRequest - The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- Id string
- The provider-assigned unique ID for this managed resource.
- Key
Storage stringSecurity Standard - Not
After string - Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Not
Before string - Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- Revocation
Configurations []GetCertificate Authority Revocation Configuration - Nested attribute containing revocation configuration.
- Serial string
- Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- Status string
- Status of the certificate authority.
- map[string]string
- Key-value map of user-defined tags that are attached to the certificate authority.
- Type string
- Type of the certificate authority.
- Usage
Mode string - Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn String
- certificate String
- Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate
Chain String - Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate
Signing StringRequest - The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id String
- The provider-assigned unique ID for this managed resource.
- key
Storage StringSecurity Standard - not
After String - Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not
Before String - Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation
Configurations List<GetCertificate Authority Revocation Configuration> - Nested attribute containing revocation configuration.
- serial String
- Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status String
- Status of the certificate authority.
- Map<String,String>
- Key-value map of user-defined tags that are attached to the certificate authority.
- type String
- Type of the certificate authority.
- usage
Mode String - Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn string
- certificate string
- Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate
Chain string - Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate
Signing stringRequest - The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id string
- The provider-assigned unique ID for this managed resource.
- key
Storage stringSecurity Standard - not
After string - Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not
Before string - Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation
Configurations GetCertificate Authority Revocation Configuration[] - Nested attribute containing revocation configuration.
- serial string
- Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status string
- Status of the certificate authority.
- {[key: string]: string}
- Key-value map of user-defined tags that are attached to the certificate authority.
- type string
- Type of the certificate authority.
- usage
Mode string - Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn str
- certificate str
- Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate_
chain str - Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate_
signing_ strrequest - The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id str
- The provider-assigned unique ID for this managed resource.
- key_
storage_ strsecurity_ standard - not_
after str - Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not_
before str - Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation_
configurations Sequence[GetCertificate Authority Revocation Configuration] - Nested attribute containing revocation configuration.
- serial str
- Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status str
- Status of the certificate authority.
- Mapping[str, str]
- Key-value map of user-defined tags that are attached to the certificate authority.
- type str
- Type of the certificate authority.
- usage_
mode str - Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
- arn String
- certificate String
- Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
- certificate
Chain String - Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
- certificate
Signing StringRequest - The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
- id String
- The provider-assigned unique ID for this managed resource.
- key
Storage StringSecurity Standard - not
After String - Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- not
Before String - Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
- revocation
Configurations List<Property Map> - Nested attribute containing revocation configuration.
- serial String
- Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
- status String
- Status of the certificate authority.
- Map<String>
- Key-value map of user-defined tags that are attached to the certificate authority.
- type String
- Type of the certificate authority.
- usage
Mode String - Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.
Supporting Types
GetCertificateAuthorityRevocationConfiguration
- Crl
Configurations List<GetCertificate Authority Revocation Configuration Crl Configuration> - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
- Ocsp
Configurations List<GetCertificate Authority Revocation Configuration Ocsp Configuration>
- Crl
Configurations []GetCertificate Authority Revocation Configuration Crl Configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
- Ocsp
Configurations []GetCertificate Authority Revocation Configuration Ocsp Configuration
- crl
Configurations List<GetCertificate Authority Revocation Configuration Crl Configuration> - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
- ocsp
Configurations List<GetCertificate Authority Revocation Configuration Ocsp Configuration>
- crl
Configurations GetCertificate Authority Revocation Configuration Crl Configuration[] - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
- ocsp
Configurations GetCertificate Authority Revocation Configuration Ocsp Configuration[]
- crl_
configurations Sequence[GetCertificate Authority Revocation Configuration Crl Configuration] - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
- ocsp_
configurations Sequence[GetCertificate Authority Revocation Configuration Ocsp Configuration]
- crl
Configurations List<Property Map> - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.
- ocsp
Configurations List<Property Map>
GetCertificateAuthorityRevocationConfigurationCrlConfiguration
- Custom
Cname string - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
- Enabled bool
- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
- Expiration
In intDays - Number of days until a certificate expires.
- S3Bucket
Name string - Name of the S3 bucket that contains the CRL.
- S3Object
Acl string - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
- Custom
Cname string - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
- Enabled bool
- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
- Expiration
In intDays - Number of days until a certificate expires.
- S3Bucket
Name string - Name of the S3 bucket that contains the CRL.
- S3Object
Acl string - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
- custom
Cname String - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
- enabled Boolean
- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
- expiration
In IntegerDays - Number of days until a certificate expires.
- s3Bucket
Name String - Name of the S3 bucket that contains the CRL.
- s3Object
Acl String - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
- custom
Cname string - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
- enabled boolean
- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
- expiration
In numberDays - Number of days until a certificate expires.
- s3Bucket
Name string - Name of the S3 bucket that contains the CRL.
- s3Object
Acl string - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
- custom_
cname str - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
- enabled bool
- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
- expiration_
in_ intdays - Number of days until a certificate expires.
- s3_
bucket_ strname - Name of the S3 bucket that contains the CRL.
- s3_
object_ stracl - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
- custom
Cname String - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.
- enabled Boolean
- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.
- expiration
In NumberDays - Number of days until a certificate expires.
- s3Bucket
Name String - Name of the S3 bucket that contains the CRL.
- s3Object
Acl String - Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.
GetCertificateAuthorityRevocationConfigurationOcspConfiguration
- Enabled bool
- Boolean value that specifies whether a custom OCSP responder is enabled.
- Ocsp
Custom stringCname - A CNAME specifying a customized OCSP domain.
- Enabled bool
- Boolean value that specifies whether a custom OCSP responder is enabled.
- Ocsp
Custom stringCname - A CNAME specifying a customized OCSP domain.
- enabled Boolean
- Boolean value that specifies whether a custom OCSP responder is enabled.
- ocsp
Custom StringCname - A CNAME specifying a customized OCSP domain.
- enabled boolean
- Boolean value that specifies whether a custom OCSP responder is enabled.
- ocsp
Custom stringCname - A CNAME specifying a customized OCSP domain.
- enabled bool
- Boolean value that specifies whether a custom OCSP responder is enabled.
- ocsp_
custom_ strcname - A CNAME specifying a customized OCSP domain.
- enabled Boolean
- Boolean value that specifies whether a custom OCSP responder is enabled.
- ocsp
Custom StringCname - A CNAME specifying a customized OCSP domain.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi