Creates and manages an AWS IoT certificate.
resource "aws_iot_certificate" "cert" {
csr = file("/my/csr.pem")
active = true
}
resource "aws_iot_certificate" "cert" {
active = true
}
resource "aws_iot_certificate" "cert" {
certificate_pem = file("/my/cert.pem")
active = true
}
active
- (Required) Boolean flag to indicate if the certificate should be activecsr
- (Optional) The certificate signing request. Review
CreateCertificateFromCsr
for more information on generating a certificate from a certificate signing request (CSR).
If none is specified both the certificate and keys will be generated, review CreateKeysAndCertificate
for more information on generating keys and a certificate.certificate_pem
- (Optional) The certificate to be registered. If ca_pem
is unspecified, review
RegisterCertificateWithoutCA.
If ca_pem
is specified, review
RegisterCertificate
for more information on registering a certificate.ca_pem
- (Optional) The CA certificate for the certificate to be registered. If this is set, the CA needs to be registered with AWS IoT beforehand.This resource exports the following attributes in addition to the arguments above:
id
- The internal ID assigned to this certificate.arn
- The ARN of the created certificate.ca_certificate_id
- The certificate ID of the CA certificate used to sign the certificate.certificate_pem
- The certificate data, in PEM format.public_key
- When neither CSR nor certificate is provided, the public key.private_key
- When neither CSR nor certificate is provided, the private key.