AWS Classic v6.42.0, Jun 26 24

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws

aws.directconnect.MacsecKeyAssociation

Explore with Pulumi AI

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws

Creating this resource will also create a resource of type aws.secretsmanager.Secret which is managed by Direct Connect. While you can import this resource into your state, because this secret is managed by Direct Connect, you will not be able to make any modifications to it. See How AWS Direct Connect uses AWS Secrets Manager for details.

Note: All arguments including ckn and cak will be stored in the raw state as plain-text. Note: The secret_arn argument can only be used to reference a previously created MACSec key. You cannot associate a Secrets Manager secret created outside of the aws.directconnect.MacsecKeyAssociation resource.

Example Usage

Create MACSec key with CKN and CAK

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.directconnect.getConnection({
    name: "tf-dx-connection",
});
const test = new aws.directconnect.MacsecKeyAssociation("test", {
    connectionId: example.then(example => example.id),
    ckn: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
    cak: "abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
});

import pulumi
import pulumi_aws as aws

example = aws.directconnect.get_connection(name="tf-dx-connection")
test = aws.directconnect.MacsecKeyAssociation("test",
    connection_id=example.id,
    ckn="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
    cak="abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := directconnect.LookupConnection(ctx, &directconnect.LookupConnectionArgs{
			Name: "tf-dx-connection",
		}, nil)
		if err != nil {
			return err
		}
		_, err = directconnect.NewMacsecKeyAssociation(ctx, "test", &directconnect.MacsecKeyAssociationArgs{
			ConnectionId: pulumi.String(example.Id),
			Ckn:          pulumi.String("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"),
			Cak:          pulumi.String("abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.DirectConnect.GetConnection.Invoke(new()
    {
        Name = "tf-dx-connection",
    });

    var test = new Aws.DirectConnect.MacsecKeyAssociation("test", new()
    {
        ConnectionId = example.Apply(getConnectionResult => getConnectionResult.Id),
        Ckn = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
        Cak = "abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.directconnect.DirectconnectFunctions;
import com.pulumi.aws.directconnect.inputs.GetConnectionArgs;
import com.pulumi.aws.directconnect.MacsecKeyAssociation;
import com.pulumi.aws.directconnect.MacsecKeyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = DirectconnectFunctions.getConnection(GetConnectionArgs.builder()
            .name("tf-dx-connection")
            .build());

        var test = new MacsecKeyAssociation("test", MacsecKeyAssociationArgs.builder()
            .connectionId(example.applyValue(getConnectionResult -> getConnectionResult.id()))
            .ckn("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
            .cak("abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789")
            .build());

    }
}

resources:
  test:
    type: aws:directconnect:MacsecKeyAssociation
    properties:
      connectionId: ${example.id}
      ckn: 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
      cak: abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789
variables:
  example:
    fn::invoke:
      Function: aws:directconnect:getConnection
      Arguments:
        name: tf-dx-connection

Create MACSec key with existing Secrets Manager secret

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.directconnect.getConnection({
    name: "tf-dx-connection",
});
const exampleGetSecret = aws.secretsmanager.getSecret({
    name: "directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
});
const test = new aws.directconnect.MacsecKeyAssociation("test", {
    connectionId: example.then(example => example.id),
    secretArn: exampleGetSecret.then(exampleGetSecret => exampleGetSecret.arn),
});

import pulumi
import pulumi_aws as aws

example = aws.directconnect.get_connection(name="tf-dx-connection")
example_get_secret = aws.secretsmanager.get_secret(name="directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
test = aws.directconnect.MacsecKeyAssociation("test",
    connection_id=example.id,
    secret_arn=example_get_secret.arn)

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := directconnect.LookupConnection(ctx, &directconnect.LookupConnectionArgs{
			Name: "tf-dx-connection",
		}, nil)
		if err != nil {
			return err
		}
		exampleGetSecret, err := secretsmanager.LookupSecret(ctx, &secretsmanager.LookupSecretArgs{
			Name: pulumi.StringRef("directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = directconnect.NewMacsecKeyAssociation(ctx, "test", &directconnect.MacsecKeyAssociationArgs{
			ConnectionId: pulumi.String(example.Id),
			SecretArn:    pulumi.String(exampleGetSecret.Arn),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.DirectConnect.GetConnection.Invoke(new()
    {
        Name = "tf-dx-connection",
    });

    var exampleGetSecret = Aws.SecretsManager.GetSecret.Invoke(new()
    {
        Name = "directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
    });

    var test = new Aws.DirectConnect.MacsecKeyAssociation("test", new()
    {
        ConnectionId = example.Apply(getConnectionResult => getConnectionResult.Id),
        SecretArn = exampleGetSecret.Apply(getSecretResult => getSecretResult.Arn),
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.directconnect.DirectconnectFunctions;
import com.pulumi.aws.directconnect.inputs.GetConnectionArgs;
import com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;
import com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;
import com.pulumi.aws.directconnect.MacsecKeyAssociation;
import com.pulumi.aws.directconnect.MacsecKeyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = DirectconnectFunctions.getConnection(GetConnectionArgs.builder()
            .name("tf-dx-connection")
            .build());

        final var exampleGetSecret = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()
            .name("directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
            .build());

        var test = new MacsecKeyAssociation("test", MacsecKeyAssociationArgs.builder()
            .connectionId(example.applyValue(getConnectionResult -> getConnectionResult.id()))
            .secretArn(exampleGetSecret.applyValue(getSecretResult -> getSecretResult.arn()))
            .build());

    }
}

resources:
  test:
    type: aws:directconnect:MacsecKeyAssociation
    properties:
      connectionId: ${example.id}
      secretArn: ${exampleGetSecret.arn}
variables:
  example:
    fn::invoke:
      Function: aws:directconnect:getConnection
      Arguments:
        name: tf-dx-connection
  exampleGetSecret:
    fn::invoke:
      Function: aws:secretsmanager:getSecret
      Arguments:
        name: directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef

Create MacsecKeyAssociation Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new MacsecKeyAssociation(name: string, args: MacsecKeyAssociationArgs, opts?: CustomResourceOptions);

@overload
def MacsecKeyAssociation(resource_name: str,
                         args: MacsecKeyAssociationArgs,
                         opts: Optional[ResourceOptions] = None)

@overload
def MacsecKeyAssociation(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         connection_id: Optional[str] = None,
                         cak: Optional[str] = None,
                         ckn: Optional[str] = None,
                         secret_arn: Optional[str] = None)

func NewMacsecKeyAssociation(ctx *Context, name string, args MacsecKeyAssociationArgs, opts ...ResourceOption) (*MacsecKeyAssociation, error)

public MacsecKeyAssociation(string name, MacsecKeyAssociationArgs args, CustomResourceOptions? opts = null)

public MacsecKeyAssociation(String name, MacsecKeyAssociationArgs args)
public MacsecKeyAssociation(String name, MacsecKeyAssociationArgs args, CustomResourceOptions options)

type: aws:directconnect:MacsecKeyAssociation
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args MacsecKeyAssociationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args MacsecKeyAssociationArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args MacsecKeyAssociationArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args MacsecKeyAssociationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args MacsecKeyAssociationArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var macsecKeyAssociationResource = new Aws.DirectConnect.MacsecKeyAssociation("macsecKeyAssociationResource", new()
{
    ConnectionId = "string",
    Cak = "string",
    Ckn = "string",
    SecretArn = "string",
});

example, err := directconnect.NewMacsecKeyAssociation(ctx, "macsecKeyAssociationResource", &directconnect.MacsecKeyAssociationArgs{
	ConnectionId: pulumi.String("string"),
	Cak:          pulumi.String("string"),
	Ckn:          pulumi.String("string"),
	SecretArn:    pulumi.String("string"),
})

var macsecKeyAssociationResource = new MacsecKeyAssociation("macsecKeyAssociationResource", MacsecKeyAssociationArgs.builder()
    .connectionId("string")
    .cak("string")
    .ckn("string")
    .secretArn("string")
    .build());

macsec_key_association_resource = aws.directconnect.MacsecKeyAssociation("macsecKeyAssociationResource",
    connection_id="string",
    cak="string",
    ckn="string",
    secret_arn="string")

const macsecKeyAssociationResource = new aws.directconnect.MacsecKeyAssociation("macsecKeyAssociationResource", {
    connectionId: "string",
    cak: "string",
    ckn: "string",
    secretArn: "string",
});

type: aws:directconnect:MacsecKeyAssociation
properties:
    cak: string
    ckn: string
    connectionId: string
    secretArn: string

MacsecKeyAssociation Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The MacsecKeyAssociation resource accepts the following input properties:

ConnectionId string: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
Cak string: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
Ckn string: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
SecretArn string: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.

ConnectionId string: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
Cak string: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
Ckn string: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
SecretArn string: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.

connectionId String: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
cak String: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn String: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
secretArn String: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.

connectionId string: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
cak string: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn string: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
secretArn string: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.

connection_id str: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
cak str: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn str: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
secret_arn str: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.

connectionId String: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
cak String: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn String: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
secretArn String: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.

Outputs

All input properties are implicitly available as output properties. Additionally, the MacsecKeyAssociation resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
StartOn string: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
State string: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

Id string: The provider-assigned unique ID for this managed resource.
StartOn string: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
State string: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

id String: The provider-assigned unique ID for this managed resource.
startOn String: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state String: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

id string: The provider-assigned unique ID for this managed resource.
startOn string: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state string: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

id str: The provider-assigned unique ID for this managed resource.
start_on str: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state str: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

id String: The provider-assigned unique ID for this managed resource.
startOn String: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state String: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

Look up Existing MacsecKeyAssociation Resource

Get an existing MacsecKeyAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: MacsecKeyAssociationState, opts?: CustomResourceOptions): MacsecKeyAssociation

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        cak: Optional[str] = None,
        ckn: Optional[str] = None,
        connection_id: Optional[str] = None,
        secret_arn: Optional[str] = None,
        start_on: Optional[str] = None,
        state: Optional[str] = None) -> MacsecKeyAssociation

func GetMacsecKeyAssociation(ctx *Context, name string, id IDInput, state *MacsecKeyAssociationState, opts ...ResourceOption) (*MacsecKeyAssociation, error)

public static MacsecKeyAssociation Get(string name, Input<string> id, MacsecKeyAssociationState? state, CustomResourceOptions? opts = null)

public static MacsecKeyAssociation get(String name, Output<String> id, MacsecKeyAssociationState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Cak string: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
Ckn string: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
ConnectionId string: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
SecretArn string: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.
StartOn string: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
State string: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

Cak string: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
Ckn string: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
ConnectionId string: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
SecretArn string: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.
StartOn string: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
State string: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

cak String: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn String: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
connectionId String: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
secretArn String: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.
startOn String: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state String: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

cak string: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn string: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
connectionId string: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
secretArn string: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.
startOn string: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state string: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

cak str: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn str: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
connection_id str: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
secret_arn str: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.
start_on str: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state str: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

cak String: The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.
ckn String: The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.
connectionId String: The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.
secretArn String: The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.
Note: ckn and cak are mutually exclusive with secret_arn - these arguments cannot be used together. If you use ckn and cak, you should not use secret_arn. If you use the secret_arn argument to reference an existing MAC Security (MACSec) secret key, you should not use ckn or cak.
startOn String: The date in UTC format that the MAC Security (MACsec) secret key takes effect.
state String: The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws

aws.directconnect.MacsecKeyAssociation

On this page

On this page

Example Usage

Create MACSec key with CKN and CAK

Create MACSec key with existing Secrets Manager secret

Create MacsecKeyAssociation Resource

Constructor syntax

Parameters

Constructor example

MacsecKeyAssociation Resource Properties

Inputs

Outputs

Look up Existing MacsecKeyAssociation Resource

Package Details

On this page

On this page