All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.certificateauthority.kotlin.CertificateTemplateArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.certificateauthority.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.certificateauthority.CertificateTemplateArgs.builder
import com.pulumi.gcp.certificateauthority.kotlin.inputs.CertificateTemplateIdentityConstraintsArgs
import com.pulumi.gcp.certificateauthority.kotlin.inputs.CertificateTemplateIdentityConstraintsArgsBuilder
import com.pulumi.gcp.certificateauthority.kotlin.inputs.CertificateTemplatePassthroughExtensionsArgs
import com.pulumi.gcp.certificateauthority.kotlin.inputs.CertificateTemplatePassthroughExtensionsArgsBuilder
import com.pulumi.gcp.certificateauthority.kotlin.inputs.CertificateTemplatePredefinedValuesArgs
import com.pulumi.gcp.certificateauthority.kotlin.inputs.CertificateTemplatePredefinedValuesArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.Map
import kotlin.jvm.JvmName

/**
 * Certificate Authority Service provides reusable and parameterized templates that you can use for common certificate issuance scenarios. A certificate template represents a relatively static and well-defined certificate issuance schema within an organization.  A certificate template can essentially become a full-fledged vertical certificate issuance framework.
 * For more information, see:
 * * [Understanding Certificate Templates](https://cloud.google.com/certificate-authority-service/docs/certificate-template)
 * * [Common configurations and Certificate Profiles](https://cloud.google.com/certificate-authority-service/docs/certificate-profile)
 * ## Example Usage
 * ### Basic_certificate_template
 * An example of a basic privateca certificate template
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const primary = new gcp.certificateauthority.CertificateTemplate("primary", {
 *     location: "us-west1",
 *     name: "template",
 *     description: "An updated sample certificate template",
 *     identityConstraints: {
 *         allowSubjectAltNamesPassthrough: true,
 *         allowSubjectPassthrough: true,
 *         celExpression: {
 *             description: "Always true",
 *             expression: "true",
 *             location: "any.file.anywhere",
 *             title: "Sample expression",
 *         },
 *     },
 *     maximumLifetime: "86400s",
 *     passthroughExtensions: {
 *         additionalExtensions: [{
 *             objectIdPaths: [
 *                 1,
 *                 6,
 *             ],
 *         }],
 *         knownExtensions: ["EXTENDED_KEY_USAGE"],
 *     },
 *     predefinedValues: {
 *         additionalExtensions: [{
 *             objectId: {
 *                 objectIdPaths: [
 *                     1,
 *                     6,
 *                 ],
 *             },
 *             value: "c3RyaW5nCg==",
 *             critical: true,
 *         }],
 *         aiaOcspServers: ["string"],
 *         caOptions: {
 *             isCa: false,
 *             maxIssuerPathLength: 6,
 *         },
 *         keyUsage: {
 *             baseKeyUsage: {
 *                 certSign: false,
 *                 contentCommitment: true,
 *                 crlSign: false,
 *                 dataEncipherment: true,
 *                 decipherOnly: true,
 *                 digitalSignature: true,
 *                 encipherOnly: true,
 *                 keyAgreement: true,
 *                 keyEncipherment: true,
 *             },
 *             extendedKeyUsage: {
 *                 clientAuth: true,
 *                 codeSigning: true,
 *                 emailProtection: true,
 *                 ocspSigning: true,
 *                 serverAuth: true,
 *                 timeStamping: true,
 *             },
 *             unknownExtendedKeyUsages: [{
 *                 objectIdPaths: [
 *                     1,
 *                     6,
 *                 ],
 *             }],
 *         },
 *         policyIds: [{
 *             objectIdPaths: [
 *                 1,
 *                 6,
 *             ],
 *         }],
 *     },
 *     project: "my-project-name",
 *     labels: {
 *         "label-two": "value-two",
 *     },
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * primary = gcp.certificateauthority.CertificateTemplate("primary",
 *     location="us-west1",
 *     name="template",
 *     description="An updated sample certificate template",
 *     identity_constraints=gcp.certificateauthority.CertificateTemplateIdentityConstraintsArgs(
 *         allow_subject_alt_names_passthrough=True,
 *         allow_subject_passthrough=True,
 *         cel_expression=gcp.certificateauthority.CertificateTemplateIdentityConstraintsCelExpressionArgs(
 *             description="Always true",
 *             expression="true",
 *             location="any.file.anywhere",
 *             title="Sample expression",
 *         ),
 *     ),
 *     maximum_lifetime="86400s",
 *     passthrough_extensions=gcp.certificateauthority.CertificateTemplatePassthroughExtensionsArgs(
 *         additional_extensions=[gcp.certificateauthority.CertificateTemplatePassthroughExtensionsAdditionalExtensionArgs(
 *             object_id_paths=[
 *                 1,
 *                 6,
 *             ],
 *         )],
 *         known_extensions=["EXTENDED_KEY_USAGE"],
 *     ),
 *     predefined_values=gcp.certificateauthority.CertificateTemplatePredefinedValuesArgs(
 *         additional_extensions=[gcp.certificateauthority.CertificateTemplatePredefinedValuesAdditionalExtensionArgs(
 *             object_id=gcp.certificateauthority.CertificateTemplatePredefinedValuesAdditionalExtensionObjectIdArgs(
 *                 object_id_paths=[
 *                     1,
 *                     6,
 *                 ],
 *             ),
 *             value="c3RyaW5nCg==",
 *             critical=True,
 *         )],
 *         aia_ocsp_servers=["string"],
 *         ca_options=gcp.certificateauthority.CertificateTemplatePredefinedValuesCaOptionsArgs(
 *             is_ca=False,
 *             max_issuer_path_length=6,
 *         ),
 *         key_usage=gcp.certificateauthority.CertificateTemplatePredefinedValuesKeyUsageArgs(
 *             base_key_usage=gcp.certificateauthority.CertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageArgs(
 *                 cert_sign=False,
 *                 content_commitment=True,
 *                 crl_sign=False,
 *                 data_encipherment=True,
 *                 decipher_only=True,
 *                 digital_signature=True,
 *                 encipher_only=True,
 *                 key_agreement=True,
 *                 key_encipherment=True,
 *             ),
 *             extended_key_usage=gcp.certificateauthority.CertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageArgs(
 *                 client_auth=True,
 *                 code_signing=True,
 *                 email_protection=True,
 *                 ocsp_signing=True,
 *                 server_auth=True,
 *                 time_stamping=True,
 *             ),
 *             unknown_extended_key_usages=[gcp.certificateauthority.CertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsageArgs(
 *                 object_id_paths=[
 *                     1,
 *                     6,
 *                 ],
 *             )],
 *         ),
 *         policy_ids=[gcp.certificateauthority.CertificateTemplatePredefinedValuesPolicyIdArgs(
 *             object_id_paths=[
 *                 1,
 *                 6,
 *             ],
 *         )],
 *     ),
 *     project="my-project-name",
 *     labels={
 *         "label-two": "value-two",
 *     })
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var primary = new Gcp.CertificateAuthority.CertificateTemplate("primary", new()
 *     {
 *         Location = "us-west1",
 *         Name = "template",
 *         Description = "An updated sample certificate template",
 *         IdentityConstraints = new Gcp.CertificateAuthority.Inputs.CertificateTemplateIdentityConstraintsArgs
 *         {
 *             AllowSubjectAltNamesPassthrough = true,
 *             AllowSubjectPassthrough = true,
 *             CelExpression = new Gcp.CertificateAuthority.Inputs.CertificateTemplateIdentityConstraintsCelExpressionArgs
 *             {
 *                 Description = "Always true",
 *                 Expression = "true",
 *                 Location = "any.file.anywhere",
 *                 Title = "Sample expression",
 *             },
 *         },
 *         MaximumLifetime = "86400s",
 *         PassthroughExtensions = new Gcp.CertificateAuthority.Inputs.CertificateTemplatePassthroughExtensionsArgs
 *         {
 *             AdditionalExtensions = new[]
 *             {
 *                 new Gcp.CertificateAuthority.Inputs.CertificateTemplatePassthroughExtensionsAdditionalExtensionArgs
 *                 {
 *                     ObjectIdPaths = new[]
 *                     {
 *                         1,
 *                         6,
 *                     },
 *                 },
 *             },
 *             KnownExtensions = new[]
 *             {
 *                 "EXTENDED_KEY_USAGE",
 *             },
 *         },
 *         PredefinedValues = new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesArgs
 *         {
 *             AdditionalExtensions = new[]
 *             {
 *                 new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesAdditionalExtensionArgs
 *                 {
 *                     ObjectId = new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesAdditionalExtensionObjectIdArgs
 *                     {
 *                         ObjectIdPaths = new[]
 *                         {
 *                             1,
 *                             6,
 *                         },
 *                     },
 *                     Value = "c3RyaW5nCg==",
 *                     Critical = true,
 *                 },
 *             },
 *             AiaOcspServers = new[]
 *             {
 *                 "string",
 *             },
 *             CaOptions = new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesCaOptionsArgs
 *             {
 *                 IsCa = false,
 *                 MaxIssuerPathLength = 6,
 *             },
 *             KeyUsage = new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesKeyUsageArgs
 *             {
 *                 BaseKeyUsage = new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageArgs
 *                 {
 *                     CertSign = false,
 *                     ContentCommitment = true,
 *                     CrlSign = false,
 *                     DataEncipherment = true,
 *                     DecipherOnly = true,
 *                     DigitalSignature = true,
 *                     EncipherOnly = true,
 *                     KeyAgreement = true,
 *                     KeyEncipherment = true,
 *                 },
 *                 ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageArgs
 *                 {
 *                     ClientAuth = true,
 *                     CodeSigning = true,
 *                     EmailProtection = true,
 *                     OcspSigning = true,
 *                     ServerAuth = true,
 *                     TimeStamping = true,
 *                 },
 *                 UnknownExtendedKeyUsages = new[]
 *                 {
 *                     new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsageArgs
 *                     {
 *                         ObjectIdPaths = new[]
 *                         {
 *                             1,
 *                             6,
 *                         },
 *                     },
 *                 },
 *             },
 *             PolicyIds = new[]
 *             {
 *                 new Gcp.CertificateAuthority.Inputs.CertificateTemplatePredefinedValuesPolicyIdArgs
 *                 {
 *                     ObjectIdPaths = new[]
 *                     {
 *                         1,
 *                         6,
 *                     },
 *                 },
 *             },
 *         },
 *         Project = "my-project-name",
 *         Labels =
 *         {
 *             { "label-two", "value-two" },
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificateauthority"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := certificateauthority.NewCertificateTemplate(ctx, "primary", &certificateauthority.CertificateTemplateArgs{
 * 			Location:    pulumi.String("us-west1"),
 * 			Name:        pulumi.String("template"),
 * 			Description: pulumi.String("An updated sample certificate template"),
 * 			IdentityConstraints: &certificateauthority.CertificateTemplateIdentityConstraintsArgs{
 * 				AllowSubjectAltNamesPassthrough: pulumi.Bool(true),
 * 				AllowSubjectPassthrough:         pulumi.Bool(true),
 * 				CelExpression: &certificateauthority.CertificateTemplateIdentityConstraintsCelExpressionArgs{
 * 					Description: pulumi.String("Always true"),
 * 					Expression:  pulumi.String("true"),
 * 					Location:    pulumi.String("any.file.anywhere"),
 * 					Title:       pulumi.String("Sample expression"),
 * 				},
 * 			},
 * 			MaximumLifetime: pulumi.String("86400s"),
 * 			PassthroughExtensions: &certificateauthority.CertificateTemplatePassthroughExtensionsArgs{
 * 				AdditionalExtensions: certificateauthority.CertificateTemplatePassthroughExtensionsAdditionalExtensionArray{
 * 					&certificateauthority.CertificateTemplatePassthroughExtensionsAdditionalExtensionArgs{
 * 						ObjectIdPaths: pulumi.IntArray{
 * 							pulumi.Int(1),
 * 							pulumi.Int(6),
 * 						},
 * 					},
 * 				},
 * 				KnownExtensions: pulumi.StringArray{
 * 					pulumi.String("EXTENDED_KEY_USAGE"),
 * 				},
 * 			},
 * 			PredefinedValues: &certificateauthority.CertificateTemplatePredefinedValuesArgs{
 * 				AdditionalExtensions: certificateauthority.CertificateTemplatePredefinedValuesAdditionalExtensionArray{
 * 					&certificateauthority.CertificateTemplatePredefinedValuesAdditionalExtensionArgs{
 * 						ObjectId: &certificateauthority.CertificateTemplatePredefinedValuesAdditionalExtensionObjectIdArgs{
 * 							ObjectIdPaths: pulumi.IntArray{
 * 								pulumi.Int(1),
 * 								pulumi.Int(6),
 * 							},
 * 						},
 * 						Value:    pulumi.String("c3RyaW5nCg=="),
 * 						Critical: pulumi.Bool(true),
 * 					},
 * 				},
 * 				AiaOcspServers: pulumi.StringArray{
 * 					pulumi.String("string"),
 * 				},
 * 				CaOptions: &certificateauthority.CertificateTemplatePredefinedValuesCaOptionsArgs{
 * 					IsCa:                pulumi.Bool(false),
 * 					MaxIssuerPathLength: pulumi.Int(6),
 * 				},
 * 				KeyUsage: &certificateauthority.CertificateTemplatePredefinedValuesKeyUsageArgs{
 * 					BaseKeyUsage: &certificateauthority.CertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageArgs{
 * 						CertSign:          pulumi.Bool(false),
 * 						ContentCommitment: pulumi.Bool(true),
 * 						CrlSign:           pulumi.Bool(false),
 * 						DataEncipherment:  pulumi.Bool(true),
 * 						DecipherOnly:      pulumi.Bool(true),
 * 						DigitalSignature:  pulumi.Bool(true),
 * 						EncipherOnly:      pulumi.Bool(true),
 * 						KeyAgreement:      pulumi.Bool(true),
 * 						KeyEncipherment:   pulumi.Bool(true),
 * 					},
 * 					ExtendedKeyUsage: &certificateauthority.CertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageArgs{
 * 						ClientAuth:      pulumi.Bool(true),
 * 						CodeSigning:     pulumi.Bool(true),
 * 						EmailProtection: pulumi.Bool(true),
 * 						OcspSigning:     pulumi.Bool(true),
 * 						ServerAuth:      pulumi.Bool(true),
 * 						TimeStamping:    pulumi.Bool(true),
 * 					},
 * 					UnknownExtendedKeyUsages: certificateauthority.CertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsageArray{
 * 						&certificateauthority.CertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsageArgs{
 * 							ObjectIdPaths: pulumi.IntArray{
 * 								pulumi.Int(1),
 * 								pulumi.Int(6),
 * 							},
 * 						},
 * 					},
 * 				},
 * 				PolicyIds: certificateauthority.CertificateTemplatePredefinedValuesPolicyIdArray{
 * 					&certificateauthority.CertificateTemplatePredefinedValuesPolicyIdArgs{
 * 						ObjectIdPaths: pulumi.IntArray{
 * 							pulumi.Int(1),
 * 							pulumi.Int(6),
 * 						},
 * 					},
 * 				},
 * 			},
 * 			Project: pulumi.String("my-project-name"),
 * 			Labels: pulumi.StringMap{
 * 				"label-two": pulumi.String("value-two"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificateauthority.CertificateTemplate;
 * import com.pulumi.gcp.certificateauthority.CertificateTemplateArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplateIdentityConstraintsArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplateIdentityConstraintsCelExpressionArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplatePassthroughExtensionsArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplatePredefinedValuesArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplatePredefinedValuesCaOptionsArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplatePredefinedValuesKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.CertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var primary = new CertificateTemplate("primary", CertificateTemplateArgs.builder()
 *             .location("us-west1")
 *             .name("template")
 *             .description("An updated sample certificate template")
 *             .identityConstraints(CertificateTemplateIdentityConstraintsArgs.builder()
 *                 .allowSubjectAltNamesPassthrough(true)
 *                 .allowSubjectPassthrough(true)
 *                 .celExpression(CertificateTemplateIdentityConstraintsCelExpressionArgs.builder()
 *                     .description("Always true")
 *                     .expression("true")
 *                     .location("any.file.anywhere")
 *                     .title("Sample expression")
 *                     .build())
 *                 .build())
 *             .maximumLifetime("86400s")
 *             .passthroughExtensions(CertificateTemplatePassthroughExtensionsArgs.builder()
 *                 .additionalExtensions(CertificateTemplatePassthroughExtensionsAdditionalExtensionArgs.builder()
 *                     .objectIdPaths(
 *                         1,
 *                         6)
 *                     .build())
 *                 .knownExtensions("EXTENDED_KEY_USAGE")
 *                 .build())
 *             .predefinedValues(CertificateTemplatePredefinedValuesArgs.builder()
 *                 .additionalExtensions(CertificateTemplatePredefinedValuesAdditionalExtensionArgs.builder()
 *                     .objectId(CertificateTemplatePredefinedValuesAdditionalExtensionObjectIdArgs.builder()
 *                         .objectIdPaths(
 *                             1,
 *                             6)
 *                         .build())
 *                     .value("c3RyaW5nCg==")
 *                     .critical(true)
 *                     .build())
 *                 .aiaOcspServers("string")
 *                 .caOptions(CertificateTemplatePredefinedValuesCaOptionsArgs.builder()
 *                     .isCa(false)
 *                     .maxIssuerPathLength(6)
 *                     .build())
 *                 .keyUsage(CertificateTemplatePredefinedValuesKeyUsageArgs.builder()
 *                     .baseKeyUsage(CertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageArgs.builder()
 *                         .certSign(false)
 *                         .contentCommitment(true)
 *                         .crlSign(false)
 *                         .dataEncipherment(true)
 *                         .decipherOnly(true)
 *                         .digitalSignature(true)
 *                         .encipherOnly(true)
 *                         .keyAgreement(true)
 *                         .keyEncipherment(true)
 *                         .build())
 *                     .extendedKeyUsage(CertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageArgs.builder()
 *                         .clientAuth(true)
 *                         .codeSigning(true)
 *                         .emailProtection(true)
 *                         .ocspSigning(true)
 *                         .serverAuth(true)
 *                         .timeStamping(true)
 *                         .build())
 *                     .unknownExtendedKeyUsages(CertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsageArgs.builder()
 *                         .objectIdPaths(
 *                             1,
 *                             6)
 *                         .build())
 *                     .build())
 *                 .policyIds(CertificateTemplatePredefinedValuesPolicyIdArgs.builder()
 *                     .objectIdPaths(
 *                         1,
 *                         6)
 *                     .build())
 *                 .build())
 *             .project("my-project-name")
 *             .labels(Map.of("label-two", "value-two"))
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   primary:
 *     type: gcp:certificateauthority:CertificateTemplate
 *     properties:
 *       location: us-west1
 *       name: template
 *       description: An updated sample certificate template
 *       identityConstraints:
 *         allowSubjectAltNamesPassthrough: true
 *         allowSubjectPassthrough: true
 *         celExpression:
 *           description: Always true
 *           expression: 'true'
 *           location: any.file.anywhere
 *           title: Sample expression
 *       maximumLifetime: 86400s
 *       passthroughExtensions:
 *         additionalExtensions:
 *           - objectIdPaths:
 *               - 1
 *               - 6
 *         knownExtensions:
 *           - EXTENDED_KEY_USAGE
 *       predefinedValues:
 *         additionalExtensions:
 *           - objectId:
 *               objectIdPaths:
 *                 - 1
 *                 - 6
 *             value: c3RyaW5nCg==
 *             critical: true
 *         aiaOcspServers:
 *           - string
 *         caOptions:
 *           isCa: false
 *           maxIssuerPathLength: 6
 *         keyUsage:
 *           baseKeyUsage:
 *             certSign: false
 *             contentCommitment: true
 *             crlSign: false
 *             dataEncipherment: true
 *             decipherOnly: true
 *             digitalSignature: true
 *             encipherOnly: true
 *             keyAgreement: true
 *             keyEncipherment: true
 *           extendedKeyUsage:
 *             clientAuth: true
 *             codeSigning: true
 *             emailProtection: true
 *             ocspSigning: true
 *             serverAuth: true
 *             timeStamping: true
 *           unknownExtendedKeyUsages:
 *             - objectIdPaths:
 *                 - 1
 *                 - 6
 *         policyIds:
 *           - objectIdPaths:
 *               - 1
 *               - 6
 *       project: my-project-name
 *       labels:
 *         label-two: value-two
 * ```
 * 
 * ## Import
 * CertificateTemplate can be imported using any of these accepted formats:
 * * `projects/{{project}}/locations/{{location}}/certificateTemplates/{{name}}`
 * * `{{project}}/{{location}}/{{name}}`
 * * `{{location}}/{{name}}`
 * When using the `pulumi import` command, CertificateTemplate can be imported using one of the formats above. For example:
 * ```sh
 * $ pulumi import gcp:certificateauthority/certificateTemplate:CertificateTemplate default projects/{{project}}/locations/{{location}}/certificateTemplates/{{name}}
 * ```
 * ```sh
 * $ pulumi import gcp:certificateauthority/certificateTemplate:CertificateTemplate default {{project}}/{{location}}/{{name}}
 * ```
 * ```sh
 * $ pulumi import gcp:certificateauthority/certificateTemplate:CertificateTemplate default {{location}}/{{name}}
 * ```
 * @property description Optional. A human-readable description of scenarios this template is intended for.
 * @property identityConstraints Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is
 * omitted, then this template will not add restrictions on a certificate's identity.
 * @property labels Optional. Labels with user-defined metadata. **Note**: This field is non-authoritative, and will only manage the labels
 * present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the
 * resource.
 * @property location The location for the resource
 * @property maximumLifetime Optional. The maximum lifetime allowed for all issued certificates that use this template. If the issuing CaPool's
 * IssuancePolicy specifies a maximum lifetime the minimum of the two durations will be the maximum lifetime for issued.
 * Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective
 * lifetime will be explicitly truncated to match it.
 * @property name The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
 * @property passthroughExtensions Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate.
 * If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be
 * dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance
 * request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions.
 * These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
 * @property predefinedValues Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the
 * certificate request includes conflicting values for the same properties, they will be overwritten by the values defined
 * here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the
 * certificate issuance request will fail.
 * @property project The project for the resource
 * */*/*/
 */
public data class CertificateTemplateArgs(
    public val description: Output? = null,
    public val identityConstraints: Output? = null,
    public val labels: Output>? = null,
    public val location: Output? = null,
    public val maximumLifetime: Output? = null,
    public val name: Output? = null,
    public val passthroughExtensions: Output? = null,
    public val predefinedValues: Output? = null,
    public val project: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.certificateauthority.CertificateTemplateArgs =
        com.pulumi.gcp.certificateauthority.CertificateTemplateArgs.builder()
            .description(description?.applyValue({ args0 -> args0 }))
            .identityConstraints(
                identityConstraints?.applyValue({ args0 ->
                    args0.let({ args0 ->
                        args0.toJava()
                    })
                }),
            )
            .labels(labels?.applyValue({ args0 -> args0.map({ args0 -> args0.key.to(args0.value) }).toMap() }))
            .location(location?.applyValue({ args0 -> args0 }))
            .maximumLifetime(maximumLifetime?.applyValue({ args0 -> args0 }))
            .name(name?.applyValue({ args0 -> args0 }))
            .passthroughExtensions(
                passthroughExtensions?.applyValue({ args0 ->
                    args0.let({ args0 ->
                        args0.toJava()
                    })
                }),
            )
            .predefinedValues(predefinedValues?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .project(project?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [CertificateTemplateArgs].
 */
@PulumiTagMarker
public class CertificateTemplateArgsBuilder internal constructor() {
    private var description: Output? = null

    private var identityConstraints: Output? = null

    private var labels: Output>? = null

    private var location: Output? = null

    private var maximumLifetime: Output? = null

    private var name: Output? = null

    private var passthroughExtensions: Output? = null

    private var predefinedValues: Output? = null

    private var project: Output? = null

    /**
     * @param value Optional. A human-readable description of scenarios this template is intended for.
     */
    @JvmName("wvkbseiukthvqkkc")
    public suspend fun description(`value`: Output) {
        this.description = value
    }

    /**
     * @param value Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is
     * omitted, then this template will not add restrictions on a certificate's identity.
     */
    @JvmName("npjpykeemkurqvov")
    public suspend fun identityConstraints(`value`: Output) {
        this.identityConstraints = value
    }

    /**
     * @param value Optional. Labels with user-defined metadata. **Note**: This field is non-authoritative, and will only manage the labels
     * present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the
     * resource.
     */
    @JvmName("gqipaghtuggmocgy")
    public suspend fun labels(`value`: Output>) {
        this.labels = value
    }

    /**
     * @param value The location for the resource
     */
    @JvmName("kmumnaxkcghmnbrq")
    public suspend fun location(`value`: Output) {
        this.location = value
    }

    /**
     * @param value Optional. The maximum lifetime allowed for all issued certificates that use this template. If the issuing CaPool's
     * IssuancePolicy specifies a maximum lifetime the minimum of the two durations will be the maximum lifetime for issued.
     * Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective
     * lifetime will be explicitly truncated to match it.
     */
    @JvmName("gamjlqmtxvpvmmfs")
    public suspend fun maximumLifetime(`value`: Output) {
        this.maximumLifetime = value
    }

    /**
     * @param value The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
     * */*/*/
     */
    @JvmName("qudtbfkjxghphiax")
    public suspend fun name(`value`: Output) {
        this.name = value
    }

    /**
     * @param value Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate.
     * If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be
     * dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance
     * request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions.
     * These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
     */
    @JvmName("fdmyukoxecpmkvpm")
    public suspend fun passthroughExtensions(`value`: Output) {
        this.passthroughExtensions = value
    }

    /**
     * @param value Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the
     * certificate request includes conflicting values for the same properties, they will be overwritten by the values defined
     * here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the
     * certificate issuance request will fail.
     */
    @JvmName("gafqknmrentylodk")
    public suspend fun predefinedValues(`value`: Output) {
        this.predefinedValues = value
    }

    /**
     * @param value The project for the resource
     */
    @JvmName("lmoewnoxnuydbjxr")
    public suspend fun project(`value`: Output) {
        this.project = value
    }

    /**
     * @param value Optional. A human-readable description of scenarios this template is intended for.
     */
    @JvmName("rqorvynmcghtjtnx")
    public suspend fun description(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.description = mapped
    }

    /**
     * @param value Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is
     * omitted, then this template will not add restrictions on a certificate's identity.
     */
    @JvmName("pgxebmvmxxssstou")
    public suspend fun identityConstraints(`value`: CertificateTemplateIdentityConstraintsArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.identityConstraints = mapped
    }

    /**
     * @param argument Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is
     * omitted, then this template will not add restrictions on a certificate's identity.
     */
    @JvmName("crvgveaygpmgdsds")
    public suspend fun identityConstraints(argument: suspend CertificateTemplateIdentityConstraintsArgsBuilder.() -> Unit) {
        val toBeMapped = CertificateTemplateIdentityConstraintsArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.identityConstraints = mapped
    }

    /**
     * @param value Optional. Labels with user-defined metadata. **Note**: This field is non-authoritative, and will only manage the labels
     * present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the
     * resource.
     */
    @JvmName("ncxqeccmsowmgpng")
    public suspend fun labels(`value`: Map?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.labels = mapped
    }

    /**
     * @param values Optional. Labels with user-defined metadata. **Note**: This field is non-authoritative, and will only manage the labels
     * present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the
     * resource.
     */
    @JvmName("kbxrcmqfsasyekcl")
    public fun labels(vararg values: Pair) {
        val toBeMapped = values.toMap()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.labels = mapped
    }

    /**
     * @param value The location for the resource
     */
    @JvmName("uesulgnvnbckacli")
    public suspend fun location(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.location = mapped
    }

    /**
     * @param value Optional. The maximum lifetime allowed for all issued certificates that use this template. If the issuing CaPool's
     * IssuancePolicy specifies a maximum lifetime the minimum of the two durations will be the maximum lifetime for issued.
     * Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective
     * lifetime will be explicitly truncated to match it.
     */
    @JvmName("qvmkfvufikuttkrb")
    public suspend fun maximumLifetime(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.maximumLifetime = mapped
    }

    /**
     * @param value The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
     * */*/*/
     */
    @JvmName("sbklrhykxgaabtth")
    public suspend fun name(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.name = mapped
    }

    /**
     * @param value Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate.
     * If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be
     * dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance
     * request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions.
     * These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
     */
    @JvmName("ithdgrjexmihuvss")
    public suspend fun passthroughExtensions(`value`: CertificateTemplatePassthroughExtensionsArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.passthroughExtensions = mapped
    }

    /**
     * @param argument Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate.
     * If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be
     * dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance
     * request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions.
     * These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
     */
    @JvmName("lgfdvmgihwcdnnmm")
    public suspend fun passthroughExtensions(argument: suspend CertificateTemplatePassthroughExtensionsArgsBuilder.() -> Unit) {
        val toBeMapped = CertificateTemplatePassthroughExtensionsArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.passthroughExtensions = mapped
    }

    /**
     * @param value Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the
     * certificate request includes conflicting values for the same properties, they will be overwritten by the values defined
     * here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the
     * certificate issuance request will fail.
     */
    @JvmName("lmpeejptofmeackn")
    public suspend fun predefinedValues(`value`: CertificateTemplatePredefinedValuesArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.predefinedValues = mapped
    }

    /**
     * @param argument Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the
     * certificate request includes conflicting values for the same properties, they will be overwritten by the values defined
     * here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the
     * certificate issuance request will fail.
     */
    @JvmName("xkeuianyjiivcttq")
    public suspend fun predefinedValues(argument: suspend CertificateTemplatePredefinedValuesArgsBuilder.() -> Unit) {
        val toBeMapped = CertificateTemplatePredefinedValuesArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.predefinedValues = mapped
    }

    /**
     * @param value The project for the resource
     */
    @JvmName("jrjbsaslcmumfexq")
    public suspend fun project(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.project = mapped
    }

    internal fun build(): CertificateTemplateArgs = CertificateTemplateArgs(
        description = description,
        identityConstraints = identityConstraints,
        labels = labels,
        location = location,
        maximumLifetime = maximumLifetime,
        name = name,
        passthroughExtensions = passthroughExtensions,
        predefinedValues = predefinedValues,
        project = project,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy