tls_private_key (Resource)

Creates a PEM (and OpenSSH) formatted private key.

Generates a secure private key and encodes it in PEM (RFC 1421) and OpenSSH PEM (RFC 4716) formats. This resource is primarily intended for easily bootstrapping throwaway development environments.

This is a logical resource, so it contributes only to the current Terraform state and does not create any external managed resources.

Example Usage

# DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug
from constructs import Construct
from cdktf import TerraformStack
#
# Provider bindings are generated by running `cdktf get`.
# See https://cdk.tf/provider-generation for more details.
#
from imports.tls.private_key import PrivateKey
class MyConvertedCode(TerraformStack):
    def __init__(self, scope, name):
        super().__init__(scope, name)
        PrivateKey(self, "ecdsa-p384-example",
            algorithm="ECDSA",
            ecdsa_curve="P384"
        )
        PrivateKey(self, "ed25519-example",
            algorithm="ED25519"
        )
        PrivateKey(self, "rsa-4096-example",
            algorithm="RSA",
            rsa_bits=4096
        )

Schema

Required

Optional

Read-Only

Generating a New Key

Since a private key is a logical resource that lives only in the Terraform state, it will persist until it is explicitly destroyed by the user.

In order to force the generation of a new key within an existing state, the private key instance can be "tainted":

terraform taint tls_private_key.example

A new key will then be generated on the next terraform apply.