1. Packages
  2. Azure Classic
  3. API Docs
  4. apimanagement
  5. CustomDomain

We recommend using Azure Native.

Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi

azure.apimanagement.CustomDomain

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Manages a API Management Custom Domain.

    Disclaimers

    Note: It’s possible to define Custom Domains both within the azure.apimanagement.Service resource via the hostname_configurations block and by using this resource. However it’s not possible to use both methods to manage Custom Domains within an API Management Service, since there will be conflicts.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const exampleResourceGroup = new azure.core.ResourceGroup("example", {
        name: "example-resources",
        location: "West Europe",
    });
    const example = azure.keyvault.getKeyVault({
        name: "mykeyvault",
        resourceGroupName: "some-resource-group",
    });
    const exampleService = new azure.apimanagement.Service("example", {
        name: "example-apim",
        location: exampleResourceGroup.location,
        resourceGroupName: exampleResourceGroup.name,
        publisherName: "pub1",
        publisherEmail: "pub1@email.com",
        skuName: "Developer_1",
    });
    const exampleCertificate = new azure.keyvault.Certificate("example", {
        name: "example-certificate",
        keyVaultId: example.then(example => example.id),
        certificatePolicy: {
            issuerParameters: {
                name: "Self",
            },
            keyProperties: {
                exportable: true,
                keySize: 2048,
                keyType: "RSA",
                reuseKey: true,
            },
            lifetimeActions: [{
                action: {
                    actionType: "AutoRenew",
                },
                trigger: {
                    daysBeforeExpiry: 30,
                },
            }],
            secretProperties: {
                contentType: "application/x-pkcs12",
            },
            x509CertificateProperties: {
                keyUsages: [
                    "cRLSign",
                    "dataEncipherment",
                    "digitalSignature",
                    "keyAgreement",
                    "keyCertSign",
                    "keyEncipherment",
                ],
                subject: "CN=api.example.com",
                validityInMonths: 12,
                subjectAlternativeNames: {
                    dnsNames: [
                        "api.example.com",
                        "portal.example.com",
                    ],
                },
            },
        },
    });
    const exampleCustomDomain = new azure.apimanagement.CustomDomain("example", {
        apiManagementId: exampleService.id,
        gateways: [{
            hostName: "api.example.com",
            keyVaultId: exampleCertificate.versionlessSecretId,
        }],
        developerPortals: [{
            hostName: "portal.example.com",
            keyVaultId: exampleCertificate.versionlessSecretId,
        }],
    });
    
    import pulumi
    import pulumi_azure as azure
    
    example_resource_group = azure.core.ResourceGroup("example",
        name="example-resources",
        location="West Europe")
    example = azure.keyvault.get_key_vault(name="mykeyvault",
        resource_group_name="some-resource-group")
    example_service = azure.apimanagement.Service("example",
        name="example-apim",
        location=example_resource_group.location,
        resource_group_name=example_resource_group.name,
        publisher_name="pub1",
        publisher_email="pub1@email.com",
        sku_name="Developer_1")
    example_certificate = azure.keyvault.Certificate("example",
        name="example-certificate",
        key_vault_id=example.id,
        certificate_policy={
            "issuer_parameters": {
                "name": "Self",
            },
            "key_properties": {
                "exportable": True,
                "key_size": 2048,
                "key_type": "RSA",
                "reuse_key": True,
            },
            "lifetime_actions": [{
                "action": {
                    "action_type": "AutoRenew",
                },
                "trigger": {
                    "days_before_expiry": 30,
                },
            }],
            "secret_properties": {
                "content_type": "application/x-pkcs12",
            },
            "x509_certificate_properties": {
                "key_usages": [
                    "cRLSign",
                    "dataEncipherment",
                    "digitalSignature",
                    "keyAgreement",
                    "keyCertSign",
                    "keyEncipherment",
                ],
                "subject": "CN=api.example.com",
                "validity_in_months": 12,
                "subject_alternative_names": {
                    "dns_names": [
                        "api.example.com",
                        "portal.example.com",
                    ],
                },
            },
        })
    example_custom_domain = azure.apimanagement.CustomDomain("example",
        api_management_id=example_service.id,
        gateways=[{
            "host_name": "api.example.com",
            "key_vault_id": example_certificate.versionless_secret_id,
        }],
        developer_portals=[{
            "host_name": "portal.example.com",
            "key_vault_id": example_certificate.versionless_secret_id,
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/apimanagement"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
    			Name:     pulumi.String("example-resources"),
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		example, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
    			Name:              "mykeyvault",
    			ResourceGroupName: "some-resource-group",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		exampleService, err := apimanagement.NewService(ctx, "example", &apimanagement.ServiceArgs{
    			Name:              pulumi.String("example-apim"),
    			Location:          exampleResourceGroup.Location,
    			ResourceGroupName: exampleResourceGroup.Name,
    			PublisherName:     pulumi.String("pub1"),
    			PublisherEmail:    pulumi.String("pub1@email.com"),
    			SkuName:           pulumi.String("Developer_1"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleCertificate, err := keyvault.NewCertificate(ctx, "example", &keyvault.CertificateArgs{
    			Name:       pulumi.String("example-certificate"),
    			KeyVaultId: pulumi.String(example.Id),
    			CertificatePolicy: &keyvault.CertificateCertificatePolicyArgs{
    				IssuerParameters: &keyvault.CertificateCertificatePolicyIssuerParametersArgs{
    					Name: pulumi.String("Self"),
    				},
    				KeyProperties: &keyvault.CertificateCertificatePolicyKeyPropertiesArgs{
    					Exportable: pulumi.Bool(true),
    					KeySize:    pulumi.Int(2048),
    					KeyType:    pulumi.String("RSA"),
    					ReuseKey:   pulumi.Bool(true),
    				},
    				LifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{
    					&keyvault.CertificateCertificatePolicyLifetimeActionArgs{
    						Action: &keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{
    							ActionType: pulumi.String("AutoRenew"),
    						},
    						Trigger: &keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{
    							DaysBeforeExpiry: pulumi.Int(30),
    						},
    					},
    				},
    				SecretProperties: &keyvault.CertificateCertificatePolicySecretPropertiesArgs{
    					ContentType: pulumi.String("application/x-pkcs12"),
    				},
    				X509CertificateProperties: &keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{
    					KeyUsages: pulumi.StringArray{
    						pulumi.String("cRLSign"),
    						pulumi.String("dataEncipherment"),
    						pulumi.String("digitalSignature"),
    						pulumi.String("keyAgreement"),
    						pulumi.String("keyCertSign"),
    						pulumi.String("keyEncipherment"),
    					},
    					Subject:          pulumi.String("CN=api.example.com"),
    					ValidityInMonths: pulumi.Int(12),
    					SubjectAlternativeNames: &keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{
    						DnsNames: pulumi.StringArray{
    							pulumi.String("api.example.com"),
    							pulumi.String("portal.example.com"),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = apimanagement.NewCustomDomain(ctx, "example", &apimanagement.CustomDomainArgs{
    			ApiManagementId: exampleService.ID(),
    			Gateways: apimanagement.CustomDomainGatewayArray{
    				&apimanagement.CustomDomainGatewayArgs{
    					HostName:   pulumi.String("api.example.com"),
    					KeyVaultId: exampleCertificate.VersionlessSecretId,
    				},
    			},
    			DeveloperPortals: apimanagement.CustomDomainDeveloperPortalArray{
    				&apimanagement.CustomDomainDeveloperPortalArgs{
    					HostName:   pulumi.String("portal.example.com"),
    					KeyVaultId: exampleCertificate.VersionlessSecretId,
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
        {
            Name = "example-resources",
            Location = "West Europe",
        });
    
