Third-party client certificate
akamai_mtlskeystore_client_certificate_third_party
Hello. Just a note to let you know the underlying API on which this resource is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.
This status just means we've paused for a bit to get your feedback to make sure this resource works like you need and expect.
Create, update, or delete a third-party client certificate.
You can only update the certificate_name
and notification_emails
arguments, as well as add or delete entries in the versions
argument in the resource.
Running
terraform destroy
removes the resource immediately from your state file. Its status then changes toPENDING_DELETION
for up to 24 hours before the resource is permanently deleted from the server. If you attempt to recreate the resource during this 24-hour window while the deletion is in progress, you receive an error.
resource "akamai_mtlskeystore_client_certificate_third_party" "my-third-party-client-cert" {
certificate_name = "my-third-party-client-cert"
contract_id = "C-0N7RAC7"
group_id = 12345
geography = "CORE"
key_algorithm = "RSA"
notification_emails = ["jsmith@example.com"]
secure_network = "STANDARD_TLS"
versions = {
"my-client-cert-v1" = {},
"my-client-cert-v2" = {}
}
}
Arguments
Send all the required arguments to create a third-party client certificate.
Argument | Required | Description |
---|---|---|
certificate_name |
✔ | A descriptive, human-readable name for your client certificate. |
contract_id |
✔ | Your contract's ID. |
group_id |
✔ | Your group's ID. |
notification_emails |
✔ | Email addresses of users that get notified about any issues with the client certificate. |
secure_network |
✔ | The type of security on a deployment network. Possible values:
|
geography |
✔ | Your client certificate's deployment location. Possible values:
|
versions |
✔ | A map of user-defined identifiers as keys and client certificate versions as values. Each version represents a specific iteration of the client certificate. The identifier helps you manage the client certificate versions, for example, when rotating or deleting a version. You can have up to five versions. |
key_algorithm |
The cryptographic algorithm used for key generation, either RSA or ECDSA . Defaults to RSA if not set. |
|
subject |
Your CA certificate’s key value details. The CN attribute is required and can't exceed 64 characters. When null , the subject is constructed in this format: /C=US/O=Akamai Technologies, Inc./OU={vcd_id} {contract_id} {group_id}/CN={certificate_name}/ . |
Attributes
There is no default standard output. Upon creation, the last line of the process log contains a success message.
Adding an output
block returns the third-party client certificate's details you provided on create and the computed attributes.
Setting an output on the entire resource may lead to unexpected plan differences after uploading a signed client certificate. This is due to the API's handling process for certificate version updates, which may result in modifications to the certificate details during the update.
Attribute | Description |
---|---|
certificate_id |
The client certificate's ID. |
versions |
The client certificate's versions. Each version record contains:
|
Updated 3 days ago