signed-certificate

Invicton-Labs/signed-certificate/tls

Terraform Module HCL TLS

Install

module "signed-certificate" {

source = "Invicton-Labs/signed-certificate/tls"

version = "0.2.0"

}

plain text: /constructs/tfmod-invicton-labs-signed-certificate-tls/install.txt

⭐ Source on GitHub 📦 Registry page

README

Terraform TLS Signed Certificate This module creates a self-signed or locally-signed certificate and optionally uploads it to AWS ACM.

Inputs (23)

Name	Type	Description	Default
subject_common_name	string	The certificate subject's common name.	required
subject_locality	string	The certificate subject's locality.	`null`
validity_period_hours	number	How many hours the certificate should be valid for. Defaults to 8760 (1 year).	`8760`
ip_addresses	list(string)	List of IP addresses for which a certificate is being created. Defaults to none.	`null`
early_renewal_hours	number	If set, the resource will consider the certificate to have expired the given num	`null`
is_ca_certificate	bool	Boolean controlling whether the CA flag will be set in the generated certificate	`false`
acm_import	bool	Boolean value of whether the generated and signed certificate should be imported	`false`
key_algorithm	string	Algorithm to use for the private key. Options are 'RSA' or 'ECDSA'. Defaults to	`"RSA"`
subject_organization	string	The certificate subject's organization.	`null`
set_subject_key_id	bool	If true, the certificate will include the subject key identifier. Defaults to fa	`false`
subject_serial_number	string	The certificate subject's serial number.	`null`
dns_names	list(string)	List of DNS names for which a certificate is being created. Defaults to none.	`null`
uris	list(string)	List of URIs for which a certificate is being created. Defaults to none.	`null`
allowed_uses	list(string)	List of keywords each describing a use that is permitted for the issued certific	`[ "digital_signature", "content_comm`
certificate_authority	object({ private_key_algo	The Certificate Authority certificate to use for signing the new certificate.	`null`
subject_street_address	list(string)	The certificate subject's street address (list of strings).	`[]`
subject_postal_code	string	The certificate subject's postal code.	`null`
subject_province	string	The certificate subject's province.	`null`
subject_organizational_unit	string	The certificate subject's organizational unit.	`null`
subject_country	string	The certificate subject's country.	`null`
ecdsa_curve	string	Elliptic curve to use for the ECDSA algorithm. Has no effect unless the 'key_alg	`"P224"`

Outputs (26)

subject_common_name — The value of the `subject_common_name` input variable.

subject_street_address — The value of the `subject_street_address` input variable, or the default value if the input was `nul

subject_postal_code — The value of the `subject_postal_code` input variable, or the default value if the input was `null`.

subject_serial_number — The value of the `subject_serial_number` input variable, or the default value if the input was `null

early_renewal_hours — The value of the `early_renewal_hours` input variable, or the default value if the input was `null`.

certificate_authority — The value of the `certificate_authority` input variable, or the default value if the input was `null

acm_import — The value of the `acm_import` input variable, or the default value if the input was `null`.

ecdsa_curve — The value of the `ecdsa_curve` input variable, or the default value if the input was `null`.

is_ca_certificate — The value of the `is_ca_certificate` input variable, or the default value if the input was `null`.

set_subject_key_id — The value of the `set_subject_key_id` input variable, or the default value if the input was `null`.

certificate_pem — The PEM-encoded signed certificate.

ip_addresses — The value of the `ip_addresses` input variable, or the default value if the input was `null`.

certificate — The ACM certificate that was imported. Value will be null unless the 'acm_import' variable was set t

subject_province — The value of the `subject_province` input variable, or the default value if the input was `null`.

subject_country — The value of the `subject_country` input variable, or the default value if the input was `null`.

dns_names — The value of the `dns_names` input variable, or the default value if the input was `null`.

validity_period_hours — The value of the `validity_period_hours` input variable, or the default value if the input was `null

allowed_uses — The value of the `allowed_uses` input variable, or the default value if the input was `null`.

private_key_pem — The PEM-encoded private key for the certificate.

key_bits — The value of the `key_bits` input variable, or the default value if the input was `null`.

subject_organizational_unit — The value of the `subject_organizational_unit` input variable, or the default value if the input was

subject_locality — The value of the `subject_locality` input variable, or the default value if the input was `null`.

uris — The value of the `uris` input variable, or the default value if the input was `null`.

key_algorithm — The value of the `key_algorithm` input variable, or the default value if the input was `null`.

certificate_acm_name — The value of the `certificate_acm_name` input variable, or the default value if the input was `null`

subject_organization — The value of the `subject_organization` input variable, or the default value if the input was `null`

Resources (5)

aws_acm_certificatetls_cert_requesttls_locally_signed_certtls_private_keytls_self_signed_cert

Details

FrameworkTerraform Module

LanguageHCL

Version0.2.0

Cloud TLS

Total downloads520

Inputs23

Outputs26

Resources5

NamespaceInvicton-Labs

Updated

Tools

⚖ Compare with another construct → 📋 View data schema