        var example = Azure.KeyVault.GetKeyVault.Invoke(new()
        {
            Name = "mykeyvault",
            ResourceGroupName = "some-resource-group",
        });
    
        var exampleService = new Azure.ApiManagement.Service("example", new()
        {
            Name = "example-apim",
            Location = exampleResourceGroup.Location,
            ResourceGroupName = exampleResourceGroup.Name,
            PublisherName = "pub1",
            PublisherEmail = "pub1@email.com",
            SkuName = "Developer_1",
        });
    
        var exampleCertificate = new Azure.KeyVault.Certificate("example", new()
        {
            Name = "example-certificate",
            KeyVaultId = example.Apply(getKeyVaultResult => getKeyVaultResult.Id),
            CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs
            {
                IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs
                {
                    Name = "Self",
                },
                KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs
                {
                    Exportable = true,
                    KeySize = 2048,
                    KeyType = "RSA",
                    ReuseKey = true,
                },
                LifetimeActions = new[]
                {
                    new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs
                    {
                        Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs
                        {
                            ActionType = "AutoRenew",
                        },
                        Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs
                        {
                            DaysBeforeExpiry = 30,
                        },
                    },
                },
                SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs
                {
                    ContentType = "application/x-pkcs12",
                },
                X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs
                {
                    KeyUsages = new[]
                    {
                        "cRLSign",
                        "dataEncipherment",
                        "digitalSignature",
                        "keyAgreement",
                        "keyCertSign",
                        "keyEncipherment",
                    },
                    Subject = "CN=api.example.com",
                    ValidityInMonths = 12,
                    SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs
                    {
                        DnsNames = new[]
                        {
                            "api.example.com",
                            "portal.example.com",
                        },
                    },
                },
            },
        });
    
        var exampleCustomDomain = new Azure.ApiManagement.CustomDomain("example", new()
        {
            ApiManagementId = exampleService.Id,
            Gateways = new[]
            {
                new Azure.ApiManagement.Inputs.CustomDomainGatewayArgs
                {
                    HostName = "api.example.com",
                    KeyVaultId = exampleCertificate.VersionlessSecretId,
                },
            },
            DeveloperPortals = new[]
            {
                new Azure.ApiManagement.Inputs.CustomDomainDeveloperPortalArgs
                {
                    HostName = "portal.example.com",
                    KeyVaultId = exampleCertificate.VersionlessSecretId,
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.keyvault.KeyvaultFunctions;
    import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;
    import com.pulumi.azure.apimanagement.Service;
    import com.pulumi.azure.apimanagement.ServiceArgs;
    import com.pulumi.azure.keyvault.Certificate;
    import com.pulumi.azure.keyvault.CertificateArgs;
    import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;
    import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;
    import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;
    import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;
    import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;
    import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;
    import com.pulumi.azure.apimanagement.CustomDomain;
    import com.pulumi.azure.apimanagement.CustomDomainArgs;
    import com.pulumi.azure.apimanagement.inputs.CustomDomainGatewayArgs;
    import com.pulumi.azure.apimanagement.inputs.CustomDomainDeveloperPortalArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
                .name("example-resources")
                .location("West Europe")
                .build());
    
            final var example = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
                .name("mykeyvault")
                .resourceGroupName("some-resource-group")
                .build());
    
            var exampleService = new Service("exampleService", ServiceArgs.builder()
                .name("example-apim")
                .location(exampleResourceGroup.location())
                .resourceGroupName(exampleResourceGroup.name())
                .publisherName("pub1")
                .publisherEmail("pub1@email.com")
                .skuName("Developer_1")
                .build());
    
            var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder()
                .name("example-certificate")
                .keyVaultId(example.applyValue(getKeyVaultResult -> getKeyVaultResult.id()))
                .certificatePolicy(CertificateCertificatePolicyArgs.builder()
                    .issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()
                        .name("Self")
                        .build())
                    .keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()
                        .exportable(true)
                        .keySize(2048)
                        .keyType("RSA")
                        .reuseKey(true)
                        .build())
                    .lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()
                        .action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()
                            .actionType("AutoRenew")
                            .build())
                        .trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()
                            .daysBeforeExpiry(30)
                            .build())
                        .build())
                    .secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()
                        .contentType("application/x-pkcs12")
                        .build())
                    .x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()
                        .keyUsages(                    
                            "cRLSign",
                            "dataEncipherment",
                            "digitalSignature",
                            "keyAgreement",
                            "keyCertSign",
                            "keyEncipherment")
                        .subject("CN=api.example.com")
                        .validityInMonths(12)
                        .subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()
                            .dnsNames(                        
                                "api.example.com",
                                "portal.example.com")
                            .build())
                        .build())
                    .build())
                .build());
    
            var exampleCustomDomain = new CustomDomain("exampleCustomDomain", CustomDomainArgs.builder()
                .apiManagementId(exampleService.id())
                .gateways(CustomDomainGatewayArgs.builder()
                    .hostName("api.example.com")
                    .keyVaultId(exampleCertificate.versionlessSecretId())
                    .build())
                .developerPortals(CustomDomainDeveloperPortalArgs.builder()
                    .hostName("portal.example.com")
                    .keyVaultId(exampleCertificate.versionlessSecretId())
                    .build())
                .build());
    
        }
    }
    
    resources:
      exampleResourceGroup:
        type: azure:core:ResourceGroup
        name: example
        properties:
          name: example-resources
          location: West Europe
      exampleService:
        type: azure:apimanagement:Service
        name: example
        properties:
          name: example-apim
          location: ${exampleResourceGroup.location}
          resourceGroupName: ${exampleResourceGroup.name}
          publisherName: pub1
          publisherEmail: pub1@email.com
          skuName: Developer_1
      exampleCertificate:
        type: azure:keyvault:Certificate
        name: example
        properties:
          name: example-certificate
          keyVaultId: ${example.id}
          certificatePolicy:
            issuerParameters:
              name: Self
            keyProperties:
              exportable: true
              keySize: 2048
              keyType: RSA
              reuseKey: true
            lifetimeActions:
              - action:
                  actionType: AutoRenew
                trigger:
                  daysBeforeExpiry: 30
            secretProperties:
              contentType: application/x-pkcs12
            x509CertificateProperties:
              keyUsages:
                - cRLSign
                - dataEncipherment
                - digitalSignature
                - keyAgreement
                - keyCertSign
                - keyEncipherment
              subject: CN=api.example.com
              validityInMonths: 12
              subjectAlternativeNames:
                dnsNames:
                  - api.example.com
                  - portal.example.com
      exampleCustomDomain:
        type: azure:apimanagement:CustomDomain
        name: example
        properties:
          apiManagementId: ${exampleService.id}
          gateways:
            - hostName: api.example.com
              keyVaultId: ${exampleCertificate.versionlessSecretId}
          developerPortals:
            - hostName: portal.example.com
              keyVaultId: ${exampleCertificate.versionlessSecretId}
    variables:
      example:
        fn::invoke:
          Function: azure:keyvault:getKeyVault
          Arguments:
            name: mykeyvault
            resourceGroupName: some-resource-group
    

    Create CustomDomain Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CustomDomain(name: string, args: CustomDomainArgs, opts?: CustomResourceOptions);
    @overload
    def CustomDomain(resource_name: str,
                     args: CustomDomainArgs,
                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def CustomDomain(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     api_management_id: Optional[str] = None,
                     developer_portals: Optional[Sequence[CustomDomainDeveloperPortalArgs]] = None,
                     gateways: Optional[Sequence[CustomDomainGatewayArgs]] = None,
                     managements: Optional[Sequence[CustomDomainManagementArgs]] = None,
                     portals: Optional[Sequence[CustomDomainPortalArgs]] = None,
                     scms: Optional[Sequence[CustomDomainScmArgs]] = None)
    func NewCustomDomain(ctx *Context, name string, args CustomDomainArgs, opts ...ResourceOption) (*CustomDomain, error)
    public CustomDomain(string name, CustomDomainArgs args, CustomResourceOptions? opts = null)
    public CustomDomain(String name, CustomDomainArgs args)
    public CustomDomain(String name, CustomDomainArgs args, CustomResourceOptions options)
    
    type: azure:apimanagement:CustomDomain
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args CustomDomainArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CustomDomainArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CustomDomainArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CustomDomainArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CustomDomainArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var customDomainResource = new Azure.ApiManagement.CustomDomain("customDomainResource", new()
    {
        ApiManagementId = "string",
        DeveloperPortals = new[]
        {
            new Azure.ApiManagement.Inputs.CustomDomainDeveloperPortalArgs
            {
                HostName = "string",
                Certificate = "string",
                CertificatePassword = "string",
                CertificateSource = "string",
                CertificateStatus = "string",
                Expiry = "string",
                KeyVaultId = "string",
                NegotiateClientCertificate = false,
                SslKeyvaultIdentityClientId = "string",
                Subject = "string",
                Thumbprint = "string",
            },
        },
        Gateways = new[]
        {
            new Azure.ApiManagement.Inputs.CustomDomainGatewayArgs
            {
                HostName = "string",
                Certificate = "string",
                CertificatePassword = "string",
                CertificateSource = "string",
                CertificateStatus = "string",
                DefaultSslBinding = false,
                Expiry = "string",
                KeyVaultId = "string",
                NegotiateClientCertificate = false,
                SslKeyvaultIdentityClientId = "string",
                Subject = "string",
                Thumbprint = "string",
            },
        },
        Managements = new[]
        {
            new Azure.ApiManagement.Inputs.CustomDomainManagementArgs
            {
                HostName = "string",
                Certificate = "string",
                CertificatePassword = "string",
                CertificateSource = "string",
                CertificateStatus = "string",
                Expiry = "string",
                KeyVaultId = "string",
                NegotiateClientCertificate = false,
                SslKeyvaultIdentityClientId = "string",
                Subject = "string",
                Thumbprint = "string",
            },
        },
        Portals = new[]
        {
            new Azure.ApiManagement.Inputs.CustomDomainPortalArgs
            {
                HostName = "string",
                Certificate = "string",
                CertificatePassword = "string",
                CertificateSource = "string",
                CertificateStatus = "string",
                Expiry = "string",
                KeyVaultId = "string",
                NegotiateClientCertificate = false,
                SslKeyvaultIdentityClientId = "string",
                Subject = "string",
                Thumbprint = "string",
            },
        },
        Scms = new[]
        {
            new Azure.ApiManagement.Inputs.CustomDomainScmArgs
            {
                HostName = "string",
                Certificate = "string",
                CertificatePassword = "string",
                CertificateSource = "string",
                CertificateStatus = "string",
                Expiry = "string",
                KeyVaultId = "string",
                NegotiateClientCertificate = false,
                SslKeyvaultIdentityClientId = "string",
                Subject = "string",
                Thumbprint = "string",
            },
        },
    });
    
    example, err := apimanagement.NewCustomDomain(ctx, "customDomainResource", &apimanagement.CustomDomainArgs{
    	ApiManagementId: pulumi.String("string"),
    	DeveloperPortals: apimanagement.CustomDomainDeveloperPortalArray{
    		&apimanagement.CustomDomainDeveloperPortalArgs{
    			HostName:                    pulumi.String("string"),
    			Certificate:                 pulumi.String("string"),
    			CertificatePassword:         pulumi.String("string"),
    			CertificateSource:           pulumi.String("string"),
    			CertificateStatus:           pulumi.String("string"),
    			Expiry:                      pulumi.String("string"),
    			KeyVaultId:                  pulumi.String("string"),
    			NegotiateClientCertificate:  pulumi.Bool(false),
    			SslKeyvaultIdentityClientId: pulumi.String("string"),
    			Subject:                     pulumi.String("string"),
    			Thumbprint:                  pulumi.String("string"),
    		},
    	},
    	Gateways: apimanagement.CustomDomainGatewayArray{
    		&apimanagement.CustomDomainGatewayArgs{
    			HostName:                    pulumi.String("string"),
    			Certificate:                 pulumi.String("string"),
    			CertificatePassword:         pulumi.String("string"),
    			CertificateSource:           pulumi.String("string"),
    			CertificateStatus:           pulumi.String("string"),
    			DefaultSslBinding:           pulumi.Bool(false),
    			Expiry:                      pulumi.String("string"),
    			KeyVaultId:                  pulumi.String("string"),
    			NegotiateClientCertificate:  pulumi.Bool(false),
    			SslKeyvaultIdentityClientId: pulumi.String("string"),
    			Subject:                     pulumi.String("string"),
    			Thumbprint:                  pulumi.String("string"),
    		},
    	},
    	Managements: apimanagement.CustomDomainManagementArray{
    		&apimanagement.CustomDomainManagementArgs{
    			HostName:                    pulumi.String("string"),
    			Certificate:                 pulumi.String("string"),
    			CertificatePassword:         pulumi.String("string"),
    			CertificateSource:           pulumi.String("string"),
    			CertificateStatus:           pulumi.String("string"),
    			Expiry:                      pulumi.String("string"),
    			KeyVaultId:                  pulumi.String("string"),
    			NegotiateClientCertificate:  pulumi.Bool(false),
    			SslKeyvaultIdentityClientId: pulumi.String("string"),
    			Subject:                     pulumi.String("string"),
    			Thumbprint:                  pulumi.String("string"),
    		},
    	},
    	Portals: apimanagement.CustomDomainPortalArray{
    		&apimanagement.CustomDomainPortalArgs{
    			HostName:                    pulumi.String("string"),
    			Certificate:                 pulumi.String("string"),
    			CertificatePassword:         pulumi.String("string"),
    			CertificateSource:           pulumi.String("string"),
    			CertificateStatus:           pulumi.String("string"),
    			Expiry:                      pulumi.String("string"),
    			KeyVaultId:                  pulumi.String("string"),
    			NegotiateClientCertificate:  pulumi.Bool(false),
    			SslKeyvaultIdentityClientId: pulumi.String("string"),
    			Subject:                     pulumi.String("string"),
    			Thumbprint:                  pulumi.String("string"),
    		},
    	},
    	Scms: apimanagement.CustomDomainScmArray{
    		&apimanagement.CustomDomainScmArgs{
    			HostName:                    pulumi.String("string"),
    			Certificate:                 pulumi.String("string"),
    			CertificatePassword:         pulumi.String("string"),
    			CertificateSource:           pulumi.String("string"),
    			CertificateStatus:           pulumi.String("string"),
    			Expiry:                      pulumi.String("string"),
    			KeyVaultId:                  pulumi.String("string"),
    			NegotiateClientCertificate:  pulumi.Bool(false),
    			SslKeyvaultIdentityClientId: pulumi.String("string"),
    			Subject:                     pulumi.String("string"),
    			Thumbprint:                  pulumi.String("string"),
    		},
    	},
    })
    
