Docs
PackagesVenafi v1.10.0 published on Wednesday, Jun 12, 2024 by Pulumi
venafi.CloudKeystoreInstallation
Explore with Pulumi AI
Provisions a certificate from Venafi Control Plane’s inventory to any of the supported Cloud Providers: Amazon Certificate Manager, Azure KeyVault or Google Certificate Manager. Exports the ID of the provisioned certificate: certificate name for AKV and GCM or ARN for ACM.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as venafi from "@pulumi/venafi";
// Provision a certificate to cloud keystore with static values
const ckInstallationExampleById = new venafi.CloudKeystoreInstallation("ck_installation_example_by_id", {
cloudKeystoreId: "e48897d0-2762-11ef-198k-79ac590dd358",
certificateId: "1877af16-2762-11ef-8fab-cc123456ff7",
cloudCertificateName: "com-terraform-example-com",
});
// Provision a certificate to cloud keystore
const ckInstallationExample = new venafi.CloudKeystoreInstallation("ck_installation_example", {
cloudKeystoreId: ckExample.id,
certificateId: certificateExample.certificateId,
cloudCertificateName: certificateExample.commonName,
});
import pulumi
import pulumi_venafi as venafi
# Provision a certificate to cloud keystore with static values
ck_installation_example_by_id = venafi.CloudKeystoreInstallation("ck_installation_example_by_id",
cloud_keystore_id="e48897d0-2762-11ef-198k-79ac590dd358",
certificate_id="1877af16-2762-11ef-8fab-cc123456ff7",
cloud_certificate_name="com-terraform-example-com")
# Provision a certificate to cloud keystore
ck_installation_example = venafi.CloudKeystoreInstallation("ck_installation_example",
cloud_keystore_id=ck_example["id"],
certificate_id=certificate_example["certificateId"],
cloud_certificate_name=certificate_example["commonName"])
package main
import (
"github.com/pulumi/pulumi-venafi/sdk/go/venafi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Provision a certificate to cloud keystore with static values
_, err := venafi.NewCloudKeystoreInstallation(ctx, "ck_installation_example_by_id", &venafi.CloudKeystoreInstallationArgs{
CloudKeystoreId: pulumi.String("e48897d0-2762-11ef-198k-79ac590dd358"),
CertificateId: pulumi.String("1877af16-2762-11ef-8fab-cc123456ff7"),
CloudCertificateName: pulumi.String("com-terraform-example-com"),
})
if err != nil {
return err
}
// Provision a certificate to cloud keystore
_, err = venafi.NewCloudKeystoreInstallation(ctx, "ck_installation_example", &venafi.CloudKeystoreInstallationArgs{
CloudKeystoreId: pulumi.Any(ckExample.Id),
CertificateId: pulumi.Any(certificateExample.CertificateId),
CloudCertificateName: pulumi.Any(certificateExample.CommonName),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Venafi = Pulumi.Venafi;
return await Deployment.RunAsync(() =>
{
// Provision a certificate to cloud keystore with static values
var ckInstallationExampleById = new Venafi.CloudKeystoreInstallation("ck_installation_example_by_id", new()
{
CloudKeystoreId = "e48897d0-2762-11ef-198k-79ac590dd358",
CertificateId = "1877af16-2762-11ef-8fab-cc123456ff7",
CloudCertificateName = "com-terraform-example-com",
});
// Provision a certificate to cloud keystore
var ckInstallationExample = new Venafi.CloudKeystoreInstallation("ck_installation_example", new()
{
CloudKeystoreId = ckExample.Id,
CertificateId = certificateExample.CertificateId,
CloudCertificateName = certificateExample.CommonName,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.venafi.CloudKeystoreInstallation;
import com.pulumi.venafi.CloudKeystoreInstallationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Provision a certificate to cloud keystore with static values
var ckInstallationExampleById = new CloudKeystoreInstallation("ckInstallationExampleById", CloudKeystoreInstallationArgs.builder()
.cloudKeystoreId("e48897d0-2762-11ef-198k-79ac590dd358")
.certificateId("1877af16-2762-11ef-8fab-cc123456ff7")
.cloudCertificateName("com-terraform-example-com")
.build());
// Provision a certificate to cloud keystore
var ckInstallationExample = new CloudKeystoreInstallation("ckInstallationExample", CloudKeystoreInstallationArgs.builder()
.cloudKeystoreId(ckExample.id())
.certificateId(certificateExample.certificateId())
.cloudCertificateName(certificateExample.commonName())
.build());
}
}
resources:
# Provision a certificate to cloud keystore with static values
ckInstallationExampleById:
type: venafi:CloudKeystoreInstallation
name: ck_installation_example_by_id
properties:
cloudKeystoreId: e48897d0-2762-11ef-198k-79ac590dd358
certificateId: 1877af16-2762-11ef-8fab-cc123456ff7
cloudCertificateName: com-terraform-example-com
# Provision a certificate to cloud keystore
ckInstallationExample:
type: venafi:CloudKeystoreInstallation
name: ck_installation_example
properties:
cloudKeystoreId: ${ckExample.id}
certificateId: ${certificateExample.certificateId}
cloudCertificateName: ${certificateExample.commonName}
Create CloudKeystoreInstallation Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CloudKeystoreInstallation(name: string, args: CloudKeystoreInstallationArgs, opts?: CustomResourceOptions);@overload
def CloudKeystoreInstallation(resource_name: str,
args: CloudKeystoreInstallationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CloudKeystoreInstallation(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate_id: Optional[str] = None,
cloud_keystore_id: Optional[str] = None,
arn: Optional[str] = None,
cloud_certificate_name: Optional[str] = None)func NewCloudKeystoreInstallation(ctx *Context, name string, args CloudKeystoreInstallationArgs, opts ...ResourceOption) (*CloudKeystoreInstallation, error)public CloudKeystoreInstallation(string name, CloudKeystoreInstallationArgs args, CustomResourceOptions? opts = null)
public CloudKeystoreInstallation(String name, CloudKeystoreInstallationArgs args)
public CloudKeystoreInstallation(String name, CloudKeystoreInstallationArgs args, CustomResourceOptions options)
type: venafi:CloudKeystoreInstallation
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CloudKeystoreInstallationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CloudKeystoreInstallationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CloudKeystoreInstallationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CloudKeystoreInstallationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CloudKeystoreInstallationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cloudKeystoreInstallationResource = new Venafi.CloudKeystoreInstallation("cloudKeystoreInstallationResource", new()
{
CertificateId = "string",
CloudKeystoreId = "string",
Arn = "string",
CloudCertificateName = "string",
});
example, err := venafi.NewCloudKeystoreInstallation(ctx, "cloudKeystoreInstallationResource", &venafi.CloudKeystoreInstallationArgs{
CertificateId: pulumi.String("string"),
CloudKeystoreId: pulumi.String("string"),
Arn: pulumi.String("string"),
CloudCertificateName: pulumi.String("string"),
})
var cloudKeystoreInstallationResource = new CloudKeystoreInstallation("cloudKeystoreInstallationResource", CloudKeystoreInstallationArgs.builder()
.certificateId("string")
.cloudKeystoreId("string")
.arn("string")
.cloudCertificateName("string")
.build());
cloud_keystore_installation_resource = venafi.CloudKeystoreInstallation("cloudKeystoreInstallationResource",
certificate_id="string",
cloud_keystore_id="string",
arn="string",
cloud_certificate_name="string")
const cloudKeystoreInstallationResource = new venafi.CloudKeystoreInstallation("cloudKeystoreInstallationResource", {
certificateId: "string",
cloudKeystoreId: "string",
arn: "string",
cloudCertificateName: "string",
});
type: venafi:CloudKeystoreInstallation
properties:
arn: string
certificateId: string
cloudCertificateName: string
cloudKeystoreId: string
CloudKeystoreInstallation Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The CloudKeystoreInstallation resource accepts the following input properties:
- Certificate
Id string - ID of the certificate to be provisioned to the given
keystore_id. - Cloud
Keystore stringId - ID of the cloud keystore where the certificate will be provisioned.
- Arn string
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- Cloud
Certificate stringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores.
- Certificate
Id string - ID of the certificate to be provisioned to the given
keystore_id. - Cloud
Keystore stringId - ID of the cloud keystore where the certificate will be provisioned.
- Arn string
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- Cloud
Certificate stringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores.
- certificate
Id String - ID of the certificate to be provisioned to the given
keystore_id. - cloud
Keystore StringId - ID of the cloud keystore where the certificate will be provisioned.
- arn String
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- cloud
Certificate StringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores.
- certificate
Id string - ID of the certificate to be provisioned to the given
keystore_id. - cloud
Keystore stringId - ID of the cloud keystore where the certificate will be provisioned.
- arn string
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- cloud
Certificate stringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores.
- certificate_
id str - ID of the certificate to be provisioned to the given
keystore_id. - cloud_
keystore_ strid - ID of the cloud keystore where the certificate will be provisioned.
- arn str
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- cloud_
certificate_ strname - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores.
- certificate
Id String - ID of the certificate to be provisioned to the given
keystore_id. - cloud
Keystore StringId - ID of the cloud keystore where the certificate will be provisioned.
- arn String
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- cloud
Certificate StringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores.
Outputs
All input properties are implicitly available as output properties. Additionally, the CloudKeystoreInstallation resource produces the following output properties:
- Cloud
Certificate stringId - ID of the certificate after it has been provisioned to the cloud keystore
- Cloud
Certificate Dictionary<string, string>Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- Id string
- The provider-assigned unique ID for this managed resource.
- Cloud
Certificate stringId - ID of the certificate after it has been provisioned to the cloud keystore
- Cloud
Certificate map[string]stringMetadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- Id string
- The provider-assigned unique ID for this managed resource.
- cloud
Certificate StringId - ID of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate Map<String,String>Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- id String
- The provider-assigned unique ID for this managed resource.
- cloud
Certificate stringId - ID of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate {[key: string]: string}Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- id string
- The provider-assigned unique ID for this managed resource.
- cloud_
certificate_ strid - ID of the certificate after it has been provisioned to the cloud keystore
- cloud_
certificate_ Mapping[str, str]metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- id str
- The provider-assigned unique ID for this managed resource.
- cloud
Certificate StringId - ID of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate Map<String>Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CloudKeystoreInstallation Resource
Get an existing CloudKeystoreInstallation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CloudKeystoreInstallationState, opts?: CustomResourceOptions): CloudKeystoreInstallation@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
certificate_id: Optional[str] = None,
cloud_certificate_id: Optional[str] = None,
cloud_certificate_metadata: Optional[Mapping[str, str]] = None,
cloud_certificate_name: Optional[str] = None,
cloud_keystore_id: Optional[str] = None) -> CloudKeystoreInstallationfunc GetCloudKeystoreInstallation(ctx *Context, name string, id IDInput, state *CloudKeystoreInstallationState, opts ...ResourceOption) (*CloudKeystoreInstallation, error)public static CloudKeystoreInstallation Get(string name, Input<string> id, CloudKeystoreInstallationState? state, CustomResourceOptions? opts = null)public static CloudKeystoreInstallation get(String name, Output<String> id, CloudKeystoreInstallationState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- Certificate
Id string - ID of the certificate to be provisioned to the given
keystore_id. - Cloud
Certificate stringId - ID of the certificate after it has been provisioned to the cloud keystore
- Cloud
Certificate Dictionary<string, string>Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- Cloud
Certificate stringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores. - Cloud
Keystore stringId - ID of the cloud keystore where the certificate will be provisioned.
- Arn string
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- Certificate
Id string - ID of the certificate to be provisioned to the given
keystore_id. - Cloud
Certificate stringId - ID of the certificate after it has been provisioned to the cloud keystore
- Cloud
Certificate map[string]stringMetadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- Cloud
Certificate stringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores. - Cloud
Keystore stringId - ID of the cloud keystore where the certificate will be provisioned.
- arn String
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- certificate
Id String - ID of the certificate to be provisioned to the given
keystore_id. - cloud
Certificate StringId - ID of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate Map<String,String>Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate StringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores. - cloud
Keystore StringId - ID of the cloud keystore where the certificate will be provisioned.
- arn string
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- certificate
Id string - ID of the certificate to be provisioned to the given
keystore_id. - cloud
Certificate stringId - ID of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate {[key: string]: string}Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate stringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores. - cloud
Keystore stringId - ID of the cloud keystore where the certificate will be provisioned.
- arn str
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- certificate_
id str - ID of the certificate to be provisioned to the given
keystore_id. - cloud_
certificate_ strid - ID of the certificate after it has been provisioned to the cloud keystore
- cloud_
certificate_ Mapping[str, str]metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- cloud_
certificate_ strname - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores. - cloud_
keystore_ strid - ID of the cloud keystore where the certificate will be provisioned.
- arn String
- ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.
- certificate
Id String - ID of the certificate to be provisioned to the given
keystore_id. - cloud
Certificate StringId - ID of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate Map<String>Metadata - Metadata of the certificate after it has been provisioned to the cloud keystore
- cloud
Certificate StringName - Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from
certificate_id. Only valid for AKV and GCM keystores. - cloud
Keystore StringId - ID of the cloud keystore where the certificate will be provisioned.
Import
Using pulumi import, import a Machine Identity from Venafi Control Plane using their ID. For example:
console
$ pulumi import venafi:index/cloudKeystoreInstallation:CloudKeystoreInstallation example 2155bd32-2234-22ac-7cfd-ff1198845aa2
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Venafi pulumi/pulumi-venafi
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
venafiTerraform Provider.