get
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const pki = new vault.Mount("pki", {
path: "pki",
type: "pki",
description: "PKI secret engine mount",
});
const root = new vault.pkisecret.SecretBackendRootCert("root", {
backend: pki.path,
type: "internal",
commonName: "example",
ttl: "86400",
issuerName: "example",
});
const example = root.issuerId.apply(issuerId => vault.pkiSecret.getBackendIssuerOutput({
backend: root.path,
issuerRef: issuerId,
}));import pulumi
import pulumi_vault as vault
pki = vault.Mount("pki",
path="pki",
type="pki",
description="PKI secret engine mount")
root = vault.pki_secret.SecretBackendRootCert("root",
backend=pki.path,
type="internal",
common_name="example",
ttl="86400",
issuer_name="example")
example = root.issuer_id.apply(lambda issuer_id: vault.pkiSecret.get_backend_issuer_output(backend=root.path,
issuer_ref=issuer_id))using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var pki = new Vault.Mount("pki", new()
{
Path = "pki",
Type = "pki",
Description = "PKI secret engine mount",
});
var root = new Vault.PkiSecret.SecretBackendRootCert("root", new()
{
Backend = pki.Path,
Type = "internal",
CommonName = "example",
Ttl = "86400",
IssuerName = "example",
});
var example = Vault.PkiSecret.GetBackendIssuer.Invoke(new()
{
Backend = root.Path,
IssuerRef = root.IssuerId,
});
});package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
Path: pulumi.String("pki"),
Type: pulumi.String("pki"),
Description: pulumi.String("PKI secret engine mount"),
})
if err != nil {
return err
}
root, err := pkisecret.NewSecretBackendRootCert(ctx, "root", &pkisecret.SecretBackendRootCertArgs{
Backend: pki.Path,
Type: pulumi.String("internal"),
CommonName: pulumi.String("example"),
Ttl: pulumi.String("86400"),
IssuerName: pulumi.String("example"),
})
if err != nil {
return err
}
_ = root.IssuerId.ApplyT(func(issuerId string) (pkisecret.GetBackendIssuerResult, error) {
return pkisecret.GetBackendIssuerResult(interface{}(pkisecret.GetBackendIssuerOutput(ctx, pkisecret.GetBackendIssuerOutputArgs{
Backend: root.Path,
IssuerRef: issuerId,
}, nil))), nil
}).(pkisecret.GetBackendIssuerResultOutput)
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.pkiSecret.SecretBackendRootCert;
import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;
import com.pulumi.vault.pkiSecret.PkiSecretFunctions;
import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pki = new Mount("pki", MountArgs.builder()
.path("pki")
.type("pki")
.description("PKI secret engine mount")
.build());
var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder()
.backend(pki.path())
.type("internal")
.commonName("example")
.ttl("86400")
.issuerName("example")
.build());
final var example = PkiSecretFunctions.getBackendIssuer(GetBackendIssuerArgs.builder()
.backend(root.path())
.issuerRef(root.issuerId())
.build());
}
}resources:
pki:
type: vault:Mount
properties:
path: pki
type: pki
description: PKI secret engine mount
root:
type: vault:pkiSecret:SecretBackendRootCert
properties:
backend: ${pki.path}
type: internal
commonName: example
ttl: '86400'
issuerName: example
variables:
example:
fn::invoke:
function: vault:pkiSecret:getBackendIssuer
arguments:
backend: ${root.path}
issuerRef: ${root.issuerId}Return
A collection of values returned by getBackendIssuer.
Parameters
A collection of arguments for invoking getBackendIssuer.
Return
A collection of values returned by getBackendIssuer.
Parameters
The path to the PKI secret backend to read the issuer from, with no leading or trailing /s.
This determines whether this issuer is able to issue certificates where the chain of trust (including the issued certificate) contain critical extensions not processed by Vault.
This determines whether this issuer is able to issue certificates where the chain of trust (including the final issued certificate) contains a link in which the subject of the issuing certificate does not match the named issuer of the certificate it signed.
This determines whether this issuer is able to issue certificates where the chain of trust (including the final issued certificate) violates the name constraints critical extension of one of the issuer certificates in the chain.
This determines whether this issuer is able to issue certificates where the chain of trust (including the final issued certificate) is longer than allowed by a certificate authority in that chain.
Reference to an existing issuer.
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
See also
Return
A collection of values returned by getBackendIssuer.
Parameters
Builder for com.pulumi.vault.pkiSecret.kotlin.inputs.GetBackendIssuerPlainArgs.