    var customDomainResource = new CustomDomain("customDomainResource", CustomDomainArgs.builder()
        .apiManagementId("string")
        .developerPortals(CustomDomainDeveloperPortalArgs.builder()
            .hostName("string")
            .certificate("string")
            .certificatePassword("string")
            .certificateSource("string")
            .certificateStatus("string")
            .expiry("string")
            .keyVaultId("string")
            .negotiateClientCertificate(false)
            .sslKeyvaultIdentityClientId("string")
            .subject("string")
            .thumbprint("string")
            .build())
        .gateways(CustomDomainGatewayArgs.builder()
            .hostName("string")
            .certificate("string")
            .certificatePassword("string")
            .certificateSource("string")
            .certificateStatus("string")
            .defaultSslBinding(false)
            .expiry("string")
            .keyVaultId("string")
            .negotiateClientCertificate(false)
            .sslKeyvaultIdentityClientId("string")
            .subject("string")
            .thumbprint("string")
            .build())
        .managements(CustomDomainManagementArgs.builder()
            .hostName("string")
            .certificate("string")
            .certificatePassword("string")
            .certificateSource("string")
            .certificateStatus("string")
            .expiry("string")
            .keyVaultId("string")
            .negotiateClientCertificate(false)
            .sslKeyvaultIdentityClientId("string")
            .subject("string")
            .thumbprint("string")
            .build())
        .portals(CustomDomainPortalArgs.builder()
            .hostName("string")
            .certificate("string")
            .certificatePassword("string")
            .certificateSource("string")
            .certificateStatus("string")
            .expiry("string")
            .keyVaultId("string")
            .negotiateClientCertificate(false)
            .sslKeyvaultIdentityClientId("string")
            .subject("string")
            .thumbprint("string")
            .build())
        .scms(CustomDomainScmArgs.builder()
            .hostName("string")
            .certificate("string")
            .certificatePassword("string")
            .certificateSource("string")
            .certificateStatus("string")
            .expiry("string")
            .keyVaultId("string")
            .negotiateClientCertificate(false)
            .sslKeyvaultIdentityClientId("string")
            .subject("string")
            .thumbprint("string")
            .build())
        .build());
    
    custom_domain_resource = azure.apimanagement.CustomDomain("customDomainResource",
        api_management_id="string",
        developer_portals=[{
            "host_name": "string",
            "certificate": "string",
            "certificate_password": "string",
            "certificate_source": "string",
            "certificate_status": "string",
            "expiry": "string",
            "key_vault_id": "string",
            "negotiate_client_certificate": False,
            "ssl_keyvault_identity_client_id": "string",
            "subject": "string",
            "thumbprint": "string",
        }],
        gateways=[{
            "host_name": "string",
            "certificate": "string",
            "certificate_password": "string",
            "certificate_source": "string",
            "certificate_status": "string",
            "default_ssl_binding": False,
            "expiry": "string",
            "key_vault_id": "string",
            "negotiate_client_certificate": False,
            "ssl_keyvault_identity_client_id": "string",
            "subject": "string",
            "thumbprint": "string",
        }],
        managements=[{
            "host_name": "string",
            "certificate": "string",
            "certificate_password": "string",
            "certificate_source": "string",
            "certificate_status": "string",
            "expiry": "string",
            "key_vault_id": "string",
            "negotiate_client_certificate": False,
            "ssl_keyvault_identity_client_id": "string",
            "subject": "string",
            "thumbprint": "string",
        }],
        portals=[{
            "host_name": "string",
            "certificate": "string",
            "certificate_password": "string",
            "certificate_source": "string",
            "certificate_status": "string",
            "expiry": "string",
            "key_vault_id": "string",
            "negotiate_client_certificate": False,
            "ssl_keyvault_identity_client_id": "string",
            "subject": "string",
            "thumbprint": "string",
        }],
        scms=[{
            "host_name": "string",
            "certificate": "string",
            "certificate_password": "string",
            "certificate_source": "string",
            "certificate_status": "string",
            "expiry": "string",
            "key_vault_id": "string",
            "negotiate_client_certificate": False,
            "ssl_keyvault_identity_client_id": "string",
            "subject": "string",
            "thumbprint": "string",
        }])
    
    const customDomainResource = new azure.apimanagement.CustomDomain("customDomainResource", {
        apiManagementId: "string",
        developerPortals: [{
            hostName: "string",
            certificate: "string",
            certificatePassword: "string",
            certificateSource: "string",
            certificateStatus: "string",
            expiry: "string",
            keyVaultId: "string",
            negotiateClientCertificate: false,
            sslKeyvaultIdentityClientId: "string",
            subject: "string",
            thumbprint: "string",
        }],
        gateways: [{
            hostName: "string",
            certificate: "string",
            certificatePassword: "string",
            certificateSource: "string",
            certificateStatus: "string",
            defaultSslBinding: false,
            expiry: "string",
            keyVaultId: "string",
            negotiateClientCertificate: false,
            sslKeyvaultIdentityClientId: "string",
            subject: "string",
            thumbprint: "string",
        }],
        managements: [{
            hostName: "string",
            certificate: "string",
            certificatePassword: "string",
            certificateSource: "string",
            certificateStatus: "string",
            expiry: "string",
            keyVaultId: "string",
            negotiateClientCertificate: false,
            sslKeyvaultIdentityClientId: "string",
            subject: "string",
            thumbprint: "string",
        }],
        portals: [{
            hostName: "string",
            certificate: "string",
            certificatePassword: "string",
            certificateSource: "string",
            certificateStatus: "string",
            expiry: "string",
            keyVaultId: "string",
            negotiateClientCertificate: false,
            sslKeyvaultIdentityClientId: "string",
            subject: "string",
            thumbprint: "string",
        }],
        scms: [{
            hostName: "string",
            certificate: "string",
            certificatePassword: "string",
            certificateSource: "string",
            certificateStatus: "string",
            expiry: "string",
            keyVaultId: "string",
            negotiateClientCertificate: false,
            sslKeyvaultIdentityClientId: "string",
            subject: "string",
            thumbprint: "string",
        }],
    });
    
    type: azure:apimanagement:CustomDomain
    properties:
        apiManagementId: string
        developerPortals:
            - certificate: string
              certificatePassword: string
              certificateSource: string
              certificateStatus: string
              expiry: string
              hostName: string
              keyVaultId: string
              negotiateClientCertificate: false
              sslKeyvaultIdentityClientId: string
              subject: string
              thumbprint: string
        gateways:
            - certificate: string
              certificatePassword: string
              certificateSource: string
              certificateStatus: string
              defaultSslBinding: false
              expiry: string
              hostName: string
              keyVaultId: string
              negotiateClientCertificate: false
              sslKeyvaultIdentityClientId: string
              subject: string
              thumbprint: string
        managements:
            - certificate: string
              certificatePassword: string
              certificateSource: string
              certificateStatus: string
              expiry: string
              hostName: string
              keyVaultId: string
              negotiateClientCertificate: false
              sslKeyvaultIdentityClientId: string
              subject: string
              thumbprint: string
        portals:
            - certificate: string
              certificatePassword: string
              certificateSource: string
              certificateStatus: string
              expiry: string
              hostName: string
              keyVaultId: string
              negotiateClientCertificate: false
              sslKeyvaultIdentityClientId: string
              subject: string
              thumbprint: string
        scms:
            - certificate: string
              certificatePassword: string
              certificateSource: string
              certificateStatus: string
              expiry: string
              hostName: string
              keyVaultId: string
              negotiateClientCertificate: false
              sslKeyvaultIdentityClientId: string
              subject: string
              thumbprint: string
    

    CustomDomain Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The CustomDomain resource accepts the following input properties:

    ApiManagementId string
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    DeveloperPortals List<CustomDomainDeveloperPortal>
    One or more developer_portal blocks as defined below.
    Gateways List<CustomDomainGateway>
    One or more gateway blocks as defined below.
    Managements List<CustomDomainManagement>
    One or more management blocks as defined below.
    Portals List<CustomDomainPortal>
    One or more portal blocks as defined below.
    Scms List<CustomDomainScm>
    One or more scm blocks as defined below.
    ApiManagementId string
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    DeveloperPortals []CustomDomainDeveloperPortalArgs
    One or more developer_portal blocks as defined below.
    Gateways []CustomDomainGatewayArgs
    One or more gateway blocks as defined below.
    Managements []CustomDomainManagementArgs
    One or more management blocks as defined below.
    Portals []CustomDomainPortalArgs
    One or more portal blocks as defined below.
    Scms []CustomDomainScmArgs
    One or more scm blocks as defined below.
    apiManagementId String
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developerPortals List<CustomDomainDeveloperPortal>
    One or more developer_portal blocks as defined below.
    gateways List<CustomDomainGateway>
    One or more gateway blocks as defined below.
    managements List<CustomDomainManagement>
    One or more management blocks as defined below.
    portals List<CustomDomainPortal>
    One or more portal blocks as defined below.
    scms List<CustomDomainScm>
    One or more scm blocks as defined below.
    apiManagementId string
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developerPortals CustomDomainDeveloperPortal[]
    One or more developer_portal blocks as defined below.
    gateways CustomDomainGateway[]
    One or more gateway blocks as defined below.
    managements CustomDomainManagement[]
    One or more management blocks as defined below.
    portals CustomDomainPortal[]
    One or more portal blocks as defined below.
    scms CustomDomainScm[]
    One or more scm blocks as defined below.
    api_management_id str
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developer_portals Sequence[CustomDomainDeveloperPortalArgs]
    One or more developer_portal blocks as defined below.
    gateways Sequence[CustomDomainGatewayArgs]
    One or more gateway blocks as defined below.
    managements Sequence[CustomDomainManagementArgs]
    One or more management blocks as defined below.
    portals Sequence[CustomDomainPortalArgs]
    One or more portal blocks as defined below.
    scms Sequence[CustomDomainScmArgs]
    One or more scm blocks as defined below.
    apiManagementId String
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developerPortals List<Property Map>
    One or more developer_portal blocks as defined below.
    gateways List<Property Map>
    One or more gateway blocks as defined below.
    managements List<Property Map>
    One or more management blocks as defined below.
    portals List<Property Map>
    One or more portal blocks as defined below.
    scms List<Property Map>
    One or more scm blocks as defined below.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CustomDomain resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing CustomDomain Resource

    Get an existing CustomDomain resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CustomDomainState, opts?: CustomResourceOptions): CustomDomain
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            api_management_id: Optional[str] = None,
            developer_portals: Optional[Sequence[CustomDomainDeveloperPortalArgs]] = None,
            gateways: Optional[Sequence[CustomDomainGatewayArgs]] = None,
            managements: Optional[Sequence[CustomDomainManagementArgs]] = None,
            portals: Optional[Sequence[CustomDomainPortalArgs]] = None,
            scms: Optional[Sequence[CustomDomainScmArgs]] = None) -> CustomDomain
    func GetCustomDomain(ctx *Context, name string, id IDInput, state *CustomDomainState, opts ...ResourceOption) (*CustomDomain, error)
    public static CustomDomain Get(string name, Input<string> id, CustomDomainState? state, CustomResourceOptions? opts = null)
    public static CustomDomain get(String name, Output<String> id, CustomDomainState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ApiManagementId string
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    DeveloperPortals List<CustomDomainDeveloperPortal>
    One or more developer_portal blocks as defined below.
    Gateways List<CustomDomainGateway>
    One or more gateway blocks as defined below.
    Managements List<CustomDomainManagement>
    One or more management blocks as defined below.
    Portals List<CustomDomainPortal>
    One or more portal blocks as defined below.
    Scms List<CustomDomainScm>
    One or more scm blocks as defined below.
    ApiManagementId string
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    DeveloperPortals []CustomDomainDeveloperPortalArgs
    One or more developer_portal blocks as defined below.
    Gateways []CustomDomainGatewayArgs
    One or more gateway blocks as defined below.
    Managements []CustomDomainManagementArgs
    One or more management blocks as defined below.
    Portals []CustomDomainPortalArgs
    One or more portal blocks as defined below.
    Scms []CustomDomainScmArgs
    One or more scm blocks as defined below.
    apiManagementId String
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developerPortals List<CustomDomainDeveloperPortal>
    One or more developer_portal blocks as defined below.
    gateways List<CustomDomainGateway>
    One or more gateway blocks as defined below.
    managements List<CustomDomainManagement>
    One or more management blocks as defined below.
    portals List<CustomDomainPortal>
    One or more portal blocks as defined below.
    scms List<CustomDomainScm>
    One or more scm blocks as defined below.
    apiManagementId string
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developerPortals CustomDomainDeveloperPortal[]
    One or more developer_portal blocks as defined below.
    gateways CustomDomainGateway[]
    One or more gateway blocks as defined below.
    managements CustomDomainManagement[]
    One or more management blocks as defined below.
    portals CustomDomainPortal[]
    One or more portal blocks as defined below.
    scms CustomDomainScm[]
    One or more scm blocks as defined below.
    api_management_id str
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developer_portals Sequence[CustomDomainDeveloperPortalArgs]
    One or more developer_portal blocks as defined below.
    gateways Sequence[CustomDomainGatewayArgs]
    One or more gateway blocks as defined below.
    managements Sequence[CustomDomainManagementArgs]
    One or more management blocks as defined below.
    portals Sequence[CustomDomainPortalArgs]
    One or more portal blocks as defined below.
    scms Sequence[CustomDomainScmArgs]
    One or more scm blocks as defined below.
    apiManagementId String
    The ID of the API Management service for which to configure Custom Domains. Changing this forces a new API Management Custom Domain resource to be created.
    developerPortals List<Property Map>
    One or more developer_portal blocks as defined below.
    gateways List<Property Map>
    One or more gateway blocks as defined below.
    managements List<Property Map>
    One or more management blocks as defined below.
    portals List<Property Map>
    One or more portal blocks as defined below.
    scms List<Property Map>
    One or more scm blocks as defined below.

    Supporting Types

    CustomDomainDeveloperPortal, CustomDomainDeveloperPortalArgs

    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String
    hostName string
    The Hostname to use for the corresponding endpoint.
    certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword string
    The password associated with the certificate provided above.
    certificateSource string
    certificateStatus string
    expiry string
    keyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject string
    thumbprint string
    host_name str
    The Hostname to use for the corresponding endpoint.
    certificate str
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificate_password str
    The password associated with the certificate provided above.
    certificate_source str
    certificate_status str
    expiry str
    key_vault_id str
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiate_client_certificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    ssl_keyvault_identity_client_id str

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject str
    thumbprint str
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String

    CustomDomainGateway, CustomDomainGatewayArgs

    HostName string
    The Hostname to use for the API Proxy Endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    DefaultSslBinding bool
    Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to false.
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    HostName string
    The Hostname to use for the API Proxy Endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    DefaultSslBinding bool
    Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to false.
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    hostName String
    The Hostname to use for the API Proxy Endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    defaultSslBinding Boolean
    Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to false.
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String
    hostName string
    The Hostname to use for the API Proxy Endpoint.
    certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword string
    The password associated with the certificate provided above.
    certificateSource string
    certificateStatus string
    defaultSslBinding boolean
    Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to false.
    expiry string
    keyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject string
    thumbprint string
    host_name str
    The Hostname to use for the API Proxy Endpoint.
    certificate str
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificate_password str
    The password associated with the certificate provided above.
    certificate_source str
    certificate_status str
    default_ssl_binding bool
    Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to false.
    expiry str
    key_vault_id str
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiate_client_certificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    ssl_keyvault_identity_client_id str

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject str
    thumbprint str
    hostName String
    The Hostname to use for the API Proxy Endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    defaultSslBinding Boolean
    Is the certificate associated with this Hostname the Default SSL Certificate? This is used when an SNI header isn't specified by a client. Defaults to false.
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String

    CustomDomainManagement, CustomDomainManagementArgs

    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String
    hostName string
    The Hostname to use for the corresponding endpoint.
    certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword string
    The password associated with the certificate provided above.
    certificateSource string
    certificateStatus string
    expiry string
    keyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject string
    thumbprint string
    host_name str
    The Hostname to use for the corresponding endpoint.
    certificate str
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificate_password str
    The password associated with the certificate provided above.
    certificate_source str
    certificate_status str
    expiry str
    key_vault_id str
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiate_client_certificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    ssl_keyvault_identity_client_id str

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject str
    thumbprint str
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String

    CustomDomainPortal, CustomDomainPortalArgs

    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String
    hostName string
    The Hostname to use for the corresponding endpoint.
    certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword string
    The password associated with the certificate provided above.
    certificateSource string
    certificateStatus string
    expiry string
    keyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject string
    thumbprint string
    host_name str
    The Hostname to use for the corresponding endpoint.
    certificate str
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificate_password str
    The password associated with the certificate provided above.
    certificate_source str
    certificate_status str
    expiry str
    key_vault_id str
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiate_client_certificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    ssl_keyvault_identity_client_id str

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject str
    thumbprint str
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String

    CustomDomainScm, CustomDomainScmArgs

    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    HostName string
    The Hostname to use for the corresponding endpoint.
    Certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    CertificatePassword string
    The password associated with the certificate provided above.
    CertificateSource string
    CertificateStatus string
    Expiry string
    KeyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    NegotiateClientCertificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    SslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    Subject string
    Thumbprint string
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String
    hostName string
    The Hostname to use for the corresponding endpoint.
    certificate string
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword string
    The password associated with the certificate provided above.
    certificateSource string
    certificateStatus string
    expiry string
    keyVaultId string
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId string

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject string
    thumbprint string
    host_name str
    The Hostname to use for the corresponding endpoint.
    certificate str
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificate_password str
    The password associated with the certificate provided above.
    certificate_source str
    certificate_status str
    expiry str
    key_vault_id str
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiate_client_certificate bool
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    ssl_keyvault_identity_client_id str

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject str
    thumbprint str
    hostName String
    The Hostname to use for the corresponding endpoint.
    certificate String
    The Base64 Encoded Certificate. (Mutually exclusive with key_vault_id.)
    certificatePassword String
    The password associated with the certificate provided above.
    certificateSource String
    certificateStatus String
    expiry String
    keyVaultId String
    The ID of the Key Vault Secret containing the SSL Certificate, which must be should be of the type application/x-pkcs12.
    negotiateClientCertificate Boolean
    Should Client Certificate Negotiation be enabled for this Hostname? Defaults to false.
    sslKeyvaultIdentityClientId String

    System or User Assigned Managed identity clientId as generated by Azure AD, which has GET access to the keyVault containing the SSL certificate.

    NOTE: If a User Assigned Managed identity is specified for ssl_keyvault_identity_client_id then this identity must be associated to the azure.apimanagement.Service within an identity block.

    subject String
    thumbprint String

    Import

    API Management Custom Domains can be imported using the resource id, e.g.

    $ pulumi import azure:apimanagement/customDomain:CustomDomain example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ApiManagement/service/instance1/customDomains/default
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi