Docs Home
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi
azure-native.apimanagement.Certificate
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi
Certificate details. Azure REST API version: 2022-08-01. Prior API version in Azure Native 1.x: 2020-12-01.
Other available API versions: 2016-10-10, 2022-09-01-preview, 2023-03-01-preview, 2023-05-01-preview, 2023-09-01-preview, 2024-05-01, 2024-06-01-preview.
Example Usage
ApiManagementCreateCertificate
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var certificate = new AzureNative.ApiManagement.Certificate("certificate", new()
{
CertificateId = "tempcert",
Data = "****************Base 64 Encoded Certificate *******************************",
Password = "****Certificate Password******",
ResourceGroupName = "rg1",
ServiceName = "apimService1",
});
});
package main
import (
apimanagement "github.com/pulumi/pulumi-azure-native-sdk/apimanagement/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apimanagement.NewCertificate(ctx, "certificate", &apimanagement.CertificateArgs{
CertificateId: pulumi.String("tempcert"),
Data: pulumi.String("****************Base 64 Encoded Certificate *******************************"),
Password: pulumi.String("****Certificate Password******"),
ResourceGroupName: pulumi.String("rg1"),
ServiceName: pulumi.String("apimService1"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.apimanagement.Certificate;
import com.pulumi.azurenative.apimanagement.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var certificate = new Certificate("certificate", CertificateArgs.builder()
.certificateId("tempcert")
.data("****************Base 64 Encoded Certificate *******************************")
.password("****Certificate Password******")
.resourceGroupName("rg1")
.serviceName("apimService1")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const certificate = new azure_native.apimanagement.Certificate("certificate", {
certificateId: "tempcert",
data: "****************Base 64 Encoded Certificate *******************************",
password: "****Certificate Password******",
resourceGroupName: "rg1",
serviceName: "apimService1",
});
import pulumi
import pulumi_azure_native as azure_native
certificate = azure_native.apimanagement.Certificate("certificate",
certificate_id="tempcert",
data="****************Base 64 Encoded Certificate *******************************",
password="****Certificate Password******",
resource_group_name="rg1",
service_name="apimService1")
resources:
certificate:
type: azure-native:apimanagement:Certificate
properties:
certificateId: tempcert
data: '****************Base 64 Encoded Certificate *******************************'
password: '****Certificate Password******'
resourceGroupName: rg1
serviceName: apimService1
ApiManagementCreateCertificateWithKeyVault
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var certificate = new AzureNative.ApiManagement.Certificate("certificate", new()
{
CertificateId = "templateCertkv",
KeyVault = new AzureNative.ApiManagement.Inputs.KeyVaultContractCreatePropertiesArgs
{
IdentityClientId = "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
SecretIdentifier = "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
},
ResourceGroupName = "rg1",
ServiceName = "apimService1",
});
});
package main
import (
apimanagement "github.com/pulumi/pulumi-azure-native-sdk/apimanagement/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apimanagement.NewCertificate(ctx, "certificate", &apimanagement.CertificateArgs{
CertificateId: pulumi.String("templateCertkv"),
KeyVault: &apimanagement.KeyVaultContractCreatePropertiesArgs{
IdentityClientId: pulumi.String("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
SecretIdentifier: pulumi.String("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
},
ResourceGroupName: pulumi.String("rg1"),
ServiceName: pulumi.String("apimService1"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.apimanagement.Certificate;
import com.pulumi.azurenative.apimanagement.CertificateArgs;
import com.pulumi.azurenative.apimanagement.inputs.KeyVaultContractCreatePropertiesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var certificate = new Certificate("certificate", CertificateArgs.builder()
.certificateId("templateCertkv")
.keyVault(KeyVaultContractCreatePropertiesArgs.builder()
.identityClientId("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0")
.secretIdentifier("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert")
.build())
.resourceGroupName("rg1")
.serviceName("apimService1")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const certificate = new azure_native.apimanagement.Certificate("certificate", {
certificateId: "templateCertkv",
keyVault: {
identityClientId: "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
secretIdentifier: "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
},
resourceGroupName: "rg1",
serviceName: "apimService1",
});
import pulumi
import pulumi_azure_native as azure_native
certificate = azure_native.apimanagement.Certificate("certificate",
certificate_id="templateCertkv",
key_vault={
"identity_client_id": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"secret_identifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
},
resource_group_name="rg1",
service_name="apimService1")
resources:
certificate:
type: azure-native:apimanagement:Certificate
properties:
certificateId: templateCertkv
keyVault:
identityClientId: ceaa6b06-c00f-43ef-99ac-f53d1fe876a0
secretIdentifier: https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert
resourceGroupName: rg1
serviceName: apimService1
Create Certificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);@overload
def Certificate(resource_name: str,
args: CertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Certificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
service_name: Optional[str] = None,
certificate_id: Optional[str] = None,
data: Optional[str] = None,
key_vault: Optional[KeyVaultContractCreatePropertiesArgs] = None,
password: Optional[str] = None)func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: azure-native:apimanagement:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var certificateResource = new AzureNative.ApiManagement.Certificate("certificateResource", new()
{
ResourceGroupName = "string",
ServiceName = "string",
CertificateId = "string",
Data = "string",
KeyVault = new AzureNative.ApiManagement.Inputs.KeyVaultContractCreatePropertiesArgs
{
IdentityClientId = "string",
SecretIdentifier = "string",
},
Password = "string",
});
example, err := apimanagement.NewCertificate(ctx, "certificateResource", &apimanagement.CertificateArgs{
ResourceGroupName: pulumi.String("string"),
ServiceName: pulumi.String("string"),
CertificateId: pulumi.String("string"),
Data: pulumi.String("string"),
KeyVault: &apimanagement.KeyVaultContractCreatePropertiesArgs{
IdentityClientId: pulumi.String("string"),
SecretIdentifier: pulumi.String("string"),
},
Password: pulumi.String("string"),
})
var certificateResource = new Certificate("certificateResource", CertificateArgs.builder()
.resourceGroupName("string")
.serviceName("string")
.certificateId("string")
.data("string")
.keyVault(KeyVaultContractCreatePropertiesArgs.builder()
.identityClientId("string")
.secretIdentifier("string")
.build())
.password("string")
.build());
certificate_resource = azure_native.apimanagement.Certificate("certificateResource",
resource_group_name="string",
service_name="string",
certificate_id="string",
data="string",
key_vault={
"identity_client_id": "string",
"secret_identifier": "string",
},
password="string")
const certificateResource = new azure_native.apimanagement.Certificate("certificateResource", {
resourceGroupName: "string",
serviceName: "string",
certificateId: "string",
data: "string",
keyVault: {
identityClientId: "string",
secretIdentifier: "string",
},
password: "string",
});
type: azure-native:apimanagement:Certificate
properties:
certificateId: string
data: string
keyVault:
identityClientId: string
secretIdentifier: string
password: string
resourceGroupName: string
serviceName: string
Certificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Certificate resource accepts the following input properties:
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Service
Name string - The name of the API Management service.
- Certificate
Id string - Identifier of the certificate entity. Must be unique in the current API Management service instance.
- Data string
- Base 64 encoded certificate using the application/x-pkcs12 representation.
- Key
Vault Pulumi.Azure Native. Api Management. Inputs. Key Vault Contract Create Properties - KeyVault location details of the certificate.
- Password string
- Password for the Certificate
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Service
Name string - The name of the API Management service.
- Certificate
Id string - Identifier of the certificate entity. Must be unique in the current API Management service instance.
- Data string
- Base 64 encoded certificate using the application/x-pkcs12 representation.
- Key
Vault KeyVault Contract Create Properties Args - KeyVault location details of the certificate.
- Password string
- Password for the Certificate
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- service
Name String - The name of the API Management service.
- certificate
Id String - Identifier of the certificate entity. Must be unique in the current API Management service instance.
- data String
- Base 64 encoded certificate using the application/x-pkcs12 representation.
- key
Vault KeyVault Contract Create Properties - KeyVault location details of the certificate.
- password String
- Password for the Certificate
- resource
Group stringName - The name of the resource group. The name is case insensitive.
- service
Name string - The name of the API Management service.
- certificate
Id string - Identifier of the certificate entity. Must be unique in the current API Management service instance.
- data string
- Base 64 encoded certificate using the application/x-pkcs12 representation.
- key
Vault KeyVault Contract Create Properties - KeyVault location details of the certificate.
- password string
- Password for the Certificate
- resource_
group_ strname - The name of the resource group. The name is case insensitive.
- service_
name str - The name of the API Management service.
- certificate_
id str - Identifier of the certificate entity. Must be unique in the current API Management service instance.
- data str
- Base 64 encoded certificate using the application/x-pkcs12 representation.
- key_
vault KeyVault Contract Create Properties Args - KeyVault location details of the certificate.
- password str
- Password for the Certificate
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- service
Name String - The name of the API Management service.
- certificate
Id String - Identifier of the certificate entity. Must be unique in the current API Management service instance.
- data String
- Base 64 encoded certificate using the application/x-pkcs12 representation.
- key
Vault Property Map - KeyVault location details of the certificate.
- password String
- Password for the Certificate
Outputs
All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:
- Expiration
Date string - Expiration date of the certificate. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard. - Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- Subject string
- Subject attribute of the certificate.
- Thumbprint string
- Thumbprint of the certificate.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Expiration
Date string - Expiration date of the certificate. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard. - Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- Subject string
- Subject attribute of the certificate.
- Thumbprint string
- Thumbprint of the certificate.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- expiration
Date String - Expiration date of the certificate. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard. - id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- subject String
- Subject attribute of the certificate.
- thumbprint String
- Thumbprint of the certificate.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- expiration
Date string - Expiration date of the certificate. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard. - id string
- The provider-assigned unique ID for this managed resource.
- name string
- The name of the resource
- subject string
- Subject attribute of the certificate.
- thumbprint string
- Thumbprint of the certificate.
- type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- expiration_
date str - Expiration date of the certificate. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard. - id str
- The provider-assigned unique ID for this managed resource.
- name str
- The name of the resource
- subject str
- Subject attribute of the certificate.
- thumbprint str
- Thumbprint of the certificate.
- type str
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- expiration
Date String - Expiration date of the certificate. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard. - id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- subject String
- Subject attribute of the certificate.
- thumbprint String
- Thumbprint of the certificate.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
Supporting Types
KeyVaultContractCreateProperties, KeyVaultContractCreatePropertiesArgs
- Identity
Client stringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- Secret
Identifier string - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- Identity
Client stringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- Secret
Identifier string - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity
Client StringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- secret
Identifier String - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity
Client stringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- secret
Identifier string - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity_
client_ strid - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- secret_
identifier str - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity
Client StringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- secret
Identifier String - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
KeyVaultContractPropertiesResponse, KeyVaultContractPropertiesResponseArgs
- Identity
Client stringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- Last
Status Pulumi.Azure Native. Api Management. Inputs. Key Vault Last Access Status Contract Properties Response - Last time sync and refresh status of secret from key vault.
- Secret
Identifier string - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- Identity
Client stringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- Last
Status KeyVault Last Access Status Contract Properties Response - Last time sync and refresh status of secret from key vault.
- Secret
Identifier string - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity
Client StringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- last
Status KeyVault Last Access Status Contract Properties Response - Last time sync and refresh status of secret from key vault.
- secret
Identifier String - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity
Client stringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- last
Status KeyVault Last Access Status Contract Properties Response - Last time sync and refresh status of secret from key vault.
- secret
Identifier string - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity_
client_ strid - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- last_
status KeyVault Last Access Status Contract Properties Response - Last time sync and refresh status of secret from key vault.
- secret_
identifier str - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
- identity
Client StringId - Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
- last
Status Property Map - Last time sync and refresh status of secret from key vault.
- secret
Identifier String - Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi
KeyVaultLastAccessStatusContractPropertiesResponse, KeyVaultLastAccessStatusContractPropertiesResponseArgs
- Code string
- Last status code for sync and refresh of secret from key vault.
- Message string
- Details of the error else empty.
- Time
Stamp stringUtc - Last time secret was accessed. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard.
- Code string
- Last status code for sync and refresh of secret from key vault.
- Message string
- Details of the error else empty.
- Time
Stamp stringUtc - Last time secret was accessed. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard.
- code String
- Last status code for sync and refresh of secret from key vault.
- message String
- Details of the error else empty.
- time
Stamp StringUtc - Last time secret was accessed. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard.
- code string
- Last status code for sync and refresh of secret from key vault.
- message string
- Details of the error else empty.
- time
Stamp stringUtc - Last time secret was accessed. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard.
- code str
- Last status code for sync and refresh of secret from key vault.
- message str
- Details of the error else empty.
- time_
stamp_ strutc - Last time secret was accessed. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard.
- code String
- Last status code for sync and refresh of secret from key vault.
- message String
- Details of the error else empty.
- time
Stamp StringUtc - Last time secret was accessed. The date conforms to the following format:
yyyy-MM-ddTHH:mm:ssZas specified by the ISO 8601 standard.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:apimanagement:Certificate templateCertkv /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates/{certificateId}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi