{"name":"venafi","version":"1.12.3","description":"A Pulumi package for creating and managing venafi cloud resources.","keywords":["pulumi","venafi"],"homepage":"https://pulumi.io","license":"Apache-2.0","attribution":"This Pulumi package is based on the [`venafi` Terraform Provider](https://github.com/Venafi/terraform-provider-venafi).","repository":"https://github.com/pulumi/pulumi-venafi","meta":{"moduleFormat":"(.*)(?:/[^/]*)"},"language":{"csharp":{"packageReferences":{"Pulumi":"3.*"},"compatibility":"tfbridge20","respectSchemaVersion":true},"go":{"importBasePath":"github.com/pulumi/pulumi-venafi/sdk/go/venafi","generateResourceContainerTypes":true,"generateExtraInputTypes":true,"respectSchemaVersion":true},"nodejs":{"packageDescription":"A Pulumi package for creating and managing venafi cloud resources.","readme":"\u003e This provider is a derived work of the [Terraform Provider](https://github.com/Venafi/terraform-provider-venafi)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-venafi` repo](https://github.com/pulumi/pulumi-venafi/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-venafi` repo](https://github.com/Venafi/terraform-provider-venafi/issues).","devDependencies":{"@types/mime":"^2.0.0","@types/node":"^10.0.0"},"compatibility":"tfbridge20","disableUnionOutputTypes":true,"respectSchemaVersion":true},"python":{"readme":"\u003e This provider is a derived work of the [Terraform Provider](https://github.com/Venafi/terraform-provider-venafi)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-venafi` repo](https://github.com/pulumi/pulumi-venafi/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-venafi` repo](https://github.com/Venafi/terraform-provider-venafi/issues).","compatibility":"tfbridge20","respectSchemaVersion":true,"pyproject":{"enabled":true}}},"config":{"variables":{"accessToken":{"type":"string","description":"Access token for Venafi TLSPDC, user should use this for authentication","secret":true},"apiKey":{"type":"string","description":"API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d","secret":true},"clientId":{"type":"string","description":"application that will be using the token"},"devMode":{"type":"boolean","description":"When set to true, the resulting certificate will be issued by an ephemeral, no trust CA rather than enrolling using Venafi as a Service or Trust Protection Platform. Useful for development and testing"},"externalJwt":{"type":"string","description":"JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token","secret":true},"p12CertData":{"type":"string","description":"Base64 encoded PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC"},"p12CertFilename":{"type":"string","description":"Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC"},"p12CertPassword":{"type":"string","description":"Password for the PKCS#12 keystore declared in\u003cspan pulumi-lang-nodejs=\" p12Cert \" pulumi-lang-dotnet=\" P12Cert \" pulumi-lang-go=\" p12Cert \" pulumi-lang-python=\" p12_cert \" pulumi-lang-yaml=\" p12Cert \" pulumi-lang-java=\" p12Cert \"\u003e p12_cert \u003c/span\u003e/ p12_cert_data","secret":true},"skipRetirement":{"type":"boolean","description":"When true, certificates will not be retired on Venafi platforms when terraform destroy is run. Default is false"},"tokenUrl":{"type":"string","description":"Endpoint URL to request new Venafi Control Plane access tokens","secret":true},"tppPassword":{"type":"string","description":"Password for WebSDK user. Example: password","deprecationMessage":", please use\u003cspan pulumi-lang-nodejs=\" accessToken \" pulumi-lang-dotnet=\" AccessToken \" pulumi-lang-go=\" accessToken \" pulumi-lang-python=\" access_token \" pulumi-lang-yaml=\" accessToken \" pulumi-lang-java=\" accessToken \"\u003e access_token \u003c/span\u003einstead","secret":true},"tppUsername":{"type":"string","description":"WebSDK user for Venafi TLSPDC. Example: admin","deprecationMessage":", please use\u003cspan pulumi-lang-nodejs=\" accessToken \" pulumi-lang-dotnet=\" AccessToken \" pulumi-lang-go=\" accessToken \" pulumi-lang-python=\" access_token \" pulumi-lang-yaml=\" accessToken \" pulumi-lang-java=\" accessToken \"\u003e access_token \u003c/span\u003einstead"},"trustBundle":{"type":"string","description":"Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the Venafi Web Service.\nExample:\n \u003cspan pulumi-lang-nodejs=\" trustBundle \" pulumi-lang-dotnet=\" TrustBundle \" pulumi-lang-go=\" trustBundle \" pulumi-lang-python=\" trust_bundle \" pulumi-lang-yaml=\" trustBundle \" pulumi-lang-java=\" trustBundle \"\u003e trust_bundle \u003c/span\u003e= \"${file(\"chain.pem\")}\""},"url":{"type":"string","description":"The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk"},"zone":{"type":"string","description":"DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias. \nExample for Platform: testPolicy\\\\vault\nExample for Venafi as a Service: myApp\\\\Default"}}},"provider":{"description":"The provider type for the venafi package. By default, resources use package-wide configuration\nsettings, however an explicit `Provider` instance may be created and passed during resource\nconstruction to achieve fine-grained programmatic control over provider settings. See the\n[documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.\n","properties":{"accessToken":{"type":"string","description":"Access token for Venafi TLSPDC, user should use this for authentication","secret":true},"apiKey":{"type":"string","description":"API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d","secret":true},"clientId":{"type":"string","description":"application that will be using the token"},"devMode":{"type":"boolean","description":"When set to true, the resulting certificate will be issued by an ephemeral, no trust CA rather than enrolling using Venafi as a Service or Trust Protection Platform. Useful for development and testing"},"externalJwt":{"type":"string","description":"JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token","secret":true},"p12CertData":{"type":"string","description":"Base64 encoded PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC"},"p12CertFilename":{"type":"string","description":"Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC"},"p12CertPassword":{"type":"string","description":"Password for the PKCS#12 keystore declared in\u003cspan pulumi-lang-nodejs=\" p12Cert \" pulumi-lang-dotnet=\" P12Cert \" pulumi-lang-go=\" p12Cert \" pulumi-lang-python=\" p12_cert \" pulumi-lang-yaml=\" p12Cert \" pulumi-lang-java=\" p12Cert \"\u003e p12_cert \u003c/span\u003e/ p12_cert_data","secret":true},"skipRetirement":{"type":"boolean","description":"When true, certificates will not be retired on Venafi platforms when terraform destroy is run. Default is false"},"tokenUrl":{"type":"string","description":"Endpoint URL to request new Venafi Control Plane access tokens","secret":true},"tppPassword":{"type":"string","description":"Password for WebSDK user. Example: password","deprecationMessage":", please use\u003cspan pulumi-lang-nodejs=\" accessToken \" pulumi-lang-dotnet=\" AccessToken \" pulumi-lang-go=\" accessToken \" pulumi-lang-python=\" access_token \" pulumi-lang-yaml=\" accessToken \" pulumi-lang-java=\" accessToken \"\u003e access_token \u003c/span\u003einstead","secret":true},"tppUsername":{"type":"string","description":"WebSDK user for Venafi TLSPDC. Example: admin","deprecationMessage":", please use\u003cspan pulumi-lang-nodejs=\" accessToken \" pulumi-lang-dotnet=\" AccessToken \" pulumi-lang-go=\" accessToken \" pulumi-lang-python=\" access_token \" pulumi-lang-yaml=\" accessToken \" pulumi-lang-java=\" accessToken \"\u003e access_token \u003c/span\u003einstead"},"trustBundle":{"type":"string","description":"Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the Venafi Web Service.\nExample:\n \u003cspan pulumi-lang-nodejs=\" trustBundle \" pulumi-lang-dotnet=\" TrustBundle \" pulumi-lang-go=\" trustBundle \" pulumi-lang-python=\" trust_bundle \" pulumi-lang-yaml=\" trustBundle \" pulumi-lang-java=\" trustBundle \"\u003e trust_bundle \u003c/span\u003e= \"${file(\"chain.pem\")}\""},"url":{"type":"string","description":"The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk"},"zone":{"type":"string","description":"DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias. \nExample for Platform: testPolicy\\\\vault\nExample for Venafi as a Service: myApp\\\\Default"}},"inputProperties":{"accessToken":{"type":"string","description":"Access token for Venafi TLSPDC, user should use this for authentication","secret":true},"apiKey":{"type":"string","description":"API key for Venafi Control Plane. Example: 142231b7-cvb0-412e-886b-6aeght0bc93d","secret":true},"clientId":{"type":"string","description":"application that will be using the token"},"devMode":{"type":"boolean","description":"When set to true, the resulting certificate will be issued by an ephemeral, no trust CA rather than enrolling using Venafi as a Service or Trust Protection Platform. Useful for development and testing"},"externalJwt":{"type":"string","description":"JWT of the identity provider associated to the Venafi Control Plane service account that is granting the access token","secret":true},"p12CertData":{"type":"string","description":"Base64 encoded PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC"},"p12CertFilename":{"type":"string","description":"Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to TLSPDC"},"p12CertPassword":{"type":"string","description":"Password for the PKCS#12 keystore declared in\u003cspan pulumi-lang-nodejs=\" p12Cert \" pulumi-lang-dotnet=\" P12Cert \" pulumi-lang-go=\" p12Cert \" pulumi-lang-python=\" p12_cert \" pulumi-lang-yaml=\" p12Cert \" pulumi-lang-java=\" p12Cert \"\u003e p12_cert \u003c/span\u003e/ p12_cert_data","secret":true},"skipRetirement":{"type":"boolean","description":"When true, certificates will not be retired on Venafi platforms when terraform destroy is run. Default is false"},"tokenUrl":{"type":"string","description":"Endpoint URL to request new Venafi Control Plane access tokens","secret":true},"tppPassword":{"type":"string","description":"Password for WebSDK user. Example: password","deprecationMessage":", please use\u003cspan pulumi-lang-nodejs=\" accessToken \" pulumi-lang-dotnet=\" AccessToken \" pulumi-lang-go=\" accessToken \" pulumi-lang-python=\" access_token \" pulumi-lang-yaml=\" accessToken \" pulumi-lang-java=\" accessToken \"\u003e access_token \u003c/span\u003einstead","secret":true},"tppUsername":{"type":"string","description":"WebSDK user for Venafi TLSPDC. Example: admin","deprecationMessage":", please use\u003cspan pulumi-lang-nodejs=\" accessToken \" pulumi-lang-dotnet=\" AccessToken \" pulumi-lang-go=\" accessToken \" pulumi-lang-python=\" access_token \" pulumi-lang-yaml=\" accessToken \" pulumi-lang-java=\" accessToken \"\u003e access_token \u003c/span\u003einstead"},"trustBundle":{"type":"string","description":"Use to specify a PEM-formatted file that contains certificates to be trust anchors for all communications with the Venafi Web Service.\nExample:\n \u003cspan pulumi-lang-nodejs=\" trustBundle \" pulumi-lang-dotnet=\" TrustBundle \" pulumi-lang-go=\" trustBundle \" pulumi-lang-python=\" trust_bundle \" pulumi-lang-yaml=\" trustBundle \" pulumi-lang-java=\" trustBundle \"\u003e trust_bundle \u003c/span\u003e= \"${file(\"chain.pem\")}\""},"url":{"type":"string","description":"The Venafi Platform URL. Example: https://tpp.venafi.example/vedsdk"},"zone":{"type":"string","description":"DN of the Venafi TLSPDC policy folder or name of the Venafi as a Service application plus issuing template alias. \nExample for Platform: testPolicy\\\\vault\nExample for Venafi as a Service: myApp\\\\Default"}},"methods":{"terraformConfig":"pulumi:providers:venafi/terraformConfig"}},"resources":{"venafi:index/certificate:Certificate":{"description":"!\u003e We dropped support for RSA PKCS#1 formatted keys for TLS certificates in version 15.0 and also for EC Keys in version \n0.15.4 (you can find out more about this transition in [here](https://github.com/Venafi/vcert/releases/tag/v4.17.0)). \nFor backward compatibility during Terraform state refresh please update to version 0.15.5 or above.\n\nProvides access to TLS key and certificate data enrolled using Venafi. This can be used to define a certificate.\n\nThe \u003cspan pulumi-lang-nodejs=\"`venafi.Certificate`\" pulumi-lang-dotnet=\"`venafi.Certificate`\" pulumi-lang-go=\"`Certificate`\" pulumi-lang-python=\"`Certificate`\" pulumi-lang-yaml=\"`venafi.Certificate`\" pulumi-lang-java=\"`venafi.Certificate`\"\u003e`venafi.Certificate`\u003c/span\u003e resource handles certificate renewals as long as a\n`pulumi up` is run within the \u003cspan pulumi-lang-nodejs=\"`expirationWindow`\" pulumi-lang-dotnet=\"`ExpirationWindow`\" pulumi-lang-go=\"`expirationWindow`\" pulumi-lang-python=\"`expiration_window`\" pulumi-lang-yaml=\"`expirationWindow`\" pulumi-lang-java=\"`expirationWindow`\"\u003e`expiration_window`\u003c/span\u003e period. Keep in mind that the\n\u003cspan pulumi-lang-nodejs=\"`expirationWindow`\" pulumi-lang-dotnet=\"`ExpirationWindow`\" pulumi-lang-go=\"`expirationWindow`\" pulumi-lang-python=\"`expiration_window`\" pulumi-lang-yaml=\"`expirationWindow`\" pulumi-lang-java=\"`expirationWindow`\"\u003e`expiration_window`\u003c/span\u003e in the provider configuration needs to align with the renewal\nwindow of the issuing CA to achieve the desired result.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as venafi from \"@pulumi/venafi\";\n\nconst webserver = new venafi.Certificate(\"webserver\", {\n commonName: \"web.venafi.example\",\n sanDns: [\n \"web01.venafi.example\",\n \"web02.venafi.example\",\n ],\n algorithm: \"RSA\",\n rsaBits: 2048,\n keyPassword: pkPass,\n customFields: {\n \"Cost Center\": \"AB1234\",\n Environment: \"UAT|Staging\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_venafi as venafi\n\nwebserver = venafi.Certificate(\"webserver\",\n common_name=\"web.venafi.example\",\n san_dns=[\n \"web01.venafi.example\",\n \"web02.venafi.example\",\n ],\n algorithm=\"RSA\",\n rsa_bits=2048,\n key_password=pk_pass,\n custom_fields={\n \"Cost Center\": \"AB1234\",\n \"Environment\": \"UAT|Staging\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var webserver = new Venafi.Certificate(\"webserver\", new()\n {\n CommonName = \"web.venafi.example\",\n SanDns = new[]\n {\n \"web01.venafi.example\",\n \"web02.venafi.example\",\n },\n Algorithm = \"RSA\",\n RsaBits = 2048,\n KeyPassword = pkPass,\n CustomFields = \n {\n { \"Cost Center\", \"AB1234\" },\n { \"Environment\", \"UAT|Staging\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := venafi.NewCertificate(ctx, \"webserver\", \u0026venafi.CertificateArgs{\n\t\t\tCommonName: pulumi.String(\"web.venafi.example\"),\n\t\t\tSanDns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"web01.venafi.example\"),\n\t\t\t\tpulumi.String(\"web02.venafi.example\"),\n\t\t\t},\n\t\t\tAlgorithm: pulumi.String(\"RSA\"),\n\t\t\tRsaBits: pulumi.Int(2048),\n\t\t\tKeyPassword: pulumi.Any(pkPass),\n\t\t\tCustomFields: pulumi.StringMap{\n\t\t\t\t\"Cost Center\": pulumi.String(\"AB1234\"),\n\t\t\t\t\"Environment\": pulumi.String(\"UAT|Staging\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.Certificate;\nimport com.pulumi.venafi.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var webserver = new Certificate(\"webserver\", CertificateArgs.builder()\n .commonName(\"web.venafi.example\")\n .sanDns( \n \"web01.venafi.example\",\n \"web02.venafi.example\")\n .algorithm(\"RSA\")\n .rsaBits(2048)\n .keyPassword(pkPass)\n .customFields(Map.ofEntries(\n Map.entry(\"Cost Center\", \"AB1234\"),\n Map.entry(\"Environment\", \"UAT|Staging\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n webserver:\n type: venafi:Certificate\n properties:\n commonName: web.venafi.example\n sanDns:\n - web01.venafi.example\n - web02.venafi.example\n algorithm: RSA\n rsaBits: '2048'\n keyPassword: ${pkPass}\n customFields:\n Cost Center: AB1234\n Environment: UAT|Staging\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Certificate Renewal\n\nThe \u003cspan pulumi-lang-nodejs=\"`venafi.Certificate`\" pulumi-lang-dotnet=\"`venafi.Certificate`\" pulumi-lang-go=\"`Certificate`\" pulumi-lang-python=\"`Certificate`\" pulumi-lang-yaml=\"`venafi.Certificate`\" pulumi-lang-java=\"`venafi.Certificate`\"\u003e`venafi.Certificate`\u003c/span\u003e resource handles certificate renewals as long as a\n`pulumi up` is done within the \u003cspan pulumi-lang-nodejs=\"`expirationWindow`\" pulumi-lang-dotnet=\"`ExpirationWindow`\" pulumi-lang-go=\"`expirationWindow`\" pulumi-lang-python=\"`expiration_window`\" pulumi-lang-yaml=\"`expirationWindow`\" pulumi-lang-java=\"`expirationWindow`\"\u003e`expiration_window`\u003c/span\u003e period. Keep in mind that the\n\u003cspan pulumi-lang-nodejs=\"`expirationWindow`\" pulumi-lang-dotnet=\"`ExpirationWindow`\" pulumi-lang-go=\"`expirationWindow`\" pulumi-lang-python=\"`expiration_window`\" pulumi-lang-yaml=\"`expirationWindow`\" pulumi-lang-java=\"`expirationWindow`\"\u003e`expiration_window`\u003c/span\u003e in the Terraform configuration needs to align with the renewal\nwindow of the issuing CA to achieve the desired result.\n","properties":{"algorithm":{"type":"string","description":"Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.\n"},"certificate":{"type":"string","description":"The X509 certificate in PEM format.\n","language":{"csharp":{"name":"CertificateDetails"}}},"certificateDn":{"type":"string"},"certificateId":{"type":"string","description":"ID of the issued certificate"},"chain":{"type":"string","description":"The trust chain of X509 certificate authority certificates in PEM format concatenated together.\n"},"commonName":{"type":"string","description":"The common name of the certificate.\n"},"country":{"type":"string","description":"Country of the certificate (C)"},"csrOrigin":{"type":"string","description":"Whether key-pair generation will be \u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`service`\" pulumi-lang-dotnet=\"`Service`\" pulumi-lang-go=\"`service`\" pulumi-lang-python=\"`service`\" pulumi-lang-yaml=\"`service`\" pulumi-lang-java=\"`service`\"\u003e`service`\u003c/span\u003e generated. Default is \n\u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e.\n"},"csrPem":{"type":"string"},"customFields":{"type":"object","additionalProperties":{"type":"string"},"description":"Collection of Custom Field name-value pairs to assign to the certificate.\n"},"ecdsaCurve":{"type":"string","description":"ECDSA curve to use when generating a key"},"expirationWindow":{"type":"integer","description":"Number of hours before certificate expiry to request a new certificate. \nDefaults to \u003cspan pulumi-lang-nodejs=\"`168`\" pulumi-lang-dotnet=\"`168`\" pulumi-lang-go=\"`168`\" pulumi-lang-python=\"`168`\" pulumi-lang-yaml=\"`168`\" pulumi-lang-java=\"`168`\"\u003e`168`\u003c/span\u003e.\n"},"issuerHint":{"type":"string","description":"Used with \u003cspan pulumi-lang-nodejs=\"`validDays`\" pulumi-lang-dotnet=\"`ValidDays`\" pulumi-lang-go=\"`validDays`\" pulumi-lang-python=\"`valid_days`\" pulumi-lang-yaml=\"`validDays`\" pulumi-lang-java=\"`validDays`\"\u003e`valid_days`\u003c/span\u003e to indicate the target issuer when using Trust Protection \nPlatform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.\n"},"keyPassword":{"type":"string","description":"The password used to encrypt the private key.\n","secret":true},"locality":{"type":"string","description":"Locality/City of the certificate (L)"},"nickname":{"type":"string","description":"Use to specify a name for the new certificate object that will be created and placed \nin a policy. Only valid for Trust Protection Platform.\n"},"organization":{"type":"string","description":"Organization of the certificate (O)"},"organizationalUnits":{"type":"array","items":{"type":"string"},"description":"List of Organizational Units of the certificate (OU)"},"pkcs12":{"type":"string","description":"A base64-encoded PKCS#12 keystore secured by the \u003cspan pulumi-lang-nodejs=\"`keyPassword`\" pulumi-lang-dotnet=\"`KeyPassword`\" pulumi-lang-go=\"`keyPassword`\" pulumi-lang-python=\"`key_password`\" pulumi-lang-yaml=\"`keyPassword`\" pulumi-lang-java=\"`keyPassword`\"\u003e`key_password`\u003c/span\u003e. Useful when working with resources like \nazure key_vault_certificate.\n"},"privateKeyPem":{"type":"string","description":"The private key in PEM format.\n","secret":true},"renewRequired":{"type":"boolean","description":"Indicates the certificate should be reissued. This means the resource will destroyed and recreated"},"rsaBits":{"type":"integer","description":"Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. \nDefaults to \u003cspan pulumi-lang-nodejs=\"`2048`\" pulumi-lang-dotnet=\"`2048`\" pulumi-lang-go=\"`2048`\" pulumi-lang-python=\"`2048`\" pulumi-lang-yaml=\"`2048`\" pulumi-lang-java=\"`2048`\"\u003e`2048`\u003c/span\u003e.\n"},"sanDns":{"type":"array","items":{"type":"string"},"description":"List of DNS names to use as alternative subjects of the certificate.\n"},"sanEmails":{"type":"array","items":{"type":"string"},"description":"List of email addresses to use as alternative subjects of the certificate.\n"},"sanIps":{"type":"array","items":{"type":"string"},"description":"List of IP addresses to use as alternative subjects of the certificate.\n"},"sanUris":{"type":"array","items":{"type":"string"},"description":"List of Uniform Resource Identifiers (URIs) to use as alternative subjects of \nthe certificate.\n"},"state":{"type":"string","description":"State of the certificate (S)"},"tags":{"type":"array","items":{"type":"string"},"description":"List of Certificate Tags defined in Venafi Control Plane.\n"},"validDays":{"type":"integer","description":"Desired number of days for which the new certificate will be valid.\n"}},"required":["certificate","certificateDn","certificateId","chain","commonName","csrPem","pkcs12","privateKeyPem"],"inputProperties":{"algorithm":{"type":"string","description":"Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.\n","willReplaceOnChanges":true},"certificateDn":{"type":"string"},"commonName":{"type":"string","description":"The common name of the certificate.\n","willReplaceOnChanges":true},"country":{"type":"string","description":"Country of the certificate (C)","willReplaceOnChanges":true},"csrOrigin":{"type":"string","description":"Whether key-pair generation will be \u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`service`\" pulumi-lang-dotnet=\"`Service`\" pulumi-lang-go=\"`service`\" pulumi-lang-python=\"`service`\" pulumi-lang-yaml=\"`service`\" pulumi-lang-java=\"`service`\"\u003e`service`\u003c/span\u003e generated. Default is \n\u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e.\n","willReplaceOnChanges":true},"csrPem":{"type":"string"},"customFields":{"type":"object","additionalProperties":{"type":"string"},"description":"Collection of Custom Field name-value pairs to assign to the certificate.\n","willReplaceOnChanges":true},"ecdsaCurve":{"type":"string","description":"ECDSA curve to use when generating a key","willReplaceOnChanges":true},"expirationWindow":{"type":"integer","description":"Number of hours before certificate expiry to request a new certificate. \nDefaults to \u003cspan pulumi-lang-nodejs=\"`168`\" pulumi-lang-dotnet=\"`168`\" pulumi-lang-go=\"`168`\" pulumi-lang-python=\"`168`\" pulumi-lang-yaml=\"`168`\" pulumi-lang-java=\"`168`\"\u003e`168`\u003c/span\u003e.\n"},"issuerHint":{"type":"string","description":"Used with \u003cspan pulumi-lang-nodejs=\"`validDays`\" pulumi-lang-dotnet=\"`ValidDays`\" pulumi-lang-go=\"`validDays`\" pulumi-lang-python=\"`valid_days`\" pulumi-lang-yaml=\"`validDays`\" pulumi-lang-java=\"`validDays`\"\u003e`valid_days`\u003c/span\u003e to indicate the target issuer when using Trust Protection \nPlatform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.\n","willReplaceOnChanges":true},"keyPassword":{"type":"string","description":"The password used to encrypt the private key.\n","secret":true,"willReplaceOnChanges":true},"locality":{"type":"string","description":"Locality/City of the certificate (L)","willReplaceOnChanges":true},"nickname":{"type":"string","description":"Use to specify a name for the new certificate object that will be created and placed \nin a policy. Only valid for Trust Protection Platform.\n","willReplaceOnChanges":true},"organization":{"type":"string","description":"Organization of the certificate (O)","willReplaceOnChanges":true},"organizationalUnits":{"type":"array","items":{"type":"string"},"description":"List of Organizational Units of the certificate (OU)","willReplaceOnChanges":true},"pkcs12":{"type":"string","description":"A base64-encoded PKCS#12 keystore secured by the \u003cspan pulumi-lang-nodejs=\"`keyPassword`\" pulumi-lang-dotnet=\"`KeyPassword`\" pulumi-lang-go=\"`keyPassword`\" pulumi-lang-python=\"`key_password`\" pulumi-lang-yaml=\"`keyPassword`\" pulumi-lang-java=\"`keyPassword`\"\u003e`key_password`\u003c/span\u003e. Useful when working with resources like \nazure key_vault_certificate.\n"},"privateKeyPem":{"type":"string","description":"The private key in PEM format.\n","secret":true},"renewRequired":{"type":"boolean","description":"Indicates the certificate should be reissued. This means the resource will destroyed and recreated","willReplaceOnChanges":true},"rsaBits":{"type":"integer","description":"Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. \nDefaults to \u003cspan pulumi-lang-nodejs=\"`2048`\" pulumi-lang-dotnet=\"`2048`\" pulumi-lang-go=\"`2048`\" pulumi-lang-python=\"`2048`\" pulumi-lang-yaml=\"`2048`\" pulumi-lang-java=\"`2048`\"\u003e`2048`\u003c/span\u003e.\n","willReplaceOnChanges":true},"sanDns":{"type":"array","items":{"type":"string"},"description":"List of DNS names to use as alternative subjects of the certificate.\n","willReplaceOnChanges":true},"sanEmails":{"type":"array","items":{"type":"string"},"description":"List of email addresses to use as alternative subjects of the certificate.\n","willReplaceOnChanges":true},"sanIps":{"type":"array","items":{"type":"string"},"description":"List of IP addresses to use as alternative subjects of the certificate.\n","willReplaceOnChanges":true},"sanUris":{"type":"array","items":{"type":"string"},"description":"List of Uniform Resource Identifiers (URIs) to use as alternative subjects of \nthe certificate.\n","willReplaceOnChanges":true},"state":{"type":"string","description":"State of the certificate (S)","willReplaceOnChanges":true},"tags":{"type":"array","items":{"type":"string"},"description":"List of Certificate Tags defined in Venafi Control Plane.\n"},"validDays":{"type":"integer","description":"Desired number of days for which the new certificate will be valid.\n","willReplaceOnChanges":true}},"requiredInputs":["commonName"],"stateInputs":{"description":"Input properties used for looking up and filtering Certificate resources.\n","properties":{"algorithm":{"type":"string","description":"Key encryption algorithm, either RSA or ECDSA. Defaults to `RSA`.\n","willReplaceOnChanges":true},"certificate":{"type":"string","description":"The X509 certificate in PEM format.\n","language":{"csharp":{"name":"CertificateDetails"}}},"certificateDn":{"type":"string"},"certificateId":{"type":"string","description":"ID of the issued certificate"},"chain":{"type":"string","description":"The trust chain of X509 certificate authority certificates in PEM format concatenated together.\n"},"commonName":{"type":"string","description":"The common name of the certificate.\n","willReplaceOnChanges":true},"country":{"type":"string","description":"Country of the certificate (C)","willReplaceOnChanges":true},"csrOrigin":{"type":"string","description":"Whether key-pair generation will be \u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`service`\" pulumi-lang-dotnet=\"`Service`\" pulumi-lang-go=\"`service`\" pulumi-lang-python=\"`service`\" pulumi-lang-yaml=\"`service`\" pulumi-lang-java=\"`service`\"\u003e`service`\u003c/span\u003e generated. Default is \n\u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e.\n","willReplaceOnChanges":true},"csrPem":{"type":"string"},"customFields":{"type":"object","additionalProperties":{"type":"string"},"description":"Collection of Custom Field name-value pairs to assign to the certificate.\n","willReplaceOnChanges":true},"ecdsaCurve":{"type":"string","description":"ECDSA curve to use when generating a key","willReplaceOnChanges":true},"expirationWindow":{"type":"integer","description":"Number of hours before certificate expiry to request a new certificate. \nDefaults to \u003cspan pulumi-lang-nodejs=\"`168`\" pulumi-lang-dotnet=\"`168`\" pulumi-lang-go=\"`168`\" pulumi-lang-python=\"`168`\" pulumi-lang-yaml=\"`168`\" pulumi-lang-java=\"`168`\"\u003e`168`\u003c/span\u003e.\n"},"issuerHint":{"type":"string","description":"Used with \u003cspan pulumi-lang-nodejs=\"`validDays`\" pulumi-lang-dotnet=\"`ValidDays`\" pulumi-lang-go=\"`validDays`\" pulumi-lang-python=\"`valid_days`\" pulumi-lang-yaml=\"`validDays`\" pulumi-lang-java=\"`validDays`\"\u003e`valid_days`\u003c/span\u003e to indicate the target issuer when using Trust Protection \nPlatform. Relevant values are: `DigiCert`, `Entrust`, and `Microsoft`.\n","willReplaceOnChanges":true},"keyPassword":{"type":"string","description":"The password used to encrypt the private key.\n","secret":true,"willReplaceOnChanges":true},"locality":{"type":"string","description":"Locality/City of the certificate (L)","willReplaceOnChanges":true},"nickname":{"type":"string","description":"Use to specify a name for the new certificate object that will be created and placed \nin a policy. Only valid for Trust Protection Platform.\n","willReplaceOnChanges":true},"organization":{"type":"string","description":"Organization of the certificate (O)","willReplaceOnChanges":true},"organizationalUnits":{"type":"array","items":{"type":"string"},"description":"List of Organizational Units of the certificate (OU)","willReplaceOnChanges":true},"pkcs12":{"type":"string","description":"A base64-encoded PKCS#12 keystore secured by the \u003cspan pulumi-lang-nodejs=\"`keyPassword`\" pulumi-lang-dotnet=\"`KeyPassword`\" pulumi-lang-go=\"`keyPassword`\" pulumi-lang-python=\"`key_password`\" pulumi-lang-yaml=\"`keyPassword`\" pulumi-lang-java=\"`keyPassword`\"\u003e`key_password`\u003c/span\u003e. Useful when working with resources like \nazure key_vault_certificate.\n"},"privateKeyPem":{"type":"string","description":"The private key in PEM format.\n","secret":true},"renewRequired":{"type":"boolean","description":"Indicates the certificate should be reissued. This means the resource will destroyed and recreated","willReplaceOnChanges":true},"rsaBits":{"type":"integer","description":"Number of bits to use when generating an RSA key. Applies when algorithm is `RSA`. \nDefaults to \u003cspan pulumi-lang-nodejs=\"`2048`\" pulumi-lang-dotnet=\"`2048`\" pulumi-lang-go=\"`2048`\" pulumi-lang-python=\"`2048`\" pulumi-lang-yaml=\"`2048`\" pulumi-lang-java=\"`2048`\"\u003e`2048`\u003c/span\u003e.\n","willReplaceOnChanges":true},"sanDns":{"type":"array","items":{"type":"string"},"description":"List of DNS names to use as alternative subjects of the certificate.\n","willReplaceOnChanges":true},"sanEmails":{"type":"array","items":{"type":"string"},"description":"List of email addresses to use as alternative subjects of the certificate.\n","willReplaceOnChanges":true},"sanIps":{"type":"array","items":{"type":"string"},"description":"List of IP addresses to use as alternative subjects of the certificate.\n","willReplaceOnChanges":true},"sanUris":{"type":"array","items":{"type":"string"},"description":"List of Uniform Resource Identifiers (URIs) to use as alternative subjects of \nthe certificate.\n","willReplaceOnChanges":true},"state":{"type":"string","description":"State of the certificate (S)","willReplaceOnChanges":true},"tags":{"type":"array","items":{"type":"string"},"description":"List of Certificate Tags defined in Venafi Control Plane.\n"},"validDays":{"type":"integer","description":"Desired number of days for which the new certificate will be valid.\n","willReplaceOnChanges":true}},"type":"object"}},"venafi:index/cloudKeystoreInstallation:CloudKeystoreInstallation":{"description":"Provisions a certificate from Venafi Control Plane's inventory to any of the supported Cloud Providers: Amazon \nCertificate Manager, Azure KeyVault or Google Certificate Manager. Exports the ID of the provisioned certificate: \ncertificate name for AKV and GCM or ARN for ACM.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as venafi from \"@pulumi/venafi\";\n\n// Provision a certificate to cloud keystore with static values\nconst ckInstallationExampleById = new venafi.CloudKeystoreInstallation(\"ck_installation_example_by_id\", {\n cloudKeystoreId: \"e48897d0-2762-11ef-198k-79ac590dd358\",\n certificateId: \"1877af16-2762-11ef-8fab-cc123456ff7\",\n cloudCertificateName: \"com-terraform-example-com\",\n});\n// Provision a certificate to cloud keystore\nconst ckInstallationExample = new venafi.CloudKeystoreInstallation(\"ck_installation_example\", {\n cloudKeystoreId: ckExample.id,\n certificateId: certificateExample.certificateId,\n cloudCertificateName: certificateExample.commonName,\n});\n```\n```python\nimport pulumi\nimport pulumi_venafi as venafi\n\n# Provision a certificate to cloud keystore with static values\nck_installation_example_by_id = venafi.CloudKeystoreInstallation(\"ck_installation_example_by_id\",\n cloud_keystore_id=\"e48897d0-2762-11ef-198k-79ac590dd358\",\n certificate_id=\"1877af16-2762-11ef-8fab-cc123456ff7\",\n cloud_certificate_name=\"com-terraform-example-com\")\n# Provision a certificate to cloud keystore\nck_installation_example = venafi.CloudKeystoreInstallation(\"ck_installation_example\",\n cloud_keystore_id=ck_example[\"id\"],\n certificate_id=certificate_example[\"certificateId\"],\n cloud_certificate_name=certificate_example[\"commonName\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Provision a certificate to cloud keystore with static values\n var ckInstallationExampleById = new Venafi.CloudKeystoreInstallation(\"ck_installation_example_by_id\", new()\n {\n CloudKeystoreId = \"e48897d0-2762-11ef-198k-79ac590dd358\",\n CertificateId = \"1877af16-2762-11ef-8fab-cc123456ff7\",\n CloudCertificateName = \"com-terraform-example-com\",\n });\n\n // Provision a certificate to cloud keystore\n var ckInstallationExample = new Venafi.CloudKeystoreInstallation(\"ck_installation_example\", new()\n {\n CloudKeystoreId = ckExample.Id,\n CertificateId = certificateExample.CertificateId,\n CloudCertificateName = certificateExample.CommonName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Provision a certificate to cloud keystore with static values\n\t\t_, err := venafi.NewCloudKeystoreInstallation(ctx, \"ck_installation_example_by_id\", \u0026venafi.CloudKeystoreInstallationArgs{\n\t\t\tCloudKeystoreId: pulumi.String(\"e48897d0-2762-11ef-198k-79ac590dd358\"),\n\t\t\tCertificateId: pulumi.String(\"1877af16-2762-11ef-8fab-cc123456ff7\"),\n\t\t\tCloudCertificateName: pulumi.String(\"com-terraform-example-com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Provision a certificate to cloud keystore\n\t\t_, err = venafi.NewCloudKeystoreInstallation(ctx, \"ck_installation_example\", \u0026venafi.CloudKeystoreInstallationArgs{\n\t\t\tCloudKeystoreId: pulumi.Any(ckExample.Id),\n\t\t\tCertificateId: pulumi.Any(certificateExample.CertificateId),\n\t\t\tCloudCertificateName: pulumi.Any(certificateExample.CommonName),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.CloudKeystoreInstallation;\nimport com.pulumi.venafi.CloudKeystoreInstallationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Provision a certificate to cloud keystore with static values\n var ckInstallationExampleById = new CloudKeystoreInstallation(\"ckInstallationExampleById\", CloudKeystoreInstallationArgs.builder()\n .cloudKeystoreId(\"e48897d0-2762-11ef-198k-79ac590dd358\")\n .certificateId(\"1877af16-2762-11ef-8fab-cc123456ff7\")\n .cloudCertificateName(\"com-terraform-example-com\")\n .build());\n\n // Provision a certificate to cloud keystore\n var ckInstallationExample = new CloudKeystoreInstallation(\"ckInstallationExample\", CloudKeystoreInstallationArgs.builder()\n .cloudKeystoreId(ckExample.id())\n .certificateId(certificateExample.certificateId())\n .cloudCertificateName(certificateExample.commonName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Provision a certificate to cloud keystore with static values\n ckInstallationExampleById:\n type: venafi:CloudKeystoreInstallation\n name: ck_installation_example_by_id\n properties:\n cloudKeystoreId: e48897d0-2762-11ef-198k-79ac590dd358\n certificateId: 1877af16-2762-11ef-8fab-cc123456ff7\n cloudCertificateName: com-terraform-example-com\n # Provision a certificate to cloud keystore\n ckInstallationExample:\n type: venafi:CloudKeystoreInstallation\n name: ck_installation_example\n properties:\n cloudKeystoreId: ${ckExample.id}\n certificateId: ${certificateExample.certificateId}\n cloudCertificateName: ${certificateExample.commonName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a Machine Identity from Venafi Control Plane using their ID. For example:\n\n```sh\n$ pulumi import venafi:index/cloudKeystoreInstallation:CloudKeystoreInstallation example 2155bd32-2234-22ac-7cfd-ff1198845aa2\n```\n\n","properties":{"arn":{"type":"string","description":"ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.\n"},"certificateId":{"type":"string","description":"ID of the certificate to be provisioned to the given \u003cspan pulumi-lang-nodejs=\"`keystoreId`\" pulumi-lang-dotnet=\"`KeystoreId`\" pulumi-lang-go=\"`keystoreId`\" pulumi-lang-python=\"`keystore_id`\" pulumi-lang-yaml=\"`keystoreId`\" pulumi-lang-java=\"`keystoreId`\"\u003e`keystore_id`\u003c/span\u003e.\n"},"cloudCertificateId":{"type":"string","description":"The ID of the provisioned certificate within the Cloud Keystore\n"},"cloudCertificateMetadata":{"type":"object","additionalProperties":{"type":"string"},"description":"Metadata of the provisioned certificate from the Cloud Keystore\n"},"cloudCertificateName":{"type":"string","description":"Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from \u003cspan pulumi-lang-nodejs=\"`certificateId`\" pulumi-lang-dotnet=\"`CertificateId`\" pulumi-lang-go=\"`certificateId`\" pulumi-lang-python=\"`certificate_id`\" pulumi-lang-yaml=\"`certificateId`\" pulumi-lang-java=\"`certificateId`\"\u003e`certificate_id`\u003c/span\u003e. Only valid for AKV and GCM keystores.\n"},"cloudKeystoreId":{"type":"string","description":"ID of the cloud keystore where the certificate will be provisioned.\n"},"gcmCertScope":{"type":"string","description":"The GCM certificate scope of the certificate. Only valid for GCM keystores. Supported values from GCM API documentation: DEFAULT, EDGE_CACHE, ALL_REGIONS.\n"}},"required":["certificateId","cloudCertificateId","cloudCertificateMetadata","cloudKeystoreId"],"inputProperties":{"arn":{"type":"string","description":"ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.\n","willReplaceOnChanges":true},"certificateId":{"type":"string","description":"ID of the certificate to be provisioned to the given \u003cspan pulumi-lang-nodejs=\"`keystoreId`\" pulumi-lang-dotnet=\"`KeystoreId`\" pulumi-lang-go=\"`keystoreId`\" pulumi-lang-python=\"`keystore_id`\" pulumi-lang-yaml=\"`keystoreId`\" pulumi-lang-java=\"`keystoreId`\"\u003e`keystore_id`\u003c/span\u003e.\n"},"cloudCertificateName":{"type":"string","description":"Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from \u003cspan pulumi-lang-nodejs=\"`certificateId`\" pulumi-lang-dotnet=\"`CertificateId`\" pulumi-lang-go=\"`certificateId`\" pulumi-lang-python=\"`certificate_id`\" pulumi-lang-yaml=\"`certificateId`\" pulumi-lang-java=\"`certificateId`\"\u003e`certificate_id`\u003c/span\u003e. Only valid for AKV and GCM keystores.\n","willReplaceOnChanges":true},"cloudKeystoreId":{"type":"string","description":"ID of the cloud keystore where the certificate will be provisioned.\n","willReplaceOnChanges":true},"gcmCertScope":{"type":"string","description":"The GCM certificate scope of the certificate. Only valid for GCM keystores. Supported values from GCM API documentation: DEFAULT, EDGE_CACHE, ALL_REGIONS.\n"}},"requiredInputs":["certificateId","cloudKeystoreId"],"stateInputs":{"description":"Input properties used for looking up and filtering CloudKeystoreInstallation resources.\n","properties":{"arn":{"type":"string","description":"ARN of the AWS certificate. Use it to provision the VCP certificate to an existing ACM certificate, instead of a new one. Only valid for ACM keystores.\n","willReplaceOnChanges":true},"certificateId":{"type":"string","description":"ID of the certificate to be provisioned to the given \u003cspan pulumi-lang-nodejs=\"`keystoreId`\" pulumi-lang-dotnet=\"`KeystoreId`\" pulumi-lang-go=\"`keystoreId`\" pulumi-lang-python=\"`keystore_id`\" pulumi-lang-yaml=\"`keystoreId`\" pulumi-lang-java=\"`keystoreId`\"\u003e`keystore_id`\u003c/span\u003e.\n"},"cloudCertificateId":{"type":"string","description":"The ID of the provisioned certificate within the Cloud Keystore\n"},"cloudCertificateMetadata":{"type":"object","additionalProperties":{"type":"string"},"description":"Metadata of the provisioned certificate from the Cloud Keystore\n"},"cloudCertificateName":{"type":"string","description":"Name for the provisioned certificate in the keystore. If the name already exists, the provisioning will replace the previous certificate with the one from \u003cspan pulumi-lang-nodejs=\"`certificateId`\" pulumi-lang-dotnet=\"`CertificateId`\" pulumi-lang-go=\"`certificateId`\" pulumi-lang-python=\"`certificate_id`\" pulumi-lang-yaml=\"`certificateId`\" pulumi-lang-java=\"`certificateId`\"\u003e`certificate_id`\u003c/span\u003e. Only valid for AKV and GCM keystores.\n","willReplaceOnChanges":true},"cloudKeystoreId":{"type":"string","description":"ID of the cloud keystore where the certificate will be provisioned.\n","willReplaceOnChanges":true},"gcmCertScope":{"type":"string","description":"The GCM certificate scope of the certificate. Only valid for GCM keystores. Supported values from GCM API documentation: DEFAULT, EDGE_CACHE, ALL_REGIONS.\n"}},"type":"object"}},"venafi:index/policy:Policy":{"description":"Provides access to read and write certificate policy in Venafi. This can be used to define a new policy (folder in \n*Trust Protection Platform*; application and issuing template in *Venafi Control Plane*).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as std from \"@pulumi/std\";\nimport * as venafi from \"@pulumi/venafi\";\n\nconst internalPolicy = new venafi.Policy(\"internal_policy\", {\n zone: \"My Business App\\\\Enterprise Trusted Certs\",\n policySpecification: std.file({\n input: \"/path-to/internal-policy.json\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_std as std\nimport pulumi_venafi as venafi\n\ninternal_policy = venafi.Policy(\"internal_policy\",\n zone=\"My Business App\\\\Enterprise Trusted Certs\",\n policy_specification=std.file(input=\"/path-to/internal-policy.json\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Std = Pulumi.Std;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalPolicy = new Venafi.Policy(\"internal_policy\", new()\n {\n Zone = \"My Business App\\\\Enterprise Trusted Certs\",\n PolicySpecification = Std.File.Invoke(new()\n {\n Input = \"/path-to/internal-policy.json\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-std/sdk/v2/go/std\"\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"/path-to/internal-policy.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = venafi.NewPolicy(ctx, \"internal_policy\", \u0026venafi.PolicyArgs{\n\t\t\tZone: pulumi.String(\"My Business App\\\\Enterprise Trusted Certs\"),\n\t\t\tPolicySpecification: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.Policy;\nimport com.pulumi.venafi.PolicyArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.std.inputs.FileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalPolicy = new Policy(\"internalPolicy\", PolicyArgs.builder()\n .zone(\"My Business App\\\\Enterprise Trusted Certs\")\n .policySpecification(StdFunctions.file(FileArgs.builder()\n .input(\"/path-to/internal-policy.json\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalPolicy:\n type: venafi:Policy\n name: internal_policy\n properties:\n zone: My Business App\\Enterprise Trusted Certs\n policySpecification:\n fn::invoke:\n function: std:file\n arguments:\n input: /path-to/internal-policy.json\n return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nThe \u003cspan pulumi-lang-nodejs=\"`venafi.Policy`\" pulumi-lang-dotnet=\"`venafi.Policy`\" pulumi-lang-go=\"`Policy`\" pulumi-lang-python=\"`Policy`\" pulumi-lang-yaml=\"`venafi.Policy`\" pulumi-lang-java=\"`venafi.Policy`\"\u003e`venafi.Policy`\u003c/span\u003e resource supports the Terraform import method. \nWhen used, the \u003cspan pulumi-lang-nodejs=\"`zone`\" pulumi-lang-dotnet=\"`Zone`\" pulumi-lang-go=\"`zone`\" pulumi-lang-python=\"`zone`\" pulumi-lang-yaml=\"`zone`\" pulumi-lang-java=\"`zone`\"\u003e`zone`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`policySpecification`\" pulumi-lang-dotnet=\"`PolicySpecification`\" pulumi-lang-go=\"`policySpecification`\" pulumi-lang-python=\"`policy_specification`\" pulumi-lang-yaml=\"`policySpecification`\" pulumi-lang-java=\"`policySpecification`\"\u003e`policy_specification`\u003c/span\u003e resource arguments are not required since the zone is a required \nparameter of the import method and the policy specification is populated from the existing infrastructure. Policy that \nis successfully imported is also output to a file named after the zone that was specified.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as venafi from \"@pulumi/venafi\";\n\nconst existingPolicy = new venafi.Policy(\"existing_policy\", {});\n```\n```python\nimport pulumi\nimport pulumi_venafi as venafi\n\nexisting_policy = venafi.Policy(\"existing_policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var existingPolicy = new Venafi.Policy(\"existing_policy\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := venafi.NewPolicy(ctx, \"existing_policy\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.Policy;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var existingPolicy = new Policy(\"existingPolicy\");\n\n }\n}\n```\n```yaml\nresources:\n existingPolicy:\n type: venafi:Policy\n name: existing_policy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n```sh\nterraform import \"venafi_policy.existing_policy\" \"My Business App\\\\Enterprise Trusted Certs\"\n```\n\n","properties":{"policySpecification":{"type":"string","description":"The JSON-formatted certificate policy specification as documented \n[here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the \u003cspan pulumi-lang-nodejs=\"`file`\" pulumi-lang-dotnet=\"`File`\" pulumi-lang-go=\"`file`\" pulumi-lang-python=\"`file`\" pulumi-lang-yaml=\"`file`\" pulumi-lang-java=\"`file`\"\u003e`file`\u003c/span\u003e\nfunction.\n"},"zone":{"type":"string","description":"The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and \nissuing template.\n"}},"inputProperties":{"policySpecification":{"type":"string","description":"The JSON-formatted certificate policy specification as documented \n[here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the \u003cspan pulumi-lang-nodejs=\"`file`\" pulumi-lang-dotnet=\"`File`\" pulumi-lang-go=\"`file`\" pulumi-lang-python=\"`file`\" pulumi-lang-yaml=\"`file`\" pulumi-lang-java=\"`file`\"\u003e`file`\u003c/span\u003e\nfunction.\n","willReplaceOnChanges":true},"zone":{"type":"string","description":"The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and \nissuing template.\n","willReplaceOnChanges":true}},"stateInputs":{"description":"Input properties used for looking up and filtering Policy resources.\n","properties":{"policySpecification":{"type":"string","description":"The JSON-formatted certificate policy specification as documented \n[here](https://github.com/Venafi/vcert/blob/master/README-POLICY-SPEC.md). Typically read from a file using the \u003cspan pulumi-lang-nodejs=\"`file`\" pulumi-lang-dotnet=\"`File`\" pulumi-lang-go=\"`file`\" pulumi-lang-python=\"`file`\" pulumi-lang-yaml=\"`file`\" pulumi-lang-java=\"`file`\"\u003e`file`\u003c/span\u003e\nfunction.\n","willReplaceOnChanges":true},"zone":{"type":"string","description":"The *Trust Protection Plaform* policy folder or *Venafi Control Plane* application and \nissuing template.\n","willReplaceOnChanges":true}},"type":"object"}},"venafi:index/sshCertificate:SshCertificate":{"description":"Provides access to request and retrieve SSH certificates from *Venafi Trust Protection Platform*.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as venafi from \"@pulumi/venafi\";\n\nconst sshCert = new venafi.SshCertificate(\"ssh_cert\", {\n keyId: \"my-first-ssh-certificate\",\n template: \"Sample SSH CA\",\n publicKeyMethod: \"local\",\n keyPassphrase: \"passw0rd\",\n keySize: 3072,\n principals: [\"seamus\"],\n validHours: 24,\n});\n```\n```python\nimport pulumi\nimport pulumi_venafi as venafi\n\nssh_cert = venafi.SshCertificate(\"ssh_cert\",\n key_id=\"my-first-ssh-certificate\",\n template=\"Sample SSH CA\",\n public_key_method=\"local\",\n key_passphrase=\"passw0rd\",\n key_size=3072,\n principals=[\"seamus\"],\n valid_hours=24)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sshCert = new Venafi.SshCertificate(\"ssh_cert\", new()\n {\n KeyId = \"my-first-ssh-certificate\",\n Template = \"Sample SSH CA\",\n PublicKeyMethod = \"local\",\n KeyPassphrase = \"passw0rd\",\n KeySize = 3072,\n Principals = new[]\n {\n \"seamus\",\n },\n ValidHours = 24,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := venafi.NewSshCertificate(ctx, \"ssh_cert\", \u0026venafi.SshCertificateArgs{\n\t\t\tKeyId: pulumi.String(\"my-first-ssh-certificate\"),\n\t\t\tTemplate: pulumi.String(\"Sample SSH CA\"),\n\t\t\tPublicKeyMethod: pulumi.String(\"local\"),\n\t\t\tKeyPassphrase: pulumi.String(\"passw0rd\"),\n\t\t\tKeySize: pulumi.Int(3072),\n\t\t\tPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"seamus\"),\n\t\t\t},\n\t\t\tValidHours: pulumi.Int(24),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.SshCertificate;\nimport com.pulumi.venafi.SshCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sshCert = new SshCertificate(\"sshCert\", SshCertificateArgs.builder()\n .keyId(\"my-first-ssh-certificate\")\n .template(\"Sample SSH CA\")\n .publicKeyMethod(\"local\")\n .keyPassphrase(\"passw0rd\")\n .keySize(3072)\n .principals(\"seamus\")\n .validHours(24)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sshCert:\n type: venafi:SshCertificate\n name: ssh_cert\n properties:\n keyId: my-first-ssh-certificate\n template: Sample SSH CA\n publicKeyMethod: local\n keyPassphrase: passw0rd\n keySize: 3072\n principals:\n - seamus\n validHours: 24\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"certificate":{"type":"string","description":"The issued SSH certificate.\n"},"certificateType":{"type":"string","description":"Indicates whether the SSH certificate is for client or server authentication.\n"},"destinationAddresses":{"type":"array","items":{"type":"string"},"description":"A list of one or more valid IP or CIDR destination hosts where the \ncertificate will authenticate.\n"},"extensions":{"type":"array","items":{"type":"string"},"description":"A list of key-value pairs that contain certificate extensions from the CA \ntemplate for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,\n`permit-port-forwarding`, `permit-pty`, `permit-user-rc`.\n"},"folder":{"type":"string","description":"The DN of the policy folder where the SSH certificate object will be created.\n"},"forceCommand":{"type":"string","description":"A command to run after successful login.\n"},"keyId":{"type":"string","description":"The identifier of the requested SSH certificate.\n"},"keyPassphrase":{"type":"string","description":"Passphrase for encrypting the private key.\n","secret":true},"keySize":{"type":"integer","description":"Number of bits to use when creating a key pair. (e.g. \u003cspan pulumi-lang-nodejs=\"`3072`\" pulumi-lang-dotnet=\"`3072`\" pulumi-lang-go=\"`3072`\" pulumi-lang-python=\"`3072`\" pulumi-lang-yaml=\"`3072`\" pulumi-lang-java=\"`3072`\"\u003e`3072`\u003c/span\u003e).\n"},"objectName":{"type":"string","description":"The friendly name of the SSH certificate object. When not specified the \u003cspan pulumi-lang-nodejs=\"`keyId`\" pulumi-lang-dotnet=\"`KeyId`\" pulumi-lang-go=\"`keyId`\" pulumi-lang-python=\"`key_id`\" pulumi-lang-yaml=\"`keyId`\" pulumi-lang-java=\"`keyId`\"\u003e`key_id`\u003c/span\u003e \nis used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new\ncertificate.\n"},"principal":{"type":"array","items":{"type":"string"},"description":"[DEPRECATED] - (Optional, set of strings) Use \"principals\" instead. A list of usernames for whom the \nrequested certificate will be valid.\n","deprecationMessage":"This will be removed in the future. Use \"principals\" instead"},"principals":{"type":"array","items":{"type":"string"},"description":"A list of usernames for whom the requested certificate will be valid.\n"},"privateKey":{"type":"string","description":"The private key for the SSH certificate if generated by Venafi.\n"},"publicKey":{"type":"string","description":"The OpenSSH formatted public key that will be used to generate the SSH certificate.\n"},"publicKeyFingerprint":{"type":"string","description":"The SHA256 fingerprint of the SSH certificate's public key.\n"},"publicKeyMethod":{"type":"string","description":"Specifies whether the public key will be \u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e (default), \u003cspan pulumi-lang-nodejs=\"`file`\" pulumi-lang-dotnet=\"`File`\" pulumi-lang-go=\"`file`\" pulumi-lang-python=\"`file`\" pulumi-lang-yaml=\"`file`\" pulumi-lang-java=\"`file`\"\u003e`file`\u003c/span\u003e or \n\u003cspan pulumi-lang-nodejs=\"`service`\" pulumi-lang-dotnet=\"`Service`\" pulumi-lang-go=\"`service`\" pulumi-lang-python=\"`service`\" pulumi-lang-yaml=\"`service`\" pulumi-lang-java=\"`service`\"\u003e`service`\u003c/span\u003e generated.\n"},"serial":{"type":"string","description":"The serial number of the SSH certificate.\n"},"signingCa":{"type":"string","description":"The SHA256 fingerprint of the CA that signed the SSH certificate.\n"},"sourceAddresses":{"type":"array","items":{"type":"string"},"description":"A list of one or more valid IP or CIDR addresses that can use the SSH \ncertificate.\n"},"template":{"type":"string","description":"The SSH certificate issuing template.\n"},"validFrom":{"type":"string","description":"The date the SSH certificate was issued.\n"},"validHours":{"type":"integer","description":"Desired number of hours for which the certificate will be valid.\n"},"validTo":{"type":"string","description":"The date the SSH certificate will expire.\n"},"windows":{"type":"boolean","description":"Specifies whether the private key will use Windows/DOS style line breaks.\n"}},"required":["certificate","certificateType","keyId","privateKey","publicKeyFingerprint","serial","signingCa","template","validFrom","validTo"],"inputProperties":{"destinationAddresses":{"type":"array","items":{"type":"string"},"description":"A list of one or more valid IP or CIDR destination hosts where the \ncertificate will authenticate.\n","willReplaceOnChanges":true},"extensions":{"type":"array","items":{"type":"string"},"description":"A list of key-value pairs that contain certificate extensions from the CA \ntemplate for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,\n`permit-port-forwarding`, `permit-pty`, `permit-user-rc`.\n","willReplaceOnChanges":true},"folder":{"type":"string","description":"The DN of the policy folder where the SSH certificate object will be created.\n","willReplaceOnChanges":true},"forceCommand":{"type":"string","description":"A command to run after successful login.\n","willReplaceOnChanges":true},"keyId":{"type":"string","description":"The identifier of the requested SSH certificate.\n","willReplaceOnChanges":true},"keyPassphrase":{"type":"string","description":"Passphrase for encrypting the private key.\n","secret":true,"willReplaceOnChanges":true},"keySize":{"type":"integer","description":"Number of bits to use when creating a key pair. (e.g. \u003cspan pulumi-lang-nodejs=\"`3072`\" pulumi-lang-dotnet=\"`3072`\" pulumi-lang-go=\"`3072`\" pulumi-lang-python=\"`3072`\" pulumi-lang-yaml=\"`3072`\" pulumi-lang-java=\"`3072`\"\u003e`3072`\u003c/span\u003e).\n","willReplaceOnChanges":true},"objectName":{"type":"string","description":"The friendly name of the SSH certificate object. When not specified the \u003cspan pulumi-lang-nodejs=\"`keyId`\" pulumi-lang-dotnet=\"`KeyId`\" pulumi-lang-go=\"`keyId`\" pulumi-lang-python=\"`key_id`\" pulumi-lang-yaml=\"`keyId`\" pulumi-lang-java=\"`keyId`\"\u003e`key_id`\u003c/span\u003e \nis used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new\ncertificate.\n","willReplaceOnChanges":true},"principal":{"type":"array","items":{"type":"string"},"description":"[DEPRECATED] - (Optional, set of strings) Use \"principals\" instead. A list of usernames for whom the \nrequested certificate will be valid.\n","deprecationMessage":"This will be removed in the future. Use \"principals\" instead","willReplaceOnChanges":true},"principals":{"type":"array","items":{"type":"string"},"description":"A list of usernames for whom the requested certificate will be valid.\n","willReplaceOnChanges":true},"publicKey":{"type":"string","description":"The OpenSSH formatted public key that will be used to generate the SSH certificate.\n","willReplaceOnChanges":true},"publicKeyMethod":{"type":"string","description":"Specifies whether the public key will be \u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e (default), \u003cspan pulumi-lang-nodejs=\"`file`\" pulumi-lang-dotnet=\"`File`\" pulumi-lang-go=\"`file`\" pulumi-lang-python=\"`file`\" pulumi-lang-yaml=\"`file`\" pulumi-lang-java=\"`file`\"\u003e`file`\u003c/span\u003e or \n\u003cspan pulumi-lang-nodejs=\"`service`\" pulumi-lang-dotnet=\"`Service`\" pulumi-lang-go=\"`service`\" pulumi-lang-python=\"`service`\" pulumi-lang-yaml=\"`service`\" pulumi-lang-java=\"`service`\"\u003e`service`\u003c/span\u003e generated.\n","willReplaceOnChanges":true},"sourceAddresses":{"type":"array","items":{"type":"string"},"description":"A list of one or more valid IP or CIDR addresses that can use the SSH \ncertificate.\n","willReplaceOnChanges":true},"template":{"type":"string","description":"The SSH certificate issuing template.\n","willReplaceOnChanges":true},"validHours":{"type":"integer","description":"Desired number of hours for which the certificate will be valid.\n","willReplaceOnChanges":true},"windows":{"type":"boolean","description":"Specifies whether the private key will use Windows/DOS style line breaks.\n","willReplaceOnChanges":true}},"requiredInputs":["keyId","template"],"stateInputs":{"description":"Input properties used for looking up and filtering SshCertificate resources.\n","properties":{"certificate":{"type":"string","description":"The issued SSH certificate.\n"},"certificateType":{"type":"string","description":"Indicates whether the SSH certificate is for client or server authentication.\n"},"destinationAddresses":{"type":"array","items":{"type":"string"},"description":"A list of one or more valid IP or CIDR destination hosts where the \ncertificate will authenticate.\n","willReplaceOnChanges":true},"extensions":{"type":"array","items":{"type":"string"},"description":"A list of key-value pairs that contain certificate extensions from the CA \ntemplate for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,\n`permit-port-forwarding`, `permit-pty`, `permit-user-rc`.\n","willReplaceOnChanges":true},"folder":{"type":"string","description":"The DN of the policy folder where the SSH certificate object will be created.\n","willReplaceOnChanges":true},"forceCommand":{"type":"string","description":"A command to run after successful login.\n","willReplaceOnChanges":true},"keyId":{"type":"string","description":"The identifier of the requested SSH certificate.\n","willReplaceOnChanges":true},"keyPassphrase":{"type":"string","description":"Passphrase for encrypting the private key.\n","secret":true,"willReplaceOnChanges":true},"keySize":{"type":"integer","description":"Number of bits to use when creating a key pair. (e.g. \u003cspan pulumi-lang-nodejs=\"`3072`\" pulumi-lang-dotnet=\"`3072`\" pulumi-lang-go=\"`3072`\" pulumi-lang-python=\"`3072`\" pulumi-lang-yaml=\"`3072`\" pulumi-lang-java=\"`3072`\"\u003e`3072`\u003c/span\u003e).\n","willReplaceOnChanges":true},"objectName":{"type":"string","description":"The friendly name of the SSH certificate object. When not specified the \u003cspan pulumi-lang-nodejs=\"`keyId`\" pulumi-lang-dotnet=\"`KeyId`\" pulumi-lang-go=\"`keyId`\" pulumi-lang-python=\"`key_id`\" pulumi-lang-yaml=\"`keyId`\" pulumi-lang-java=\"`keyId`\"\u003e`key_id`\u003c/span\u003e \nis used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new\ncertificate.\n","willReplaceOnChanges":true},"principal":{"type":"array","items":{"type":"string"},"description":"[DEPRECATED] - (Optional, set of strings) Use \"principals\" instead. A list of usernames for whom the \nrequested certificate will be valid.\n","deprecationMessage":"This will be removed in the future. Use \"principals\" instead","willReplaceOnChanges":true},"principals":{"type":"array","items":{"type":"string"},"description":"A list of usernames for whom the requested certificate will be valid.\n","willReplaceOnChanges":true},"privateKey":{"type":"string","description":"The private key for the SSH certificate if generated by Venafi.\n"},"publicKey":{"type":"string","description":"The OpenSSH formatted public key that will be used to generate the SSH certificate.\n","willReplaceOnChanges":true},"publicKeyFingerprint":{"type":"string","description":"The SHA256 fingerprint of the SSH certificate's public key.\n"},"publicKeyMethod":{"type":"string","description":"Specifies whether the public key will be \u003cspan pulumi-lang-nodejs=\"`local`\" pulumi-lang-dotnet=\"`Local`\" pulumi-lang-go=\"`local`\" pulumi-lang-python=\"`local`\" pulumi-lang-yaml=\"`local`\" pulumi-lang-java=\"`local`\"\u003e`local`\u003c/span\u003e (default), \u003cspan pulumi-lang-nodejs=\"`file`\" pulumi-lang-dotnet=\"`File`\" pulumi-lang-go=\"`file`\" pulumi-lang-python=\"`file`\" pulumi-lang-yaml=\"`file`\" pulumi-lang-java=\"`file`\"\u003e`file`\u003c/span\u003e or \n\u003cspan pulumi-lang-nodejs=\"`service`\" pulumi-lang-dotnet=\"`Service`\" pulumi-lang-go=\"`service`\" pulumi-lang-python=\"`service`\" pulumi-lang-yaml=\"`service`\" pulumi-lang-java=\"`service`\"\u003e`service`\u003c/span\u003e generated.\n","willReplaceOnChanges":true},"serial":{"type":"string","description":"The serial number of the SSH certificate.\n"},"signingCa":{"type":"string","description":"The SHA256 fingerprint of the CA that signed the SSH certificate.\n"},"sourceAddresses":{"type":"array","items":{"type":"string"},"description":"A list of one or more valid IP or CIDR addresses that can use the SSH \ncertificate.\n","willReplaceOnChanges":true},"template":{"type":"string","description":"The SSH certificate issuing template.\n","willReplaceOnChanges":true},"validFrom":{"type":"string","description":"The date the SSH certificate was issued.\n"},"validHours":{"type":"integer","description":"Desired number of hours for which the certificate will be valid.\n","willReplaceOnChanges":true},"validTo":{"type":"string","description":"The date the SSH certificate will expire.\n"},"windows":{"type":"boolean","description":"Specifies whether the private key will use Windows/DOS style line breaks.\n","willReplaceOnChanges":true}},"type":"object"}},"venafi:index/sshConfig:SshConfig":{"description":"Provides access to retrieve configuration from SSH certificate issuance template from *Venafi Trust Protection Platform*.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as venafi from \"@pulumi/venafi\";\n\nconst cit = new venafi.SshConfig(\"cit\", {template: \"devops-terraform-cit\"});\n```\n```python\nimport pulumi\nimport pulumi_venafi as venafi\n\ncit = venafi.SshConfig(\"cit\", template=\"devops-terraform-cit\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cit = new Venafi.SshConfig(\"cit\", new()\n {\n Template = \"devops-terraform-cit\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := venafi.NewSshConfig(ctx, \"cit\", \u0026venafi.SshConfigArgs{\n\t\t\tTemplate: pulumi.String(\"devops-terraform-cit\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.SshConfig;\nimport com.pulumi.venafi.SshConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cit = new SshConfig(\"cit\", SshConfigArgs.builder()\n .template(\"devops-terraform-cit\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cit:\n type: venafi:SshConfig\n properties:\n template: devops-terraform-cit\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"caPublicKey":{"type":"string","description":"(Optional, string) The template's CA public key.\n"},"principals":{"type":"array","items":{"type":"string"},"description":"(Optional, set of strings) A list of user names exported from the template.\n"},"template":{"type":"string","description":"The SSH certificate issuing template.\n"}},"required":["caPublicKey","principals","template"],"inputProperties":{"template":{"type":"string","description":"The SSH certificate issuing template.\n","willReplaceOnChanges":true}},"requiredInputs":["template"],"stateInputs":{"description":"Input properties used for looking up and filtering SshConfig resources.\n","properties":{"caPublicKey":{"type":"string","description":"(Optional, string) The template's CA public key.\n"},"principals":{"type":"array","items":{"type":"string"},"description":"(Optional, set of strings) A list of user names exported from the template.\n"},"template":{"type":"string","description":"The SSH certificate issuing template.\n","willReplaceOnChanges":true}},"type":"object"}}},"functions":{"pulumi:providers:venafi/terraformConfig":{"description":"This function returns a Terraform config object with terraform-namecased keys,to be used with the Terraform Module Provider.","inputs":{"properties":{"__self__":{"type":"ref","$ref":"#/provider"}},"type":"pulumi:providers:venafi/terraformConfig","required":["__self__"]},"outputs":{"properties":{"result":{"additionalProperties":{"$ref":"pulumi.json#/Any"},"type":"object"}},"required":["result"],"type":"object"}},"venafi:index/getCloudKeystore:getCloudKeystore":{"description":"Use this data source to get the `ID` of a cloud keystore in Venafi Control Plane, referenced by its name and parent \ncloud provider ID. You can use \u003cspan pulumi-lang-nodejs=\"`venafi.getCloudProvider`\" pulumi-lang-dotnet=\"`venafi.getCloudProvider`\" pulumi-lang-go=\"`getCloudProvider`\" pulumi-lang-python=\"`get_cloud_provider`\" pulumi-lang-yaml=\"`venafi.getCloudProvider`\" pulumi-lang-java=\"`venafi.getCloudProvider`\"\u003e`venafi.getCloudProvider`\u003c/span\u003e data source to obtain the ID of the parent cloud provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as venafi from \"@pulumi/venafi\";\n\n// Find a cloud keystore with a static cloud provider id\nconst ckExampleById = venafi.getCloudKeystore({\n cloudProviderId: \"e48897d0-2762-11ef-8fab-79ac590dd358\",\n name: \"Cloud Keystore Example\",\n});\n// Find a cloud keystore by using venafi_cloud_provider data source as input\nconst ckExample = venafi.getCloudKeystore({\n cloudProviderId: cpExample.id,\n name: \"Cloud Keystore example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_venafi as venafi\n\n# Find a cloud keystore with a static cloud provider id\nck_example_by_id = venafi.get_cloud_keystore(cloud_provider_id=\"e48897d0-2762-11ef-8fab-79ac590dd358\",\n name=\"Cloud Keystore Example\")\n# Find a cloud keystore by using venafi_cloud_provider data source as input\nck_example = venafi.get_cloud_keystore(cloud_provider_id=cp_example[\"id\"],\n name=\"Cloud Keystore example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Find a cloud keystore with a static cloud provider id\n var ckExampleById = Venafi.GetCloudKeystore.Invoke(new()\n {\n CloudProviderId = \"e48897d0-2762-11ef-8fab-79ac590dd358\",\n Name = \"Cloud Keystore Example\",\n });\n\n // Find a cloud keystore by using venafi_cloud_provider data source as input\n var ckExample = Venafi.GetCloudKeystore.Invoke(new()\n {\n CloudProviderId = cpExample.Id,\n Name = \"Cloud Keystore example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Find a cloud keystore with a static cloud provider id\n\t\t_, err := venafi.GetCloudKeystore(ctx, \u0026venafi.GetCloudKeystoreArgs{\n\t\t\tCloudProviderId: \"e48897d0-2762-11ef-8fab-79ac590dd358\",\n\t\t\tName: \"Cloud Keystore Example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Find a cloud keystore by using venafi_cloud_provider data source as input\n\t\t_, err = venafi.GetCloudKeystore(ctx, \u0026venafi.GetCloudKeystoreArgs{\n\t\t\tCloudProviderId: cpExample.Id,\n\t\t\tName: \"Cloud Keystore example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.VenafiFunctions;\nimport com.pulumi.venafi.inputs.GetCloudKeystoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Find a cloud keystore with a static cloud provider id\n final var ckExampleById = VenafiFunctions.getCloudKeystore(GetCloudKeystoreArgs.builder()\n .cloudProviderId(\"e48897d0-2762-11ef-8fab-79ac590dd358\")\n .name(\"Cloud Keystore Example\")\n .build());\n\n // Find a cloud keystore by using venafi_cloud_provider data source as input\n final var ckExample = VenafiFunctions.getCloudKeystore(GetCloudKeystoreArgs.builder()\n .cloudProviderId(cpExample.id())\n .name(\"Cloud Keystore example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n # Find a cloud keystore with a static cloud provider id\n ckExampleById:\n fn::invoke:\n function: venafi:getCloudKeystore\n arguments:\n cloudProviderId: e48897d0-2762-11ef-8fab-79ac590dd358\n name: Cloud Keystore Example\n # Find a cloud keystore by using venafi_cloud_provider data source as input\n ckExample:\n fn::invoke:\n function: venafi:getCloudKeystore\n arguments:\n cloudProviderId: ${cpExample.id}\n name: Cloud Keystore example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getCloudKeystore.\n","properties":{"cloudProviderId":{"type":"string","description":"ID of the cloud provider whom the cloud keystore to look up belongs to.\n","willReplaceOnChanges":true},"name":{"type":"string","description":"Name of the cloud keystore to look up.\n","willReplaceOnChanges":true}},"type":"object","required":["cloudProviderId","name"]},"outputs":{"description":"A collection of values returned by getCloudKeystore.\n","properties":{"cloudProviderId":{"type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"machineIdentitiesCount":{"description":"Number of machine identities provisioned to the cloud keystore.\n","type":"integer"},"name":{"type":"string"},"type":{"description":"The cloud keystore type. Either `ACM`, `AKV` or `GCM`.\n","type":"string"}},"required":["cloudProviderId","machineIdentitiesCount","name","type","id"],"type":"object"}},"venafi:index/getCloudProvider:getCloudProvider":{"description":"Use this data source to get the `ID` of a cloud provider in Venafi Control Plane, referenced by its name.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as venafi from \"@pulumi/venafi\";\n\n// Find a cloud provider\nconst cpExample = venafi.getCloudProvider({\n name: \"Cloud Provider Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_venafi as venafi\n\n# Find a cloud provider\ncp_example = venafi.get_cloud_provider(name=\"Cloud Provider Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Venafi = Pulumi.Venafi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Find a cloud provider\n var cpExample = Venafi.GetCloudProvider.Invoke(new()\n {\n Name = \"Cloud Provider Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-venafi/sdk/go/venafi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Find a cloud provider\n\t\t_, err := venafi.GetCloudProvider(ctx, \u0026venafi.GetCloudProviderArgs{\n\t\t\tName: \"Cloud Provider Example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.venafi.VenafiFunctions;\nimport com.pulumi.venafi.inputs.GetCloudProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Find a cloud provider\n final var cpExample = VenafiFunctions.getCloudProvider(GetCloudProviderArgs.builder()\n .name(\"Cloud Provider Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n # Find a cloud provider\n cpExample:\n fn::invoke:\n function: venafi:getCloudProvider\n arguments:\n name: Cloud Provider Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getCloudProvider.\n","properties":{"name":{"type":"string","description":"Name of the Cloud Provider to look up.\n","willReplaceOnChanges":true}},"type":"object","required":["name"]},"outputs":{"description":"A collection of values returned by getCloudProvider.\n","properties":{"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"keystoresCount":{"description":"Number of Cloud Keystores configured with the Cloud Provider\n","type":"integer"},"name":{"type":"string"},"status":{"description":"The status of the Cloud Provider. Either `VALIDATED` or `NOT_VALIDATED`.\n","type":"string"},"statusDetails":{"description":"The details of the Cloud Provider status. If the status is `VALIDATED`, this value will be empty.\n","type":"string"},"type":{"description":"The Cloud Provider type. Either `AWS`, `AZURE` or `GCP`\n","type":"string"}},"required":["keystoresCount","name","status","statusDetails","type","id"],"type":"object"}}}}