googleSqlCaCerts
Get all of the trusted Certificate Authorities (CAs) for the specified SQL database instance. For more information see the official documentation and API.
Example Usage
import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const dataGoogleSqlCaCertsCaCerts =
new google.dataGoogleSqlCaCerts.DataGoogleSqlCaCerts(this, "ca_certs", {
instance: "primary-database-server",
});
const furthestExpirationTime = [
`\${reverse(sort([for k, v in ${dataGoogleSqlCaCertsCaCerts.certs} : v.expiration_time]))[0]}`,
];
const latestCaCert = [
`\${[for v in ${dataGoogleSqlCaCertsCaCerts.certs} : v.cert if v.expiration_time == ${furthestExpirationTime}]}`,
];
new cdktf.TerraformOutput(this, "db_latest_ca_cert", {
value: latestCaCert,
description: "Latest CA cert used by the primary database server",
sensitive: true,
});
Argument Reference
The following arguments are supported:
instance
- (Required) The name or self link of the instance.
project
- (Optional) The ID of the project in which the resource belongs. Ifproject
is not provided, the provider project is used.
Attributes Reference
The following attributes are exported:
-
activeVersion
- SHA1 fingerprint of the currently active CA certificate. -
certs
- A list of server CA certificates for the instance. Each contains:cert
- The CA certificate used to connect to the SQL instance via SSL.commonName
- The CN valid for the CA cert.createTime
- Creation time of the CA cert.expirationTime
- Expiration time of the CA cert.sha1Fingerprint
- SHA1 fingerprint of the CA cert.