Signing
Provides an IAM Signing Certificate resource to upload Signing Certificates.
Note: All arguments including the certificate body will be stored in the raw state as plain-text.
Example Usage
Using certs on file:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as std from "@pulumi/std";
const testCert = new aws.iam.SigningCertificate("test_cert", {
username: "some_test_cert",
certificateBody: std.file({
input: "self-ca-cert.pem",
}).then(invoke => invoke.result),
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
import pulumi_std as std
test_cert = aws.iam.SigningCertificate("test_cert",
username="some_test_cert",
certificate_body=std.file(input="self-ca-cert.pem").result)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var testCert = new Aws.Iam.SigningCertificate("test_cert", new()
{
Username = "some_test_cert",
CertificateBody = Std.File.Invoke(new()
{
Input = "self-ca-cert.pem",
}).Apply(invoke => invoke.Result),
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "self-ca-cert.pem",
}, nil)
if err != nil {
return err
}
_, err = iam.NewSigningCertificate(ctx, "test_cert", &iam.SigningCertificateArgs{
Username: pulumi.String("some_test_cert"),
CertificateBody: invokeFile.Result,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.SigningCertificate;
import com.pulumi.aws.iam.SigningCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testCert = new SigningCertificate("testCert", SigningCertificateArgs.builder()
.username("some_test_cert")
.certificateBody(StdFunctions.file(FileArgs.builder()
.input("self-ca-cert.pem")
.build()).result())
.build());
}
}Content copied to clipboard
resources:
testCert:
type: aws:iam:SigningCertificate
name: test_cert
properties:
username: some_test_cert
certificateBody:
fn::invoke:
Function: std:file
Arguments:
input: self-ca-cert.pem
Return: resultContent copied to clipboard
Example with cert in-line:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const testCertAlt = new aws.iam.SigningCertificate("test_cert_alt", {
username: "some_test_cert",
certificateBody: `-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
`,
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
test_cert_alt = aws.iam.SigningCertificate("test_cert_alt",
username="some_test_cert",
certificate_body="""-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
""")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var testCertAlt = new Aws.Iam.SigningCertificate("test_cert_alt", new()
{
Username = "some_test_cert",
CertificateBody = @"-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.NewSigningCertificate(ctx, "test_cert_alt", &iam.SigningCertificateArgs{
Username: pulumi.String("some_test_cert"),
CertificateBody: pulumi.String("-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.SigningCertificate;
import com.pulumi.aws.iam.SigningCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testCertAlt = new SigningCertificate("testCertAlt", SigningCertificateArgs.builder()
.username("some_test_cert")
.certificateBody("""
-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----
""")
.build());
}
}Content copied to clipboard
resources:
testCertAlt:
type: aws:iam:SigningCertificate
name: test_cert_alt
properties:
username: some_test_cert
certificateBody: |
-----BEGIN CERTIFICATE-----
[......] # cert contents
-----END CERTIFICATE-----Content copied to clipboard
Import
Using pulumi import, import IAM Signing Certificates using the id. For example:
$ pulumi import aws:iam/signingCertificate:SigningCertificate certificate IDIDIDIDID:user-nameContent copied to clipboard