Secret
data class SecretBackendConfigIssuersArgs(val backend: Output<String>? = null, val default: Output<String>? = null, val defaultFollowsLatestIssuer: Output<Boolean>? = null, val namespace: Output<String>? = null) : ConvertibleToJava<SecretBackendConfigIssuersArgs>
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const pki = new vault.Mount("pki", {
path: "pki",
type: "pki",
defaultLeaseTtlSeconds: 3600,
maxLeaseTtlSeconds: 86400,
});
const root = new vault.pkisecret.SecretBackendRootCert("root", {
backend: pki.path,
type: "internal",
commonName: "test",
ttl: "86400",
});
const example = new vault.pkisecret.SecretBackendIssuer("example", {
backend: root.backend,
issuerRef: root.issuerId,
issuerName: "example-issuer",
});
const config = new vault.pkisecret.SecretBackendConfigIssuers("config", {
backend: pki.path,
"default": example.issuerId,
defaultFollowsLatestIssuer: true,
});Content copied to clipboard
import pulumi
import pulumi_vault as vault
pki = vault.Mount("pki",
path="pki",
type="pki",
default_lease_ttl_seconds=3600,
max_lease_ttl_seconds=86400)
root = vault.pki_secret.SecretBackendRootCert("root",
backend=pki.path,
type="internal",
common_name="test",
ttl="86400")
example = vault.pki_secret.SecretBackendIssuer("example",
backend=root.backend,
issuer_ref=root.issuer_id,
issuer_name="example-issuer")
config = vault.pki_secret.SecretBackendConfigIssuers("config",
backend=pki.path,
default=example.issuer_id,
default_follows_latest_issuer=True)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var pki = new Vault.Mount("pki", new()
{
Path = "pki",
Type = "pki",
DefaultLeaseTtlSeconds = 3600,
MaxLeaseTtlSeconds = 86400,
});
var root = new Vault.PkiSecret.SecretBackendRootCert("root", new()
{
Backend = pki.Path,
Type = "internal",
CommonName = "test",
Ttl = "86400",
});
var example = new Vault.PkiSecret.SecretBackendIssuer("example", new()
{
Backend = root.Backend,
IssuerRef = root.IssuerId,
IssuerName = "example-issuer",
});
var config = new Vault.PkiSecret.SecretBackendConfigIssuers("config", new()
{
Backend = pki.Path,
Default = example.IssuerId,
DefaultFollowsLatestIssuer = true,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
Path: pulumi.String("pki"),
Type: pulumi.String("pki"),
DefaultLeaseTtlSeconds: pulumi.Int(3600),
MaxLeaseTtlSeconds: pulumi.Int(86400),
})
if err != nil {
return err
}
root, err := pkisecret.NewSecretBackendRootCert(ctx, "root", &pkisecret.SecretBackendRootCertArgs{
Backend: pki.Path,
Type: pulumi.String("internal"),
CommonName: pulumi.String("test"),
Ttl: pulumi.String("86400"),
})
if err != nil {
return err
}
example, err := pkisecret.NewSecretBackendIssuer(ctx, "example", &pkisecret.SecretBackendIssuerArgs{
Backend: root.Backend,
IssuerRef: root.IssuerId,
IssuerName: pulumi.String("example-issuer"),
})
if err != nil {
return err
}
_, err = pkisecret.NewSecretBackendConfigIssuers(ctx, "config", &pkisecret.SecretBackendConfigIssuersArgs{
Backend: pki.Path,
Default: example.IssuerId,
DefaultFollowsLatestIssuer: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.pkiSecret.SecretBackendRootCert;
import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;
import com.pulumi.vault.pkiSecret.SecretBackendIssuer;
import com.pulumi.vault.pkiSecret.SecretBackendIssuerArgs;
import com.pulumi.vault.pkiSecret.SecretBackendConfigIssuers;
import com.pulumi.vault.pkiSecret.SecretBackendConfigIssuersArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pki = new Mount("pki", MountArgs.builder()
.path("pki")
.type("pki")
.defaultLeaseTtlSeconds(3600)
.maxLeaseTtlSeconds(86400)
.build());
var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder()
.backend(pki.path())
.type("internal")
.commonName("test")
.ttl("86400")
.build());
var example = new SecretBackendIssuer("example", SecretBackendIssuerArgs.builder()
.backend(root.backend())
.issuerRef(root.issuerId())
.issuerName("example-issuer")
.build());
var config = new SecretBackendConfigIssuers("config", SecretBackendConfigIssuersArgs.builder()
.backend(pki.path())
.default_(example.issuerId())
.defaultFollowsLatestIssuer(true)
.build());
}
}Content copied to clipboard
resources:
pki:
type: vault:Mount
properties:
path: pki
type: pki
defaultLeaseTtlSeconds: 3600
maxLeaseTtlSeconds: 86400
root:
type: vault:pkiSecret:SecretBackendRootCert
properties:
backend: ${pki.path}
type: internal
commonName: test
ttl: '86400'
example:
type: vault:pkiSecret:SecretBackendIssuer
properties:
backend: ${root.backend}
issuerRef: ${root.issuerId}
issuerName: example-issuer
config:
type: vault:pkiSecret:SecretBackendConfigIssuers
properties:
backend: ${pki.path}
default: ${example.issuerId}
defaultFollowsLatestIssuer: trueContent copied to clipboard
Import
PKI secret backend config issuers can be imported using the path, e.g.
$ pulumi import vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers config pki/config/issuersContent copied to clipboard