1. Docs
  2. Reference
  3. API
  4. AWS
  5. acm
  6. GetCertificate

GetCertificate

Use this data source to get the ARN of a certificate in AWS Certificate Manager (ACM), you can reference it by domain without having to hard code the ARNs as input.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var example = Output.Create(Aws.Acm.GetCertificate.InvokeAsync(new Aws.Acm.GetCertificateArgs
        {
            Domain = "tf.example.com",
            KeyTypes = 
            {
                "RSA_4096",
            },
        }));
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := acm.LookupCertificate(ctx, &acm.LookupCertificateArgs{
            Domain: "tf.example.com",
            KeyTypes: []string{
                "RSA_4096",
            },
        }, nil)
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_aws as aws

example = aws.acm.get_certificate(domain="tf.example.com",
    key_types=["RSA_4096"])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Find a RSA 4096 bit certificate
const example = pulumi.output(aws.acm.getCertificate({
    domain: "tf.example.com",
    keyTypes: ["RSA_4096"],
}, { async: true }));

Using GetCertificate

function getCertificate(args: GetCertificateArgs, opts?: InvokeOptions): Promise<GetCertificateResult>
function  get_certificate(domain=None, key_types=None, most_recent=None, statuses=None, tags=None, types=None, opts=None)
func LookupCertificate(ctx *Context, args *LookupCertificateArgs, opts ...InvokeOption) (*LookupCertificateResult, error)

Note: This function is named LookupCertificate in the Go SDK.

public static class GetCertificate {
    public static Task<GetCertificateResult> InvokeAsync(GetCertificateArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

Domain string

The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.

KeyTypes List<string>

A list of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. Valid values are RSA_1024, RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1, and EC_secp521r1.

MostRecent bool

If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.

Statuses List<string>

A list of statuses on which to filter the returned list. Valid values are PENDING_VALIDATION, ISSUED, INACTIVE, EXPIRED, VALIDATION_TIMED_OUT, REVOKED and FAILED. If no value is specified, only certificates in the ISSUED state are returned.

Tags Dictionary<string, string>

A mapping of tags for the resource.

Types List<string>

A list of types on which to filter the returned list. Valid values are AMAZON_ISSUED and IMPORTED.

Domain string

The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.

KeyTypes []string

A list of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. Valid values are RSA_1024, RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1, and EC_secp521r1.

MostRecent bool

If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.

Statuses []string

A list of statuses on which to filter the returned list. Valid values are PENDING_VALIDATION, ISSUED, INACTIVE, EXPIRED, VALIDATION_TIMED_OUT, REVOKED and FAILED. If no value is specified, only certificates in the ISSUED state are returned.

Tags map[string]string

A mapping of tags for the resource.

Types []string

A list of types on which to filter the returned list. Valid values are AMAZON_ISSUED and IMPORTED.

domain string

The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.

keyTypes string[]

A list of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. Valid values are RSA_1024, RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1, and EC_secp521r1.

mostRecent boolean

If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.

statuses string[]

A list of statuses on which to filter the returned list. Valid values are PENDING_VALIDATION, ISSUED, INACTIVE, EXPIRED, VALIDATION_TIMED_OUT, REVOKED and FAILED. If no value is specified, only certificates in the ISSUED state are returned.

tags {[key: string]: string}

A mapping of tags for the resource.

types string[]

A list of types on which to filter the returned list. Valid values are AMAZON_ISSUED and IMPORTED.

domain str

The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.

key_types List[str]

A list of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. Valid values are RSA_1024, RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1, and EC_secp521r1.

most_recent bool

If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.

statuses List[str]

A list of statuses on which to filter the returned list. Valid values are PENDING_VALIDATION, ISSUED, INACTIVE, EXPIRED, VALIDATION_TIMED_OUT, REVOKED and FAILED. If no value is specified, only certificates in the ISSUED state are returned.

tags Dict[str, str]

A mapping of tags for the resource.

types List[str]

A list of types on which to filter the returned list. Valid values are AMAZON_ISSUED and IMPORTED.

GetCertificate Result

The following output properties are available:

Arn string

Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.

Domain string
Id string

The provider-assigned unique ID for this managed resource.

Tags Dictionary<string, string>

A mapping of tags for the resource.

KeyTypes List<string>
MostRecent bool
Statuses List<string>
Types List<string>
Arn string

Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.

Domain string
Id string

The provider-assigned unique ID for this managed resource.

Tags map[string]string

A mapping of tags for the resource.

KeyTypes []string
MostRecent bool
Statuses []string
Types []string
arn string

Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.

domain string
id string

The provider-assigned unique ID for this managed resource.

tags {[key: string]: string}

A mapping of tags for the resource.

keyTypes string[]
mostRecent boolean
statuses string[]
types string[]
arn str

Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.

domain str
id str

The provider-assigned unique ID for this managed resource.

tags Dict[str, str]

A mapping of tags for the resource.

key_types List[str]
most_recent bool
statuses List[str]
types List[str]

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes
This Pulumi package is based on the aws Terraform Provider.