pulumi-aws-kotlin/com.pulumi.aws.iot.kotlin/CaCertificateArgs

CaCertificateArgs

data class CaCertificateArgs(val active: Output<Boolean>? = null, val allowAutoRegistration: Output<Boolean>? = null, val caCertificatePem: Output<String>? = null, val certificateMode: Output<String>? = null, val registrationConfig: Output<CaCertificateRegistrationConfigArgs>? = null, val tags: Output<Map<String, String>>? = null, val verificationCertificatePem: Output<String>? = null) : ConvertibleToJava<CaCertificateArgs>

Creates and manages an AWS IoT CA Certificate.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tls.PrivateKey;
import com.pulumi.tls.PrivateKeyArgs;
import com.pulumi.tls.SelfSignedCert;
import com.pulumi.tls.SelfSignedCertArgs;
import com.pulumi.tls.inputs.SelfSignedCertSubjectArgs;
import com.pulumi.aws.iot.IotFunctions;
import com.pulumi.tls.CertRequest;
import com.pulumi.tls.CertRequestArgs;
import com.pulumi.tls.inputs.CertRequestSubjectArgs;
import com.pulumi.tls.LocallySignedCert;
import com.pulumi.tls.LocallySignedCertArgs;
import com.pulumi.aws.iot.CaCertificate;
import com.pulumi.aws.iot.CaCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var caPrivateKey = new PrivateKey("caPrivateKey", PrivateKeyArgs.builder()
            .algorithm("RSA")
            .build());
        var caSelfSignedCert = new SelfSignedCert("caSelfSignedCert", SelfSignedCertArgs.builder()
            .privateKeyPem(caPrivateKey.privateKeyPem())
            .subject(SelfSignedCertSubjectArgs.builder()
                .commonName("example.com")
                .organization("ACME Examples, Inc")
                .build())
            .validityPeriodHours(12)
            .allowedUses(
                "key_encipherment",
                "digital_signature",
                "server_auth")
            .isCaCertificate(true)
            .build());
        var verificationPrivateKey = new PrivateKey("verificationPrivateKey", PrivateKeyArgs.builder()
            .algorithm("RSA")
            .build());
        final var exampleRegistrationCode = IotFunctions.getRegistrationCode();
        var verificationCertRequest = new CertRequest("verificationCertRequest", CertRequestArgs.builder()
            .privateKeyPem(verificationPrivateKey.privateKeyPem())
            .subject(CertRequestSubjectArgs.builder()
                .commonName(exampleRegistrationCode.applyValue(getRegistrationCodeResult -> getRegistrationCodeResult.registrationCode()))
                .build())
            .build());
        var verificationLocallySignedCert = new LocallySignedCert("verificationLocallySignedCert", LocallySignedCertArgs.builder()
            .certRequestPem(verificationCertRequest.certRequestPem())
            .caPrivateKeyPem(caPrivateKey.privateKeyPem())
            .caCertPem(caSelfSignedCert.certPem())
            .validityPeriodHours(12)
            .allowedUses(
                "key_encipherment",
                "digital_signature",
                "server_auth")
            .build());
        var exampleCaCertificate = new CaCertificate("exampleCaCertificate", CaCertificateArgs.builder()
            .active(true)
            .caCertificatePem(caSelfSignedCert.certPem())
            .verificationCertificatePem(verificationLocallySignedCert.certPem())
            .allowAutoRegistration(true)
            .build());
    }
}
Content copied to clipboard

Constructors

Link copied to clipboard
fun CaCertificateArgs(active: Output<Boolean>? = null, allowAutoRegistration: Output<Boolean>? = null, caCertificatePem: Output<String>? = null, certificateMode: Output<String>? = null, registrationConfig: Output<CaCertificateRegistrationConfigArgs>? = null, tags: Output<Map<String, String>>? = null, verificationCertificatePem: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): CaCertificateArgs

Properties

Link copied to clipboard
val active: Output<Boolean>? = null

Boolean flag to indicate if the certificate should be active for device authentication.

Link copied to clipboard
val allowAutoRegistration: Output<Boolean>? = null

Boolean flag to indicate if the certificate should be active for device regisration.

Link copied to clipboard
val caCertificatePem: Output<String>? = null

PEM encoded CA certificate.

Link copied to clipboard
val certificateMode: Output<String>? = null

The certificate mode in which the CA will be registered. Valida values: DEFAULT and SNI_ONLY. Default: DEFAULT.

Link copied to clipboard
val registrationConfig: Output<CaCertificateRegistrationConfigArgs>? = null

Information about the registration configuration. See below.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Link copied to clipboard
val verificationCertificatePem: Output<String>? = null

PEM encoded verification certificate containing the common name of a registration code. Review CreateVerificationCSR. Reuired if certificate_mode is DEFAULT.