pulumi-vault-kotlin/com.pulumi.vault.pkiSecret.kotlin/SecretBackendRole/serialNumberSource

serialNumberSource

val serialNumberSource: Output<String>

Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior. Example usage:

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.pkiSecret.SecretBackendRole;
import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var pki = new Mount("pki", MountArgs.builder()
            .path("pki")
            .type("pki")
            .defaultLeaseTtlSeconds(3600)
            .maxLeaseTtlSeconds(86400)
            .build());
        var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder()
            .backend(pki.path())
            .name("my_role")
            .ttl(3600)
            .allowIpSans(true)
            .keyType("rsa")
            .keyBits(4096)
            .allowedDomains(
                "example.com",
                "my.domain")
            .allowSubdomains(true)
            .policyIdentifiers(
                Map.ofEntries(
                    Map.entry("oid", "1.3.6.1.4.1.7.8"),
                    Map.entry("notice", "I am a user Notice")
                ),
                Map.ofEntries(
                    Map.entry("oid", "1.3.6.1.4.1.44947.1.2.4"),
                    Map.entry("cps", "https://example.com")
                ))
            .build());
    }
}
Content copied to clipboard
resources:
  pki:
    type: vault:Mount
    properties:
      path: pki
      type: pki
      defaultLeaseTtlSeconds: 3600
      maxLeaseTtlSeconds: 86400
  role:
    type: vault:pkiSecret:SecretBackendRole
    properties:
      backend: ${pki.path}
      name: my_role
      ttl: 3600
      allowIpSans: true
      keyType: rsa
      keyBits: 4096
      allowedDomains:
        - example.com
        - my.domain
      allowSubdomains: true
      policyIdentifiers:
        - oid: 1.3.6.1.4.1.7.8
          notice: I am a user Notice
        - oid: 1.3.6.1.4.1.44947.1.2.4
          cps: https://example.com
Content copied to clipboard