...

Text file src/github.com/GoogleCloudPlatform/k8s-config-connector/scripts/resource-autogen/generated/samples/Privateca-PrivatecaCaPool-privateca_quickstart-skipped/main.tf

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/scripts/resource-autogen/generated/samples/Privateca-PrivatecaCaPool-privateca_quickstart-skipped 

     1/**
     2 * Copyright 2022 Google LLC
     3 *
     4 * Licensed under the Apache License, Version 2.0 (the "License");
     5 * you may not use this file except in compliance with the License.
     6 * You may obtain a copy of the License at
     7 *
     8 *      http://www.apache.org/licenses/LICENSE-2.0
     9 *
    10 * Unless required by applicable law or agreed to in writing, software
    11 * distributed under the License is distributed on an "AS IS" BASIS,
    12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13 * See the License for the specific language governing permissions and
    14 * limitations under the License.
    15 */
    16
    17```hcl
    18provider google{}
    19provider tls{}
    20
    21resource "tls_private_key" "example" {
    22  algorithm   = "RSA"
    23}
    24
    25resource "tls_cert_request" "example" {
    26  key_algorithm   = "RSA"
    27  private_key_pem = tls_private_key.example.private_key_pem
    28
    29  subject {
    30    common_name  = "example.com"
    31    organization = "ACME Examples, Inc"
    32  }
    33}
    34
    35resource "google_privateca_ca_pool" "default" {
    36  name = "my-ca-pool"
    37  location = "us-central1"
    38  tier = "ENTERPRISE"
    39  project = "project-id"
    40  publishing_options {
    41    publish_ca_cert = true
    42    publish_crl = true
    43  }
    44  labels = {
    45    foo = "bar"
    46  }
    47  issuance_policy {
    48    baseline_values {
    49      ca_options {
    50        is_ca = false
    51      }
    52      key_usage {
    53        base_key_usage {
    54          digital_signature = true
    55          key_encipherment = true
    56        }
    57        extended_key_usage {
    58          server_auth = true
    59        }
    60      }
    61    }
    62  }
    63}
    64
    65resource "google_privateca_certificate_authority" "test-ca" {
    66  certificate_authority_id = "my-authority"
    67  location = "us-central1"
    68  project = "project-id"
    69  pool = google_privateca_ca_pool.pool.name
    70  config {
    71    subject_config {
    72      subject {
    73        country_code = "us"
    74        organization = "google"
    75        organizational_unit = "enterprise"
    76        locality = "mountain view"
    77        province = "california"
    78        street_address = "1600 amphitheatre parkway"
    79        postal_code = "94109"
    80        common_name = "my-certificate-authority"
    81      }
    82    }
    83    x509_config {
    84      ca_options {
    85        is_ca = true
    86      }
    87      key_usage {
    88        base_key_usage {
    89          cert_sign = true
    90          crl_sign = true
    91        }
    92        extended_key_usage {
    93          server_auth = true
    94        }
    95      }
    96    }
    97  }
    98  type = "SELF_SIGNED"
    99  key_spec {
   100    algorithm = "RSA_PKCS1_4096_SHA256"
   101  }
   102}
   103
   104resource "google_privateca_certificate" "default" {
   105  pool = google_privateca_ca_pool.pool.name
   106  certificate_authority = google_privateca_certificate_authority.test-ca.certificate_authority_id
   107  project = "project-id"
   108  location = "us-central1"
   109  lifetime = "860s"
   110  name = "my-certificate"
   111  pem_csr = tls_cert_request.example.cert_request_pem
   112}
   113```

View as plain text