pulumi-vault-kotlin/com.pulumi.vault.pkiSecret.kotlin/SecretBackendRootCert

SecretBackendRootCert

class SecretBackendRootCert : KotlinCustomResource

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const test = new vault.pkisecret.SecretBackendRootCert("test", {
    backend: pki.path,
    type: "internal",
    commonName: "Root CA",
    ttl: "315360000",
    format: "pem",
    privateKeyFormat: "der",
    keyType: "rsa",
    keyBits: 4096,
    excludeCnFromSans: true,
    ou: "My OU",
    organization: "My organization",
}, {
    dependsOn: [pki],
});
Content copied to clipboard
import pulumi
import pulumi_vault as vault
test = vault.pki_secret.SecretBackendRootCert("test",
    backend=pki["path"],
    type="internal",
    common_name="Root CA",
    ttl="315360000",
    format="pem",
    private_key_format="der",
    key_type="rsa",
    key_bits=4096,
    exclude_cn_from_sans=True,
    ou="My OU",
    organization="My organization",
    opts = pulumi.ResourceOptions(depends_on=[pki]))
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var test = new Vault.PkiSecret.SecretBackendRootCert("test", new()
    {
        Backend = pki.Path,
        Type = "internal",
        CommonName = "Root CA",
        Ttl = "315360000",
        Format = "pem",
        PrivateKeyFormat = "der",
        KeyType = "rsa",
        KeyBits = 4096,
        ExcludeCnFromSans = true,
        Ou = "My OU",
        Organization = "My organization",
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            pki,
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkisecret.NewSecretBackendRootCert(ctx, "test", &pkisecret.SecretBackendRootCertArgs{
			Backend:           pulumi.Any(pki.Path),
			Type:              pulumi.String("internal"),
			CommonName:        pulumi.String("Root CA"),
			Ttl:               pulumi.String("315360000"),
			Format:            pulumi.String("pem"),
			PrivateKeyFormat:  pulumi.String("der"),
			KeyType:           pulumi.String("rsa"),
			KeyBits:           pulumi.Int(4096),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("My OU"),
			Organization:      pulumi.String("My organization"),
		}, pulumi.DependsOn([]pulumi.Resource{
			pki,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.pkiSecret.SecretBackendRootCert;
import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var test = new SecretBackendRootCert("test", SecretBackendRootCertArgs.builder()
            .backend(pki.path())
            .type("internal")
            .commonName("Root CA")
            .ttl("315360000")
            .format("pem")
            .privateKeyFormat("der")
            .keyType("rsa")
            .keyBits(4096)
            .excludeCnFromSans(true)
            .ou("My OU")
            .organization("My organization")
            .build(), CustomResourceOptions.builder()
                .dependsOn(pki)
                .build());
    }
}
Content copied to clipboard
resources:
  test:
    type: vault:pkiSecret:SecretBackendRootCert
    properties:
      backend: ${pki.path}
      type: internal
      commonName: Root CA
      ttl: '315360000'
      format: pem
      privateKeyFormat: der
      keyType: rsa
      keyBits: 4096
      excludeCnFromSans: true
      ou: My OU
      organization: My organization
    options:
      dependsOn:
        - ${pki}
Content copied to clipboard

Properties

Link copied to clipboard
val altNames: Output<List<String>>?

List of alternative names

Link copied to clipboard
val backend: Output<String>

The PKI secret backend the resource belongs to.

Link copied to clipboard
val certificate: Output<String>

The certificate.

Link copied to clipboard
val commonName: Output<String>

CN of intermediate to create

Link copied to clipboard
val country: Output<String>?

The country

Link copied to clipboard
val excludeCnFromSans: Output<Boolean>?

Flag to exclude CN from SANs

Link copied to clipboard
val excludedDnsDomains: Output<List<String>>?

List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.

Link copied to clipboard
val excludedEmailAddresses: Output<List<String>>?

List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.

Link copied to clipboard
val excludedIpRanges: Output<List<String>>?

List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.

Link copied to clipboard
val excludedUriDomains: Output<List<String>>?

List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.

Link copied to clipboard
val format: Output<String>?

The format of data

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val ipSans: Output<List<String>>?

List of alternative IPs

Link copied to clipboard
val issuerId: Output<String>

The ID of the generated issuer.

Link copied to clipboard
val issuerName: Output<String>

Provides a name to the specified issuer. The name must be unique across all issuers and not be the reserved value default

Link copied to clipboard
val issuingCa: Output<String>

The issuing CA certificate.

Link copied to clipboard
val keyBits: Output<Int>?

The number of bits to use

Link copied to clipboard
val keyId: Output<String>

The ID of the generated key.

Link copied to clipboard
val keyName: Output<String>

When a new key is created with this request, optionally specifies the name for this. The global ref default may not be used as a name.

Link copied to clipboard
val keyRef: Output<String>

Specifies the key (either default, by name, or by identifier) to use for generating this request. Only suitable for type=existing requests.

Link copied to clipboard
val keyType: Output<String>?

The desired key type

Link copied to clipboard
val locality: Output<String>?

The locality

Link copied to clipboard
val managedKeyId: Output<String>

The ID of the previously configured managed key. This field is required if type is kms and it conflicts with managed_key_name

Link copied to clipboard
val managedKeyName: Output<String>

The name of the previously configured managed key. This field is required if type is kms and it conflicts with managed_key_id

Link copied to clipboard
val maxPathLength: Output<Int>?

The maximum path length to encode in the generated certificate

Link copied to clipboard
val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

Link copied to clipboard
val notAfter: Output<String>?

Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.

Link copied to clipboard
val organization: Output<String>?

The organization

Link copied to clipboard
val otherSans: Output<List<String>>?

List of other SANs

Link copied to clipboard
val ou: Output<String>?

The organization unit

Link copied to clipboard
val permittedDnsDomains: Output<List<String>>?

List of domains for which certificates are allowed to be issued

Link copied to clipboard
val permittedEmailAddresses: Output<List<String>>?

List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.

Link copied to clipboard
val permittedIpRanges: Output<List<String>>?

List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.

Link copied to clipboard
val permittedUriDomains: Output<List<String>>?

List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.

Link copied to clipboard
val postalCode: Output<String>?

The postal code

Link copied to clipboard
val privateKeyFormat: Output<String>?

The private key format

Link copied to clipboard
val province: Output<String>?

The province

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val serialNumber: Output<String>

The certificate's serial number, hex formatted.

Link copied to clipboard
val signatureBits: Output<Int>

The number of bits to use in the signature algorithm

Link copied to clipboard
val streetAddress: Output<String>?

The street address

Link copied to clipboard
val ttl: Output<String>?

Time to live

Link copied to clipboard
val type: Output<String>

Type of intermediate to create. Must be either \"exported\", \"internal\" or \"kms\"

Link copied to clipboard
val uriSans: Output<List<String>>?

List of alternative URIs

Link copied to clipboard
val urn: Output<String>