/
getCertificateAuthority.go
196 lines (165 loc) · 11.3 KB
/
getCertificateAuthority.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
// Code generated by the Pulumi SDK Generator DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
package v1
import (
"context"
"reflect"
"github.com/pulumi/pulumi-google-native/sdk/go/google/internal"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
// Returns a CertificateAuthority.
func LookupCertificateAuthority(ctx *pulumi.Context, args *LookupCertificateAuthorityArgs, opts ...pulumi.InvokeOption) (*LookupCertificateAuthorityResult, error) {
opts = internal.PkgInvokeDefaultOpts(opts)
var rv LookupCertificateAuthorityResult
err := ctx.Invoke("google-native:privateca/v1:getCertificateAuthority", args, &rv, opts...)
if err != nil {
return nil, err
}
return &rv, nil
}
type LookupCertificateAuthorityArgs struct {
CaPoolId string `pulumi:"caPoolId"`
CertificateAuthorityId string `pulumi:"certificateAuthorityId"`
Location string `pulumi:"location"`
Project *string `pulumi:"project"`
}
type LookupCertificateAuthorityResult struct {
// URLs for accessing content published by this CA, such as the CA certificate and CRLs.
AccessUrls AccessUrlsResponse `pulumi:"accessUrls"`
// A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
CaCertificateDescriptions []CertificateDescriptionResponse `pulumi:"caCertificateDescriptions"`
// Immutable. The config used to create a self-signed X.509 certificate or CSR.
Config CertificateConfigResponse `pulumi:"config"`
// The time at which this CertificateAuthority was created.
CreateTime string `pulumi:"createTime"`
// The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
DeleteTime string `pulumi:"deleteTime"`
// The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
ExpireTime string `pulumi:"expireTime"`
// Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
GcsBucket string `pulumi:"gcsBucket"`
// Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
KeySpec KeyVersionSpecResponse `pulumi:"keySpec"`
// Optional. Labels with user-defined metadata.
Labels map[string]string `pulumi:"labels"`
// Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
Lifetime string `pulumi:"lifetime"`
// The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
Name string `pulumi:"name"`
// This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
PemCaCertificates []string `pulumi:"pemCaCertificates"`
// The State for this CertificateAuthority.
State string `pulumi:"state"`
// Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
SubordinateConfig SubordinateConfigResponse `pulumi:"subordinateConfig"`
// The CaPool.Tier of the CaPool that includes this CertificateAuthority.
Tier string `pulumi:"tier"`
// Immutable. The Type of this CertificateAuthority.
Type string `pulumi:"type"`
// The time at which this CertificateAuthority was last updated.
UpdateTime string `pulumi:"updateTime"`
}
func LookupCertificateAuthorityOutput(ctx *pulumi.Context, args LookupCertificateAuthorityOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateAuthorityResultOutput {
return pulumi.ToOutputWithContext(context.Background(), args).
ApplyT(func(v interface{}) (LookupCertificateAuthorityResult, error) {
args := v.(LookupCertificateAuthorityArgs)
r, err := LookupCertificateAuthority(ctx, &args, opts...)
var s LookupCertificateAuthorityResult
if r != nil {
s = *r
}
return s, err
}).(LookupCertificateAuthorityResultOutput)
}
type LookupCertificateAuthorityOutputArgs struct {
CaPoolId pulumi.StringInput `pulumi:"caPoolId"`
CertificateAuthorityId pulumi.StringInput `pulumi:"certificateAuthorityId"`
Location pulumi.StringInput `pulumi:"location"`
Project pulumi.StringPtrInput `pulumi:"project"`
}
func (LookupCertificateAuthorityOutputArgs) ElementType() reflect.Type {
return reflect.TypeOf((*LookupCertificateAuthorityArgs)(nil)).Elem()
}
type LookupCertificateAuthorityResultOutput struct{ *pulumi.OutputState }
func (LookupCertificateAuthorityResultOutput) ElementType() reflect.Type {
return reflect.TypeOf((*LookupCertificateAuthorityResult)(nil)).Elem()
}
func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutput() LookupCertificateAuthorityResultOutput {
return o
}
func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutputWithContext(ctx context.Context) LookupCertificateAuthorityResultOutput {
return o
}
// URLs for accessing content published by this CA, such as the CA certificate and CRLs.
func (o LookupCertificateAuthorityResultOutput) AccessUrls() AccessUrlsResponseOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) AccessUrlsResponse { return v.AccessUrls }).(AccessUrlsResponseOutput)
}
// A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
func (o LookupCertificateAuthorityResultOutput) CaCertificateDescriptions() CertificateDescriptionResponseArrayOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) []CertificateDescriptionResponse {
return v.CaCertificateDescriptions
}).(CertificateDescriptionResponseArrayOutput)
}
// Immutable. The config used to create a self-signed X.509 certificate or CSR.
func (o LookupCertificateAuthorityResultOutput) Config() CertificateConfigResponseOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) CertificateConfigResponse { return v.Config }).(CertificateConfigResponseOutput)
}
// The time at which this CertificateAuthority was created.
func (o LookupCertificateAuthorityResultOutput) CreateTime() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.CreateTime }).(pulumi.StringOutput)
}
// The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
func (o LookupCertificateAuthorityResultOutput) DeleteTime() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.DeleteTime }).(pulumi.StringOutput)
}
// The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
func (o LookupCertificateAuthorityResultOutput) ExpireTime() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.ExpireTime }).(pulumi.StringOutput)
}
// Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
func (o LookupCertificateAuthorityResultOutput) GcsBucket() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.GcsBucket }).(pulumi.StringOutput)
}
// Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
func (o LookupCertificateAuthorityResultOutput) KeySpec() KeyVersionSpecResponseOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) KeyVersionSpecResponse { return v.KeySpec }).(KeyVersionSpecResponseOutput)
}
// Optional. Labels with user-defined metadata.
func (o LookupCertificateAuthorityResultOutput) Labels() pulumi.StringMapOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) map[string]string { return v.Labels }).(pulumi.StringMapOutput)
}
// Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
func (o LookupCertificateAuthorityResultOutput) Lifetime() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.Lifetime }).(pulumi.StringOutput)
}
// The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
func (o LookupCertificateAuthorityResultOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.Name }).(pulumi.StringOutput)
}
// This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
func (o LookupCertificateAuthorityResultOutput) PemCaCertificates() pulumi.StringArrayOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) []string { return v.PemCaCertificates }).(pulumi.StringArrayOutput)
}
// The State for this CertificateAuthority.
func (o LookupCertificateAuthorityResultOutput) State() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.State }).(pulumi.StringOutput)
}
// Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
func (o LookupCertificateAuthorityResultOutput) SubordinateConfig() SubordinateConfigResponseOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) SubordinateConfigResponse { return v.SubordinateConfig }).(SubordinateConfigResponseOutput)
}
// The CaPool.Tier of the CaPool that includes this CertificateAuthority.
func (o LookupCertificateAuthorityResultOutput) Tier() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.Tier }).(pulumi.StringOutput)
}
// Immutable. The Type of this CertificateAuthority.
func (o LookupCertificateAuthorityResultOutput) Type() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.Type }).(pulumi.StringOutput)
}
// The time at which this CertificateAuthority was last updated.
func (o LookupCertificateAuthorityResultOutput) UpdateTime() pulumi.StringOutput {
return o.ApplyT(func(v LookupCertificateAuthorityResult) string { return v.UpdateTime }).(pulumi.StringOutput)
}
func init() {
pulumi.RegisterOutputType(LookupCertificateAuthorityResultOutput{})
}