» vault_pki_secret_backend_cert

Generates a certificate from the PKI Secret Backend.

» Example Usage

resource "vault_pki_secret_backend_cert" "app" {
  depends_on = [ "vault_pki_secret_backend_role.admin" ]

  backend = "${vault_pki_secret_backend.intermediate.path}"
  name = "${vault_pki_secret_backend_role.test.name}"

  common_name = "app.my.domain"
}

» Argument Reference

The following arguments are supported:

  • backend - (Required) The PKI secret backend the resource belongs to.

  • name - (Required) Name of the role to create the certificate against

  • common_name - (Required) CN of certificate to create

  • alt_names - (Optional) List of alternative names

  • ip_sans - (Optional) List of alternative IPs

  • other_sans - (Optional) List of other SANs

  • ttl - (Optional) Time to live

  • format - (Optional) The format of data

  • private_key_format - (Optional) The private key format

  • exclude_cn_from_sans - (Optional) Flag to exclude CN from SANs

  • min_seconds_remaining - (Optional) Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)

» Attributes Reference

In addition to the fields above, the following attributes are exported: