pkisecret

package
v6.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 16, 2025 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type BackendAcmeEab added in v6.5.0 

type BackendAcmeEab struct {
	pulumi.CustomResourceState

	// The ACME directory to which the key belongs
	AcmeDirectory pulumi.StringOutput `pulumi:"acmeDirectory"`
	// The path to the PKI secret backend to
	// create the EAB token within, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// An RFC3339 formatted date time when the EAB token was created
	CreatedOn pulumi.StringOutput `pulumi:"createdOn"`
	// The identifier of a specific ACME EAB token
	EabId pulumi.StringOutput `pulumi:"eabId"`
	// Create an EAB token that is specific to an issuer's ACME directory.
	Issuer pulumi.StringPtrOutput `pulumi:"issuer"`
	// The EAB token
	Key pulumi.StringOutput `pulumi:"key"`
	// The key type of the EAB key
	KeyType pulumi.StringOutput `pulumi:"keyType"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Create an EAB token that is specific to a role's ACME directory.
	//
	// **NOTE**: Within Vault ACME there are different ACME directories which an EAB token is associated with;
	//
	// 1. Default directory (`pki/acme/`) - Do not specify a value for issuer nor role parameters.
	// 2. Issuer specific (`pki/issuer/:issuer_ref/acme/`) - Specify a value for the issuer parameter
	// 3. Role specific (`pki/roles/:role/acme/`) - Specify a value for the role parameter
	// 4. Issuer and Role specific (`pki/issuer/:issuer_ref/roles/:role/acme/`) - Specify a value for both the issuer and role parameters
	Role pulumi.StringPtrOutput `pulumi:"role"`
}

Allows creating ACME EAB (External Account Binding) tokens and deleting unused ones.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		test, err := vault.NewMount(ctx, "test", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewBackendAcmeEab(ctx, "test", &pkisecret.BackendAcmeEabArgs{
			Backend: test.Path,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

As EAB tokens are only available on initial creation there is no possibility to

import or update this resource.

func GetBackendAcmeEab added in v6.5.0 

func GetBackendAcmeEab(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *BackendAcmeEabState, opts ...pulumi.ResourceOption) (*BackendAcmeEab, error)

GetBackendAcmeEab gets an existing BackendAcmeEab resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewBackendAcmeEab added in v6.5.0 

func NewBackendAcmeEab(ctx *pulumi.Context,
	name string, args *BackendAcmeEabArgs, opts ...pulumi.ResourceOption) (*BackendAcmeEab, error)

NewBackendAcmeEab registers a new resource with the given unique name, arguments, and options.

func (*BackendAcmeEab) ElementType added in v6.5.0 

func (*BackendAcmeEab) ElementType() reflect.Type

func (*BackendAcmeEab) ToBackendAcmeEabOutput added in v6.5.0 

func (i *BackendAcmeEab) ToBackendAcmeEabOutput() BackendAcmeEabOutput

func (*BackendAcmeEab) ToBackendAcmeEabOutputWithContext added in v6.5.0 

func (i *BackendAcmeEab) ToBackendAcmeEabOutputWithContext(ctx context.Context) BackendAcmeEabOutput

type BackendAcmeEabArgs added in v6.5.0 

type BackendAcmeEabArgs struct {
	// The path to the PKI secret backend to
	// create the EAB token within, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Create an EAB token that is specific to an issuer's ACME directory.
	Issuer pulumi.StringPtrInput
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Create an EAB token that is specific to a role's ACME directory.
	//
	// **NOTE**: Within Vault ACME there are different ACME directories which an EAB token is associated with;
	//
	// 1. Default directory (`pki/acme/`) - Do not specify a value for issuer nor role parameters.
	// 2. Issuer specific (`pki/issuer/:issuer_ref/acme/`) - Specify a value for the issuer parameter
	// 3. Role specific (`pki/roles/:role/acme/`) - Specify a value for the role parameter
	// 4. Issuer and Role specific (`pki/issuer/:issuer_ref/roles/:role/acme/`) - Specify a value for both the issuer and role parameters
	Role pulumi.StringPtrInput
}

The set of arguments for constructing a BackendAcmeEab resource.

func (BackendAcmeEabArgs) ElementType added in v6.5.0 

func (BackendAcmeEabArgs) ElementType() reflect.Type

type BackendAcmeEabArray added in v6.5.0 

type BackendAcmeEabArray []BackendAcmeEabInput

func (BackendAcmeEabArray) ElementType added in v6.5.0 

func (BackendAcmeEabArray) ElementType() reflect.Type

func (BackendAcmeEabArray) ToBackendAcmeEabArrayOutput added in v6.5.0 

func (i BackendAcmeEabArray) ToBackendAcmeEabArrayOutput() BackendAcmeEabArrayOutput

func (BackendAcmeEabArray) ToBackendAcmeEabArrayOutputWithContext added in v6.5.0 

func (i BackendAcmeEabArray) ToBackendAcmeEabArrayOutputWithContext(ctx context.Context) BackendAcmeEabArrayOutput

type BackendAcmeEabArrayInput added in v6.5.0 

type BackendAcmeEabArrayInput interface {
	pulumi.Input

	ToBackendAcmeEabArrayOutput() BackendAcmeEabArrayOutput
	ToBackendAcmeEabArrayOutputWithContext(context.Context) BackendAcmeEabArrayOutput
}

BackendAcmeEabArrayInput is an input type that accepts BackendAcmeEabArray and BackendAcmeEabArrayOutput values. You can construct a concrete instance of `BackendAcmeEabArrayInput` via: 

BackendAcmeEabArray{ BackendAcmeEabArgs{...} }

type BackendAcmeEabArrayOutput added in v6.5.0 

type BackendAcmeEabArrayOutput struct{ *pulumi.OutputState }

func (BackendAcmeEabArrayOutput) ElementType added in v6.5.0 

func (BackendAcmeEabArrayOutput) ElementType() reflect.Type

func (BackendAcmeEabArrayOutput) Index added in v6.5.0 

func (o BackendAcmeEabArrayOutput) Index(i pulumi.IntInput) BackendAcmeEabOutput

func (BackendAcmeEabArrayOutput) ToBackendAcmeEabArrayOutput added in v6.5.0 

func (o BackendAcmeEabArrayOutput) ToBackendAcmeEabArrayOutput() BackendAcmeEabArrayOutput

func (BackendAcmeEabArrayOutput) ToBackendAcmeEabArrayOutputWithContext added in v6.5.0 

func (o BackendAcmeEabArrayOutput) ToBackendAcmeEabArrayOutputWithContext(ctx context.Context) BackendAcmeEabArrayOutput

type BackendAcmeEabInput added in v6.5.0 

type BackendAcmeEabInput interface {
	pulumi.Input

	ToBackendAcmeEabOutput() BackendAcmeEabOutput
	ToBackendAcmeEabOutputWithContext(ctx context.Context) BackendAcmeEabOutput
}

type BackendAcmeEabMap added in v6.5.0 

type BackendAcmeEabMap map[string]BackendAcmeEabInput

func (BackendAcmeEabMap) ElementType added in v6.5.0 

func (BackendAcmeEabMap) ElementType() reflect.Type

func (BackendAcmeEabMap) ToBackendAcmeEabMapOutput added in v6.5.0 

func (i BackendAcmeEabMap) ToBackendAcmeEabMapOutput() BackendAcmeEabMapOutput

func (BackendAcmeEabMap) ToBackendAcmeEabMapOutputWithContext added in v6.5.0 

func (i BackendAcmeEabMap) ToBackendAcmeEabMapOutputWithContext(ctx context.Context) BackendAcmeEabMapOutput

type BackendAcmeEabMapInput added in v6.5.0 

type BackendAcmeEabMapInput interface {
	pulumi.Input

	ToBackendAcmeEabMapOutput() BackendAcmeEabMapOutput
	ToBackendAcmeEabMapOutputWithContext(context.Context) BackendAcmeEabMapOutput
}

BackendAcmeEabMapInput is an input type that accepts BackendAcmeEabMap and BackendAcmeEabMapOutput values. You can construct a concrete instance of `BackendAcmeEabMapInput` via: 

BackendAcmeEabMap{ "key": BackendAcmeEabArgs{...} }

type BackendAcmeEabMapOutput added in v6.5.0 

type BackendAcmeEabMapOutput struct{ *pulumi.OutputState }

func (BackendAcmeEabMapOutput) ElementType added in v6.5.0 

func (BackendAcmeEabMapOutput) ElementType() reflect.Type

func (BackendAcmeEabMapOutput) MapIndex added in v6.5.0 

func (o BackendAcmeEabMapOutput) MapIndex(k pulumi.StringInput) BackendAcmeEabOutput

func (BackendAcmeEabMapOutput) ToBackendAcmeEabMapOutput added in v6.5.0 

func (o BackendAcmeEabMapOutput) ToBackendAcmeEabMapOutput() BackendAcmeEabMapOutput

func (BackendAcmeEabMapOutput) ToBackendAcmeEabMapOutputWithContext added in v6.5.0 

func (o BackendAcmeEabMapOutput) ToBackendAcmeEabMapOutputWithContext(ctx context.Context) BackendAcmeEabMapOutput

type BackendAcmeEabOutput added in v6.5.0 

type BackendAcmeEabOutput struct{ *pulumi.OutputState }

func (BackendAcmeEabOutput) AcmeDirectory added in v6.5.0 

func (o BackendAcmeEabOutput) AcmeDirectory() pulumi.StringOutput

The ACME directory to which the key belongs

func (BackendAcmeEabOutput) Backend added in v6.5.0 

func (o BackendAcmeEabOutput) Backend() pulumi.StringOutput

The path to the PKI secret backend to create the EAB token within, with no leading or trailing `/`s.

func (BackendAcmeEabOutput) CreatedOn added in v6.5.0 

func (o BackendAcmeEabOutput) CreatedOn() pulumi.StringOutput

An RFC3339 formatted date time when the EAB token was created

func (BackendAcmeEabOutput) EabId added in v6.5.0 

func (o BackendAcmeEabOutput) EabId() pulumi.StringOutput

The identifier of a specific ACME EAB token

func (BackendAcmeEabOutput) ElementType added in v6.5.0 

func (BackendAcmeEabOutput) ElementType() reflect.Type

func (BackendAcmeEabOutput) Issuer added in v6.5.0 

func (o BackendAcmeEabOutput) Issuer() pulumi.StringPtrOutput

Create an EAB token that is specific to an issuer's ACME directory.

func (BackendAcmeEabOutput) Key added in v6.5.0 

func (o BackendAcmeEabOutput) Key() pulumi.StringOutput

The EAB token

func (BackendAcmeEabOutput) KeyType added in v6.5.0 

func (o BackendAcmeEabOutput) KeyType() pulumi.StringOutput

The key type of the EAB key

func (BackendAcmeEabOutput) Namespace added in v6.5.0 

func (o BackendAcmeEabOutput) Namespace() pulumi.StringPtrOutput

The namespace of the target resource. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (BackendAcmeEabOutput) Role added in v6.5.0 

func (o BackendAcmeEabOutput) Role() pulumi.StringPtrOutput

Create an EAB token that is specific to a role's ACME directory.

**NOTE**: Within Vault ACME there are different ACME directories which an EAB token is associated with;

1. Default directory (`pki/acme/`) - Do not specify a value for issuer nor role parameters. 2. Issuer specific (`pki/issuer/:issuer_ref/acme/`) - Specify a value for the issuer parameter 3. Role specific (`pki/roles/:role/acme/`) - Specify a value for the role parameter 4. Issuer and Role specific (`pki/issuer/:issuer_ref/roles/:role/acme/`) - Specify a value for both the issuer and role parameters

func (BackendAcmeEabOutput) ToBackendAcmeEabOutput added in v6.5.0 

func (o BackendAcmeEabOutput) ToBackendAcmeEabOutput() BackendAcmeEabOutput

func (BackendAcmeEabOutput) ToBackendAcmeEabOutputWithContext added in v6.5.0 

func (o BackendAcmeEabOutput) ToBackendAcmeEabOutputWithContext(ctx context.Context) BackendAcmeEabOutput

type BackendAcmeEabState added in v6.5.0 

type BackendAcmeEabState struct {
	// The ACME directory to which the key belongs
	AcmeDirectory pulumi.StringPtrInput
	// The path to the PKI secret backend to
	// create the EAB token within, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// An RFC3339 formatted date time when the EAB token was created
	CreatedOn pulumi.StringPtrInput
	// The identifier of a specific ACME EAB token
	EabId pulumi.StringPtrInput
	// Create an EAB token that is specific to an issuer's ACME directory.
	Issuer pulumi.StringPtrInput
	// The EAB token
	Key pulumi.StringPtrInput
	// The key type of the EAB key
	KeyType pulumi.StringPtrInput
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Create an EAB token that is specific to a role's ACME directory.
	//
	// **NOTE**: Within Vault ACME there are different ACME directories which an EAB token is associated with;
	//
	// 1. Default directory (`pki/acme/`) - Do not specify a value for issuer nor role parameters.
	// 2. Issuer specific (`pki/issuer/:issuer_ref/acme/`) - Specify a value for the issuer parameter
	// 3. Role specific (`pki/roles/:role/acme/`) - Specify a value for the role parameter
	// 4. Issuer and Role specific (`pki/issuer/:issuer_ref/roles/:role/acme/`) - Specify a value for both the issuer and role parameters
	Role pulumi.StringPtrInput
}

func (BackendAcmeEabState) ElementType added in v6.5.0 

func (BackendAcmeEabState) ElementType() reflect.Type

type BackendConfigAcme added in v6.5.0 

type BackendConfigAcme struct {
	pulumi.CustomResourceState

	// Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
	AllowRoleExtKeyUsage pulumi.BoolPtrOutput `pulumi:"allowRoleExtKeyUsage"`
	// Specifies which issuers are allowed for use with ACME.
	AllowedIssuers pulumi.StringArrayOutput `pulumi:"allowedIssuers"`
	// Specifies which roles are allowed for use with ACME.
	AllowedRoles pulumi.StringArrayOutput `pulumi:"allowedRoles"`
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the policy to be used for non-role-qualified ACME requests.
	// Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
	DefaultDirectoryPolicy pulumi.StringOutput `pulumi:"defaultDirectoryPolicy"`
	// DNS resolver to use for domain resolution on this mount.
	// Must be in the format `<host>:<port>`, with both parts mandatory.
	DnsResolver pulumi.StringPtrOutput `pulumi:"dnsResolver"`
	// Specifies the policy to use for external account binding behaviour.
	// Allowed values are `not-required`, `new-account-required` or `always-required`.
	EabPolicy pulumi.StringOutput `pulumi:"eabPolicy"`
	// Specifies whether ACME is enabled.
	Enabled pulumi.BoolOutput `pulumi:"enabled"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Allows setting the ACME server configuration used by specified mount.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("pki"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewBackendConfigCluster(ctx, "pki_config_cluster", &pkisecret.BackendConfigClusterArgs{
			Backend: pki.Path,
			Path:    pulumi.String("http://127.0.0.1:8200/v1/pki"),
			AiaPath: pulumi.String("http://127.0.0.1:8200/v1/pki"),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewBackendConfigAcme(ctx, "example", &pkisecret.BackendConfigAcmeArgs{
			Backend: pki.Path,
			Enabled: pulumi.Bool(true),
			AllowedIssuers: pulumi.StringArray{
				pulumi.String("*"),
			},
			AllowedRoles: pulumi.StringArray{
				pulumi.String("*"),
			},
			AllowRoleExtKeyUsage:   pulumi.Bool(false),
			DefaultDirectoryPolicy: pulumi.String("sign-verbatim"),
			DnsResolver:            pulumi.String(""),
			EabPolicy:              pulumi.String("not-required"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

The ACME configuration can be imported using the resource's `id`. In the case of the example above the `id` would be `pki/config/acme`, where the `pki` component is the resource's `backend`, e.g.

```sh $ pulumi import vault:pkiSecret/backendConfigAcme:BackendConfigAcme example pki/config/acme ```

func GetBackendConfigAcme added in v6.5.0 

func GetBackendConfigAcme(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *BackendConfigAcmeState, opts ...pulumi.ResourceOption) (*BackendConfigAcme, error)

GetBackendConfigAcme gets an existing BackendConfigAcme resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewBackendConfigAcme added in v6.5.0 

func NewBackendConfigAcme(ctx *pulumi.Context,
	name string, args *BackendConfigAcmeArgs, opts ...pulumi.ResourceOption) (*BackendConfigAcme, error)

NewBackendConfigAcme registers a new resource with the given unique name, arguments, and options.

func (*BackendConfigAcme) ElementType added in v6.5.0 

func (*BackendConfigAcme) ElementType() reflect.Type

func (*BackendConfigAcme) ToBackendConfigAcmeOutput added in v6.5.0 

func (i *BackendConfigAcme) ToBackendConfigAcmeOutput() BackendConfigAcmeOutput

func (*BackendConfigAcme) ToBackendConfigAcmeOutputWithContext added in v6.5.0 

func (i *BackendConfigAcme) ToBackendConfigAcmeOutputWithContext(ctx context.Context) BackendConfigAcmeOutput

type BackendConfigAcmeArgs added in v6.5.0 

type BackendConfigAcmeArgs struct {
	// Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
	AllowRoleExtKeyUsage pulumi.BoolPtrInput
	// Specifies which issuers are allowed for use with ACME.
	AllowedIssuers pulumi.StringArrayInput
	// Specifies which roles are allowed for use with ACME.
	AllowedRoles pulumi.StringArrayInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the policy to be used for non-role-qualified ACME requests.
	// Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
	DefaultDirectoryPolicy pulumi.StringPtrInput
	// DNS resolver to use for domain resolution on this mount.
	// Must be in the format `<host>:<port>`, with both parts mandatory.
	DnsResolver pulumi.StringPtrInput
	// Specifies the policy to use for external account binding behaviour.
	// Allowed values are `not-required`, `new-account-required` or `always-required`.
	EabPolicy pulumi.StringPtrInput
	// Specifies whether ACME is enabled.
	Enabled pulumi.BoolInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a BackendConfigAcme resource.

func (BackendConfigAcmeArgs) ElementType added in v6.5.0 

func (BackendConfigAcmeArgs) ElementType() reflect.Type

type BackendConfigAcmeArray added in v6.5.0 

type BackendConfigAcmeArray []BackendConfigAcmeInput

func (BackendConfigAcmeArray) ElementType added in v6.5.0 

func (BackendConfigAcmeArray) ElementType() reflect.Type

func (BackendConfigAcmeArray) ToBackendConfigAcmeArrayOutput added in v6.5.0 

func (i BackendConfigAcmeArray) ToBackendConfigAcmeArrayOutput() BackendConfigAcmeArrayOutput

func (BackendConfigAcmeArray) ToBackendConfigAcmeArrayOutputWithContext added in v6.5.0 

func (i BackendConfigAcmeArray) ToBackendConfigAcmeArrayOutputWithContext(ctx context.Context) BackendConfigAcmeArrayOutput

type BackendConfigAcmeArrayInput added in v6.5.0 

type BackendConfigAcmeArrayInput interface {
	pulumi.Input

	ToBackendConfigAcmeArrayOutput() BackendConfigAcmeArrayOutput
	ToBackendConfigAcmeArrayOutputWithContext(context.Context) BackendConfigAcmeArrayOutput
}

BackendConfigAcmeArrayInput is an input type that accepts BackendConfigAcmeArray and BackendConfigAcmeArrayOutput values. You can construct a concrete instance of `BackendConfigAcmeArrayInput` via: 

BackendConfigAcmeArray{ BackendConfigAcmeArgs{...} }

type BackendConfigAcmeArrayOutput added in v6.5.0 

type BackendConfigAcmeArrayOutput struct{ *pulumi.OutputState }

func (BackendConfigAcmeArrayOutput) ElementType added in v6.5.0 

func (BackendConfigAcmeArrayOutput) ElementType() reflect.Type

func (BackendConfigAcmeArrayOutput) Index added in v6.5.0 

func (o BackendConfigAcmeArrayOutput) Index(i pulumi.IntInput) BackendConfigAcmeOutput

func (BackendConfigAcmeArrayOutput) ToBackendConfigAcmeArrayOutput added in v6.5.0 

func (o BackendConfigAcmeArrayOutput) ToBackendConfigAcmeArrayOutput() BackendConfigAcmeArrayOutput

func (BackendConfigAcmeArrayOutput) ToBackendConfigAcmeArrayOutputWithContext added in v6.5.0 

func (o BackendConfigAcmeArrayOutput) ToBackendConfigAcmeArrayOutputWithContext(ctx context.Context) BackendConfigAcmeArrayOutput

type BackendConfigAcmeInput added in v6.5.0 

type BackendConfigAcmeInput interface {
	pulumi.Input

	ToBackendConfigAcmeOutput() BackendConfigAcmeOutput
	ToBackendConfigAcmeOutputWithContext(ctx context.Context) BackendConfigAcmeOutput
}

type BackendConfigAcmeMap added in v6.5.0 

type BackendConfigAcmeMap map[string]BackendConfigAcmeInput

func (BackendConfigAcmeMap) ElementType added in v6.5.0 

func (BackendConfigAcmeMap) ElementType() reflect.Type

func (BackendConfigAcmeMap) ToBackendConfigAcmeMapOutput added in v6.5.0 

func (i BackendConfigAcmeMap) ToBackendConfigAcmeMapOutput() BackendConfigAcmeMapOutput

func (BackendConfigAcmeMap) ToBackendConfigAcmeMapOutputWithContext added in v6.5.0 

func (i BackendConfigAcmeMap) ToBackendConfigAcmeMapOutputWithContext(ctx context.Context) BackendConfigAcmeMapOutput

type BackendConfigAcmeMapInput added in v6.5.0 

type BackendConfigAcmeMapInput interface {
	pulumi.Input

	ToBackendConfigAcmeMapOutput() BackendConfigAcmeMapOutput
	ToBackendConfigAcmeMapOutputWithContext(context.Context) BackendConfigAcmeMapOutput
}

BackendConfigAcmeMapInput is an input type that accepts BackendConfigAcmeMap and BackendConfigAcmeMapOutput values. You can construct a concrete instance of `BackendConfigAcmeMapInput` via: 

BackendConfigAcmeMap{ "key": BackendConfigAcmeArgs{...} }

type BackendConfigAcmeMapOutput added in v6.5.0 

type BackendConfigAcmeMapOutput struct{ *pulumi.OutputState }

func (BackendConfigAcmeMapOutput) ElementType added in v6.5.0 

func (BackendConfigAcmeMapOutput) ElementType() reflect.Type

func (BackendConfigAcmeMapOutput) MapIndex added in v6.5.0 

func (o BackendConfigAcmeMapOutput) MapIndex(k pulumi.StringInput) BackendConfigAcmeOutput

func (BackendConfigAcmeMapOutput) ToBackendConfigAcmeMapOutput added in v6.5.0 

func (o BackendConfigAcmeMapOutput) ToBackendConfigAcmeMapOutput() BackendConfigAcmeMapOutput

func (BackendConfigAcmeMapOutput) ToBackendConfigAcmeMapOutputWithContext added in v6.5.0 

func (o BackendConfigAcmeMapOutput) ToBackendConfigAcmeMapOutputWithContext(ctx context.Context) BackendConfigAcmeMapOutput

type BackendConfigAcmeOutput added in v6.5.0 

type BackendConfigAcmeOutput struct{ *pulumi.OutputState }

func (BackendConfigAcmeOutput) AllowRoleExtKeyUsage added in v6.5.0 

func (o BackendConfigAcmeOutput) AllowRoleExtKeyUsage() pulumi.BoolPtrOutput

Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**

func (BackendConfigAcmeOutput) AllowedIssuers added in v6.5.0 

func (o BackendConfigAcmeOutput) AllowedIssuers() pulumi.StringArrayOutput

Specifies which issuers are allowed for use with ACME.

func (BackendConfigAcmeOutput) AllowedRoles added in v6.5.0 

func (o BackendConfigAcmeOutput) AllowedRoles() pulumi.StringArrayOutput

Specifies which roles are allowed for use with ACME.

func (BackendConfigAcmeOutput) Backend added in v6.5.0 

func (o BackendConfigAcmeOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (BackendConfigAcmeOutput) DefaultDirectoryPolicy added in v6.5.0 

func (o BackendConfigAcmeOutput) DefaultDirectoryPolicy() pulumi.StringOutput

Specifies the policy to be used for non-role-qualified ACME requests. Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.

func (BackendConfigAcmeOutput) DnsResolver added in v6.5.0 

func (o BackendConfigAcmeOutput) DnsResolver() pulumi.StringPtrOutput

DNS resolver to use for domain resolution on this mount. Must be in the format `<host>:<port>`, with both parts mandatory.

func (BackendConfigAcmeOutput) EabPolicy added in v6.5.0 

func (o BackendConfigAcmeOutput) EabPolicy() pulumi.StringOutput

Specifies the policy to use for external account binding behaviour. Allowed values are `not-required`, `new-account-required` or `always-required`.

func (BackendConfigAcmeOutput) ElementType added in v6.5.0 

func (BackendConfigAcmeOutput) ElementType() reflect.Type

func (BackendConfigAcmeOutput) Enabled added in v6.5.0 

func (o BackendConfigAcmeOutput) Enabled() pulumi.BoolOutput

Specifies whether ACME is enabled.

func (BackendConfigAcmeOutput) Namespace added in v6.5.0 

func (o BackendConfigAcmeOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*.

func (BackendConfigAcmeOutput) ToBackendConfigAcmeOutput added in v6.5.0 

func (o BackendConfigAcmeOutput) ToBackendConfigAcmeOutput() BackendConfigAcmeOutput

func (BackendConfigAcmeOutput) ToBackendConfigAcmeOutputWithContext added in v6.5.0 

func (o BackendConfigAcmeOutput) ToBackendConfigAcmeOutputWithContext(ctx context.Context) BackendConfigAcmeOutput

type BackendConfigAcmeState added in v6.5.0 

type BackendConfigAcmeState struct {
	// Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
	AllowRoleExtKeyUsage pulumi.BoolPtrInput
	// Specifies which issuers are allowed for use with ACME.
	AllowedIssuers pulumi.StringArrayInput
	// Specifies which roles are allowed for use with ACME.
	AllowedRoles pulumi.StringArrayInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the policy to be used for non-role-qualified ACME requests.
	// Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
	DefaultDirectoryPolicy pulumi.StringPtrInput
	// DNS resolver to use for domain resolution on this mount.
	// Must be in the format `<host>:<port>`, with both parts mandatory.
	DnsResolver pulumi.StringPtrInput
	// Specifies the policy to use for external account binding behaviour.
	// Allowed values are `not-required`, `new-account-required` or `always-required`.
	EabPolicy pulumi.StringPtrInput
	// Specifies whether ACME is enabled.
	Enabled pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (BackendConfigAcmeState) ElementType added in v6.5.0 

func (BackendConfigAcmeState) ElementType() reflect.Type

type BackendConfigCluster 

type BackendConfigCluster struct {
	pulumi.CustomResourceState

	// Specifies the path to this performance replication cluster's AIA distribution point.
	AiaPath pulumi.StringPtrOutput `pulumi:"aiaPath"`
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the path to this performance replication cluster's API mount path.
	Path pulumi.StringPtrOutput `pulumi:"path"`
}

Allows setting the cluster-local's API mount path and AIA distribution point on a particular performance replication cluster.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		root, err := vault.NewMount(ctx, "root", &vault.MountArgs{
			Path:                   pulumi.String("pki-root"),
			Type:                   pulumi.String("pki"),
			Description:            pulumi.String("root PKI"),
			DefaultLeaseTtlSeconds: pulumi.Int(8640000),
			MaxLeaseTtlSeconds:     pulumi.Int(8640000),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewBackendConfigCluster(ctx, "example", &pkisecret.BackendConfigClusterArgs{
			Backend: root.Path,
			Path:    pulumi.String("http://127.0.0.1:8200/v1/pki-root"),
			AiaPath: pulumi.String("http://127.0.0.1:8200/v1/pki-root"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

The PKI config cluster can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/cluster`, where the `pki-root` component is the resource's `backend`, e.g.

```sh $ pulumi import vault:pkiSecret/backendConfigCluster:BackendConfigCluster example pki-root/config/cluster ```

func GetBackendConfigCluster 

func GetBackendConfigCluster(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *BackendConfigClusterState, opts ...pulumi.ResourceOption) (*BackendConfigCluster, error)

GetBackendConfigCluster gets an existing BackendConfigCluster resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewBackendConfigCluster 

func NewBackendConfigCluster(ctx *pulumi.Context,
	name string, args *BackendConfigClusterArgs, opts ...pulumi.ResourceOption) (*BackendConfigCluster, error)

NewBackendConfigCluster registers a new resource with the given unique name, arguments, and options.

func (*BackendConfigCluster) ElementType 

func (*BackendConfigCluster) ElementType() reflect.Type

func (*BackendConfigCluster) ToBackendConfigClusterOutput 

func (i *BackendConfigCluster) ToBackendConfigClusterOutput() BackendConfigClusterOutput

func (*BackendConfigCluster) ToBackendConfigClusterOutputWithContext 

func (i *BackendConfigCluster) ToBackendConfigClusterOutputWithContext(ctx context.Context) BackendConfigClusterOutput

type BackendConfigClusterArgs 

type BackendConfigClusterArgs struct {
	// Specifies the path to this performance replication cluster's AIA distribution point.
	AiaPath pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the path to this performance replication cluster's API mount path.
	Path pulumi.StringPtrInput
}

The set of arguments for constructing a BackendConfigCluster resource.

func (BackendConfigClusterArgs) ElementType 

func (BackendConfigClusterArgs) ElementType() reflect.Type

type BackendConfigClusterArray 

type BackendConfigClusterArray []BackendConfigClusterInput

func (BackendConfigClusterArray) ElementType 

func (BackendConfigClusterArray) ElementType() reflect.Type

func (BackendConfigClusterArray) ToBackendConfigClusterArrayOutput 

func (i BackendConfigClusterArray) ToBackendConfigClusterArrayOutput() BackendConfigClusterArrayOutput

func (BackendConfigClusterArray) ToBackendConfigClusterArrayOutputWithContext 

func (i BackendConfigClusterArray) ToBackendConfigClusterArrayOutputWithContext(ctx context.Context) BackendConfigClusterArrayOutput

type BackendConfigClusterArrayInput 

type BackendConfigClusterArrayInput interface {
	pulumi.Input

	ToBackendConfigClusterArrayOutput() BackendConfigClusterArrayOutput
	ToBackendConfigClusterArrayOutputWithContext(context.Context) BackendConfigClusterArrayOutput
}

BackendConfigClusterArrayInput is an input type that accepts BackendConfigClusterArray and BackendConfigClusterArrayOutput values. You can construct a concrete instance of `BackendConfigClusterArrayInput` via: 

BackendConfigClusterArray{ BackendConfigClusterArgs{...} }

type BackendConfigClusterArrayOutput 

type BackendConfigClusterArrayOutput struct{ *pulumi.OutputState }

func (BackendConfigClusterArrayOutput) ElementType 

func (BackendConfigClusterArrayOutput) ElementType() reflect.Type

func (BackendConfigClusterArrayOutput) Index 

func (o BackendConfigClusterArrayOutput) Index(i pulumi.IntInput) BackendConfigClusterOutput

func (BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutput 

func (o BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutput() BackendConfigClusterArrayOutput

func (BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutputWithContext 

func (o BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutputWithContext(ctx context.Context) BackendConfigClusterArrayOutput

type BackendConfigClusterInput 

type BackendConfigClusterInput interface {
	pulumi.Input

	ToBackendConfigClusterOutput() BackendConfigClusterOutput
	ToBackendConfigClusterOutputWithContext(ctx context.Context) BackendConfigClusterOutput
}

type BackendConfigClusterMap 

type BackendConfigClusterMap map[string]BackendConfigClusterInput

func (BackendConfigClusterMap) ElementType 

func (BackendConfigClusterMap) ElementType() reflect.Type

func (BackendConfigClusterMap) ToBackendConfigClusterMapOutput 

func (i BackendConfigClusterMap) ToBackendConfigClusterMapOutput() BackendConfigClusterMapOutput

func (BackendConfigClusterMap) ToBackendConfigClusterMapOutputWithContext 

func (i BackendConfigClusterMap) ToBackendConfigClusterMapOutputWithContext(ctx context.Context) BackendConfigClusterMapOutput

type BackendConfigClusterMapInput 

type BackendConfigClusterMapInput interface {
	pulumi.Input

	ToBackendConfigClusterMapOutput() BackendConfigClusterMapOutput
	ToBackendConfigClusterMapOutputWithContext(context.Context) BackendConfigClusterMapOutput
}

BackendConfigClusterMapInput is an input type that accepts BackendConfigClusterMap and BackendConfigClusterMapOutput values. You can construct a concrete instance of `BackendConfigClusterMapInput` via: 

BackendConfigClusterMap{ "key": BackendConfigClusterArgs{...} }

type BackendConfigClusterMapOutput 

type BackendConfigClusterMapOutput struct{ *pulumi.OutputState }

func (BackendConfigClusterMapOutput) ElementType 

func (BackendConfigClusterMapOutput) ElementType() reflect.Type

func (BackendConfigClusterMapOutput) MapIndex 

func (o BackendConfigClusterMapOutput) MapIndex(k pulumi.StringInput) BackendConfigClusterOutput

func (BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutput 

func (o BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutput() BackendConfigClusterMapOutput

func (BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutputWithContext 

func (o BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutputWithContext(ctx context.Context) BackendConfigClusterMapOutput

type BackendConfigClusterOutput 

type BackendConfigClusterOutput struct{ *pulumi.OutputState }

func (BackendConfigClusterOutput) AiaPath 

func (o BackendConfigClusterOutput) AiaPath() pulumi.StringPtrOutput

Specifies the path to this performance replication cluster's AIA distribution point.

func (BackendConfigClusterOutput) Backend 

func (o BackendConfigClusterOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (BackendConfigClusterOutput) ElementType 

func (BackendConfigClusterOutput) ElementType() reflect.Type

func (BackendConfigClusterOutput) Namespace 

func (o BackendConfigClusterOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (BackendConfigClusterOutput) Path 

func (o BackendConfigClusterOutput) Path() pulumi.StringPtrOutput

Specifies the path to this performance replication cluster's API mount path.

func (BackendConfigClusterOutput) ToBackendConfigClusterOutput 

func (o BackendConfigClusterOutput) ToBackendConfigClusterOutput() BackendConfigClusterOutput

func (BackendConfigClusterOutput) ToBackendConfigClusterOutputWithContext 

func (o BackendConfigClusterOutput) ToBackendConfigClusterOutputWithContext(ctx context.Context) BackendConfigClusterOutput

type BackendConfigClusterState 

type BackendConfigClusterState struct {
	// Specifies the path to this performance replication cluster's AIA distribution point.
	AiaPath pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the path to this performance replication cluster's API mount path.
	Path pulumi.StringPtrInput
}

func (BackendConfigClusterState) ElementType 

func (BackendConfigClusterState) ElementType() reflect.Type

type BackendConfigCmpv2 added in v6.5.0 

type BackendConfigCmpv2 struct {
	pulumi.CustomResourceState

	// Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
	//
	// <a id="nestedatt--authenticators"></a>
	AuditFields pulumi.StringArrayOutput `pulumi:"auditFields"`
	// Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
	Authenticators BackendConfigCmpv2AuthenticatorsOutput `pulumi:"authenticators"`
	// The path to the PKI secret backend to
	// read the CMPv2 configuration from, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
	DefaultPathPolicy pulumi.StringPtrOutput `pulumi:"defaultPathPolicy"`
	// If set, parse out fields from the provided CSR making them available for Sentinel policies.
	EnableSentinelParsing pulumi.BoolPtrOutput `pulumi:"enableSentinelParsing"`
	// Specifies whether CMPv2 is enabled.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// A read-only timestamp representing the last time the configuration was updated.
	LastUpdated pulumi.StringOutput `pulumi:"lastUpdated"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Allows setting the CMPv2 configuration on a PKI Secret Backend

## Import

The PKI config cluster can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/cmpv2`, where the `pki-root` component is the resource's `backend`, e.g.

```sh $ pulumi import vault:pkiSecret/backendConfigCmpv2:BackendConfigCmpv2 example pki-root/config/cmpv2 ```

func GetBackendConfigCmpv2 added in v6.5.0 

func GetBackendConfigCmpv2(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *BackendConfigCmpv2State, opts ...pulumi.ResourceOption) (*BackendConfigCmpv2, error)

GetBackendConfigCmpv2 gets an existing BackendConfigCmpv2 resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewBackendConfigCmpv2 added in v6.5.0 

func NewBackendConfigCmpv2(ctx *pulumi.Context,
	name string, args *BackendConfigCmpv2Args, opts ...pulumi.ResourceOption) (*BackendConfigCmpv2, error)

NewBackendConfigCmpv2 registers a new resource with the given unique name, arguments, and options.

func (*BackendConfigCmpv2) ElementType added in v6.5.0 

func (*BackendConfigCmpv2) ElementType() reflect.Type

func (*BackendConfigCmpv2) ToBackendConfigCmpv2Output added in v6.5.0 

func (i *BackendConfigCmpv2) ToBackendConfigCmpv2Output() BackendConfigCmpv2Output

func (*BackendConfigCmpv2) ToBackendConfigCmpv2OutputWithContext added in v6.5.0 

func (i *BackendConfigCmpv2) ToBackendConfigCmpv2OutputWithContext(ctx context.Context) BackendConfigCmpv2Output

type BackendConfigCmpv2Args added in v6.5.0 

type BackendConfigCmpv2Args struct {
	// Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
	//
	// <a id="nestedatt--authenticators"></a>
	AuditFields pulumi.StringArrayInput
	// Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
	Authenticators BackendConfigCmpv2AuthenticatorsPtrInput
	// The path to the PKI secret backend to
	// read the CMPv2 configuration from, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
	DefaultPathPolicy pulumi.StringPtrInput
	// If set, parse out fields from the provided CSR making them available for Sentinel policies.
	EnableSentinelParsing pulumi.BoolPtrInput
	// Specifies whether CMPv2 is enabled.
	Enabled pulumi.BoolPtrInput
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a BackendConfigCmpv2 resource.

func (BackendConfigCmpv2Args) ElementType added in v6.5.0 

func (BackendConfigCmpv2Args) ElementType() reflect.Type

type BackendConfigCmpv2Array added in v6.5.0 

type BackendConfigCmpv2Array []BackendConfigCmpv2Input

func (BackendConfigCmpv2Array) ElementType added in v6.5.0 

func (BackendConfigCmpv2Array) ElementType() reflect.Type

func (BackendConfigCmpv2Array) ToBackendConfigCmpv2ArrayOutput added in v6.5.0 

func (i BackendConfigCmpv2Array) ToBackendConfigCmpv2ArrayOutput() BackendConfigCmpv2ArrayOutput

func (BackendConfigCmpv2Array) ToBackendConfigCmpv2ArrayOutputWithContext added in v6.5.0 

func (i BackendConfigCmpv2Array) ToBackendConfigCmpv2ArrayOutputWithContext(ctx context.Context) BackendConfigCmpv2ArrayOutput

type BackendConfigCmpv2ArrayInput added in v6.5.0 

type BackendConfigCmpv2ArrayInput interface {
	pulumi.Input

	ToBackendConfigCmpv2ArrayOutput() BackendConfigCmpv2ArrayOutput
	ToBackendConfigCmpv2ArrayOutputWithContext(context.Context) BackendConfigCmpv2ArrayOutput
}

BackendConfigCmpv2ArrayInput is an input type that accepts BackendConfigCmpv2Array and BackendConfigCmpv2ArrayOutput values. You can construct a concrete instance of `BackendConfigCmpv2ArrayInput` via: 

BackendConfigCmpv2Array{ BackendConfigCmpv2Args{...} }

type BackendConfigCmpv2ArrayOutput added in v6.5.0 

type BackendConfigCmpv2ArrayOutput struct{ *pulumi.OutputState }

func (BackendConfigCmpv2ArrayOutput) ElementType added in v6.5.0 

func (BackendConfigCmpv2ArrayOutput) ElementType() reflect.Type

func (BackendConfigCmpv2ArrayOutput) Index added in v6.5.0 

func (o BackendConfigCmpv2ArrayOutput) Index(i pulumi.IntInput) BackendConfigCmpv2Output

func (BackendConfigCmpv2ArrayOutput) ToBackendConfigCmpv2ArrayOutput added in v6.5.0 

func (o BackendConfigCmpv2ArrayOutput) ToBackendConfigCmpv2ArrayOutput() BackendConfigCmpv2ArrayOutput

func (BackendConfigCmpv2ArrayOutput) ToBackendConfigCmpv2ArrayOutputWithContext added in v6.5.0 

func (o BackendConfigCmpv2ArrayOutput) ToBackendConfigCmpv2ArrayOutputWithContext(ctx context.Context) BackendConfigCmpv2ArrayOutput

type BackendConfigCmpv2Authenticators added in v6.5.0 

type BackendConfigCmpv2Authenticators struct {
	// "The accessor (required) and certRole (optional) properties for cert auth backends".
	Cert map[string]string `pulumi:"cert"`
}

type BackendConfigCmpv2AuthenticatorsArgs added in v6.5.0 

type BackendConfigCmpv2AuthenticatorsArgs struct {
	// "The accessor (required) and certRole (optional) properties for cert auth backends".
	Cert pulumi.StringMapInput `pulumi:"cert"`
}

func (BackendConfigCmpv2AuthenticatorsArgs) ElementType added in v6.5.0 

func (BackendConfigCmpv2AuthenticatorsArgs) ElementType() reflect.Type

func (BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsOutput added in v6.5.0 

func (i BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsOutput() BackendConfigCmpv2AuthenticatorsOutput

func (BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsOutputWithContext added in v6.5.0 

func (i BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsOutputWithContext(ctx context.Context) BackendConfigCmpv2AuthenticatorsOutput

func (BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsPtrOutput added in v6.5.0 

func (i BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsPtrOutput() BackendConfigCmpv2AuthenticatorsPtrOutput

func (BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsPtrOutputWithContext added in v6.5.0 

func (i BackendConfigCmpv2AuthenticatorsArgs) ToBackendConfigCmpv2AuthenticatorsPtrOutputWithContext(ctx context.Context) BackendConfigCmpv2AuthenticatorsPtrOutput

type BackendConfigCmpv2AuthenticatorsInput added in v6.5.0 

type BackendConfigCmpv2AuthenticatorsInput interface {
	pulumi.Input

	ToBackendConfigCmpv2AuthenticatorsOutput() BackendConfigCmpv2AuthenticatorsOutput
	ToBackendConfigCmpv2AuthenticatorsOutputWithContext(context.Context) BackendConfigCmpv2AuthenticatorsOutput
}

BackendConfigCmpv2AuthenticatorsInput is an input type that accepts BackendConfigCmpv2AuthenticatorsArgs and BackendConfigCmpv2AuthenticatorsOutput values. You can construct a concrete instance of `BackendConfigCmpv2AuthenticatorsInput` via: 

BackendConfigCmpv2AuthenticatorsArgs{...}

type BackendConfigCmpv2AuthenticatorsOutput added in v6.5.0 

type BackendConfigCmpv2AuthenticatorsOutput struct{ *pulumi.OutputState }

func (BackendConfigCmpv2AuthenticatorsOutput) Cert added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsOutput) Cert() pulumi.StringMapOutput

"The accessor (required) and certRole (optional) properties for cert auth backends".

func (BackendConfigCmpv2AuthenticatorsOutput) ElementType added in v6.5.0 

func (BackendConfigCmpv2AuthenticatorsOutput) ElementType() reflect.Type

func (BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsOutput added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsOutput() BackendConfigCmpv2AuthenticatorsOutput

func (BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsOutputWithContext added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsOutputWithContext(ctx context.Context) BackendConfigCmpv2AuthenticatorsOutput

func (BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutput added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutput() BackendConfigCmpv2AuthenticatorsPtrOutput

func (BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutputWithContext added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutputWithContext(ctx context.Context) BackendConfigCmpv2AuthenticatorsPtrOutput

type BackendConfigCmpv2AuthenticatorsPtrInput added in v6.5.0 

type BackendConfigCmpv2AuthenticatorsPtrInput interface {
	pulumi.Input

	ToBackendConfigCmpv2AuthenticatorsPtrOutput() BackendConfigCmpv2AuthenticatorsPtrOutput
	ToBackendConfigCmpv2AuthenticatorsPtrOutputWithContext(context.Context) BackendConfigCmpv2AuthenticatorsPtrOutput
}

BackendConfigCmpv2AuthenticatorsPtrInput is an input type that accepts BackendConfigCmpv2AuthenticatorsArgs, BackendConfigCmpv2AuthenticatorsPtr and BackendConfigCmpv2AuthenticatorsPtrOutput values. You can construct a concrete instance of `BackendConfigCmpv2AuthenticatorsPtrInput` via: 

        BackendConfigCmpv2AuthenticatorsArgs{...}

or:

        nil

func BackendConfigCmpv2AuthenticatorsPtr added in v6.5.0 

func BackendConfigCmpv2AuthenticatorsPtr(v *BackendConfigCmpv2AuthenticatorsArgs) BackendConfigCmpv2AuthenticatorsPtrInput

type BackendConfigCmpv2AuthenticatorsPtrOutput added in v6.5.0 

type BackendConfigCmpv2AuthenticatorsPtrOutput struct{ *pulumi.OutputState }

func (BackendConfigCmpv2AuthenticatorsPtrOutput) Cert added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsPtrOutput) Cert() pulumi.StringMapOutput

"The accessor (required) and certRole (optional) properties for cert auth backends".

func (BackendConfigCmpv2AuthenticatorsPtrOutput) Elem added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsPtrOutput) Elem() BackendConfigCmpv2AuthenticatorsOutput

func (BackendConfigCmpv2AuthenticatorsPtrOutput) ElementType added in v6.5.0 

func (BackendConfigCmpv2AuthenticatorsPtrOutput) ElementType() reflect.Type

func (BackendConfigCmpv2AuthenticatorsPtrOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutput added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsPtrOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutput() BackendConfigCmpv2AuthenticatorsPtrOutput

func (BackendConfigCmpv2AuthenticatorsPtrOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutputWithContext added in v6.5.0 

func (o BackendConfigCmpv2AuthenticatorsPtrOutput) ToBackendConfigCmpv2AuthenticatorsPtrOutputWithContext(ctx context.Context) BackendConfigCmpv2AuthenticatorsPtrOutput

type BackendConfigCmpv2Input added in v6.5.0 

type BackendConfigCmpv2Input interface {
	pulumi.Input

	ToBackendConfigCmpv2Output() BackendConfigCmpv2Output
	ToBackendConfigCmpv2OutputWithContext(ctx context.Context) BackendConfigCmpv2Output
}

type BackendConfigCmpv2Map added in v6.5.0 

type BackendConfigCmpv2Map map[string]BackendConfigCmpv2Input

func (BackendConfigCmpv2Map) ElementType added in v6.5.0 

func (BackendConfigCmpv2Map) ElementType() reflect.Type

func (BackendConfigCmpv2Map) ToBackendConfigCmpv2MapOutput added in v6.5.0 

func (i BackendConfigCmpv2Map) ToBackendConfigCmpv2MapOutput() BackendConfigCmpv2MapOutput

func (BackendConfigCmpv2Map) ToBackendConfigCmpv2MapOutputWithContext added in v6.5.0 

func (i BackendConfigCmpv2Map) ToBackendConfigCmpv2MapOutputWithContext(ctx context.Context) BackendConfigCmpv2MapOutput

type BackendConfigCmpv2MapInput added in v6.5.0 

type BackendConfigCmpv2MapInput interface {
	pulumi.Input

	ToBackendConfigCmpv2MapOutput() BackendConfigCmpv2MapOutput
	ToBackendConfigCmpv2MapOutputWithContext(context.Context) BackendConfigCmpv2MapOutput
}

BackendConfigCmpv2MapInput is an input type that accepts BackendConfigCmpv2Map and BackendConfigCmpv2MapOutput values. You can construct a concrete instance of `BackendConfigCmpv2MapInput` via: 

BackendConfigCmpv2Map{ "key": BackendConfigCmpv2Args{...} }

type BackendConfigCmpv2MapOutput added in v6.5.0 

type BackendConfigCmpv2MapOutput struct{ *pulumi.OutputState }

func (BackendConfigCmpv2MapOutput) ElementType added in v6.5.0 

func (BackendConfigCmpv2MapOutput) ElementType() reflect.Type

func (BackendConfigCmpv2MapOutput) MapIndex added in v6.5.0 

func (o BackendConfigCmpv2MapOutput) MapIndex(k pulumi.StringInput) BackendConfigCmpv2Output

func (BackendConfigCmpv2MapOutput) ToBackendConfigCmpv2MapOutput added in v6.5.0 

func (o BackendConfigCmpv2MapOutput) ToBackendConfigCmpv2MapOutput() BackendConfigCmpv2MapOutput

func (BackendConfigCmpv2MapOutput) ToBackendConfigCmpv2MapOutputWithContext added in v6.5.0 

func (o BackendConfigCmpv2MapOutput) ToBackendConfigCmpv2MapOutputWithContext(ctx context.Context) BackendConfigCmpv2MapOutput

type BackendConfigCmpv2Output added in v6.5.0 

type BackendConfigCmpv2Output struct{ *pulumi.OutputState }

func (BackendConfigCmpv2Output) AuditFields added in v6.5.0 

func (o BackendConfigCmpv2Output) AuditFields() pulumi.StringArrayOutput

Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.

<a id="nestedatt--authenticators"></a>

func (BackendConfigCmpv2Output) Authenticators added in v6.5.0 

func (o BackendConfigCmpv2Output) Authenticators() BackendConfigCmpv2AuthenticatorsOutput

Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).

func (BackendConfigCmpv2Output) Backend added in v6.5.0 

func (o BackendConfigCmpv2Output) Backend() pulumi.StringOutput

The path to the PKI secret backend to read the CMPv2 configuration from, with no leading or trailing `/`s.

func (BackendConfigCmpv2Output) DefaultPathPolicy added in v6.5.0 

func (o BackendConfigCmpv2Output) DefaultPathPolicy() pulumi.StringPtrOutput

Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.

func (BackendConfigCmpv2Output) ElementType added in v6.5.0 

func (BackendConfigCmpv2Output) ElementType() reflect.Type

func (BackendConfigCmpv2Output) EnableSentinelParsing added in v6.5.0 

func (o BackendConfigCmpv2Output) EnableSentinelParsing() pulumi.BoolPtrOutput

If set, parse out fields from the provided CSR making them available for Sentinel policies.

func (BackendConfigCmpv2Output) Enabled added in v6.5.0 

func (o BackendConfigCmpv2Output) Enabled() pulumi.BoolPtrOutput

Specifies whether CMPv2 is enabled.

func (BackendConfigCmpv2Output) LastUpdated added in v6.5.0 

func (o BackendConfigCmpv2Output) LastUpdated() pulumi.StringOutput

A read-only timestamp representing the last time the configuration was updated.

func (BackendConfigCmpv2Output) Namespace added in v6.5.0 

func (o BackendConfigCmpv2Output) Namespace() pulumi.StringPtrOutput

The namespace of the target resource. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (BackendConfigCmpv2Output) ToBackendConfigCmpv2Output added in v6.5.0 

func (o BackendConfigCmpv2Output) ToBackendConfigCmpv2Output() BackendConfigCmpv2Output

func (BackendConfigCmpv2Output) ToBackendConfigCmpv2OutputWithContext added in v6.5.0 

func (o BackendConfigCmpv2Output) ToBackendConfigCmpv2OutputWithContext(ctx context.Context) BackendConfigCmpv2Output

type BackendConfigCmpv2State added in v6.5.0 

type BackendConfigCmpv2State struct {
	// Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
	//
	// <a id="nestedatt--authenticators"></a>
	AuditFields pulumi.StringArrayInput
	// Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
	Authenticators BackendConfigCmpv2AuthenticatorsPtrInput
	// The path to the PKI secret backend to
	// read the CMPv2 configuration from, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
	DefaultPathPolicy pulumi.StringPtrInput
	// If set, parse out fields from the provided CSR making them available for Sentinel policies.
	EnableSentinelParsing pulumi.BoolPtrInput
	// Specifies whether CMPv2 is enabled.
	Enabled pulumi.BoolPtrInput
	// A read-only timestamp representing the last time the configuration was updated.
	LastUpdated pulumi.StringPtrInput
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (BackendConfigCmpv2State) ElementType added in v6.5.0 

func (BackendConfigCmpv2State) ElementType() reflect.Type

type BackendConfigEst added in v6.2.0 

type BackendConfigEst struct {
	pulumi.CustomResourceState

	// Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
	//
	// <a id="nestedatt--authenticators"></a>
	AuditFields pulumi.StringArrayOutput `pulumi:"auditFields"`
	// Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
	Authenticators BackendConfigEstAuthenticatorsOutput `pulumi:"authenticators"`
	// The path to the PKI secret backend to
	// read the EST configuration from, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
	DefaultMount pulumi.BoolPtrOutput `pulumi:"defaultMount"`
	// Required to be set if defaultMount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
	DefaultPathPolicy pulumi.StringPtrOutput `pulumi:"defaultPathPolicy"`
	// If set, parse out fields from the provided CSR making them available for Sentinel policies.
	EnableSentinelParsing pulumi.BoolPtrOutput `pulumi:"enableSentinelParsing"`
	// Specifies whether EST is enabled.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
	LabelToPathPolicy pulumi.StringMapOutput `pulumi:"labelToPathPolicy"`
	// A read-only timestamp representing the last time the configuration was updated.
	LastUpdated pulumi.StringOutput `pulumi:"lastUpdated"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Allows setting the EST configuration on a PKI Secret Backend

## Import

The PKI config cluster can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/est`, where the `pki-root` component is the resource's `backend`, e.g.

```sh $ pulumi import vault:pkiSecret/backendConfigEst:BackendConfigEst example pki-root/config/est ```

func GetBackendConfigEst added in v6.2.0 

func GetBackendConfigEst(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *BackendConfigEstState, opts ...pulumi.ResourceOption) (*BackendConfigEst, error)

GetBackendConfigEst gets an existing BackendConfigEst resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewBackendConfigEst added in v6.2.0 

func NewBackendConfigEst(ctx *pulumi.Context,
	name string, args *BackendConfigEstArgs, opts ...pulumi.ResourceOption) (*BackendConfigEst, error)

NewBackendConfigEst registers a new resource with the given unique name, arguments, and options.

func (*BackendConfigEst) ElementType added in v6.2.0 

func (*BackendConfigEst) ElementType() reflect.Type

func (*BackendConfigEst) ToBackendConfigEstOutput added in v6.2.0 

func (i *BackendConfigEst) ToBackendConfigEstOutput() BackendConfigEstOutput

func (*BackendConfigEst) ToBackendConfigEstOutputWithContext added in v6.2.0 

func (i *BackendConfigEst) ToBackendConfigEstOutputWithContext(ctx context.Context) BackendConfigEstOutput

type BackendConfigEstArgs added in v6.2.0 

type BackendConfigEstArgs struct {
	// Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
	//
	// <a id="nestedatt--authenticators"></a>
	AuditFields pulumi.StringArrayInput
	// Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
	Authenticators BackendConfigEstAuthenticatorsPtrInput
	// The path to the PKI secret backend to
	// read the EST configuration from, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
	DefaultMount pulumi.BoolPtrInput
	// Required to be set if defaultMount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
	DefaultPathPolicy pulumi.StringPtrInput
	// If set, parse out fields from the provided CSR making them available for Sentinel policies.
	EnableSentinelParsing pulumi.BoolPtrInput
	// Specifies whether EST is enabled.
	Enabled pulumi.BoolPtrInput
	// Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
	LabelToPathPolicy pulumi.StringMapInput
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a BackendConfigEst resource.

func (BackendConfigEstArgs) ElementType added in v6.2.0 

func (BackendConfigEstArgs) ElementType() reflect.Type

type BackendConfigEstArray added in v6.2.0 

type BackendConfigEstArray []BackendConfigEstInput

func (BackendConfigEstArray) ElementType added in v6.2.0 

func (BackendConfigEstArray) ElementType() reflect.Type

func (BackendConfigEstArray) ToBackendConfigEstArrayOutput added in v6.2.0 

func (i BackendConfigEstArray) ToBackendConfigEstArrayOutput() BackendConfigEstArrayOutput

func (BackendConfigEstArray) ToBackendConfigEstArrayOutputWithContext added in v6.2.0 

func (i BackendConfigEstArray) ToBackendConfigEstArrayOutputWithContext(ctx context.Context) BackendConfigEstArrayOutput

type BackendConfigEstArrayInput added in v6.2.0 

type BackendConfigEstArrayInput interface {
	pulumi.Input

	ToBackendConfigEstArrayOutput() BackendConfigEstArrayOutput
	ToBackendConfigEstArrayOutputWithContext(context.Context) BackendConfigEstArrayOutput
}

BackendConfigEstArrayInput is an input type that accepts BackendConfigEstArray and BackendConfigEstArrayOutput values. You can construct a concrete instance of `BackendConfigEstArrayInput` via: 

BackendConfigEstArray{ BackendConfigEstArgs{...} }

type BackendConfigEstArrayOutput added in v6.2.0 

type BackendConfigEstArrayOutput struct{ *pulumi.OutputState }

func (BackendConfigEstArrayOutput) ElementType added in v6.2.0 

func (BackendConfigEstArrayOutput) ElementType() reflect.Type

func (BackendConfigEstArrayOutput) Index added in v6.2.0 

func (o BackendConfigEstArrayOutput) Index(i pulumi.IntInput) BackendConfigEstOutput

func (BackendConfigEstArrayOutput) ToBackendConfigEstArrayOutput added in v6.2.0 

func (o BackendConfigEstArrayOutput) ToBackendConfigEstArrayOutput() BackendConfigEstArrayOutput

func (BackendConfigEstArrayOutput) ToBackendConfigEstArrayOutputWithContext added in v6.2.0 

func (o BackendConfigEstArrayOutput) ToBackendConfigEstArrayOutputWithContext(ctx context.Context) BackendConfigEstArrayOutput

type BackendConfigEstAuthenticators added in v6.2.0 

type BackendConfigEstAuthenticators struct {
	// "The accessor (required) and certRole (optional) properties for cert auth backends".
	Cert map[string]string `pulumi:"cert"`
	// "The accessor (required) property for user pass auth backends".
	Userpass map[string]string `pulumi:"userpass"`
}

type BackendConfigEstAuthenticatorsArgs added in v6.2.0 

type BackendConfigEstAuthenticatorsArgs struct {
	// "The accessor (required) and certRole (optional) properties for cert auth backends".
	Cert pulumi.StringMapInput `pulumi:"cert"`
	// "The accessor (required) property for user pass auth backends".
	Userpass pulumi.StringMapInput `pulumi:"userpass"`
}

func (BackendConfigEstAuthenticatorsArgs) ElementType added in v6.2.0 

func (BackendConfigEstAuthenticatorsArgs) ElementType() reflect.Type

func (BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsOutput added in v6.2.0 

func (i BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsOutput() BackendConfigEstAuthenticatorsOutput

func (BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsOutputWithContext added in v6.2.0 

func (i BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsOutputWithContext(ctx context.Context) BackendConfigEstAuthenticatorsOutput

func (BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsPtrOutput added in v6.2.0 

func (i BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsPtrOutput() BackendConfigEstAuthenticatorsPtrOutput

func (BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsPtrOutputWithContext added in v6.2.0 

func (i BackendConfigEstAuthenticatorsArgs) ToBackendConfigEstAuthenticatorsPtrOutputWithContext(ctx context.Context) BackendConfigEstAuthenticatorsPtrOutput

type BackendConfigEstAuthenticatorsInput added in v6.2.0 

type BackendConfigEstAuthenticatorsInput interface {
	pulumi.Input

	ToBackendConfigEstAuthenticatorsOutput() BackendConfigEstAuthenticatorsOutput
	ToBackendConfigEstAuthenticatorsOutputWithContext(context.Context) BackendConfigEstAuthenticatorsOutput
}

BackendConfigEstAuthenticatorsInput is an input type that accepts BackendConfigEstAuthenticatorsArgs and BackendConfigEstAuthenticatorsOutput values. You can construct a concrete instance of `BackendConfigEstAuthenticatorsInput` via: 

BackendConfigEstAuthenticatorsArgs{...}

type BackendConfigEstAuthenticatorsOutput added in v6.2.0 

type BackendConfigEstAuthenticatorsOutput struct{ *pulumi.OutputState }

func (BackendConfigEstAuthenticatorsOutput) Cert added in v6.2.0 

func (o BackendConfigEstAuthenticatorsOutput) Cert() pulumi.StringMapOutput

"The accessor (required) and certRole (optional) properties for cert auth backends".

func (BackendConfigEstAuthenticatorsOutput) ElementType added in v6.2.0 

func (BackendConfigEstAuthenticatorsOutput) ElementType() reflect.Type

func (BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsOutput added in v6.2.0 

func (o BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsOutput() BackendConfigEstAuthenticatorsOutput

func (BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsOutputWithContext added in v6.2.0 

func (o BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsOutputWithContext(ctx context.Context) BackendConfigEstAuthenticatorsOutput

func (BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsPtrOutput added in v6.2.0 

func (o BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsPtrOutput() BackendConfigEstAuthenticatorsPtrOutput

func (BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsPtrOutputWithContext added in v6.2.0 

func (o BackendConfigEstAuthenticatorsOutput) ToBackendConfigEstAuthenticatorsPtrOutputWithContext(ctx context.Context) BackendConfigEstAuthenticatorsPtrOutput

func (BackendConfigEstAuthenticatorsOutput) Userpass added in v6.2.0 

func (o BackendConfigEstAuthenticatorsOutput) Userpass() pulumi.StringMapOutput

"The accessor (required) property for user pass auth backends".

type BackendConfigEstAuthenticatorsPtrInput added in v6.2.0 

type BackendConfigEstAuthenticatorsPtrInput interface {
	pulumi.Input

	ToBackendConfigEstAuthenticatorsPtrOutput() BackendConfigEstAuthenticatorsPtrOutput
	ToBackendConfigEstAuthenticatorsPtrOutputWithContext(context.Context) BackendConfigEstAuthenticatorsPtrOutput
}

BackendConfigEstAuthenticatorsPtrInput is an input type that accepts BackendConfigEstAuthenticatorsArgs, BackendConfigEstAuthenticatorsPtr and BackendConfigEstAuthenticatorsPtrOutput values. You can construct a concrete instance of `BackendConfigEstAuthenticatorsPtrInput` via: 

        BackendConfigEstAuthenticatorsArgs{...}

or:

        nil

func BackendConfigEstAuthenticatorsPtr added in v6.2.0 

func BackendConfigEstAuthenticatorsPtr(v *BackendConfigEstAuthenticatorsArgs) BackendConfigEstAuthenticatorsPtrInput

type BackendConfigEstAuthenticatorsPtrOutput added in v6.2.0 

type BackendConfigEstAuthenticatorsPtrOutput struct{ *pulumi.OutputState }

func (BackendConfigEstAuthenticatorsPtrOutput) Cert added in v6.2.0 

func (o BackendConfigEstAuthenticatorsPtrOutput) Cert() pulumi.StringMapOutput

"The accessor (required) and certRole (optional) properties for cert auth backends".

func (BackendConfigEstAuthenticatorsPtrOutput) Elem added in v6.2.0 

func (o BackendConfigEstAuthenticatorsPtrOutput) Elem() BackendConfigEstAuthenticatorsOutput

func (BackendConfigEstAuthenticatorsPtrOutput) ElementType added in v6.2.0 

func (BackendConfigEstAuthenticatorsPtrOutput) ElementType() reflect.Type

func (BackendConfigEstAuthenticatorsPtrOutput) ToBackendConfigEstAuthenticatorsPtrOutput added in v6.2.0 

func (o BackendConfigEstAuthenticatorsPtrOutput) ToBackendConfigEstAuthenticatorsPtrOutput() BackendConfigEstAuthenticatorsPtrOutput

func (BackendConfigEstAuthenticatorsPtrOutput) ToBackendConfigEstAuthenticatorsPtrOutputWithContext added in v6.2.0 

func (o BackendConfigEstAuthenticatorsPtrOutput) ToBackendConfigEstAuthenticatorsPtrOutputWithContext(ctx context.Context) BackendConfigEstAuthenticatorsPtrOutput

func (BackendConfigEstAuthenticatorsPtrOutput) Userpass added in v6.2.0 

func (o BackendConfigEstAuthenticatorsPtrOutput) Userpass() pulumi.StringMapOutput

"The accessor (required) property for user pass auth backends".

type BackendConfigEstInput added in v6.2.0 

type BackendConfigEstInput interface {
	pulumi.Input

	ToBackendConfigEstOutput() BackendConfigEstOutput
	ToBackendConfigEstOutputWithContext(ctx context.Context) BackendConfigEstOutput
}

type BackendConfigEstMap added in v6.2.0 

type BackendConfigEstMap map[string]BackendConfigEstInput

func (BackendConfigEstMap) ElementType added in v6.2.0 

func (BackendConfigEstMap) ElementType() reflect.Type

func (BackendConfigEstMap) ToBackendConfigEstMapOutput added in v6.2.0 

func (i BackendConfigEstMap) ToBackendConfigEstMapOutput() BackendConfigEstMapOutput

func (BackendConfigEstMap) ToBackendConfigEstMapOutputWithContext added in v6.2.0 

func (i BackendConfigEstMap) ToBackendConfigEstMapOutputWithContext(ctx context.Context) BackendConfigEstMapOutput

type BackendConfigEstMapInput added in v6.2.0 

type BackendConfigEstMapInput interface {
	pulumi.Input

	ToBackendConfigEstMapOutput() BackendConfigEstMapOutput
	ToBackendConfigEstMapOutputWithContext(context.Context) BackendConfigEstMapOutput
}

BackendConfigEstMapInput is an input type that accepts BackendConfigEstMap and BackendConfigEstMapOutput values. You can construct a concrete instance of `BackendConfigEstMapInput` via: 

BackendConfigEstMap{ "key": BackendConfigEstArgs{...} }

type BackendConfigEstMapOutput added in v6.2.0 

type BackendConfigEstMapOutput struct{ *pulumi.OutputState }

func (BackendConfigEstMapOutput) ElementType added in v6.2.0 

func (BackendConfigEstMapOutput) ElementType() reflect.Type

func (BackendConfigEstMapOutput) MapIndex added in v6.2.0 

func (o BackendConfigEstMapOutput) MapIndex(k pulumi.StringInput) BackendConfigEstOutput

func (BackendConfigEstMapOutput) ToBackendConfigEstMapOutput added in v6.2.0 

func (o BackendConfigEstMapOutput) ToBackendConfigEstMapOutput() BackendConfigEstMapOutput

func (BackendConfigEstMapOutput) ToBackendConfigEstMapOutputWithContext added in v6.2.0 

func (o BackendConfigEstMapOutput) ToBackendConfigEstMapOutputWithContext(ctx context.Context) BackendConfigEstMapOutput

type BackendConfigEstOutput added in v6.2.0 

type BackendConfigEstOutput struct{ *pulumi.OutputState }

func (BackendConfigEstOutput) AuditFields added in v6.2.0 

func (o BackendConfigEstOutput) AuditFields() pulumi.StringArrayOutput

Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.

<a id="nestedatt--authenticators"></a>

func (BackendConfigEstOutput) Authenticators added in v6.2.0 

func (o BackendConfigEstOutput) Authenticators() BackendConfigEstAuthenticatorsOutput

Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).

func (BackendConfigEstOutput) Backend added in v6.2.0 

func (o BackendConfigEstOutput) Backend() pulumi.StringOutput

The path to the PKI secret backend to read the EST configuration from, with no leading or trailing `/`s.

func (BackendConfigEstOutput) DefaultMount added in v6.2.0 

func (o BackendConfigEstOutput) DefaultMount() pulumi.BoolPtrOutput

If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.

func (BackendConfigEstOutput) DefaultPathPolicy added in v6.2.0 

func (o BackendConfigEstOutput) DefaultPathPolicy() pulumi.StringPtrOutput

Required to be set if defaultMount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.

func (BackendConfigEstOutput) ElementType added in v6.2.0 

func (BackendConfigEstOutput) ElementType() reflect.Type

func (BackendConfigEstOutput) EnableSentinelParsing added in v6.2.0 

func (o BackendConfigEstOutput) EnableSentinelParsing() pulumi.BoolPtrOutput

If set, parse out fields from the provided CSR making them available for Sentinel policies.

func (BackendConfigEstOutput) Enabled added in v6.2.0 

func (o BackendConfigEstOutput) Enabled() pulumi.BoolPtrOutput

Specifies whether EST is enabled.

func (BackendConfigEstOutput) LabelToPathPolicy added in v6.2.0 

func (o BackendConfigEstOutput) LabelToPathPolicy() pulumi.StringMapOutput

Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.

func (BackendConfigEstOutput) LastUpdated added in v6.2.0 

func (o BackendConfigEstOutput) LastUpdated() pulumi.StringOutput

A read-only timestamp representing the last time the configuration was updated.

func (BackendConfigEstOutput) Namespace added in v6.2.0 

func (o BackendConfigEstOutput) Namespace() pulumi.StringPtrOutput

The namespace of the target resource. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (BackendConfigEstOutput) ToBackendConfigEstOutput added in v6.2.0 

func (o BackendConfigEstOutput) ToBackendConfigEstOutput() BackendConfigEstOutput

func (BackendConfigEstOutput) ToBackendConfigEstOutputWithContext added in v6.2.0 

func (o BackendConfigEstOutput) ToBackendConfigEstOutputWithContext(ctx context.Context) BackendConfigEstOutput

type BackendConfigEstState added in v6.2.0 

type BackendConfigEstState struct {
	// Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
	//
	// <a id="nestedatt--authenticators"></a>
	AuditFields pulumi.StringArrayInput
	// Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
	Authenticators BackendConfigEstAuthenticatorsPtrInput
	// The path to the PKI secret backend to
	// read the EST configuration from, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
	DefaultMount pulumi.BoolPtrInput
	// Required to be set if defaultMount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
	DefaultPathPolicy pulumi.StringPtrInput
	// If set, parse out fields from the provided CSR making them available for Sentinel policies.
	EnableSentinelParsing pulumi.BoolPtrInput
	// Specifies whether EST is enabled.
	Enabled pulumi.BoolPtrInput
	// Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
	LabelToPathPolicy pulumi.StringMapInput
	// A read-only timestamp representing the last time the configuration was updated.
	LastUpdated pulumi.StringPtrInput
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (BackendConfigEstState) ElementType added in v6.2.0 

func (BackendConfigEstState) ElementType() reflect.Type

type GetBackendConfigCmpv2Authenticator added in v6.5.0 

type GetBackendConfigCmpv2Authenticator struct {
	// The accessor and certRole properties for cert auth backends
	Cert map[string]string `pulumi:"cert"`
}

type GetBackendConfigCmpv2AuthenticatorArgs added in v6.5.0 

type GetBackendConfigCmpv2AuthenticatorArgs struct {
	// The accessor and certRole properties for cert auth backends
	Cert pulumi.StringMapInput `pulumi:"cert"`
}

func (GetBackendConfigCmpv2AuthenticatorArgs) ElementType added in v6.5.0 

func (GetBackendConfigCmpv2AuthenticatorArgs) ElementType() reflect.Type

func (GetBackendConfigCmpv2AuthenticatorArgs) ToGetBackendConfigCmpv2AuthenticatorOutput added in v6.5.0 

func (i GetBackendConfigCmpv2AuthenticatorArgs) ToGetBackendConfigCmpv2AuthenticatorOutput() GetBackendConfigCmpv2AuthenticatorOutput

func (GetBackendConfigCmpv2AuthenticatorArgs) ToGetBackendConfigCmpv2AuthenticatorOutputWithContext added in v6.5.0 

func (i GetBackendConfigCmpv2AuthenticatorArgs) ToGetBackendConfigCmpv2AuthenticatorOutputWithContext(ctx context.Context) GetBackendConfigCmpv2AuthenticatorOutput

type GetBackendConfigCmpv2AuthenticatorArray added in v6.5.0 

type GetBackendConfigCmpv2AuthenticatorArray []GetBackendConfigCmpv2AuthenticatorInput

func (GetBackendConfigCmpv2AuthenticatorArray) ElementType added in v6.5.0 

func (GetBackendConfigCmpv2AuthenticatorArray) ElementType() reflect.Type

func (GetBackendConfigCmpv2AuthenticatorArray) ToGetBackendConfigCmpv2AuthenticatorArrayOutput added in v6.5.0 

func (i GetBackendConfigCmpv2AuthenticatorArray) ToGetBackendConfigCmpv2AuthenticatorArrayOutput() GetBackendConfigCmpv2AuthenticatorArrayOutput

func (GetBackendConfigCmpv2AuthenticatorArray) ToGetBackendConfigCmpv2AuthenticatorArrayOutputWithContext added in v6.5.0 

func (i GetBackendConfigCmpv2AuthenticatorArray) ToGetBackendConfigCmpv2AuthenticatorArrayOutputWithContext(ctx context.Context) GetBackendConfigCmpv2AuthenticatorArrayOutput

type GetBackendConfigCmpv2AuthenticatorArrayInput added in v6.5.0 

type GetBackendConfigCmpv2AuthenticatorArrayInput interface {
	pulumi.Input

	ToGetBackendConfigCmpv2AuthenticatorArrayOutput() GetBackendConfigCmpv2AuthenticatorArrayOutput
	ToGetBackendConfigCmpv2AuthenticatorArrayOutputWithContext(context.Context) GetBackendConfigCmpv2AuthenticatorArrayOutput
}

GetBackendConfigCmpv2AuthenticatorArrayInput is an input type that accepts GetBackendConfigCmpv2AuthenticatorArray and GetBackendConfigCmpv2AuthenticatorArrayOutput values. You can construct a concrete instance of `GetBackendConfigCmpv2AuthenticatorArrayInput` via: 

GetBackendConfigCmpv2AuthenticatorArray{ GetBackendConfigCmpv2AuthenticatorArgs{...} }

type GetBackendConfigCmpv2AuthenticatorArrayOutput added in v6.5.0 

type GetBackendConfigCmpv2AuthenticatorArrayOutput struct{ *pulumi.OutputState }

func (GetBackendConfigCmpv2AuthenticatorArrayOutput) ElementType added in v6.5.0 

func (GetBackendConfigCmpv2AuthenticatorArrayOutput) ElementType() reflect.Type

func (GetBackendConfigCmpv2AuthenticatorArrayOutput) Index added in v6.5.0 

func (o GetBackendConfigCmpv2AuthenticatorArrayOutput) Index(i pulumi.IntInput) GetBackendConfigCmpv2AuthenticatorOutput

func (GetBackendConfigCmpv2AuthenticatorArrayOutput) ToGetBackendConfigCmpv2AuthenticatorArrayOutput added in v6.5.0 

func (o GetBackendConfigCmpv2AuthenticatorArrayOutput) ToGetBackendConfigCmpv2AuthenticatorArrayOutput() GetBackendConfigCmpv2AuthenticatorArrayOutput

func (GetBackendConfigCmpv2AuthenticatorArrayOutput) ToGetBackendConfigCmpv2AuthenticatorArrayOutputWithContext added in v6.5.0 

func (o GetBackendConfigCmpv2AuthenticatorArrayOutput) ToGetBackendConfigCmpv2AuthenticatorArrayOutputWithContext(ctx context.Context) GetBackendConfigCmpv2AuthenticatorArrayOutput

type GetBackendConfigCmpv2AuthenticatorInput added in v6.5.0 

type GetBackendConfigCmpv2AuthenticatorInput interface {
	pulumi.Input

	ToGetBackendConfigCmpv2AuthenticatorOutput() GetBackendConfigCmpv2AuthenticatorOutput
	ToGetBackendConfigCmpv2AuthenticatorOutputWithContext(context.Context) GetBackendConfigCmpv2AuthenticatorOutput
}

GetBackendConfigCmpv2AuthenticatorInput is an input type that accepts GetBackendConfigCmpv2AuthenticatorArgs and GetBackendConfigCmpv2AuthenticatorOutput values. You can construct a concrete instance of `GetBackendConfigCmpv2AuthenticatorInput` via: 

GetBackendConfigCmpv2AuthenticatorArgs{...}

type GetBackendConfigCmpv2AuthenticatorOutput added in v6.5.0 

type GetBackendConfigCmpv2AuthenticatorOutput struct{ *pulumi.OutputState }

func (GetBackendConfigCmpv2AuthenticatorOutput) Cert added in v6.5.0 

func (o GetBackendConfigCmpv2AuthenticatorOutput) Cert() pulumi.StringMapOutput

The accessor and certRole properties for cert auth backends

func (GetBackendConfigCmpv2AuthenticatorOutput) ElementType added in v6.5.0 

func (GetBackendConfigCmpv2AuthenticatorOutput) ElementType() reflect.Type

func (GetBackendConfigCmpv2AuthenticatorOutput) ToGetBackendConfigCmpv2AuthenticatorOutput added in v6.5.0 

func (o GetBackendConfigCmpv2AuthenticatorOutput) ToGetBackendConfigCmpv2AuthenticatorOutput() GetBackendConfigCmpv2AuthenticatorOutput

func (GetBackendConfigCmpv2AuthenticatorOutput) ToGetBackendConfigCmpv2AuthenticatorOutputWithContext added in v6.5.0 

func (o GetBackendConfigCmpv2AuthenticatorOutput) ToGetBackendConfigCmpv2AuthenticatorOutputWithContext(ctx context.Context) GetBackendConfigCmpv2AuthenticatorOutput

type GetBackendConfigEstAuthenticator added in v6.2.0 

type GetBackendConfigEstAuthenticator struct {
	// "The accessor and certRole properties for cert auth backends".
	Cert map[string]string `pulumi:"cert"`
	// "The accessor property for user pass auth backends".
	Userpass map[string]string `pulumi:"userpass"`
}

type GetBackendConfigEstAuthenticatorArgs added in v6.2.0 

type GetBackendConfigEstAuthenticatorArgs struct {
	// "The accessor and certRole properties for cert auth backends".
	Cert pulumi.StringMapInput `pulumi:"cert"`
	// "The accessor property for user pass auth backends".
	Userpass pulumi.StringMapInput `pulumi:"userpass"`
}

func (GetBackendConfigEstAuthenticatorArgs) ElementType added in v6.2.0 

func (GetBackendConfigEstAuthenticatorArgs) ElementType() reflect.Type

func (GetBackendConfigEstAuthenticatorArgs) ToGetBackendConfigEstAuthenticatorOutput added in v6.2.0 

func (i GetBackendConfigEstAuthenticatorArgs) ToGetBackendConfigEstAuthenticatorOutput() GetBackendConfigEstAuthenticatorOutput

func (GetBackendConfigEstAuthenticatorArgs) ToGetBackendConfigEstAuthenticatorOutputWithContext added in v6.2.0 

func (i GetBackendConfigEstAuthenticatorArgs) ToGetBackendConfigEstAuthenticatorOutputWithContext(ctx context.Context) GetBackendConfigEstAuthenticatorOutput

type GetBackendConfigEstAuthenticatorArray added in v6.2.0 

type GetBackendConfigEstAuthenticatorArray []GetBackendConfigEstAuthenticatorInput

func (GetBackendConfigEstAuthenticatorArray) ElementType added in v6.2.0 

func (GetBackendConfigEstAuthenticatorArray) ElementType() reflect.Type

func (GetBackendConfigEstAuthenticatorArray) ToGetBackendConfigEstAuthenticatorArrayOutput added in v6.2.0 

func (i GetBackendConfigEstAuthenticatorArray) ToGetBackendConfigEstAuthenticatorArrayOutput() GetBackendConfigEstAuthenticatorArrayOutput

func (GetBackendConfigEstAuthenticatorArray) ToGetBackendConfigEstAuthenticatorArrayOutputWithContext added in v6.2.0 

func (i GetBackendConfigEstAuthenticatorArray) ToGetBackendConfigEstAuthenticatorArrayOutputWithContext(ctx context.Context) GetBackendConfigEstAuthenticatorArrayOutput

type GetBackendConfigEstAuthenticatorArrayInput added in v6.2.0 

type GetBackendConfigEstAuthenticatorArrayInput interface {
	pulumi.Input

	ToGetBackendConfigEstAuthenticatorArrayOutput() GetBackendConfigEstAuthenticatorArrayOutput
	ToGetBackendConfigEstAuthenticatorArrayOutputWithContext(context.Context) GetBackendConfigEstAuthenticatorArrayOutput
}

GetBackendConfigEstAuthenticatorArrayInput is an input type that accepts GetBackendConfigEstAuthenticatorArray and GetBackendConfigEstAuthenticatorArrayOutput values. You can construct a concrete instance of `GetBackendConfigEstAuthenticatorArrayInput` via: 

GetBackendConfigEstAuthenticatorArray{ GetBackendConfigEstAuthenticatorArgs{...} }

type GetBackendConfigEstAuthenticatorArrayOutput added in v6.2.0 

type GetBackendConfigEstAuthenticatorArrayOutput struct{ *pulumi.OutputState }

func (GetBackendConfigEstAuthenticatorArrayOutput) ElementType added in v6.2.0 

func (GetBackendConfigEstAuthenticatorArrayOutput) ElementType() reflect.Type

func (GetBackendConfigEstAuthenticatorArrayOutput) Index added in v6.2.0 

func (o GetBackendConfigEstAuthenticatorArrayOutput) Index(i pulumi.IntInput) GetBackendConfigEstAuthenticatorOutput

func (GetBackendConfigEstAuthenticatorArrayOutput) ToGetBackendConfigEstAuthenticatorArrayOutput added in v6.2.0 

func (o GetBackendConfigEstAuthenticatorArrayOutput) ToGetBackendConfigEstAuthenticatorArrayOutput() GetBackendConfigEstAuthenticatorArrayOutput

func (GetBackendConfigEstAuthenticatorArrayOutput) ToGetBackendConfigEstAuthenticatorArrayOutputWithContext added in v6.2.0 

func (o GetBackendConfigEstAuthenticatorArrayOutput) ToGetBackendConfigEstAuthenticatorArrayOutputWithContext(ctx context.Context) GetBackendConfigEstAuthenticatorArrayOutput

type GetBackendConfigEstAuthenticatorInput added in v6.2.0 

type GetBackendConfigEstAuthenticatorInput interface {
	pulumi.Input

	ToGetBackendConfigEstAuthenticatorOutput() GetBackendConfigEstAuthenticatorOutput
	ToGetBackendConfigEstAuthenticatorOutputWithContext(context.Context) GetBackendConfigEstAuthenticatorOutput
}

GetBackendConfigEstAuthenticatorInput is an input type that accepts GetBackendConfigEstAuthenticatorArgs and GetBackendConfigEstAuthenticatorOutput values. You can construct a concrete instance of `GetBackendConfigEstAuthenticatorInput` via: 

GetBackendConfigEstAuthenticatorArgs{...}

type GetBackendConfigEstAuthenticatorOutput added in v6.2.0 

type GetBackendConfigEstAuthenticatorOutput struct{ *pulumi.OutputState }

func (GetBackendConfigEstAuthenticatorOutput) Cert added in v6.2.0 

func (o GetBackendConfigEstAuthenticatorOutput) Cert() pulumi.StringMapOutput

"The accessor and certRole properties for cert auth backends".

func (GetBackendConfigEstAuthenticatorOutput) ElementType added in v6.2.0 

func (GetBackendConfigEstAuthenticatorOutput) ElementType() reflect.Type

func (GetBackendConfigEstAuthenticatorOutput) ToGetBackendConfigEstAuthenticatorOutput added in v6.2.0 

func (o GetBackendConfigEstAuthenticatorOutput) ToGetBackendConfigEstAuthenticatorOutput() GetBackendConfigEstAuthenticatorOutput

func (GetBackendConfigEstAuthenticatorOutput) ToGetBackendConfigEstAuthenticatorOutputWithContext added in v6.2.0 

func (o GetBackendConfigEstAuthenticatorOutput) ToGetBackendConfigEstAuthenticatorOutputWithContext(ctx context.Context) GetBackendConfigEstAuthenticatorOutput

func (GetBackendConfigEstAuthenticatorOutput) Userpass added in v6.2.0 

func (o GetBackendConfigEstAuthenticatorOutput) Userpass() pulumi.StringMapOutput

"The accessor property for user pass auth backends".

type GetBackendIssuerArgs 

type GetBackendIssuerArgs struct {
	// The path to the PKI secret backend to
	// read the issuer from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// Reference to an existing issuer.
	IssuerRef string `pulumi:"issuerRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuer.

type GetBackendIssuerOutputArgs 

type GetBackendIssuerOutputArgs struct {
	// The path to the PKI secret backend to
	// read the issuer from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// Reference to an existing issuer.
	IssuerRef pulumi.StringInput `pulumi:"issuerRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuer.

func (GetBackendIssuerOutputArgs) ElementType 

func (GetBackendIssuerOutputArgs) ElementType() reflect.Type

type GetBackendIssuerResult 

type GetBackendIssuerResult struct {
	Backend string `pulumi:"backend"`
	// The CA chain as a list of format specific certificates.
	CaChains []string `pulumi:"caChains"`
	// Certificate associated with this issuer.
	Certificate string `pulumi:"certificate"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// ID of the issuer.
	IssuerId string `pulumi:"issuerId"`
	// Name of the issuer.
	IssuerName string `pulumi:"issuerName"`
	IssuerRef  string `pulumi:"issuerRef"`
	// ID of the key used by the issuer.
	KeyId string `pulumi:"keyId"`
	// Behavior of a leaf's NotAfter field during issuance.
	LeafNotAfterBehavior string `pulumi:"leafNotAfterBehavior"`
	// Chain of issuer references to build this issuer's computed
	// CAChain field from, when non-empty.
	ManualChains []string `pulumi:"manualChains"`
	Namespace    *string  `pulumi:"namespace"`
	// Allowed usages for this issuer.
	Usage string `pulumi:"usage"`
}

A collection of values returned by getBackendIssuer.

func GetBackendIssuer 

func GetBackendIssuer(ctx *pulumi.Context, args *GetBackendIssuerArgs, opts ...pulumi.InvokeOption) (*GetBackendIssuerResult, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		root, err := pkisecret.NewSecretBackendRootCert(ctx, "root", &pkisecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("example"),
			Ttl:        pulumi.String("86400"),
			IssuerName: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		_ = root.IssuerId.ApplyT(func(issuerId string) (pkisecret.GetBackendIssuerResult, error) {
			return pkisecret.GetBackendIssuerResult(interface{}(pkisecret.GetBackendIssuerOutput(ctx, pkisecret.GetBackendIssuerOutputArgs{
				Backend:   root.Path,
				IssuerRef: issuerId,
			}, nil))), nil
		}).(pkisecret.GetBackendIssuerResultOutput)
		return nil
	})
}

```

type GetBackendIssuerResultOutput 

type GetBackendIssuerResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendIssuer.

func GetBackendIssuerOutput 

func GetBackendIssuerOutput(ctx *pulumi.Context, args GetBackendIssuerOutputArgs, opts ...pulumi.InvokeOption) GetBackendIssuerResultOutput

func (GetBackendIssuerResultOutput) Backend 

func (o GetBackendIssuerResultOutput) Backend() pulumi.StringOutput

func (GetBackendIssuerResultOutput) CaChains 

func (o GetBackendIssuerResultOutput) CaChains() pulumi.StringArrayOutput

The CA chain as a list of format specific certificates.

func (GetBackendIssuerResultOutput) Certificate 

func (o GetBackendIssuerResultOutput) Certificate() pulumi.StringOutput

Certificate associated with this issuer.

func (GetBackendIssuerResultOutput) ElementType 

func (GetBackendIssuerResultOutput) ElementType() reflect.Type

func (GetBackendIssuerResultOutput) Id 

func (o GetBackendIssuerResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendIssuerResultOutput) IssuerId 

func (o GetBackendIssuerResultOutput) IssuerId() pulumi.StringOutput

ID of the issuer.

func (GetBackendIssuerResultOutput) IssuerName 

func (o GetBackendIssuerResultOutput) IssuerName() pulumi.StringOutput

Name of the issuer.

func (GetBackendIssuerResultOutput) IssuerRef 

func (o GetBackendIssuerResultOutput) IssuerRef() pulumi.StringOutput

func (GetBackendIssuerResultOutput) KeyId 

func (o GetBackendIssuerResultOutput) KeyId() pulumi.StringOutput

ID of the key used by the issuer.

func (GetBackendIssuerResultOutput) LeafNotAfterBehavior 

func (o GetBackendIssuerResultOutput) LeafNotAfterBehavior() pulumi.StringOutput

Behavior of a leaf's NotAfter field during issuance.

func (GetBackendIssuerResultOutput) ManualChains 

func (o GetBackendIssuerResultOutput) ManualChains() pulumi.StringArrayOutput

Chain of issuer references to build this issuer's computed CAChain field from, when non-empty.

func (GetBackendIssuerResultOutput) Namespace 

func (o GetBackendIssuerResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutput 

func (o GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutput() GetBackendIssuerResultOutput

func (GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutputWithContext 

func (o GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutputWithContext(ctx context.Context) GetBackendIssuerResultOutput

func (GetBackendIssuerResultOutput) Usage 

func (o GetBackendIssuerResultOutput) Usage() pulumi.StringOutput

Allowed usages for this issuer.

type GetBackendIssuersArgs 

type GetBackendIssuersArgs struct {
	// The path to the PKI secret backend to
	// read the issuers from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuers.

type GetBackendIssuersOutputArgs 

type GetBackendIssuersOutputArgs struct {
	// The path to the PKI secret backend to
	// read the issuers from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuers.

func (GetBackendIssuersOutputArgs) ElementType 

func (GetBackendIssuersOutputArgs) ElementType() reflect.Type

type GetBackendIssuersResult 

type GetBackendIssuersResult struct {
	Backend string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Map of issuer strings read from Vault.
	KeyInfo map[string]string `pulumi:"keyInfo"`
	// JSON-encoded issuer data read from Vault.
	KeyInfoJson string `pulumi:"keyInfoJson"`
	// Keys used by issuers under the backend path.
	Keys      []string `pulumi:"keys"`
	Namespace *string  `pulumi:"namespace"`
}

A collection of values returned by getBackendIssuers.

func GetBackendIssuers 

func GetBackendIssuers(ctx *pulumi.Context, args *GetBackendIssuersArgs, opts ...pulumi.InvokeOption) (*GetBackendIssuersResult, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		root, err := pkisecret.NewSecretBackendRootCert(ctx, "root", &pkisecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("example"),
			Ttl:        pulumi.String("86400"),
			IssuerName: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		_ = pkisecret.GetBackendIssuersOutput(ctx, pkisecret.GetBackendIssuersOutputArgs{
			Backend: root.Backend,
		}, nil)
		return nil
	})
}

```

type GetBackendIssuersResultOutput 

type GetBackendIssuersResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendIssuers.

func GetBackendIssuersOutput 

func GetBackendIssuersOutput(ctx *pulumi.Context, args GetBackendIssuersOutputArgs, opts ...pulumi.InvokeOption) GetBackendIssuersResultOutput

func (GetBackendIssuersResultOutput) Backend 

func (o GetBackendIssuersResultOutput) Backend() pulumi.StringOutput

func (GetBackendIssuersResultOutput) ElementType 

func (GetBackendIssuersResultOutput) ElementType() reflect.Type

func (GetBackendIssuersResultOutput) Id 

func (o GetBackendIssuersResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendIssuersResultOutput) KeyInfo 

func (o GetBackendIssuersResultOutput) KeyInfo() pulumi.StringMapOutput

Map of issuer strings read from Vault.

func (GetBackendIssuersResultOutput) KeyInfoJson 

func (o GetBackendIssuersResultOutput) KeyInfoJson() pulumi.StringOutput

JSON-encoded issuer data read from Vault.

func (GetBackendIssuersResultOutput) Keys 

func (o GetBackendIssuersResultOutput) Keys() pulumi.StringArrayOutput

Keys used by issuers under the backend path.

func (GetBackendIssuersResultOutput) Namespace 

func (o GetBackendIssuersResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutput 

func (o GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutput() GetBackendIssuersResultOutput

func (GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutputWithContext 

func (o GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutputWithContext(ctx context.Context) GetBackendIssuersResultOutput

type GetBackendKeyArgs 

type GetBackendKeyArgs struct {
	// The path to the PKI secret backend to
	// read the key from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// Reference to an existing key.
	KeyRef string `pulumi:"keyRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKey.

type GetBackendKeyOutputArgs 

type GetBackendKeyOutputArgs struct {
	// The path to the PKI secret backend to
	// read the key from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// Reference to an existing key.
	KeyRef pulumi.StringInput `pulumi:"keyRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKey.

func (GetBackendKeyOutputArgs) ElementType 

func (GetBackendKeyOutputArgs) ElementType() reflect.Type

type GetBackendKeyResult 

type GetBackendKeyResult struct {
	Backend string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// ID of the key.
	KeyId string `pulumi:"keyId"`
	// Name of the key.
	KeyName string `pulumi:"keyName"`
	KeyRef  string `pulumi:"keyRef"`
	// Type of the key.
	KeyType   string  `pulumi:"keyType"`
	Namespace *string `pulumi:"namespace"`
}

A collection of values returned by getBackendKey.

func GetBackendKey 

func GetBackendKey(ctx *pulumi.Context, args *GetBackendKeyArgs, opts ...pulumi.InvokeOption) (*GetBackendKeyResult, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		key, err := pkisecret.NewSecretBackendKey(ctx, "key", &pkisecret.SecretBackendKeyArgs{
			Backend: pki.Path,
			Type:    pulumi.String("internal"),
			KeyName: pulumi.String("example"),
			KeyType: pulumi.String("rsa"),
			KeyBits: pulumi.Int(4096),
		})
		if err != nil {
			return err
		}
		_ = key.KeyId.ApplyT(func(keyId string) (pkisecret.GetBackendKeyResult, error) {
			return pkisecret.GetBackendKeyResult(interface{}(pkisecret.GetBackendKeyOutput(ctx, pkisecret.GetBackendKeyOutputArgs{
				Backend: keyVaultMount.Path,
				KeyRef:  keyId,
			}, nil))), nil
		}).(pkisecret.GetBackendKeyResultOutput)
		return nil
	})
}

```

type GetBackendKeyResultOutput 

type GetBackendKeyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendKey.

func GetBackendKeyOutput 

func GetBackendKeyOutput(ctx *pulumi.Context, args GetBackendKeyOutputArgs, opts ...pulumi.InvokeOption) GetBackendKeyResultOutput

func (GetBackendKeyResultOutput) Backend 

func (o GetBackendKeyResultOutput) Backend() pulumi.StringOutput

func (GetBackendKeyResultOutput) ElementType 

func (GetBackendKeyResultOutput) ElementType() reflect.Type

func (GetBackendKeyResultOutput) Id 

func (o GetBackendKeyResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendKeyResultOutput) KeyId 

func (o GetBackendKeyResultOutput) KeyId() pulumi.StringOutput

ID of the key.

func (GetBackendKeyResultOutput) KeyName 

func (o GetBackendKeyResultOutput) KeyName() pulumi.StringOutput

Name of the key.

func (GetBackendKeyResultOutput) KeyRef 

func (o GetBackendKeyResultOutput) KeyRef() pulumi.StringOutput

func (GetBackendKeyResultOutput) KeyType 

func (o GetBackendKeyResultOutput) KeyType() pulumi.StringOutput

Type of the key.

func (GetBackendKeyResultOutput) Namespace 

func (o GetBackendKeyResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendKeyResultOutput) ToGetBackendKeyResultOutput 

func (o GetBackendKeyResultOutput) ToGetBackendKeyResultOutput() GetBackendKeyResultOutput

func (GetBackendKeyResultOutput) ToGetBackendKeyResultOutputWithContext 

func (o GetBackendKeyResultOutput) ToGetBackendKeyResultOutputWithContext(ctx context.Context) GetBackendKeyResultOutput

type GetBackendKeysArgs 

type GetBackendKeysArgs struct {
	// The path to the PKI secret backend to
	// read the keys from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKeys.

type GetBackendKeysOutputArgs 

type GetBackendKeysOutputArgs struct {
	// The path to the PKI secret backend to
	// read the keys from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKeys.

func (GetBackendKeysOutputArgs) ElementType 

func (GetBackendKeysOutputArgs) ElementType() reflect.Type

type GetBackendKeysResult 

type GetBackendKeysResult struct {
	Backend string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Map of key strings read from Vault.
	KeyInfo map[string]string `pulumi:"keyInfo"`
	// JSON-encoded key data read from Vault.
	KeyInfoJson string `pulumi:"keyInfoJson"`
	// Keys used under the backend path.
	Keys      []string `pulumi:"keys"`
	Namespace *string  `pulumi:"namespace"`
}

A collection of values returned by getBackendKeys.

func GetBackendKeys 

func GetBackendKeys(ctx *pulumi.Context, args *GetBackendKeysArgs, opts ...pulumi.InvokeOption) (*GetBackendKeysResult, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		root, err := pkisecret.NewSecretBackendRootCert(ctx, "root", &pkisecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("example"),
			Ttl:        pulumi.String("86400"),
			KeyName:    pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		_ = pkisecret.GetBackendKeysOutput(ctx, pkisecret.GetBackendKeysOutputArgs{
			Backend: root.Backend,
		}, nil)
		return nil
	})
}

```

type GetBackendKeysResultOutput 

type GetBackendKeysResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendKeys.

func GetBackendKeysOutput 

func GetBackendKeysOutput(ctx *pulumi.Context, args GetBackendKeysOutputArgs, opts ...pulumi.InvokeOption) GetBackendKeysResultOutput

func (GetBackendKeysResultOutput) Backend 

func (o GetBackendKeysResultOutput) Backend() pulumi.StringOutput

func (GetBackendKeysResultOutput) ElementType 

func (GetBackendKeysResultOutput) ElementType() reflect.Type

func (GetBackendKeysResultOutput) Id 

func (o GetBackendKeysResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendKeysResultOutput) KeyInfo 

func (o GetBackendKeysResultOutput) KeyInfo() pulumi.StringMapOutput

Map of key strings read from Vault.

func (GetBackendKeysResultOutput) KeyInfoJson 

func (o GetBackendKeysResultOutput) KeyInfoJson() pulumi.StringOutput

JSON-encoded key data read from Vault.

func (GetBackendKeysResultOutput) Keys 

func (o GetBackendKeysResultOutput) Keys() pulumi.StringArrayOutput

Keys used under the backend path.

func (GetBackendKeysResultOutput) Namespace 

func (o GetBackendKeysResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendKeysResultOutput) ToGetBackendKeysResultOutput 

func (o GetBackendKeysResultOutput) ToGetBackendKeysResultOutput() GetBackendKeysResultOutput

func (GetBackendKeysResultOutput) ToGetBackendKeysResultOutputWithContext 

func (o GetBackendKeysResultOutput) ToGetBackendKeysResultOutputWithContext(ctx context.Context) GetBackendKeysResultOutput

type LookupBackendConfigCmpv2Args added in v6.5.0 

type LookupBackendConfigCmpv2Args struct {
	// The path to the PKI secret backend to
	// read the CMPv2 configuration from, with no leading or trailing `/`s.
	//
	// # Attributes Reference
	Backend string `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendConfigCmpv2.

type LookupBackendConfigCmpv2OutputArgs added in v6.5.0 

type LookupBackendConfigCmpv2OutputArgs struct {
	// The path to the PKI secret backend to
	// read the CMPv2 configuration from, with no leading or trailing `/`s.
	//
	// # Attributes Reference
	Backend pulumi.StringInput `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendConfigCmpv2.

func (LookupBackendConfigCmpv2OutputArgs) ElementType added in v6.5.0 

func (LookupBackendConfigCmpv2OutputArgs) ElementType() reflect.Type

type LookupBackendConfigCmpv2Result added in v6.5.0 

type LookupBackendConfigCmpv2Result struct {
	AuditFields           []string                             `pulumi:"auditFields"`
	Authenticators        []GetBackendConfigCmpv2Authenticator `pulumi:"authenticators"`
	Backend               string                               `pulumi:"backend"`
	DefaultPathPolicy     string                               `pulumi:"defaultPathPolicy"`
	EnableSentinelParsing bool                                 `pulumi:"enableSentinelParsing"`
	Enabled               bool                                 `pulumi:"enabled"`
	// The provider-assigned unique ID for this managed resource.
	Id          string  `pulumi:"id"`
	LastUpdated string  `pulumi:"lastUpdated"`
	Namespace   *string `pulumi:"namespace"`
}

A collection of values returned by getBackendConfigCmpv2.

func LookupBackendConfigCmpv2 added in v6.5.0 

func LookupBackendConfigCmpv2(ctx *pulumi.Context, args *LookupBackendConfigCmpv2Args, opts ...pulumi.InvokeOption) (*LookupBackendConfigCmpv2Result, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		_ = pkisecret.GetBackendConfigCmpv2Output(ctx, pkisecret.GetBackendConfigCmpv2OutputArgs{
			Backend: pki.Path,
		}, nil)
		return nil
	})
}

```

type LookupBackendConfigCmpv2ResultOutput added in v6.5.0 

type LookupBackendConfigCmpv2ResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendConfigCmpv2.

func LookupBackendConfigCmpv2Output added in v6.5.0 

func LookupBackendConfigCmpv2Output(ctx *pulumi.Context, args LookupBackendConfigCmpv2OutputArgs, opts ...pulumi.InvokeOption) LookupBackendConfigCmpv2ResultOutput

func (LookupBackendConfigCmpv2ResultOutput) AuditFields added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) AuditFields() pulumi.StringArrayOutput

func (LookupBackendConfigCmpv2ResultOutput) Authenticators added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) Authenticators() GetBackendConfigCmpv2AuthenticatorArrayOutput

func (LookupBackendConfigCmpv2ResultOutput) Backend added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) Backend() pulumi.StringOutput

func (LookupBackendConfigCmpv2ResultOutput) DefaultPathPolicy added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) DefaultPathPolicy() pulumi.StringOutput

func (LookupBackendConfigCmpv2ResultOutput) ElementType added in v6.5.0 

func (LookupBackendConfigCmpv2ResultOutput) ElementType() reflect.Type

func (LookupBackendConfigCmpv2ResultOutput) EnableSentinelParsing added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) EnableSentinelParsing() pulumi.BoolOutput

func (LookupBackendConfigCmpv2ResultOutput) Enabled added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) Enabled() pulumi.BoolOutput

func (LookupBackendConfigCmpv2ResultOutput) Id added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupBackendConfigCmpv2ResultOutput) LastUpdated added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) LastUpdated() pulumi.StringOutput

func (LookupBackendConfigCmpv2ResultOutput) Namespace added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) Namespace() pulumi.StringPtrOutput

func (LookupBackendConfigCmpv2ResultOutput) ToLookupBackendConfigCmpv2ResultOutput added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) ToLookupBackendConfigCmpv2ResultOutput() LookupBackendConfigCmpv2ResultOutput

func (LookupBackendConfigCmpv2ResultOutput) ToLookupBackendConfigCmpv2ResultOutputWithContext added in v6.5.0 

func (o LookupBackendConfigCmpv2ResultOutput) ToLookupBackendConfigCmpv2ResultOutputWithContext(ctx context.Context) LookupBackendConfigCmpv2ResultOutput

type LookupBackendConfigEstArgs added in v6.2.0 

type LookupBackendConfigEstArgs struct {
	// The path to the PKI secret backend to
	// read the EST configuration from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendConfigEst.

type LookupBackendConfigEstOutputArgs added in v6.2.0 

type LookupBackendConfigEstOutputArgs struct {
	// The path to the PKI secret backend to
	// read the EST configuration from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendConfigEst.

func (LookupBackendConfigEstOutputArgs) ElementType added in v6.2.0 

func (LookupBackendConfigEstOutputArgs) ElementType() reflect.Type

type LookupBackendConfigEstResult added in v6.2.0 

type LookupBackendConfigEstResult struct {
	// Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
	AuditFields []string `pulumi:"auditFields"`
	// Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
	Authenticators []GetBackendConfigEstAuthenticator `pulumi:"authenticators"`
	Backend        string                             `pulumi:"backend"`
	// If set, this mount is registered as the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
	DefaultMount bool `pulumi:"defaultMount"`
	// Required to be set if defaultMount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
	DefaultPathPolicy string `pulumi:"defaultPathPolicy"`
	// If set, parse out fields from the provided CSR making them available for Sentinel policies.
	EnableSentinelParsing bool `pulumi:"enableSentinelParsing"`
	// Specifies whether EST is enabled.
	Enabled bool `pulumi:"enabled"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
	LabelToPathPolicy map[string]string `pulumi:"labelToPathPolicy"`
	// A read-only timestamp representing the last time the configuration was updated.
	LastUpdated string  `pulumi:"lastUpdated"`
	Namespace   *string `pulumi:"namespace"`
}

A collection of values returned by getBackendConfigEst.

func LookupBackendConfigEst added in v6.2.0 

func LookupBackendConfigEst(ctx *pulumi.Context, args *LookupBackendConfigEstArgs, opts ...pulumi.InvokeOption) (*LookupBackendConfigEstResult, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		_ = pkisecret.GetBackendConfigEstOutput(ctx, pkisecret.GetBackendConfigEstOutputArgs{
			Backend: pki.Path,
		}, nil)
		return nil
	})
}

```

type LookupBackendConfigEstResultOutput added in v6.2.0 

type LookupBackendConfigEstResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendConfigEst.

func LookupBackendConfigEstOutput added in v6.2.0 

func LookupBackendConfigEstOutput(ctx *pulumi.Context, args LookupBackendConfigEstOutputArgs, opts ...pulumi.InvokeOption) LookupBackendConfigEstResultOutput

func (LookupBackendConfigEstResultOutput) AuditFields added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) AuditFields() pulumi.StringArrayOutput

Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.

func (LookupBackendConfigEstResultOutput) Authenticators added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) Authenticators() GetBackendConfigEstAuthenticatorArrayOutput

Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).

func (LookupBackendConfigEstResultOutput) Backend added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) Backend() pulumi.StringOutput

func (LookupBackendConfigEstResultOutput) DefaultMount added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) DefaultMount() pulumi.BoolOutput

If set, this mount is registered as the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.

func (LookupBackendConfigEstResultOutput) DefaultPathPolicy added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) DefaultPathPolicy() pulumi.StringOutput

Required to be set if defaultMount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.

func (LookupBackendConfigEstResultOutput) ElementType added in v6.2.0 

func (LookupBackendConfigEstResultOutput) ElementType() reflect.Type

func (LookupBackendConfigEstResultOutput) EnableSentinelParsing added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) EnableSentinelParsing() pulumi.BoolOutput

If set, parse out fields from the provided CSR making them available for Sentinel policies.

func (LookupBackendConfigEstResultOutput) Enabled added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) Enabled() pulumi.BoolOutput

Specifies whether EST is enabled.

func (LookupBackendConfigEstResultOutput) Id added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupBackendConfigEstResultOutput) LabelToPathPolicy added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) LabelToPathPolicy() pulumi.StringMapOutput

A pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.

func (LookupBackendConfigEstResultOutput) LastUpdated added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) LastUpdated() pulumi.StringOutput

A read-only timestamp representing the last time the configuration was updated.

func (LookupBackendConfigEstResultOutput) Namespace added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) Namespace() pulumi.StringPtrOutput

func (LookupBackendConfigEstResultOutput) ToLookupBackendConfigEstResultOutput added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) ToLookupBackendConfigEstResultOutput() LookupBackendConfigEstResultOutput

func (LookupBackendConfigEstResultOutput) ToLookupBackendConfigEstResultOutputWithContext added in v6.2.0 

func (o LookupBackendConfigEstResultOutput) ToLookupBackendConfigEstResultOutputWithContext(ctx context.Context) LookupBackendConfigEstResultOutput

type SecretBackendCert 

type SecretBackendCert struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrOutput `pulumi:"autoRenew"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The CA chain
	CaChain pulumi.StringOutput `pulumi:"caChain"`
	// The certificate
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// CN of certificate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntOutput `pulumi:"expiration"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// Specifies the default issuer of this request.
	IssuerRef pulumi.StringPtrOutput `pulumi:"issuerRef"`
	// The issuing CA
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrOutput `pulumi:"minSecondsRemaining"`
	// Name of the role to create the certificate against
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The private key
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// The private key format
	PrivateKeyFormat pulumi.StringPtrOutput `pulumi:"privateKeyFormat"`
	// The private key type
	PrivateKeyType pulumi.StringOutput `pulumi:"privateKeyType"`
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolOutput `pulumi:"renewPending"`
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrOutput `pulumi:"revoke"`
	// The serial number
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
	// List of Subject User IDs
	UserIds pulumi.StringArrayOutput `pulumi:"userIds"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkisecret.NewSecretBackendCert(ctx, "app", &pkisecret.SecretBackendCertArgs{
			Backend:    pulumi.Any(intermediate.Path),
			Name:       pulumi.Any(test.Name),
			CommonName: pulumi.String("app.my.domain"),
		}, pulumi.DependsOn([]pulumi.Resource{
			admin,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendCert 

func GetSecretBackendCert(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendCertState, opts ...pulumi.ResourceOption) (*SecretBackendCert, error)

GetSecretBackendCert gets an existing SecretBackendCert resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendCert 

func NewSecretBackendCert(ctx *pulumi.Context,
	name string, args *SecretBackendCertArgs, opts ...pulumi.ResourceOption) (*SecretBackendCert, error)

NewSecretBackendCert registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendCert) ElementType 

func (*SecretBackendCert) ElementType() reflect.Type

func (*SecretBackendCert) ToSecretBackendCertOutput 

func (i *SecretBackendCert) ToSecretBackendCertOutput() SecretBackendCertOutput

func (*SecretBackendCert) ToSecretBackendCertOutputWithContext 

func (i *SecretBackendCert) ToSecretBackendCertOutputWithContext(ctx context.Context) SecretBackendCertOutput

type SecretBackendCertArgs 

type SecretBackendCertArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of certificate to create
	CommonName pulumi.StringInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request.
	IssuerRef pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// List of Subject User IDs
	UserIds pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendCert resource.

func (SecretBackendCertArgs) ElementType 

func (SecretBackendCertArgs) ElementType() reflect.Type

type SecretBackendCertArray 

type SecretBackendCertArray []SecretBackendCertInput

func (SecretBackendCertArray) ElementType 

func (SecretBackendCertArray) ElementType() reflect.Type

func (SecretBackendCertArray) ToSecretBackendCertArrayOutput 

func (i SecretBackendCertArray) ToSecretBackendCertArrayOutput() SecretBackendCertArrayOutput

func (SecretBackendCertArray) ToSecretBackendCertArrayOutputWithContext 

func (i SecretBackendCertArray) ToSecretBackendCertArrayOutputWithContext(ctx context.Context) SecretBackendCertArrayOutput

type SecretBackendCertArrayInput 

type SecretBackendCertArrayInput interface {
	pulumi.Input

	ToSecretBackendCertArrayOutput() SecretBackendCertArrayOutput
	ToSecretBackendCertArrayOutputWithContext(context.Context) SecretBackendCertArrayOutput
}

SecretBackendCertArrayInput is an input type that accepts SecretBackendCertArray and SecretBackendCertArrayOutput values. You can construct a concrete instance of `SecretBackendCertArrayInput` via: 

SecretBackendCertArray{ SecretBackendCertArgs{...} }

type SecretBackendCertArrayOutput 

type SecretBackendCertArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendCertArrayOutput) ElementType 

func (SecretBackendCertArrayOutput) ElementType() reflect.Type

func (SecretBackendCertArrayOutput) Index 

func (o SecretBackendCertArrayOutput) Index(i pulumi.IntInput) SecretBackendCertOutput

func (SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutput 

func (o SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutput() SecretBackendCertArrayOutput

func (SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutputWithContext 

func (o SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutputWithContext(ctx context.Context) SecretBackendCertArrayOutput

type SecretBackendCertInput 

type SecretBackendCertInput interface {
	pulumi.Input

	ToSecretBackendCertOutput() SecretBackendCertOutput
	ToSecretBackendCertOutputWithContext(ctx context.Context) SecretBackendCertOutput
}

type SecretBackendCertMap 

type SecretBackendCertMap map[string]SecretBackendCertInput

func (SecretBackendCertMap) ElementType 

func (SecretBackendCertMap) ElementType() reflect.Type

func (SecretBackendCertMap) ToSecretBackendCertMapOutput 

func (i SecretBackendCertMap) ToSecretBackendCertMapOutput() SecretBackendCertMapOutput

func (SecretBackendCertMap) ToSecretBackendCertMapOutputWithContext 

func (i SecretBackendCertMap) ToSecretBackendCertMapOutputWithContext(ctx context.Context) SecretBackendCertMapOutput

type SecretBackendCertMapInput 

type SecretBackendCertMapInput interface {
	pulumi.Input

	ToSecretBackendCertMapOutput() SecretBackendCertMapOutput
	ToSecretBackendCertMapOutputWithContext(context.Context) SecretBackendCertMapOutput
}

SecretBackendCertMapInput is an input type that accepts SecretBackendCertMap and SecretBackendCertMapOutput values. You can construct a concrete instance of `SecretBackendCertMapInput` via: 

SecretBackendCertMap{ "key": SecretBackendCertArgs{...} }

type SecretBackendCertMapOutput 

type SecretBackendCertMapOutput struct{ *pulumi.OutputState }

func (SecretBackendCertMapOutput) ElementType 

func (SecretBackendCertMapOutput) ElementType() reflect.Type

func (SecretBackendCertMapOutput) MapIndex 

func (o SecretBackendCertMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCertOutput

func (SecretBackendCertMapOutput) ToSecretBackendCertMapOutput 

func (o SecretBackendCertMapOutput) ToSecretBackendCertMapOutput() SecretBackendCertMapOutput

func (SecretBackendCertMapOutput) ToSecretBackendCertMapOutputWithContext 

func (o SecretBackendCertMapOutput) ToSecretBackendCertMapOutputWithContext(ctx context.Context) SecretBackendCertMapOutput

type SecretBackendCertOutput 

type SecretBackendCertOutput struct{ *pulumi.OutputState }

func (SecretBackendCertOutput) AltNames 

func (o SecretBackendCertOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendCertOutput) AutoRenew 

func (o SecretBackendCertOutput) AutoRenew() pulumi.BoolPtrOutput

If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`

func (SecretBackendCertOutput) Backend 

func (o SecretBackendCertOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendCertOutput) CaChain 

func (o SecretBackendCertOutput) CaChain() pulumi.StringOutput

The CA chain

func (SecretBackendCertOutput) Certificate 

func (o SecretBackendCertOutput) Certificate() pulumi.StringOutput

The certificate

func (SecretBackendCertOutput) CommonName 

func (o SecretBackendCertOutput) CommonName() pulumi.StringOutput

CN of certificate to create

func (SecretBackendCertOutput) ElementType 

func (SecretBackendCertOutput) ElementType() reflect.Type

func (SecretBackendCertOutput) ExcludeCnFromSans 

func (o SecretBackendCertOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendCertOutput) Expiration 

func (o SecretBackendCertOutput) Expiration() pulumi.IntOutput

The expiration date of the certificate in unix epoch format

func (SecretBackendCertOutput) Format 

func (o SecretBackendCertOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendCertOutput) IpSans 

func (o SecretBackendCertOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendCertOutput) IssuerRef 

func (o SecretBackendCertOutput) IssuerRef() pulumi.StringPtrOutput

Specifies the default issuer of this request.

func (SecretBackendCertOutput) IssuingCa 

func (o SecretBackendCertOutput) IssuingCa() pulumi.StringOutput

The issuing CA

func (SecretBackendCertOutput) MinSecondsRemaining 

func (o SecretBackendCertOutput) MinSecondsRemaining() pulumi.IntPtrOutput

Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)

func (SecretBackendCertOutput) Name 

func (o SecretBackendCertOutput) Name() pulumi.StringOutput

Name of the role to create the certificate against

func (SecretBackendCertOutput) Namespace 

func (o SecretBackendCertOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendCertOutput) OtherSans 

func (o SecretBackendCertOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendCertOutput) PrivateKey 

func (o SecretBackendCertOutput) PrivateKey() pulumi.StringOutput

The private key

func (SecretBackendCertOutput) PrivateKeyFormat 

func (o SecretBackendCertOutput) PrivateKeyFormat() pulumi.StringPtrOutput

The private key format

func (SecretBackendCertOutput) PrivateKeyType 

func (o SecretBackendCertOutput) PrivateKeyType() pulumi.StringOutput

The private key type

func (SecretBackendCertOutput) RenewPending 

func (o SecretBackendCertOutput) RenewPending() pulumi.BoolOutput

`true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.

func (SecretBackendCertOutput) Revoke 

func (o SecretBackendCertOutput) Revoke() pulumi.BoolPtrOutput

If set to `true`, the certificate will be revoked on resource destruction.

func (SecretBackendCertOutput) SerialNumber 

func (o SecretBackendCertOutput) SerialNumber() pulumi.StringOutput

The serial number

func (SecretBackendCertOutput) ToSecretBackendCertOutput 

func (o SecretBackendCertOutput) ToSecretBackendCertOutput() SecretBackendCertOutput

func (SecretBackendCertOutput) ToSecretBackendCertOutputWithContext 

func (o SecretBackendCertOutput) ToSecretBackendCertOutputWithContext(ctx context.Context) SecretBackendCertOutput

func (SecretBackendCertOutput) Ttl 

func (o SecretBackendCertOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendCertOutput) UriSans 

func (o SecretBackendCertOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

func (SecretBackendCertOutput) UserIds 

func (o SecretBackendCertOutput) UserIds() pulumi.StringArrayOutput

List of Subject User IDs

type SecretBackendCertState 

type SecretBackendCertState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The CA chain
	CaChain pulumi.StringPtrInput
	// The certificate
	Certificate pulumi.StringPtrInput
	// CN of certificate to create
	CommonName pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request.
	IssuerRef pulumi.StringPtrInput
	// The issuing CA
	IssuingCa pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The private key
	PrivateKey pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The private key type
	PrivateKeyType pulumi.StringPtrInput
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// The serial number
	SerialNumber pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// List of Subject User IDs
	UserIds pulumi.StringArrayInput
}

func (SecretBackendCertState) ElementType 

func (SecretBackendCertState) ElementType() reflect.Type

type SecretBackendConfigCa 

type SecretBackendConfigCa struct {
	pulumi.CustomResourceState

	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The key and certificate PEM bundle
	PemBundle pulumi.StringOutput `pulumi:"pemBundle"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkisecret.NewSecretBackendConfigCa(ctx, "intermediate", &pkisecret.SecretBackendConfigCaArgs{
			Backend: pulumi.Any(intermediateVaultMount.Path),
			PemBundle: pulumi.String(`-----BEGIN RSA PRIVATE KEY-----

MIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/ 5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o ++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH 1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz WwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf IWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc Txxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI Ja/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE RufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg QW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd w27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2 mPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX 3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3 pS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ Jets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk sWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x 2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL agi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9 bCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5 on1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J uinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo yrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA YGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep KWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX LxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy MTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn EtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR la3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e KC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM JmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65 t8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud DgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK sXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt 8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip JbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR DAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa FpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB +hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT MUR4qFxeUOW/GJGccMUd -----END CERTIFICATE----- `), 

		}, pulumi.DependsOn([]pulumi.Resource{
			intermediateVaultMount,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendConfigCa 

func GetSecretBackendConfigCa(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendConfigCaState, opts ...pulumi.ResourceOption) (*SecretBackendConfigCa, error)

GetSecretBackendConfigCa gets an existing SecretBackendConfigCa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendConfigCa 

func NewSecretBackendConfigCa(ctx *pulumi.Context,
	name string, args *SecretBackendConfigCaArgs, opts ...pulumi.ResourceOption) (*SecretBackendConfigCa, error)

NewSecretBackendConfigCa registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendConfigCa) ElementType 

func (*SecretBackendConfigCa) ElementType() reflect.Type

func (*SecretBackendConfigCa) ToSecretBackendConfigCaOutput 

func (i *SecretBackendConfigCa) ToSecretBackendConfigCaOutput() SecretBackendConfigCaOutput

func (*SecretBackendConfigCa) ToSecretBackendConfigCaOutputWithContext 

func (i *SecretBackendConfigCa) ToSecretBackendConfigCaOutputWithContext(ctx context.Context) SecretBackendConfigCaOutput

type SecretBackendConfigCaArgs 

type SecretBackendConfigCaArgs struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The key and certificate PEM bundle
	PemBundle pulumi.StringInput
}

The set of arguments for constructing a SecretBackendConfigCa resource.

func (SecretBackendConfigCaArgs) ElementType 

func (SecretBackendConfigCaArgs) ElementType() reflect.Type

type SecretBackendConfigCaArray 

type SecretBackendConfigCaArray []SecretBackendConfigCaInput

func (SecretBackendConfigCaArray) ElementType 

func (SecretBackendConfigCaArray) ElementType() reflect.Type

func (SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutput 

func (i SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutput() SecretBackendConfigCaArrayOutput

func (SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutputWithContext 

func (i SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutputWithContext(ctx context.Context) SecretBackendConfigCaArrayOutput

type SecretBackendConfigCaArrayInput 

type SecretBackendConfigCaArrayInput interface {
	pulumi.Input

	ToSecretBackendConfigCaArrayOutput() SecretBackendConfigCaArrayOutput
	ToSecretBackendConfigCaArrayOutputWithContext(context.Context) SecretBackendConfigCaArrayOutput
}

SecretBackendConfigCaArrayInput is an input type that accepts SecretBackendConfigCaArray and SecretBackendConfigCaArrayOutput values. You can construct a concrete instance of `SecretBackendConfigCaArrayInput` via: 

SecretBackendConfigCaArray{ SecretBackendConfigCaArgs{...} }

type SecretBackendConfigCaArrayOutput 

type SecretBackendConfigCaArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigCaArrayOutput) ElementType 

func (SecretBackendConfigCaArrayOutput) ElementType() reflect.Type

func (SecretBackendConfigCaArrayOutput) Index 

func (o SecretBackendConfigCaArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigCaOutput

func (SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutput 

func (o SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutput() SecretBackendConfigCaArrayOutput

func (SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutputWithContext 

func (o SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutputWithContext(ctx context.Context) SecretBackendConfigCaArrayOutput

type SecretBackendConfigCaInput 

type SecretBackendConfigCaInput interface {
	pulumi.Input

	ToSecretBackendConfigCaOutput() SecretBackendConfigCaOutput
	ToSecretBackendConfigCaOutputWithContext(ctx context.Context) SecretBackendConfigCaOutput
}

type SecretBackendConfigCaMap 

type SecretBackendConfigCaMap map[string]SecretBackendConfigCaInput

func (SecretBackendConfigCaMap) ElementType 

func (SecretBackendConfigCaMap) ElementType() reflect.Type

func (SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutput 

func (i SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutput() SecretBackendConfigCaMapOutput

func (SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutputWithContext 

func (i SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutputWithContext(ctx context.Context) SecretBackendConfigCaMapOutput

type SecretBackendConfigCaMapInput 

type SecretBackendConfigCaMapInput interface {
	pulumi.Input

	ToSecretBackendConfigCaMapOutput() SecretBackendConfigCaMapOutput
	ToSecretBackendConfigCaMapOutputWithContext(context.Context) SecretBackendConfigCaMapOutput
}

SecretBackendConfigCaMapInput is an input type that accepts SecretBackendConfigCaMap and SecretBackendConfigCaMapOutput values. You can construct a concrete instance of `SecretBackendConfigCaMapInput` via: 

SecretBackendConfigCaMap{ "key": SecretBackendConfigCaArgs{...} }

type SecretBackendConfigCaMapOutput 

type SecretBackendConfigCaMapOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigCaMapOutput) ElementType 

func (SecretBackendConfigCaMapOutput) ElementType() reflect.Type

func (SecretBackendConfigCaMapOutput) MapIndex 

func (o SecretBackendConfigCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigCaOutput

func (SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutput 

func (o SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutput() SecretBackendConfigCaMapOutput

func (SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutputWithContext 

func (o SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutputWithContext(ctx context.Context) SecretBackendConfigCaMapOutput

type SecretBackendConfigCaOutput 

type SecretBackendConfigCaOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigCaOutput) Backend 

func (o SecretBackendConfigCaOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendConfigCaOutput) ElementType 

func (SecretBackendConfigCaOutput) ElementType() reflect.Type

func (SecretBackendConfigCaOutput) Namespace 

func (o SecretBackendConfigCaOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendConfigCaOutput) PemBundle 

func (o SecretBackendConfigCaOutput) PemBundle() pulumi.StringOutput

The key and certificate PEM bundle

func (SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutput 

func (o SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutput() SecretBackendConfigCaOutput

func (SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutputWithContext 

func (o SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutputWithContext(ctx context.Context) SecretBackendConfigCaOutput

type SecretBackendConfigCaState 

type SecretBackendConfigCaState struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The key and certificate PEM bundle
	PemBundle pulumi.StringPtrInput
}

func (SecretBackendConfigCaState) ElementType 

func (SecretBackendConfigCaState) ElementType() reflect.Type

type SecretBackendConfigIssuers 

type SecretBackendConfigIssuers struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the default issuer by ID.
	Default pulumi.StringPtrOutput `pulumi:"default"`
	// Specifies whether a root creation
	// or an issuer import operation updates the default issuer to the newly added issuer.
	DefaultFollowsLatestIssuer pulumi.BoolOutput `pulumi:"defaultFollowsLatestIssuer"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("pki"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		root, err := pkisecret.NewSecretBackendRootCert(ctx, "root", &pkisecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("test"),
			Ttl:        pulumi.String("86400"),
		})
		if err != nil {
			return err
		}
		example, err := pkisecret.NewSecretBackendIssuer(ctx, "example", &pkisecret.SecretBackendIssuerArgs{
			Backend:    root.Backend,
			IssuerRef:  root.IssuerId,
			IssuerName: pulumi.String("example-issuer"),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewSecretBackendConfigIssuers(ctx, "config", &pkisecret.SecretBackendConfigIssuersArgs{
			Backend:                    pki.Path,
			Default:                    example.IssuerId,
			DefaultFollowsLatestIssuer: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

PKI secret backend config issuers can be imported using the path, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers config pki/config/issuers ```

func GetSecretBackendConfigIssuers 

func GetSecretBackendConfigIssuers(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendConfigIssuersState, opts ...pulumi.ResourceOption) (*SecretBackendConfigIssuers, error)

GetSecretBackendConfigIssuers gets an existing SecretBackendConfigIssuers resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendConfigIssuers 

func NewSecretBackendConfigIssuers(ctx *pulumi.Context,
	name string, args *SecretBackendConfigIssuersArgs, opts ...pulumi.ResourceOption) (*SecretBackendConfigIssuers, error)

NewSecretBackendConfigIssuers registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendConfigIssuers) ElementType 

func (*SecretBackendConfigIssuers) ElementType() reflect.Type

func (*SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutput 

func (i *SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutput() SecretBackendConfigIssuersOutput

func (*SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutputWithContext 

func (i *SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutputWithContext(ctx context.Context) SecretBackendConfigIssuersOutput

type SecretBackendConfigIssuersArgs 

type SecretBackendConfigIssuersArgs struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the default issuer by ID.
	Default pulumi.StringPtrInput
	// Specifies whether a root creation
	// or an issuer import operation updates the default issuer to the newly added issuer.
	DefaultFollowsLatestIssuer pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendConfigIssuers resource.

func (SecretBackendConfigIssuersArgs) ElementType 

func (SecretBackendConfigIssuersArgs) ElementType() reflect.Type

type SecretBackendConfigIssuersArray 

type SecretBackendConfigIssuersArray []SecretBackendConfigIssuersInput

func (SecretBackendConfigIssuersArray) ElementType 

func (SecretBackendConfigIssuersArray) ElementType() reflect.Type

func (SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutput 

func (i SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutput() SecretBackendConfigIssuersArrayOutput

func (SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutputWithContext 

func (i SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutputWithContext(ctx context.Context) SecretBackendConfigIssuersArrayOutput

type SecretBackendConfigIssuersArrayInput 

type SecretBackendConfigIssuersArrayInput interface {
	pulumi.Input

	ToSecretBackendConfigIssuersArrayOutput() SecretBackendConfigIssuersArrayOutput
	ToSecretBackendConfigIssuersArrayOutputWithContext(context.Context) SecretBackendConfigIssuersArrayOutput
}

SecretBackendConfigIssuersArrayInput is an input type that accepts SecretBackendConfigIssuersArray and SecretBackendConfigIssuersArrayOutput values. You can construct a concrete instance of `SecretBackendConfigIssuersArrayInput` via: 

SecretBackendConfigIssuersArray{ SecretBackendConfigIssuersArgs{...} }

type SecretBackendConfigIssuersArrayOutput 

type SecretBackendConfigIssuersArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigIssuersArrayOutput) ElementType 

func (SecretBackendConfigIssuersArrayOutput) ElementType() reflect.Type

func (SecretBackendConfigIssuersArrayOutput) Index 

func (o SecretBackendConfigIssuersArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigIssuersOutput

func (SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutput 

func (o SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutput() SecretBackendConfigIssuersArrayOutput

func (SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutputWithContext 

func (o SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutputWithContext(ctx context.Context) SecretBackendConfigIssuersArrayOutput

type SecretBackendConfigIssuersInput 

type SecretBackendConfigIssuersInput interface {
	pulumi.Input

	ToSecretBackendConfigIssuersOutput() SecretBackendConfigIssuersOutput
	ToSecretBackendConfigIssuersOutputWithContext(ctx context.Context) SecretBackendConfigIssuersOutput
}

type SecretBackendConfigIssuersMap 

type SecretBackendConfigIssuersMap map[string]SecretBackendConfigIssuersInput

func (SecretBackendConfigIssuersMap) ElementType 

func (SecretBackendConfigIssuersMap) ElementType() reflect.Type

func (SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutput 

func (i SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutput() SecretBackendConfigIssuersMapOutput

func (SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutputWithContext 

func (i SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutputWithContext(ctx context.Context) SecretBackendConfigIssuersMapOutput

type SecretBackendConfigIssuersMapInput 

type SecretBackendConfigIssuersMapInput interface {
	pulumi.Input

	ToSecretBackendConfigIssuersMapOutput() SecretBackendConfigIssuersMapOutput
	ToSecretBackendConfigIssuersMapOutputWithContext(context.Context) SecretBackendConfigIssuersMapOutput
}

SecretBackendConfigIssuersMapInput is an input type that accepts SecretBackendConfigIssuersMap and SecretBackendConfigIssuersMapOutput values. You can construct a concrete instance of `SecretBackendConfigIssuersMapInput` via: 

SecretBackendConfigIssuersMap{ "key": SecretBackendConfigIssuersArgs{...} }

type SecretBackendConfigIssuersMapOutput 

type SecretBackendConfigIssuersMapOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigIssuersMapOutput) ElementType 

func (SecretBackendConfigIssuersMapOutput) ElementType() reflect.Type

func (SecretBackendConfigIssuersMapOutput) MapIndex 

func (o SecretBackendConfigIssuersMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigIssuersOutput

func (SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutput 

func (o SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutput() SecretBackendConfigIssuersMapOutput

func (SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutputWithContext 

func (o SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutputWithContext(ctx context.Context) SecretBackendConfigIssuersMapOutput

type SecretBackendConfigIssuersOutput 

type SecretBackendConfigIssuersOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigIssuersOutput) Backend 

func (o SecretBackendConfigIssuersOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendConfigIssuersOutput) Default 

func (o SecretBackendConfigIssuersOutput) Default() pulumi.StringPtrOutput

Specifies the default issuer by ID.

func (SecretBackendConfigIssuersOutput) DefaultFollowsLatestIssuer 

func (o SecretBackendConfigIssuersOutput) DefaultFollowsLatestIssuer() pulumi.BoolOutput

Specifies whether a root creation or an issuer import operation updates the default issuer to the newly added issuer.

func (SecretBackendConfigIssuersOutput) ElementType 

func (SecretBackendConfigIssuersOutput) ElementType() reflect.Type

func (SecretBackendConfigIssuersOutput) Namespace 

func (o SecretBackendConfigIssuersOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutput 

func (o SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutput() SecretBackendConfigIssuersOutput

func (SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutputWithContext 

func (o SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutputWithContext(ctx context.Context) SecretBackendConfigIssuersOutput

type SecretBackendConfigIssuersState 

type SecretBackendConfigIssuersState struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the default issuer by ID.
	Default pulumi.StringPtrInput
	// Specifies whether a root creation
	// or an issuer import operation updates the default issuer to the newly added issuer.
	DefaultFollowsLatestIssuer pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (SecretBackendConfigIssuersState) ElementType 

func (SecretBackendConfigIssuersState) ElementType() reflect.Type

type SecretBackendConfigUrls 

type SecretBackendConfigUrls struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the URL values for the CRL Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayOutput `pulumi:"crlDistributionPoints"`
	// Specifies that templating of AIA fields is allowed.
	EnableTemplating pulumi.BoolPtrOutput `pulumi:"enableTemplating"`
	// Specifies the URL values for the Issuing Certificate field.
	IssuingCertificates pulumi.StringArrayOutput `pulumi:"issuingCertificates"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayOutput `pulumi:"ocspServers"`
}

Allows setting the issuing certificate endpoints, CRL distribution points, and OCSP server endpoints that will be encoded into issued certificates.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		root, err := vault.NewMount(ctx, "root", &vault.MountArgs{
			Path:                   pulumi.String("pki-root"),
			Type:                   pulumi.String("pki"),
			Description:            pulumi.String("root PKI"),
			DefaultLeaseTtlSeconds: pulumi.Int(8640000),
			MaxLeaseTtlSeconds:     pulumi.Int(8640000),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewSecretBackendConfigUrls(ctx, "example", &pkisecret.SecretBackendConfigUrlsArgs{
			Backend: root.Path,
			IssuingCertificates: pulumi.StringArray{
				pulumi.String("http://127.0.0.1:8200/v1/pki/ca"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls ```

func GetSecretBackendConfigUrls 

func GetSecretBackendConfigUrls(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendConfigUrlsState, opts ...pulumi.ResourceOption) (*SecretBackendConfigUrls, error)

GetSecretBackendConfigUrls gets an existing SecretBackendConfigUrls resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendConfigUrls 

func NewSecretBackendConfigUrls(ctx *pulumi.Context,
	name string, args *SecretBackendConfigUrlsArgs, opts ...pulumi.ResourceOption) (*SecretBackendConfigUrls, error)

NewSecretBackendConfigUrls registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendConfigUrls) ElementType 

func (*SecretBackendConfigUrls) ElementType() reflect.Type

func (*SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutput 

func (i *SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutput() SecretBackendConfigUrlsOutput

func (*SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutputWithContext 

func (i *SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutputWithContext(ctx context.Context) SecretBackendConfigUrlsOutput

type SecretBackendConfigUrlsArgs 

type SecretBackendConfigUrlsArgs struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the URL values for the CRL Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that templating of AIA fields is allowed.
	EnableTemplating pulumi.BoolPtrInput
	// Specifies the URL values for the Issuing Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendConfigUrls resource.

func (SecretBackendConfigUrlsArgs) ElementType 

func (SecretBackendConfigUrlsArgs) ElementType() reflect.Type

type SecretBackendConfigUrlsArray 

type SecretBackendConfigUrlsArray []SecretBackendConfigUrlsInput

func (SecretBackendConfigUrlsArray) ElementType 

func (SecretBackendConfigUrlsArray) ElementType() reflect.Type

func (SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutput 

func (i SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutput() SecretBackendConfigUrlsArrayOutput

func (SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutputWithContext 

func (i SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutputWithContext(ctx context.Context) SecretBackendConfigUrlsArrayOutput

type SecretBackendConfigUrlsArrayInput 

type SecretBackendConfigUrlsArrayInput interface {
	pulumi.Input

	ToSecretBackendConfigUrlsArrayOutput() SecretBackendConfigUrlsArrayOutput
	ToSecretBackendConfigUrlsArrayOutputWithContext(context.Context) SecretBackendConfigUrlsArrayOutput
}

SecretBackendConfigUrlsArrayInput is an input type that accepts SecretBackendConfigUrlsArray and SecretBackendConfigUrlsArrayOutput values. You can construct a concrete instance of `SecretBackendConfigUrlsArrayInput` via: 

SecretBackendConfigUrlsArray{ SecretBackendConfigUrlsArgs{...} }

type SecretBackendConfigUrlsArrayOutput 

type SecretBackendConfigUrlsArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigUrlsArrayOutput) ElementType 

func (SecretBackendConfigUrlsArrayOutput) ElementType() reflect.Type

func (SecretBackendConfigUrlsArrayOutput) Index 

func (o SecretBackendConfigUrlsArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigUrlsOutput

func (SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutput 

func (o SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutput() SecretBackendConfigUrlsArrayOutput

func (SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutputWithContext 

func (o SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutputWithContext(ctx context.Context) SecretBackendConfigUrlsArrayOutput

type SecretBackendConfigUrlsInput 

type SecretBackendConfigUrlsInput interface {
	pulumi.Input

	ToSecretBackendConfigUrlsOutput() SecretBackendConfigUrlsOutput
	ToSecretBackendConfigUrlsOutputWithContext(ctx context.Context) SecretBackendConfigUrlsOutput
}

type SecretBackendConfigUrlsMap 

type SecretBackendConfigUrlsMap map[string]SecretBackendConfigUrlsInput

func (SecretBackendConfigUrlsMap) ElementType 

func (SecretBackendConfigUrlsMap) ElementType() reflect.Type

func (SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutput 

func (i SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutput() SecretBackendConfigUrlsMapOutput

func (SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutputWithContext 

func (i SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutputWithContext(ctx context.Context) SecretBackendConfigUrlsMapOutput

type SecretBackendConfigUrlsMapInput 

type SecretBackendConfigUrlsMapInput interface {
	pulumi.Input

	ToSecretBackendConfigUrlsMapOutput() SecretBackendConfigUrlsMapOutput
	ToSecretBackendConfigUrlsMapOutputWithContext(context.Context) SecretBackendConfigUrlsMapOutput
}

SecretBackendConfigUrlsMapInput is an input type that accepts SecretBackendConfigUrlsMap and SecretBackendConfigUrlsMapOutput values. You can construct a concrete instance of `SecretBackendConfigUrlsMapInput` via: 

SecretBackendConfigUrlsMap{ "key": SecretBackendConfigUrlsArgs{...} }

type SecretBackendConfigUrlsMapOutput 

type SecretBackendConfigUrlsMapOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigUrlsMapOutput) ElementType 

func (SecretBackendConfigUrlsMapOutput) ElementType() reflect.Type

func (SecretBackendConfigUrlsMapOutput) MapIndex 

func (o SecretBackendConfigUrlsMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigUrlsOutput

func (SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutput 

func (o SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutput() SecretBackendConfigUrlsMapOutput

func (SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutputWithContext 

func (o SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutputWithContext(ctx context.Context) SecretBackendConfigUrlsMapOutput

type SecretBackendConfigUrlsOutput 

type SecretBackendConfigUrlsOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigUrlsOutput) Backend 

func (o SecretBackendConfigUrlsOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendConfigUrlsOutput) CrlDistributionPoints 

func (o SecretBackendConfigUrlsOutput) CrlDistributionPoints() pulumi.StringArrayOutput

Specifies the URL values for the CRL Distribution Points field.

func (SecretBackendConfigUrlsOutput) ElementType 

func (SecretBackendConfigUrlsOutput) ElementType() reflect.Type

func (SecretBackendConfigUrlsOutput) EnableTemplating 

func (o SecretBackendConfigUrlsOutput) EnableTemplating() pulumi.BoolPtrOutput

Specifies that templating of AIA fields is allowed.

func (SecretBackendConfigUrlsOutput) IssuingCertificates 

func (o SecretBackendConfigUrlsOutput) IssuingCertificates() pulumi.StringArrayOutput

Specifies the URL values for the Issuing Certificate field.

func (SecretBackendConfigUrlsOutput) Namespace 

func (o SecretBackendConfigUrlsOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendConfigUrlsOutput) OcspServers 

func (o SecretBackendConfigUrlsOutput) OcspServers() pulumi.StringArrayOutput

Specifies the URL values for the OCSP Servers field.

