1. Packages
  2. Azure Classic
  3. API Docs
  4. keyvault
  5. getCertificateData

We recommend using Azure Native.

Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi

azure.keyvault.getCertificateData

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Use this data source to access data stored in an existing Key Vault Certificate.

    Note: This data source uses the GetSecret function of the Azure API, to get the key of the certificate. Therefore you need secret/get permission

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const example = azure.keyvault.getKeyVault({
        name: "examplekv",
        resourceGroupName: "some-resource-group",
    });
    const exampleGetCertificateData = example.then(example => azure.keyvault.getCertificateData({
        name: "secret-sauce",
        keyVaultId: example.id,
    }));
    export const examplePem = exampleGetCertificateData.then(exampleGetCertificateData => exampleGetCertificateData.pem);
    
    import pulumi
    import pulumi_azure as azure
    
    example = azure.keyvault.get_key_vault(name="examplekv",
        resource_group_name="some-resource-group")
    example_get_certificate_data = azure.keyvault.get_certificate_data(name="secret-sauce",
        key_vault_id=example.id)
    pulumi.export("examplePem", example_get_certificate_data.pem)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
    			Name:              "examplekv",
    			ResourceGroupName: "some-resource-group",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		exampleGetCertificateData, err := keyvault.GetCertificateData(ctx, &keyvault.GetCertificateDataArgs{
    			Name:       "secret-sauce",
    			KeyVaultId: example.Id,
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("examplePem", exampleGetCertificateData.Pem)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Azure.KeyVault.GetKeyVault.Invoke(new()
        {
            Name = "examplekv",
            ResourceGroupName = "some-resource-group",
        });
    
        var exampleGetCertificateData = Azure.KeyVault.GetCertificateData.Invoke(new()
        {
            Name = "secret-sauce",
            KeyVaultId = example.Apply(getKeyVaultResult => getKeyVaultResult.Id),
        });
    
        return new Dictionary<string, object?>
        {
            ["examplePem"] = exampleGetCertificateData.Apply(getCertificateDataResult => getCertificateDataResult.Pem),
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.keyvault.KeyvaultFunctions;
    import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;
    import com.pulumi.azure.keyvault.inputs.GetCertificateDataArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
                .name("examplekv")
                .resourceGroupName("some-resource-group")
                .build());
    
            final var exampleGetCertificateData = KeyvaultFunctions.getCertificateData(GetCertificateDataArgs.builder()
                .name("secret-sauce")
                .keyVaultId(example.applyValue(getKeyVaultResult -> getKeyVaultResult.id()))
                .build());
    
            ctx.export("examplePem", exampleGetCertificateData.applyValue(getCertificateDataResult -> getCertificateDataResult.pem()));
        }
    }
    
    variables:
      example:
        fn::invoke:
          Function: azure:keyvault:getKeyVault
          Arguments:
            name: examplekv
            resourceGroupName: some-resource-group
      exampleGetCertificateData:
        fn::invoke:
          Function: azure:keyvault:getCertificateData
          Arguments:
            name: secret-sauce
            keyVaultId: ${example.id}
    outputs:
      examplePem: ${exampleGetCertificateData.pem}
    

    Using getCertificateData

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getCertificateData(args: GetCertificateDataArgs, opts?: InvokeOptions): Promise<GetCertificateDataResult>
    function getCertificateDataOutput(args: GetCertificateDataOutputArgs, opts?: InvokeOptions): Output<GetCertificateDataResult>
    def get_certificate_data(key_vault_id: Optional[str] = None,
                             name: Optional[str] = None,
                             version: Optional[str] = None,
                             opts: Optional[InvokeOptions] = None) -> GetCertificateDataResult
    def get_certificate_data_output(key_vault_id: Optional[pulumi.Input[str]] = None,
                             name: Optional[pulumi.Input[str]] = None,
                             version: Optional[pulumi.Input[str]] = None,
                             opts: Optional[InvokeOptions] = None) -> Output[GetCertificateDataResult]
    func GetCertificateData(ctx *Context, args *GetCertificateDataArgs, opts ...InvokeOption) (*GetCertificateDataResult, error)
    func GetCertificateDataOutput(ctx *Context, args *GetCertificateDataOutputArgs, opts ...InvokeOption) GetCertificateDataResultOutput

    > Note: This function is named GetCertificateData in the Go SDK.

    public static class GetCertificateData 
    {
        public static Task<GetCertificateDataResult> InvokeAsync(GetCertificateDataArgs args, InvokeOptions? opts = null)
        public static Output<GetCertificateDataResult> Invoke(GetCertificateDataInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetCertificateDataResult> getCertificateData(GetCertificateDataArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: azure:keyvault/getCertificateData:getCertificateData
      arguments:
        # arguments dictionary

    The following arguments are supported:

    KeyVaultId string
    Specifies the ID of the Key Vault instance where the Secret resides, available on the azure.keyvault.KeyVault Data Source / Resource.
    Name string
    Specifies the name of the Key Vault Secret.
    Version string

    Specifies the version of the certificate to look up. (Defaults to latest)

    NOTE: The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.

