pulumi-aws-kotlin/com.pulumi.aws.rolesanywhere.kotlin/TrustAnchorArgs

TrustAnchorArgs

data class TrustAnchorArgs(val enabled: Output<Boolean>? = null, val name: Output<String>? = null, val source: Output<TrustAnchorSourceArgs>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<TrustAnchorArgs>

Resource for managing a Roles Anywhere Trust Anchor.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.acmpca.CertificateAuthority;
import com.pulumi.aws.acmpca.CertificateAuthorityArgs;
import com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;
import com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.acmpca.Certificate;
import com.pulumi.aws.acmpca.CertificateArgs;
import com.pulumi.aws.acmpca.inputs.CertificateValidityArgs;
import com.pulumi.aws.acmpca.CertificateAuthorityCertificate;
import com.pulumi.aws.acmpca.CertificateAuthorityCertificateArgs;
import com.pulumi.aws.rolesanywhere.TrustAnchor;
import com.pulumi.aws.rolesanywhere.TrustAnchorArgs;
import com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceArgs;
import com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceSourceDataArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleCertificateAuthority = new CertificateAuthority("exampleCertificateAuthority", CertificateAuthorityArgs.builder()
            .permanentDeletionTimeInDays(7)
            .type("ROOT")
            .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()
                .keyAlgorithm("RSA_4096")
                .signingAlgorithm("SHA512WITHRSA")
                .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()
                    .commonName("example.com")
                    .build())
                .build())
            .build());
        final var current = AwsFunctions.getPartition();
        var testCertificate = new Certificate("testCertificate", CertificateArgs.builder()
            .certificateAuthorityArn(exampleCertificateAuthority.arn())
            .certificateSigningRequest(exampleCertificateAuthority.certificateSigningRequest())
            .signingAlgorithm("SHA512WITHRSA")
            .templateArn(String.format("arn:%s:acm-pca:::template/RootCACertificate/V1", current.applyValue(getPartitionResult -> getPartitionResult.partition())))
            .validity(CertificateValidityArgs.builder()
                .type("YEARS")
                .value(1)
                .build())
            .build());
        var exampleCertificateAuthorityCertificate = new CertificateAuthorityCertificate("exampleCertificateAuthorityCertificate", CertificateAuthorityCertificateArgs.builder()
            .certificateAuthorityArn(exampleCertificateAuthority.arn())
            .certificate(aws_acmpca_certificate.example().certificate())
            .certificateChain(aws_acmpca_certificate.example().certificate_chain())
            .build());
        var testTrustAnchor = new TrustAnchor("testTrustAnchor", TrustAnchorArgs.builder()
            .source(TrustAnchorSourceArgs.builder()
                .sourceData(TrustAnchorSourceSourceDataArgs.builder()
                    .acmPcaArn(exampleCertificateAuthority.arn())
                    .build())
                .sourceType("AWS_ACM_PCA")
                .build())
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleCertificateAuthorityCertificate)
                .build());
    }
}
Content copied to clipboard

Import

aws_rolesanywhere_trust_anchor can be imported using its id, e.g.

$ pulumi import aws:rolesanywhere/trustAnchor:TrustAnchor example 92b2fbbb-984d-41a3-a765-e3cbdb69ebb1
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(enabled: Output<Boolean>? = null, name: Output<String>? = null, source: Output<TrustAnchorSourceArgs>? = null, tags: Output<Map<String, String>>? = null)

Properties

Link copied to clipboard
val enabled: Output<Boolean>? = null

Whether or not the Trust Anchor should be enabled.

Link copied to clipboard
val name: Output<String>? = null

The name of the Trust Anchor.

Link copied to clipboard
val source: Output<TrustAnchorSourceArgs>? = null

The source of trust, documented below

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Functions

Link copied to clipboard
open override fun toJava(): TrustAnchorArgs