» vault_pki_secret_backend_cert

Generates a certificate from the PKI Secret Backend.

Important All data provided in the resource configuration will be written in cleartext to state and plan files generated by Terraform, and will appear in the console output when Terraform runs. Protect these artifacts accordingly. See the main provider documentation for more details.

» Example Usage

resource "vault_pki_secret_backend_cert" "app" {
  depends_on = [ "vault_pki_secret_backend_role.admin" ]

  backend = "${vault_pki_secret_backend.intermediate.path}"
  name = "${vault_pki_secret_backend_role.test.name}"

  common_name = "app.my.domain"
}

» Argument Reference

The following arguments are supported:

backend - (Required) The PKI secret backend the resource belongs to.
name - (Required) Name of the role to create the certificate against
common_name - (Required) CN of certificate to create
alt_names - (Optional) List of alternative names
ip_sans - (Optional) List of alternative IPs
other_sans - (Optional) List of other SANs
ttl - (Optional) Time to leave
format - (Optional) The format of data
private_key_format - (Optional) The private key format
exclude_cn_from_sans - (Optional) Flag to exclude CN from SANs

» Attributes Reference

In addition to the fields above, the following attributes are exported:

certificate - The certificate
issuing_ca - The issuing CA
ca_chain - The CA chain
private_key - The private key
private_key_type - The private key type
serial_number - The serial number