All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.certificatemanager.kotlin.CertificateArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.certificatemanager.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.certificatemanager.CertificateArgs.builder
import com.pulumi.gcp.certificatemanager.kotlin.inputs.CertificateManagedArgs
import com.pulumi.gcp.certificatemanager.kotlin.inputs.CertificateManagedArgsBuilder
import com.pulumi.gcp.certificatemanager.kotlin.inputs.CertificateSelfManagedArgs
import com.pulumi.gcp.certificatemanager.kotlin.inputs.CertificateSelfManagedArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.Map
import kotlin.jvm.JvmName

/**
 * Certificate represents a HTTP-reachable backend for a Certificate.
 * ## Example Usage
 * ### Certificate Manager Google Managed Certificate Dns
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const instance = new gcp.certificatemanager.DnsAuthorization("instance", {
 *     name: "dns-auth",
 *     description: "The default dnss",
 *     domain: "subdomain.hashicorptest.com",
 * });
 * const instance2 = new gcp.certificatemanager.DnsAuthorization("instance2", {
 *     name: "dns-auth2",
 *     description: "The default dnss",
 *     domain: "subdomain2.hashicorptest.com",
 * });
 * const _default = new gcp.certificatemanager.Certificate("default", {
 *     name: "dns-cert",
 *     description: "The default cert",
 *     scope: "EDGE_CACHE",
 *     labels: {
 *         env: "test",
 *     },
 *     managed: {
 *         domains: [
 *             instance.domain,
 *             instance2.domain,
 *         ],
 *         dnsAuthorizations: [
 *             instance.id,
 *             instance2.id,
 *         ],
 *     },
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * instance = gcp.certificatemanager.DnsAuthorization("instance",
 *     name="dns-auth",
 *     description="The default dnss",
 *     domain="subdomain.hashicorptest.com")
 * instance2 = gcp.certificatemanager.DnsAuthorization("instance2",
 *     name="dns-auth2",
 *     description="The default dnss",
 *     domain="subdomain2.hashicorptest.com")
 * default = gcp.certificatemanager.Certificate("default",
 *     name="dns-cert",
 *     description="The default cert",
 *     scope="EDGE_CACHE",
 *     labels={
 *         "env": "test",
 *     },
 *     managed=gcp.certificatemanager.CertificateManagedArgs(
 *         domains=[
 *             instance.domain,
 *             instance2.domain,
 *         ],
 *         dns_authorizations=[
 *             instance.id,
 *             instance2.id,
 *         ],
 *     ))
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var instance = new Gcp.CertificateManager.DnsAuthorization("instance", new()
 *     {
 *         Name = "dns-auth",
 *         Description = "The default dnss",
 *         Domain = "subdomain.hashicorptest.com",
 *     });
 *     var instance2 = new Gcp.CertificateManager.DnsAuthorization("instance2", new()
 *     {
 *         Name = "dns-auth2",
 *         Description = "The default dnss",
 *         Domain = "subdomain2.hashicorptest.com",
 *     });
 *     var @default = new Gcp.CertificateManager.Certificate("default", new()
 *     {
 *         Name = "dns-cert",
 *         Description = "The default cert",
 *         Scope = "EDGE_CACHE",
 *         Labels =
 *         {
 *             { "env", "test" },
 *         },
 *         Managed = new Gcp.CertificateManager.Inputs.CertificateManagedArgs
 *         {
 *             Domains = new[]
 *             {
 *                 instance.Domain,
 *                 instance2.Domain,
 *             },
 *             DnsAuthorizations = new[]
 *             {
 *                 instance.Id,
 *                 instance2.Id,
 *             },
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		instance, err := certificatemanager.NewDnsAuthorization(ctx, "instance", &certificatemanager.DnsAuthorizationArgs{
 * 			Name:        pulumi.String("dns-auth"),
 * 			Description: pulumi.String("The default dnss"),
 * 			Domain:      pulumi.String("subdomain.hashicorptest.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		instance2, err := certificatemanager.NewDnsAuthorization(ctx, "instance2", &certificatemanager.DnsAuthorizationArgs{
 * 			Name:        pulumi.String("dns-auth2"),
 * 			Description: pulumi.String("The default dnss"),
 * 			Domain:      pulumi.String("subdomain2.hashicorptest.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
 * 			Name:        pulumi.String("dns-cert"),
 * 			Description: pulumi.String("The default cert"),
 * 			Scope:       pulumi.String("EDGE_CACHE"),
 * 			Labels: pulumi.StringMap{
 * 				"env": pulumi.String("test"),
 * 			},
 * 			Managed: &certificatemanager.CertificateManagedArgs{
 * 				Domains: pulumi.StringArray{
 * 					instance.Domain,
 * 					instance2.Domain,
 * 				},
 * 				DnsAuthorizations: pulumi.StringArray{
 * 					instance.ID(),
 * 					instance2.ID(),
 * 				},
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorization;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorizationArgs;
 * import com.pulumi.gcp.certificatemanager.Certificate;
 * import com.pulumi.gcp.certificatemanager.CertificateArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateManagedArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var instance = new DnsAuthorization("instance", DnsAuthorizationArgs.builder()
 *             .name("dns-auth")
 *             .description("The default dnss")
 *             .domain("subdomain.hashicorptest.com")
 *             .build());
 *         var instance2 = new DnsAuthorization("instance2", DnsAuthorizationArgs.builder()
 *             .name("dns-auth2")
 *             .description("The default dnss")
 *             .domain("subdomain2.hashicorptest.com")
 *             .build());
 *         var default_ = new Certificate("default", CertificateArgs.builder()
 *             .name("dns-cert")
 *             .description("The default cert")
 *             .scope("EDGE_CACHE")
 *             .labels(Map.of("env", "test"))
 *             .managed(CertificateManagedArgs.builder()
 *                 .domains(
 *                     instance.domain(),
 *                     instance2.domain())
 *                 .dnsAuthorizations(
 *                     instance.id(),
 *                     instance2.id())
 *                 .build())
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:certificatemanager:Certificate
 *     properties:
 *       name: dns-cert
 *       description: The default cert
 *       scope: EDGE_CACHE
 *       labels:
 *         env: test
 *       managed:
 *         domains:
 *           - ${instance.domain}
 *           - ${instance2.domain}
 *         dnsAuthorizations:
 *           - ${instance.id}
 *           - ${instance2.id}
 *   instance:
 *     type: gcp:certificatemanager:DnsAuthorization
 *     properties:
 *       name: dns-auth
 *       description: The default dnss
 *       domain: subdomain.hashicorptest.com
 *   instance2:
 *     type: gcp:certificatemanager:DnsAuthorization
 *     properties:
 *       name: dns-auth2
 *       description: The default dnss
 *       domain: subdomain2.hashicorptest.com
 * ```
 * 
 * ### Certificate Manager Google Managed Certificate Issuance Config
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const pool = new gcp.certificateauthority.CaPool("pool", {
 *     name: "ca-pool",
 *     location: "us-central1",
 *     tier: "ENTERPRISE",
 * });
 * // creating certificate_issuance_config to use it in the managed certificate
 * const issuanceconfig = new gcp.certificatemanager.CertificateIssuanceConfig("issuanceconfig", {
 *     name: "issuance-config",
 *     description: "sample description for the certificate issuanceConfigs",
 *     certificateAuthorityConfig: {
 *         certificateAuthorityServiceConfig: {
 *             caPool: pool.id,
 *         },
 *     },
 *     lifetime: "1814400s",
 *     rotationWindowPercentage: 34,
 *     keyAlgorithm: "ECDSA_P256",
 * });
 * const _default = new gcp.certificatemanager.Certificate("default", {
 *     name: "issuance-config-cert",
 *     description: "The default cert",
 *     scope: "EDGE_CACHE",
 *     managed: {
 *         domains: ["terraform.subdomain1.com"],
 *         issuanceConfig: issuanceconfig.id,
 *     },
 * });
 * const caAuthority = new gcp.certificateauthority.Authority("ca_authority", {
 *     location: "us-central1",
 *     pool: pool.name,
 *     certificateAuthorityId: "ca-authority",
 *     config: {
 *         subjectConfig: {
 *             subject: {
 *                 organization: "HashiCorp",
 *                 commonName: "my-certificate-authority",
 *             },
 *             subjectAltName: {
 *                 dnsNames: ["hashicorp.com"],
 *             },
 *         },
 *         x509Config: {
 *             caOptions: {
 *                 isCa: true,
 *             },
 *             keyUsage: {
 *                 baseKeyUsage: {
 *                     certSign: true,
 *                     crlSign: true,
 *                 },
 *                 extendedKeyUsage: {
 *                     serverAuth: true,
 *                 },
 *             },
 *         },
 *     },
 *     keySpec: {
 *         algorithm: "RSA_PKCS1_4096_SHA256",
 *     },
 *     deletionProtection: false,
 *     skipGracePeriod: true,
 *     ignoreActiveCertificatesOnDeletion: true,
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * pool = gcp.certificateauthority.CaPool("pool",
 *     name="ca-pool",
 *     location="us-central1",
 *     tier="ENTERPRISE")
 * # creating certificate_issuance_config to use it in the managed certificate
 * issuanceconfig = gcp.certificatemanager.CertificateIssuanceConfig("issuanceconfig",
 *     name="issuance-config",
 *     description="sample description for the certificate issuanceConfigs",
 *     certificate_authority_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs(
 *         certificate_authority_service_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs(
 *             ca_pool=pool.id,
 *         ),
 *     ),
 *     lifetime="1814400s",
 *     rotation_window_percentage=34,
 *     key_algorithm="ECDSA_P256")
 * default = gcp.certificatemanager.Certificate("default",
 *     name="issuance-config-cert",
 *     description="The default cert",
 *     scope="EDGE_CACHE",
 *     managed=gcp.certificatemanager.CertificateManagedArgs(
 *         domains=["terraform.subdomain1.com"],
 *         issuance_config=issuanceconfig.id,
 *     ))
 * ca_authority = gcp.certificateauthority.Authority("ca_authority",
 *     location="us-central1",
 *     pool=pool.name,
 *     certificate_authority_id="ca-authority",
 *     config=gcp.certificateauthority.AuthorityConfigArgs(
 *         subject_config=gcp.certificateauthority.AuthorityConfigSubjectConfigArgs(
 *             subject=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectArgs(
 *                 organization="HashiCorp",
 *                 common_name="my-certificate-authority",
 *             ),
 *             subject_alt_name=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs(
 *                 dns_names=["hashicorp.com"],
 *             ),
 *         ),
 *         x509_config=gcp.certificateauthority.AuthorityConfigX509ConfigArgs(
 *             ca_options=gcp.certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs(
 *                 is_ca=True,
 *             ),
 *             key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs(
 *                 base_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs(
 *                     cert_sign=True,
 *                     crl_sign=True,
 *                 ),
 *                 extended_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs(
 *                     server_auth=True,
 *                 ),
 *             ),
 *         ),
 *     ),
 *     key_spec=gcp.certificateauthority.AuthorityKeySpecArgs(
 *         algorithm="RSA_PKCS1_4096_SHA256",
 *     ),
 *     deletion_protection=False,
 *     skip_grace_period=True,
 *     ignore_active_certificates_on_deletion=True)
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var pool = new Gcp.CertificateAuthority.CaPool("pool", new()
 *     {
 *         Name = "ca-pool",
 *         Location = "us-central1",
 *         Tier = "ENTERPRISE",
 *     });
 *     // creating certificate_issuance_config to use it in the managed certificate
 *     var issuanceconfig = new Gcp.CertificateManager.CertificateIssuanceConfig("issuanceconfig", new()
 *     {
 *         Name = "issuance-config",
 *         Description = "sample description for the certificate issuanceConfigs",
 *         CertificateAuthorityConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
 *         {
 *             CertificateAuthorityServiceConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
 *             {
 *                 CaPool = pool.Id,
 *             },
 *         },
 *         Lifetime = "1814400s",
 *         RotationWindowPercentage = 34,
 *         KeyAlgorithm = "ECDSA_P256",
 *     });
 *     var @default = new Gcp.CertificateManager.Certificate("default", new()
 *     {
 *         Name = "issuance-config-cert",
 *         Description = "The default cert",
 *         Scope = "EDGE_CACHE",
 *         Managed = new Gcp.CertificateManager.Inputs.CertificateManagedArgs
 *         {
 *             Domains = new[]
 *             {
 *                 "terraform.subdomain1.com",
 *             },
 *             IssuanceConfig = issuanceconfig.Id,
 *         },
 *     });
 *     var caAuthority = new Gcp.CertificateAuthority.Authority("ca_authority", new()
 *     {
 *         Location = "us-central1",
 *         Pool = pool.Name,
 *         CertificateAuthorityId = "ca-authority",
 *         Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigArgs
 *         {
 *             SubjectConfig = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigArgs
 *             {
 *                 Subject = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectArgs
 *                 {
 *                     Organization = "HashiCorp",
 *                     CommonName = "my-certificate-authority",
 *                 },
 *                 SubjectAltName = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs
 *                 {
 *                     DnsNames = new[]
 *                     {
 *                         "hashicorp.com",
 *                     },
 *                 },
 *             },
 *             X509Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigArgs
 *             {
 *                 CaOptions = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigCaOptionsArgs
 *                 {
 *                     IsCa = true,
 *                 },
 *                 KeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageArgs
 *                 {
 *                     BaseKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs
 *                     {
 *                         CertSign = true,
 *                         CrlSign = true,
 *                     },
 *                     ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs
 *                     {
 *                         ServerAuth = true,
 *                     },
 *                 },
 *             },
 *         },
 *         KeySpec = new Gcp.CertificateAuthority.Inputs.AuthorityKeySpecArgs
 *         {
 *             Algorithm = "RSA_PKCS1_4096_SHA256",
 *         },
 *         DeletionProtection = false,
 *         SkipGracePeriod = true,
 *         IgnoreActiveCertificatesOnDeletion = true,
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificateauthority"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		pool, err := certificateauthority.NewCaPool(ctx, "pool", &certificateauthority.CaPoolArgs{
 * 			Name:     pulumi.String("ca-pool"),
 * 			Location: pulumi.String("us-central1"),
 * 			Tier:     pulumi.String("ENTERPRISE"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		// creating certificate_issuance_config to use it in the managed certificate
 * 		issuanceconfig, err := certificatemanager.NewCertificateIssuanceConfig(ctx, "issuanceconfig", &certificatemanager.CertificateIssuanceConfigArgs{
 * 			Name:        pulumi.String("issuance-config"),
 * 			Description: pulumi.String("sample description for the certificate issuanceConfigs"),
 * 			CertificateAuthorityConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs{
 * 				CertificateAuthorityServiceConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs{
 * 					CaPool: pool.ID(),
 * 				},
 * 			},
 * 			Lifetime:                 pulumi.String("1814400s"),
 * 			RotationWindowPercentage: pulumi.Int(34),
 * 			KeyAlgorithm:             pulumi.String("ECDSA_P256"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
 * 			Name:        pulumi.String("issuance-config-cert"),
 * 			Description: pulumi.String("The default cert"),
 * 			Scope:       pulumi.String("EDGE_CACHE"),
 * 			Managed: &certificatemanager.CertificateManagedArgs{
 * 				Domains: pulumi.StringArray{
 * 					pulumi.String("terraform.subdomain1.com"),
 * 				},
 * 				IssuanceConfig: issuanceconfig.ID(),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificateauthority.NewAuthority(ctx, "ca_authority", &certificateauthority.AuthorityArgs{
 * 			Location:               pulumi.String("us-central1"),
 * 			Pool:                   pool.Name,
 * 			CertificateAuthorityId: pulumi.String("ca-authority"),
 * 			Config: &certificateauthority.AuthorityConfigArgs{
 * 				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
 * 					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
 * 						Organization: pulumi.String("HashiCorp"),
 * 						CommonName:   pulumi.String("my-certificate-authority"),
 * 					},
 * 					SubjectAltName: &certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs{
 * 						DnsNames: pulumi.StringArray{
 * 							pulumi.String("hashicorp.com"),
 * 						},
 * 					},
 * 				},
 * 				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
 * 					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
 * 						IsCa: pulumi.Bool(true),
 * 					},
 * 					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
 * 						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
 * 							CertSign: pulumi.Bool(true),
 * 							CrlSign:  pulumi.Bool(true),
 * 						},
 * 						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
 * 							ServerAuth: pulumi.Bool(true),
 * 						},
 * 					},
 * 				},
 * 			},
 * 			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
 * 				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
 * 			},
 * 			DeletionProtection:                 pulumi.Bool(false),
 * 			SkipGracePeriod:                    pulumi.Bool(true),
 * 			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificateauthority.CaPool;
 * import com.pulumi.gcp.certificateauthority.CaPoolArgs;
 * import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfig;
 * import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs;
 * import com.pulumi.gcp.certificatemanager.Certificate;
 * import com.pulumi.gcp.certificatemanager.CertificateArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateManagedArgs;
 * import com.pulumi.gcp.certificateauthority.Authority;
 * import com.pulumi.gcp.certificateauthority.AuthorityArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var pool = new CaPool("pool", CaPoolArgs.builder()
 *             .name("ca-pool")
 *             .location("us-central1")
 *             .tier("ENTERPRISE")
 *             .build());
 *         // creating certificate_issuance_config to use it in the managed certificate
 *         var issuanceconfig = new CertificateIssuanceConfig("issuanceconfig", CertificateIssuanceConfigArgs.builder()
 *             .name("issuance-config")
 *             .description("sample description for the certificate issuanceConfigs")
 *             .certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder()
 *                 .certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder()
 *                     .caPool(pool.id())
 *                     .build())
 *                 .build())
 *             .lifetime("1814400s")
 *             .rotationWindowPercentage(34)
 *             .keyAlgorithm("ECDSA_P256")
 *             .build());
 *         var default_ = new Certificate("default", CertificateArgs.builder()
 *             .name("issuance-config-cert")
 *             .description("The default cert")
 *             .scope("EDGE_CACHE")
 *             .managed(CertificateManagedArgs.builder()
 *                 .domains("terraform.subdomain1.com")
 *                 .issuanceConfig(issuanceconfig.id())
 *                 .build())
 *             .build());
 *         var caAuthority = new Authority("caAuthority", AuthorityArgs.builder()
 *             .location("us-central1")
 *             .pool(pool.name())
 *             .certificateAuthorityId("ca-authority")
 *             .config(AuthorityConfigArgs.builder()
 *                 .subjectConfig(AuthorityConfigSubjectConfigArgs.builder()
 *                     .subject(AuthorityConfigSubjectConfigSubjectArgs.builder()
 *                         .organization("HashiCorp")
 *                         .commonName("my-certificate-authority")
 *                         .build())
 *                     .subjectAltName(AuthorityConfigSubjectConfigSubjectAltNameArgs.builder()
 *                         .dnsNames("hashicorp.com")
 *                         .build())
 *                     .build())
 *                 .x509Config(AuthorityConfigX509ConfigArgs.builder()
 *                     .caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder()
 *                         .isCa(true)
 *                         .build())
 *                     .keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder()
 *                         .baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder()
 *                             .certSign(true)
 *                             .crlSign(true)
 *                             .build())
 *                         .extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder()
 *                             .serverAuth(true)
 *                             .build())
 *                         .build())
 *                     .build())
 *                 .build())
 *             .keySpec(AuthorityKeySpecArgs.builder()
 *                 .algorithm("RSA_PKCS1_4096_SHA256")
 *                 .build())
 *             .deletionProtection(false)
 *             .skipGracePeriod(true)
 *             .ignoreActiveCertificatesOnDeletion(true)
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:certificatemanager:Certificate
 *     properties:
 *       name: issuance-config-cert
 *       description: The default cert
 *       scope: EDGE_CACHE
 *       managed:
 *         domains:
 *           - terraform.subdomain1.com
 *         issuanceConfig: ${issuanceconfig.id}
 *   # creating certificate_issuance_config to use it in the managed certificate
 *   issuanceconfig:
 *     type: gcp:certificatemanager:CertificateIssuanceConfig
 *     properties:
 *       name: issuance-config
 *       description: sample description for the certificate issuanceConfigs
 *       certificateAuthorityConfig:
 *         certificateAuthorityServiceConfig:
 *           caPool: ${pool.id}
 *       lifetime: 1814400s
 *       rotationWindowPercentage: 34
 *       keyAlgorithm: ECDSA_P256
 *   pool:
 *     type: gcp:certificateauthority:CaPool
 *     properties:
 *       name: ca-pool
 *       location: us-central1
 *       tier: ENTERPRISE
 *   caAuthority:
 *     type: gcp:certificateauthority:Authority
 *     name: ca_authority
 *     properties:
 *       location: us-central1
 *       pool: ${pool.name}
 *       certificateAuthorityId: ca-authority
 *       config:
 *         subjectConfig:
 *           subject:
 *             organization: HashiCorp
 *             commonName: my-certificate-authority
 *           subjectAltName:
 *             dnsNames:
 *               - hashicorp.com
 *         x509Config:
 *           caOptions:
 *             isCa: true
 *           keyUsage:
 *             baseKeyUsage:
 *               certSign: true
 *               crlSign: true
 *             extendedKeyUsage:
 *               serverAuth: true
 *       keySpec:
 *         algorithm: RSA_PKCS1_4096_SHA256
 *       deletionProtection: false
 *       skipGracePeriod: true
 *       ignoreActiveCertificatesOnDeletion: true
 * ```
 * 
 * ### Certificate Manager Certificate Basic
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const instance = new gcp.certificatemanager.DnsAuthorization("instance", {
 *     name: "dns-auth",
 *     description: "The default dnss",
 *     domain: "subdomain.hashicorptest.com",
 * });
 * const instance2 = new gcp.certificatemanager.DnsAuthorization("instance2", {
 *     name: "dns-auth2",
 *     description: "The default dnss",
 *     domain: "subdomain2.hashicorptest.com",
 * });
 * const _default = new gcp.certificatemanager.Certificate("default", {
 *     name: "self-managed-cert",
 *     description: "Global cert",
 *     scope: "EDGE_CACHE",
 *     managed: {
 *         domains: [
 *             instance.domain,
 *             instance2.domain,
 *         ],
 *         dnsAuthorizations: [
 *             instance.id,
 *             instance2.id,
 *         ],
 *     },
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * instance = gcp.certificatemanager.DnsAuthorization("instance",
 *     name="dns-auth",
 *     description="The default dnss",
 *     domain="subdomain.hashicorptest.com")
 * instance2 = gcp.certificatemanager.DnsAuthorization("instance2",
 *     name="dns-auth2",
 *     description="The default dnss",
 *     domain="subdomain2.hashicorptest.com")
 * default = gcp.certificatemanager.Certificate("default",
 *     name="self-managed-cert",
 *     description="Global cert",
 *     scope="EDGE_CACHE",
 *     managed=gcp.certificatemanager.CertificateManagedArgs(
 *         domains=[
 *             instance.domain,
 *             instance2.domain,
 *         ],
 *         dns_authorizations=[
 *             instance.id,
 *             instance2.id,
 *         ],
 *     ))
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var instance = new Gcp.CertificateManager.DnsAuthorization("instance", new()
 *     {
 *         Name = "dns-auth",
 *         Description = "The default dnss",
 *         Domain = "subdomain.hashicorptest.com",
 *     });
 *     var instance2 = new Gcp.CertificateManager.DnsAuthorization("instance2", new()
 *     {
 *         Name = "dns-auth2",
 *         Description = "The default dnss",
 *         Domain = "subdomain2.hashicorptest.com",
 *     });
 *     var @default = new Gcp.CertificateManager.Certificate("default", new()
 *     {
 *         Name = "self-managed-cert",
 *         Description = "Global cert",
 *         Scope = "EDGE_CACHE",
 *         Managed = new Gcp.CertificateManager.Inputs.CertificateManagedArgs
 *         {
 *             Domains = new[]
 *             {
 *                 instance.Domain,
 *                 instance2.Domain,
 *             },
 *             DnsAuthorizations = new[]
 *             {
 *                 instance.Id,
 *                 instance2.Id,
 *             },
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		instance, err := certificatemanager.NewDnsAuthorization(ctx, "instance", &certificatemanager.DnsAuthorizationArgs{
 * 			Name:        pulumi.String("dns-auth"),
 * 			Description: pulumi.String("The default dnss"),
 * 			Domain:      pulumi.String("subdomain.hashicorptest.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		instance2, err := certificatemanager.NewDnsAuthorization(ctx, "instance2", &certificatemanager.DnsAuthorizationArgs{
 * 			Name:        pulumi.String("dns-auth2"),
 * 			Description: pulumi.String("The default dnss"),
 * 			Domain:      pulumi.String("subdomain2.hashicorptest.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
 * 			Name:        pulumi.String("self-managed-cert"),
 * 			Description: pulumi.String("Global cert"),
 * 			Scope:       pulumi.String("EDGE_CACHE"),
 * 			Managed: &certificatemanager.CertificateManagedArgs{
 * 				Domains: pulumi.StringArray{
 * 					instance.Domain,
 * 					instance2.Domain,
 * 				},
 * 				DnsAuthorizations: pulumi.StringArray{
 * 					instance.ID(),
 * 					instance2.ID(),
 * 				},
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorization;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorizationArgs;
 * import com.pulumi.gcp.certificatemanager.Certificate;
 * import com.pulumi.gcp.certificatemanager.CertificateArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateManagedArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var instance = new DnsAuthorization("instance", DnsAuthorizationArgs.builder()
 *             .name("dns-auth")
 *             .description("The default dnss")
 *             .domain("subdomain.hashicorptest.com")
 *             .build());
 *         var instance2 = new DnsAuthorization("instance2", DnsAuthorizationArgs.builder()
 *             .name("dns-auth2")
 *             .description("The default dnss")
 *             .domain("subdomain2.hashicorptest.com")
 *             .build());
 *         var default_ = new Certificate("default", CertificateArgs.builder()
 *             .name("self-managed-cert")
 *             .description("Global cert")
 *             .scope("EDGE_CACHE")
 *             .managed(CertificateManagedArgs.builder()
 *                 .domains(
 *                     instance.domain(),
 *                     instance2.domain())
 *                 .dnsAuthorizations(
 *                     instance.id(),
 *                     instance2.id())
 *                 .build())
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:certificatemanager:Certificate
 *     properties:
 *       name: self-managed-cert
 *       description: Global cert
 *       scope: EDGE_CACHE
 *       managed:
 *         domains:
 *           - ${instance.domain}
 *           - ${instance2.domain}
 *         dnsAuthorizations:
 *           - ${instance.id}
 *           - ${instance2.id}
 *   instance:
 *     type: gcp:certificatemanager:DnsAuthorization
 *     properties:
 *       name: dns-auth
 *       description: The default dnss
 *       domain: subdomain.hashicorptest.com
 *   instance2:
 *     type: gcp:certificatemanager:DnsAuthorization
 *     properties:
 *       name: dns-auth2
 *       description: The default dnss
 *       domain: subdomain2.hashicorptest.com
 * ```
 * 
 * ### Certificate Manager Self Managed Certificate Regional
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * import * as std from "@pulumi/std";
 * const _default = new gcp.certificatemanager.Certificate("default", {
 *     name: "self-managed-cert",
 *     description: "Regional cert",
 *     location: "us-central1",
 *     selfManaged: {
 *         pemCertificate: std.file({
 *             input: "test-fixtures/cert.pem",
 *         }).then(invoke => invoke.result),
 *         pemPrivateKey: std.file({
 *             input: "test-fixtures/private-key.pem",
 *         }).then(invoke => invoke.result),
 *     },
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * import pulumi_std as std
 * default = gcp.certificatemanager.Certificate("default",
 *     name="self-managed-cert",
 *     description="Regional cert",
 *     location="us-central1",
 *     self_managed=gcp.certificatemanager.CertificateSelfManagedArgs(
 *         pem_certificate=std.file(input="test-fixtures/cert.pem").result,
 *         pem_private_key=std.file(input="test-fixtures/private-key.pem").result,
 *     ))
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * using Std = Pulumi.Std;
 * return await Deployment.RunAsync(() =>
 * {
 *     var @default = new Gcp.CertificateManager.Certificate("default", new()
 *     {
 *         Name = "self-managed-cert",
 *         Description = "Regional cert",
 *         Location = "us-central1",
 *         SelfManaged = new Gcp.CertificateManager.Inputs.CertificateSelfManagedArgs
 *         {
 *             PemCertificate = Std.File.Invoke(new()
 *             {
 *                 Input = "test-fixtures/cert.pem",
 *             }).Apply(invoke => invoke.Result),
 *             PemPrivateKey = Std.File.Invoke(new()
 *             {
 *                 Input = "test-fixtures/private-key.pem",
 *             }).Apply(invoke => invoke.Result),
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
 * 	"github.com/pulumi/pulumi-std/sdk/go/std"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		invokeFile, err := std.File(ctx, &std.FileArgs{
 * 			Input: "test-fixtures/cert.pem",
 * 		}, nil)
 * 		if err != nil {
 * 			return err
 * 		}
 * 		invokeFile1, err := std.File(ctx, &std.FileArgs{
 * 			Input: "test-fixtures/private-key.pem",
 * 		}, nil)
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
 * 			Name:        pulumi.String("self-managed-cert"),
 * 			Description: pulumi.String("Regional cert"),
 * 			Location:    pulumi.String("us-central1"),
 * 			SelfManaged: &certificatemanager.CertificateSelfManagedArgs{
 * 				PemCertificate: invokeFile.Result,
 * 				PemPrivateKey:  invokeFile1.Result,
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificatemanager.Certificate;
 * import com.pulumi.gcp.certificatemanager.CertificateArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateSelfManagedArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var default_ = new Certificate("default", CertificateArgs.builder()
 *             .name("self-managed-cert")
 *             .description("Regional cert")
 *             .location("us-central1")
 *             .selfManaged(CertificateSelfManagedArgs.builder()
 *                 .pemCertificate(StdFunctions.file(FileArgs.builder()
 *                     .input("test-fixtures/cert.pem")
 *                     .build()).result())
 *                 .pemPrivateKey(StdFunctions.file(FileArgs.builder()
 *                     .input("test-fixtures/private-key.pem")
 *                     .build()).result())
 *                 .build())
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:certificatemanager:Certificate
 *     properties:
 *       name: self-managed-cert
 *       description: Regional cert
 *       location: us-central1
 *       selfManaged:
 *         pemCertificate:
 *           fn::invoke:
 *             Function: std:file
 *             Arguments:
 *               input: test-fixtures/cert.pem
 *             Return: result
 *         pemPrivateKey:
 *           fn::invoke:
 *             Function: std:file
 *             Arguments:
 *               input: test-fixtures/private-key.pem
 *             Return: result
 * ```
 * 
 * ### Certificate Manager Google Managed Certificate Issuance Config All Regions
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const pool = new gcp.certificateauthority.CaPool("pool", {
 *     name: "ca-pool",
 *     location: "us-central1",
 *     tier: "ENTERPRISE",
 * });
 * // creating certificate_issuance_config to use it in the managed certificate
 * const issuanceconfig = new gcp.certificatemanager.CertificateIssuanceConfig("issuanceconfig", {
 *     name: "issuance-config",
 *     description: "sample description for the certificate issuanceConfigs",
 *     certificateAuthorityConfig: {
 *         certificateAuthorityServiceConfig: {
 *             caPool: pool.id,
 *         },
 *     },
 *     lifetime: "1814400s",
 *     rotationWindowPercentage: 34,
 *     keyAlgorithm: "ECDSA_P256",
 * });
 * const _default = new gcp.certificatemanager.Certificate("default", {
 *     name: "issuance-config-cert",
 *     description: "sample google managed all_regions certificate with issuance config for terraform",
 *     scope: "ALL_REGIONS",
 *     managed: {
 *         domains: ["terraform.subdomain1.com"],
 *         issuanceConfig: issuanceconfig.id,
 *     },
 * });
 * const caAuthority = new gcp.certificateauthority.Authority("ca_authority", {
 *     location: "us-central1",
 *     pool: pool.name,
 *     certificateAuthorityId: "ca-authority",
 *     config: {
 *         subjectConfig: {
 *             subject: {
 *                 organization: "HashiCorp",
 *                 commonName: "my-certificate-authority",
 *             },
 *             subjectAltName: {
 *                 dnsNames: ["hashicorp.com"],
 *             },
 *         },
 *         x509Config: {
 *             caOptions: {
 *                 isCa: true,
 *             },
 *             keyUsage: {
 *                 baseKeyUsage: {
 *                     certSign: true,
 *                     crlSign: true,
 *                 },
 *                 extendedKeyUsage: {
 *                     serverAuth: true,
 *                 },
 *             },
 *         },
 *     },
 *     keySpec: {
 *         algorithm: "RSA_PKCS1_4096_SHA256",
 *     },
 *     deletionProtection: false,
 *     skipGracePeriod: true,
 *     ignoreActiveCertificatesOnDeletion: true,
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * pool = gcp.certificateauthority.CaPool("pool",
 *     name="ca-pool",
 *     location="us-central1",
 *     tier="ENTERPRISE")
 * # creating certificate_issuance_config to use it in the managed certificate
 * issuanceconfig = gcp.certificatemanager.CertificateIssuanceConfig("issuanceconfig",
 *     name="issuance-config",
 *     description="sample description for the certificate issuanceConfigs",
 *     certificate_authority_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs(
 *         certificate_authority_service_config=gcp.certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs(
 *             ca_pool=pool.id,
 *         ),
 *     ),
 *     lifetime="1814400s",
 *     rotation_window_percentage=34,
 *     key_algorithm="ECDSA_P256")
 * default = gcp.certificatemanager.Certificate("default",
 *     name="issuance-config-cert",
 *     description="sample google managed all_regions certificate with issuance config for terraform",
 *     scope="ALL_REGIONS",
 *     managed=gcp.certificatemanager.CertificateManagedArgs(
 *         domains=["terraform.subdomain1.com"],
 *         issuance_config=issuanceconfig.id,
 *     ))
 * ca_authority = gcp.certificateauthority.Authority("ca_authority",
 *     location="us-central1",
 *     pool=pool.name,
 *     certificate_authority_id="ca-authority",
 *     config=gcp.certificateauthority.AuthorityConfigArgs(
 *         subject_config=gcp.certificateauthority.AuthorityConfigSubjectConfigArgs(
 *             subject=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectArgs(
 *                 organization="HashiCorp",
 *                 common_name="my-certificate-authority",
 *             ),
 *             subject_alt_name=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs(
 *                 dns_names=["hashicorp.com"],
 *             ),
 *         ),
 *         x509_config=gcp.certificateauthority.AuthorityConfigX509ConfigArgs(
 *             ca_options=gcp.certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs(
 *                 is_ca=True,
 *             ),
 *             key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs(
 *                 base_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs(
 *                     cert_sign=True,
 *                     crl_sign=True,
 *                 ),
 *                 extended_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs(
 *                     server_auth=True,
 *                 ),
 *             ),
 *         ),
 *     ),
 *     key_spec=gcp.certificateauthority.AuthorityKeySpecArgs(
 *         algorithm="RSA_PKCS1_4096_SHA256",
 *     ),
 *     deletion_protection=False,
 *     skip_grace_period=True,
 *     ignore_active_certificates_on_deletion=True)
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var pool = new Gcp.CertificateAuthority.CaPool("pool", new()
 *     {
 *         Name = "ca-pool",
 *         Location = "us-central1",
 *         Tier = "ENTERPRISE",
 *     });
 *     // creating certificate_issuance_config to use it in the managed certificate
 *     var issuanceconfig = new Gcp.CertificateManager.CertificateIssuanceConfig("issuanceconfig", new()
 *     {
 *         Name = "issuance-config",
 *         Description = "sample description for the certificate issuanceConfigs",
 *         CertificateAuthorityConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
 *         {
 *             CertificateAuthorityServiceConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
 *             {
 *                 CaPool = pool.Id,
 *             },
 *         },
 *         Lifetime = "1814400s",
 *         RotationWindowPercentage = 34,
 *         KeyAlgorithm = "ECDSA_P256",
 *     });
 *     var @default = new Gcp.CertificateManager.Certificate("default", new()
 *     {
 *         Name = "issuance-config-cert",
 *         Description = "sample google managed all_regions certificate with issuance config for terraform",
 *         Scope = "ALL_REGIONS",
 *         Managed = new Gcp.CertificateManager.Inputs.CertificateManagedArgs
 *         {
 *             Domains = new[]
 *             {
 *                 "terraform.subdomain1.com",
 *             },
 *             IssuanceConfig = issuanceconfig.Id,
 *         },
 *     });
 *     var caAuthority = new Gcp.CertificateAuthority.Authority("ca_authority", new()
 *     {
 *         Location = "us-central1",
 *         Pool = pool.Name,
 *         CertificateAuthorityId = "ca-authority",
 *         Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigArgs
 *         {
 *             SubjectConfig = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigArgs
 *             {
 *                 Subject = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectArgs
 *                 {
 *                     Organization = "HashiCorp",
 *                     CommonName = "my-certificate-authority",
 *                 },
 *                 SubjectAltName = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs
 *                 {
 *                     DnsNames = new[]
 *                     {
 *                         "hashicorp.com",
 *                     },
 *                 },
 *             },
 *             X509Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigArgs
 *             {
 *                 CaOptions = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigCaOptionsArgs
 *                 {
 *                     IsCa = true,
 *                 },
 *                 KeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageArgs
 *                 {
 *                     BaseKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs
 *                     {
 *                         CertSign = true,
 *                         CrlSign = true,
 *                     },
 *                     ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs
 *                     {
 *                         ServerAuth = true,
 *                     },
 *                 },
 *             },
 *         },
 *         KeySpec = new Gcp.CertificateAuthority.Inputs.AuthorityKeySpecArgs
 *         {
 *             Algorithm = "RSA_PKCS1_4096_SHA256",
 *         },
 *         DeletionProtection = false,
 *         SkipGracePeriod = true,
 *         IgnoreActiveCertificatesOnDeletion = true,
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificateauthority"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		pool, err := certificateauthority.NewCaPool(ctx, "pool", &certificateauthority.CaPoolArgs{
 * 			Name:     pulumi.String("ca-pool"),
 * 			Location: pulumi.String("us-central1"),
 * 			Tier:     pulumi.String("ENTERPRISE"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		// creating certificate_issuance_config to use it in the managed certificate
 * 		issuanceconfig, err := certificatemanager.NewCertificateIssuanceConfig(ctx, "issuanceconfig", &certificatemanager.CertificateIssuanceConfigArgs{
 * 			Name:        pulumi.String("issuance-config"),
 * 			Description: pulumi.String("sample description for the certificate issuanceConfigs"),
 * 			CertificateAuthorityConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs{
 * 				CertificateAuthorityServiceConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs{
 * 					CaPool: pool.ID(),
 * 				},
 * 			},
 * 			Lifetime:                 pulumi.String("1814400s"),
 * 			RotationWindowPercentage: pulumi.Int(34),
 * 			KeyAlgorithm:             pulumi.String("ECDSA_P256"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
 * 			Name:        pulumi.String("issuance-config-cert"),
 * 			Description: pulumi.String("sample google managed all_regions certificate with issuance config for terraform"),
 * 			Scope:       pulumi.String("ALL_REGIONS"),
 * 			Managed: &certificatemanager.CertificateManagedArgs{
 * 				Domains: pulumi.StringArray{
 * 					pulumi.String("terraform.subdomain1.com"),
 * 				},
 * 				IssuanceConfig: issuanceconfig.ID(),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificateauthority.NewAuthority(ctx, "ca_authority", &certificateauthority.AuthorityArgs{
 * 			Location:               pulumi.String("us-central1"),
 * 			Pool:                   pool.Name,
 * 			CertificateAuthorityId: pulumi.String("ca-authority"),
 * 			Config: &certificateauthority.AuthorityConfigArgs{
 * 				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
 * 					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
 * 						Organization: pulumi.String("HashiCorp"),
 * 						CommonName:   pulumi.String("my-certificate-authority"),
 * 					},
 * 					SubjectAltName: &certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs{
 * 						DnsNames: pulumi.StringArray{
 * 							pulumi.String("hashicorp.com"),
 * 						},
 * 					},
 * 				},
 * 				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
 * 					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
 * 						IsCa: pulumi.Bool(true),
 * 					},
 * 					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
 * 						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
 * 							CertSign: pulumi.Bool(true),
 * 							CrlSign:  pulumi.Bool(true),
 * 						},
 * 						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
 * 							ServerAuth: pulumi.Bool(true),
 * 						},
 * 					},
 * 				},
 * 			},
 * 			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
 * 				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
 * 			},
 * 			DeletionProtection:                 pulumi.Bool(false),
 * 			SkipGracePeriod:                    pulumi.Bool(true),
 * 			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificateauthority.CaPool;
 * import com.pulumi.gcp.certificateauthority.CaPoolArgs;
 * import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfig;
 * import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs;
 * import com.pulumi.gcp.certificatemanager.Certificate;
 * import com.pulumi.gcp.certificatemanager.CertificateArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateManagedArgs;
 * import com.pulumi.gcp.certificateauthority.Authority;
 * import com.pulumi.gcp.certificateauthority.AuthorityArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs;
 * import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var pool = new CaPool("pool", CaPoolArgs.builder()
 *             .name("ca-pool")
 *             .location("us-central1")
 *             .tier("ENTERPRISE")
 *             .build());
 *         // creating certificate_issuance_config to use it in the managed certificate
 *         var issuanceconfig = new CertificateIssuanceConfig("issuanceconfig", CertificateIssuanceConfigArgs.builder()
 *             .name("issuance-config")
 *             .description("sample description for the certificate issuanceConfigs")
 *             .certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder()
 *                 .certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder()
 *                     .caPool(pool.id())
 *                     .build())
 *                 .build())
 *             .lifetime("1814400s")
 *             .rotationWindowPercentage(34)
 *             .keyAlgorithm("ECDSA_P256")
 *             .build());
 *         var default_ = new Certificate("default", CertificateArgs.builder()
 *             .name("issuance-config-cert")
 *             .description("sample google managed all_regions certificate with issuance config for terraform")
 *             .scope("ALL_REGIONS")
 *             .managed(CertificateManagedArgs.builder()
 *                 .domains("terraform.subdomain1.com")
 *                 .issuanceConfig(issuanceconfig.id())
 *                 .build())
 *             .build());
 *         var caAuthority = new Authority("caAuthority", AuthorityArgs.builder()
 *             .location("us-central1")
 *             .pool(pool.name())
 *             .certificateAuthorityId("ca-authority")
 *             .config(AuthorityConfigArgs.builder()
 *                 .subjectConfig(AuthorityConfigSubjectConfigArgs.builder()
 *                     .subject(AuthorityConfigSubjectConfigSubjectArgs.builder()
 *                         .organization("HashiCorp")
 *                         .commonName("my-certificate-authority")
 *                         .build())
 *                     .subjectAltName(AuthorityConfigSubjectConfigSubjectAltNameArgs.builder()
 *                         .dnsNames("hashicorp.com")
 *                         .build())
 *                     .build())
 *                 .x509Config(AuthorityConfigX509ConfigArgs.builder()
 *                     .caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder()
 *                         .isCa(true)
 *                         .build())
 *                     .keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder()
 *                         .baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder()
 *                             .certSign(true)
 *                             .crlSign(true)
 *                             .build())
 *                         .extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder()
 *                             .serverAuth(true)
 *                             .build())
 *                         .build())
 *                     .build())
 *                 .build())
 *             .keySpec(AuthorityKeySpecArgs.builder()
 *                 .algorithm("RSA_PKCS1_4096_SHA256")
 *                 .build())
 *             .deletionProtection(false)
 *             .skipGracePeriod(true)
 *             .ignoreActiveCertificatesOnDeletion(true)
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:certificatemanager:Certificate
 *     properties:
 *       name: issuance-config-cert
 *       description: sample google managed all_regions certificate with issuance config for terraform
 *       scope: ALL_REGIONS
 *       managed:
 *         domains:
 *           - terraform.subdomain1.com
 *         issuanceConfig: ${issuanceconfig.id}
 *   # creating certificate_issuance_config to use it in the managed certificate
 *   issuanceconfig:
 *     type: gcp:certificatemanager:CertificateIssuanceConfig
 *     properties:
 *       name: issuance-config
 *       description: sample description for the certificate issuanceConfigs
 *       certificateAuthorityConfig:
 *         certificateAuthorityServiceConfig:
 *           caPool: ${pool.id}
 *       lifetime: 1814400s
 *       rotationWindowPercentage: 34
 *       keyAlgorithm: ECDSA_P256
 *   pool:
 *     type: gcp:certificateauthority:CaPool
 *     properties:
 *       name: ca-pool
 *       location: us-central1
 *       tier: ENTERPRISE
 *   caAuthority:
 *     type: gcp:certificateauthority:Authority
 *     name: ca_authority
 *     properties:
 *       location: us-central1
 *       pool: ${pool.name}
 *       certificateAuthorityId: ca-authority
 *       config:
 *         subjectConfig:
 *           subject:
 *             organization: HashiCorp
 *             commonName: my-certificate-authority
 *           subjectAltName:
 *             dnsNames:
 *               - hashicorp.com
 *         x509Config:
 *           caOptions:
 *             isCa: true
 *           keyUsage:
 *             baseKeyUsage:
 *               certSign: true
 *               crlSign: true
 *             extendedKeyUsage:
 *               serverAuth: true
 *       keySpec:
 *         algorithm: RSA_PKCS1_4096_SHA256
 *       deletionProtection: false
 *       skipGracePeriod: true
 *       ignoreActiveCertificatesOnDeletion: true
 * ```
 * 
 * ### Certificate Manager Google Managed Certificate Dns All Regions
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const instance = new gcp.certificatemanager.DnsAuthorization("instance", {
 *     name: "dns-auth",
 *     description: "The default dnss",
 *     domain: "subdomain.hashicorptest.com",
 * });
 * const instance2 = new gcp.certificatemanager.DnsAuthorization("instance2", {
 *     name: "dns-auth2",
 *     description: "The default dnss",
 *     domain: "subdomain2.hashicorptest.com",
 * });
 * const _default = new gcp.certificatemanager.Certificate("default", {
 *     name: "dns-cert",
 *     description: "The default cert",
 *     scope: "ALL_REGIONS",
 *     managed: {
 *         domains: [
 *             instance.domain,
 *             instance2.domain,
 *         ],
 *         dnsAuthorizations: [
 *             instance.id,
 *             instance2.id,
 *         ],
 *     },
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * instance = gcp.certificatemanager.DnsAuthorization("instance",
 *     name="dns-auth",
 *     description="The default dnss",
 *     domain="subdomain.hashicorptest.com")
 * instance2 = gcp.certificatemanager.DnsAuthorization("instance2",
 *     name="dns-auth2",
 *     description="The default dnss",
 *     domain="subdomain2.hashicorptest.com")
 * default = gcp.certificatemanager.Certificate("default",
 *     name="dns-cert",
 *     description="The default cert",
 *     scope="ALL_REGIONS",
 *     managed=gcp.certificatemanager.CertificateManagedArgs(
 *         domains=[
 *             instance.domain,
 *             instance2.domain,
 *         ],
 *         dns_authorizations=[
 *             instance.id,
 *             instance2.id,
 *         ],
 *     ))
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var instance = new Gcp.CertificateManager.DnsAuthorization("instance", new()
 *     {
 *         Name = "dns-auth",
 *         Description = "The default dnss",
 *         Domain = "subdomain.hashicorptest.com",
 *     });
 *     var instance2 = new Gcp.CertificateManager.DnsAuthorization("instance2", new()
 *     {
 *         Name = "dns-auth2",
 *         Description = "The default dnss",
 *         Domain = "subdomain2.hashicorptest.com",
 *     });
 *     var @default = new Gcp.CertificateManager.Certificate("default", new()
 *     {
 *         Name = "dns-cert",
 *         Description = "The default cert",
 *         Scope = "ALL_REGIONS",
 *         Managed = new Gcp.CertificateManager.Inputs.CertificateManagedArgs
 *         {
 *             Domains = new[]
 *             {
 *                 instance.Domain,
 *                 instance2.Domain,
 *             },
 *             DnsAuthorizations = new[]
 *             {
 *                 instance.Id,
 *                 instance2.Id,
 *             },
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		instance, err := certificatemanager.NewDnsAuthorization(ctx, "instance", &certificatemanager.DnsAuthorizationArgs{
 * 			Name:        pulumi.String("dns-auth"),
 * 			Description: pulumi.String("The default dnss"),
 * 			Domain:      pulumi.String("subdomain.hashicorptest.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		instance2, err := certificatemanager.NewDnsAuthorization(ctx, "instance2", &certificatemanager.DnsAuthorizationArgs{
 * 			Name:        pulumi.String("dns-auth2"),
 * 			Description: pulumi.String("The default dnss"),
 * 			Domain:      pulumi.String("subdomain2.hashicorptest.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
 * 			Name:        pulumi.String("dns-cert"),
 * 			Description: pulumi.String("The default cert"),
 * 			Scope:       pulumi.String("ALL_REGIONS"),
 * 			Managed: &certificatemanager.CertificateManagedArgs{
 * 				Domains: pulumi.StringArray{
 * 					instance.Domain,
 * 					instance2.Domain,
 * 				},
 * 				DnsAuthorizations: pulumi.StringArray{
 * 					instance.ID(),
 * 					instance2.ID(),
 * 				},
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorization;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorizationArgs;
 * import com.pulumi.gcp.certificatemanager.Certificate;
 * import com.pulumi.gcp.certificatemanager.CertificateArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateManagedArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var instance = new DnsAuthorization("instance", DnsAuthorizationArgs.builder()
 *             .name("dns-auth")
 *             .description("The default dnss")
 *             .domain("subdomain.hashicorptest.com")
 *             .build());
 *         var instance2 = new DnsAuthorization("instance2", DnsAuthorizationArgs.builder()
 *             .name("dns-auth2")
 *             .description("The default dnss")
 *             .domain("subdomain2.hashicorptest.com")
 *             .build());
 *         var default_ = new Certificate("default", CertificateArgs.builder()
 *             .name("dns-cert")
 *             .description("The default cert")
 *             .scope("ALL_REGIONS")
 *             .managed(CertificateManagedArgs.builder()
 *                 .domains(
 *                     instance.domain(),
 *                     instance2.domain())
 *                 .dnsAuthorizations(
 *                     instance.id(),
 *                     instance2.id())
 *                 .build())
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:certificatemanager:Certificate
 *     properties:
 *       name: dns-cert
 *       description: The default cert
 *       scope: ALL_REGIONS
 *       managed:
 *         domains:
 *           - ${instance.domain}
 *           - ${instance2.domain}
 *         dnsAuthorizations:
 *           - ${instance.id}
 *           - ${instance2.id}
 *   instance:
 *     type: gcp:certificatemanager:DnsAuthorization
 *     properties:
 *       name: dns-auth
 *       description: The default dnss
 *       domain: subdomain.hashicorptest.com
 *   instance2:
 *     type: gcp:certificatemanager:DnsAuthorization
 *     properties:
 *       name: dns-auth2
 *       description: The default dnss
 *       domain: subdomain2.hashicorptest.com
 * ```
 * 
 * ### Certificate Manager Google Managed Regional Certificate Dns Auth
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const instance = new gcp.certificatemanager.DnsAuthorization("instance", {
 *     name: "dns-auth",
 *     location: "us-central1",
 *     description: "The default dnss",
 *     domain: "subdomain.hashicorptest.com",
 * });
 * const _default = new gcp.certificatemanager.Certificate("default", {
 *     name: "dns-cert",
 *     description: "regional managed certs",
 *     location: "us-central1",
 *     managed: {
 *         domains: [instance.domain],
 *         dnsAuthorizations: [instance.id],
 *     },
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * instance = gcp.certificatemanager.DnsAuthorization("instance",
 *     name="dns-auth",
 *     location="us-central1",
 *     description="The default dnss",
 *     domain="subdomain.hashicorptest.com")
 * default = gcp.certificatemanager.Certificate("default",
 *     name="dns-cert",
 *     description="regional managed certs",
 *     location="us-central1",
 *     managed=gcp.certificatemanager.CertificateManagedArgs(
 *         domains=[instance.domain],
 *         dns_authorizations=[instance.id],
 *     ))
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var instance = new Gcp.CertificateManager.DnsAuthorization("instance", new()
 *     {
 *         Name = "dns-auth",
 *         Location = "us-central1",
 *         Description = "The default dnss",
 *         Domain = "subdomain.hashicorptest.com",
 *     });
 *     var @default = new Gcp.CertificateManager.Certificate("default", new()
 *     {
 *         Name = "dns-cert",
 *         Description = "regional managed certs",
 *         Location = "us-central1",
 *         Managed = new Gcp.CertificateManager.Inputs.CertificateManagedArgs
 *         {
 *             Domains = new[]
 *             {
 *                 instance.Domain,
 *             },
 *             DnsAuthorizations = new[]
 *             {
 *                 instance.Id,
 *             },
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		instance, err := certificatemanager.NewDnsAuthorization(ctx, "instance", &certificatemanager.DnsAuthorizationArgs{
 * 			Name:        pulumi.String("dns-auth"),
 * 			Location:    pulumi.String("us-central1"),
 * 			Description: pulumi.String("The default dnss"),
 * 			Domain:      pulumi.String("subdomain.hashicorptest.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
 * 			Name:        pulumi.String("dns-cert"),
 * 			Description: pulumi.String("regional managed certs"),
 * 			Location:    pulumi.String("us-central1"),
 * 			Managed: &certificatemanager.CertificateManagedArgs{
 * 				Domains: pulumi.StringArray{
 * 					instance.Domain,
 * 				},
 * 				DnsAuthorizations: pulumi.StringArray{
 * 					instance.ID(),
 * 				},
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorization;
 * import com.pulumi.gcp.certificatemanager.DnsAuthorizationArgs;
 * import com.pulumi.gcp.certificatemanager.Certificate;
 * import com.pulumi.gcp.certificatemanager.CertificateArgs;
 * import com.pulumi.gcp.certificatemanager.inputs.CertificateManagedArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var instance = new DnsAuthorization("instance", DnsAuthorizationArgs.builder()
 *             .name("dns-auth")
 *             .location("us-central1")
 *             .description("The default dnss")
 *             .domain("subdomain.hashicorptest.com")
 *             .build());
 *         var default_ = new Certificate("default", CertificateArgs.builder()
 *             .name("dns-cert")
 *             .description("regional managed certs")
 *             .location("us-central1")
 *             .managed(CertificateManagedArgs.builder()
 *                 .domains(instance.domain())
 *                 .dnsAuthorizations(instance.id())
 *                 .build())
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:certificatemanager:Certificate
 *     properties:
 *       name: dns-cert
 *       description: regional managed certs
 *       location: us-central1
 *       managed:
 *         domains:
 *           - ${instance.domain}
 *         dnsAuthorizations:
 *           - ${instance.id}
 *   instance:
 *     type: gcp:certificatemanager:DnsAuthorization
 *     properties:
 *       name: dns-auth
 *       location: us-central1
 *       description: The default dnss
 *       domain: subdomain.hashicorptest.com
 * ```
 * 
 * ## Import
 * Certificate can be imported using any of these accepted formats:
 * * `projects/{{project}}/locations/{{location}}/certificates/{{name}}`
 * * `{{project}}/{{location}}/{{name}}`
 * * `{{location}}/{{name}}`
 * When using the `pulumi import` command, Certificate can be imported using one of the formats above. For example:
 * ```sh
 * $ pulumi import gcp:certificatemanager/certificate:Certificate default projects/{{project}}/locations/{{location}}/certificates/{{name}}
 * ```
 * ```sh
 * $ pulumi import gcp:certificatemanager/certificate:Certificate default {{project}}/{{location}}/{{name}}
 * ```
 * ```sh
 * $ pulumi import gcp:certificatemanager/certificate:Certificate default {{location}}/{{name}}
 * ```
 * @property description A human-readable description of the resource.
 * @property labels Set of label tags associated with the Certificate resource.
 * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
 * Please refer to the field `effective_labels` for all of the labels present on the resource.
 * @property location The Certificate Manager location. If not specified, "global" is used.
 * @property managed Configuration and state of a Managed Certificate.
 * Certificate Manager provisions and renews Managed Certificates
 * automatically, for as long as it's authorized to do so.
 * Structure is documented below.
 * @property name A user-defined name of the certificate. Certificate names must be unique
 * The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
 * and all following characters must be a dash, underscore, letter or digit.
 * - - -
 * @property project The ID of the project in which the resource belongs.
 * If it is not provided, the provider project is used.
 * @property scope The scope of the certificate.
 * DEFAULT: Certificates with default scope are served from core Google data centers.
 * If unsure, choose this option.
 * EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from Edge Points of Presence.
 * See https://cloud.google.com/vpc/docs/edge-locations.
 * ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs).
 * See https://cloud.google.com/compute/docs/regions-zones
 * @property selfManaged Certificate data for a SelfManaged Certificate.
 * SelfManaged Certificates are uploaded by the user. Updating such
 * certificates before they expire remains the user's responsibility.
 * Structure is documented below.
 */
public data class CertificateArgs(
    public val description: Output? = null,
    public val labels: Output>? = null,
    public val location: Output? = null,
    public val managed: Output? = null,
    public val name: Output? = null,
    public val project: Output? = null,
    public val scope: Output? = null,
    public val selfManaged: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.certificatemanager.CertificateArgs =
        com.pulumi.gcp.certificatemanager.CertificateArgs.builder()
            .description(description?.applyValue({ args0 -> args0 }))
            .labels(labels?.applyValue({ args0 -> args0.map({ args0 -> args0.key.to(args0.value) }).toMap() }))
            .location(location?.applyValue({ args0 -> args0 }))
            .managed(managed?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .name(name?.applyValue({ args0 -> args0 }))
            .project(project?.applyValue({ args0 -> args0 }))
            .scope(scope?.applyValue({ args0 -> args0 }))
            .selfManaged(selfManaged?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) })).build()
}

/**
 * Builder for [CertificateArgs].
 */
@PulumiTagMarker
public class CertificateArgsBuilder internal constructor() {
    private var description: Output? = null

    private var labels: Output>? = null

    private var location: Output? = null

    private var managed: Output? = null

    private var name: Output? = null

    private var project: Output? = null

    private var scope: Output? = null

    private var selfManaged: Output? = null

    /**
     * @param value A human-readable description of the resource.
     */
    @JvmName("dxocmcqbtwoqllxx")
    public suspend fun description(`value`: Output) {
        this.description = value
    }

    /**
     * @param value Set of label tags associated with the Certificate resource.
     * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
     * Please refer to the field `effective_labels` for all of the labels present on the resource.
     */
    @JvmName("sxutxuobixgrpkcj")
    public suspend fun labels(`value`: Output>) {
        this.labels = value
    }

    /**
     * @param value The Certificate Manager location. If not specified, "global" is used.
     */
    @JvmName("qlmhcauiqqlxidvf")
    public suspend fun location(`value`: Output) {
        this.location = value
    }

    /**
     * @param value Configuration and state of a Managed Certificate.
     * Certificate Manager provisions and renews Managed Certificates
     * automatically, for as long as it's authorized to do so.
     * Structure is documented below.
     */
    @JvmName("eatjnnhyfjgimhkv")
    public suspend fun managed(`value`: Output) {
        this.managed = value
    }

    /**
     * @param value A user-defined name of the certificate. Certificate names must be unique
     * The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
     * and all following characters must be a dash, underscore, letter or digit.
     * - - -
     */
    @JvmName("ngadbggmlcaxrryw")
    public suspend fun name(`value`: Output) {
        this.name = value
    }

    /**
     * @param value The ID of the project in which the resource belongs.
     * If it is not provided, the provider project is used.
     */
    @JvmName("stethwpdxqxgbokm")
    public suspend fun project(`value`: Output) {
        this.project = value
    }

    /**
     * @param value The scope of the certificate.
     * DEFAULT: Certificates with default scope are served from core Google data centers.
     * If unsure, choose this option.
     * EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from Edge Points of Presence.
     * See https://cloud.google.com/vpc/docs/edge-locations.
     * ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs).
     * See https://cloud.google.com/compute/docs/regions-zones
     */
    @JvmName("gmwysogpimynbouf")
    public suspend fun scope(`value`: Output) {
        this.scope = value
    }

    /**
     * @param value Certificate data for a SelfManaged Certificate.
     * SelfManaged Certificates are uploaded by the user. Updating such
     * certificates before they expire remains the user's responsibility.
     * Structure is documented below.
     */
    @JvmName("jryqqagdtcavsxrx")
    public suspend fun selfManaged(`value`: Output) {
        this.selfManaged = value
    }

    /**
     * @param value A human-readable description of the resource.
     */
    @JvmName("iqfbhwiaivggyuqd")
    public suspend fun description(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.description = mapped
    }

    /**
     * @param value Set of label tags associated with the Certificate resource.
     * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
     * Please refer to the field `effective_labels` for all of the labels present on the resource.
     */
    @JvmName("hfvcvpueigmchqti")
    public suspend fun labels(`value`: Map?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.labels = mapped
    }

    /**
     * @param values Set of label tags associated with the Certificate resource.
     * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
     * Please refer to the field `effective_labels` for all of the labels present on the resource.
     */
    @JvmName("oqictdmwhbiirqnk")
    public fun labels(vararg values: Pair) {
        val toBeMapped = values.toMap()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.labels = mapped
    }

    /**
     * @param value The Certificate Manager location. If not specified, "global" is used.
     */
    @JvmName("kdcnhmfpceipxrci")
    public suspend fun location(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.location = mapped
    }

    /**
     * @param value Configuration and state of a Managed Certificate.
     * Certificate Manager provisions and renews Managed Certificates
     * automatically, for as long as it's authorized to do so.
     * Structure is documented below.
     */
    @JvmName("wytvvwfanrbyfbea")
    public suspend fun managed(`value`: CertificateManagedArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.managed = mapped
    }

    /**
     * @param argument Configuration and state of a Managed Certificate.
     * Certificate Manager provisions and renews Managed Certificates
     * automatically, for as long as it's authorized to do so.
     * Structure is documented below.
     */
    @JvmName("axrchsntwluspqoc")
    public suspend fun managed(argument: suspend CertificateManagedArgsBuilder.() -> Unit) {
        val toBeMapped = CertificateManagedArgsBuilder().applySuspend { argument() }.build()
        val mapped = of(toBeMapped)
        this.managed = mapped
    }

    /**
     * @param value A user-defined name of the certificate. Certificate names must be unique
     * The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
     * and all following characters must be a dash, underscore, letter or digit.
     * - - -
     */
    @JvmName("bxhmyjervkylrffm")
    public suspend fun name(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.name = mapped
    }

    /**
     * @param value The ID of the project in which the resource belongs.
     * If it is not provided, the provider project is used.
     */
    @JvmName("gqertctkuxnuakcd")
    public suspend fun project(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.project = mapped
    }

    /**
     * @param value The scope of the certificate.
     * DEFAULT: Certificates with default scope are served from core Google data centers.
     * If unsure, choose this option.
     * EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from Edge Points of Presence.
     * See https://cloud.google.com/vpc/docs/edge-locations.
     * ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs).
     * See https://cloud.google.com/compute/docs/regions-zones
     */
    @JvmName("equhnenwkwnkuhkk")
    public suspend fun scope(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.scope = mapped
    }

    /**
     * @param value Certificate data for a SelfManaged Certificate.
     * SelfManaged Certificates are uploaded by the user. Updating such
     * certificates before they expire remains the user's responsibility.
     * Structure is documented below.
     */
    @JvmName("khijfljewsmlavvl")
    public suspend fun selfManaged(`value`: CertificateSelfManagedArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.selfManaged = mapped
    }

    /**
     * @param argument Certificate data for a SelfManaged Certificate.
     * SelfManaged Certificates are uploaded by the user. Updating such
     * certificates before they expire remains the user's responsibility.
     * Structure is documented below.
     */
    @JvmName("pnbaoolrnaoxqsdw")
    public suspend fun selfManaged(argument: suspend CertificateSelfManagedArgsBuilder.() -> Unit) {
        val toBeMapped = CertificateSelfManagedArgsBuilder().applySuspend { argument() }.build()
        val mapped = of(toBeMapped)
        this.selfManaged = mapped
    }

    internal fun build(): CertificateArgs = CertificateArgs(
        description = description,
        labels = labels,
        location = location,
        managed = managed,
        name = name,
        project = project,
        scope = scope,
        selfManaged = selfManaged,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy