Secret
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const app = new vault.pkisecret.SecretBackendCert("app", {
backend: intermediate.path,
name: test.name,
commonName: "app.my.domain",
}, {
dependsOn: [admin],
});import pulumi
import pulumi_vault as vault
app = vault.pki_secret.SecretBackendCert("app",
backend=intermediate["path"],
name=test["name"],
common_name="app.my.domain",
opts = pulumi.ResourceOptions(depends_on=[admin]))using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var app = new Vault.PkiSecret.SecretBackendCert("app", new()
{
Backend = intermediate.Path,
Name = test.Name,
CommonName = "app.my.domain",
}, new CustomResourceOptions
{
DependsOn =
{
admin,
},
});
});package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := pkisecret.NewSecretBackendCert(ctx, "app", &pkisecret.SecretBackendCertArgs{
Backend: pulumi.Any(intermediate.Path),
Name: pulumi.Any(test.Name),
CommonName: pulumi.String("app.my.domain"),
}, pulumi.DependsOn([]pulumi.Resource{
admin,
}))
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.pkiSecret.SecretBackendCert;
import com.pulumi.vault.pkiSecret.SecretBackendCertArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var app = new SecretBackendCert("app", SecretBackendCertArgs.builder()
.backend(intermediate.path())
.name(test.name())
.commonName("app.my.domain")
.build(), CustomResourceOptions.builder()
.dependsOn(admin)
.build());
}
}resources:
app:
type: vault:pkiSecret:SecretBackendCert
properties:
backend: ${intermediate.path}
name: ${test.name}
commonName: app.my.domain
options:
dependsOn:
- ${admin}Properties
The certificate
A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
CN of certificate to create
Flag to exclude CN from SANs
The expiration date of the certificate in unix epoch format
Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
The private key
The private key format
The private key type
true if the current time (during refresh) is after the start of the early renewal window declared by min_seconds_remaining, and false otherwise; if auto_renew is set to true then the provider will plan to replace the certificate once renewal is pending.
If set to true, the certificate will be revoked on resource destruction using the revoke-with-key PKI API. Conflicts with revoke. Default false
The serial number