tls_self_signed_cert (Resource)

Creates a self-signed TLS certificate in PEM (RFC 1421) format.

Example Usage

# DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug
from constructs import Construct
from cdktf import Fn, Token, TerraformStack
#
# Provider bindings are generated by running `cdktf get`.
# See https://cdk.tf/provider-generation for more details.
#
from imports.tls.self_signed_cert import SelfSignedCert
class MyConvertedCode(TerraformStack):
    def __init__(self, scope, name):
        super().__init__(scope, name)
        SelfSignedCert(self, "example",
            allowed_uses=["key_encipherment", "digital_signature", "server_auth"],
            private_key_pem=Token.as_string(Fn.file("private_key.pem")),
            subject=SelfSignedCertSubject(
                common_name="example.com",
                organization="ACME Examples, Inc"
            ),
            validity_period_hours=12
        )

Schema

Required

Optional

Read-Only

Nested Schema for subject

Optional:

Automatic Renewal

This resource considers its instances to have been deleted after either their validity periods ends (i.e. beyond the validity_period_hours) or the early renewal period is reached (i.e. within the early_renewal_hours): when this happens, the ready_for_renewal attribute will be true. At this time, applying the Terraform configuration will cause a new certificate to be generated for the instance.

Therefore in a development environment with frequent deployments it may be convenient to set a relatively-short expiration time and use early renewal to automatically provision a new certificate when the current one is about to expire.

The creation of a new certificate may of course cause dependent resources to be updated or replaced, depending on the lifecycle rules applying to those resources.