1. Packages
  2. Venafi
  3. API Docs
  4. SshCertificate
Venafi v1.10.0 published on Wednesday, Jun 12, 2024 by Pulumi

venafi.SshCertificate

Explore with Pulumi AI

venafi logo
Venafi v1.10.0 published on Wednesday, Jun 12, 2024 by Pulumi

    Provides access to request and retrieve SSH certificates from Venafi Trust Protection Platform.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as venafi from "@pulumi/venafi";
    
    const sshCert = new venafi.SshCertificate("ssh_cert", {
        keyId: "my-first-ssh-certificate",
        template: "Sample SSH CA",
        publicKeyMethod: "local",
        keyPassphrase: "passw0rd",
        keySize: 3072,
        principals: ["seamus"],
        validHours: 24,
    });
    
    import pulumi
    import pulumi_venafi as venafi
    
    ssh_cert = venafi.SshCertificate("ssh_cert",
        key_id="my-first-ssh-certificate",
        template="Sample SSH CA",
        public_key_method="local",
        key_passphrase="passw0rd",
        key_size=3072,
        principals=["seamus"],
        valid_hours=24)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-venafi/sdk/go/venafi"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := venafi.NewSshCertificate(ctx, "ssh_cert", &venafi.SshCertificateArgs{
    			KeyId:           pulumi.String("my-first-ssh-certificate"),
    			Template:        pulumi.String("Sample SSH CA"),
    			PublicKeyMethod: pulumi.String("local"),
    			KeyPassphrase:   pulumi.String("passw0rd"),
    			KeySize:         pulumi.Int(3072),
    			Principals: pulumi.StringArray{
    				pulumi.String("seamus"),
    			},
    			ValidHours: pulumi.Int(24),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Venafi = Pulumi.Venafi;
    
    return await Deployment.RunAsync(() => 
    {
        var sshCert = new Venafi.SshCertificate("ssh_cert", new()
        {
            KeyId = "my-first-ssh-certificate",
            Template = "Sample SSH CA",
            PublicKeyMethod = "local",
            KeyPassphrase = "passw0rd",
            KeySize = 3072,
            Principals = new[]
            {
                "seamus",
            },
            ValidHours = 24,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.venafi.SshCertificate;
    import com.pulumi.venafi.SshCertificateArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var sshCert = new SshCertificate("sshCert", SshCertificateArgs.builder()
                .keyId("my-first-ssh-certificate")
                .template("Sample SSH CA")
                .publicKeyMethod("local")
                .keyPassphrase("passw0rd")
                .keySize(3072)
                .principals("seamus")
                .validHours(24)
                .build());
    
        }
    }
    
    resources:
      sshCert:
        type: venafi:SshCertificate
        name: ssh_cert
        properties:
          keyId: my-first-ssh-certificate
          template: Sample SSH CA
          publicKeyMethod: local
          keyPassphrase: passw0rd
          keySize: 3072
          principals:
            - seamus
          validHours: 24
    

    Create SshCertificate Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SshCertificate(name: string, args: SshCertificateArgs, opts?: CustomResourceOptions);
    @overload
    def SshCertificate(resource_name: str,
                       args: SshCertificateArgs,
                       opts: Optional[ResourceOptions] = None)
    
    @overload
    def SshCertificate(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       key_id: Optional[str] = None,
                       template: Optional[str] = None,
                       principal: Optional[Sequence[str]] = None,
                       principals: Optional[Sequence[str]] = None,
                       folder: Optional[str] = None,
                       key_passphrase: Optional[str] = None,
                       key_size: Optional[int] = None,
                       object_name: Optional[str] = None,
                       destination_addresses: Optional[Sequence[str]] = None,
                       force_command: Optional[str] = None,
                       public_key: Optional[str] = None,
                       public_key_method: Optional[str] = None,
                       source_addresses: Optional[Sequence[str]] = None,
                       extensions: Optional[Sequence[str]] = None,
                       valid_hours: Optional[int] = None,
                       windows: Optional[bool] = None)
    func NewSshCertificate(ctx *Context, name string, args SshCertificateArgs, opts ...ResourceOption) (*SshCertificate, error)
    public SshCertificate(string name, SshCertificateArgs args, CustomResourceOptions? opts = null)
    public SshCertificate(String name, SshCertificateArgs args)
    public SshCertificate(String name, SshCertificateArgs args, CustomResourceOptions options)
    
