Certifiate

Manages a Key Vault Certificate.

Deprecated: azure.keyvault.Certifiate has been deprecated in favor of azure.keyvault.Certificate

Create a Certifiate Resource

new Certifiate(name: string, args: CertifiateArgs, opts?: CustomResourceOptions);

def Certifiate(resource_name, opts=None, certificate=None, certificate_policy=None, key_vault_id=None, name=None, tags=None, __props__=None);

func NewCertifiate(ctx *Context, name string, args CertifiateArgs, opts ...ResourceOption) (*Certifiate, error)

public Certifiate(string name, CertifiateArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args CertifiateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args CertifiateArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CertifiateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

Certifiate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Certifiate resource accepts the following input properties:

CertificatePolicy CertifiateCertificatePolicyArgs: A certificate_policy block as defined below.
KeyVaultId string: The ID of the Key Vault where the Certificate should be created.
KeyVaultCertificate CertifiateCertificateArgs: A certificate block as defined below, used to Import an existing certificate.
Name string: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
Tags Dictionary<string, string>: A mapping of tags to assign to the resource.

CertificatePolicy CertifiateCertificatePolicy: A certificate_policy block as defined below.
KeyVaultId string: The ID of the Key Vault where the Certificate should be created.
Certificate CertifiateCertificate: A certificate block as defined below, used to Import an existing certificate.
Name string: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
Tags map[string]string: A mapping of tags to assign to the resource.

certificatePolicy CertifiateCertificatePolicy: A certificate_policy block as defined below.
keyVaultId string: The ID of the Key Vault where the Certificate should be created.
certificate CertifiateCertificate: A certificate block as defined below, used to Import an existing certificate.
name string: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
tags {[key: string]: string}: A mapping of tags to assign to the resource.

certificate_policy Dict[CertifiateCertificatePolicy]: A certificate_policy block as defined below.
key_vault_id str: The ID of the Key Vault where the Certificate should be created.
certificate Dict[CertifiateCertificate]: A certificate block as defined below, used to Import an existing certificate.
name str: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
tags Dict[str, str]: A mapping of tags to assign to the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the Certifiate resource produces the following output properties:

CertificateData string: The raw Key Vault Certificate data represented as a hexadecimal string.
Id string: The provider-assigned unique ID for this managed resource.
SecretId string: The ID of the associated Key Vault Secret.
Thumbprint string: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
Version string: The current version of the Key Vault Certificate.

CertificateData string: The raw Key Vault Certificate data represented as a hexadecimal string.
Id string: The provider-assigned unique ID for this managed resource.
SecretId string: The ID of the associated Key Vault Secret.
Thumbprint string: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
Version string: The current version of the Key Vault Certificate.

certificateData string: The raw Key Vault Certificate data represented as a hexadecimal string.
id string: The provider-assigned unique ID for this managed resource.
secretId string: The ID of the associated Key Vault Secret.
thumbprint string: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
version string: The current version of the Key Vault Certificate.

certificate_data str: The raw Key Vault Certificate data represented as a hexadecimal string.
id str: The provider-assigned unique ID for this managed resource.
secret_id str: The ID of the associated Key Vault Secret.
thumbprint str: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
version str: The current version of the Key Vault Certificate.

Look up an Existing Certifiate Resource

Get an existing Certifiate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CertifiateState, opts?: CustomResourceOptions): Certifiate

static get(resource_name, id, opts=None, certificate=None, certificate_data=None, certificate_policy=None, key_vault_id=None, name=None, secret_id=None, tags=None, thumbprint=None, version=None, __props__=None);

func GetCertifiate(ctx *Context, name string, id IDInput, state *CertifiateState, opts ...ResourceOption) (*Certifiate, error)

public static Certifiate Get(string name, Input<string> id, CertifiateState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CertificateData string: The raw Key Vault Certificate data represented as a hexadecimal string.
CertificatePolicy CertifiateCertificatePolicyArgs: A certificate_policy block as defined below.
KeyVaultCertificate CertifiateCertificateArgs: A certificate block as defined below, used to Import an existing certificate.
KeyVaultId string: The ID of the Key Vault where the Certificate should be created.
Name string: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
SecretId string: The ID of the associated Key Vault Secret.
Tags Dictionary<string, string>: A mapping of tags to assign to the resource.
Thumbprint string: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
Version string: The current version of the Key Vault Certificate.

Certificate CertifiateCertificate: A certificate block as defined below, used to Import an existing certificate.
CertificateData string: The raw Key Vault Certificate data represented as a hexadecimal string.
CertificatePolicy CertifiateCertificatePolicy: A certificate_policy block as defined below.
KeyVaultId string: The ID of the Key Vault where the Certificate should be created.
Name string: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
SecretId string: The ID of the associated Key Vault Secret.
Tags map[string]string: A mapping of tags to assign to the resource.
Thumbprint string: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
Version string: The current version of the Key Vault Certificate.

certificate CertifiateCertificate: A certificate block as defined below, used to Import an existing certificate.
certificateData string: The raw Key Vault Certificate data represented as a hexadecimal string.
certificatePolicy CertifiateCertificatePolicy: A certificate_policy block as defined below.
keyVaultId string: The ID of the Key Vault where the Certificate should be created.
name string: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
secretId string: The ID of the associated Key Vault Secret.
tags {[key: string]: string}: A mapping of tags to assign to the resource.
thumbprint string: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
version string: The current version of the Key Vault Certificate.

certificate Dict[CertifiateCertificate]: A certificate block as defined below, used to Import an existing certificate.
certificate_data str: The raw Key Vault Certificate data represented as a hexadecimal string.
certificate_policy Dict[CertifiateCertificatePolicy]: A certificate_policy block as defined below.
key_vault_id str: The ID of the Key Vault where the Certificate should be created.
name str: Specifies the name of the Key Vault Certificate. Changing this forces a new resource to be created.
secret_id str: The ID of the associated Key Vault Secret.
tags Dict[str, str]: A mapping of tags to assign to the resource.
thumbprint str: The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
version str: The current version of the Key Vault Certificate.

Supporting Types

CertifiateCertificate

Contents string: The base64-encoded certificate contents. Changing this forces a new resource to be created.
Password string: The password associated with the certificate. Changing this forces a new resource to be created.

Contents string: The base64-encoded certificate contents. Changing this forces a new resource to be created.
Password string: The password associated with the certificate. Changing this forces a new resource to be created.

contents string: The base64-encoded certificate contents. Changing this forces a new resource to be created.
password string: The password associated with the certificate. Changing this forces a new resource to be created.

contents str: The base64-encoded certificate contents. Changing this forces a new resource to be created.
password str: The password associated with the certificate. Changing this forces a new resource to be created.

CertifiateCertificatePolicy

IssuerParameters CertifiateCertificatePolicyIssuerParametersArgs: A issuer_parameters block as defined below.
KeyProperties CertifiateCertificatePolicyKeyPropertiesArgs: A key_properties block as defined below.
SecretProperties CertifiateCertificatePolicySecretPropertiesArgs: A secret_properties block as defined below.
LifetimeActions List<CertifiateCertificatePolicyLifetimeActionArgs>: A lifetime_action block as defined below.
X509CertificateProperties CertifiateCertificatePolicyX509CertificatePropertiesArgs: A x509_certificate_properties block as defined below. Required when certificate block is not specified.

IssuerParameters CertifiateCertificatePolicyIssuerParameters: A issuer_parameters block as defined below.
KeyProperties CertifiateCertificatePolicyKeyProperties: A key_properties block as defined below.
SecretProperties CertifiateCertificatePolicySecretProperties: A secret_properties block as defined below.
LifetimeActions []CertifiateCertificatePolicyLifetimeAction: A lifetime_action block as defined below.
X509CertificateProperties CertifiateCertificatePolicyX509CertificateProperties: A x509_certificate_properties block as defined below. Required when certificate block is not specified.

issuerParameters CertifiateCertificatePolicyIssuerParameters: A issuer_parameters block as defined below.
keyProperties CertifiateCertificatePolicyKeyProperties: A key_properties block as defined below.
secretProperties CertifiateCertificatePolicySecretProperties: A secret_properties block as defined below.
lifetimeActions CertifiateCertificatePolicyLifetimeAction[]: A lifetime_action block as defined below.
x509CertificateProperties CertifiateCertificatePolicyX509CertificateProperties: A x509_certificate_properties block as defined below. Required when certificate block is not specified.

issuerParameters Dict[CertifiateCertificatePolicyIssuerParameters]: A issuer_parameters block as defined below.
key_properties Dict[CertifiateCertificatePolicyKeyProperties]: A key_properties block as defined below.
secretProperties Dict[CertifiateCertificatePolicySecretProperties]: A secret_properties block as defined below.
lifetimeActions List[CertifiateCertificatePolicyLifetimeAction]: A lifetime_action block as defined below.
x509CertificateProperties Dict[CertifiateCertificatePolicyX509CertificateProperties]: A x509_certificate_properties block as defined below. Required when certificate block is not specified.

CertifiateCertificatePolicyIssuerParameters

Name string: The name of the Certificate Issuer. Possible values include Self (for self-signed certificate), or Unknown (for a certificate issuing authority like Let's Encrypt and Azure direct supported ones). Changing this forces a new resource to be created.

Name string: The name of the Certificate Issuer. Possible values include Self (for self-signed certificate), or Unknown (for a certificate issuing authority like Let's Encrypt and Azure direct supported ones). Changing this forces a new resource to be created.

name string: The name of the Certificate Issuer. Possible values include Self (for self-signed certificate), or Unknown (for a certificate issuing authority like Let's Encrypt and Azure direct supported ones). Changing this forces a new resource to be created.

name str: The name of the Certificate Issuer. Possible values include Self (for self-signed certificate), or Unknown (for a certificate issuing authority like Let's Encrypt and Azure direct supported ones). Changing this forces a new resource to be created.

CertifiateCertificatePolicyKeyProperties

Exportable bool: Is this Certificate Exportable? Changing this forces a new resource to be created.
KeySize int: The size of the Key used in the Certificate. Possible values include 2048 and 4096. Changing this forces a new resource to be created.
KeyType string: Specifies the Type of Key, such as RSA. Changing this forces a new resource to be created.
ReuseKey bool: Is the key reusable? Changing this forces a new resource to be created.

Exportable bool: Is this Certificate Exportable? Changing this forces a new resource to be created.
KeySize int: The size of the Key used in the Certificate. Possible values include 2048 and 4096. Changing this forces a new resource to be created.
KeyType string: Specifies the Type of Key, such as RSA. Changing this forces a new resource to be created.
ReuseKey bool: Is the key reusable? Changing this forces a new resource to be created.

exportable boolean: Is this Certificate Exportable? Changing this forces a new resource to be created.
keySize number: The size of the Key used in the Certificate. Possible values include 2048 and 4096. Changing this forces a new resource to be created.
keyType string: Specifies the Type of Key, such as RSA. Changing this forces a new resource to be created.
reuseKey boolean: Is the key reusable? Changing this forces a new resource to be created.

exportable bool: Is this Certificate Exportable? Changing this forces a new resource to be created.
key_size float: The size of the Key used in the Certificate. Possible values include 2048 and 4096. Changing this forces a new resource to be created.
key_type str: Specifies the Type of Key, such as RSA. Changing this forces a new resource to be created.
reuseKey bool: Is the key reusable? Changing this forces a new resource to be created.

CertifiateCertificatePolicyLifetimeAction

Action CertifiateCertificatePolicyLifetimeActionActionArgs: A action block as defined below.
Trigger CertifiateCertificatePolicyLifetimeActionTriggerArgs: A trigger block as defined below.

Action CertifiateCertificatePolicyLifetimeActionAction: A action block as defined below.
Trigger CertifiateCertificatePolicyLifetimeActionTrigger: A trigger block as defined below.

action CertifiateCertificatePolicyLifetimeActionAction: A action block as defined below.
trigger CertifiateCertificatePolicyLifetimeActionTrigger: A trigger block as defined below.

action Dict[CertifiateCertificatePolicyLifetimeActionAction]: A action block as defined below.
trigger Dict[CertifiateCertificatePolicyLifetimeActionTrigger]: A trigger block as defined below.

CertifiateCertificatePolicyLifetimeActionAction

ActionType string: The Type of action to be performed when the lifetime trigger is triggerec. Possible values include AutoRenew and EmailContacts. Changing this forces a new resource to be created.

ActionType string: The Type of action to be performed when the lifetime trigger is triggerec. Possible values include AutoRenew and EmailContacts. Changing this forces a new resource to be created.

actionType string: The Type of action to be performed when the lifetime trigger is triggerec. Possible values include AutoRenew and EmailContacts. Changing this forces a new resource to be created.

actionType str: The Type of action to be performed when the lifetime trigger is triggerec. Possible values include AutoRenew and EmailContacts. Changing this forces a new resource to be created.

CertifiateCertificatePolicyLifetimeActionTrigger

DaysBeforeExpiry int: The number of days before the Certificate expires that the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with lifetime_percentage.
LifetimePercentage int: The percentage at which during the Certificates Lifetime the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with days_before_expiry.

DaysBeforeExpiry int: The number of days before the Certificate expires that the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with lifetime_percentage.
LifetimePercentage int: The percentage at which during the Certificates Lifetime the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with days_before_expiry.

daysBeforeExpiry number: The number of days before the Certificate expires that the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with lifetime_percentage.
lifetimePercentage number: The percentage at which during the Certificates Lifetime the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with days_before_expiry.

daysBeforeExpiry float: The number of days before the Certificate expires that the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with lifetime_percentage.
lifetimePercentage float: The percentage at which during the Certificates Lifetime the action associated with this Trigger should run. Changing this forces a new resource to be created. Conflicts with days_before_expiry.

CertifiateCertificatePolicySecretProperties

ContentType string: The Content-Type of the Certificate, such as application/x-pkcs12 for a PFX or application/x-pem-file for a PEM. Changing this forces a new resource to be created.

ContentType string: The Content-Type of the Certificate, such as application/x-pkcs12 for a PFX or application/x-pem-file for a PEM. Changing this forces a new resource to be created.

contentType string: The Content-Type of the Certificate, such as application/x-pkcs12 for a PFX or application/x-pem-file for a PEM. Changing this forces a new resource to be created.

content_type str: The Content-Type of the Certificate, such as application/x-pkcs12 for a PFX or application/x-pem-file for a PEM. Changing this forces a new resource to be created.

CertifiateCertificatePolicyX509CertificateProperties

KeyUsages List<string>: A list of uses associated with this Key. Possible values include cRLSign, dataEncipherment, decipherOnly, digitalSignature, encipherOnly, keyAgreement, keyCertSign, keyEncipherment and nonRepudiation and are case-sensitive. Changing this forces a new resource to be created.
Subject string: The Certificate’s Subject. Changing this forces a new resource to be created.
ValidityInMonths int: The Certificates Validity Period in Months. Changing this forces a new resource to be created.
ExtendedKeyUsages List<string>: A list of Extended/Enhanced Key Usages. Changing this forces a new resource to be created.
SubjectAlternativeNames CertifiateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs: A subject_alternative_names block as defined below.

KeyUsages []string: A list of uses associated with this Key. Possible values include cRLSign, dataEncipherment, decipherOnly, digitalSignature, encipherOnly, keyAgreement, keyCertSign, keyEncipherment and nonRepudiation and are case-sensitive. Changing this forces a new resource to be created.
Subject string: The Certificate’s Subject. Changing this forces a new resource to be created.
ValidityInMonths int: The Certificates Validity Period in Months. Changing this forces a new resource to be created.
ExtendedKeyUsages []string: A list of Extended/Enhanced Key Usages. Changing this forces a new resource to be created.
SubjectAlternativeNames CertifiateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNames: A subject_alternative_names block as defined below.

keyUsages string[]: A list of uses associated with this Key. Possible values include cRLSign, dataEncipherment, decipherOnly, digitalSignature, encipherOnly, keyAgreement, keyCertSign, keyEncipherment and nonRepudiation and are case-sensitive. Changing this forces a new resource to be created.
subject string: The Certificate’s Subject. Changing this forces a new resource to be created.
validityInMonths number: The Certificates Validity Period in Months. Changing this forces a new resource to be created.
extendedKeyUsages string[]: A list of Extended/Enhanced Key Usages. Changing this forces a new resource to be created.
subjectAlternativeNames CertifiateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNames: A subject_alternative_names block as defined below.

keyUsages List[str]: A list of uses associated with this Key. Possible values include cRLSign, dataEncipherment, decipherOnly, digitalSignature, encipherOnly, keyAgreement, keyCertSign, keyEncipherment and nonRepudiation and are case-sensitive. Changing this forces a new resource to be created.
subject str: The Certificate’s Subject. Changing this forces a new resource to be created.
validityInMonths float: The Certificates Validity Period in Months. Changing this forces a new resource to be created.
extendedKeyUsages List[str]: A list of Extended/Enhanced Key Usages. Changing this forces a new resource to be created.
subjectAlternativeNames Dict[CertifiateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNames]: A subject_alternative_names block as defined below.

CertifiateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNames

DnsNames List<string>: A list of alternative DNS names (FQDNs) identified by the Certificate. Changing this forces a new resource to be created.
Emails List<string>: A list of email addresses identified by this Certificate. Changing this forces a new resource to be created.
Upns List<string>: A list of User Principal Names identified by the Certificate. Changing this forces a new resource to be created.

DnsNames []string: A list of alternative DNS names (FQDNs) identified by the Certificate. Changing this forces a new resource to be created.
Emails []string: A list of email addresses identified by this Certificate. Changing this forces a new resource to be created.
Upns []string: A list of User Principal Names identified by the Certificate. Changing this forces a new resource to be created.

dnsNames string[]: A list of alternative DNS names (FQDNs) identified by the Certificate. Changing this forces a new resource to be created.
emails string[]: A list of email addresses identified by this Certificate. Changing this forces a new resource to be created.
upns string[]: A list of User Principal Names identified by the Certificate. Changing this forces a new resource to be created.

dnsNames List[str]: A list of alternative DNS names (FQDNs) identified by the Certificate. Changing this forces a new resource to be created.
emails List[str]: A list of email addresses identified by this Certificate. Changing this forces a new resource to be created.
upns List[str]: A list of User Principal Names identified by the Certificate. Changing this forces a new resource to be created.

Package Details

Repository: https://github.com/pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud