SecretBackendRootSignIntermediate

Creates PKI certificate.

Example Usage

using Pulumi;
using Vault = Pulumi.Vault;

class MyStack : Stack
{
    public MyStack()
    {
        var root = new Vault.PkiSecret.SecretBackendRootSignIntermediate("root", new Vault.PkiSecret.SecretBackendRootSignIntermediateArgs
        {
            Backend = vault_pki_secret_backend.Root.Path,
            Csr = vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr,
            CommonName = "Intermediate CA",
            ExcludeCnFromSans = true,
            Ou = "My OU",
            Organization = "My organization",
        }, new CustomResourceOptions
        {
            DependsOn = 
            {
                vault_pki_secret_backend_intermediate_cert_request.Intermediate,
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/pkiSecret"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, "root", &pkiSecret.SecretBackendRootSignIntermediateArgs{
			Backend:           pulumi.Any(vault_pki_secret_backend.Root.Path),
			Csr:               pulumi.Any(vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr),
			CommonName:        pulumi.String("Intermediate CA"),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("My OU"),
			Organization:      pulumi.String("My organization"),
		}, pulumi.DependsOn([]pulumi.Resource{
			vault_pki_secret_backend_intermediate_cert_request.Intermediate,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_vault as vault

root = vault.pki_secret.SecretBackendRootSignIntermediate("root",
    backend=vault_pki_secret_backend["root"]["path"],
    csr=vault_pki_secret_backend_intermediate_cert_request["intermediate"]["csr"],
    common_name="Intermediate CA",
    exclude_cn_from_sans=True,
    ou="My OU",
    organization="My organization",
    opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_intermediate_cert_request["intermediate"]]))
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const root = new vault.pkiSecret.SecretBackendRootSignIntermediate("root", {
    backend: vault_pki_secret_backend.root.path,
    csr: vault_pki_secret_backend_intermediate_cert_request.intermediate.csr,
    commonName: "Intermediate CA",
    excludeCnFromSans: true,
    ou: "My OU",
    organization: "My organization",
}, {
    dependsOn: [vault_pki_secret_backend_intermediate_cert_request.intermediate],
});

Create a SecretBackendRootSignIntermediate Resource

new SecretBackendRootSignIntermediate(name: string, args: SecretBackendRootSignIntermediateArgs, opts?: CustomResourceOptions);
@overload
def SecretBackendRootSignIntermediate(resource_name: str,
                                      opts: Optional[ResourceOptions] = None,
                                      alt_names: Optional[Sequence[str]] = None,
                                      backend: Optional[str] = None,
                                      common_name: Optional[str] = None,
                                      country: Optional[str] = None,
                                      csr: Optional[str] = None,
                                      exclude_cn_from_sans: Optional[bool] = None,
                                      format: Optional[str] = None,
                                      ip_sans: Optional[Sequence[str]] = None,
                                      locality: Optional[str] = None,
                                      max_path_length: Optional[int] = None,
                                      organization: Optional[str] = None,
                                      other_sans: Optional[Sequence[str]] = None,
                                      ou: Optional[str] = None,
                                      permitted_dns_domains: Optional[Sequence[str]] = None,
                                      postal_code: Optional[str] = None,
                                      province: Optional[str] = None,
                                      street_address: Optional[str] = None,
                                      ttl: Optional[str] = None,
                                      uri_sans: Optional[Sequence[str]] = None,
                                      use_csr_values: Optional[bool] = None)
@overload
def SecretBackendRootSignIntermediate(resource_name: str,
                                      args: SecretBackendRootSignIntermediateArgs,
                                      opts: Optional[ResourceOptions] = None)
func NewSecretBackendRootSignIntermediate(ctx *Context, name string, args SecretBackendRootSignIntermediateArgs, opts ...ResourceOption) (*SecretBackendRootSignIntermediate, error)
public SecretBackendRootSignIntermediate(string name, SecretBackendRootSignIntermediateArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args SecretBackendRootSignIntermediateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args SecretBackendRootSignIntermediateArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args SecretBackendRootSignIntermediateArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args SecretBackendRootSignIntermediateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

SecretBackendRootSignIntermediate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The SecretBackendRootSignIntermediate resource accepts the following input properties:

Backend string
The PKI secret backend the resource belongs to.
CommonName string
CN of intermediate to create
Csr string
The CSR
AltNames List<string>
List of alternative names
Country string
The country
ExcludeCnFromSans bool
Flag to exclude CN from SANs
Format string
The format of data
IpSans List<string>
List of alternative IPs
Locality string
The locality
MaxPathLength int
The maximum path length to encode in the generated certificate
Organization string
The organization
OtherSans List<string>
List of other SANs
Ou string
The organization unit
PermittedDnsDomains List<string>
List of domains for which certificates are allowed to be issued
PostalCode string
The postal code
Province string
The province
StreetAddress string
The street address
Ttl string
Time to live
UriSans List<string>
List of alternative URIs
UseCsrValues bool
Preserve CSR values
Backend string
The PKI secret backend the resource belongs to.
CommonName string
CN of intermediate to create
Csr string
The CSR
AltNames []string
List of alternative names
Country string
The country
ExcludeCnFromSans bool
Flag to exclude CN from SANs
Format string
The format of data
IpSans []string
List of alternative IPs
Locality string
The locality
MaxPathLength int
The maximum path length to encode in the generated certificate
Organization string
The organization
OtherSans []string
List of other SANs
Ou string
The organization unit
PermittedDnsDomains []string
List of domains for which certificates are allowed to be issued
PostalCode string
The postal code
Province string
The province
StreetAddress string
The street address
Ttl string
Time to live
UriSans []string
List of alternative URIs
UseCsrValues bool
Preserve CSR values
backend string
The PKI secret backend the resource belongs to.
commonName string
CN of intermediate to create
csr string
The CSR
altNames string[]
List of alternative names
country string
The country
excludeCnFromSans boolean
Flag to exclude CN from SANs
format string
The format of data
ipSans string[]
List of alternative IPs
locality string
The locality
maxPathLength number
The maximum path length to encode in the generated certificate
organization string
The organization
otherSans string[]
List of other SANs
ou string
The organization unit
permittedDnsDomains string[]
List of domains for which certificates are allowed to be issued
postalCode string
The postal code
province string
The province
streetAddress string
The street address
ttl string
Time to live
uriSans string[]
List of alternative URIs
useCsrValues boolean
Preserve CSR values
backend str
The PKI secret backend the resource belongs to.
common_name str
CN of intermediate to create
csr str
The CSR
alt_names Sequence[str]
List of alternative names
country str
The country
exclude_cn_from_sans bool
Flag to exclude CN from SANs
format str
The format of data
ip_sans Sequence[str]
List of alternative IPs
locality str
The locality
max_path_length int
The maximum path length to encode in the generated certificate
organization str
The organization
other_sans Sequence[str]
List of other SANs
ou str
The organization unit
permitted_dns_domains Sequence[str]
List of domains for which certificates are allowed to be issued
postal_code str
The postal code
province str
The province
street_address str
The street address
ttl str
Time to live
uri_sans Sequence[str]
List of alternative URIs
use_csr_values bool
Preserve CSR values

Outputs

All input properties are implicitly available as output properties. Additionally, the SecretBackendRootSignIntermediate resource produces the following output properties:

CaChain string
The CA chain
Certificate string
The certificate
Id string
The provider-assigned unique ID for this managed resource.
IssuingCa string
The issuing CA
Serial string
The serial
CaChain string
The CA chain
Certificate string
The certificate
Id string
The provider-assigned unique ID for this managed resource.
IssuingCa string
The issuing CA
Serial string
The serial
caChain string
The CA chain
certificate string
The certificate
id string
The provider-assigned unique ID for this managed resource.
issuingCa string
The issuing CA
serial string
The serial
ca_chain str
The CA chain
certificate str
The certificate
id str
The provider-assigned unique ID for this managed resource.
issuing_ca str
The issuing CA
serial str
The serial

Look up an Existing SecretBackendRootSignIntermediate Resource

Get an existing SecretBackendRootSignIntermediate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SecretBackendRootSignIntermediateState, opts?: CustomResourceOptions): SecretBackendRootSignIntermediate
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        alt_names: Optional[Sequence[str]] = None,
        backend: Optional[str] = None,
        ca_chain: Optional[str] = None,
        certificate: Optional[str] = None,
        common_name: Optional[str] = None,
        country: Optional[str] = None,
        csr: Optional[str] = None,
        exclude_cn_from_sans: Optional[bool] = None,
        format: Optional[str] = None,
        ip_sans: Optional[Sequence[str]] = None,
        issuing_ca: Optional[str] = None,
        locality: Optional[str] = None,
        max_path_length: Optional[int] = None,
        organization: Optional[str] = None,
        other_sans: Optional[Sequence[str]] = None,
        ou: Optional[str] = None,
        permitted_dns_domains: Optional[Sequence[str]] = None,
        postal_code: Optional[str] = None,
        province: Optional[str] = None,
        serial: Optional[str] = None,
        street_address: Optional[str] = None,
        ttl: Optional[str] = None,
        uri_sans: Optional[Sequence[str]] = None,
        use_csr_values: Optional[bool] = None) -> SecretBackendRootSignIntermediate
func GetSecretBackendRootSignIntermediate(ctx *Context, name string, id IDInput, state *SecretBackendRootSignIntermediateState, opts ...ResourceOption) (*SecretBackendRootSignIntermediate, error)
public static SecretBackendRootSignIntermediate Get(string name, Input<string> id, SecretBackendRootSignIntermediateState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AltNames List<string>
List of alternative names
Backend string
The PKI secret backend the resource belongs to.
CaChain string
The CA chain
Certificate string
The certificate
CommonName string
CN of intermediate to create
Country string
The country
Csr string
The CSR
ExcludeCnFromSans bool
Flag to exclude CN from SANs
Format string
The format of data
IpSans List<string>
List of alternative IPs
IssuingCa string
The issuing CA
Locality string
The locality
MaxPathLength int
The maximum path length to encode in the generated certificate
Organization string
The organization
OtherSans List<string>
List of other SANs
Ou string
The organization unit
PermittedDnsDomains List<string>
List of domains for which certificates are allowed to be issued
PostalCode string
The postal code
Province string
The province
Serial string
The serial
StreetAddress string
The street address
Ttl string
Time to live
UriSans List<string>
List of alternative URIs
UseCsrValues bool
Preserve CSR values
AltNames []string
List of alternative names
Backend string
The PKI secret backend the resource belongs to.
CaChain string
The CA chain
Certificate string
The certificate
CommonName string
CN of intermediate to create
Country string
The country
Csr string
The CSR
ExcludeCnFromSans bool
Flag to exclude CN from SANs
Format string
The format of data
IpSans []string
List of alternative IPs
IssuingCa string
The issuing CA
Locality string
The locality
MaxPathLength int
The maximum path length to encode in the generated certificate
Organization string
The organization
OtherSans []string
List of other SANs
Ou string
The organization unit
PermittedDnsDomains []string
List of domains for which certificates are allowed to be issued
PostalCode string
The postal code
Province string
The province
Serial string
The serial
StreetAddress string
The street address
Ttl string
Time to live
UriSans []string
List of alternative URIs
UseCsrValues bool
Preserve CSR values
altNames string[]
List of alternative names
backend string
The PKI secret backend the resource belongs to.
caChain string
The CA chain
certificate string
The certificate
commonName string
CN of intermediate to create
country string
The country
csr string
The CSR
excludeCnFromSans boolean
Flag to exclude CN from SANs
format string
The format of data
ipSans string[]
List of alternative IPs
issuingCa string
The issuing CA
locality string
The locality
maxPathLength number
The maximum path length to encode in the generated certificate
organization string
The organization
otherSans string[]
List of other SANs
ou string
The organization unit
permittedDnsDomains string[]
List of domains for which certificates are allowed to be issued
postalCode string
The postal code
province string
The province
serial string
The serial
streetAddress string
The street address
ttl string
Time to live
uriSans string[]
List of alternative URIs
useCsrValues boolean
Preserve CSR values
alt_names Sequence[str]
List of alternative names
backend str
The PKI secret backend the resource belongs to.
ca_chain str
The CA chain
certificate str
The certificate
common_name str
CN of intermediate to create
country str
The country
csr str
The CSR
exclude_cn_from_sans bool
Flag to exclude CN from SANs
format str
The format of data
ip_sans Sequence[str]
List of alternative IPs
issuing_ca str
The issuing CA
locality str
The locality
max_path_length int
The maximum path length to encode in the generated certificate
organization str
The organization
other_sans Sequence[str]
List of other SANs
ou str
The organization unit
permitted_dns_domains Sequence[str]
List of domains for which certificates are allowed to be issued
postal_code str
The postal code
province str
The province
serial str
The serial
street_address str
The street address
ttl str
Time to live
uri_sans Sequence[str]
List of alternative URIs
use_csr_values bool
Preserve CSR values

Package Details

Repository
https://github.com/pulumi/pulumi-vault
License
Apache-2.0
Notes
This Pulumi package is based on the vault Terraform Provider.