    KeyVaultId string
    Specifies the ID of the Key Vault instance where the Secret resides, available on the azure.keyvault.KeyVault Data Source / Resource.
    Name string
    Specifies the name of the Key Vault Secret.
    Version string

    Specifies the version of the certificate to look up. (Defaults to latest)

    NOTE: The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.

    keyVaultId String
    Specifies the ID of the Key Vault instance where the Secret resides, available on the azure.keyvault.KeyVault Data Source / Resource.
    name String
    Specifies the name of the Key Vault Secret.
    version String

    Specifies the version of the certificate to look up. (Defaults to latest)

    NOTE: The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.

    keyVaultId string
    Specifies the ID of the Key Vault instance where the Secret resides, available on the azure.keyvault.KeyVault Data Source / Resource.
    name string
    Specifies the name of the Key Vault Secret.
    version string

    Specifies the version of the certificate to look up. (Defaults to latest)

    NOTE: The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.

    key_vault_id str
    Specifies the ID of the Key Vault instance where the Secret resides, available on the azure.keyvault.KeyVault Data Source / Resource.
    name str
    Specifies the name of the Key Vault Secret.
    version str

    Specifies the version of the certificate to look up. (Defaults to latest)

    NOTE: The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.

    keyVaultId String
    Specifies the ID of the Key Vault instance where the Secret resides, available on the azure.keyvault.KeyVault Data Source / Resource.
    name String
    Specifies the name of the Key Vault Secret.
    version String

    Specifies the version of the certificate to look up. (Defaults to latest)

    NOTE: The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.

    getCertificateData Result

    The following output properties are available:

    CertificatesCount int
    Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
    Expires string
    Expiry date of certificate in RFC3339 format.
    Hex string
    The raw Key Vault Certificate data represented as a hexadecimal string.
    Id string
    The provider-assigned unique ID for this managed resource.
    Key string
    The Key Vault Certificate Key.
    KeyVaultId string
    Name string
    NotBefore string
    Not Before date of certificate in RFC3339 format.
    Pem string
    The Key Vault Certificate in PEM format.
    Tags Dictionary<string, string>
    A mapping of tags to assign to the resource.
    Version string
    CertificatesCount int
    Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
    Expires string
    Expiry date of certificate in RFC3339 format.
    Hex string
    The raw Key Vault Certificate data represented as a hexadecimal string.
    Id string
    The provider-assigned unique ID for this managed resource.
    Key string
    The Key Vault Certificate Key.
    KeyVaultId string
    Name string
    NotBefore string
    Not Before date of certificate in RFC3339 format.
    Pem string
    The Key Vault Certificate in PEM format.
    Tags map[string]string
    A mapping of tags to assign to the resource.
    Version string
    certificatesCount Integer
    Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
    expires String
    Expiry date of certificate in RFC3339 format.
    hex String
    The raw Key Vault Certificate data represented as a hexadecimal string.
    id String
    The provider-assigned unique ID for this managed resource.
    key String
    The Key Vault Certificate Key.
    keyVaultId String
    name String
    notBefore String
    Not Before date of certificate in RFC3339 format.
    pem String
    The Key Vault Certificate in PEM format.
    tags Map<String,String>
    A mapping of tags to assign to the resource.
    version String
    certificatesCount number
    Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
    expires string
    Expiry date of certificate in RFC3339 format.
    hex string
    The raw Key Vault Certificate data represented as a hexadecimal string.
    id string
    The provider-assigned unique ID for this managed resource.
    key string
    The Key Vault Certificate Key.
    keyVaultId string
    name string
    notBefore string
    Not Before date of certificate in RFC3339 format.
    pem string
    The Key Vault Certificate in PEM format.
    tags {[key: string]: string}
    A mapping of tags to assign to the resource.
    version string
    certificates_count int
    Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
    expires str
    Expiry date of certificate in RFC3339 format.
    hex str
    The raw Key Vault Certificate data represented as a hexadecimal string.
    id str
    The provider-assigned unique ID for this managed resource.
    key str
    The Key Vault Certificate Key.
    key_vault_id str
    name str
    not_before str
    Not Before date of certificate in RFC3339 format.
    pem str
    The Key Vault Certificate in PEM format.
    tags Mapping[str, str]
    A mapping of tags to assign to the resource.
    version str
    certificatesCount Number
    Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
    expires String
    Expiry date of certificate in RFC3339 format.
    hex String
    The raw Key Vault Certificate data represented as a hexadecimal string.
    id String
    The provider-assigned unique ID for this managed resource.
    key String
    The Key Vault Certificate Key.
    keyVaultId String
    name String
    notBefore String
    Not Before date of certificate in RFC3339 format.
    pem String
    The Key Vault Certificate in PEM format.
    tags Map<String>
    A mapping of tags to assign to the resource.
    version String

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi