Certificate
data class CertificateArgs(val apiManagementName: Output<String>? = null, val data: Output<String>? = null, val keyVaultIdentityClientId: Output<String>? = null, val keyVaultSecretId: Output<String>? = null, val name: Output<String>? = null, val password: Output<String>? = null, val resourceGroupName: Output<String>? = null) : ConvertibleToJava<CertificateArgs>
Manages an Certificate within an API Management Service.
Example Usage
With Base64 Certificate)
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.apimanagement.Service;
import com.pulumi.azure.apimanagement.ServiceArgs;
import com.pulumi.azure.apimanagement.Certificate;
import com.pulumi.azure.apimanagement.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleService = new Service("exampleService", ServiceArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.publisherName("My Company")
.publisherEmail("company@exmaple.com")
.skuName("Developer_1")
.build());
var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder()
.apiManagementName(exampleService.name())
.resourceGroupName(exampleResourceGroup.name())
.data(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get("example.pfx"))))
.build());
}
}Content copied to clipboard
With Key Vault Certificate)
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.apimanagement.Service;
import com.pulumi.azure.apimanagement.ServiceArgs;
import com.pulumi.azure.apimanagement.inputs.ServiceIdentityArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.AccessPolicy;
import com.pulumi.azure.keyvault.AccessPolicyArgs;
import com.pulumi.azure.keyvault.Certificate;
import com.pulumi.azure.keyvault.CertificateArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificateArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;
import com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;
import com.pulumi.azure.apimanagement.Certificate;
import com.pulumi.azure.apimanagement.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleService = new Service("exampleService", ServiceArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.publisherName("My Company")
.publisherEmail("company@terraform.io")
.skuName("Developer_1")
.identity(ServiceIdentityArgs.builder()
.type("SystemAssigned")
.build())
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("standard")
.build());
var exampleAccessPolicy = new AccessPolicy("exampleAccessPolicy", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(exampleService.identity().applyValue(identity -> identity.tenantId()))
.objectId(exampleService.identity().applyValue(identity -> identity.principalId()))
.secretPermissions("Get")
.certificatePermissions("Get")
.build());
var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder()
.keyVaultId(exampleKeyVault.id())
.certificate(CertificateCertificateArgs.builder()
.contents(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get("example_cert.pfx"))))
.password("terraform")
.build())
.certificatePolicy(CertificateCertificatePolicyArgs.builder()
.issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()
.name("Self")
.build())
.keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()
.exportable(true)
.keySize(2048)
.keyType("RSA")
.reuseKey(false)
.build())
.secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()
.contentType("application/x-pkcs12")
.build())
.build())
.build());
var exampleApimanagement_certificateCertificate = new Certificate("exampleApimanagement/certificateCertificate", CertificateArgs.builder()
.apiManagementName(exampleService.name())
.resourceGroupName(exampleResourceGroup.name())
.keyVaultSecretId(exampleCertificate.secretId())
.build());
}
}Content copied to clipboard
Import
API Management Certificates can be imported using the resource id, e.g.
$ pulumi import azure:apimanagement/certificate:Certificate example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ApiManagement/service/instance1/certificates/certificate1Content copied to clipboard