pulumi-aws-kotlin/com.pulumi.aws.directconnect.kotlin/MacsecKeyAssociation

MacsecKeyAssociation

class MacsecKeyAssociation : KotlinCustomResource

Provides a MAC Security (MACSec) secret key resource for use with Direct Connect. See MACsec prerequisites for information about MAC Security (MACsec) prerequisites. Creating this resource will also create a resource of type aws.secretsmanager.Secret which is managed by Direct Connect. While you can import this resource into your state, because this secret is managed by Direct Connect, you will not be able to make any modifications to it. See How AWS Direct Connect uses AWS Secrets Manager for details.

Note: All arguments including ckn and cak will be stored in the raw state as plain-text. Note: The secret_arn argument can only be used to reference a previously created MACSec key. You cannot associate a Secrets Manager secret created outside of the aws.directconnect.MacsecKeyAssociation resource.

Example Usage

Create MACSec key with CKN and CAK

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.directconnect.DirectconnectFunctions;
import com.pulumi.aws.directconnect.inputs.GetConnectionArgs;
import com.pulumi.aws.directconnect.MacsecKeyAssociation;
import com.pulumi.aws.directconnect.MacsecKeyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var example = DirectconnectFunctions.getConnection(GetConnectionArgs.builder()
            .name("tf-dx-connection")
            .build());
        var test = new MacsecKeyAssociation("test", MacsecKeyAssociationArgs.builder()
            .connectionId(example.applyValue(getConnectionResult -> getConnectionResult.id()))
            .ckn("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
            .cak("abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789")
            .build());
    }
}
Content copied to clipboard

Create MACSec key with existing Secrets Manager secret

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.directconnect.DirectconnectFunctions;
import com.pulumi.aws.directconnect.inputs.GetConnectionArgs;
import com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;
import com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;
import com.pulumi.aws.directconnect.MacsecKeyAssociation;
import com.pulumi.aws.directconnect.MacsecKeyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var exampleConnection = DirectconnectFunctions.getConnection(GetConnectionArgs.builder()
            .name("tf-dx-connection")
            .build());
        final var exampleSecret = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()
            .name("directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
            .build());
        var test = new MacsecKeyAssociation("test", MacsecKeyAssociationArgs.builder()
            .connectionId(exampleConnection.applyValue(getConnectionResult -> getConnectionResult.id()))
            .secretArn(exampleSecret.applyValue(getSecretResult -> getSecretResult.arn()))
            .build());
    }
}
Content copied to clipboard

Properties

Link copied to clipboard
val cak: Output<String>?

The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using ckn.

Link copied to clipboard
val ckn: Output<String>

The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using cak.

Link copied to clipboard
val connectionId: Output<String>

The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the AVAILABLE state.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val secretArn: Output<String>

The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.

Link copied to clipboard
val startOn: Output<String>

The date in UTC format that the MAC Security (MACsec) secret key takes effect.

Link copied to clipboard
val state: Output<String>

The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See MacSecKey for descriptions of each state.

Link copied to clipboard
val urn: Output<String>