1. Packages
  2. HashiCorp Vault
  3. API Docs
  4. pkiSecret
  5. SecretBackendSign
HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi

vault.pkiSecret.SecretBackendSign

Explore with Pulumi AI

vault logo
HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi

    Deprecations

    • serial - Use serial_number instead.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Vault.PkiSecret.SecretBackendSign("test", new()
        {
            Backend = vault_mount.Pki.Path,
            Csr = @"-----BEGIN CERTIFICATE REQUEST-----
    MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
    ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
    dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
    AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP
    CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt
    Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy
    X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0
    V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01
    te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS
    kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw
    kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD
    5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O
    gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I
    1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG
    9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL
    It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG
    fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN
    77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN
    vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv
    do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1
    OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te
    dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf
    UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8
    OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0
    o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=
    -----END CERTIFICATE REQUEST-----
    ",
            CommonName = "test.my.domain",
        }, new CustomResourceOptions
        {
            DependsOn = new[]
            {
                vault_pki_secret_backend_role.Admin,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := pkiSecret.NewSecretBackendSign(ctx, "test", &pkiSecret.SecretBackendSignArgs{
    			Backend: pulumi.Any(vault_mount.Pki.Path),
    			Csr: pulumi.String(`-----BEGIN CERTIFICATE REQUEST-----
    MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
    ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
    dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
    AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP
    CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt
    Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy
    X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0
    V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01
    te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS
    kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw
    kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD
    5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O
    gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I
    1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG
    9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL
    It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG
    fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN
    77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN
    vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv
    do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1
    OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te
    dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf
    UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8
    OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0
    o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=
    -----END CERTIFICATE REQUEST-----
    `),
    			CommonName: pulumi.String("test.my.domain"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			vault_pki_secret_backend_role.Admin,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.pkiSecret.SecretBackendSign;
    import com.pulumi.vault.pkiSecret.SecretBackendSignArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new SecretBackendSign("test", SecretBackendSignArgs.builder()        
                .backend(vault_mount.pki().path())
                .csr("""
    -----BEGIN CERTIFICATE REQUEST-----
    MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
    ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
    dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
    AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP
    CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt
    Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy
    X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0
    V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01
    te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS
    kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw
    kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD
    5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O
    gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I
    1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG
    9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL
    It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG
    fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN
    77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN
    vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv
    do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1
    OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te
    dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf
    UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8
    OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0
    o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=
    -----END CERTIFICATE REQUEST-----
                """)
                .commonName("test.my.domain")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(vault_pki_secret_backend_role.admin())
                    .build());
    
        }
    }
    
    import pulumi
    import pulumi_vault as vault
    
    test = vault.pki_secret.SecretBackendSign("test",
        backend=vault_mount["pki"]["path"],
        csr="""-----BEGIN CERTIFICATE REQUEST-----
    MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
    ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
    dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
    AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP
    CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt
    Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy
    X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0
    V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01
    te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS
    kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw
    kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD
    5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O
    gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I
    1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG
    9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL
    It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG
    fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN
    77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN
    vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv
    do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1
    OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te
    dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf
    UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8
    OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0
    o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=
    -----END CERTIFICATE REQUEST-----
    """,
        common_name="test.my.domain",
        opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_role["admin"]]))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const test = new vault.pkisecret.SecretBackendSign("test", {
        backend: vault_mount.pki.path,
        csr: `-----BEGIN CERTIFICATE REQUEST-----
    MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
    ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
    dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
    AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP
    CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt
    Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy
    X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0
    V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01
    te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS
    kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw
    kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD
    5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O
    gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I
    1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG
    9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL
    It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG
    fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN
    77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN
    vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv
    do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1
    OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te
    dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf
    UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8
    OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0
    o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=
    -----END CERTIFICATE REQUEST-----
    `,
        commonName: "test.my.domain",
    }, {
        dependsOn: [vault_pki_secret_backend_role.admin],
    });
    
    resources:
      test:
        type: vault:pkiSecret:SecretBackendSign
        properties:
          backend: ${vault_mount.pki.path}
          csr: |
            -----BEGIN CERTIFICATE REQUEST-----
            MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
            ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
            dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
            AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP
            CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt
            Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy
            X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0
            V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01
            te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS
            kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw
            kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD
            5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O
            gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I
            1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG
            9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL
            It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG
            fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN
            77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN
            vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv
            do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1
            OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te
            dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf
            UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8
            OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0
            o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=
            -----END CERTIFICATE REQUEST-----        
          commonName: test.my.domain
        options:
          dependson:
            - ${vault_pki_secret_backend_role.admin}
    

    Create SecretBackendSign Resource

    new SecretBackendSign(name: string, args: SecretBackendSignArgs, opts?: CustomResourceOptions);
    @overload
    def SecretBackendSign(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          alt_names: Optional[Sequence[str]] = None,
                          auto_renew: Optional[bool] = None,
                          backend: Optional[str] = None,
                          common_name: Optional[str] = None,
                          csr: Optional[str] = None,
                          exclude_cn_from_sans: Optional[bool] = None,
                          format: Optional[str] = None,
                          ip_sans: Optional[Sequence[str]] = None,
                          issuer_ref: Optional[str] = None,
                          min_seconds_remaining: Optional[int] = None,
                          name: Optional[str] = None,
                          namespace: Optional[str] = None,
                          other_sans: Optional[Sequence[str]] = None,
                          ttl: Optional[str] = None,
                          uri_sans: Optional[Sequence[str]] = None)
    @overload
    def SecretBackendSign(resource_name: str,
                          args: SecretBackendSignArgs,
                          opts: Optional[ResourceOptions] = None)
    func NewSecretBackendSign(ctx *Context, name string, args SecretBackendSignArgs, opts ...ResourceOption) (*SecretBackendSign, error)
    public SecretBackendSign(string name, SecretBackendSignArgs args, CustomResourceOptions? opts = null)
    public SecretBackendSign(String name, SecretBackendSignArgs args)
    public SecretBackendSign(String name, SecretBackendSignArgs args, CustomResourceOptions options)
    
    type: vault:pkiSecret:SecretBackendSign
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args SecretBackendSignArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecretBackendSignArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecretBackendSignArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecretBackendSignArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecretBackendSignArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    SecretBackendSign Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SecretBackendSign resource accepts the following input properties:

    Backend string
    The PKI secret backend the resource belongs to.
    CommonName string
    CN of certificate to create
    Csr string
    The CSR
    AltNames List<string>
    List of alternative names
    AutoRenew bool
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Format string
    The format of data
    IpSans List<string>
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    MinSecondsRemaining int
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    Name string
    Name of the role to create the certificate against
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    OtherSans List<string>
    List of other SANs
    Ttl string
    Time to live
    UriSans List<string>
    List of alternative URIs
    Backend string
    The PKI secret backend the resource belongs to.
    CommonName string
    CN of certificate to create
    Csr string
    The CSR
    AltNames []string
    List of alternative names
    AutoRenew bool
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Format string
    The format of data
    IpSans []string
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    MinSecondsRemaining int
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    Name string
    Name of the role to create the certificate against
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    OtherSans []string
    List of other SANs
    Ttl string
    Time to live
    UriSans []string
    List of alternative URIs
    backend String
    The PKI secret backend the resource belongs to.
    commonName String
    CN of certificate to create
    csr String
    The CSR
    altNames List<String>
    List of alternative names
    autoRenew Boolean
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    minSecondsRemaining Integer
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name String
    Name of the role to create the certificate against
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    otherSans List<String>
    List of other SANs
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs
    backend string
    The PKI secret backend the resource belongs to.
    commonName string
    CN of certificate to create
    csr string
    The CSR
    altNames string[]
    List of alternative names
    autoRenew boolean
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    excludeCnFromSans boolean
    Flag to exclude CN from SANs
    format string
    The format of data
    ipSans string[]
    List of alternative IPs
    issuerRef string
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    minSecondsRemaining number
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name string
    Name of the role to create the certificate against
    namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    otherSans string[]
    List of other SANs
    ttl string
    Time to live
    uriSans string[]
    List of alternative URIs
    backend str
    The PKI secret backend the resource belongs to.
    common_name str
    CN of certificate to create
    csr str
    The CSR
    alt_names Sequence[str]
    List of alternative names
    auto_renew bool
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    exclude_cn_from_sans bool
    Flag to exclude CN from SANs
    format str
    The format of data
    ip_sans Sequence[str]
    List of alternative IPs
    issuer_ref str
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    min_seconds_remaining int
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name str
    Name of the role to create the certificate against
    namespace str
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    other_sans Sequence[str]
    List of other SANs
    ttl str
    Time to live
    uri_sans Sequence[str]
    List of alternative URIs
    backend String
    The PKI secret backend the resource belongs to.
    commonName String
    CN of certificate to create
    csr String
    The CSR
    altNames List<String>
    List of alternative names
    autoRenew Boolean
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    minSecondsRemaining Number
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name String
    Name of the role to create the certificate against
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    otherSans List<String>
    List of other SANs
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecretBackendSign resource produces the following output properties:

    CaChains List<string>
    The CA chain
    Certificate string
    The certificate
    Expiration int
    The expiration date of the certificate in unix epoch format
    Id string
    The provider-assigned unique ID for this managed resource.
    IssuingCa string
    The issuing CA
    RenewPending bool
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    CaChains []string
    The CA chain
    Certificate string
    The certificate
    Expiration int
    The expiration date of the certificate in unix epoch format
    Id string
    The provider-assigned unique ID for this managed resource.
    IssuingCa string
    The issuing CA
    RenewPending bool
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    caChains List<String>
    The CA chain
    certificate String
    The certificate
    expiration Integer
    The expiration date of the certificate in unix epoch format
    id String
    The provider-assigned unique ID for this managed resource.
    issuingCa String
    The issuing CA
    renewPending Boolean
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.
    caChains string[]
    The CA chain
    certificate string
    The certificate
    expiration number
    The expiration date of the certificate in unix epoch format
    id string
    The provider-assigned unique ID for this managed resource.
    issuingCa string
    The issuing CA
    renewPending boolean
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial string
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber string
    The certificate's serial number, hex formatted.
    ca_chains Sequence[str]
    The CA chain
    certificate str
    The certificate
    expiration int
    The expiration date of the certificate in unix epoch format
    id str
    The provider-assigned unique ID for this managed resource.
    issuing_ca str
    The issuing CA
    renew_pending bool
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial str
    The serial number.

    Deprecated:Use serial_number instead

    serial_number str
    The certificate's serial number, hex formatted.
    caChains List<String>
    The CA chain
    certificate String
    The certificate
    expiration Number
    The expiration date of the certificate in unix epoch format
    id String
    The provider-assigned unique ID for this managed resource.
    issuingCa String
    The issuing CA
    renewPending Boolean
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.

    Look up Existing SecretBackendSign Resource

    Get an existing SecretBackendSign resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecretBackendSignState, opts?: CustomResourceOptions): SecretBackendSign
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            alt_names: Optional[Sequence[str]] = None,
            auto_renew: Optional[bool] = None,
            backend: Optional[str] = None,
            ca_chains: Optional[Sequence[str]] = None,
            certificate: Optional[str] = None,
            common_name: Optional[str] = None,
            csr: Optional[str] = None,
            exclude_cn_from_sans: Optional[bool] = None,
            expiration: Optional[int] = None,
            format: Optional[str] = None,
            ip_sans: Optional[Sequence[str]] = None,
            issuer_ref: Optional[str] = None,
            issuing_ca: Optional[str] = None,
            min_seconds_remaining: Optional[int] = None,
            name: Optional[str] = None,
            namespace: Optional[str] = None,
            other_sans: Optional[Sequence[str]] = None,
            renew_pending: Optional[bool] = None,
            serial: Optional[str] = None,
            serial_number: Optional[str] = None,
            ttl: Optional[str] = None,
            uri_sans: Optional[Sequence[str]] = None) -> SecretBackendSign
    func GetSecretBackendSign(ctx *Context, name string, id IDInput, state *SecretBackendSignState, opts ...ResourceOption) (*SecretBackendSign, error)
    public static SecretBackendSign Get(string name, Input<string> id, SecretBackendSignState? state, CustomResourceOptions? opts = null)
    public static SecretBackendSign get(String name, Output<String> id, SecretBackendSignState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AltNames List<string>
    List of alternative names
    AutoRenew bool
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    Backend string
    The PKI secret backend the resource belongs to.
    CaChains List<string>
    The CA chain
    Certificate string
    The certificate
    CommonName string
    CN of certificate to create
    Csr string
    The CSR
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Expiration int
    The expiration date of the certificate in unix epoch format
    Format string
    The format of data
    IpSans List<string>
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    IssuingCa string
    The issuing CA
    MinSecondsRemaining int
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    Name string
    Name of the role to create the certificate against
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    OtherSans List<string>
    List of other SANs
    RenewPending bool
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    Ttl string
    Time to live
    UriSans List<string>
    List of alternative URIs
    AltNames []string
    List of alternative names
    AutoRenew bool
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    Backend string
    The PKI secret backend the resource belongs to.
    CaChains []string
    The CA chain
    Certificate string
    The certificate
    CommonName string
    CN of certificate to create
    Csr string
    The CSR
    ExcludeCnFromSans bool
    Flag to exclude CN from SANs
    Expiration int
    The expiration date of the certificate in unix epoch format
    Format string
    The format of data
    IpSans []string
    List of alternative IPs
    IssuerRef string
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    IssuingCa string
    The issuing CA
    MinSecondsRemaining int
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    Name string
    Name of the role to create the certificate against
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    OtherSans []string
    List of other SANs
    RenewPending bool
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    Serial string
    The serial number.

    Deprecated:Use serial_number instead

    SerialNumber string
    The certificate's serial number, hex formatted.
    Ttl string
    Time to live
    UriSans []string
    List of alternative URIs
    altNames List<String>
    List of alternative names
    autoRenew Boolean
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    backend String
    The PKI secret backend the resource belongs to.
    caChains List<String>
    The CA chain
    certificate String
    The certificate
    commonName String
    CN of certificate to create
    csr String
    The CSR
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    expiration Integer
    The expiration date of the certificate in unix epoch format
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuingCa String
    The issuing CA
    minSecondsRemaining Integer
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name String
    Name of the role to create the certificate against
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    otherSans List<String>
    List of other SANs
    renewPending Boolean
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs
    altNames string[]
    List of alternative names
    autoRenew boolean
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    backend string
    The PKI secret backend the resource belongs to.
    caChains string[]
    The CA chain
    certificate string
    The certificate
    commonName string
    CN of certificate to create
    csr string
    The CSR
    excludeCnFromSans boolean
    Flag to exclude CN from SANs
    expiration number
    The expiration date of the certificate in unix epoch format
    format string
    The format of data
    ipSans string[]
    List of alternative IPs
    issuerRef string
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuingCa string
    The issuing CA
    minSecondsRemaining number
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name string
    Name of the role to create the certificate against
    namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    otherSans string[]
    List of other SANs
    renewPending boolean
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial string
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber string
    The certificate's serial number, hex formatted.
    ttl string
    Time to live
    uriSans string[]
    List of alternative URIs
    alt_names Sequence[str]
    List of alternative names
    auto_renew bool
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    backend str
    The PKI secret backend the resource belongs to.
    ca_chains Sequence[str]
    The CA chain
    certificate str
    The certificate
    common_name str
    CN of certificate to create
    csr str
    The CSR
    exclude_cn_from_sans bool
    Flag to exclude CN from SANs
    expiration int
    The expiration date of the certificate in unix epoch format
    format str
    The format of data
    ip_sans Sequence[str]
    List of alternative IPs
    issuer_ref str
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuing_ca str
    The issuing CA
    min_seconds_remaining int
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name str
    Name of the role to create the certificate against
    namespace str
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    other_sans Sequence[str]
    List of other SANs
    renew_pending bool
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial str
    The serial number.

    Deprecated:Use serial_number instead

    serial_number str
    The certificate's serial number, hex formatted.
    ttl str
    Time to live
    uri_sans Sequence[str]
    List of alternative URIs
    altNames List<String>
    List of alternative names
    autoRenew Boolean
    If set to true, certs will be renewed if the expiration is within min_seconds_remaining. Default false
    backend String
    The PKI secret backend the resource belongs to.
    caChains List<String>
    The CA chain
    certificate String
    The certificate
    commonName String
    CN of certificate to create
    csr String
    The CSR
    excludeCnFromSans Boolean
    Flag to exclude CN from SANs
    expiration Number
    The expiration date of the certificate in unix epoch format
    format String
    The format of data
    ipSans List<String>
    List of alternative IPs
    issuerRef String
    Specifies the default issuer of this request. Can be the value default, a name, or an issuer ID. Use ACLs to prevent access to the /pki/issuer/:issuer_ref/{issue,sign}/:name paths to prevent users overriding the role's issuer_ref value.
    issuingCa String
    The issuing CA
    minSecondsRemaining Number
    Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
    name String
    Name of the role to create the certificate against
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    otherSans List<String>
    List of other SANs
    renewPending Boolean
    true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
    serial String
    The serial number.

    Deprecated:Use serial_number instead

    serialNumber String
    The certificate's serial number, hex formatted.
    ttl String
    Time to live
    uriSans List<String>
    List of alternative URIs

    Package Details

    Repository
    Vault pulumi/pulumi-vault
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the vault Terraform Provider.
    vault logo
    HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi