Docs Home
Cloudflare v5.43.0 published on Wednesday, Nov 13, 2024 by Pulumi
cloudflare.ZeroTrustAccessMtlsCertificate
Explore with Pulumi AI
Provides a Cloudflare Access Mutual TLS Certificate resource. Mutual TLS authentication ensures that the traffic is secure and trusted in both directions between a client and server and can be used with Access to only allows requests from devices with a corresponding client certificate.
It’s required that an
account_idorzone_idis provided and in most cases using either is fine. However, if you’re using a scoped access token, you must provide the argument that matches the token’s scope. For example, an access token that is scoped to the “example.com” zone needs to use thezone_idargument.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const myCert = new cloudflare.ZeroTrustAccessMtlsCertificate("my_cert", {
zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
name: "My Root Cert",
certificate: caPem,
associatedHostnames: ["staging.example.com"],
});
import pulumi
import pulumi_cloudflare as cloudflare
my_cert = cloudflare.ZeroTrustAccessMtlsCertificate("my_cert",
zone_id="0da42c8d2132a9ddaf714f9e7c920711",
name="My Root Cert",
certificate=ca_pem,
associated_hostnames=["staging.example.com"])
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewZeroTrustAccessMtlsCertificate(ctx, "my_cert", &cloudflare.ZeroTrustAccessMtlsCertificateArgs{
ZoneId: pulumi.String("0da42c8d2132a9ddaf714f9e7c920711"),
Name: pulumi.String("My Root Cert"),
Certificate: pulumi.Any(caPem),
AssociatedHostnames: pulumi.StringArray{
pulumi.String("staging.example.com"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var myCert = new Cloudflare.ZeroTrustAccessMtlsCertificate("my_cert", new()
{
ZoneId = "0da42c8d2132a9ddaf714f9e7c920711",
Name = "My Root Cert",
Certificate = caPem,
AssociatedHostnames = new[]
{
"staging.example.com",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZeroTrustAccessMtlsCertificate;
import com.pulumi.cloudflare.ZeroTrustAccessMtlsCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myCert = new ZeroTrustAccessMtlsCertificate("myCert", ZeroTrustAccessMtlsCertificateArgs.builder()
.zoneId("0da42c8d2132a9ddaf714f9e7c920711")
.name("My Root Cert")
.certificate(caPem)
.associatedHostnames("staging.example.com")
.build());
}
}
resources:
myCert:
type: cloudflare:ZeroTrustAccessMtlsCertificate
name: my_cert
properties:
zoneId: 0da42c8d2132a9ddaf714f9e7c920711
name: My Root Cert
certificate: ${caPem}
associatedHostnames:
- staging.example.com
Create ZeroTrustAccessMtlsCertificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ZeroTrustAccessMtlsCertificate(name: string, args: ZeroTrustAccessMtlsCertificateArgs, opts?: CustomResourceOptions);@overload
def ZeroTrustAccessMtlsCertificate(resource_name: str,
args: ZeroTrustAccessMtlsCertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ZeroTrustAccessMtlsCertificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
name: Optional[str] = None,
account_id: Optional[str] = None,
associated_hostnames: Optional[Sequence[str]] = None,
certificate: Optional[str] = None,
zone_id: Optional[str] = None)func NewZeroTrustAccessMtlsCertificate(ctx *Context, name string, args ZeroTrustAccessMtlsCertificateArgs, opts ...ResourceOption) (*ZeroTrustAccessMtlsCertificate, error)public ZeroTrustAccessMtlsCertificate(string name, ZeroTrustAccessMtlsCertificateArgs args, CustomResourceOptions? opts = null)
public ZeroTrustAccessMtlsCertificate(String name, ZeroTrustAccessMtlsCertificateArgs args)
public ZeroTrustAccessMtlsCertificate(String name, ZeroTrustAccessMtlsCertificateArgs args, CustomResourceOptions options)
type: cloudflare:ZeroTrustAccessMtlsCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ZeroTrustAccessMtlsCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ZeroTrustAccessMtlsCertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ZeroTrustAccessMtlsCertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZeroTrustAccessMtlsCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ZeroTrustAccessMtlsCertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var zeroTrustAccessMtlsCertificateResource = new Cloudflare.ZeroTrustAccessMtlsCertificate("zeroTrustAccessMtlsCertificateResource", new()
{
Name = "string",
AccountId = "string",
AssociatedHostnames = new[]
{
"string",
},
Certificate = "string",
ZoneId = "string",
});
example, err := cloudflare.NewZeroTrustAccessMtlsCertificate(ctx, "zeroTrustAccessMtlsCertificateResource", &cloudflare.ZeroTrustAccessMtlsCertificateArgs{
Name: pulumi.String("string"),
AccountId: pulumi.String("string"),
AssociatedHostnames: pulumi.StringArray{
pulumi.String("string"),
},
Certificate: pulumi.String("string"),
ZoneId: pulumi.String("string"),
})
var zeroTrustAccessMtlsCertificateResource = new ZeroTrustAccessMtlsCertificate("zeroTrustAccessMtlsCertificateResource", ZeroTrustAccessMtlsCertificateArgs.builder()
.name("string")
.accountId("string")
.associatedHostnames("string")
.certificate("string")
.zoneId("string")
.build());
zero_trust_access_mtls_certificate_resource = cloudflare.ZeroTrustAccessMtlsCertificate("zeroTrustAccessMtlsCertificateResource",
name="string",
account_id="string",
associated_hostnames=["string"],
certificate="string",
zone_id="string")
const zeroTrustAccessMtlsCertificateResource = new cloudflare.ZeroTrustAccessMtlsCertificate("zeroTrustAccessMtlsCertificateResource", {
name: "string",
accountId: "string",
associatedHostnames: ["string"],
certificate: "string",
zoneId: "string",
});
type: cloudflare:ZeroTrustAccessMtlsCertificate
properties:
accountId: string
associatedHostnames:
- string
certificate: string
name: string
zoneId: string
ZeroTrustAccessMtlsCertificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ZeroTrustAccessMtlsCertificate resource accepts the following input properties:
- Name string
- The name of the certificate.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Associated
Hostnames List<string> - The hostnames that will be prompted for this certificate.
- Certificate string
- The Root CA for your certificates.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Name string
- The name of the certificate.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Associated
Hostnames []string - The hostnames that will be prompted for this certificate.
- Certificate string
- The Root CA for your certificates.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- name String
- The name of the certificate.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - associated
Hostnames List<String> - The hostnames that will be prompted for this certificate.
- certificate String
- The Root CA for your certificates.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- name string
- The name of the certificate.
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - associated
Hostnames string[] - The hostnames that will be prompted for this certificate.
- certificate string
- The Root CA for your certificates.
- zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- name str
- The name of the certificate.
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. - associated_
hostnames Sequence[str] - The hostnames that will be prompted for this certificate.
- certificate str
- The Root CA for your certificates.
- zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- name String
- The name of the certificate.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - associated
Hostnames List<String> - The hostnames that will be prompted for this certificate.
- certificate String
- The Root CA for your certificates.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Outputs
All input properties are implicitly available as output properties. Additionally, the ZeroTrustAccessMtlsCertificate resource produces the following output properties:
- Fingerprint string
- Id string
- The provider-assigned unique ID for this managed resource.
- Fingerprint string
- Id string
- The provider-assigned unique ID for this managed resource.
- fingerprint String
- id String
- The provider-assigned unique ID for this managed resource.
- fingerprint string
- id string
- The provider-assigned unique ID for this managed resource.
- fingerprint str
- id str
- The provider-assigned unique ID for this managed resource.
- fingerprint String
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ZeroTrustAccessMtlsCertificate Resource
Get an existing ZeroTrustAccessMtlsCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZeroTrustAccessMtlsCertificateState, opts?: CustomResourceOptions): ZeroTrustAccessMtlsCertificate@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
associated_hostnames: Optional[Sequence[str]] = None,
certificate: Optional[str] = None,
fingerprint: Optional[str] = None,
name: Optional[str] = None,
zone_id: Optional[str] = None) -> ZeroTrustAccessMtlsCertificatefunc GetZeroTrustAccessMtlsCertificate(ctx *Context, name string, id IDInput, state *ZeroTrustAccessMtlsCertificateState, opts ...ResourceOption) (*ZeroTrustAccessMtlsCertificate, error)public static ZeroTrustAccessMtlsCertificate Get(string name, Input<string> id, ZeroTrustAccessMtlsCertificateState? state, CustomResourceOptions? opts = null)public static ZeroTrustAccessMtlsCertificate get(String name, Output<String> id, ZeroTrustAccessMtlsCertificateState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Associated
Hostnames List<string> - The hostnames that will be prompted for this certificate.
- Certificate string
- The Root CA for your certificates.
- Fingerprint string
- Name string
- The name of the certificate.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Associated
Hostnames []string - The hostnames that will be prompted for this certificate.
- Certificate string
- The Root CA for your certificates.
- Fingerprint string
- Name string
- The name of the certificate.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - associated
Hostnames List<String> - The hostnames that will be prompted for this certificate.
- certificate String
- The Root CA for your certificates.
- fingerprint String
- name String
- The name of the certificate.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - associated
Hostnames string[] - The hostnames that will be prompted for this certificate.
- certificate string
- The Root CA for your certificates.
- fingerprint string
- name string
- The name of the certificate.
- zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. - associated_
hostnames Sequence[str] - The hostnames that will be prompted for this certificate.
- certificate str
- The Root CA for your certificates.
- fingerprint str
- name str
- The name of the certificate.
- zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - associated
Hostnames List<String> - The hostnames that will be prompted for this certificate.
- certificate String
- The Root CA for your certificates.
- fingerprint String
- name String
- The name of the certificate.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Import
Account level import.
$ pulumi import cloudflare:index/zeroTrustAccessMtlsCertificate:ZeroTrustAccessMtlsCertificate cloudflare_zero_sd -t_access_mtls_certificate.example account/<account_id>/<mutual_tls_certificate_id>
Zone level import.
$ pulumi import cloudflare:index/zeroTrustAccessMtlsCertificate:ZeroTrustAccessMtlsCertificate cloudflare_zero_sd -t_access_mtls_certificate.example zone/<zone_id>/<mutual_tls_certificate_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.