v6.2.0/website/docs/d/sql_ca_certs.html.markdown - terraform-provider-google-beta - Git at Google

 ---
 subcategory: "Cloud SQL"
 description: |-
   Get all of the trusted Certificate Authorities (CAs) for the specified SQL database instance.
 ---

 # google_sql_ca_certs

 Get all of the trusted Certificate Authorities (CAs) for the specified SQL database instance. For more information see the
 [official documentation](https://cloud.google.com/sql/)
 and
 [API](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances/listServerCas).


 ## Example Usage

 ```hcl
 data "google_sql_ca_certs" "ca_certs" {
   instance = "primary-database-server"
 }

 locals {
   furthest_expiration_time = reverse(sort([for k, v in data.google_sql_ca_certs.ca_certs.certs : v.expiration_time]))[0]
   latest_ca_cert           = [for v in data.google_sql_ca_certs.ca_certs.certs : v.cert if v.expiration_time == local.furthest_expiration_time]
 }

 output "db_latest_ca_cert" {
   description = "Latest CA cert used by the primary database server"
   value       = local.latest_ca_cert
   sensitive   = true
 }
 ```

 ## Argument Reference

 The following arguments are supported:

 * `instance` - (Required) The name or self link of the instance.

 ---

 * `project` - (Optional) The ID of the project in which the resource belongs. If `project` is not provided, the provider project is used.

 ## Attributes Reference

 The following attributes are exported:

 * `active_version` - SHA1 fingerprint of the currently active CA certificate.

 * `certs` - A list of server CA certificates for the instance. Each contains:
   * `cert` - The CA certificate used to connect to the SQL instance via SSL.
   * `common_name` - The CN valid for the CA cert.
   * `create_time` - Creation time of the CA cert.
   * `expiration_time` - Expiration time of the CA cert.
   * `sha1_fingerprint` - SHA1 fingerprint of the CA cert.
	---
	subcategory: "Cloud SQL"
	description: \|-
	Get all of the trusted Certificate Authorities (CAs) for the specified SQL database instance.
	---

	# google_sql_ca_certs

	Get all of the trusted Certificate Authorities (CAs) for the specified SQL database instance. For more information see the
	[official documentation](https://cloud.google.com/sql/)
	and
	[API](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances/listServerCas).


	## Example Usage

	```hcl
	data "google_sql_ca_certs" "ca_certs" {
	instance = "primary-database-server"
	}

	locals {
	furthest_expiration_time = reverse(sort([for k, v in data.google_sql_ca_certs.ca_certs.certs : v.expiration_time]))[0]
	latest_ca_cert = [for v in data.google_sql_ca_certs.ca_certs.certs : v.cert if v.expiration_time == local.furthest_expiration_time]
	}

	output "db_latest_ca_cert" {
	description = "Latest CA cert used by the primary database server"
	value = local.latest_ca_cert
	sensitive = true
	}
	```

	## Argument Reference

	The following arguments are supported:

	* `instance` - (Required) The name or self link of the instance.

	---

	* `project` - (Optional) The ID of the project in which the resource belongs. If `project` is not provided, the provider project is used.

	## Attributes Reference

	The following attributes are exported:

	* `active_version` - SHA1 fingerprint of the currently active CA certificate.

	* `certs` - A list of server CA certificates for the instance. Each contains:
	* `cert` - The CA certificate used to connect to the SQL instance via SSL.
	* `common_name` - The CN valid for the CA cert.
	* `create_time` - Creation time of the CA cert.
	* `expiration_time` - Expiration time of the CA cert.
	* `sha1_fingerprint` - SHA1 fingerprint of the CA cert.