» vault_pki_secret_backend_intermediate_cert_request
Generates a new private key and a CSR for signing the PKI Secret Backend.
Important All data provided in the resource configuration will be written in cleartext to state and plan files generated by Terraform, and will appear in the console output when Terraform runs. Protect these artifacts accordingly. See the main provider documentation for more details.
» Example Usage
resource "vault_pki_secret_backend_intermediate_cert_request" "test" {
depends_on = [ "vault_pki_secret_backend.pki" ]
backend = "${vault_pki_secret_backend.pki.path}"
type = "internal"
common_name = "app.my.domain"
}
» Argument Reference
The following arguments are supported:
-
backend
- (Required) The PKI secret backend the resource belongs to. -
type
- (Required) Type of intermediate to create. Must be either \"exported\" or \"internal\" -
common_name
- (Required) CN of intermediate to create -
alt_names
- (Optional) List of alternative names -
ip_sans
- (Optional) List of alternative IPs -
other_sans
- (Optional) List of other SANs -
format
- (Optional) The format of data -
private_key_format
- (Optional) The private key format -
key_type
- (Optional) The desired key type -
key_bits
- (Optional) The number of bits to use -
exclude_cn_from_sans
- (Optional) Flag to exclude CN from SANs -
ou
- (Optional) The organization unit -
organization
- (Optional) The organization -
country
- (Optional) The country -
locality
- (Optional) The locality -
province
- (Optional) The province -
street_address
- (Optional) The street address -
postal_code
- (Optional) The postal code
» Attributes Reference
In addition to the fields above, the following attributes are exported:
-
csr
- The CSR -
private_key
- The private key -
private_key_type
- The private key type -
serial_number
- The serial number