com.pulumi.gcp.certificatemanager.kotlin.CertificateIssuanceConfigArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.certificatemanager.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs.builder
import com.pulumi.gcp.certificatemanager.kotlin.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
import com.pulumi.gcp.certificatemanager.kotlin.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Int
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* Certificate represents a HTTP-reachable backend for a Certificate.
* To get more information about CertificateIssuanceConfig, see:
* * [API documentation](https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.certificateIssuanceConfigs)
* * How-to Guides
* * [Manage certificate issuance configs](https://cloud.google.com/certificate-manager/docs/issuance-configs)
* ## Example Usage
* ### Certificate Manager Certificate Issuance Config
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const pool = new gcp.certificateauthority.CaPool("pool", {
* name: "ca-pool",
* location: "us-central1",
* tier: "ENTERPRISE",
* });
* const caAuthority = new gcp.certificateauthority.Authority("ca_authority", {
* location: "us-central1",
* pool: pool.name,
* certificateAuthorityId: "ca-authority",
* config: {
* subjectConfig: {
* subject: {
* organization: "HashiCorp",
* commonName: "my-certificate-authority",
* },
* subjectAltName: {
* dnsNames: ["hashicorp.com"],
* },
* },
* x509Config: {
* caOptions: {
* isCa: true,
* },
* keyUsage: {
* baseKeyUsage: {
* certSign: true,
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: true,
* },
* },
* },
* },
* keySpec: {
* algorithm: "RSA_PKCS1_4096_SHA256",
* },
* deletionProtection: false,
* skipGracePeriod: true,
* ignoreActiveCertificatesOnDeletion: true,
* });
* const _default = new gcp.certificatemanager.CertificateIssuanceConfig("default", {
* name: "issuance-config",
* description: "sample description for the certificate issuanceConfigs",
* certificateAuthorityConfig: {
* certificateAuthorityServiceConfig: {
* caPool: pool.id,
* },
* },
* lifetime: "1814400s",
* rotationWindowPercentage: 34,
* keyAlgorithm: "ECDSA_P256",
* labels: {
* name: "wrench",
* count: "3",
* },
* }, {
* dependsOn: [caAuthority],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* pool = gcp.certificateauthority.CaPool("pool",
* name="ca-pool",
* location="us-central1",
* tier="ENTERPRISE")
* ca_authority = gcp.certificateauthority.Authority("ca_authority",
* location="us-central1",
* pool=pool.name,
* certificate_authority_id="ca-authority",
* config={
* "subject_config": {
* "subject": {
* "organization": "HashiCorp",
* "common_name": "my-certificate-authority",
* },
* "subject_alt_name": {
* "dns_names": ["hashicorp.com"],
* },
* },
* "x509_config": {
* "ca_options": {
* "is_ca": True,
* },
* "key_usage": {
* "base_key_usage": {
* "cert_sign": True,
* "crl_sign": True,
* },
* "extended_key_usage": {
* "server_auth": True,
* },
* },
* },
* },
* key_spec={
* "algorithm": "RSA_PKCS1_4096_SHA256",
* },
* deletion_protection=False,
* skip_grace_period=True,
* ignore_active_certificates_on_deletion=True)
* default = gcp.certificatemanager.CertificateIssuanceConfig("default",
* name="issuance-config",
* description="sample description for the certificate issuanceConfigs",
* certificate_authority_config={
* "certificate_authority_service_config": {
* "ca_pool": pool.id,
* },
* },
* lifetime="1814400s",
* rotation_window_percentage=34,
* key_algorithm="ECDSA_P256",
* labels={
* "name": "wrench",
* "count": "3",
* },
* opts = pulumi.ResourceOptions(depends_on=[ca_authority]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var pool = new Gcp.CertificateAuthority.CaPool("pool", new()
* {
* Name = "ca-pool",
* Location = "us-central1",
* Tier = "ENTERPRISE",
* });
* var caAuthority = new Gcp.CertificateAuthority.Authority("ca_authority", new()
* {
* Location = "us-central1",
* Pool = pool.Name,
* CertificateAuthorityId = "ca-authority",
* Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigArgs
* {
* SubjectConfig = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigArgs
* {
* Subject = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectArgs
* {
* Organization = "HashiCorp",
* CommonName = "my-certificate-authority",
* },
* SubjectAltName = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs
* {
* DnsNames = new[]
* {
* "hashicorp.com",
* },
* },
* },
* X509Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigArgs
* {
* CaOptions = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigCaOptionsArgs
* {
* IsCa = true,
* },
* KeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageArgs
* {
* BaseKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs
* {
* CertSign = true,
* CrlSign = true,
* },
* ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs
* {
* ServerAuth = true,
* },
* },
* },
* },
* KeySpec = new Gcp.CertificateAuthority.Inputs.AuthorityKeySpecArgs
* {
* Algorithm = "RSA_PKCS1_4096_SHA256",
* },
* DeletionProtection = false,
* SkipGracePeriod = true,
* IgnoreActiveCertificatesOnDeletion = true,
* });
* var @default = new Gcp.CertificateManager.CertificateIssuanceConfig("default", new()
* {
* Name = "issuance-config",
* Description = "sample description for the certificate issuanceConfigs",
* CertificateAuthorityConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs
* {
* CertificateAuthorityServiceConfig = new Gcp.CertificateManager.Inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs
* {
* CaPool = pool.Id,
* },
* },
* Lifetime = "1814400s",
* RotationWindowPercentage = 34,
* KeyAlgorithm = "ECDSA_P256",
* Labels =
* {
* { "name", "wrench" },
* { "count", "3" },
* },
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* caAuthority,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificateauthority"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* pool, err := certificateauthority.NewCaPool(ctx, "pool", &certificateauthority.CaPoolArgs{
* Name: pulumi.String("ca-pool"),
* Location: pulumi.String("us-central1"),
* Tier: pulumi.String("ENTERPRISE"),
* })
* if err != nil {
* return err
* }
* caAuthority, err := certificateauthority.NewAuthority(ctx, "ca_authority", &certificateauthority.AuthorityArgs{
* Location: pulumi.String("us-central1"),
* Pool: pool.Name,
* CertificateAuthorityId: pulumi.String("ca-authority"),
* Config: &certificateauthority.AuthorityConfigArgs{
* SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
* Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
* Organization: pulumi.String("HashiCorp"),
* CommonName: pulumi.String("my-certificate-authority"),
* },
* SubjectAltName: &certificateauthority.AuthorityConfigSubjectConfigSubjectAltNameArgs{
* DnsNames: pulumi.StringArray{
* pulumi.String("hashicorp.com"),
* },
* },
* },
* X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
* CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
* IsCa: pulumi.Bool(true),
* },
* KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
* BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
* CertSign: pulumi.Bool(true),
* CrlSign: pulumi.Bool(true),
* },
* ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
* ServerAuth: pulumi.Bool(true),
* },
* },
* },
* },
* KeySpec: &certificateauthority.AuthorityKeySpecArgs{
* Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
* },
* DeletionProtection: pulumi.Bool(false),
* SkipGracePeriod: pulumi.Bool(true),
* IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* _, err = certificatemanager.NewCertificateIssuanceConfig(ctx, "default", &certificatemanager.CertificateIssuanceConfigArgs{
* Name: pulumi.String("issuance-config"),
* Description: pulumi.String("sample description for the certificate issuanceConfigs"),
* CertificateAuthorityConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigArgs{
* CertificateAuthorityServiceConfig: &certificatemanager.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs{
* CaPool: pool.ID(),
* },
* },
* Lifetime: pulumi.String("1814400s"),
* RotationWindowPercentage: pulumi.Int(34),
* KeyAlgorithm: pulumi.String("ECDSA_P256"),
* Labels: pulumi.StringMap{
* "name": pulumi.String("wrench"),
* "count": pulumi.String("3"),
* },
* }, pulumi.DependsOn([]pulumi.Resource{
* caAuthority,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.certificateauthority.CaPool;
* import com.pulumi.gcp.certificateauthority.CaPoolArgs;
* import com.pulumi.gcp.certificateauthority.Authority;
* import com.pulumi.gcp.certificateauthority.AuthorityArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectAltNameArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs;
* import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs;
* import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfig;
* import com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs;
* import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigArgs;
* import com.pulumi.gcp.certificatemanager.inputs.CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var pool = new CaPool("pool", CaPoolArgs.builder()
* .name("ca-pool")
* .location("us-central1")
* .tier("ENTERPRISE")
* .build());
* var caAuthority = new Authority("caAuthority", AuthorityArgs.builder()
* .location("us-central1")
* .pool(pool.name())
* .certificateAuthorityId("ca-authority")
* .config(AuthorityConfigArgs.builder()
* .subjectConfig(AuthorityConfigSubjectConfigArgs.builder()
* .subject(AuthorityConfigSubjectConfigSubjectArgs.builder()
* .organization("HashiCorp")
* .commonName("my-certificate-authority")
* .build())
* .subjectAltName(AuthorityConfigSubjectConfigSubjectAltNameArgs.builder()
* .dnsNames("hashicorp.com")
* .build())
* .build())
* .x509Config(AuthorityConfigX509ConfigArgs.builder()
* .caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder()
* .isCa(true)
* .build())
* .keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder()
* .baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder()
* .certSign(true)
* .crlSign(true)
* .build())
* .extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder()
* .serverAuth(true)
* .build())
* .build())
* .build())
* .build())
* .keySpec(AuthorityKeySpecArgs.builder()
* .algorithm("RSA_PKCS1_4096_SHA256")
* .build())
* .deletionProtection(false)
* .skipGracePeriod(true)
* .ignoreActiveCertificatesOnDeletion(true)
* .build());
* var default_ = new CertificateIssuanceConfig("default", CertificateIssuanceConfigArgs.builder()
* .name("issuance-config")
* .description("sample description for the certificate issuanceConfigs")
* .certificateAuthorityConfig(CertificateIssuanceConfigCertificateAuthorityConfigArgs.builder()
* .certificateAuthorityServiceConfig(CertificateIssuanceConfigCertificateAuthorityConfigCertificateAuthorityServiceConfigArgs.builder()
* .caPool(pool.id())
* .build())
* .build())
* .lifetime("1814400s")
* .rotationWindowPercentage(34)
* .keyAlgorithm("ECDSA_P256")
* .labels(Map.ofEntries(
* Map.entry("name", "wrench"),
* Map.entry("count", "3")
* ))
* .build(), CustomResourceOptions.builder()
* .dependsOn(caAuthority)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:certificatemanager:CertificateIssuanceConfig
* properties:
* name: issuance-config
* description: sample description for the certificate issuanceConfigs
* certificateAuthorityConfig:
* certificateAuthorityServiceConfig:
* caPool: ${pool.id}
* lifetime: 1814400s
* rotationWindowPercentage: 34
* keyAlgorithm: ECDSA_P256
* labels:
* name: wrench
* count: '3'
* options:
* dependsOn:
* - ${caAuthority}
* pool:
* type: gcp:certificateauthority:CaPool
* properties:
* name: ca-pool
* location: us-central1
* tier: ENTERPRISE
* caAuthority:
* type: gcp:certificateauthority:Authority
* name: ca_authority
* properties:
* location: us-central1
* pool: ${pool.name}
* certificateAuthorityId: ca-authority
* config:
* subjectConfig:
* subject:
* organization: HashiCorp
* commonName: my-certificate-authority
* subjectAltName:
* dnsNames:
* - hashicorp.com
* x509Config:
* caOptions:
* isCa: true
* keyUsage:
* baseKeyUsage:
* certSign: true
* crlSign: true
* extendedKeyUsage:
* serverAuth: true
* keySpec:
* algorithm: RSA_PKCS1_4096_SHA256
* deletionProtection: false
* skipGracePeriod: true
* ignoreActiveCertificatesOnDeletion: true
* ```
*
* ## Import
* CertificateIssuanceConfig can be imported using any of these accepted formats:
* * `projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}`
* * `{{project}}/{{location}}/{{name}}`
* * `{{location}}/{{name}}`
* When using the `pulumi import` command, CertificateIssuanceConfig can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}
* ```
* ```sh
* $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{project}}/{{location}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:certificatemanager/certificateIssuanceConfig:CertificateIssuanceConfig default {{location}}/{{name}}
* ```
* @property certificateAuthorityConfig The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc.
* Structure is documented below.
* @property description One or more paragraphs of text description of a CertificateIssuanceConfig.
* @property keyAlgorithm Key algorithm to use when generating the private key.
* Possible values are: `RSA_2048`, `ECDSA_P256`.
* @property labels 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value
* pairs. Example: { "name": "wrench", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the
* labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the
* resource.
* @property lifetime Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'.
* Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
* @property location The Certificate Manager location. If not specified, "global" is used.
* @property name A user-defined name of the certificate issuance config.
* CertificateIssuanceConfig names must be unique globally.
* @property project
* @property rotationWindowPercentage It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate.
* Must be a number between 1-99, inclusive.
* You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after
* the certificate has been issued and at least 7 days before it expires.
*/
public data class CertificateIssuanceConfigArgs(
public val certificateAuthorityConfig: Output? = null,
public val description: Output? = null,
public val keyAlgorithm: Output? = null,
public val labels: Output>? = null,
public val lifetime: Output? = null,
public val location: Output? = null,
public val name: Output? = null,
public val project: Output? = null,
public val rotationWindowPercentage: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs =
com.pulumi.gcp.certificatemanager.CertificateIssuanceConfigArgs.builder()
.certificateAuthorityConfig(
certificateAuthorityConfig?.applyValue({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
}),
)
.description(description?.applyValue({ args0 -> args0 }))
.keyAlgorithm(keyAlgorithm?.applyValue({ args0 -> args0 }))
.labels(labels?.applyValue({ args0 -> args0.map({ args0 -> args0.key.to(args0.value) }).toMap() }))
.lifetime(lifetime?.applyValue({ args0 -> args0 }))
.location(location?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.project(project?.applyValue({ args0 -> args0 }))
.rotationWindowPercentage(rotationWindowPercentage?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [CertificateIssuanceConfigArgs].
*/
@PulumiTagMarker
public class CertificateIssuanceConfigArgsBuilder internal constructor() {
private var certificateAuthorityConfig:
Output? = null
private var description: Output? = null
private var keyAlgorithm: Output? = null
private var labels: Output>? = null
private var lifetime: Output? = null
private var location: Output? = null
private var name: Output? = null
private var project: Output? = null
private var rotationWindowPercentage: Output? = null
/**
* @param value The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc.
* Structure is documented below.
*/
@JvmName("dqadtseevthvtmnd")
public suspend fun certificateAuthorityConfig(`value`: Output) {
this.certificateAuthorityConfig = value
}
/**
* @param value One or more paragraphs of text description of a CertificateIssuanceConfig.
*/
@JvmName("gstoqobxinnkudld")
public suspend fun description(`value`: Output) {
this.description = value
}
/**
* @param value Key algorithm to use when generating the private key.
* Possible values are: `RSA_2048`, `ECDSA_P256`.
*/
@JvmName("onvsamvxanjyyihd")
public suspend fun keyAlgorithm(`value`: Output) {
this.keyAlgorithm = value
}
/**
* @param value 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value
* pairs. Example: { "name": "wrench", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the
* labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the
* resource.
*/
@JvmName("qoxdmmettsoyovje")
public suspend fun labels(`value`: Output>) {
this.labels = value
}
/**
* @param value Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'.
* Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
*/
@JvmName("hinrjnjkwutsqcai")
public suspend fun lifetime(`value`: Output) {
this.lifetime = value
}
/**
* @param value The Certificate Manager location. If not specified, "global" is used.
*/
@JvmName("wpxilreofolmugrd")
public suspend fun location(`value`: Output) {
this.location = value
}
/**
* @param value A user-defined name of the certificate issuance config.
* CertificateIssuanceConfig names must be unique globally.
*/
@JvmName("uerfvvxvmdumslhi")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value
*/
@JvmName("fenhdeclkfruafyk")
public suspend fun project(`value`: Output) {
this.project = value
}
/**
* @param value It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate.
* Must be a number between 1-99, inclusive.
* You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after
* the certificate has been issued and at least 7 days before it expires.
*/
@JvmName("dexjodkwegxvprot")
public suspend fun rotationWindowPercentage(`value`: Output) {
this.rotationWindowPercentage = value
}
/**
* @param value The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc.
* Structure is documented below.
*/
@JvmName("vuhqiwjeutuuwxmk")
public suspend fun certificateAuthorityConfig(`value`: CertificateIssuanceConfigCertificateAuthorityConfigArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.certificateAuthorityConfig = mapped
}
/**
* @param argument The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc.
* Structure is documented below.
*/
@JvmName("ipfmkngwsuqjftmn")
public suspend fun certificateAuthorityConfig(argument: suspend CertificateIssuanceConfigCertificateAuthorityConfigArgsBuilder.() -> Unit) {
val toBeMapped = CertificateIssuanceConfigCertificateAuthorityConfigArgsBuilder().applySuspend {
argument()
}.build()
val mapped = of(toBeMapped)
this.certificateAuthorityConfig = mapped
}
/**
* @param value One or more paragraphs of text description of a CertificateIssuanceConfig.
*/
@JvmName("puvqtlqklfdvosom")
public suspend fun description(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.description = mapped
}
/**
* @param value Key algorithm to use when generating the private key.
* Possible values are: `RSA_2048`, `ECDSA_P256`.
*/
@JvmName("jnifgkiarhfmedgn")
public suspend fun keyAlgorithm(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.keyAlgorithm = mapped
}
/**
* @param value 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value
* pairs. Example: { "name": "wrench", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the
* labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the
* resource.
*/
@JvmName("ehvxiavvpyeftaso")
public suspend fun labels(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.labels = mapped
}
/**
* @param values 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value
* pairs. Example: { "name": "wrench", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the
* labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the
* resource.
*/
@JvmName("jgshdlrwucrtohqx")
public fun labels(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.labels = mapped
}
/**
* @param value Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'.
* Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s)
*/
@JvmName("rqrfdeqeqgtkghps")
public suspend fun lifetime(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.lifetime = mapped
}
/**
* @param value The Certificate Manager location. If not specified, "global" is used.
*/
@JvmName("gjrfpcllvpgoeruw")
public suspend fun location(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.location = mapped
}
/**
* @param value A user-defined name of the certificate issuance config.
* CertificateIssuanceConfig names must be unique globally.
*/
@JvmName("dgtbpjaabgaiqura")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value
*/
@JvmName("acjipprthiwqtbvx")
public suspend fun project(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.project = mapped
}
/**
* @param value It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate.
* Must be a number between 1-99, inclusive.
* You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after
* the certificate has been issued and at least 7 days before it expires.
*/
@JvmName("cldyvmpwxlikweyi")
public suspend fun rotationWindowPercentage(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.rotationWindowPercentage = mapped
}
internal fun build(): CertificateIssuanceConfigArgs = CertificateIssuanceConfigArgs(
certificateAuthorityConfig = certificateAuthorityConfig,
description = description,
keyAlgorithm = keyAlgorithm,
labels = labels,
lifetime = lifetime,
location = location,
name = name,
project = project,
rotationWindowPercentage = rotationWindowPercentage,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy