local.go

// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***

package certificate

import (
	"context"
	"reflect"

	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/internal"
)

// Local keys and certificates.
//
// ## Import
//
// VpnCertificate Local can be imported using any of these accepted formats:
//
// ```sh
// $ pulumi import fortios:vpn/certificate/local:Local labelname {{name}}
// ```
//
// If you do not want to import arguments of block:
//
// $ export "FORTIOS_IMPORT_TABLE"="false"
//
// ```sh
// $ pulumi import fortios:vpn/certificate/local:Local labelname {{name}}
// ```
//
// $ unset "FORTIOS_IMPORT_TABLE"
type Local struct {
	pulumi.CustomResourceState

	// The URL for the ACME CA server (Let's Encrypt is the default provider).
	AcmeCaUrl pulumi.StringOutput `pulumi:"acmeCaUrl"`
	// A valid domain that resolves to this Fortigate.
	AcmeDomain pulumi.StringOutput `pulumi:"acmeDomain"`
	// Contact email address that is required by some CAs like LetsEncrypt.
	AcmeEmail pulumi.StringOutput `pulumi:"acmeEmail"`
	// Beginning of the renewal window (in days before certificate expiration, 30 by default).
	AcmeRenewWindow pulumi.IntOutput `pulumi:"acmeRenewWindow"`
	// Length of the RSA private key of the generated cert (Minimum 2048 bits).
	AcmeRsaKeySize pulumi.IntOutput `pulumi:"acmeRsaKeySize"`
	// Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
	AutoRegenerateDays pulumi.IntOutput `pulumi:"autoRegenerateDays"`
	// Number of days to wait before an expiry warning message is generated (0 = disabled).
	AutoRegenerateDaysWarning pulumi.IntOutput `pulumi:"autoRegenerateDaysWarning"`
	// CA identifier of the CA server for signing via SCEP.
	CaIdentifier pulumi.StringOutput `pulumi:"caIdentifier"`
	// PEM format certificate.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// Path location inside CMP server.
	CmpPath pulumi.StringOutput `pulumi:"cmpPath"`
	// CMP auto-regeneration method. Valid values: `keyupate`, `renewal`.
	CmpRegenerationMethod pulumi.StringOutput `pulumi:"cmpRegenerationMethod"`
	// 'ADDRESS:PORT' for CMP server.
	CmpServer pulumi.StringOutput `pulumi:"cmpServer"`
	// CMP server certificate.
	CmpServerCert pulumi.StringOutput `pulumi:"cmpServerCert"`
	// Comment.
	Comments pulumi.StringOutput `pulumi:"comments"`
	// Certificate Signing Request.
	Csr pulumi.StringOutput `pulumi:"csr"`
	// Certificate enrollment protocol.
	EnrollProtocol pulumi.StringOutput `pulumi:"enrollProtocol"`
	// CA identifier of the CA server for signing via EST.
	EstCaId pulumi.StringOutput `pulumi:"estCaId"`
	// Certificate used to authenticate this FortiGate to EST server.
	EstClientCert pulumi.StringOutput `pulumi:"estClientCert"`
	// HTTP Authentication password for signing via EST.
	EstHttpPassword pulumi.StringOutput `pulumi:"estHttpPassword"`
	// HTTP Authentication username for signing via EST.
	EstHttpUsername pulumi.StringOutput `pulumi:"estHttpUsername"`
	// Address and port for EST server (e.g. https://example.com:1234).
	EstServer pulumi.StringOutput `pulumi:"estServer"`
	// EST server's certificate must be verifiable by this certificate to be authenticated.
	EstServerCert pulumi.StringOutput `pulumi:"estServerCert"`
	// EST SRP authentication password.
	EstSrpPassword pulumi.StringOutput `pulumi:"estSrpPassword"`
	// EST SRP authentication username.
	EstSrpUsername pulumi.StringOutput `pulumi:"estSrpUsername"`
	// Local ID the FortiGate uses for authentication as a VPN client.
	IkeLocalid pulumi.StringOutput `pulumi:"ikeLocalid"`
	// IKE local ID type. Valid values: `asn1dn`, `fqdn`.
	IkeLocalidType pulumi.StringOutput `pulumi:"ikeLocalidType"`
	// Time at which certificate was last updated.
	LastUpdated pulumi.IntOutput `pulumi:"lastUpdated"`
	// Name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Name encoding method for auto-regeneration. Valid values: `printable`, `utf8`.
	NameEncoding pulumi.StringOutput `pulumi:"nameEncoding"`
	// Password as a PEM file.
	Password pulumi.StringPtrOutput `pulumi:"password"`
	// PEM format key, encrypted with a password.
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: `enable`, `disable`.
	PrivateKeyRetain pulumi.StringOutput `pulumi:"privateKeyRetain"`
	// Either a global or VDOM IP address range for the certificate. Valid values: `global`, `vdom`.
	Range pulumi.StringOutput `pulumi:"range"`
	// SCEP server challenge password for auto-regeneration.
	ScepPassword pulumi.StringPtrOutput `pulumi:"scepPassword"`
	// SCEP server URL.
	ScepUrl pulumi.StringOutput `pulumi:"scepUrl"`
	// Certificate source type.
	Source pulumi.StringOutput `pulumi:"source"`
	// Source IP address for communications to the SCEP server.
	SourceIp pulumi.StringOutput `pulumi:"sourceIp"`
	// Certificate Signing Request State.
	State pulumi.StringOutput `pulumi:"state"`
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam pulumi.StringPtrOutput `pulumi:"vdomparam"`
}

// NewLocal registers a new resource with the given unique name, arguments, and options.
func NewLocal(ctx *pulumi.Context,
	name string, args *LocalArgs, opts ...pulumi.ResourceOption) (*Local, error) {
	if args == nil {
		args = &LocalArgs{}
	}

	if args.Certificate != nil {
		args.Certificate = pulumi.ToSecret(args.Certificate).(pulumi.StringPtrInput)
	}
	if args.Password != nil {
		args.Password = pulumi.ToSecret(args.Password).(pulumi.StringPtrInput)
	}
	if args.PrivateKey != nil {
		args.PrivateKey = pulumi.ToSecret(args.PrivateKey).(pulumi.StringPtrInput)
	}
	if args.ScepPassword != nil {
		args.ScepPassword = pulumi.ToSecret(args.ScepPassword).(pulumi.StringPtrInput)
	}
	secrets := pulumi.AdditionalSecretOutputs([]string{
		"certificate",
		"password",
		"privateKey",
		"scepPassword",
	})
	opts = append(opts, secrets)
	opts = internal.PkgResourceDefaultOpts(opts)
	var resource Local
	err := ctx.RegisterResource("fortios:vpn/certificate/local:Local", name, args, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// GetLocal gets an existing Local resource's state with the given name, ID, and optional
// state properties that are used to uniquely qualify the lookup (nil if not required).
func GetLocal(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *LocalState, opts ...pulumi.ResourceOption) (*Local, error) {
	var resource Local
	err := ctx.ReadResource("fortios:vpn/certificate/local:Local", name, id, state, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// Input properties used for looking up and filtering Local resources.
type localState struct {
	// The URL for the ACME CA server (Let's Encrypt is the default provider).
	AcmeCaUrl *string `pulumi:"acmeCaUrl"`
	// A valid domain that resolves to this Fortigate.
	AcmeDomain *string `pulumi:"acmeDomain"`
	// Contact email address that is required by some CAs like LetsEncrypt.
	AcmeEmail *string `pulumi:"acmeEmail"`
	// Beginning of the renewal window (in days before certificate expiration, 30 by default).
	AcmeRenewWindow *int `pulumi:"acmeRenewWindow"`
	// Length of the RSA private key of the generated cert (Minimum 2048 bits).
	AcmeRsaKeySize *int `pulumi:"acmeRsaKeySize"`
	// Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
	AutoRegenerateDays *int `pulumi:"autoRegenerateDays"`
	// Number of days to wait before an expiry warning message is generated (0 = disabled).
	AutoRegenerateDaysWarning *int `pulumi:"autoRegenerateDaysWarning"`
	// CA identifier of the CA server for signing via SCEP.
	CaIdentifier *string `pulumi:"caIdentifier"`
	// PEM format certificate.
	Certificate *string `pulumi:"certificate"`
	// Path location inside CMP server.
	CmpPath *string `pulumi:"cmpPath"`
	// CMP auto-regeneration method. Valid values: `keyupate`, `renewal`.
	CmpRegenerationMethod *string `pulumi:"cmpRegenerationMethod"`
	// 'ADDRESS:PORT' for CMP server.
	CmpServer *string `pulumi:"cmpServer"`
	// CMP server certificate.
	CmpServerCert *string `pulumi:"cmpServerCert"`
	// Comment.
	Comments *string `pulumi:"comments"`
	// Certificate Signing Request.
	Csr *string `pulumi:"csr"`
	// Certificate enrollment protocol.
	EnrollProtocol *string `pulumi:"enrollProtocol"`
	// CA identifier of the CA server for signing via EST.
	EstCaId *string `pulumi:"estCaId"`
	// Certificate used to authenticate this FortiGate to EST server.
	EstClientCert *string `pulumi:"estClientCert"`
	// HTTP Authentication password for signing via EST.
	EstHttpPassword *string `pulumi:"estHttpPassword"`
	// HTTP Authentication username for signing via EST.
	EstHttpUsername *string `pulumi:"estHttpUsername"`
	// Address and port for EST server (e.g. https://example.com:1234).
	EstServer *string `pulumi:"estServer"`
	// EST server's certificate must be verifiable by this certificate to be authenticated.
	EstServerCert *string `pulumi:"estServerCert"`
	// EST SRP authentication password.
	EstSrpPassword *string `pulumi:"estSrpPassword"`
	// EST SRP authentication username.
	EstSrpUsername *string `pulumi:"estSrpUsername"`
	// Local ID the FortiGate uses for authentication as a VPN client.
	IkeLocalid *string `pulumi:"ikeLocalid"`
	// IKE local ID type. Valid values: `asn1dn`, `fqdn`.
	IkeLocalidType *string `pulumi:"ikeLocalidType"`
	// Time at which certificate was last updated.
	LastUpdated *int `pulumi:"lastUpdated"`
	// Name.
	Name *string `pulumi:"name"`
	// Name encoding method for auto-regeneration. Valid values: `printable`, `utf8`.
	NameEncoding *string `pulumi:"nameEncoding"`
	// Password as a PEM file.
	Password *string `pulumi:"password"`
	// PEM format key, encrypted with a password.
	PrivateKey *string `pulumi:"privateKey"`
	// Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: `enable`, `disable`.
	PrivateKeyRetain *string `pulumi:"privateKeyRetain"`
	// Either a global or VDOM IP address range for the certificate. Valid values: `global`, `vdom`.
	Range *string `pulumi:"range"`
	// SCEP server challenge password for auto-regeneration.
	ScepPassword *string `pulumi:"scepPassword"`
	// SCEP server URL.
	ScepUrl *string `pulumi:"scepUrl"`
	// Certificate source type.
	Source *string `pulumi:"source"`
	// Source IP address for communications to the SCEP server.
	SourceIp *string `pulumi:"sourceIp"`
	// Certificate Signing Request State.
	State *string `pulumi:"state"`
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam *string `pulumi:"vdomparam"`
}

type LocalState struct {
	// The URL for the ACME CA server (Let's Encrypt is the default provider).
	AcmeCaUrl pulumi.StringPtrInput
	// A valid domain that resolves to this Fortigate.
	AcmeDomain pulumi.StringPtrInput
	// Contact email address that is required by some CAs like LetsEncrypt.
	AcmeEmail pulumi.StringPtrInput
	// Beginning of the renewal window (in days before certificate expiration, 30 by default).
	AcmeRenewWindow pulumi.IntPtrInput
	// Length of the RSA private key of the generated cert (Minimum 2048 bits).
	AcmeRsaKeySize pulumi.IntPtrInput
	// Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
	AutoRegenerateDays pulumi.IntPtrInput
	// Number of days to wait before an expiry warning message is generated (0 = disabled).
	AutoRegenerateDaysWarning pulumi.IntPtrInput
	// CA identifier of the CA server for signing via SCEP.
	CaIdentifier pulumi.StringPtrInput
	// PEM format certificate.
	Certificate pulumi.StringPtrInput
	// Path location inside CMP server.
	CmpPath pulumi.StringPtrInput
	// CMP auto-regeneration method. Valid values: `keyupate`, `renewal`.
	CmpRegenerationMethod pulumi.StringPtrInput
	// 'ADDRESS:PORT' for CMP server.
	CmpServer pulumi.StringPtrInput
	// CMP server certificate.
	CmpServerCert pulumi.StringPtrInput
	// Comment.
	Comments pulumi.StringPtrInput
	// Certificate Signing Request.
	Csr pulumi.StringPtrInput
	// Certificate enrollment protocol.
	EnrollProtocol pulumi.StringPtrInput
	// CA identifier of the CA server for signing via EST.
	EstCaId pulumi.StringPtrInput
	// Certificate used to authenticate this FortiGate to EST server.
	EstClientCert pulumi.StringPtrInput
	// HTTP Authentication password for signing via EST.
	EstHttpPassword pulumi.StringPtrInput
	// HTTP Authentication username for signing via EST.
	EstHttpUsername pulumi.StringPtrInput
	// Address and port for EST server (e.g. https://example.com:1234).
	EstServer pulumi.StringPtrInput
	// EST server's certificate must be verifiable by this certificate to be authenticated.
	EstServerCert pulumi.StringPtrInput
	// EST SRP authentication password.
	EstSrpPassword pulumi.StringPtrInput
	// EST SRP authentication username.
	EstSrpUsername pulumi.StringPtrInput
	// Local ID the FortiGate uses for authentication as a VPN client.
	IkeLocalid pulumi.StringPtrInput
	// IKE local ID type. Valid values: `asn1dn`, `fqdn`.
	IkeLocalidType pulumi.StringPtrInput
	// Time at which certificate was last updated.
	LastUpdated pulumi.IntPtrInput
	// Name.
	Name pulumi.StringPtrInput
	// Name encoding method for auto-regeneration. Valid values: `printable`, `utf8`.
	NameEncoding pulumi.StringPtrInput
	// Password as a PEM file.
	Password pulumi.StringPtrInput
	// PEM format key, encrypted with a password.
	PrivateKey pulumi.StringPtrInput
	// Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: `enable`, `disable`.
	PrivateKeyRetain pulumi.StringPtrInput
	// Either a global or VDOM IP address range for the certificate. Valid values: `global`, `vdom`.
	Range pulumi.StringPtrInput
	// SCEP server challenge password for auto-regeneration.
	ScepPassword pulumi.StringPtrInput
	// SCEP server URL.
	ScepUrl pulumi.StringPtrInput
	// Certificate source type.
	Source pulumi.StringPtrInput
	// Source IP address for communications to the SCEP server.
	SourceIp pulumi.StringPtrInput
	// Certificate Signing Request State.
	State pulumi.StringPtrInput
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam pulumi.StringPtrInput
}

func (LocalState) ElementType() reflect.Type {
	return reflect.TypeOf((*localState)(nil)).Elem()
}

type localArgs struct {
	// The URL for the ACME CA server (Let's Encrypt is the default provider).
	AcmeCaUrl *string `pulumi:"acmeCaUrl"`
	// A valid domain that resolves to this Fortigate.
	AcmeDomain *string `pulumi:"acmeDomain"`
	// Contact email address that is required by some CAs like LetsEncrypt.
	AcmeEmail *string `pulumi:"acmeEmail"`
	// Beginning of the renewal window (in days before certificate expiration, 30 by default).
	AcmeRenewWindow *int `pulumi:"acmeRenewWindow"`
	// Length of the RSA private key of the generated cert (Minimum 2048 bits).
	AcmeRsaKeySize *int `pulumi:"acmeRsaKeySize"`
	// Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
	AutoRegenerateDays *int `pulumi:"autoRegenerateDays"`
	// Number of days to wait before an expiry warning message is generated (0 = disabled).
	AutoRegenerateDaysWarning *int `pulumi:"autoRegenerateDaysWarning"`
	// CA identifier of the CA server for signing via SCEP.
	CaIdentifier *string `pulumi:"caIdentifier"`
	// PEM format certificate.
	Certificate *string `pulumi:"certificate"`
	// Path location inside CMP server.
	CmpPath *string `pulumi:"cmpPath"`
	// CMP auto-regeneration method. Valid values: `keyupate`, `renewal`.
	CmpRegenerationMethod *string `pulumi:"cmpRegenerationMethod"`
	// 'ADDRESS:PORT' for CMP server.
	CmpServer *string `pulumi:"cmpServer"`
	// CMP server certificate.
	CmpServerCert *string `pulumi:"cmpServerCert"`
	// Comment.
	Comments *string `pulumi:"comments"`
	// Certificate Signing Request.
	Csr *string `pulumi:"csr"`
	// Certificate enrollment protocol.
	EnrollProtocol *string `pulumi:"enrollProtocol"`
	// CA identifier of the CA server for signing via EST.
	EstCaId *string `pulumi:"estCaId"`
	// Certificate used to authenticate this FortiGate to EST server.
	EstClientCert *string `pulumi:"estClientCert"`
	// HTTP Authentication password for signing via EST.
	EstHttpPassword *string `pulumi:"estHttpPassword"`
	// HTTP Authentication username for signing via EST.
	EstHttpUsername *string `pulumi:"estHttpUsername"`
	// Address and port for EST server (e.g. https://example.com:1234).
	EstServer *string `pulumi:"estServer"`
	// EST server's certificate must be verifiable by this certificate to be authenticated.
	EstServerCert *string `pulumi:"estServerCert"`
	// EST SRP authentication password.
	EstSrpPassword *string `pulumi:"estSrpPassword"`
	// EST SRP authentication username.
	EstSrpUsername *string `pulumi:"estSrpUsername"`
	// Local ID the FortiGate uses for authentication as a VPN client.
	IkeLocalid *string `pulumi:"ikeLocalid"`
	// IKE local ID type. Valid values: `asn1dn`, `fqdn`.
	IkeLocalidType *string `pulumi:"ikeLocalidType"`
	// Time at which certificate was last updated.
	LastUpdated *int `pulumi:"lastUpdated"`
	// Name.
	Name *string `pulumi:"name"`
	// Name encoding method for auto-regeneration. Valid values: `printable`, `utf8`.
	NameEncoding *string `pulumi:"nameEncoding"`
	// Password as a PEM file.
	Password *string `pulumi:"password"`
	// PEM format key, encrypted with a password.
	PrivateKey *string `pulumi:"privateKey"`
	// Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: `enable`, `disable`.
	PrivateKeyRetain *string `pulumi:"privateKeyRetain"`
	// Either a global or VDOM IP address range for the certificate. Valid values: `global`, `vdom`.
	Range *string `pulumi:"range"`
	// SCEP server challenge password for auto-regeneration.
	ScepPassword *string `pulumi:"scepPassword"`
	// SCEP server URL.
	ScepUrl *string `pulumi:"scepUrl"`
	// Certificate source type.
	Source *string `pulumi:"source"`
	// Source IP address for communications to the SCEP server.
	SourceIp *string `pulumi:"sourceIp"`
	// Certificate Signing Request State.
	State *string `pulumi:"state"`
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam *string `pulumi:"vdomparam"`
}

// The set of arguments for constructing a Local resource.
type LocalArgs struct {
	// The URL for the ACME CA server (Let's Encrypt is the default provider).
	AcmeCaUrl pulumi.StringPtrInput
	// A valid domain that resolves to this Fortigate.
	AcmeDomain pulumi.StringPtrInput
	// Contact email address that is required by some CAs like LetsEncrypt.
	AcmeEmail pulumi.StringPtrInput
	// Beginning of the renewal window (in days before certificate expiration, 30 by default).
	AcmeRenewWindow pulumi.IntPtrInput
	// Length of the RSA private key of the generated cert (Minimum 2048 bits).
	AcmeRsaKeySize pulumi.IntPtrInput
	// Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
	AutoRegenerateDays pulumi.IntPtrInput
	// Number of days to wait before an expiry warning message is generated (0 = disabled).
	AutoRegenerateDaysWarning pulumi.IntPtrInput
	// CA identifier of the CA server for signing via SCEP.
	CaIdentifier pulumi.StringPtrInput
	// PEM format certificate.
	Certificate pulumi.StringPtrInput
	// Path location inside CMP server.
	CmpPath pulumi.StringPtrInput
	// CMP auto-regeneration method. Valid values: `keyupate`, `renewal`.
	CmpRegenerationMethod pulumi.StringPtrInput
	// 'ADDRESS:PORT' for CMP server.
	CmpServer pulumi.StringPtrInput
	// CMP server certificate.
	CmpServerCert pulumi.StringPtrInput
	// Comment.
	Comments pulumi.StringPtrInput
	// Certificate Signing Request.
	Csr pulumi.StringPtrInput
	// Certificate enrollment protocol.
	EnrollProtocol pulumi.StringPtrInput
	// CA identifier of the CA server for signing via EST.
	EstCaId pulumi.StringPtrInput
	// Certificate used to authenticate this FortiGate to EST server.
	EstClientCert pulumi.StringPtrInput
	// HTTP Authentication password for signing via EST.
	EstHttpPassword pulumi.StringPtrInput
	// HTTP Authentication username for signing via EST.
	EstHttpUsername pulumi.StringPtrInput
	// Address and port for EST server (e.g. https://example.com:1234).
	EstServer pulumi.StringPtrInput
	// EST server's certificate must be verifiable by this certificate to be authenticated.
	EstServerCert pulumi.StringPtrInput
	// EST SRP authentication password.
	EstSrpPassword pulumi.StringPtrInput
	// EST SRP authentication username.
	EstSrpUsername pulumi.StringPtrInput
	// Local ID the FortiGate uses for authentication as a VPN client.
	IkeLocalid pulumi.StringPtrInput
	// IKE local ID type. Valid values: `asn1dn`, `fqdn`.
	IkeLocalidType pulumi.StringPtrInput
	// Time at which certificate was last updated.
	LastUpdated pulumi.IntPtrInput
	// Name.
	Name pulumi.StringPtrInput
	// Name encoding method for auto-regeneration. Valid values: `printable`, `utf8`.
	NameEncoding pulumi.StringPtrInput
	// Password as a PEM file.
	Password pulumi.StringPtrInput
	// PEM format key, encrypted with a password.
	PrivateKey pulumi.StringPtrInput
	// Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: `enable`, `disable`.
	PrivateKeyRetain pulumi.StringPtrInput
	// Either a global or VDOM IP address range for the certificate. Valid values: `global`, `vdom`.
	Range pulumi.StringPtrInput
	// SCEP server challenge password for auto-regeneration.
	ScepPassword pulumi.StringPtrInput
	// SCEP server URL.
	ScepUrl pulumi.StringPtrInput
	// Certificate source type.
	Source pulumi.StringPtrInput
	// Source IP address for communications to the SCEP server.
	SourceIp pulumi.StringPtrInput
	// Certificate Signing Request State.
	State pulumi.StringPtrInput
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam pulumi.StringPtrInput
}

func (LocalArgs) ElementType() reflect.Type {
	return reflect.TypeOf((*localArgs)(nil)).Elem()
}

type LocalInput interface {
	pulumi.Input

	ToLocalOutput() LocalOutput
	ToLocalOutputWithContext(ctx context.Context) LocalOutput
}

func (*Local) ElementType() reflect.Type {
	return reflect.TypeOf((**Local)(nil)).Elem()
}

func (i *Local) ToLocalOutput() LocalOutput {
	return i.ToLocalOutputWithContext(context.Background())
}

func (i *Local) ToLocalOutputWithContext(ctx context.Context) LocalOutput {
	return pulumi.ToOutputWithContext(ctx, i).(LocalOutput)
}

// LocalArrayInput is an input type that accepts LocalArray and LocalArrayOutput values.
// You can construct a concrete instance of `LocalArrayInput` via:
//
//	LocalArray{ LocalArgs{...} }
type LocalArrayInput interface {
	pulumi.Input

	ToLocalArrayOutput() LocalArrayOutput
	ToLocalArrayOutputWithContext(context.Context) LocalArrayOutput
}

type LocalArray []LocalInput

func (LocalArray) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*Local)(nil)).Elem()
}

func (i LocalArray) ToLocalArrayOutput() LocalArrayOutput {
	return i.ToLocalArrayOutputWithContext(context.Background())
}

func (i LocalArray) ToLocalArrayOutputWithContext(ctx context.Context) LocalArrayOutput {
	return pulumi.ToOutputWithContext(ctx, i).(LocalArrayOutput)
}

// LocalMapInput is an input type that accepts LocalMap and LocalMapOutput values.
// You can construct a concrete instance of `LocalMapInput` via:
//
//	LocalMap{ "key": LocalArgs{...} }
type LocalMapInput interface {
	pulumi.Input

	ToLocalMapOutput() LocalMapOutput
	ToLocalMapOutputWithContext(context.Context) LocalMapOutput
}

type LocalMap map[string]LocalInput

func (LocalMap) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*Local)(nil)).Elem()
}

func (i LocalMap) ToLocalMapOutput() LocalMapOutput {
	return i.ToLocalMapOutputWithContext(context.Background())
}

func (i LocalMap) ToLocalMapOutputWithContext(ctx context.Context) LocalMapOutput {
	return pulumi.ToOutputWithContext(ctx, i).(LocalMapOutput)
}

type LocalOutput struct{ *pulumi.OutputState }

func (LocalOutput) ElementType() reflect.Type {
	return reflect.TypeOf((**Local)(nil)).Elem()
}

func (o LocalOutput) ToLocalOutput() LocalOutput {
	return o
}

func (o LocalOutput) ToLocalOutputWithContext(ctx context.Context) LocalOutput {
	return o
}

// The URL for the ACME CA server (Let's Encrypt is the default provider).
func (o LocalOutput) AcmeCaUrl() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.AcmeCaUrl }).(pulumi.StringOutput)
}

// A valid domain that resolves to this Fortigate.
func (o LocalOutput) AcmeDomain() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.AcmeDomain }).(pulumi.StringOutput)
}

// Contact email address that is required by some CAs like LetsEncrypt.
func (o LocalOutput) AcmeEmail() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.AcmeEmail }).(pulumi.StringOutput)
}

// Beginning of the renewal window (in days before certificate expiration, 30 by default).
func (o LocalOutput) AcmeRenewWindow() pulumi.IntOutput {
	return o.ApplyT(func(v *Local) pulumi.IntOutput { return v.AcmeRenewWindow }).(pulumi.IntOutput)
}

// Length of the RSA private key of the generated cert (Minimum 2048 bits).
func (o LocalOutput) AcmeRsaKeySize() pulumi.IntOutput {
	return o.ApplyT(func(v *Local) pulumi.IntOutput { return v.AcmeRsaKeySize }).(pulumi.IntOutput)
}

// Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
func (o LocalOutput) AutoRegenerateDays() pulumi.IntOutput {
	return o.ApplyT(func(v *Local) pulumi.IntOutput { return v.AutoRegenerateDays }).(pulumi.IntOutput)
}

// Number of days to wait before an expiry warning message is generated (0 = disabled).
func (o LocalOutput) AutoRegenerateDaysWarning() pulumi.IntOutput {
	return o.ApplyT(func(v *Local) pulumi.IntOutput { return v.AutoRegenerateDaysWarning }).(pulumi.IntOutput)
}

// CA identifier of the CA server for signing via SCEP.
func (o LocalOutput) CaIdentifier() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.CaIdentifier }).(pulumi.StringOutput)
}

// PEM format certificate.
func (o LocalOutput) Certificate() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.Certificate }).(pulumi.StringOutput)
}

// Path location inside CMP server.
func (o LocalOutput) CmpPath() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.CmpPath }).(pulumi.StringOutput)
}

// CMP auto-regeneration method. Valid values: `keyupate`, `renewal`.
func (o LocalOutput) CmpRegenerationMethod() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.CmpRegenerationMethod }).(pulumi.StringOutput)
}

// 'ADDRESS:PORT' for CMP server.
func (o LocalOutput) CmpServer() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.CmpServer }).(pulumi.StringOutput)
}

// CMP server certificate.
func (o LocalOutput) CmpServerCert() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.CmpServerCert }).(pulumi.StringOutput)
}

// Comment.
func (o LocalOutput) Comments() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.Comments }).(pulumi.StringOutput)
}

// Certificate Signing Request.
func (o LocalOutput) Csr() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.Csr }).(pulumi.StringOutput)
}

// Certificate enrollment protocol.
func (o LocalOutput) EnrollProtocol() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EnrollProtocol }).(pulumi.StringOutput)
}

// CA identifier of the CA server for signing via EST.
func (o LocalOutput) EstCaId() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstCaId }).(pulumi.StringOutput)
}

// Certificate used to authenticate this FortiGate to EST server.
func (o LocalOutput) EstClientCert() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstClientCert }).(pulumi.StringOutput)
}

// HTTP Authentication password for signing via EST.
func (o LocalOutput) EstHttpPassword() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstHttpPassword }).(pulumi.StringOutput)
}

// HTTP Authentication username for signing via EST.
func (o LocalOutput) EstHttpUsername() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstHttpUsername }).(pulumi.StringOutput)
}

// Address and port for EST server (e.g. https://example.com:1234).
func (o LocalOutput) EstServer() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstServer }).(pulumi.StringOutput)
}

// EST server's certificate must be verifiable by this certificate to be authenticated.
func (o LocalOutput) EstServerCert() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstServerCert }).(pulumi.StringOutput)
}

// EST SRP authentication password.
func (o LocalOutput) EstSrpPassword() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstSrpPassword }).(pulumi.StringOutput)
}

// EST SRP authentication username.
func (o LocalOutput) EstSrpUsername() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.EstSrpUsername }).(pulumi.StringOutput)
}

// Local ID the FortiGate uses for authentication as a VPN client.
func (o LocalOutput) IkeLocalid() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.IkeLocalid }).(pulumi.StringOutput)
}

// IKE local ID type. Valid values: `asn1dn`, `fqdn`.
func (o LocalOutput) IkeLocalidType() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.IkeLocalidType }).(pulumi.StringOutput)
}

// Time at which certificate was last updated.
func (o LocalOutput) LastUpdated() pulumi.IntOutput {
	return o.ApplyT(func(v *Local) pulumi.IntOutput { return v.LastUpdated }).(pulumi.IntOutput)
}

// Name.
func (o LocalOutput) Name() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput)
}

// Name encoding method for auto-regeneration. Valid values: `printable`, `utf8`.
func (o LocalOutput) NameEncoding() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.NameEncoding }).(pulumi.StringOutput)
}

// Password as a PEM file.
func (o LocalOutput) Password() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *Local) pulumi.StringPtrOutput { return v.Password }).(pulumi.StringPtrOutput)
}

// PEM format key, encrypted with a password.
func (o LocalOutput) PrivateKey() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.PrivateKey }).(pulumi.StringOutput)
}

// Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: `enable`, `disable`.
func (o LocalOutput) PrivateKeyRetain() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.PrivateKeyRetain }).(pulumi.StringOutput)
}

// Either a global or VDOM IP address range for the certificate. Valid values: `global`, `vdom`.
func (o LocalOutput) Range() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.Range }).(pulumi.StringOutput)
}

// SCEP server challenge password for auto-regeneration.
func (o LocalOutput) ScepPassword() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *Local) pulumi.StringPtrOutput { return v.ScepPassword }).(pulumi.StringPtrOutput)
}

// SCEP server URL.
func (o LocalOutput) ScepUrl() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.ScepUrl }).(pulumi.StringOutput)
}

// Certificate source type.
func (o LocalOutput) Source() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.Source }).(pulumi.StringOutput)
}

// Source IP address for communications to the SCEP server.
func (o LocalOutput) SourceIp() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.SourceIp }).(pulumi.StringOutput)
}

// Certificate Signing Request State.
func (o LocalOutput) State() pulumi.StringOutput {
	return o.ApplyT(func(v *Local) pulumi.StringOutput { return v.State }).(pulumi.StringOutput)
}

// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
func (o LocalOutput) Vdomparam() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *Local) pulumi.StringPtrOutput { return v.Vdomparam }).(pulumi.StringPtrOutput)
}

type LocalArrayOutput struct{ *pulumi.OutputState }

func (LocalArrayOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*Local)(nil)).Elem()
}

func (o LocalArrayOutput) ToLocalArrayOutput() LocalArrayOutput {
	return o
}

func (o LocalArrayOutput) ToLocalArrayOutputWithContext(ctx context.Context) LocalArrayOutput {
	return o
}

func (o LocalArrayOutput) Index(i pulumi.IntInput) LocalOutput {
	return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Local {
		return vs[0].([]*Local)[vs[1].(int)]
	}).(LocalOutput)
}

type LocalMapOutput struct{ *pulumi.OutputState }

func (LocalMapOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*Local)(nil)).Elem()
}

func (o LocalMapOutput) ToLocalMapOutput() LocalMapOutput {
	return o
}

func (o LocalMapOutput) ToLocalMapOutputWithContext(ctx context.Context) LocalMapOutput {
	return o
}

func (o LocalMapOutput) MapIndex(k pulumi.StringInput) LocalOutput {
	return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Local {
		return vs[0].(map[string]*Local)[vs[1].(string)]
	}).(LocalOutput)
}

func init() {
	pulumi.RegisterInputType(reflect.TypeOf((*LocalInput)(nil)).Elem(), &Local{})
	pulumi.RegisterInputType(reflect.TypeOf((*LocalArrayInput)(nil)).Elem(), LocalArray{})
	pulumi.RegisterInputType(reflect.TypeOf((*LocalMapInput)(nil)).Elem(), LocalMap{})
	pulumi.RegisterOutputType(LocalOutput{})
	pulumi.RegisterOutputType(LocalArrayOutput{})
	pulumi.RegisterOutputType(LocalMapOutput{})
}