    type: venafi:SshCertificate
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SshCertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SshCertificateArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SshCertificateArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SshCertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SshCertificateArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var sshCertificateResource = new Venafi.SshCertificate("sshCertificateResource", new()
    {
        KeyId = "string",
        Template = "string",
        Principals = new[]
        {
            "string",
        },
        Folder = "string",
        KeyPassphrase = "string",
        KeySize = 0,
        ObjectName = "string",
        DestinationAddresses = new[]
        {
            "string",
        },
        ForceCommand = "string",
        PublicKey = "string",
        PublicKeyMethod = "string",
        SourceAddresses = new[]
        {
            "string",
        },
        Extensions = new[]
        {
            "string",
        },
        ValidHours = 0,
        Windows = false,
    });
    
    example, err := venafi.NewSshCertificate(ctx, "sshCertificateResource", &venafi.SshCertificateArgs{
    	KeyId:    pulumi.String("string"),
    	Template: pulumi.String("string"),
    	Principals: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Folder:        pulumi.String("string"),
    	KeyPassphrase: pulumi.String("string"),
    	KeySize:       pulumi.Int(0),
    	ObjectName:    pulumi.String("string"),
    	DestinationAddresses: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ForceCommand:    pulumi.String("string"),
    	PublicKey:       pulumi.String("string"),
    	PublicKeyMethod: pulumi.String("string"),
    	SourceAddresses: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Extensions: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ValidHours: pulumi.Int(0),
    	Windows:    pulumi.Bool(false),
    })
    
    var sshCertificateResource = new SshCertificate("sshCertificateResource", SshCertificateArgs.builder()
        .keyId("string")
        .template("string")
        .principals("string")
        .folder("string")
        .keyPassphrase("string")
        .keySize(0)
        .objectName("string")
        .destinationAddresses("string")
        .forceCommand("string")
        .publicKey("string")
        .publicKeyMethod("string")
        .sourceAddresses("string")
        .extensions("string")
        .validHours(0)
        .windows(false)
        .build());
    
    ssh_certificate_resource = venafi.SshCertificate("sshCertificateResource",
        key_id="string",
        template="string",
        principals=["string"],
        folder="string",
        key_passphrase="string",
        key_size=0,
        object_name="string",
        destination_addresses=["string"],
        force_command="string",
        public_key="string",
        public_key_method="string",
        source_addresses=["string"],
        extensions=["string"],
        valid_hours=0,
        windows=False)
    
    const sshCertificateResource = new venafi.SshCertificate("sshCertificateResource", {
        keyId: "string",
        template: "string",
        principals: ["string"],
        folder: "string",
        keyPassphrase: "string",
        keySize: 0,
        objectName: "string",
        destinationAddresses: ["string"],
        forceCommand: "string",
        publicKey: "string",
        publicKeyMethod: "string",
        sourceAddresses: ["string"],
        extensions: ["string"],
        validHours: 0,
        windows: false,
    });
    
    type: venafi:SshCertificate
    properties:
        destinationAddresses:
            - string
        extensions:
            - string
        folder: string
        forceCommand: string
        keyId: string
        keyPassphrase: string
        keySize: 0
        objectName: string
        principals:
            - string
        publicKey: string
        publicKeyMethod: string
        sourceAddresses:
            - string
        template: string
        validHours: 0
        windows: false
    

    SshCertificate Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SshCertificate resource accepts the following input properties:

    KeyId string
    The identifier of the requested SSH certificate.
    Template string
    The SSH certificate issuing template.
    DestinationAddresses List<string>
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    Extensions List<string>
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    Folder string
    The DN of the policy folder where the SSH certificate object will be created.
    ForceCommand string
    A command to run after successful login.
    KeyPassphrase string
    Passphrase for encrypting the private key.
    KeySize int
    Number of bits to use when creating a key pair. (e.g. 3072).
    ObjectName string
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    Principal List<string>
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    Principals List<string>
    A list of usernames for whom the requested certificate will be valid.
    PublicKey string
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    PublicKeyMethod string
    Specifies whether the public key will be local (default), file or service generated.
    SourceAddresses List<string>
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    ValidHours int
    Desired number of hours for which the certificate will be valid.
    Windows bool
    Specifies whether the private key will use Windows/DOS style line breaks.
    KeyId string
    The identifier of the requested SSH certificate.
    Template string
    The SSH certificate issuing template.
    DestinationAddresses []string
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    Extensions []string
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    Folder string
    The DN of the policy folder where the SSH certificate object will be created.
    ForceCommand string
    A command to run after successful login.
    KeyPassphrase string
    Passphrase for encrypting the private key.
    KeySize int
    Number of bits to use when creating a key pair. (e.g. 3072).
    ObjectName string
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    Principal []string
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    Principals []string
    A list of usernames for whom the requested certificate will be valid.
    PublicKey string
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    PublicKeyMethod string
    Specifies whether the public key will be local (default), file or service generated.
    SourceAddresses []string
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    ValidHours int
    Desired number of hours for which the certificate will be valid.
    Windows bool
    Specifies whether the private key will use Windows/DOS style line breaks.
    keyId String
    The identifier of the requested SSH certificate.
    template String
    The SSH certificate issuing template.
    destinationAddresses List<String>
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions List<String>
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder String
    The DN of the policy folder where the SSH certificate object will be created.
    forceCommand String
    A command to run after successful login.
    keyPassphrase String
    Passphrase for encrypting the private key.
    keySize Integer
    Number of bits to use when creating a key pair. (e.g. 3072).
    objectName String
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal List<String>
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals List<String>
    A list of usernames for whom the requested certificate will be valid.
    publicKey String
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    publicKeyMethod String
    Specifies whether the public key will be local (default), file or service generated.
    sourceAddresses List<String>
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    validHours Integer
    Desired number of hours for which the certificate will be valid.
    windows Boolean
    Specifies whether the private key will use Windows/DOS style line breaks.
    keyId string
    The identifier of the requested SSH certificate.
    template string
    The SSH certificate issuing template.
    destinationAddresses string[]
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions string[]
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder string
    The DN of the policy folder where the SSH certificate object will be created.
    forceCommand string
    A command to run after successful login.
    keyPassphrase string
    Passphrase for encrypting the private key.
    keySize number
    Number of bits to use when creating a key pair. (e.g. 3072).
    objectName string
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal string[]
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals string[]
    A list of usernames for whom the requested certificate will be valid.
    publicKey string
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    publicKeyMethod string
    Specifies whether the public key will be local (default), file or service generated.
    sourceAddresses string[]
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    validHours number
    Desired number of hours for which the certificate will be valid.
    windows boolean
    Specifies whether the private key will use Windows/DOS style line breaks.
    key_id str
    The identifier of the requested SSH certificate.
    template str
    The SSH certificate issuing template.
    destination_addresses Sequence[str]
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions Sequence[str]
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder str
    The DN of the policy folder where the SSH certificate object will be created.
    force_command str
    A command to run after successful login.
    key_passphrase str
    Passphrase for encrypting the private key.
    key_size int
    Number of bits to use when creating a key pair. (e.g. 3072).
    object_name str
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal Sequence[str]
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals Sequence[str]
    A list of usernames for whom the requested certificate will be valid.
    public_key str
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    public_key_method str
    Specifies whether the public key will be local (default), file or service generated.
    source_addresses Sequence[str]
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    valid_hours int
    Desired number of hours for which the certificate will be valid.
    windows bool
    Specifies whether the private key will use Windows/DOS style line breaks.
    keyId String
    The identifier of the requested SSH certificate.
    template String
    The SSH certificate issuing template.
    destinationAddresses List<String>
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions List<String>
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder String
    The DN of the policy folder where the SSH certificate object will be created.
    forceCommand String
    A command to run after successful login.
    keyPassphrase String
    Passphrase for encrypting the private key.
    keySize Number
    Number of bits to use when creating a key pair. (e.g. 3072).
    objectName String
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal List<String>
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals List<String>
    A list of usernames for whom the requested certificate will be valid.
    publicKey String
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    publicKeyMethod String
    Specifies whether the public key will be local (default), file or service generated.
    sourceAddresses List<String>
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    validHours Number
    Desired number of hours for which the certificate will be valid.
    windows Boolean
    Specifies whether the private key will use Windows/DOS style line breaks.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SshCertificate resource produces the following output properties:

    Certificate string
    The issued SSH certificate.
    CertificateType string
    Indicates whether the SSH certificate is for client or server authentication.
    Id string
    The provider-assigned unique ID for this managed resource.
    PrivateKey string
    The private key for the SSH certificate if generated by Venafi.
    PublicKeyFingerprint string
    The SHA256 fingerprint of the SSH certificate's public key.
    Serial string
    The serial number of the SSH certificate.
    SigningCa string
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    ValidFrom string
    The date the SSH certificate was issued.
    ValidTo string
    The date the SSH certificate will expire.
    Certificate string
    The issued SSH certificate.
    CertificateType string
    Indicates whether the SSH certificate is for client or server authentication.
    Id string
    The provider-assigned unique ID for this managed resource.
    PrivateKey string
    The private key for the SSH certificate if generated by Venafi.
    PublicKeyFingerprint string
    The SHA256 fingerprint of the SSH certificate's public key.
    Serial string
    The serial number of the SSH certificate.
    SigningCa string
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    ValidFrom string
    The date the SSH certificate was issued.
    ValidTo string
    The date the SSH certificate will expire.
    certificate String
    The issued SSH certificate.
    certificateType String
    Indicates whether the SSH certificate is for client or server authentication.
    id String
    The provider-assigned unique ID for this managed resource.
    privateKey String
    The private key for the SSH certificate if generated by Venafi.
    publicKeyFingerprint String
    The SHA256 fingerprint of the SSH certificate's public key.
    serial String
    The serial number of the SSH certificate.
    signingCa String
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    validFrom String
    The date the SSH certificate was issued.
    validTo String
    The date the SSH certificate will expire.
    certificate string
    The issued SSH certificate.
    certificateType string
    Indicates whether the SSH certificate is for client or server authentication.
    id string
    The provider-assigned unique ID for this managed resource.
    privateKey string
    The private key for the SSH certificate if generated by Venafi.
    publicKeyFingerprint string
    The SHA256 fingerprint of the SSH certificate's public key.
    serial string
    The serial number of the SSH certificate.
    signingCa string
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    validFrom string
    The date the SSH certificate was issued.
    validTo string
    The date the SSH certificate will expire.
    certificate str
    The issued SSH certificate.
    certificate_type str
    Indicates whether the SSH certificate is for client or server authentication.
    id str
    The provider-assigned unique ID for this managed resource.
    private_key str
    The private key for the SSH certificate if generated by Venafi.
    public_key_fingerprint str
    The SHA256 fingerprint of the SSH certificate's public key.
    serial str
    The serial number of the SSH certificate.
    signing_ca str
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    valid_from str
    The date the SSH certificate was issued.
    valid_to str
    The date the SSH certificate will expire.
    certificate String
    The issued SSH certificate.
    certificateType String
    Indicates whether the SSH certificate is for client or server authentication.
    id String
    The provider-assigned unique ID for this managed resource.
    privateKey String
    The private key for the SSH certificate if generated by Venafi.
    publicKeyFingerprint String
    The SHA256 fingerprint of the SSH certificate's public key.
    serial String
    The serial number of the SSH certificate.
    signingCa String
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    validFrom String
    The date the SSH certificate was issued.
    validTo String
    The date the SSH certificate will expire.

    Look up Existing SshCertificate Resource

    Get an existing SshCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SshCertificateState, opts?: CustomResourceOptions): SshCertificate
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            certificate: Optional[str] = None,
            certificate_type: Optional[str] = None,
            destination_addresses: Optional[Sequence[str]] = None,
            extensions: Optional[Sequence[str]] = None,
            folder: Optional[str] = None,
            force_command: Optional[str] = None,
            key_id: Optional[str] = None,
            key_passphrase: Optional[str] = None,
            key_size: Optional[int] = None,
            object_name: Optional[str] = None,
            principal: Optional[Sequence[str]] = None,
            principals: Optional[Sequence[str]] = None,
            private_key: Optional[str] = None,
            public_key: Optional[str] = None,
            public_key_fingerprint: Optional[str] = None,
            public_key_method: Optional[str] = None,
            serial: Optional[str] = None,
            signing_ca: Optional[str] = None,
            source_addresses: Optional[Sequence[str]] = None,
            template: Optional[str] = None,
            valid_from: Optional[str] = None,
            valid_hours: Optional[int] = None,
            valid_to: Optional[str] = None,
            windows: Optional[bool] = None) -> SshCertificate
    func GetSshCertificate(ctx *Context, name string, id IDInput, state *SshCertificateState, opts ...ResourceOption) (*SshCertificate, error)
    public static SshCertificate Get(string name, Input<string> id, SshCertificateState? state, CustomResourceOptions? opts = null)
    public static SshCertificate get(String name, Output<String> id, SshCertificateState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Certificate string
    The issued SSH certificate.
    CertificateType string
    Indicates whether the SSH certificate is for client or server authentication.
    DestinationAddresses List<string>
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    Extensions List<string>
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    Folder string
    The DN of the policy folder where the SSH certificate object will be created.
    ForceCommand string
    A command to run after successful login.
    KeyId string
    The identifier of the requested SSH certificate.
    KeyPassphrase string
    Passphrase for encrypting the private key.
    KeySize int
    Number of bits to use when creating a key pair. (e.g. 3072).
    ObjectName string
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    Principal List<string>
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    Principals List<string>
    A list of usernames for whom the requested certificate will be valid.
    PrivateKey string
    The private key for the SSH certificate if generated by Venafi.
    PublicKey string
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    PublicKeyFingerprint string
    The SHA256 fingerprint of the SSH certificate's public key.
    PublicKeyMethod string
    Specifies whether the public key will be local (default), file or service generated.
    Serial string
    The serial number of the SSH certificate.
    SigningCa string
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    SourceAddresses List<string>
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    Template string
    The SSH certificate issuing template.
    ValidFrom string
    The date the SSH certificate was issued.
    ValidHours int
    Desired number of hours for which the certificate will be valid.
    ValidTo string
    The date the SSH certificate will expire.
    Windows bool
    Specifies whether the private key will use Windows/DOS style line breaks.
    Certificate string
    The issued SSH certificate.
    CertificateType string
    Indicates whether the SSH certificate is for client or server authentication.
    DestinationAddresses []string
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    Extensions []string
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    Folder string
    The DN of the policy folder where the SSH certificate object will be created.
    ForceCommand string
    A command to run after successful login.
    KeyId string
    The identifier of the requested SSH certificate.
    KeyPassphrase string
    Passphrase for encrypting the private key.
    KeySize int
    Number of bits to use when creating a key pair. (e.g. 3072).
    ObjectName string
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    Principal []string
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    Principals []string
    A list of usernames for whom the requested certificate will be valid.
    PrivateKey string
    The private key for the SSH certificate if generated by Venafi.
    PublicKey string
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    PublicKeyFingerprint string
    The SHA256 fingerprint of the SSH certificate's public key.
    PublicKeyMethod string
    Specifies whether the public key will be local (default), file or service generated.
    Serial string
    The serial number of the SSH certificate.
    SigningCa string
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    SourceAddresses []string
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    Template string
    The SSH certificate issuing template.
    ValidFrom string
    The date the SSH certificate was issued.
    ValidHours int
    Desired number of hours for which the certificate will be valid.
    ValidTo string
    The date the SSH certificate will expire.
    Windows bool
    Specifies whether the private key will use Windows/DOS style line breaks.
    certificate String
    The issued SSH certificate.
    certificateType String
    Indicates whether the SSH certificate is for client or server authentication.
    destinationAddresses List<String>
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions List<String>
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder String
    The DN of the policy folder where the SSH certificate object will be created.
    forceCommand String
    A command to run after successful login.
    keyId String
    The identifier of the requested SSH certificate.
    keyPassphrase String
    Passphrase for encrypting the private key.
    keySize Integer
    Number of bits to use when creating a key pair. (e.g. 3072).
    objectName String
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal List<String>
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals List<String>
    A list of usernames for whom the requested certificate will be valid.
    privateKey String
    The private key for the SSH certificate if generated by Venafi.
    publicKey String
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    publicKeyFingerprint String
    The SHA256 fingerprint of the SSH certificate's public key.
    publicKeyMethod String
    Specifies whether the public key will be local (default), file or service generated.
    serial String
    The serial number of the SSH certificate.
    signingCa String
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    sourceAddresses List<String>
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    template String
    The SSH certificate issuing template.
    validFrom String
    The date the SSH certificate was issued.
    validHours Integer
    Desired number of hours for which the certificate will be valid.
    validTo String
    The date the SSH certificate will expire.
    windows Boolean
    Specifies whether the private key will use Windows/DOS style line breaks.
    certificate string
    The issued SSH certificate.
    certificateType string
    Indicates whether the SSH certificate is for client or server authentication.
    destinationAddresses string[]
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions string[]
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder string
    The DN of the policy folder where the SSH certificate object will be created.
    forceCommand string
    A command to run after successful login.
    keyId string
    The identifier of the requested SSH certificate.
    keyPassphrase string
    Passphrase for encrypting the private key.
    keySize number
    Number of bits to use when creating a key pair. (e.g. 3072).
    objectName string
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal string[]
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals string[]
    A list of usernames for whom the requested certificate will be valid.
    privateKey string
    The private key for the SSH certificate if generated by Venafi.
    publicKey string
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    publicKeyFingerprint string
    The SHA256 fingerprint of the SSH certificate's public key.
    publicKeyMethod string
    Specifies whether the public key will be local (default), file or service generated.
    serial string
    The serial number of the SSH certificate.
    signingCa string
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    sourceAddresses string[]
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    template string
    The SSH certificate issuing template.
    validFrom string
    The date the SSH certificate was issued.
    validHours number
    Desired number of hours for which the certificate will be valid.
    validTo string
    The date the SSH certificate will expire.
    windows boolean
    Specifies whether the private key will use Windows/DOS style line breaks.
    certificate str
    The issued SSH certificate.
    certificate_type str
    Indicates whether the SSH certificate is for client or server authentication.
    destination_addresses Sequence[str]
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions Sequence[str]
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder str
    The DN of the policy folder where the SSH certificate object will be created.
    force_command str
    A command to run after successful login.
    key_id str
    The identifier of the requested SSH certificate.
    key_passphrase str
    Passphrase for encrypting the private key.
    key_size int
    Number of bits to use when creating a key pair. (e.g. 3072).
    object_name str
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal Sequence[str]
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals Sequence[str]
    A list of usernames for whom the requested certificate will be valid.
    private_key str
    The private key for the SSH certificate if generated by Venafi.
    public_key str
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    public_key_fingerprint str
    The SHA256 fingerprint of the SSH certificate's public key.
    public_key_method str
    Specifies whether the public key will be local (default), file or service generated.
    serial str
    The serial number of the SSH certificate.
    signing_ca str
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    source_addresses Sequence[str]
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    template str
    The SSH certificate issuing template.
    valid_from str
    The date the SSH certificate was issued.
    valid_hours int
    Desired number of hours for which the certificate will be valid.
    valid_to str
    The date the SSH certificate will expire.
    windows bool
    Specifies whether the private key will use Windows/DOS style line breaks.
    certificate String
    The issued SSH certificate.
    certificateType String
    Indicates whether the SSH certificate is for client or server authentication.
    destinationAddresses List<String>
    A list of one or more valid IP or CIDR destination hosts where the certificate will authenticate.
    extensions List<String>
    A list of key-value pairs that contain certificate extensions from the CA template for client certificates. Allowed values (case-sensitive): permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty, permit-user-rc.
    folder String
    The DN of the policy folder where the SSH certificate object will be created.
    forceCommand String
    A command to run after successful login.
    keyId String
    The identifier of the requested SSH certificate.
    keyPassphrase String
    Passphrase for encrypting the private key.
    keySize Number
    Number of bits to use when creating a key pair. (e.g. 3072).
    objectName String
    The friendly name of the SSH certificate object. When not specified the key_id is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new certificate.
    principal List<String>
    [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the requested certificate will be valid.

    Deprecated: This will be removed in the future. Use "principals" instead

    principals List<String>
    A list of usernames for whom the requested certificate will be valid.
    privateKey String
    The private key for the SSH certificate if generated by Venafi.
    publicKey String
    The OpenSSH formatted public key that will be used to generate the SSH certificate.
    publicKeyFingerprint String
    The SHA256 fingerprint of the SSH certificate's public key.
    publicKeyMethod String
    Specifies whether the public key will be local (default), file or service generated.
    serial String
    The serial number of the SSH certificate.
    signingCa String
    The SHA256 fingerprint of the CA that signed the SSH certificate.
    sourceAddresses List<String>
    A list of one or more valid IP or CIDR addresses that can use the SSH certificate.
    template String
    The SSH certificate issuing template.
    validFrom String
    The date the SSH certificate was issued.
    validHours Number
    Desired number of hours for which the certificate will be valid.
    validTo String
    The date the SSH certificate will expire.
    windows Boolean
    Specifies whether the private key will use Windows/DOS style line breaks.

    Package Details

    Repository
    Venafi pulumi/pulumi-venafi
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the venafi Terraform Provider.
    venafi logo
    Venafi v1.10.0 published on Wednesday, Jun 12, 2024 by Pulumi