diff --git a/.docs.version b/.docs.version index eca0c16b9a..b0dc64539c 100644 --- a/.docs.version +++ b/.docs.version @@ -1 +1 @@ -7f50f4a842f41ac282ea01697add833b174d4838 +c4b324b6c4d8b73127fd567272312b7739c4a972 diff --git a/provider/cmd/pulumi-resource-aws-native/metadata.json b/provider/cmd/pulumi-resource-aws-native/metadata.json index 52bac0b364..98b4281725 100644 --- a/provider/cmd/pulumi-resource-aws-native/metadata.json +++ b/provider/cmd/pulumi-resource-aws-native/metadata.json @@ -158399,10 +158399,12 @@ "description": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide." }, "ocspAuthorizedResponderArn": { - "type": "string" + "type": "string", + "description": "The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration." }, "ocspLambdaArn": { - "type": "string" + "type": "string", + "description": "The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration." } }, "irreversibleNames": { diff --git a/provider/cmd/pulumi-resource-aws-native/schema.json b/provider/cmd/pulumi-resource-aws-native/schema.json index 4bb43f0113..9a5b6ef0be 100644 --- a/provider/cmd/pulumi-resource-aws-native/schema.json +++ b/provider/cmd/pulumi-resource-aws-native/schema.json @@ -68561,10 +68561,12 @@ "description": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide." }, "ocspAuthorizedResponderArn": { - "type": "string" + "type": "string", + "description": "The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration." }, "ocspLambdaArn": { - "type": "string" + "type": "string", + "description": "The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration." } }, "type": "object" diff --git a/sdk/dotnet/IoT/Inputs/DomainConfigurationServerCertificateConfigArgs.cs b/sdk/dotnet/IoT/Inputs/DomainConfigurationServerCertificateConfigArgs.cs index 46bbbdd443..488fc685d5 100644 --- a/sdk/dotnet/IoT/Inputs/DomainConfigurationServerCertificateConfigArgs.cs +++ b/sdk/dotnet/IoT/Inputs/DomainConfigurationServerCertificateConfigArgs.cs @@ -18,9 +18,15 @@ public sealed class DomainConfigurationServerCertificateConfigArgs : global::Pul [Input("enableOcspCheck")] public Input? EnableOcspCheck { get; set; } + /// + /// The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + /// [Input("ocspAuthorizedResponderArn")] public Input? OcspAuthorizedResponderArn { get; set; } + /// + /// The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + /// [Input("ocspLambdaArn")] public Input? OcspLambdaArn { get; set; } diff --git a/sdk/dotnet/IoT/Outputs/DomainConfigurationServerCertificateConfig.cs b/sdk/dotnet/IoT/Outputs/DomainConfigurationServerCertificateConfig.cs index 5fe3f1d341..e856311cae 100644 --- a/sdk/dotnet/IoT/Outputs/DomainConfigurationServerCertificateConfig.cs +++ b/sdk/dotnet/IoT/Outputs/DomainConfigurationServerCertificateConfig.cs @@ -17,7 +17,13 @@ public sealed class DomainConfigurationServerCertificateConfig /// A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. /// public readonly bool? EnableOcspCheck; + /// + /// The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + /// public readonly string? OcspAuthorizedResponderArn; + /// + /// The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + /// public readonly string? OcspLambdaArn; [OutputConstructor] diff --git a/sdk/go/aws/iot/pulumiTypes.go b/sdk/go/aws/iot/pulumiTypes.go index 5ea49653ac..e5dc57ca34 100644 --- a/sdk/go/aws/iot/pulumiTypes.go +++ b/sdk/go/aws/iot/pulumiTypes.go @@ -2164,9 +2164,11 @@ func (o DomainConfigurationClientCertificateConfigPtrOutput) ClientCertificateCa type DomainConfigurationServerCertificateConfig struct { // A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. - EnableOcspCheck *bool `pulumi:"enableOcspCheck"` + EnableOcspCheck *bool `pulumi:"enableOcspCheck"` + // The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. OcspAuthorizedResponderArn *string `pulumi:"ocspAuthorizedResponderArn"` - OcspLambdaArn *string `pulumi:"ocspLambdaArn"` + // The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + OcspLambdaArn *string `pulumi:"ocspLambdaArn"` } // DomainConfigurationServerCertificateConfigInput is an input type that accepts DomainConfigurationServerCertificateConfigArgs and DomainConfigurationServerCertificateConfigOutput values. @@ -2182,9 +2184,11 @@ type DomainConfigurationServerCertificateConfigInput interface { type DomainConfigurationServerCertificateConfigArgs struct { // A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. - EnableOcspCheck pulumi.BoolPtrInput `pulumi:"enableOcspCheck"` + EnableOcspCheck pulumi.BoolPtrInput `pulumi:"enableOcspCheck"` + // The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. OcspAuthorizedResponderArn pulumi.StringPtrInput `pulumi:"ocspAuthorizedResponderArn"` - OcspLambdaArn pulumi.StringPtrInput `pulumi:"ocspLambdaArn"` + // The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + OcspLambdaArn pulumi.StringPtrInput `pulumi:"ocspLambdaArn"` } func (DomainConfigurationServerCertificateConfigArgs) ElementType() reflect.Type { @@ -2269,10 +2273,12 @@ func (o DomainConfigurationServerCertificateConfigOutput) EnableOcspCheck() pulu return o.ApplyT(func(v DomainConfigurationServerCertificateConfig) *bool { return v.EnableOcspCheck }).(pulumi.BoolPtrOutput) } +// The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. func (o DomainConfigurationServerCertificateConfigOutput) OcspAuthorizedResponderArn() pulumi.StringPtrOutput { return o.ApplyT(func(v DomainConfigurationServerCertificateConfig) *string { return v.OcspAuthorizedResponderArn }).(pulumi.StringPtrOutput) } +// The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. func (o DomainConfigurationServerCertificateConfigOutput) OcspLambdaArn() pulumi.StringPtrOutput { return o.ApplyT(func(v DomainConfigurationServerCertificateConfig) *string { return v.OcspLambdaArn }).(pulumi.StringPtrOutput) } @@ -2311,6 +2317,7 @@ func (o DomainConfigurationServerCertificateConfigPtrOutput) EnableOcspCheck() p }).(pulumi.BoolPtrOutput) } +// The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. func (o DomainConfigurationServerCertificateConfigPtrOutput) OcspAuthorizedResponderArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *DomainConfigurationServerCertificateConfig) *string { if v == nil { @@ -2320,6 +2327,7 @@ func (o DomainConfigurationServerCertificateConfigPtrOutput) OcspAuthorizedRespo }).(pulumi.StringPtrOutput) } +// The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. func (o DomainConfigurationServerCertificateConfigPtrOutput) OcspLambdaArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *DomainConfigurationServerCertificateConfig) *string { if v == nil { diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 09b373f8e9..66e47e9b29 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -35938,7 +35938,13 @@ export namespace iot { * A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. */ enableOcspCheck?: pulumi.Input; + /** + * The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + */ ocspAuthorizedResponderArn?: pulumi.Input; + /** + * The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + */ ocspLambdaArn?: pulumi.Input; } diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 61761899f7..5c23979889 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -37362,7 +37362,13 @@ export namespace iot { * A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. */ enableOcspCheck?: boolean; + /** + * The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + */ ocspAuthorizedResponderArn?: string; + /** + * The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + */ ocspLambdaArn?: string; } diff --git a/sdk/python/pulumi_aws_native/iot/_inputs.py b/sdk/python/pulumi_aws_native/iot/_inputs.py index e01d9535ab..3aebe76538 100644 --- a/sdk/python/pulumi_aws_native/iot/_inputs.py +++ b/sdk/python/pulumi_aws_native/iot/_inputs.py @@ -1106,7 +1106,13 @@ class DomainConfigurationServerCertificateConfigArgsDict(TypedDict): A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. """ ocsp_authorized_responder_arn: NotRequired[pulumi.Input[str]] + """ + The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + """ ocsp_lambda_arn: NotRequired[pulumi.Input[str]] + """ + The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + """ elif False: DomainConfigurationServerCertificateConfigArgsDict: TypeAlias = Mapping[str, Any] @@ -1118,6 +1124,8 @@ def __init__(__self__, *, ocsp_lambda_arn: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[bool] enable_ocsp_check: A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. + :param pulumi.Input[str] ocsp_authorized_responder_arn: The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + :param pulumi.Input[str] ocsp_lambda_arn: The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. """ if enable_ocsp_check is not None: pulumi.set(__self__, "enable_ocsp_check", enable_ocsp_check) @@ -1141,6 +1149,9 @@ def enable_ocsp_check(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="ocspAuthorizedResponderArn") def ocsp_authorized_responder_arn(self) -> Optional[pulumi.Input[str]]: + """ + The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + """ return pulumi.get(self, "ocsp_authorized_responder_arn") @ocsp_authorized_responder_arn.setter @@ -1150,6 +1161,9 @@ def ocsp_authorized_responder_arn(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="ocspLambdaArn") def ocsp_lambda_arn(self) -> Optional[pulumi.Input[str]]: + """ + The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + """ return pulumi.get(self, "ocsp_lambda_arn") @ocsp_lambda_arn.setter diff --git a/sdk/python/pulumi_aws_native/iot/outputs.py b/sdk/python/pulumi_aws_native/iot/outputs.py index a198bad3fb..5d3b3d44ac 100644 --- a/sdk/python/pulumi_aws_native/iot/outputs.py +++ b/sdk/python/pulumi_aws_native/iot/outputs.py @@ -875,6 +875,8 @@ def __init__(__self__, *, ocsp_lambda_arn: Optional[str] = None): """ :param bool enable_ocsp_check: A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. + :param str ocsp_authorized_responder_arn: The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + :param str ocsp_lambda_arn: The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. """ if enable_ocsp_check is not None: pulumi.set(__self__, "enable_ocsp_check", enable_ocsp_check) @@ -894,11 +896,17 @@ def enable_ocsp_check(self) -> Optional[bool]: @property @pulumi.getter(name="ocspAuthorizedResponderArn") def ocsp_authorized_responder_arn(self) -> Optional[str]: + """ + The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. + """ return pulumi.get(self, "ocsp_authorized_responder_arn") @property @pulumi.getter(name="ocspLambdaArn") def ocsp_lambda_arn(self) -> Optional[str]: + """ + The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. + """ return pulumi.get(self, "ocsp_lambda_arn")