GetCertificateAuthority

Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var example = Output.Create(Aws.Acmpca.GetCertificateAuthority.InvokeAsync(new Aws.Acmpca.GetCertificateAuthorityArgs
        {
            Arn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
        }));
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acmpca"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := acmpca.LookupCertificateAuthority(ctx, &acmpca.LookupCertificateAuthorityArgs{
            Arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
        }, nil)
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

example = aws.acmpca.get_certificate_authority(arn="arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = pulumi.output(aws.acmpca.getCertificateAuthority({
    arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
}, { async: true }));

Using GetCertificateAuthority

function getCertificateAuthority(args: GetCertificateAuthorityArgs, opts?: InvokeOptions): Promise<GetCertificateAuthorityResult>

function  get_certificate_authority(arn=None, revocation_configurations=None, tags=None, opts=None)

func LookupCertificateAuthority(ctx *Context, args *LookupCertificateAuthorityArgs, opts ...InvokeOption) (*LookupCertificateAuthorityResult, error)

Note: This function is named LookupCertificateAuthority in the Go SDK.

public static class GetCertificateAuthority {
    public static Task<GetCertificateAuthorityResult> InvokeAsync(GetCertificateAuthorityArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

Arn string: Amazon Resource Name (ARN) of the certificate authority.
RevocationConfigurations List<GetCertificateAuthorityRevocationConfigurationArgs>: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
Tags Dictionary<string, string>: Specifies a key-value map of user-defined tags that are attached to the certificate authority.

Arn string: Amazon Resource Name (ARN) of the certificate authority.
RevocationConfigurations []GetCertificateAuthorityRevocationConfiguration: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
Tags map[string]string: Specifies a key-value map of user-defined tags that are attached to the certificate authority.

arn string: Amazon Resource Name (ARN) of the certificate authority.
revocationConfigurations GetCertificateAuthorityRevocationConfiguration[]: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
tags {[key: string]: string}: Specifies a key-value map of user-defined tags that are attached to the certificate authority.

arn str: Amazon Resource Name (ARN) of the certificate authority.
revocation_configurations List[GetCertificateAuthorityRevocationConfiguration]: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
tags Dict[str, str]: Specifies a key-value map of user-defined tags that are attached to the certificate authority.

GetCertificateAuthority Result

The following output properties are available:

Arn string
Certificate string: Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
CertificateChain string: Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
CertificateSigningRequest string: The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
Id string: The provider-assigned unique ID for this managed resource.
NotAfter string: Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
NotBefore string: Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
RevocationConfigurations List<GetCertificateAuthorityRevocationConfiguration>: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
Serial string: Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
Status string: Status of the certificate authority.
Tags Dictionary<string, string>: Specifies a key-value map of user-defined tags that are attached to the certificate authority.
Type string: The type of the certificate authority.

Arn string
Certificate string: Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
CertificateChain string: Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
CertificateSigningRequest string: The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
Id string: The provider-assigned unique ID for this managed resource.
NotAfter string: Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
NotBefore string: Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
RevocationConfigurations []GetCertificateAuthorityRevocationConfiguration: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
Serial string: Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
Status string: Status of the certificate authority.
Tags map[string]string: Specifies a key-value map of user-defined tags that are attached to the certificate authority.
Type string: The type of the certificate authority.

arn string
certificate string: Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
certificateChain string: Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
certificateSigningRequest string: The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
id string: The provider-assigned unique ID for this managed resource.
notAfter string: Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
notBefore string: Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
revocationConfigurations GetCertificateAuthorityRevocationConfiguration[]: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
serial string: Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
status string: Status of the certificate authority.
tags {[key: string]: string}: Specifies a key-value map of user-defined tags that are attached to the certificate authority.
type string: The type of the certificate authority.

arn str
certificate str: Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.
certificate_chain str: Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.
certificate_signing_request str: The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
id str: The provider-assigned unique ID for this managed resource.
not_after str: Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
not_before str: Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.
revocation_configurations List[GetCertificateAuthorityRevocationConfiguration]: Nested attribute containing revocation configuration. * revocation_configuration.0.crl_configuration - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. * revocation_configuration.0.crl_configuration.0.custom_cname - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. * revocation_configuration.0.crl_configuration.0.enabled - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. * revocation_configuration.0.crl_configuration.0.expiration_in_days - Number of days until a certificate expires. * revocation_configuration.0.crl_configuration.0.s3_bucket_name - Name of the S3 bucket that contains the CRL.
serial str: Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.
status str: Status of the certificate authority.
tags Dict[str, str]: Specifies a key-value map of user-defined tags that are attached to the certificate authority.
type str: The type of the certificate authority.