--- # generated by https://github.com/hashicorp/terraform-plugin-docs page_title: "awscc_acmpca_certificate Resource - terraform-provider-awscc" subcategory: "" description: |- A certificate issued via a private certificate authority --- # awscc_acmpca_certificate (Resource) A certificate issued via a private certificate authority ## Schema ### Required - `certificate_authority_arn` (String) The Amazon Resource Name (ARN) for the private CA to issue the certificate. - `certificate_signing_request` (String) The certificate signing request (CSR) for the Certificate. - `signing_algorithm` (String) The name of the algorithm that will be used to sign the Certificate. - `validity` (Attributes) The time before which the Certificate will be valid. (see [below for nested schema](#nestedatt--validity)) ### Optional - `api_passthrough` (Attributes) These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored. (see [below for nested schema](#nestedatt--api_passthrough)) - `template_arn` (String) Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template. - `validity_not_before` (Attributes) The time after which the Certificate will be valid. (see [below for nested schema](#nestedatt--validity_not_before)) ### Read-Only - `arn` (String) The ARN of the issued certificate. - `certificate` (String) The issued certificate in base 64 PEM-encoded format. - `id` (String) Uniquely identifies the resource. ### Nested Schema for `validity` Required: - `type` (String) - `value` (Number) ### Nested Schema for `api_passthrough` Optional: - `extensions` (Attributes) Structure that contains X.500 extensions for a Certificate. (see [below for nested schema](#nestedatt--api_passthrough--extensions)) - `subject` (Attributes) Structure that contains X.500 distinguished name information. (see [below for nested schema](#nestedatt--api_passthrough--subject)) ### Nested Schema for `api_passthrough.extensions` Optional: - `certificate_policies` (Attributes List) (see [below for nested schema](#nestedatt--api_passthrough--extensions--certificate_policies)) - `custom_extensions` (Attributes List) Array of X.509 extensions for a certificate. (see [below for nested schema](#nestedatt--api_passthrough--extensions--custom_extensions)) - `extended_key_usage` (Attributes List) (see [below for nested schema](#nestedatt--api_passthrough--extensions--extended_key_usage)) - `key_usage` (Attributes) Structure that contains X.509 KeyUsage information. (see [below for nested schema](#nestedatt--api_passthrough--extensions--key_usage)) - `subject_alternative_names` (Attributes List) (see [below for nested schema](#nestedatt--api_passthrough--extensions--subject_alternative_names)) ### Nested Schema for `api_passthrough.extensions.certificate_policies` Optional: - `cert_policy_id` (String) String that contains X.509 ObjectIdentifier information. - `policy_qualifiers` (Attributes List) (see [below for nested schema](#nestedatt--api_passthrough--extensions--certificate_policies--policy_qualifiers)) ### Nested Schema for `api_passthrough.extensions.certificate_policies.policy_qualifiers` Optional: - `policy_qualifier_id` (String) - `qualifier` (Attributes) Structure that contains a X.509 policy qualifier. (see [below for nested schema](#nestedatt--api_passthrough--extensions--certificate_policies--policy_qualifiers--qualifier)) ### Nested Schema for `api_passthrough.extensions.certificate_policies.policy_qualifiers.qualifier` Optional: - `cps_uri` (String) ### Nested Schema for `api_passthrough.extensions.custom_extensions` Optional: - `critical` (Boolean) - `object_identifier` (String) String that contains X.509 ObjectIdentifier information. - `value` (String) ### Nested Schema for `api_passthrough.extensions.extended_key_usage` Optional: - `extended_key_usage_object_identifier` (String) String that contains X.509 ObjectIdentifier information. - `extended_key_usage_type` (String) ### Nested Schema for `api_passthrough.extensions.key_usage` Optional: - `crl_sign` (Boolean) - `data_encipherment` (Boolean) - `decipher_only` (Boolean) - `digital_signature` (Boolean) - `encipher_only` (Boolean) - `key_agreement` (Boolean) - `key_cert_sign` (Boolean) - `key_encipherment` (Boolean) - `non_repudiation` (Boolean) ### Nested Schema for `api_passthrough.extensions.subject_alternative_names` Optional: - `directory_name` (Attributes) Structure that contains X.500 distinguished name information. (see [below for nested schema](#nestedatt--api_passthrough--extensions--subject_alternative_names--directory_name)) - `dns_name` (String) String that contains X.509 DnsName information. - `edi_party_name` (Attributes) Structure that contains X.509 EdiPartyName information. (see [below for nested schema](#nestedatt--api_passthrough--extensions--subject_alternative_names--edi_party_name)) - `ip_address` (String) String that contains X.509 IpAddress information. - `other_name` (Attributes) Structure that contains X.509 OtherName information. (see [below for nested schema](#nestedatt--api_passthrough--extensions--subject_alternative_names--other_name)) - `registered_id` (String) String that contains X.509 ObjectIdentifier information. - `rfc_822_name` (String) String that contains X.509 Rfc822Name information. - `uniform_resource_identifier` (String) String that contains X.509 UniformResourceIdentifier information. ### Nested Schema for `api_passthrough.extensions.subject_alternative_names.uniform_resource_identifier` Optional: - `common_name` (String) - `country` (String) - `custom_attributes` (Attributes List) Array of X.500 attribute type and value. CustomAttributes cannot be used along with pre-defined attributes. (see [below for nested schema](#nestedatt--api_passthrough--extensions--subject_alternative_names--uniform_resource_identifier--custom_attributes)) - `distinguished_name_qualifier` (String) - `generation_qualifier` (String) - `given_name` (String) - `initials` (String) - `locality` (String) - `organization` (String) - `organizational_unit` (String) - `pseudonym` (String) - `serial_number` (String) - `state` (String) - `surname` (String) - `title` (String) ### Nested Schema for `api_passthrough.extensions.subject_alternative_names.uniform_resource_identifier.custom_attributes` Optional: - `object_identifier` (String) String that contains X.509 ObjectIdentifier information. - `value` (String) ### Nested Schema for `api_passthrough.extensions.subject_alternative_names.uniform_resource_identifier` Optional: - `name_assigner` (String) - `party_name` (String) ### Nested Schema for `api_passthrough.extensions.subject_alternative_names.uniform_resource_identifier` Optional: - `type_id` (String) String that contains X.509 ObjectIdentifier information. - `value` (String) ### Nested Schema for `api_passthrough.subject` Optional: - `common_name` (String) - `country` (String) - `custom_attributes` (Attributes List) Array of X.500 attribute type and value. CustomAttributes cannot be used along with pre-defined attributes. (see [below for nested schema](#nestedatt--api_passthrough--subject--custom_attributes)) - `distinguished_name_qualifier` (String) - `generation_qualifier` (String) - `given_name` (String) - `initials` (String) - `locality` (String) - `organization` (String) - `organizational_unit` (String) - `pseudonym` (String) - `serial_number` (String) - `state` (String) - `surname` (String) - `title` (String) ### Nested Schema for `api_passthrough.subject.custom_attributes` Optional: - `object_identifier` (String) String that contains X.509 ObjectIdentifier information. - `value` (String) ### Nested Schema for `validity_not_before` Optional: - `type` (String) - `value` (Number) ## Import Import is supported using the following syntax: ```shell $ terraform import awscc_acmpca_certificate.example ```