Skip to content

Resource: awsIamSigningCertificate

Provides an IAM Signing Certificate resource to upload Signing Certificates.

\~> Note: All arguments including the certificate body will be stored in the raw state as plain-text. Read more about sensitive data in state.

Example Usage

Using certs on file:

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.iamSigningCertificate.IamSigningCertificate(this, "test_cert", {
  certificateBody: '${file("self-ca-cert.pem")}',
  username: "some_test_cert",
});

Example with cert in-line:

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.iamSigningCertificate.IamSigningCertificate(this, "test_cert_alt", {
  certificateBody:
    "-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n",
  username: "some_test_cert",
});

Argument Reference

The following arguments are supported:

  • certificateBody – (Required) The contents of the signing certificate in PEM-encoded format.
  • status – (Optional) The status you want to assign to the certificate. active means that the certificate can be used for programmatic calls to Amazon Web Services inactive means that the certificate cannot be used.
  • userName – (Required) The name of the user the signing certificate is for.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • certificateId - The ID for the signing certificate.
  • id - The certificateId:userName

Import

IAM Signing Certificates can be imported using the id, e.g.,

$ terraform import aws_iam_signing_certificate.certificate IDIDIDIDID:user-name