fastly.TlsPlatformCertificate
Explore with Pulumi AI
Uploads a TLS certificate to the Fastly Platform TLS service.
Each TLS certificate must have its corresponding private key uploaded prior to uploading the certificate. This can be achieved in Pulumi using
depends_on
Example Usage
Basic usage with self-signed CA:
import * as pulumi from "@pulumi/pulumi";
import * as fastly from "@pulumi/fastly";
import * as tls from "@pulumi/tls";
const caKey = new tls.index.PrivateKey("ca_key", {algorithm: "RSA"});
const key = new tls.index.PrivateKey("key", {algorithm: "RSA"});
const ca = new tls.index.SelfSignedCert("ca", {
keyAlgorithm: caKey.algorithm,
privateKeyPem: caKey.privateKeyPem,
subject: [{
commonName: "Example CA",
}],
isCaCertificate: true,
validityPeriodHours: 360,
allowedUses: [
"cert_signing",
"server_auth",
],
});
const example = new tls.index.CertRequest("example", {
keyAlgorithm: key.algorithm,
privateKeyPem: key.privateKeyPem,
subject: [{
commonName: "example.com",
}],
dnsNames: [
"example.com",
"www.example.com",
],
});
const cert = new tls.index.LocallySignedCert("cert", {
certRequestPem: example.certRequestPem,
caKeyAlgorithm: caKey.algorithm,
caPrivateKeyPem: caKey.privateKeyPem,
caCertPem: ca.certPem,
validityPeriodHours: 360,
allowedUses: [
"cert_signing",
"server_auth",
],
});
const config = fastly.getTlsConfiguration({
tlsService: "PLATFORM",
});
const keyTlsPrivateKey = new fastly.TlsPrivateKey("key", {
keyPem: key.privateKeyPem,
name: "tf-demo",
});
const certTlsPlatformCertificate = new fastly.TlsPlatformCertificate("cert", {
certificateBody: cert.certPem,
intermediatesBlob: ca.certPem,
configurationId: config.then(config => config.id),
allowUntrustedRoot: true,
}, {
dependsOn: [keyTlsPrivateKey],
});
import pulumi
import pulumi_fastly as fastly
import pulumi_tls as tls
ca_key = tls.index.PrivateKey("ca_key", algorithm=RSA)
key = tls.index.PrivateKey("key", algorithm=RSA)
ca = tls.index.SelfSignedCert("ca",
key_algorithm=ca_key.algorithm,
private_key_pem=ca_key.private_key_pem,
subject=[{
commonName: Example CA,
}],
is_ca_certificate=True,
validity_period_hours=360,
allowed_uses=[
cert_signing,
server_auth,
])
example = tls.index.CertRequest("example",
key_algorithm=key.algorithm,
private_key_pem=key.private_key_pem,
subject=[{
commonName: example.com,
}],
dns_names=[
example.com,
www.example.com,
])
cert = tls.index.LocallySignedCert("cert",
cert_request_pem=example.cert_request_pem,
ca_key_algorithm=ca_key.algorithm,
ca_private_key_pem=ca_key.private_key_pem,
ca_cert_pem=ca.cert_pem,
validity_period_hours=360,
allowed_uses=[
cert_signing,
server_auth,
])
config = fastly.get_tls_configuration(tls_service="PLATFORM")
key_tls_private_key = fastly.TlsPrivateKey("key",
key_pem=key["privateKeyPem"],
name="tf-demo")
cert_tls_platform_certificate = fastly.TlsPlatformCertificate("cert",
certificate_body=cert["certPem"],
intermediates_blob=ca["certPem"],
configuration_id=config.id,
allow_untrusted_root=True,
opts = pulumi.ResourceOptions(depends_on=[key_tls_private_key]))
package main
import (
"github.com/pulumi/pulumi-fastly/sdk/v8/go/fastly"
"github.com/pulumi/pulumi-tls/sdk/v4/go/tls"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
caKey, err := tls.NewPrivateKey(ctx, "ca_key", &tls.PrivateKeyArgs{
Algorithm: "RSA",
})
if err != nil {
return err
}
key, err := tls.NewPrivateKey(ctx, "key", &tls.PrivateKeyArgs{
Algorithm: "RSA",
})
if err != nil {
return err
}
ca, err := tls.NewSelfSignedCert(ctx, "ca", &tls.SelfSignedCertArgs{
KeyAlgorithm: caKey.Algorithm,
PrivateKeyPem: caKey.PrivateKeyPem,
Subject: []map[string]interface{}{
map[string]interface{}{
"commonName": "Example CA",
},
},
IsCaCertificate: true,
ValidityPeriodHours: 360,
AllowedUses: []string{
"cert_signing",
"server_auth",
},
})
if err != nil {
return err
}
example, err := tls.NewCertRequest(ctx, "example", &tls.CertRequestArgs{
KeyAlgorithm: key.Algorithm,
PrivateKeyPem: key.PrivateKeyPem,
Subject: []map[string]interface{}{
map[string]interface{}{
"commonName": "example.com",
},
},
DnsNames: []string{
"example.com",
"www.example.com",
},
})
if err != nil {
return err
}
cert, err := tls.NewLocallySignedCert(ctx, "cert", &tls.LocallySignedCertArgs{
CertRequestPem: example.CertRequestPem,
CaKeyAlgorithm: caKey.Algorithm,
CaPrivateKeyPem: caKey.PrivateKeyPem,
CaCertPem: ca.CertPem,
ValidityPeriodHours: 360,
AllowedUses: []string{
"cert_signing",
"server_auth",
},
})
if err != nil {
return err
}
config, err := fastly.GetTlsConfiguration(ctx, &fastly.GetTlsConfigurationArgs{
TlsService: pulumi.StringRef("PLATFORM"),
}, nil)
if err != nil {
return err
}
keyTlsPrivateKey, err := fastly.NewTlsPrivateKey(ctx, "key", &fastly.TlsPrivateKeyArgs{
KeyPem: key.PrivateKeyPem,
Name: pulumi.String("tf-demo"),
})
if err != nil {
return err
}
_, err = fastly.NewTlsPlatformCertificate(ctx, "cert", &fastly.TlsPlatformCertificateArgs{
CertificateBody: cert.CertPem,
IntermediatesBlob: ca.CertPem,
ConfigurationId: pulumi.String(config.Id),
AllowUntrustedRoot: pulumi.Bool(true),
}, pulumi.DependsOn([]pulumi.Resource{
keyTlsPrivateKey,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fastly = Pulumi.Fastly;
using Tls = Pulumi.Tls;
return await Deployment.RunAsync(() =>
{
var caKey = new Tls.Index.PrivateKey("ca_key", new()
{
Algorithm = "RSA",
});
var key = new Tls.Index.PrivateKey("key", new()
{
Algorithm = "RSA",
});
var ca = new Tls.Index.SelfSignedCert("ca", new()
{
KeyAlgorithm = caKey.Algorithm,
PrivateKeyPem = caKey.PrivateKeyPem,
Subject = new[]
{
{
{ "commonName", "Example CA" },
},
},
IsCaCertificate = true,
ValidityPeriodHours = 360,
AllowedUses = new[]
{
"cert_signing",
"server_auth",
},
});
var example = new Tls.Index.CertRequest("example", new()
{
KeyAlgorithm = key.Algorithm,
PrivateKeyPem = key.PrivateKeyPem,
Subject = new[]
{
{
{ "commonName", "example.com" },
},
},
DnsNames = new[]
{
"example.com",
"www.example.com",
},
});
var cert = new Tls.Index.LocallySignedCert("cert", new()
{
CertRequestPem = example.CertRequestPem,
CaKeyAlgorithm = caKey.Algorithm,
CaPrivateKeyPem = caKey.PrivateKeyPem,
CaCertPem = ca.CertPem,
ValidityPeriodHours = 360,
AllowedUses = new[]
{
"cert_signing",
"server_auth",
},
});
var config = Fastly.GetTlsConfiguration.Invoke(new()
{
TlsService = "PLATFORM",
});
var keyTlsPrivateKey = new Fastly.TlsPrivateKey("key", new()
{
KeyPem = key.PrivateKeyPem,
Name = "tf-demo",
});
var certTlsPlatformCertificate = new Fastly.TlsPlatformCertificate("cert", new()
{
CertificateBody = cert.CertPem,
IntermediatesBlob = ca.CertPem,
ConfigurationId = config.Apply(getTlsConfigurationResult => getTlsConfigurationResult.Id),
AllowUntrustedRoot = true,
}, new CustomResourceOptions
{
DependsOn =
{
keyTlsPrivateKey,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tls.privateKey;
import com.pulumi.tls.PrivateKeyArgs;
import com.pulumi.tls.selfSignedCert;
import com.pulumi.tls.SelfSignedCertArgs;
import com.pulumi.tls.certRequest;
import com.pulumi.tls.CertRequestArgs;
import com.pulumi.tls.locallySignedCert;
import com.pulumi.tls.LocallySignedCertArgs;
import com.pulumi.fastly.FastlyFunctions;
import com.pulumi.fastly.inputs.GetTlsConfigurationArgs;
import com.pulumi.fastly.TlsPrivateKey;
import com.pulumi.fastly.TlsPrivateKeyArgs;
import com.pulumi.fastly.TlsPlatformCertificate;
import com.pulumi.fastly.TlsPlatformCertificateArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var caKey = new PrivateKey("caKey", PrivateKeyArgs.builder()
.algorithm("RSA")
.build());
var key = new PrivateKey("key", PrivateKeyArgs.builder()
.algorithm("RSA")
.build());
var ca = new SelfSignedCert("ca", SelfSignedCertArgs.builder()
.keyAlgorithm(caKey.algorithm())
.privateKeyPem(caKey.privateKeyPem())
.subject(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.isCaCertificate(true)
.validityPeriodHours(360)
.allowedUses(
"cert_signing",
"server_auth")
.build());
var example = new CertRequest("example", CertRequestArgs.builder()
.keyAlgorithm(key.algorithm())
.privateKeyPem(key.privateKeyPem())
.subject(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.dnsNames(
"example.com",
"www.example.com")
.build());
var cert = new LocallySignedCert("cert", LocallySignedCertArgs.builder()
.certRequestPem(example.certRequestPem())
.caKeyAlgorithm(caKey.algorithm())
.caPrivateKeyPem(caKey.privateKeyPem())
.caCertPem(ca.certPem())
.validityPeriodHours(360)
.allowedUses(
"cert_signing",
"server_auth")
.build());
final var config = FastlyFunctions.getTlsConfiguration(GetTlsConfigurationArgs.builder()
.tlsService("PLATFORM")
.build());
var keyTlsPrivateKey = new TlsPrivateKey("keyTlsPrivateKey", TlsPrivateKeyArgs.builder()
.keyPem(key.privateKeyPem())
.name("tf-demo")
.build());
var certTlsPlatformCertificate = new TlsPlatformCertificate("certTlsPlatformCertificate", TlsPlatformCertificateArgs.builder()
.certificateBody(cert.certPem())
.intermediatesBlob(ca.certPem())
.configurationId(config.applyValue(getTlsConfigurationResult -> getTlsConfigurationResult.id()))
.allowUntrustedRoot(true)
.build(), CustomResourceOptions.builder()
.dependsOn(keyTlsPrivateKey)
.build());
}
}
resources:
caKey:
type: tls:privateKey
name: ca_key
properties:
algorithm: RSA
key:
type: tls:privateKey
properties:
algorithm: RSA
ca:
type: tls:selfSignedCert
properties:
keyAlgorithm: ${caKey.algorithm}
privateKeyPem: ${caKey.privateKeyPem}
subject:
- commonName: Example CA
isCaCertificate: true
validityPeriodHours: 360
allowedUses:
- cert_signing
- server_auth
example:
type: tls:certRequest
properties:
keyAlgorithm: ${key.algorithm}
privateKeyPem: ${key.privateKeyPem}
subject:
- commonName: example.com
dnsNames:
- example.com
- www.example.com
cert:
type: tls:locallySignedCert
properties:
certRequestPem: ${example.certRequestPem}
caKeyAlgorithm: ${caKey.algorithm}
caPrivateKeyPem: ${caKey.privateKeyPem}
caCertPem: ${ca.certPem}
validityPeriodHours: 360
allowedUses:
- cert_signing
- server_auth
keyTlsPrivateKey:
type: fastly:TlsPrivateKey
name: key
properties:
keyPem: ${key.privateKeyPem}
name: tf-demo
certTlsPlatformCertificate:
type: fastly:TlsPlatformCertificate
name: cert
properties:
certificateBody: ${cert.certPem}
intermediatesBlob: ${ca.certPem}
configurationId: ${config.id}
allowUntrustedRoot: true
options:
dependson:
- ${keyTlsPrivateKey}
variables:
config:
fn::invoke:
Function: fastly:getTlsConfiguration
Arguments:
tlsService: PLATFORM
Create TlsPlatformCertificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new TlsPlatformCertificate(name: string, args: TlsPlatformCertificateArgs, opts?: CustomResourceOptions);
@overload
def TlsPlatformCertificate(resource_name: str,
args: TlsPlatformCertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def TlsPlatformCertificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate_body: Optional[str] = None,
configuration_id: Optional[str] = None,
intermediates_blob: Optional[str] = None,
allow_untrusted_root: Optional[bool] = None)
func NewTlsPlatformCertificate(ctx *Context, name string, args TlsPlatformCertificateArgs, opts ...ResourceOption) (*TlsPlatformCertificate, error)
public TlsPlatformCertificate(string name, TlsPlatformCertificateArgs args, CustomResourceOptions? opts = null)
public TlsPlatformCertificate(String name, TlsPlatformCertificateArgs args)
public TlsPlatformCertificate(String name, TlsPlatformCertificateArgs args, CustomResourceOptions options)
type: fastly:TlsPlatformCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TlsPlatformCertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var tlsPlatformCertificateResource = new Fastly.TlsPlatformCertificate("tlsPlatformCertificateResource", new()
{
CertificateBody = "string",
ConfigurationId = "string",
IntermediatesBlob = "string",
AllowUntrustedRoot = false,
});
example, err := fastly.NewTlsPlatformCertificate(ctx, "tlsPlatformCertificateResource", &fastly.TlsPlatformCertificateArgs{
CertificateBody: pulumi.String("string"),
ConfigurationId: pulumi.String("string"),
IntermediatesBlob: pulumi.String("string"),
AllowUntrustedRoot: pulumi.Bool(false),
})
var tlsPlatformCertificateResource = new TlsPlatformCertificate("tlsPlatformCertificateResource", TlsPlatformCertificateArgs.builder()
.certificateBody("string")
.configurationId("string")
.intermediatesBlob("string")
.allowUntrustedRoot(false)
.build());
tls_platform_certificate_resource = fastly.TlsPlatformCertificate("tlsPlatformCertificateResource",
certificate_body="string",
configuration_id="string",
intermediates_blob="string",
allow_untrusted_root=False)
const tlsPlatformCertificateResource = new fastly.TlsPlatformCertificate("tlsPlatformCertificateResource", {
certificateBody: "string",
configurationId: "string",
intermediatesBlob: "string",
allowUntrustedRoot: false,
});
type: fastly:TlsPlatformCertificate
properties:
allowUntrustedRoot: false
certificateBody: string
configurationId: string
intermediatesBlob: string
TlsPlatformCertificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The TlsPlatformCertificate resource accepts the following input properties:
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_body
to its root. - Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_body
to its root. - Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_body
to its root. - allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body string - PEM-formatted certificate.
- configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates
Blob string - PEM-formatted certificate chain from the
certificate_body
to its root. - allow
Untrusted booleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate_
body str - PEM-formatted certificate.
- configuration_
id str - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates_
blob str - PEM-formatted certificate chain from the
certificate_body
to its root. - allow_
untrusted_ boolroot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_body
to its root. - allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
Outputs
All input properties are implicitly available as output properties. Additionally, the TlsPlatformCertificate resource produces the following output properties:
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains List<string>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Id string
- The provider-assigned unique ID for this managed resource.
- Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains []string
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Id string
- The provider-assigned unique ID for this managed resource.
- Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id String
- The provider-assigned unique ID for this managed resource.
- not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
- created
At string - Timestamp (GMT) when the certificate was created.
- domains string[]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id string
- The provider-assigned unique ID for this managed resource.
- not
After string - Timestamp (GMT) when the certificate will expire.
- not
Before string - Timestamp (GMT) when the certificate will become valid.
- replace boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At string - Timestamp (GMT) when the certificate was last updated.
- created_
at str - Timestamp (GMT) when the certificate was created.
