1. Packages
  2. HashiCorp Vault
  3. API Docs
  4. pkiSecret
  5. SecretBackendRootSignIntermediate
HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi

vault.pkiSecret.SecretBackendRootSignIntermediate

Explore with Pulumi AI

vault logo
HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi

    Creates PKI certificate.

    Deprecations

    • serial - Use serial_number instead.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var root = new Vault.PkiSecret.SecretBackendRootSignIntermediate("root", new()
        {
            Backend = vault_mount.Root.Path,
            Csr = vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr,
            CommonName = "Intermediate CA",
            ExcludeCnFromSans = true,
            Ou = "My OU",
            Organization = "My organization",
        }, new CustomResourceOptions
        {
            DependsOn = new[]
            {
                vault_pki_secret_backend_intermediate_cert_request.Intermediate,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, "root", &pkiSecret.SecretBackendRootSignIntermediateArgs{
    			Backend:           pulumi.Any(vault_mount.Root.Path),
    			Csr:               pulumi.Any(vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr),
    			CommonName:        pulumi.String("Intermediate CA"),
    			ExcludeCnFromSans: pulumi.Bool(true),
    			Ou:                pulumi.String("My OU"),
    			Organization:      pulumi.String("My organization"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			vault_pki_secret_backend_intermediate_cert_request.Intermediate,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediate;
    import com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediateArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var root = new SecretBackendRootSignIntermediate("root", SecretBackendRootSignIntermediateArgs.builder()        
                .backend(vault_mount.root().path())
                .csr(vault_pki_secret_backend_intermediate_cert_request.intermediate().csr())
                .commonName("Intermediate CA")
                .excludeCnFromSans(true)
                .ou("My OU")
                .organization("My organization")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(vault_pki_secret_backend_intermediate_cert_request.intermediate())
                    .build());
    
        }
    }
    
    import pulumi
    import pulumi_vault as vault
    
    root = vault.pki_secret.SecretBackendRootSignIntermediate("root",
        backend=vault_mount["root"]["path"],
        csr=vault_pki_secret_backend_intermediate_cert_request["intermediate"]["csr"],
        common_name="Intermediate CA",
        exclude_cn_from_sans=True,
        ou="My OU",
        organization="My organization",
        opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_intermediate_cert_request["intermediate"]]))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const root = new vault.pkisecret.SecretBackendRootSignIntermediate("root", {
        backend: vault_mount.root.path,
        csr: vault_pki_secret_backend_intermediate_cert_request.intermediate.csr,
        commonName: "Intermediate CA",
        excludeCnFromSans: true,
        ou: "My OU",
        organization: "My organization",
    }, {
        dependsOn: [vault_pki_secret_backend_intermediate_cert_request.intermediate],
    });
    
    resources:
      root:
        type: vault:pkiSecret:SecretBackendRootSignIntermediate
        properties:
          backend: ${vault_mount.root.path}
          csr: ${vault_pki_secret_backend_intermediate_cert_request.intermediate.csr}
          commonName: Intermediate CA
          excludeCnFromSans: true
          ou: My OU
          organization: My organization
        options:
          dependson:
            - ${vault_pki_secret_backend_intermediate_cert_request.intermediate}
    

    Create SecretBackendRootSignIntermediate Resource

    new SecretBackendRootSignIntermediate(name: string, args: SecretBackendRootSignIntermediateArgs, opts?: CustomResourceOptions);
    @overload
    def SecretBackendRootSignIntermediate(resource_name: str,
                                          opts: Optional[ResourceOptions] = None,
                                          alt_names: Optional[Sequence[str]] = None,
                                          backend: Optional[str] = None,
                                          common_name: Optional[str] = None,
                                          country: Optional[str] = None,
                                          csr: Optional[str] = None,
                                          exclude_cn_from_sans: Optional[bool] = None,
                                          format: Optional[str] = None,
                                          ip_sans: Optional[Sequence[str]] = None,
                                          issuer_ref: Optional[str] = None,
                                          locality: Optional[str] = None,
                                          max_path_length: Optional[int] = None,
                                          namespace: Optional[str] = None,
                                          organization: Optional[str] = None,
                                          other_sans: Optional[Sequence[str]] = None,
                                          ou: Optional[str] = None,
                                          permitted_dns_domains: Optional[Sequence[str]] = None,
                                          postal_code: Optional[str] = None,
                                          province: Optional[str] = None,
                                          revoke: Optional[bool] = None,
                                          street_address: Optional[str] = None,
                                          ttl: Optional[str] = None,
                                          uri_sans: Optional[Sequence[str]] = None,
                                          use_csr_values: Optional[bool] = None)
    @overload
    def SecretBackendRootSignIntermediate(resource_name: str,
                                          args: SecretBackendRootSignIntermediateArgs,
                                          opts: Optional[ResourceOptions] = None)
    func NewSecretBackendRootSignIntermediate(ctx *Context, name string, args SecretBackendRootSignIntermediateArgs, opts ...ResourceOption) (*SecretBackendRootSignIntermediate, error)
    public SecretBackendRootSignIntermediate(string name, SecretBackendRootSignIntermediateArgs args, CustomResourceOptions? opts = null)
    public SecretBackendRootSignIntermediate(String name, SecretBackendRootSignIntermediateArgs args)
    public SecretBackendRootSignIntermediate(String name, SecretBackendRootSignIntermediateArgs args, CustomResourceOptions options)
    
    type: vault:pkiSecret:SecretBackendRootSignIntermediate
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args SecretBackendRootSignIntermediateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecretBackendRootSignIntermediateArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecretBackendRootSignIntermediateArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecretBackendRootSignIntermediateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecretBackendRootSignIntermediateArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    SecretBackendRootSignIntermediate Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SecretBackendRootSignIntermediate resource accepts the following input properties:

    Backend string
    The PKI secret backend the resource belongs to.
    CommonName string
    CN of intermediate to create
    Csr string
    The CSR
    AltNames List<string>
    List of alternative names
    Country string
    The country
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Format string
    The format of data
    IpSans List<string>
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    Locality string
    The locality
    MaxPathLength int
    The maximum path length to encode in the generated certificate
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Organization string
    The organization
    OtherSans List<string>
    List of other SANs
    Ou string
    The organization unit
    PermittedDnsDomains List<string>
    List of domains for which certificates are allowed to be issued
    PostalCode string
    The postal code
    Province string
    The province
    Revoke bool
    If set to true, the certificate will be revoked on resource destruction.
    StreetAddress string
    The street address
    Ttl string
    Time to live
    UriSans List<string>
    List of alternative URIs
    UseCsrValues bool
    Preserve CSR values
    Backend string
    The PKI secret backend the resource belongs to.
    CommonName string
    CN of intermediate to create
    Csr string
    The CSR
    AltNames []string
    List of alternative names
    Country string
    The country
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Format string
    The format of data
    IpSans []string
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    Locality string
    The locality
    MaxPathLength int
    The maximum path length to encode in the generated certificate
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Organization string
    The organization
    OtherSans []string
    List of other SANs
    Ou string
    The organization unit
    PermittedDnsDomains []string
    List of domains for which certificates are allowed to be issued
    PostalCode string
    The postal code
    Province string
    The province
    Revoke bool
    If set to true, the certificate will be revoked on resource destruction.
    StreetAddress string
    The street address
    Ttl string
    Time to live
    UriSans []string
    List of alternative URIs
    UseCsrValues bool
    Preserve CSR values
    backend String
    The PKI secret backend the resource belongs to.
    commonName String
    CN of intermediate to create
    csr String
    The CSR
    altNames List<String>
    List of alternative names
    country String
    The country
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    locality String
    The locality
    maxPathLength Integer
    The maximum path length to encode in the generated certificate
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization String
    The organization
    otherSans List<String>
    List of other SANs
    ou String
    The organization unit
    permittedDnsDomains List<String>
    List of domains for which certificates are allowed to be issued
    postalCode String
    The postal code
    province String
    The province
    revoke Boolean
    If set to true, the certificate will be revoked on resource destruction.
    streetAddress String
    The street address
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs
    useCsrValues Boolean
    Preserve CSR values
    backend string
    The PKI secret backend the resource belongs to.
    commonName string
    CN of intermediate to create
    csr string
    The CSR
    altNames string[]
    List of alternative names
    country string
    The country
    excludeCnFromSans boolean
    Flag to exclude CN from SANs
    format string
    The format of data
    ipSans string[]
    List of alternative IPs
    issuerRef string
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    locality string
    The locality
    maxPathLength number
    The maximum path length to encode in the generated certificate
    namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization string
    The organization
    otherSans string[]
    List of other SANs
    ou string
    The organization unit
    permittedDnsDomains string[]
    List of domains for which certificates are allowed to be issued
    postalCode string
    The postal code
    province string
    The province
    revoke boolean
    If set to true, the certificate will be revoked on resource destruction.
    streetAddress string
    The street address
    ttl string
    Time to live
    uriSans string[]
    List of alternative URIs
    useCsrValues boolean
    Preserve CSR values
    backend str
    The PKI secret backend the resource belongs to.
    common_name str
    CN of intermediate to create
    csr str
    The CSR
    alt_names Sequence[str]
    List of alternative names
    country str
    The country
    exclude_cn_from_sans bool
    Flag to exclude CN from SANs
    format str
    The format of data
    ip_sans Sequence[str]
    List of alternative IPs
    issuer_ref str
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    locality str
    The locality
    max_path_length int
    The maximum path length to encode in the generated certificate
    namespace str
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization str
    The organization
    other_sans Sequence[str]
    List of other SANs
    ou str
    The organization unit
    permitted_dns_domains Sequence[str]
    List of domains for which certificates are allowed to be issued
    postal_code str
    The postal code
    province str
    The province
    revoke bool
    If set to true, the certificate will be revoked on resource destruction.
    street_address str
    The street address
    ttl str
    Time to live
    uri_sans Sequence[str]
    List of alternative URIs
    use_csr_values bool
    Preserve CSR values
    backend String
    The PKI secret backend the resource belongs to.
    commonName String
    CN of intermediate to create
    csr String
    The CSR
    altNames List<String>
    List of alternative names
    country String
    The country
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    locality String
    The locality
    maxPathLength Number
    The maximum path length to encode in the generated certificate
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization String
    The organization
    otherSans List<String>
    List of other SANs
    ou String
    The organization unit
    permittedDnsDomains List<String>
    List of domains for which certificates are allowed to be issued
    postalCode String
    The postal code
    province String
    The province
    revoke Boolean
    If set to true, the certificate will be revoked on resource destruction.
    streetAddress String
    The street address
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs
    useCsrValues Boolean
    Preserve CSR values

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecretBackendRootSignIntermediate resource produces the following output properties:

    CaChains List<string>
    A list of the issuing and intermediate CA certificates in the format specified.
    Certificate string
    The intermediate CA certificate in the format specified.
    CertificateBundle string
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    Id string
    The provider-assigned unique ID for this managed resource.
    IssuingCa string
    The issuing CA certificate in the format specified.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    CaChains []string
    A list of the issuing and intermediate CA certificates in the format specified.
    Certificate string
    The intermediate CA certificate in the format specified.
    CertificateBundle string
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    Id string
    The provider-assigned unique ID for this managed resource.
    IssuingCa string
    The issuing CA certificate in the format specified.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    caChains List<String>
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate String
    The intermediate CA certificate in the format specified.
    certificateBundle String
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    id String
    The provider-assigned unique ID for this managed resource.
    issuingCa String
    The issuing CA certificate in the format specified.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.
    caChains string[]
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate string
    The intermediate CA certificate in the format specified.
    certificateBundle string
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    id string
    The provider-assigned unique ID for this managed resource.
    issuingCa string
    The issuing CA certificate in the format specified.
    serial string
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber string
    The certificate's serial number, hex formatted.
    ca_chains Sequence[str]
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate str
    The intermediate CA certificate in the format specified.
    certificate_bundle str
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    id str
    The provider-assigned unique ID for this managed resource.
    issuing_ca str
    The issuing CA certificate in the format specified.
    serial str
    The serial number.

    Deprecated:Use serial_number instead

    serial_number str
    The certificate's serial number, hex formatted.
    caChains List<String>
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate String
    The intermediate CA certificate in the format specified.
    certificateBundle String
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    id String
    The provider-assigned unique ID for this managed resource.
    issuingCa String
    The issuing CA certificate in the format specified.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.

    Look up Existing SecretBackendRootSignIntermediate Resource

    Get an existing SecretBackendRootSignIntermediate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecretBackendRootSignIntermediateState, opts?: CustomResourceOptions): SecretBackendRootSignIntermediate
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            alt_names: Optional[Sequence[str]] = None,
            backend: Optional[str] = None,
            ca_chains: Optional[Sequence[str]] = None,
            certificate: Optional[str] = None,
            certificate_bundle: Optional[str] = None,
            common_name: Optional[str] = None,
            country: Optional[str] = None,
            csr: Optional[str] = None,
            exclude_cn_from_sans: Optional[bool] = None,
            format: Optional[str] = None,
            ip_sans: Optional[Sequence[str]] = None,
            issuer_ref: Optional[str] = None,
            issuing_ca: Optional[str] = None,
            locality: Optional[str] = None,
            max_path_length: Optional[int] = None,
            namespace: Optional[str] = None,
            organization: Optional[str] = None,
            other_sans: Optional[Sequence[str]] = None,
            ou: Optional[str] = None,
            permitted_dns_domains: Optional[Sequence[str]] = None,
            postal_code: Optional[str] = None,
            province: Optional[str] = None,
            revoke: Optional[bool] = None,
            serial: Optional[str] = None,
            serial_number: Optional[str] = None,
            street_address: Optional[str] = None,
            ttl: Optional[str] = None,
            uri_sans: Optional[Sequence[str]] = None,
            use_csr_values: Optional[bool] = None) -> SecretBackendRootSignIntermediate
    func GetSecretBackendRootSignIntermediate(ctx *Context, name string, id IDInput, state *SecretBackendRootSignIntermediateState, opts ...ResourceOption) (*SecretBackendRootSignIntermediate, error)
    public static SecretBackendRootSignIntermediate Get(string name, Input<string> id, SecretBackendRootSignIntermediateState? state, CustomResourceOptions? opts = null)
    public static SecretBackendRootSignIntermediate get(String name, Output<String> id, SecretBackendRootSignIntermediateState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AltNames List<string>
    List of alternative names
    Backend string
    The PKI secret backend the resource belongs to.
    CaChains List<string>
    A list of the issuing and intermediate CA certificates in the format specified.
    Certificate string
    The intermediate CA certificate in the format specified.
    CertificateBundle string
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    CommonName string
    CN of intermediate to create
    Country string
    The country
    Csr string
    The CSR
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Format string
    The format of data
    IpSans List<string>
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    IssuingCa string
    The issuing CA certificate in the format specified.
    Locality string
    The locality
    MaxPathLength int
    The maximum path length to encode in the generated certificate
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Organization string
    The organization
    OtherSans List<string>
    List of other SANs
    Ou string
    The organization unit
    PermittedDnsDomains List<string>
    List of domains for which certificates are allowed to be issued
    PostalCode string
    The postal code
    Province string
    The province
    Revoke bool
    If set to true, the certificate will be revoked on resource destruction.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    StreetAddress string
    The street address
    Ttl string
    Time to live
    UriSans List<string>
    List of alternative URIs
    UseCsrValues bool
    Preserve CSR values
    AltNames []string
    List of alternative names
    Backend string
    The PKI secret backend the resource belongs to.
    CaChains []string
    A list of the issuing and intermediate CA certificates in the format specified.
    Certificate string
    The intermediate CA certificate in the format specified.
    CertificateBundle string
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    CommonName string
    CN of intermediate to create
    Country string
    The country
    Csr string
    The CSR
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Format string
    The format of data
    IpSans []string
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    IssuingCa string
    The issuing CA certificate in the format specified.
    Locality string
    The locality
    MaxPathLength int
    The maximum path length to encode in the generated certificate
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Organization string
    The organization
    OtherSans []string
    List of other SANs
    Ou string
    The organization unit
    PermittedDnsDomains []string
    List of domains for which certificates are allowed to be issued
    PostalCode string
    The postal code
    Province string
    The province
    Revoke bool
    If set to true, the certificate will be revoked on resource destruction.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    StreetAddress string
    The street address
    Ttl string
    Time to live
    UriSans []string
    List of alternative URIs
    UseCsrValues bool
    Preserve CSR values
    altNames List<String>
    List of alternative names
    backend String
    The PKI secret backend the resource belongs to.
    caChains List<String>
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate String
    The intermediate CA certificate in the format specified.
    certificateBundle String
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    commonName String
    CN of intermediate to create
    country String
    The country
    csr String
    The CSR
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuingCa String
    The issuing CA certificate in the format specified.
    locality String
    The locality
    maxPathLength Integer
    The maximum path length to encode in the generated certificate
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization String
    The organization
    otherSans List<String>
    List of other SANs
    ou String
    The organization unit
    permittedDnsDomains List<String>
    List of domains for which certificates are allowed to be issued
    postalCode String
    The postal code
    province String
    The province
    revoke Boolean
    If set to true, the certificate will be revoked on resource destruction.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.
    streetAddress String
    The street address
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs
    useCsrValues Boolean
    Preserve CSR values
    altNames string[]
    List of alternative names
    backend string
    The PKI secret backend the resource belongs to.
    caChains string[]
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate string
    The intermediate CA certificate in the format specified.
    certificateBundle string
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    commonName string
    CN of intermediate to create
    country string
    The country
    csr string
    The CSR
    excludeCnFromSans boolean
    Flag to exclude CN from SANs
    format string
    The format of data
    ipSans string[]
    List of alternative IPs
    issuerRef string
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuingCa string
    The issuing CA certificate in the format specified.
    locality string
    The locality
    maxPathLength number
    The maximum path length to encode in the generated certificate
    namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization string
    The organization
    otherSans string[]
    List of other SANs
    ou string
    The organization unit
    permittedDnsDomains string[]
    List of domains for which certificates are allowed to be issued
    postalCode string
    The postal code
    province string
    The province
    revoke boolean
    If set to true, the certificate will be revoked on resource destruction.
    serial string
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber string
    The certificate's serial number, hex formatted.
    streetAddress string
    The street address
    ttl string
    Time to live
    uriSans string[]
    List of alternative URIs
    useCsrValues boolean
    Preserve CSR values
    alt_names Sequence[str]
    List of alternative names
    backend str
    The PKI secret backend the resource belongs to.
    ca_chains Sequence[str]
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate str
    The intermediate CA certificate in the format specified.
    certificate_bundle str
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    common_name str
    CN of intermediate to create
    country str
    The country
    csr str
    The CSR
    exclude_cn_from_sans bool
    Flag to exclude CN from SANs
    format str
    The format of data
    ip_sans Sequence[str]
    List of alternative IPs
    issuer_ref str
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuing_ca str
    The issuing CA certificate in the format specified.
    locality str
    The locality
    max_path_length int
    The maximum path length to encode in the generated certificate
    namespace str
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization str
    The organization
    other_sans Sequence[str]
    List of other SANs
    ou str
    The organization unit
    permitted_dns_domains Sequence[str]
    List of domains for which certificates are allowed to be issued
    postal_code str
    The postal code
    province str
    The province
    revoke bool
    If set to true, the certificate will be revoked on resource destruction.
    serial str
    The serial number.

    Deprecated:Use serial_number instead

    serial_number str
    The certificate's serial number, hex formatted.
    street_address str
    The street address
    ttl str
    Time to live
    uri_sans Sequence[str]
    List of alternative URIs
    use_csr_values bool
    Preserve CSR values
    altNames List<String>
    List of alternative names
    backend String
    The PKI secret backend the resource belongs to.
    caChains List<String>
    A list of the issuing and intermediate CA certificates in the format specified.
    certificate String
    The intermediate CA certificate in the format specified.
    certificateBundle String
    The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the format to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
    commonName String
    CN of intermediate to create
    country String
    The country
    csr String
    The CSR
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. May be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuingCa String
    The issuing CA certificate in the format specified.
    locality String
    The locality
    maxPathLength Number
    The maximum path length to encode in the generated certificate
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    organization String
    The organization
    otherSans List<String>
    List of other SANs
    ou String
    The organization unit
    permittedDnsDomains List<String>
    List of domains for which certificates are allowed to be issued
    postalCode String
    The postal code
    province String
    The province
    revoke Boolean
    If set to true, the certificate will be revoked on resource destruction.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.
    streetAddress String
    The street address
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs
    useCsrValues Boolean
    Preserve CSR values

    Package Details

    Repository
    Vault pulumi/pulumi-vault
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the vault Terraform Provider.
    vault logo
    HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi