confluentcloud.getCertificateAuthority

Confluent v2.72.0, Jun 13 26

Viewing docs for Confluent v2.72.0
published on Saturday, Jun 13, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-confluentcloud

Viewing docs for Confluent v2.72.0
published on Saturday, Jun 13, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-confluentcloud

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as confluentcloud from "@pulumi/confluentcloud";

const main = confluentcloud.getCertificateAuthority({
    id: "op-abc123",
});
export const certificateAuthority = main;

import pulumi
import pulumi_confluentcloud as confluentcloud

main = confluentcloud.get_certificate_authority(id="op-abc123")
pulumi.export("certificateAuthority", main)

package main

import (
	"github.com/pulumi/pulumi-confluentcloud/sdk/v2/go/confluentcloud"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		main, err := confluentcloud.GetCertificateAuthority(ctx, &confluentcloud.LookupCertificateAuthorityArgs{
			Id: "op-abc123",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("certificateAuthority", main)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using ConfluentCloud = Pulumi.ConfluentCloud;

return await Deployment.RunAsync(() => 
{
    var main = ConfluentCloud.GetCertificateAuthority.Invoke(new()
    {
        Id = "op-abc123",
    });

    return new Dictionary<string, object?>
    {
        ["certificateAuthority"] = main,
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.confluentcloud.ConfluentcloudFunctions;
import com.pulumi.confluentcloud.inputs.GetCertificateAuthorityArgs;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var main = ConfluentcloudFunctions.getCertificateAuthority(GetCertificateAuthorityArgs.builder()
            .id("op-abc123")
            .build());

        ctx.export("certificateAuthority", main);
    }
}

variables:
  main:
    fn::invoke:
      function: confluentcloud:getCertificateAuthority
      arguments:
        id: op-abc123
outputs:
  certificateAuthority: ${main}

pulumi {
  required_providers {
    confluentcloud = {
      source = "pulumi/confluentcloud"
    }
  }
}

data "confluentcloud_getcertificateauthority" "main" {
  id = "op-abc123"
}

output "certificateAuthority" {
  value = data.confluentcloud_getcertificateauthority.main
}

Using getCertificateAuthority

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getCertificateAuthority(args: GetCertificateAuthorityArgs, opts?: InvokeOptions): Promise<GetCertificateAuthorityResult>
function getCertificateAuthorityOutput(args: GetCertificateAuthorityOutputArgs, opts?: InvokeOptions): Output<GetCertificateAuthorityResult>

def get_certificate_authority(crl_source: Optional[str] = None,
                              crl_updated_at: Optional[str] = None,
                              crl_url: Optional[str] = None,
                              id: Optional[str] = None,
                              opts: Optional[InvokeOptions] = None) -> GetCertificateAuthorityResult
def get_certificate_authority_output(crl_source: pulumi.Input[Optional[str]] = None,
                              crl_updated_at: pulumi.Input[Optional[str]] = None,
                              crl_url: pulumi.Input[Optional[str]] = None,
                              id: pulumi.Input[Optional[str]] = None,
                              opts: Optional[InvokeOptions] = None) -> Output[GetCertificateAuthorityResult]

func LookupCertificateAuthority(ctx *Context, args *LookupCertificateAuthorityArgs, opts ...InvokeOption) (*LookupCertificateAuthorityResult, error)
func LookupCertificateAuthorityOutput(ctx *Context, args *LookupCertificateAuthorityOutputArgs, opts ...InvokeOption) LookupCertificateAuthorityResultOutput

> Note: This function is named LookupCertificateAuthority in the Go SDK.

public static class GetCertificateAuthority 
{
    public static Task<GetCertificateAuthorityResult> InvokeAsync(GetCertificateAuthorityArgs args, InvokeOptions? opts = null)
    public static Output<GetCertificateAuthorityResult> Invoke(GetCertificateAuthorityInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetCertificateAuthorityResult> getCertificateAuthority(GetCertificateAuthorityArgs args, InvokeOptions options)
public static Output<GetCertificateAuthorityResult> getCertificateAuthority(GetCertificateAuthorityArgs args, InvokeOptions options)

fn::invoke:
  function: confluentcloud:index/getCertificateAuthority:getCertificateAuthority
  arguments:
    # arguments dictionary

data "confluentcloud_getcertificateauthority" "name" {
    # arguments
}

The following arguments are supported:

Id string: The ID of the Certificate Authority, for example, op-abc123.
CrlSource string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
CrlUpdatedAt string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
CrlUrl string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.

Id string: The ID of the Certificate Authority, for example, op-abc123.
CrlSource string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
CrlUpdatedAt string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
CrlUrl string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.

id string: The ID of the Certificate Authority, for example, op-abc123.
crl_source string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crl_updated_at string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crl_url string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.

id String: The ID of the Certificate Authority, for example, op-abc123.
crlSource String: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crlUpdatedAt String: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crlUrl String: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.

id string: The ID of the Certificate Authority, for example, op-abc123.
crlSource string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crlUpdatedAt string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crlUrl string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.

id str: The ID of the Certificate Authority, for example, op-abc123.
crl_source str: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crl_updated_at str: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crl_url str: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.

id String: The ID of the Certificate Authority, for example, op-abc123.
crlSource String: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crlUpdatedAt String: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crlUrl String: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.

getCertificateAuthority Result

The following output properties are available:

CertificateChainFilename string: (Required String) The name of the certificate file, for example, certificate.pem.
CrlSource string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
CrlUpdatedAt string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
CrlUrl string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.
Description string: (Required String) A description for the Certificate Authority.
DisplayName string: (Required String) A human-readable name for the Certificate Authority.
ExpirationDates List<string>: (Required List of Strings) The expiration dates of certificates in the chain, for example, ["2017-07-21T17:32:28Z"].
Fingerprints List<string>: (Required List of Strings) The fingerprints for each certificate in the certificate chain, for example, ["B1BC968BD4f49D622AA89A81F2150152A41D829C"].
Id string
RequireCrlOnClientCertificate bool: (Required Boolean) Whether Certificate Revocation List (CRL) validation is enforced on client certificates during mTLS authentication. When true, a client certificate that is revoked in the CRL — or whose issuer does not match the CRL issuer — is rejected even if the TLS handshake succeeds.
SerialNumbers List<string>: (Required List of Strings) The serial numbers for each certificate in the certificate chain.

CertificateChainFilename string: (Required String) The name of the certificate file, for example, certificate.pem.
CrlSource string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
CrlUpdatedAt string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
CrlUrl string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.
Description string: (Required String) A description for the Certificate Authority.
DisplayName string: (Required String) A human-readable name for the Certificate Authority.
ExpirationDates []string: (Required List of Strings) The expiration dates of certificates in the chain, for example, ["2017-07-21T17:32:28Z"].
Fingerprints []string: (Required List of Strings) The fingerprints for each certificate in the certificate chain, for example, ["B1BC968BD4f49D622AA89A81F2150152A41D829C"].
Id string
RequireCrlOnClientCertificate bool: (Required Boolean) Whether Certificate Revocation List (CRL) validation is enforced on client certificates during mTLS authentication. When true, a client certificate that is revoked in the CRL — or whose issuer does not match the CRL issuer — is rejected even if the TLS handshake succeeds.
SerialNumbers []string: (Required List of Strings) The serial numbers for each certificate in the certificate chain.

certificate_chain_filename string: (Required String) The name of the certificate file, for example, certificate.pem.
crl_source string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crl_updated_at string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crl_url string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.
description string: (Required String) A description for the Certificate Authority.
display_name string: (Required String) A human-readable name for the Certificate Authority.
expiration_dates list(string): (Required List of Strings) The expiration dates of certificates in the chain, for example, ["2017-07-21T17:32:28Z"].
fingerprints list(string): (Required List of Strings) The fingerprints for each certificate in the certificate chain, for example, ["B1BC968BD4f49D622AA89A81F2150152A41D829C"].
id string
require_crl_on_client_certificate bool: (Required Boolean) Whether Certificate Revocation List (CRL) validation is enforced on client certificates during mTLS authentication. When true, a client certificate that is revoked in the CRL — or whose issuer does not match the CRL issuer — is rejected even if the TLS handshake succeeds.
serial_numbers list(string): (Required List of Strings) The serial numbers for each certificate in the certificate chain.

certificateChainFilename String: (Required String) The name of the certificate file, for example, certificate.pem.
crlSource String: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crlUpdatedAt String: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crlUrl String: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.
description String: (Required String) A description for the Certificate Authority.
displayName String: (Required String) A human-readable name for the Certificate Authority.
expirationDates List<String>: (Required List of Strings) The expiration dates of certificates in the chain, for example, ["2017-07-21T17:32:28Z"].
fingerprints List<String>: (Required List of Strings) The fingerprints for each certificate in the certificate chain, for example, ["B1BC968BD4f49D622AA89A81F2150152A41D829C"].
id String
requireCrlOnClientCertificate Boolean: (Required Boolean) Whether Certificate Revocation List (CRL) validation is enforced on client certificates during mTLS authentication. When true, a client certificate that is revoked in the CRL — or whose issuer does not match the CRL issuer — is rejected even if the TLS handshake succeeds.
serialNumbers List<String>: (Required List of Strings) The serial numbers for each certificate in the certificate chain.

certificateChainFilename string: (Required String) The name of the certificate file, for example, certificate.pem.
crlSource string: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crlUpdatedAt string: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crlUrl string: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.
description string: (Required String) A description for the Certificate Authority.
displayName string: (Required String) A human-readable name for the Certificate Authority.
expirationDates string[]: (Required List of Strings) The expiration dates of certificates in the chain, for example, ["2017-07-21T17:32:28Z"].
fingerprints string[]: (Required List of Strings) The fingerprints for each certificate in the certificate chain, for example, ["B1BC968BD4f49D622AA89A81F2150152A41D829C"].
id string
requireCrlOnClientCertificate boolean: (Required Boolean) Whether Certificate Revocation List (CRL) validation is enforced on client certificates during mTLS authentication. When true, a client certificate that is revoked in the CRL — or whose issuer does not match the CRL issuer — is rejected even if the TLS handshake succeeds.
serialNumbers string[]: (Required List of Strings) The serial numbers for each certificate in the certificate chain.

certificate_chain_filename str: (Required String) The name of the certificate file, for example, certificate.pem.
crl_source str: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crl_updated_at str: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crl_url str: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.
description str: (Required String) A description for the Certificate Authority.
display_name str: (Required String) A human-readable name for the Certificate Authority.
expiration_dates Sequence[str]: (Required List of Strings) The expiration dates of certificates in the chain, for example, ["2017-07-21T17:32:28Z"].
fingerprints Sequence[str]: (Required List of Strings) The fingerprints for each certificate in the certificate chain, for example, ["B1BC968BD4f49D622AA89A81F2150152A41D829C"].
id str
require_crl_on_client_certificate bool: (Required Boolean) Whether Certificate Revocation List (CRL) validation is enforced on client certificates during mTLS authentication. When true, a client certificate that is revoked in the CRL — or whose issuer does not match the CRL issuer — is rejected even if the TLS handshake succeeds.
serial_numbers Sequence[str]: (Required List of Strings) The serial numbers for each certificate in the certificate chain.

certificateChainFilename String: (Required String) The name of the certificate file, for example, certificate.pem.
crlSource String: (Optional String) The source specifies whether the Certificate Revocation List (CRL) was uploaded inline (LOCAL) or is fetched from a URL (URL). Accepted values are LOCAL and URL.
crlUpdatedAt String: (Optional String) The timestamp for when CRL was last updated, for example, 2017-07-21T17:32:28Z.
crlUrl String: (Optional String) The URL from which Confluent Cloud fetches the CRL for the Certificate Authority when crlSource is URL. When the CRL was uploaded inline via crlChain on the resource, the backend reports this attribute as Local file uploaded.
description String: (Required String) A description for the Certificate Authority.
displayName String: (Required String) A human-readable name for the Certificate Authority.
expirationDates List<String>: (Required List of Strings) The expiration dates of certificates in the chain, for example, ["2017-07-21T17:32:28Z"].
fingerprints List<String>: (Required List of Strings) The fingerprints for each certificate in the certificate chain, for example, ["B1BC968BD4f49D622AA89A81F2150152A41D829C"].
id String
requireCrlOnClientCertificate Boolean: (Required Boolean) Whether Certificate Revocation List (CRL) validation is enforced on client certificates during mTLS authentication. When true, a client certificate that is revoked in the CRL — or whose issuer does not match the CRL issuer — is rejected even if the TLS handshake succeeds.
serialNumbers List<String>: (Required List of Strings) The serial numbers for each certificate in the certificate chain.

Package Details

Repository: Confluent Cloud pulumi/pulumi-confluentcloud
License: Apache-2.0
Notes: This Pulumi package is based on the confluent Terraform Provider.

Viewing docs for Confluent v2.72.0
published on Saturday, Jun 13, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-confluentcloud

confluentcloud.getCertificateAuthority

On this page

On this page

Example Usage

Using getCertificateAuthority

getCertificateAuthority Result

Package Details

On this page

On this page

Try Pulumi Cloud free.
Your team will thank you.

confluentcloud.getCertificateAuthority

On this page

On this page

Example Usage

Using getCertificateAuthority

getCertificateAuthority Result

Package Details

On this page

On this page

Try Pulumi Cloud free.Your team will thank you.

Try Pulumi Cloud free.
Your team will thank you.