Namespace Pulumi.Vault.PkiSecret
Classes
SecretBackend
Creates an PKI Secret Backend for Vault. PKI secret backends can then issue certificates, once a role has been added to the backend.
Example Usage
using Pulumi;
using Vault = Pulumi.Vault;
class MyStack : Stack
{
public MyStack()
{
var pki = new Vault.PkiSecret.SecretBackend("pki", new Vault.PkiSecret.SecretBackendArgs
{
DefaultLeaseTtlSeconds = 3600,
MaxLeaseTtlSeconds = 86400,
Path = "pki",
});
}
}
SecretBackendArgs
SecretBackendCert
SecretBackendCertArgs
SecretBackendCertState
SecretBackendConfigCa
SecretBackendConfigCaArgs
SecretBackendConfigCaState
SecretBackendConfigUrls
Allows setting the issuing certificate endpoints, CRL distribution points, and OCSP server endpoints that will be encoded into issued certificates.
Example Usage
using Pulumi;
using Vault = Pulumi.Vault;
class MyStack : Stack
{
public MyStack()
{
var pki = new Vault.PkiSecret.SecretBackend("pki", new Vault.PkiSecret.SecretBackendArgs
{
DefaultLeaseTtlSeconds = 3600,
MaxLeaseTtlSeconds = 86400,
Path = "%s",
});
var configUrls = new Vault.PkiSecret.SecretBackendConfigUrls("configUrls", new Vault.PkiSecret.SecretBackendConfigUrlsArgs
{
Backend = pki.Path,
IssuingCertificates =
{
"http://127.0.0.1:8200/v1/pki/ca",
},
});
}
}
SecretBackendConfigUrlsArgs
SecretBackendConfigUrlsState
SecretBackendCrlConfig
Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.
Example Usage
using Pulumi;
using Vault = Pulumi.Vault;
class MyStack : Stack
{
public MyStack()
{
var pki = new Vault.Mount("pki", new Vault.MountArgs
{
DefaultLeaseTtlSeconds = 3600,
MaxLeaseTtlSeconds = 86400,
Path = "%s",
Type = "pki",
});
var crlConfig = new Vault.PkiSecret.SecretBackendCrlConfig("crlConfig", new Vault.PkiSecret.SecretBackendCrlConfigArgs
{
Backend = pki.Path,
Disable = false,
Expiry = "72h",
});
}
}
SecretBackendCrlConfigArgs
SecretBackendCrlConfigState
SecretBackendIntermediateCertRequest
SecretBackendIntermediateCertRequestArgs
SecretBackendIntermediateCertRequestState
SecretBackendIntermediateSetSigned
SecretBackendIntermediateSetSignedArgs
SecretBackendIntermediateSetSignedState
SecretBackendRole
Creates a role on an PKI Secret Backend for Vault.
Example Usage
using Pulumi;
using Vault = Pulumi.Vault;
class MyStack : Stack
{
public MyStack()
{
var pki = new Vault.PkiSecret.SecretBackend("pki", new Vault.PkiSecret.SecretBackendArgs
{
DefaultLeaseTtlSeconds = 3600,
MaxLeaseTtlSeconds = 86400,
Path = "%s",
});
var role = new Vault.PkiSecret.SecretBackendRole("role", new Vault.PkiSecret.SecretBackendRoleArgs
{
Backend = pki.Path,
});
}
}
SecretBackendRoleArgs
SecretBackendRoleState
SecretBackendRootCert
SecretBackendRootCertArgs
SecretBackendRootCertState
SecretBackendRootSignIntermediate
Creates an PKI certificate.
Example Usage
using Pulumi;
using Vault = Pulumi.Vault;
class MyStack : Stack
{
public MyStack()
{
var root = new Vault.PkiSecret.SecretBackendRootSignIntermediate("root", new Vault.PkiSecret.SecretBackendRootSignIntermediateArgs
{
Backend = vault_pki_secret_backend.Root.Path,
Csr = vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr,
CommonName = "Intermediate CA",
ExcludeCnFromSans = true,
Ou = "My OU",
Organization = "My organization",
});
}
}