Data Source: awsAcmpcaCertificateAuthority
Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dataAwsAcmpcaCertificateAuthority.DataAwsAcmpcaCertificateAuthority(
this,
"example",
{
arn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
}
);
Argument Reference
The following arguments are supported:
arn
- (Required) ARN of the certificate authority.
Attribute Reference
In addition to all arguments above, the following attributes are exported:
id
- ARN of the certificate authority.certificate
- Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.certificateChain
- Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.certificateSigningRequest
- The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.usageMode
- Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.notAfter
- Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.notBefore
- Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.revocationConfiguration
- Nested attribute containing revocation configuration.revocationConfiguration0CrlConfiguration
- Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.revocationConfiguration0CrlConfiguration0CustomCname
- Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.revocationConfiguration0CrlConfiguration0Enabled
- Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.revocationConfiguration0CrlConfiguration0ExpirationInDays
- Number of days until a certificate expires.revocationConfiguration0CrlConfiguration0S3BucketName
- Name of the S3 bucket that contains the CRL.revocationConfiguration0CrlConfiguration0S3ObjectAcl
- Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.revocationConfiguration0OcspConfiguration0Enabled
- Boolean value that specifies whether a custom OCSP responder is enabled.revocationConfiguration0OcspConfiguration0OcspCustomCname
- A CNAME specifying a customized OCSP domain.
serial
- Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.status
- Status of the certificate authority.tags
- Key-value map of user-defined tags that are attached to the certificate authority.type
- Type of the certificate authority.