aws.iam.ServerCertificate
Explore with Pulumi AI
Provides an IAM Server Certificate resource to upload Server Certificates. Certs uploaded to IAM can easily work with other AWS services such as:
- AWS Elastic Beanstalk
- Elastic Load Balancing
- CloudFront
- AWS OpsWorks
For information about server certificates in IAM, see [Managing Server Certificates][2] in AWS Documentation.
Example Usage
Using certs on file:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as std from "@pulumi/std";
const testCert = new aws.iam.ServerCertificate("test_cert", {
name: "some_test_cert",
certificateBody: std.file({
input: "self-ca-cert.pem",
}).then(invoke => invoke.result),
privateKey: std.file({
input: "test-key.pem",
}).then(invoke => invoke.result),
});
import pulumi
import pulumi_aws as aws
import pulumi_std as std
test_cert = aws.iam.ServerCertificate("test_cert",
name="some_test_cert",
certificate_body=std.file(input="self-ca-cert.pem").result,
private_key=std.file(input="test-key.pem").result)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "self-ca-cert.pem",
}, nil)
if err != nil {
return err
}
invokeFile1, err := std.File(ctx, &std.FileArgs{
Input: "test-key.pem",
}, nil)
if err != nil {
return err
}
_, err = iam.NewServerCertificate(ctx, "test_cert", &iam.ServerCertificateArgs{
Name: pulumi.String("some_test_cert"),
CertificateBody: pulumi.String(invokeFile.Result),
PrivateKey: pulumi.String(invokeFile1.Result),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var testCert = new Aws.Iam.ServerCertificate("test_cert", new()
{
Name = "some_test_cert",
CertificateBody = Std.File.Invoke(new()
{
Input = "self-ca-cert.pem",
}).Apply(invoke => invoke.Result),
PrivateKey = Std.File.Invoke(new()
{
Input = "test-key.pem",
}).Apply(invoke => invoke.Result),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.ServerCertificate;
import com.pulumi.aws.iam.ServerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testCert = new ServerCertificate("testCert", ServerCertificateArgs.builder()
.name("some_test_cert")
.certificateBody(StdFunctions.file(FileArgs.builder()
.input("self-ca-cert.pem")
.build()).result())
.privateKey(StdFunctions.file(FileArgs.builder()
.input("test-key.pem")
.build()).result())
.build());
}
}
resources:
testCert:
type: aws:iam:ServerCertificate
name: test_cert
properties:
name: some_test_cert
certificateBody:
fn::invoke:
Function: std:file
Arguments:
input: self-ca-cert.pem
Return: result
privateKey:
fn::invoke:
Function: std:file
Arguments:
input: test-key.pem
Return: result
Example with cert in-line:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const testCertAlt = new aws.iam.ServerCertificate("test_cert_alt", {
name: "alt_test_cert",
certificateBody: `-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
`,
privateKey: `-----BEGIN RSA PRIVATE KEY-----
[......] # cert contents
-----END RSA PRIVATE KEY-----
`,
});
import pulumi
import pulumi_aws as aws
test_cert_alt = aws.iam.ServerCertificate("test_cert_alt",
name="alt_test_cert",
certificate_body="""-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
""",
private_key="""-----BEGIN RSA PRIVATE KEY-----
[......] # cert contents
-----END RSA PRIVATE KEY-----
""")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.NewServerCertificate(ctx, "test_cert_alt", &iam.ServerCertificateArgs{
Name: pulumi.String("alt_test_cert"),
CertificateBody: pulumi.String("-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n"),
PrivateKey: pulumi.String("-----BEGIN RSA PRIVATE KEY-----\n[......] # cert contents\n-----END RSA PRIVATE KEY-----\n"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var testCertAlt = new Aws.Iam.ServerCertificate("test_cert_alt", new()
{
Name = "alt_test_cert",
CertificateBody = @"-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
",
PrivateKey = @"-----BEGIN RSA PRIVATE KEY-----
[......] # cert contents
-----END RSA PRIVATE KEY-----
",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.ServerCertificate;
import com.pulumi.aws.iam.ServerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testCertAlt = new ServerCertificate("testCertAlt", ServerCertificateArgs.builder()
.name("alt_test_cert")
.certificateBody("""
-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
""")
.privateKey("""
-----BEGIN RSA PRIVATE KEY-----
[......] # cert contents
-----END RSA PRIVATE KEY-----
""")
.build());
}
}
resources:
testCertAlt:
type: aws:iam:ServerCertificate
name: test_cert_alt
properties:
name: alt_test_cert
certificateBody: |
-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
privateKey: |
-----BEGIN RSA PRIVATE KEY-----
[......] # cert contents
-----END RSA PRIVATE KEY-----
Use in combination with an AWS ELB resource:
Some properties of an IAM Server Certificates cannot be updated while they are
in use. In order for the provider to effectively manage a Certificate in this situation, it is
recommended you utilize the name_prefix
attribute and enable the
create_before_destroy
. This will allow this provider
to create a new, updated aws.iam.ServerCertificate
resource and replace it in
dependant resources before attempting to destroy the old version.
Create ServerCertificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ServerCertificate(name: string, args: ServerCertificateArgs, opts?: CustomResourceOptions);
@overload
def ServerCertificate(resource_name: str,
args: ServerCertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ServerCertificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate_body: Optional[str] = None,
private_key: Optional[str] = None,
certificate_chain: Optional[str] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
path: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
func NewServerCertificate(ctx *Context, name string, args ServerCertificateArgs, opts ...ResourceOption) (*ServerCertificate, error)
public ServerCertificate(string name, ServerCertificateArgs args, CustomResourceOptions? opts = null)
public ServerCertificate(String name, ServerCertificateArgs args)
public ServerCertificate(String name, ServerCertificateArgs args, CustomResourceOptions options)
type: aws:iam:ServerCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ServerCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ServerCertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ServerCertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ServerCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ServerCertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var serverCertificateResource = new Aws.Iam.ServerCertificate("serverCertificateResource", new()
{
CertificateBody = "string",
PrivateKey = "string",
CertificateChain = "string",
Name = "string",
NamePrefix = "string",
Path = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := iam.NewServerCertificate(ctx, "serverCertificateResource", &iam.ServerCertificateArgs{
CertificateBody: pulumi.String("string"),
PrivateKey: pulumi.String("string"),
CertificateChain: pulumi.String("string"),
Name: pulumi.String("string"),
NamePrefix: pulumi.String("string"),
Path: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var serverCertificateResource = new ServerCertificate("serverCertificateResource", ServerCertificateArgs.builder()
.certificateBody("string")
.privateKey("string")
.certificateChain("string")
.name("string")
.namePrefix("string")
.path("string")
.tags(Map.of("string", "string"))
.build());
server_certificate_resource = aws.iam.ServerCertificate("serverCertificateResource",
certificate_body="string",
private_key="string",
certificate_chain="string",
name="string",
name_prefix="string",
path="string",
tags={
"string": "string",
})
const serverCertificateResource = new aws.iam.ServerCertificate("serverCertificateResource", {
certificateBody: "string",
privateKey: "string",
certificateChain: "string",
name: "string",
namePrefix: "string",
path: "string",
tags: {
string: "string",
},
});
type: aws:iam:ServerCertificate
properties:
certificateBody: string
certificateChain: string
name: string
namePrefix: string
path: string
privateKey: string
tags:
string: string
ServerCertificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ServerCertificate resource accepts the following input properties:
- Certificate
Body string - The contents of the public key certificate in PEM-encoded format.
- Private
Key string - The contents of the private key in PEM-encoded format.
- Certificate
Chain string - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- Name string
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- Name
Prefix string - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - Path string
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - Dictionary<string, string>
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
- Certificate
Body string - The contents of the public key certificate in PEM-encoded format.
- Private
Key string - The contents of the private key in PEM-encoded format.
- Certificate
Chain string - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- Name string
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- Name
Prefix string - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - Path string
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - map[string]string
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
- certificate
Body String - The contents of the public key certificate in PEM-encoded format.
- private
Key String - The contents of the private key in PEM-encoded format.
- certificate
Chain String - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- name String
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name
Prefix String - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path String
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - Map<String,String>
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
- certificate
Body string - The contents of the public key certificate in PEM-encoded format.
- private
Key string - The contents of the private key in PEM-encoded format.
- certificate
Chain string - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- name string
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name
Prefix string - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path string
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - {[key: string]: string}
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
- certificate_
body str - The contents of the public key certificate in PEM-encoded format.
- private_
key str - The contents of the private key in PEM-encoded format.
- certificate_
chain str - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- name str
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name_
prefix str - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path str
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - Mapping[str, str]
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
- certificate
Body String - The contents of the public key certificate in PEM-encoded format.
- private
Key String - The contents of the private key in PEM-encoded format.
- certificate
Chain String - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- name String
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name
Prefix String - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path String
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - Map<String>
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
Outputs
All input properties are implicitly available as output properties. Additionally, the ServerCertificate resource produces the following output properties:
- Arn string
- The Amazon Resource Name (ARN) specifying the server certificate.
- Expiration string
- Date and time in RFC3339 format on which the certificate is set to expire.
- Id string
- The provider-assigned unique ID for this managed resource.
- Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Upload
Date string - Date and time in RFC3339 format when the server certificate was uploaded.
- Arn string
- The Amazon Resource Name (ARN) specifying the server certificate.
- Expiration string
- Date and time in RFC3339 format on which the certificate is set to expire.
- Id string
- The provider-assigned unique ID for this managed resource.
- map[string]string
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Upload
Date string - Date and time in RFC3339 format when the server certificate was uploaded.
- arn String
- The Amazon Resource Name (ARN) specifying the server certificate.
- expiration String
- Date and time in RFC3339 format on which the certificate is set to expire.
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload
Date String - Date and time in RFC3339 format when the server certificate was uploaded.
- arn string
- The Amazon Resource Name (ARN) specifying the server certificate.
- expiration string
- Date and time in RFC3339 format on which the certificate is set to expire.
- id string
- The provider-assigned unique ID for this managed resource.
- {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload
Date string - Date and time in RFC3339 format when the server certificate was uploaded.
- arn str
- The Amazon Resource Name (ARN) specifying the server certificate.
- expiration str
- Date and time in RFC3339 format on which the certificate is set to expire.
- id str
- The provider-assigned unique ID for this managed resource.
- Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload_
date str - Date and time in RFC3339 format when the server certificate was uploaded.
- arn String
- The Amazon Resource Name (ARN) specifying the server certificate.
- expiration String
- Date and time in RFC3339 format on which the certificate is set to expire.
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload
Date String - Date and time in RFC3339 format when the server certificate was uploaded.
Look up Existing ServerCertificate Resource
Get an existing ServerCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ServerCertificateState, opts?: CustomResourceOptions): ServerCertificate
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
certificate_body: Optional[str] = None,
certificate_chain: Optional[str] = None,
expiration: Optional[str] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
path: Optional[str] = None,
private_key: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
upload_date: Optional[str] = None) -> ServerCertificate
func GetServerCertificate(ctx *Context, name string, id IDInput, state *ServerCertificateState, opts ...ResourceOption) (*ServerCertificate, error)
public static ServerCertificate Get(string name, Input<string> id, ServerCertificateState? state, CustomResourceOptions? opts = null)
public static ServerCertificate get(String name, Output<String> id, ServerCertificateState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
- The Amazon Resource Name (ARN) specifying the server certificate.
- Certificate
Body string - The contents of the public key certificate in PEM-encoded format.
- Certificate
Chain string - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- Expiration string
- Date and time in RFC3339 format on which the certificate is set to expire.
- Name string
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- Name
Prefix string - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - Path string
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - Private
Key string - The contents of the private key in PEM-encoded format.
- Dictionary<string, string>
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.- Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Upload
Date string - Date and time in RFC3339 format when the server certificate was uploaded.
- Arn string
- The Amazon Resource Name (ARN) specifying the server certificate.
- Certificate
Body string - The contents of the public key certificate in PEM-encoded format.
- Certificate
Chain string - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- Expiration string
- Date and time in RFC3339 format on which the certificate is set to expire.
- Name string
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- Name
Prefix string - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - Path string
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - Private
Key string - The contents of the private key in PEM-encoded format.
- map[string]string
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.- map[string]string
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Upload
Date string - Date and time in RFC3339 format when the server certificate was uploaded.
- arn String
- The Amazon Resource Name (ARN) specifying the server certificate.
- certificate
Body String - The contents of the public key certificate in PEM-encoded format.
- certificate
Chain String - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- expiration String
- Date and time in RFC3339 format on which the certificate is set to expire.
- name String
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name
Prefix String - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path String
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - private
Key String - The contents of the private key in PEM-encoded format.
- Map<String,String>
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.- Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload
Date String - Date and time in RFC3339 format when the server certificate was uploaded.
- arn string
- The Amazon Resource Name (ARN) specifying the server certificate.
- certificate
Body string - The contents of the public key certificate in PEM-encoded format.
- certificate
Chain string - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- expiration string
- Date and time in RFC3339 format on which the certificate is set to expire.
- name string
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name
Prefix string - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path string
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - private
Key string - The contents of the private key in PEM-encoded format.
- {[key: string]: string}
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.- {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload
Date string - Date and time in RFC3339 format when the server certificate was uploaded.
- arn str
- The Amazon Resource Name (ARN) specifying the server certificate.
- certificate_
body str - The contents of the public key certificate in PEM-encoded format.
- certificate_
chain str - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- expiration str
- Date and time in RFC3339 format on which the certificate is set to expire.
- name str
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name_
prefix str - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path str
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - private_
key str - The contents of the private key in PEM-encoded format.
- Mapping[str, str]
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.- Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload_
date str - Date and time in RFC3339 format when the server certificate was uploaded.
- arn String
- The Amazon Resource Name (ARN) specifying the server certificate.
- certificate
Body String - The contents of the public key certificate in PEM-encoded format.
- certificate
Chain String - The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
- expiration String
- Date and time in RFC3339 format on which the certificate is set to expire.
- name String
- The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
- name
Prefix String - Creates a unique name beginning with the specified
prefix. Conflicts with
name
. - path String
- The IAM path for the server certificate. If it is not
included, it defaults to a slash (/). If this certificate is for use with
AWS CloudFront, the path must be in format
/cloudfront/your_path_here
. See IAM Identifiers for more details on IAM Paths. - private
Key String - The contents of the private key in PEM-encoded format.
- Map<String>
Map of resource tags for the server certificate. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.NOTE: AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that
certificate_body
contains only one certificate. All other certificates should go incertificate_chain
. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.- Map<String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - upload
Date String - Date and time in RFC3339 format when the server certificate was uploaded.
Import
Using pulumi import
, import IAM Server Certificates using the name
. For example:
$ pulumi import aws:iam/serverCertificate:ServerCertificate certificate example.com-certificate-until-2018
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.