CA set

akamai_mtlstruststore_ca_set

📘

Beta

Hello. Just a note to let you know the underlying API on which this resource is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.

This status just means we've paused for a bit to get your feedback to make sure this resource works like you need and expect.

Create, update, or delete a CA set and its versions.

Notes:

  • You can't update a CA set's name or description.
  • You can't delete a CA set version within a CA set. It can only be deactivated.
  • You can update a CA set version's details at any time. If the version hasn't been activated, the update applies directly to that version. If it's already activated, updating its details creates a new version by cloning an existing one.
  • You can remove the entire CA set only after deactivating its versions. The delete operation is initiated separately for each network. If it's processed correctly on one network but fails on another network, you need to retry the delete.
resource "akamai_mtlstruststore_ca_set" "my-ca-set" {
  name                = "my-ca-set"
  description         = "My testing CA set"
  allow_insecure_sha1 = false
  version_description = "Initial version for testing"
  certificates = [
    {
      certificate_pem = <<-EOT
            -----BEGIN CERTIFICATE-----
            MIID <sample - removed for readability> .... Mweq
            -----END CERTIFICATE-----
        EOT
      description     = "Test certificate"
    }
  ]
  timeouts {
    delete = "5m"
  }
}

Arguments

Send the name and certificates arguments to create a CA set with its versions.

Attribute Required Description
name Your CA set's name.
certificates Certificates that are valid, non-expired, root, or intermediate. Each certificate record includes:
  • certificate_pem. Required. Your certificate in PEM format, as found in a Base64 ASCII encoded file.
  • description. An optional human-readable description for your certificate.
description Any additional comments you add to your CA set. You can't update it after creating the resource.
allow_insecure_sha1 When set to true, it allows certificates with a SHA-1 signature. When set to false, it allows the version's certificates only with a signature algorithm of SHA-256 or better. Defaults to false if not set.
version_description Any additional comments you add to the CA set version when creating or updating it.
timeouts Uses the delete to specify how long Terraform should wait for the deletion process to complete, including polling the API until the deletion status is COMPLETE. If the deletion doesn't complete within this time, the operation will be terminated. You can override the provider's default processing timeout, which is one hour with a 10-second polling interval.

Value is a string containing a number and its time reference, h for hours, m for minutes, s for seconds. You can pass one, two, or all time units. For example:
  • 1h3m5s
  • 2h5m
  • 3m

Attributes

There is no default standard output. Upon creation, the last line of the process log contains a success message with the CA set's id.

Adding an output block returns the CA set's details you provided on create and the computed attributes.

Attribute Description
account_id The account's ID that the CA set belongs to.
id The CA set's ID.
created_by The user who created the CA set.
created_date The timestamp indicating when the CA set was created.
version_created_by The user who created the CA set version.
version_created_date The timestamp indicating when the CA set version was created.
version_modified_by The user who modified the CA set version.
version_modified_date The timestamp indicating when the CA set version was modified.
latest_version The CA set version that was most recently created or cloned.
staging_version The version number of the CA set that is active on the staging network.
production_version The version number of the CA set that is active on the production network.
certificates Certificates that are valid, non-expired, root, or intermediate. Each certificate record includes:
  • created_by. The user who created the certificate.
  • created_date. The timestamp indicating when the certificate was created.
  • start_date. The timestamp indicating when the certificate started.
  • end_date. The timestamp indicating when the certificate expires.
  • fingerprint. The fingerprint of the certificate.
  • issuer. The certificate's issuer.
  • serial_number. The unique serial number of the certificate.
  • signature_algorithm. The signature algorithm of the certificate.
  • subject. The certificate's subject field.