Origin
data class OriginCaCertificateArgs(val csr: Output<String>? = null, val hostnames: Output<List<String>>? = null, val minDaysForRenewal: Output<Int>? = null, val requestType: Output<String>? = null, val requestedValidity: Output<Int>? = null) : ConvertibleToJava<OriginCaCertificateArgs>
Provides a Cloudflare Origin CA certificate used to protect traffic to your origin without involving a third party Certificate Authority.
Since v3.32.0 all authentication schemes are supported for managing Origin CA certificates. Versions prior to v3.32.0 will still need to use
api_user_service_key.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
import * as tls from "@pulumi/tls";
const example = new tls.index.PrivateKey("example", {algorithm: "RSA"});
const exampleCertRequest = new tls.index.CertRequest("example", {
privateKeyPem: example.privateKeyPem,
subject: [{
commonName: "",
organization: "Terraform Test",
}],
});
const exampleOriginCaCertificate = new cloudflare.OriginCaCertificate("example", {
csr: exampleCertRequest.certRequestPem,
hostnames: ["example.com"],
requestType: "origin-rsa",
requestedValidity: 7,
});Content copied to clipboard
import pulumi
import pulumi_cloudflare as cloudflare
import pulumi_tls as tls
example = tls.index.PrivateKey("example", algorithm=RSA)
example_cert_request = tls.index.CertRequest("example",
private_key_pem=example.private_key_pem,
subject=[{
commonName: ,
organization: Terraform Test,
}])
example_origin_ca_certificate = cloudflare.OriginCaCertificate("example",
csr=example_cert_request["certRequestPem"],
hostnames=["example.com"],
request_type="origin-rsa",
requested_validity=7)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
using Tls = Pulumi.Tls;
return await Deployment.RunAsync(() =>
{
var example = new Tls.Index.PrivateKey("example", new()
{
Algorithm = "RSA",
});
var exampleCertRequest = new Tls.Index.CertRequest("example", new()
{
PrivateKeyPem = example.PrivateKeyPem,
Subject = new[]
{
{
{ "commonName", "" },
{ "organization", "Terraform Test" },
},
},
});
var exampleOriginCaCertificate = new Cloudflare.OriginCaCertificate("example", new()
{
Csr = exampleCertRequest.CertRequestPem,
Hostnames = new[]
{
"example.com",
},
RequestType = "origin-rsa",
RequestedValidity = 7,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi-tls/sdk/v4/go/tls"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := tls.NewPrivateKey(ctx, "example", &tls.PrivateKeyArgs{
Algorithm: "RSA",
})
if err != nil {
return err
}
exampleCertRequest, err := tls.NewCertRequest(ctx, "example", &tls.CertRequestArgs{
PrivateKeyPem: example.PrivateKeyPem,
Subject: []map[string]interface{}{
map[string]interface{}{
"commonName": "",
"organization": "Terraform Test",
},
},
})
if err != nil {
return err
}
_, err = cloudflare.NewOriginCaCertificate(ctx, "example", &cloudflare.OriginCaCertificateArgs{
Csr: exampleCertRequest.CertRequestPem,
Hostnames: pulumi.StringArray{
pulumi.String("example.com"),
},
RequestType: pulumi.String("origin-rsa"),
RequestedValidity: pulumi.Int(7),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tls.privateKey;
import com.pulumi.tls.PrivateKeyArgs;
import com.pulumi.tls.certRequest;
import com.pulumi.tls.CertRequestArgs;
import com.pulumi.cloudflare.OriginCaCertificate;
import com.pulumi.cloudflare.OriginCaCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new PrivateKey("example", PrivateKeyArgs.builder()
.algorithm("RSA")
.build());
var exampleCertRequest = new CertRequest("exampleCertRequest", CertRequestArgs.builder()
.privateKeyPem(example.privateKeyPem())
.subject(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build());
var exampleOriginCaCertificate = new OriginCaCertificate("exampleOriginCaCertificate", OriginCaCertificateArgs.builder()
.csr(exampleCertRequest.certRequestPem())
.hostnames("example.com")
.requestType("origin-rsa")
.requestedValidity(7)
.build());
}
}Content copied to clipboard
resources:
example:
type: tls:privateKey
properties:
algorithm: RSA
exampleCertRequest:
type: tls:certRequest
name: example
properties:
privateKeyPem: ${example.privateKeyPem}
subject:
- commonName: ""
organization: Terraform Test
exampleOriginCaCertificate:
type: cloudflare:OriginCaCertificate
name: example
properties:
csr: ${exampleCertRequest.certRequestPem}
hostnames:
- example.com
requestType: origin-rsa
requestedValidity: 7Content copied to clipboard
Import
$ pulumi import cloudflare:index/originCaCertificate:OriginCaCertificate example <certificate_id>Content copied to clipboard
Constructors
Properties
Link copied to clipboard
Link copied to clipboard
The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource.
Link copied to clipboard
The signature type desired on the certificate. Available values: origin-rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource.