Terraform-provider-aws: Feature Request: Support AWS Certificate Manager Private Certificate Authorities
Amazon has released a new service, AWS Certificate Manager Private Certificate Authority (ACM PCA), which is a managed CA service. https://aws.amazon.com/about-aws/whats-new/2018/04/introducing-aws-certificate-manager-private-certificate-authority/
Please vote on this issue by adding a :+1: reaction to the original issue to help prioritize interest. If you're interested in implementing this feature request, please comment below.
Prerequisites:
- aws-sdk-go v1.13.28: #4048
meta.(*AWSClient).acmpcaconn: #4049
Terraform Version
terraform 0.10+
New Resource(s)
aws_acmpca_certificate_authority
Terraform Configuration Files
# Example implementation, may change when developed
resource "aws_acmpca_certificate_authority" "example" {
certificate_authority_configuration { # Required
key_algorithm = ""
signing_algorithm = ""
subject {
common_name = ""
country = ""
distinguised_name_qualifier = ""
generation_qualifier = ""
given_name = ""
initials = ""
locality = ""
organization = ""
organizational_unit = ""
pseudonym = ""
state = ""
surname = ""
title = ""
}
}
revocation_configuration { # Optional
crl_configuration {
custom_cname = ""
enabled = true
expiration_in_days = 1
s3_bucket_name = "${aws_s3_bucket.example.name}"
}
}
}
Expected Behavior
Resource creates, updates, and deletes ACM private certificate authorities.
Actual Behavior
New feature.
References
bflad
All 7 comments
@bflad what are your thoughts on naming it aws_acm_private_certificate_authority?
The ca component of acmpca seems redundant given the certificate_authority post fix.
I also think this would more closely match other ACM resources as well, ref aws_acm_certificate and aws_acm_certificate_validation.
Thanks for putting together this issue, Is there anything I help get this feature implemented?
Andr3wHur5t
on 5 Apr 2018
I believe its important to denote PCA as a separate service and the naming comes directly from the SDK. It operates under a different endpoint that potentially acts differently than regular ACM. Certificate issuance may also require a separate resource. See also the waf vs wafregional resources.
bflad
on 6 Apr 2018
I'll be picking up this feature request and can provide updates in the coming days (or maybe even a pull request 😉 ).
bflad
on 24 Apr 2018
New aws_acmpca_certificate_authority resource and data source PR: https://github.com/terraform-providers/terraform-provider-aws/pull/4458
bflad
on 4 May 2018
The new aws_acmpca_certificate_authority resource and data source will be released in v1.18.0 of the AWS provider later today.
bflad
on 9 May 2018
This has been released in version 1.18.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.
bflad
on 10 May 2018
I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 6 Apr 2020
Related issues
modax
·
3Comments
hashibot
·
3Comments
ghost
·
3Comments
hashibot
·
3Comments
hashibot
·
3Comments
Most helpful comment
The new
aws_acmpca_certificate_authorityresource and data source will be released in v1.18.0 of the AWS provider later today.