Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

yandex_cm_certificate (Data Source)

Written by
Updated at September 11, 2025

Get information about a Yandex Certificate Manager Certificate. For more information, see the official documentation.

Warning

One of certificate_id or name should be specified.

Example usage

//
// Get information about existing CM Certificate
//
data "yandex_cm_certificate" "example_by_id" {
  certificate_id = "certificate-id"
}

data "yandex_cm_certificate" "example_by_name" {
  folder_id = "folder-id"
  name      = "example"
}

//
// Example of Certificate Validation. 
// Use "data.yandex_cm_certificate.example.id" to get validated certificate.
//
resource "yandex_cm_certificate" "example" {
  name    = "example"
  domains = ["example.com", "*.example.com"]

  managed {
    challenge_type  = "DNS_CNAME"
    challenge_count = 1 # "example.com" and "*.example.com" has the same challenge
  }
}

resource "yandex_dns_recordset" "example" {
  count   = yandex_cm_certificate.example.managed[0].challenge_count
  zone_id = "example-zone-id"
  name    = yandex_cm_certificate.example.challenges[count.index].dns_name
  type    = yandex_cm_certificate.example.challenges[count.index].dns_type
  data    = [yandex_cm_certificate.example.challenges[count.index].dns_value]
  ttl     = 60
}

data "yandex_cm_certificate" "example" {
  depends_on      = [yandex_dns_recordset.example]
  certificate_id  = yandex_cm_certificate.example.id
  wait_validation = true
}

Schema

Optional

  • certificate_id (String) Certificate Id.
  • description (String) The resource description.
  • folder_id (String) The folder identifier that resource belongs to. If it is not provided, the default provider folder-id is used.
  • labels (Map of String) A set of key/value label pairs which assigned to resource.
  • name (String) The resource name.
  • wait_validation (Boolean) If true, the operation won't be completed while the certificate is in VALIDATING.

Read-Only

  • challenges (List of Object) (see below for nested schema)
  • created_at (String) The creation timestamp of the resource.
  • deletion_protection (Boolean) The true value means that resource is protected from accidental deletion.
  • domains (List of String) Domains for this certificate. Should be specified for managed certificates.
  • id (String) The ID of this resource.
  • issued_at (String) Certificate issue timestamp.
  • issuer (String) Certificate Issuer.
  • not_after (String) Certificate end valid period.
  • not_before (String) Certificate start valid period.
  • serial (String) Certificate Serial Number.
  • status (String) Certificate status: VALIDATING, INVALID, ISSUED, REVOKED, RENEWING or RENEWAL_FAILED.
  • subject (String) Certificate Subject.
  • type (String) Certificate type: MANAGED or IMPORTED.
  • updated_at (String) Certificate update timestamp.

Nested Schema for challenges

Read-Only:

  • created_at (String)
  • dns_name (String)
  • dns_type (String)
  • dns_value (String)
  • domain (String)
  • http_content (String)
  • http_url (String)
  • message (String)
  • type (String)
  • updated_at (String)
Previous
audit_trails_trail
Next
cm_certificate_content