oci_bds_bds_instance_bds_certificate_configuration

This resource provides the Bds Instance Bds Certificate Configuration resource in Oracle Cloud Infrastructure Big Data Service service. Api doc link for the resource: https://docs.oracle.com/iaas/api/#/en/bigdata/latest/BdsCertificateConfiguration

Example terraform configs related to the resource : https://github.com/oracle/terraform-provider-oci/tree/master/examples/big_data_service

Create a BDS certificate configuration for the cluster.

This resource also supports certificate lifecycle actions through update-only trigger fields:

• issue_certificate_trigger - invokes certificate generation for the configuration
• renew_certificate_trigger - invokes certificate renewal for the configuration
• set_default_trigger - marks the configuration as the cluster default

For lifecycle actions, provide either cluster_admin_password or secret_id. The optional is_missing_nodes_only flag applies to issue/generate flows.

Example Usage

resource "oci_bds_bds_instance_bds_certificate_configuration" "test_bds_instance_bds_certificate_configuration" {
	#Required
	bds_instance_id = oci_bds_bds_instance.test_bds_instance.id
	certificate_type = var.bds_instance_bds_certificate_configuration_certificate_type
	display_name = var.bds_instance_bds_certificate_configuration_display_name

	#Optional
	certificate_authority_id = oci_certificates_management_certificate_authority.test_certificate_authority.id
	compartment_id = var.compartment_id
	cluster_admin_password = var.cluster_admin_password
	secret_id = var.secret_id
	issue_certificate_trigger = var.issue_certificate_trigger
	renew_certificate_trigger = var.renew_certificate_trigger
	set_default_trigger = var.set_default_trigger
	is_missing_nodes_only = var.is_missing_nodes_only
}

Argument Reference

The following arguments are supported:

• bds_instance_id - (Required) The OCID of the cluster.
• certificate_authority_id - (Optional) The OCID of the certificate authority which is associated with this certificate configuration.
• certificate_type - (Required) The type of the BDS certificate configuration, also the type of the BDS certificates which will be generated by the BDS certificate configuration.
• compartment_id - (Optional) The OCID of the compartment of the certificate authority connecting to this certificate configuration.
• cluster_admin_password - (Optional) Base64-encoded cluster admin password used for issue, renew, or set default actions. Use this or secret_id.
• display_name - (Required) The display name of the BDS certificate configuration.
• is_missing_nodes_only - (Optional) When issuing certificates for the configuration, limits generation to nodes that do not yet have the configuration.
• issue_certificate_trigger - (Optional) Any change to this value triggers certificate generation for this configuration.
• renew_certificate_trigger - (Optional) Any change to this value triggers certificate renewal for this configuration.
• secret_id - (Optional) The OCID of the secret containing the cluster admin password used for issue, renew, or set default actions. Use this or cluster_admin_password.
• set_default_trigger - (Optional) Any change to this value triggers the set default certificate configuration action.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Attributes Reference

The following attributes are exported:

• bds_instance_id - The OCID of the bdsInstance which is the parent resource id.
• certificate_authority_id - The OCID of the certificate authority which is associated with this certificate configuration. The value is Null when this BDS certificate configuration type is SELF_SIGNED.
• compartment_id - The OCID of the compartment of the certificate authority connecting to this certificate configuration.
• display_name - The display name of the BDS certificate configuration.
• id - The ID of the BDS certificate configuration defined under BDS resources, not OCID.
• is_default_configuration - If this BDS certificate configuration is a default configuration or not. There will be only one Default certificate configuration per BDS cluster.
• state - The lifecycle status of the BDS certificate configuration.
• time_created - The time when the BDS certificate configuration was created, shown as an RFC 3339 formatted datetime string.
• time_last_refreshed_or_generated - The last time the BDS certificate configuration was used to generate or renew the certificate(s).
• time_updated - The time the BDS certificate configuration was updated, shown as an RFC 3339 formatted datetime string.
• type - The type of the BDS certificate configuration, also the type of the BDS certificates which will be generated by the BDS certificate configuration.

Timeouts

The timeouts block allows you to specify timeouts for certain operations: * create - (Defaults to 20 minutes), when creating the Bds Instance Bds Certificate Configuration * update - (Defaults to 20 minutes), when updating the Bds Instance Bds Certificate Configuration * delete - (Defaults to 20 minutes), when destroying the Bds Instance Bds Certificate Configuration

Import

BdsInstanceBdsCertificateConfigurations can be imported using the id, e.g.

$ terraform import oci_bds_bds_instance_bds_certificate_configuration.test_bds_instance_bds_certificate_configuration "bdsInstances/{bdsInstanceId}/bdsCertificateConfigurations/{bdsCertificateConfigurationId}"