tls_private_key (Resource)

Creates a PEM (and OpenSSH) formatted private key.

Generates a secure private key and encodes it in PEM (RFC 1421) and OpenSSH PEM (RFC 4716) formats. This resource is primarily intended for easily bootstrapping throwaway development environments.

This is a logical resource, so it contributes only to the current Terraform state and does not create any external managed resources.

Example Usage

// DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug
import { Construct } from "constructs";
import { TerraformStack } from "cdktf";
/*
 * Provider bindings are generated by running `cdktf get`.
 * See https://cdk.tf/provider-generation for more details.
 */
import { PrivateKey } from "./.gen/providers/tls/private-key";
class MyConvertedCode extends TerraformStack {
  constructor(scope: Construct, name: string) {
    super(scope, name);
    new PrivateKey(this, "ecdsa-p384-example", {
      algorithm: "ECDSA",
      ecdsaCurve: "P384",
    });
    new PrivateKey(this, "ed25519-example", {
      algorithm: "ED25519",
    });
    new PrivateKey(this, "rsa-4096-example", {
      algorithm: "RSA",
      rsaBits: 4096,
    });
  }
}

Schema

Required

Optional

Read-Only

Generating a New Key

Since a private key is a logical resource that lives only in the Terraform state, it will persist until it is explicitly destroyed by the user.

In order to force the generation of a new key within an existing state, the private key instance can be "tainted":

terraform taint tls_private_key.example

A new key will then be generated on the next terraform apply.