- domains Sequence[str]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id str
- The provider-assigned unique ID for this managed resource.
- not_
after str - Timestamp (GMT) when the certificate will expire.
- not_
before str - Timestamp (GMT) when the certificate will become valid.
- replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated_
at str - Timestamp (GMT) when the certificate was last updated.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- id String
- The provider-assigned unique ID for this managed resource.
- not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
Look up Existing TlsPlatformCertificate Resource
Get an existing TlsPlatformCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TlsPlatformCertificateState, opts?: CustomResourceOptions): TlsPlatformCertificate
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_untrusted_root: Optional[bool] = None,
certificate_body: Optional[str] = None,
configuration_id: Optional[str] = None,
created_at: Optional[str] = None,
domains: Optional[Sequence[str]] = None,
intermediates_blob: Optional[str] = None,
not_after: Optional[str] = None,
not_before: Optional[str] = None,
replace: Optional[bool] = None,
updated_at: Optional[str] = None) -> TlsPlatformCertificate
func GetTlsPlatformCertificate(ctx *Context, name string, id IDInput, state *TlsPlatformCertificateState, opts ...ResourceOption) (*TlsPlatformCertificate, error)
public static TlsPlatformCertificate Get(string name, Input<string> id, TlsPlatformCertificateState? state, CustomResourceOptions? opts = null)
public static TlsPlatformCertificate get(String name, Output<String> id, TlsPlatformCertificateState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains List<string>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_body
to its root. - Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- Allow
Untrusted boolRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- Certificate
Body string - PEM-formatted certificate.
- Configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- Created
At string - Timestamp (GMT) when the certificate was created.
- Domains []string
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- Intermediates
Blob string - PEM-formatted certificate chain from the
certificate_body
to its root. - Not
After string - Timestamp (GMT) when the certificate will expire.
- Not
Before string - Timestamp (GMT) when the certificate will become valid.
- Replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- Updated
At string - Timestamp (GMT) when the certificate was last updated.
- allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_body
to its root. - not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
- allow
Untrusted booleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body string - PEM-formatted certificate.
- configuration
Id string - ID of TLS configuration to be used to terminate TLS traffic.
- created
At string - Timestamp (GMT) when the certificate was created.
- domains string[]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates
Blob string - PEM-formatted certificate chain from the
certificate_body
to its root. - not
After string - Timestamp (GMT) when the certificate will expire.
- not
Before string - Timestamp (GMT) when the certificate will become valid.
- replace boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At string - Timestamp (GMT) when the certificate was last updated.
- allow_
untrusted_ boolroot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate_
body str - PEM-formatted certificate.
- configuration_
id str - ID of TLS configuration to be used to terminate TLS traffic.
- created_
at str - Timestamp (GMT) when the certificate was created.
- domains Sequence[str]
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates_
blob str - PEM-formatted certificate chain from the
certificate_body
to its root. - not_
after str - Timestamp (GMT) when the certificate will expire.
- not_
before str - Timestamp (GMT) when the certificate will become valid.
- replace bool
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated_
at str - Timestamp (GMT) when the certificate was last updated.
- allow
Untrusted BooleanRoot - Disable checking whether the root of the certificate chain is trusted. Useful for development purposes to allow use of self-signed CAs. Defaults to false. Write-only on create.
- certificate
Body String - PEM-formatted certificate.
- configuration
Id String - ID of TLS configuration to be used to terminate TLS traffic.
- created
At String - Timestamp (GMT) when the certificate was created.
- domains List<String>
- All the domains (including wildcard domains) that are listed in any certificate's Subject Alternative Names (SAN) list.
- intermediates
Blob String - PEM-formatted certificate chain from the
certificate_body
to its root. - not
After String - Timestamp (GMT) when the certificate will expire.
- not
Before String - Timestamp (GMT) when the certificate will become valid.
- replace Boolean
- A recommendation from Fastly indicating the key associated with this certificate is in need of rotation.
- updated
At String - Timestamp (GMT) when the certificate was last updated.
Import
A certificate can be imported using its Fastly certificate ID, e.g.
$ pulumi import fastly:index/tlsPlatformCertificate:TlsPlatformCertificate demo xxxxxxxxxxx
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Fastly pulumi/pulumi-fastly
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fastly
Terraform Provider.