func (SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutput 

func (o SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutput() SecretBackendConfigUrlsOutput

func (SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutputWithContext 

func (o SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutputWithContext(ctx context.Context) SecretBackendConfigUrlsOutput

type SecretBackendConfigUrlsState 

type SecretBackendConfigUrlsState struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the URL values for the CRL Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that templating of AIA fields is allowed.
	EnableTemplating pulumi.BoolPtrInput
	// Specifies the URL values for the Issuing Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
}

func (SecretBackendConfigUrlsState) ElementType 

func (SecretBackendConfigUrlsState) ElementType() reflect.Type

type SecretBackendCrlConfig 

type SecretBackendCrlConfig struct {
	pulumi.CustomResourceState

	// Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
	AutoRebuild pulumi.BoolPtrOutput `pulumi:"autoRebuild"`
	// Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
	AutoRebuildGracePeriod pulumi.StringOutput `pulumi:"autoRebuildGracePeriod"`
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Enable cross-cluster revocation request queues. **Vault 1.13+**
	CrossClusterRevocation pulumi.BoolOutput `pulumi:"crossClusterRevocation"`
	// Interval to check for new revocations on, to regenerate the delta CRL.
	DeltaRebuildInterval pulumi.StringOutput `pulumi:"deltaRebuildInterval"`
	// Disables or enables CRL building.
	Disable pulumi.BoolPtrOutput `pulumi:"disable"`
	// Enables building of delta CRLs with up-to-date revocation information,
	// augmenting the last complete CRL.  **Vault 1.12+**
	EnableDelta pulumi.BoolPtrOutput `pulumi:"enableDelta"`
	// Specifies the time until expiration.
	Expiry pulumi.StringPtrOutput `pulumi:"expiry"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Disables the OCSP responder in Vault. **Vault 1.12+**
	OcspDisable pulumi.BoolPtrOutput `pulumi:"ocspDisable"`
	// The amount of time an OCSP response can be cached for, useful for OCSP stapling
	// refresh durations. **Vault 1.12+**
	OcspExpiry pulumi.StringOutput `pulumi:"ocspExpiry"`
	// Enables unified CRL and OCSP building. **Vault 1.13+**
	UnifiedCrl pulumi.BoolOutput `pulumi:"unifiedCrl"`
	// Enables serving the unified CRL and OCSP on the existing, previously
	// cluster-local paths. **Vault 1.13+**
	UnifiedCrlOnExistingPaths pulumi.BoolOutput `pulumi:"unifiedCrlOnExistingPaths"`
}

Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("%s"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewSecretBackendCrlConfig(ctx, "crl_config", &pkisecret.SecretBackendCrlConfigArgs{
			Backend: pki.Path,
			Expiry:  pulumi.String("72h"),
			Disable: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendCrlConfig 

func GetSecretBackendCrlConfig(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendCrlConfigState, opts ...pulumi.ResourceOption) (*SecretBackendCrlConfig, error)

GetSecretBackendCrlConfig gets an existing SecretBackendCrlConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendCrlConfig 

func NewSecretBackendCrlConfig(ctx *pulumi.Context,
	name string, args *SecretBackendCrlConfigArgs, opts ...pulumi.ResourceOption) (*SecretBackendCrlConfig, error)

NewSecretBackendCrlConfig registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendCrlConfig) ElementType 

func (*SecretBackendCrlConfig) ElementType() reflect.Type

func (*SecretBackendCrlConfig) ToSecretBackendCrlConfigOutput 

func (i *SecretBackendCrlConfig) ToSecretBackendCrlConfigOutput() SecretBackendCrlConfigOutput

func (*SecretBackendCrlConfig) ToSecretBackendCrlConfigOutputWithContext 

func (i *SecretBackendCrlConfig) ToSecretBackendCrlConfigOutputWithContext(ctx context.Context) SecretBackendCrlConfigOutput

type SecretBackendCrlConfigArgs 

type SecretBackendCrlConfigArgs struct {
	// Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
	AutoRebuild pulumi.BoolPtrInput
	// Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
	AutoRebuildGracePeriod pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Enable cross-cluster revocation request queues. **Vault 1.13+**
	CrossClusterRevocation pulumi.BoolPtrInput
	// Interval to check for new revocations on, to regenerate the delta CRL.
	DeltaRebuildInterval pulumi.StringPtrInput
	// Disables or enables CRL building.
	Disable pulumi.BoolPtrInput
	// Enables building of delta CRLs with up-to-date revocation information,
	// augmenting the last complete CRL.  **Vault 1.12+**
	EnableDelta pulumi.BoolPtrInput
	// Specifies the time until expiration.
	Expiry pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Disables the OCSP responder in Vault. **Vault 1.12+**
	OcspDisable pulumi.BoolPtrInput
	// The amount of time an OCSP response can be cached for, useful for OCSP stapling
	// refresh durations. **Vault 1.12+**
	OcspExpiry pulumi.StringPtrInput
	// Enables unified CRL and OCSP building. **Vault 1.13+**
	UnifiedCrl pulumi.BoolPtrInput
	// Enables serving the unified CRL and OCSP on the existing, previously
	// cluster-local paths. **Vault 1.13+**
	UnifiedCrlOnExistingPaths pulumi.BoolPtrInput
}

The set of arguments for constructing a SecretBackendCrlConfig resource.

func (SecretBackendCrlConfigArgs) ElementType 

func (SecretBackendCrlConfigArgs) ElementType() reflect.Type

type SecretBackendCrlConfigArray 

type SecretBackendCrlConfigArray []SecretBackendCrlConfigInput

func (SecretBackendCrlConfigArray) ElementType 

func (SecretBackendCrlConfigArray) ElementType() reflect.Type

func (SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutput 

func (i SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutput() SecretBackendCrlConfigArrayOutput

func (SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutputWithContext 

func (i SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutputWithContext(ctx context.Context) SecretBackendCrlConfigArrayOutput

type SecretBackendCrlConfigArrayInput 

type SecretBackendCrlConfigArrayInput interface {
	pulumi.Input

	ToSecretBackendCrlConfigArrayOutput() SecretBackendCrlConfigArrayOutput
	ToSecretBackendCrlConfigArrayOutputWithContext(context.Context) SecretBackendCrlConfigArrayOutput
}

SecretBackendCrlConfigArrayInput is an input type that accepts SecretBackendCrlConfigArray and SecretBackendCrlConfigArrayOutput values. You can construct a concrete instance of `SecretBackendCrlConfigArrayInput` via: 

SecretBackendCrlConfigArray{ SecretBackendCrlConfigArgs{...} }

type SecretBackendCrlConfigArrayOutput 

type SecretBackendCrlConfigArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendCrlConfigArrayOutput) ElementType 

func (SecretBackendCrlConfigArrayOutput) ElementType() reflect.Type

func (SecretBackendCrlConfigArrayOutput) Index 

func (o SecretBackendCrlConfigArrayOutput) Index(i pulumi.IntInput) SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutput 

func (o SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutput() SecretBackendCrlConfigArrayOutput

func (SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutputWithContext 

func (o SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutputWithContext(ctx context.Context) SecretBackendCrlConfigArrayOutput

type SecretBackendCrlConfigInput 

type SecretBackendCrlConfigInput interface {
	pulumi.Input

	ToSecretBackendCrlConfigOutput() SecretBackendCrlConfigOutput
	ToSecretBackendCrlConfigOutputWithContext(ctx context.Context) SecretBackendCrlConfigOutput
}

type SecretBackendCrlConfigMap 

type SecretBackendCrlConfigMap map[string]SecretBackendCrlConfigInput

func (SecretBackendCrlConfigMap) ElementType 

func (SecretBackendCrlConfigMap) ElementType() reflect.Type

func (SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutput 

func (i SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutput() SecretBackendCrlConfigMapOutput

func (SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutputWithContext 

func (i SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutputWithContext(ctx context.Context) SecretBackendCrlConfigMapOutput

type SecretBackendCrlConfigMapInput 

type SecretBackendCrlConfigMapInput interface {
	pulumi.Input

	ToSecretBackendCrlConfigMapOutput() SecretBackendCrlConfigMapOutput
	ToSecretBackendCrlConfigMapOutputWithContext(context.Context) SecretBackendCrlConfigMapOutput
}

SecretBackendCrlConfigMapInput is an input type that accepts SecretBackendCrlConfigMap and SecretBackendCrlConfigMapOutput values. You can construct a concrete instance of `SecretBackendCrlConfigMapInput` via: 

SecretBackendCrlConfigMap{ "key": SecretBackendCrlConfigArgs{...} }

type SecretBackendCrlConfigMapOutput 

type SecretBackendCrlConfigMapOutput struct{ *pulumi.OutputState }

func (SecretBackendCrlConfigMapOutput) ElementType 

func (SecretBackendCrlConfigMapOutput) ElementType() reflect.Type

func (SecretBackendCrlConfigMapOutput) MapIndex 

func (o SecretBackendCrlConfigMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutput 

func (o SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutput() SecretBackendCrlConfigMapOutput

func (SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutputWithContext 

func (o SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutputWithContext(ctx context.Context) SecretBackendCrlConfigMapOutput

type SecretBackendCrlConfigOutput 

type SecretBackendCrlConfigOutput struct{ *pulumi.OutputState }

func (SecretBackendCrlConfigOutput) AutoRebuild 

func (o SecretBackendCrlConfigOutput) AutoRebuild() pulumi.BoolPtrOutput

Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) AutoRebuildGracePeriod 

func (o SecretBackendCrlConfigOutput) AutoRebuildGracePeriod() pulumi.StringOutput

Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) Backend 

func (o SecretBackendCrlConfigOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendCrlConfigOutput) CrossClusterRevocation 

func (o SecretBackendCrlConfigOutput) CrossClusterRevocation() pulumi.BoolOutput

Enable cross-cluster revocation request queues. **Vault 1.13+**

func (SecretBackendCrlConfigOutput) DeltaRebuildInterval 

func (o SecretBackendCrlConfigOutput) DeltaRebuildInterval() pulumi.StringOutput

Interval to check for new revocations on, to regenerate the delta CRL.

func (SecretBackendCrlConfigOutput) Disable 

func (o SecretBackendCrlConfigOutput) Disable() pulumi.BoolPtrOutput

Disables or enables CRL building.

func (SecretBackendCrlConfigOutput) ElementType 

func (SecretBackendCrlConfigOutput) ElementType() reflect.Type

func (SecretBackendCrlConfigOutput) EnableDelta 

func (o SecretBackendCrlConfigOutput) EnableDelta() pulumi.BoolPtrOutput

Enables building of delta CRLs with up-to-date revocation information, augmenting the last complete CRL. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) Expiry 

func (o SecretBackendCrlConfigOutput) Expiry() pulumi.StringPtrOutput

Specifies the time until expiration.

func (SecretBackendCrlConfigOutput) Namespace 

func (o SecretBackendCrlConfigOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendCrlConfigOutput) OcspDisable 

func (o SecretBackendCrlConfigOutput) OcspDisable() pulumi.BoolPtrOutput

Disables the OCSP responder in Vault. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) OcspExpiry 

func (o SecretBackendCrlConfigOutput) OcspExpiry() pulumi.StringOutput

The amount of time an OCSP response can be cached for, useful for OCSP stapling refresh durations. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutput 

func (o SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutput() SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutputWithContext 

func (o SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutputWithContext(ctx context.Context) SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigOutput) UnifiedCrl 

func (o SecretBackendCrlConfigOutput) UnifiedCrl() pulumi.BoolOutput

Enables unified CRL and OCSP building. **Vault 1.13+**

func (SecretBackendCrlConfigOutput) UnifiedCrlOnExistingPaths 

func (o SecretBackendCrlConfigOutput) UnifiedCrlOnExistingPaths() pulumi.BoolOutput

Enables serving the unified CRL and OCSP on the existing, previously cluster-local paths. **Vault 1.13+**

type SecretBackendCrlConfigState 

type SecretBackendCrlConfigState struct {
	// Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
	AutoRebuild pulumi.BoolPtrInput
	// Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
	AutoRebuildGracePeriod pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Enable cross-cluster revocation request queues. **Vault 1.13+**
	CrossClusterRevocation pulumi.BoolPtrInput
	// Interval to check for new revocations on, to regenerate the delta CRL.
	DeltaRebuildInterval pulumi.StringPtrInput
	// Disables or enables CRL building.
	Disable pulumi.BoolPtrInput
	// Enables building of delta CRLs with up-to-date revocation information,
	// augmenting the last complete CRL.  **Vault 1.12+**
	EnableDelta pulumi.BoolPtrInput
	// Specifies the time until expiration.
	Expiry pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Disables the OCSP responder in Vault. **Vault 1.12+**
	OcspDisable pulumi.BoolPtrInput
	// The amount of time an OCSP response can be cached for, useful for OCSP stapling
	// refresh durations. **Vault 1.12+**
	OcspExpiry pulumi.StringPtrInput
	// Enables unified CRL and OCSP building. **Vault 1.13+**
	UnifiedCrl pulumi.BoolPtrInput
	// Enables serving the unified CRL and OCSP on the existing, previously
	// cluster-local paths. **Vault 1.13+**
	UnifiedCrlOnExistingPaths pulumi.BoolPtrInput
}

func (SecretBackendCrlConfigState) ElementType 

func (SecretBackendCrlConfigState) ElementType() reflect.Type

type SecretBackendIntermediateCertRequest 

type SecretBackendIntermediateCertRequest struct {
	pulumi.CustomResourceState

	// Adds a Basic Constraints extension with 'CA: true'.
	// Only needed as a workaround in some compatibility scenarios with Active Directory
	// Certificate Services
	AddBasicConstraints pulumi.BoolPtrOutput `pulumi:"addBasicConstraints"`
	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// CN of intermediate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The country
	Country pulumi.StringPtrOutput `pulumi:"country"`
	// The CSR
	Csr pulumi.StringOutput `pulumi:"csr"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// The number of bits to use
	KeyBits pulumi.IntPtrOutput `pulumi:"keyBits"`
	// The ID of the generated key.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringOutput `pulumi:"keyName"`
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringOutput `pulumi:"keyRef"`
	// The desired key type
	KeyType pulumi.StringPtrOutput `pulumi:"keyType"`
	// The locality
	Locality pulumi.StringPtrOutput `pulumi:"locality"`
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrOutput `pulumi:"managedKeyId"`
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrOutput `pulumi:"managedKeyName"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The organization
	Organization pulumi.StringPtrOutput `pulumi:"organization"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The organization unit
	Ou pulumi.StringPtrOutput `pulumi:"ou"`
	// The postal code
	PostalCode pulumi.StringPtrOutput `pulumi:"postalCode"`
	// The private key
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// The private key format
	PrivateKeyFormat pulumi.StringPtrOutput `pulumi:"privateKeyFormat"`
	// The private key type
	PrivateKeyType pulumi.StringOutput `pulumi:"privateKeyType"`
	// The province
	Province pulumi.StringPtrOutput `pulumi:"province"`
	// The street address
	StreetAddress pulumi.StringPtrOutput `pulumi:"streetAddress"`
	// Type of intermediate to create. Must be either \"exported\" or \"internal\"
	// or \"kms\"
	Type pulumi.StringOutput `pulumi:"type"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkisecret.NewSecretBackendIntermediateCertRequest(ctx, "test", &pkisecret.SecretBackendIntermediateCertRequestArgs{
			Backend:    pulumi.Any(pki.Path),
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("app.my.domain"),
		}, pulumi.DependsOn([]pulumi.Resource{
			pki,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendIntermediateCertRequest 

func GetSecretBackendIntermediateCertRequest(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendIntermediateCertRequestState, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateCertRequest, error)

GetSecretBackendIntermediateCertRequest gets an existing SecretBackendIntermediateCertRequest resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendIntermediateCertRequest 

func NewSecretBackendIntermediateCertRequest(ctx *pulumi.Context,
	name string, args *SecretBackendIntermediateCertRequestArgs, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateCertRequest, error)

NewSecretBackendIntermediateCertRequest registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendIntermediateCertRequest) ElementType 

func (*SecretBackendIntermediateCertRequest) ElementType() reflect.Type

func (*SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutput 

func (i *SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutput() SecretBackendIntermediateCertRequestOutput

func (*SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutputWithContext 

func (i *SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestOutput

type SecretBackendIntermediateCertRequestArgs 

type SecretBackendIntermediateCertRequestArgs struct {
	// Adds a Basic Constraints extension with 'CA: true'.
	// Only needed as a workaround in some compatibility scenarios with Active Directory
	// Certificate Services
	AddBasicConstraints pulumi.BoolPtrInput
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of intermediate to create
	CommonName pulumi.StringInput
	// The country
	Country pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\" or \"internal\"
	// or \"kms\"
	Type pulumi.StringInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendIntermediateCertRequest resource.

func (SecretBackendIntermediateCertRequestArgs) ElementType 

func (SecretBackendIntermediateCertRequestArgs) ElementType() reflect.Type

type SecretBackendIntermediateCertRequestArray 

type SecretBackendIntermediateCertRequestArray []SecretBackendIntermediateCertRequestInput

func (SecretBackendIntermediateCertRequestArray) ElementType 

func (SecretBackendIntermediateCertRequestArray) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutput 

func (i SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutput() SecretBackendIntermediateCertRequestArrayOutput

func (SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutputWithContext 

func (i SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestArrayOutput

type SecretBackendIntermediateCertRequestArrayInput 

type SecretBackendIntermediateCertRequestArrayInput interface {
	pulumi.Input

	ToSecretBackendIntermediateCertRequestArrayOutput() SecretBackendIntermediateCertRequestArrayOutput
	ToSecretBackendIntermediateCertRequestArrayOutputWithContext(context.Context) SecretBackendIntermediateCertRequestArrayOutput
}

SecretBackendIntermediateCertRequestArrayInput is an input type that accepts SecretBackendIntermediateCertRequestArray and SecretBackendIntermediateCertRequestArrayOutput values. You can construct a concrete instance of `SecretBackendIntermediateCertRequestArrayInput` via: 

SecretBackendIntermediateCertRequestArray{ SecretBackendIntermediateCertRequestArgs{...} }

type SecretBackendIntermediateCertRequestArrayOutput 

type SecretBackendIntermediateCertRequestArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateCertRequestArrayOutput) ElementType 

func (SecretBackendIntermediateCertRequestArrayOutput) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestArrayOutput) Index 

func (o SecretBackendIntermediateCertRequestArrayOutput) Index(i pulumi.IntInput) SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutput 

func (o SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutput() SecretBackendIntermediateCertRequestArrayOutput

func (SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutputWithContext 

func (o SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestArrayOutput

type SecretBackendIntermediateCertRequestInput 

type SecretBackendIntermediateCertRequestInput interface {
	pulumi.Input

	ToSecretBackendIntermediateCertRequestOutput() SecretBackendIntermediateCertRequestOutput
	ToSecretBackendIntermediateCertRequestOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestOutput
}

type SecretBackendIntermediateCertRequestMap 

type SecretBackendIntermediateCertRequestMap map[string]SecretBackendIntermediateCertRequestInput

func (SecretBackendIntermediateCertRequestMap) ElementType 

func (SecretBackendIntermediateCertRequestMap) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutput 

func (i SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutput() SecretBackendIntermediateCertRequestMapOutput

func (SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutputWithContext 

func (i SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestMapOutput

type SecretBackendIntermediateCertRequestMapInput 

type SecretBackendIntermediateCertRequestMapInput interface {
	pulumi.Input

	ToSecretBackendIntermediateCertRequestMapOutput() SecretBackendIntermediateCertRequestMapOutput
	ToSecretBackendIntermediateCertRequestMapOutputWithContext(context.Context) SecretBackendIntermediateCertRequestMapOutput
}

SecretBackendIntermediateCertRequestMapInput is an input type that accepts SecretBackendIntermediateCertRequestMap and SecretBackendIntermediateCertRequestMapOutput values. You can construct a concrete instance of `SecretBackendIntermediateCertRequestMapInput` via: 

SecretBackendIntermediateCertRequestMap{ "key": SecretBackendIntermediateCertRequestArgs{...} }

type SecretBackendIntermediateCertRequestMapOutput 

type SecretBackendIntermediateCertRequestMapOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateCertRequestMapOutput) ElementType 

func (SecretBackendIntermediateCertRequestMapOutput) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestMapOutput) MapIndex 

func (o SecretBackendIntermediateCertRequestMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutput 

func (o SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutput() SecretBackendIntermediateCertRequestMapOutput

func (SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutputWithContext 

func (o SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestMapOutput

type SecretBackendIntermediateCertRequestOutput 

type SecretBackendIntermediateCertRequestOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateCertRequestOutput) AddBasicConstraints 

func (o SecretBackendIntermediateCertRequestOutput) AddBasicConstraints() pulumi.BoolPtrOutput

Adds a Basic Constraints extension with 'CA: true'. Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services

func (SecretBackendIntermediateCertRequestOutput) AltNames 

func (o SecretBackendIntermediateCertRequestOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendIntermediateCertRequestOutput) Backend 

func (o SecretBackendIntermediateCertRequestOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendIntermediateCertRequestOutput) CommonName 

func (o SecretBackendIntermediateCertRequestOutput) CommonName() pulumi.StringOutput

CN of intermediate to create

func (SecretBackendIntermediateCertRequestOutput) Country 

func (o SecretBackendIntermediateCertRequestOutput) Country() pulumi.StringPtrOutput

The country

func (SecretBackendIntermediateCertRequestOutput) Csr 

func (o SecretBackendIntermediateCertRequestOutput) Csr() pulumi.StringOutput

The CSR

func (SecretBackendIntermediateCertRequestOutput) ElementType 

func (SecretBackendIntermediateCertRequestOutput) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestOutput) ExcludeCnFromSans 

func (o SecretBackendIntermediateCertRequestOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendIntermediateCertRequestOutput) Format 

func (o SecretBackendIntermediateCertRequestOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendIntermediateCertRequestOutput) IpSans 

func (o SecretBackendIntermediateCertRequestOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendIntermediateCertRequestOutput) KeyBits 

func (o SecretBackendIntermediateCertRequestOutput) KeyBits() pulumi.IntPtrOutput

The number of bits to use

func (SecretBackendIntermediateCertRequestOutput) KeyId 

func (o SecretBackendIntermediateCertRequestOutput) KeyId() pulumi.StringOutput

The ID of the generated key.

func (SecretBackendIntermediateCertRequestOutput) KeyName 

func (o SecretBackendIntermediateCertRequestOutput) KeyName() pulumi.StringOutput

When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name.

func (SecretBackendIntermediateCertRequestOutput) KeyRef 

func (o SecretBackendIntermediateCertRequestOutput) KeyRef() pulumi.StringOutput

Specifies the key (either default, by name, or by identifier) to use for generating this request. Only suitable for `type=existing` requests.

func (SecretBackendIntermediateCertRequestOutput) KeyType 

func (o SecretBackendIntermediateCertRequestOutput) KeyType() pulumi.StringPtrOutput

The desired key type

func (SecretBackendIntermediateCertRequestOutput) Locality 

func (o SecretBackendIntermediateCertRequestOutput) Locality() pulumi.StringPtrOutput

The locality

func (SecretBackendIntermediateCertRequestOutput) ManagedKeyId 

func (o SecretBackendIntermediateCertRequestOutput) ManagedKeyId() pulumi.StringPtrOutput

The ID of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyName`

func (SecretBackendIntermediateCertRequestOutput) ManagedKeyName 

func (o SecretBackendIntermediateCertRequestOutput) ManagedKeyName() pulumi.StringPtrOutput

The name of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyId`

func (SecretBackendIntermediateCertRequestOutput) Namespace 

func (o SecretBackendIntermediateCertRequestOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendIntermediateCertRequestOutput) Organization 

func (o SecretBackendIntermediateCertRequestOutput) Organization() pulumi.StringPtrOutput

The organization

func (SecretBackendIntermediateCertRequestOutput) OtherSans 

func (o SecretBackendIntermediateCertRequestOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendIntermediateCertRequestOutput) Ou 

func (o SecretBackendIntermediateCertRequestOutput) Ou() pulumi.StringPtrOutput

The organization unit

func (SecretBackendIntermediateCertRequestOutput) PostalCode 

func (o SecretBackendIntermediateCertRequestOutput) PostalCode() pulumi.StringPtrOutput

The postal code

func (SecretBackendIntermediateCertRequestOutput) PrivateKey 

func (o SecretBackendIntermediateCertRequestOutput) PrivateKey() pulumi.StringOutput

The private key

func (SecretBackendIntermediateCertRequestOutput) PrivateKeyFormat 

func (o SecretBackendIntermediateCertRequestOutput) PrivateKeyFormat() pulumi.StringPtrOutput

The private key format

func (SecretBackendIntermediateCertRequestOutput) PrivateKeyType 

func (o SecretBackendIntermediateCertRequestOutput) PrivateKeyType() pulumi.StringOutput

The private key type

func (SecretBackendIntermediateCertRequestOutput) Province 

func (o SecretBackendIntermediateCertRequestOutput) Province() pulumi.StringPtrOutput

The province

func (SecretBackendIntermediateCertRequestOutput) StreetAddress 

func (o SecretBackendIntermediateCertRequestOutput) StreetAddress() pulumi.StringPtrOutput

The street address

func (SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutput 

func (o SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutput() SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutputWithContext 

func (o SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestOutput) Type 

func (o SecretBackendIntermediateCertRequestOutput) Type() pulumi.StringOutput

Type of intermediate to create. Must be either \"exported\" or \"internal\" or \"kms\"

func (SecretBackendIntermediateCertRequestOutput) UriSans 

func (o SecretBackendIntermediateCertRequestOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

type SecretBackendIntermediateCertRequestState 

type SecretBackendIntermediateCertRequestState struct {
	// Adds a Basic Constraints extension with 'CA: true'.
	// Only needed as a workaround in some compatibility scenarios with Active Directory
	// Certificate Services
	AddBasicConstraints pulumi.BoolPtrInput
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// CN of intermediate to create
	CommonName pulumi.StringPtrInput
	// The country
	Country pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// The ID of the generated key.
	KeyId pulumi.StringPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key
	PrivateKey pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The private key type
	PrivateKeyType pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\" or \"internal\"
	// or \"kms\"
	Type pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

func (SecretBackendIntermediateCertRequestState) ElementType 

func (SecretBackendIntermediateCertRequestState) ElementType() reflect.Type

type SecretBackendIntermediateSetSigned 

type SecretBackendIntermediateSetSigned struct {
	pulumi.CustomResourceState

	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the PEM encoded certificate. May optionally append additional
	// CA certificates to populate the whole chain, which will then enable returning the full chain from
	// issue and sign operations.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// The imported issuers indicating which issuers were created as part of
	// this request.
	ImportedIssuers pulumi.StringArrayOutput `pulumi:"importedIssuers"`
	// The imported keys indicating which keys were created as part of this request.
	ImportedKeys pulumi.StringArrayOutput `pulumi:"importedKeys"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		root, err := vault.NewMount(ctx, "root", &vault.MountArgs{
			Path:                   pulumi.String("pki-root"),
			Type:                   pulumi.String("pki"),
			Description:            pulumi.String("root"),
			DefaultLeaseTtlSeconds: pulumi.Int(8640000),
			MaxLeaseTtlSeconds:     pulumi.Int(8640000),
		})
		if err != nil {
			return err
		}
		intermediate, err := vault.NewMount(ctx, "intermediate", &vault.MountArgs{
			Path:                   pulumi.String("pki-int"),
			Type:                   root.Type,
			Description:            pulumi.String("intermediate"),
			DefaultLeaseTtlSeconds: pulumi.Int(86400),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		example, err := pkisecret.NewSecretBackendRootCert(ctx, "example", &pkisecret.SecretBackendRootCertArgs{
			Backend:           root.Path,
			Type:              pulumi.String("internal"),
			CommonName:        pulumi.String("RootOrg Root CA"),
			Ttl:               pulumi.String("86400"),
			Format:            pulumi.String("pem"),
			PrivateKeyFormat:  pulumi.String("der"),
			KeyType:           pulumi.String("rsa"),
			KeyBits:           pulumi.Int(4096),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("Organizational Unit"),
			Organization:      pulumi.String("RootOrg"),
			Country:           pulumi.String("US"),
			Locality:          pulumi.String("San Francisco"),
			Province:          pulumi.String("CA"),
		})
		if err != nil {
			return err
		}
		exampleSecretBackendIntermediateCertRequest, err := pkisecret.NewSecretBackendIntermediateCertRequest(ctx, "example", &pkisecret.SecretBackendIntermediateCertRequestArgs{
			Backend:    intermediate.Path,
			Type:       example.Type,
			CommonName: pulumi.String("SubOrg Intermediate CA"),
		})
		if err != nil {
			return err
		}
		exampleSecretBackendRootSignIntermediate, err := pkisecret.NewSecretBackendRootSignIntermediate(ctx, "example", &pkisecret.SecretBackendRootSignIntermediateArgs{
			Backend:           root.Path,
			Csr:               exampleSecretBackendIntermediateCertRequest.Csr,
			CommonName:        pulumi.String("SubOrg Intermediate CA"),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("SubUnit"),
			Organization:      pulumi.String("SubOrg"),
			Country:           pulumi.String("US"),
			Locality:          pulumi.String("San Francisco"),
			Province:          pulumi.String("CA"),
			Revoke:            pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewSecretBackendIntermediateSetSigned(ctx, "example", &pkisecret.SecretBackendIntermediateSetSignedArgs{
			Backend:     intermediate.Path,
			Certificate: exampleSecretBackendRootSignIntermediate.Certificate,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendIntermediateSetSigned 

func GetSecretBackendIntermediateSetSigned(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendIntermediateSetSignedState, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateSetSigned, error)

GetSecretBackendIntermediateSetSigned gets an existing SecretBackendIntermediateSetSigned resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendIntermediateSetSigned 

func NewSecretBackendIntermediateSetSigned(ctx *pulumi.Context,
	name string, args *SecretBackendIntermediateSetSignedArgs, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateSetSigned, error)

NewSecretBackendIntermediateSetSigned registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendIntermediateSetSigned) ElementType 

func (*SecretBackendIntermediateSetSigned) ElementType() reflect.Type

func (*SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutput 

func (i *SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutput() SecretBackendIntermediateSetSignedOutput

func (*SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutputWithContext 

func (i *SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedOutput

type SecretBackendIntermediateSetSignedArgs 

type SecretBackendIntermediateSetSignedArgs struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// Specifies the PEM encoded certificate. May optionally append additional
	// CA certificates to populate the whole chain, which will then enable returning the full chain from
	// issue and sign operations.
	Certificate pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendIntermediateSetSigned resource.

func (SecretBackendIntermediateSetSignedArgs) ElementType 

func (SecretBackendIntermediateSetSignedArgs) ElementType() reflect.Type

type SecretBackendIntermediateSetSignedArray 

type SecretBackendIntermediateSetSignedArray []SecretBackendIntermediateSetSignedInput

func (SecretBackendIntermediateSetSignedArray) ElementType 

func (SecretBackendIntermediateSetSignedArray) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutput 

func (i SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutput() SecretBackendIntermediateSetSignedArrayOutput

func (SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutputWithContext 

func (i SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedArrayOutput

type SecretBackendIntermediateSetSignedArrayInput 

type SecretBackendIntermediateSetSignedArrayInput interface {
	pulumi.Input

	ToSecretBackendIntermediateSetSignedArrayOutput() SecretBackendIntermediateSetSignedArrayOutput
	ToSecretBackendIntermediateSetSignedArrayOutputWithContext(context.Context) SecretBackendIntermediateSetSignedArrayOutput
}

SecretBackendIntermediateSetSignedArrayInput is an input type that accepts SecretBackendIntermediateSetSignedArray and SecretBackendIntermediateSetSignedArrayOutput values. You can construct a concrete instance of `SecretBackendIntermediateSetSignedArrayInput` via: 

SecretBackendIntermediateSetSignedArray{ SecretBackendIntermediateSetSignedArgs{...} }

type SecretBackendIntermediateSetSignedArrayOutput 

type SecretBackendIntermediateSetSignedArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateSetSignedArrayOutput) ElementType 

func (SecretBackendIntermediateSetSignedArrayOutput) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedArrayOutput) Index 

func (o SecretBackendIntermediateSetSignedArrayOutput) Index(i pulumi.IntInput) SecretBackendIntermediateSetSignedOutput

func (SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutput 

func (o SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutput() SecretBackendIntermediateSetSignedArrayOutput

func (SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutputWithContext 

func (o SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedArrayOutput

type SecretBackendIntermediateSetSignedInput 

type SecretBackendIntermediateSetSignedInput interface {
	pulumi.Input

	ToSecretBackendIntermediateSetSignedOutput() SecretBackendIntermediateSetSignedOutput
	ToSecretBackendIntermediateSetSignedOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedOutput
}

type SecretBackendIntermediateSetSignedMap 

type SecretBackendIntermediateSetSignedMap map[string]SecretBackendIntermediateSetSignedInput

func (SecretBackendIntermediateSetSignedMap) ElementType 

func (SecretBackendIntermediateSetSignedMap) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutput 

func (i SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutput() SecretBackendIntermediateSetSignedMapOutput

func (SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutputWithContext 

func (i SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedMapOutput

type SecretBackendIntermediateSetSignedMapInput 

type SecretBackendIntermediateSetSignedMapInput interface {
	pulumi.Input

	ToSecretBackendIntermediateSetSignedMapOutput() SecretBackendIntermediateSetSignedMapOutput
	ToSecretBackendIntermediateSetSignedMapOutputWithContext(context.Context) SecretBackendIntermediateSetSignedMapOutput
}

SecretBackendIntermediateSetSignedMapInput is an input type that accepts SecretBackendIntermediateSetSignedMap and SecretBackendIntermediateSetSignedMapOutput values. You can construct a concrete instance of `SecretBackendIntermediateSetSignedMapInput` via: 

SecretBackendIntermediateSetSignedMap{ "key": SecretBackendIntermediateSetSignedArgs{...} }

type SecretBackendIntermediateSetSignedMapOutput 

type SecretBackendIntermediateSetSignedMapOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateSetSignedMapOutput) ElementType 

func (SecretBackendIntermediateSetSignedMapOutput) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedMapOutput) MapIndex 

func (o SecretBackendIntermediateSetSignedMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIntermediateSetSignedOutput

func (SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutput 

func (o SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutput() SecretBackendIntermediateSetSignedMapOutput

func (SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutputWithContext 

func (o SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedMapOutput

type SecretBackendIntermediateSetSignedOutput 

type SecretBackendIntermediateSetSignedOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateSetSignedOutput) Backend 

func (o SecretBackendIntermediateSetSignedOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendIntermediateSetSignedOutput) Certificate 

func (o SecretBackendIntermediateSetSignedOutput) Certificate() pulumi.StringOutput

Specifies the PEM encoded certificate. May optionally append additional CA certificates to populate the whole chain, which will then enable returning the full chain from issue and sign operations.

func (SecretBackendIntermediateSetSignedOutput) ElementType 

func (SecretBackendIntermediateSetSignedOutput) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedOutput) ImportedIssuers 

func (o SecretBackendIntermediateSetSignedOutput) ImportedIssuers() pulumi.StringArrayOutput

The imported issuers indicating which issuers were created as part of this request.

func (SecretBackendIntermediateSetSignedOutput) ImportedKeys 

func (o SecretBackendIntermediateSetSignedOutput) ImportedKeys() pulumi.StringArrayOutput

The imported keys indicating which keys were created as part of this request.

func (SecretBackendIntermediateSetSignedOutput) Namespace 

func (o SecretBackendIntermediateSetSignedOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutput 

func (o SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutput() SecretBackendIntermediateSetSignedOutput

func (SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutputWithContext 

func (o SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedOutput

type SecretBackendIntermediateSetSignedState 

type SecretBackendIntermediateSetSignedState struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// Specifies the PEM encoded certificate. May optionally append additional
	// CA certificates to populate the whole chain, which will then enable returning the full chain from
	// issue and sign operations.
	Certificate pulumi.StringPtrInput
	// The imported issuers indicating which issuers were created as part of
	// this request.
	ImportedIssuers pulumi.StringArrayInput
	// The imported keys indicating which keys were created as part of this request.
	ImportedKeys pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (SecretBackendIntermediateSetSignedState) ElementType 

func (SecretBackendIntermediateSetSignedState) ElementType() reflect.Type

type SecretBackendIssuer 

type SecretBackendIssuer struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the URL values for the CRL
	// Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayOutput `pulumi:"crlDistributionPoints"`
	// Specifies that the AIA URL values should
	// be templated.
	EnableAiaUrlTemplating pulumi.BoolPtrOutput `pulumi:"enableAiaUrlTemplating"`
	// ID of the issuer.
	IssuerId pulumi.StringOutput `pulumi:"issuerId"`
	// Name of the issuer.
	IssuerName pulumi.StringPtrOutput `pulumi:"issuerName"`
	// Reference to an existing issuer.
	IssuerRef pulumi.StringOutput `pulumi:"issuerRef"`
	// Specifies the URL values for the Issuing
	// Certificate field.
	IssuingCertificates pulumi.StringArrayOutput `pulumi:"issuingCertificates"`
	// Behavior of a leaf's NotAfter field during
	// issuance.
	LeafNotAfterBehavior pulumi.StringOutput `pulumi:"leafNotAfterBehavior"`
	// Chain of issuer references to build this issuer's
	// computed CAChain field from, when non-empty.
	ManualChains pulumi.StringArrayOutput `pulumi:"manualChains"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayOutput `pulumi:"ocspServers"`
	// Which signature algorithm to use
	// when building CRLs.
	RevocationSignatureAlgorithm pulumi.StringOutput `pulumi:"revocationSignatureAlgorithm"`
	// Allowed usages for this issuer.
	Usage pulumi.StringOutput `pulumi:"usage"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("pki"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		root, err := pkisecret.NewSecretBackendRootCert(ctx, "root", &pkisecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("test"),
			Ttl:        pulumi.String("86400"),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewSecretBackendIssuer(ctx, "example", &pkisecret.SecretBackendIssuerArgs{
			Backend:    root.Backend,
			IssuerRef:  root.IssuerId,
			IssuerName: pulumi.String("example-issuer"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

PKI secret backend issuer can be imported using the `id`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer example pki/issuer/bf9b0d48-d0dd-652c-30be-77d04fc7e94d ```

func GetSecretBackendIssuer 

func GetSecretBackendIssuer(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendIssuerState, opts ...pulumi.ResourceOption) (*SecretBackendIssuer, error)

GetSecretBackendIssuer gets an existing SecretBackendIssuer resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendIssuer 

func NewSecretBackendIssuer(ctx *pulumi.Context,
	name string, args *SecretBackendIssuerArgs, opts ...pulumi.ResourceOption) (*SecretBackendIssuer, error)

NewSecretBackendIssuer registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendIssuer) ElementType 

func (*SecretBackendIssuer) ElementType() reflect.Type

func (*SecretBackendIssuer) ToSecretBackendIssuerOutput 

func (i *SecretBackendIssuer) ToSecretBackendIssuerOutput() SecretBackendIssuerOutput

func (*SecretBackendIssuer) ToSecretBackendIssuerOutputWithContext 

func (i *SecretBackendIssuer) ToSecretBackendIssuerOutputWithContext(ctx context.Context) SecretBackendIssuerOutput

type SecretBackendIssuerArgs 

type SecretBackendIssuerArgs struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the URL values for the CRL
	// Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that the AIA URL values should
	// be templated.
	EnableAiaUrlTemplating pulumi.BoolPtrInput
	// Name of the issuer.
	IssuerName pulumi.StringPtrInput
	// Reference to an existing issuer.
	IssuerRef pulumi.StringInput
	// Specifies the URL values for the Issuing
	// Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// Behavior of a leaf's NotAfter field during
	// issuance.
	LeafNotAfterBehavior pulumi.StringPtrInput
	// Chain of issuer references to build this issuer's
	// computed CAChain field from, when non-empty.
	ManualChains pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
	// Which signature algorithm to use
	// when building CRLs.
	RevocationSignatureAlgorithm pulumi.StringPtrInput
	// Allowed usages for this issuer.
	Usage pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendIssuer resource.

func (SecretBackendIssuerArgs) ElementType 

func (SecretBackendIssuerArgs) ElementType() reflect.Type

type SecretBackendIssuerArray 

type SecretBackendIssuerArray []SecretBackendIssuerInput

func (SecretBackendIssuerArray) ElementType 

func (SecretBackendIssuerArray) ElementType() reflect.Type

func (SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutput 

func (i SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutput() SecretBackendIssuerArrayOutput

func (SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutputWithContext 

func (i SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutputWithContext(ctx context.Context) SecretBackendIssuerArrayOutput

type SecretBackendIssuerArrayInput 

type SecretBackendIssuerArrayInput interface {
	pulumi.Input

	ToSecretBackendIssuerArrayOutput() SecretBackendIssuerArrayOutput
	ToSecretBackendIssuerArrayOutputWithContext(context.Context) SecretBackendIssuerArrayOutput
}

SecretBackendIssuerArrayInput is an input type that accepts SecretBackendIssuerArray and SecretBackendIssuerArrayOutput values. You can construct a concrete instance of `SecretBackendIssuerArrayInput` via: 

SecretBackendIssuerArray{ SecretBackendIssuerArgs{...} }

type SecretBackendIssuerArrayOutput 

type SecretBackendIssuerArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendIssuerArrayOutput) ElementType 

func (SecretBackendIssuerArrayOutput) ElementType() reflect.Type

func (SecretBackendIssuerArrayOutput) Index 

func (o SecretBackendIssuerArrayOutput) Index(i pulumi.IntInput) SecretBackendIssuerOutput

func (SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutput 

func (o SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutput() SecretBackendIssuerArrayOutput

func (SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutputWithContext 

func (o SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutputWithContext(ctx context.Context) SecretBackendIssuerArrayOutput

type SecretBackendIssuerInput 

type SecretBackendIssuerInput interface {
	pulumi.Input

	ToSecretBackendIssuerOutput() SecretBackendIssuerOutput
	ToSecretBackendIssuerOutputWithContext(ctx context.Context) SecretBackendIssuerOutput
}

type SecretBackendIssuerMap 

type SecretBackendIssuerMap map[string]SecretBackendIssuerInput

func (SecretBackendIssuerMap) ElementType 

func (SecretBackendIssuerMap) ElementType() reflect.Type

func (SecretBackendIssuerMap) ToSecretBackendIssuerMapOutput 

func (i SecretBackendIssuerMap) ToSecretBackendIssuerMapOutput() SecretBackendIssuerMapOutput

func (SecretBackendIssuerMap) ToSecretBackendIssuerMapOutputWithContext 

func (i SecretBackendIssuerMap) ToSecretBackendIssuerMapOutputWithContext(ctx context.Context) SecretBackendIssuerMapOutput

type SecretBackendIssuerMapInput 

type SecretBackendIssuerMapInput interface {
	pulumi.Input

	ToSecretBackendIssuerMapOutput() SecretBackendIssuerMapOutput
	ToSecretBackendIssuerMapOutputWithContext(context.Context) SecretBackendIssuerMapOutput
}

SecretBackendIssuerMapInput is an input type that accepts SecretBackendIssuerMap and SecretBackendIssuerMapOutput values. You can construct a concrete instance of `SecretBackendIssuerMapInput` via: 

SecretBackendIssuerMap{ "key": SecretBackendIssuerArgs{...} }

type SecretBackendIssuerMapOutput 

type SecretBackendIssuerMapOutput struct{ *pulumi.OutputState }

func (SecretBackendIssuerMapOutput) ElementType 

func (SecretBackendIssuerMapOutput) ElementType() reflect.Type

func (SecretBackendIssuerMapOutput) MapIndex 

func (o SecretBackendIssuerMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIssuerOutput

func (SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutput 

func (o SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutput() SecretBackendIssuerMapOutput

func (SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutputWithContext 

func (o SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutputWithContext(ctx context.Context) SecretBackendIssuerMapOutput

type SecretBackendIssuerOutput 

type SecretBackendIssuerOutput struct{ *pulumi.OutputState }

func (SecretBackendIssuerOutput) Backend 

func (o SecretBackendIssuerOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendIssuerOutput) CrlDistributionPoints 

func (o SecretBackendIssuerOutput) CrlDistributionPoints() pulumi.StringArrayOutput

Specifies the URL values for the CRL Distribution Points field.

func (SecretBackendIssuerOutput) ElementType 

func (SecretBackendIssuerOutput) ElementType() reflect.Type

func (SecretBackendIssuerOutput) EnableAiaUrlTemplating 

func (o SecretBackendIssuerOutput) EnableAiaUrlTemplating() pulumi.BoolPtrOutput

Specifies that the AIA URL values should be templated.

func (SecretBackendIssuerOutput) IssuerId 

func (o SecretBackendIssuerOutput) IssuerId() pulumi.StringOutput

ID of the issuer.

func (SecretBackendIssuerOutput) IssuerName 

func (o SecretBackendIssuerOutput) IssuerName() pulumi.StringPtrOutput

Name of the issuer.

func (SecretBackendIssuerOutput) IssuerRef 

func (o SecretBackendIssuerOutput) IssuerRef() pulumi.StringOutput

Reference to an existing issuer.

func (SecretBackendIssuerOutput) IssuingCertificates 

func (o SecretBackendIssuerOutput) IssuingCertificates() pulumi.StringArrayOutput

Specifies the URL values for the Issuing Certificate field.

func (SecretBackendIssuerOutput) LeafNotAfterBehavior 

func (o SecretBackendIssuerOutput) LeafNotAfterBehavior() pulumi.StringOutput

Behavior of a leaf's NotAfter field during issuance.

func (SecretBackendIssuerOutput) ManualChains 

func (o SecretBackendIssuerOutput) ManualChains() pulumi.StringArrayOutput

Chain of issuer references to build this issuer's computed CAChain field from, when non-empty.

func (SecretBackendIssuerOutput) Namespace 

func (o SecretBackendIssuerOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendIssuerOutput) OcspServers 

func (o SecretBackendIssuerOutput) OcspServers() pulumi.StringArrayOutput

Specifies the URL values for the OCSP Servers field.

func (SecretBackendIssuerOutput) RevocationSignatureAlgorithm 

func (o SecretBackendIssuerOutput) RevocationSignatureAlgorithm() pulumi.StringOutput

Which signature algorithm to use when building CRLs.

func (SecretBackendIssuerOutput) ToSecretBackendIssuerOutput 

func (o SecretBackendIssuerOutput) ToSecretBackendIssuerOutput() SecretBackendIssuerOutput

func (SecretBackendIssuerOutput) ToSecretBackendIssuerOutputWithContext 

func (o SecretBackendIssuerOutput) ToSecretBackendIssuerOutputWithContext(ctx context.Context) SecretBackendIssuerOutput

func (SecretBackendIssuerOutput) Usage 

func (o SecretBackendIssuerOutput) Usage() pulumi.StringOutput

Allowed usages for this issuer.

type SecretBackendIssuerState 

type SecretBackendIssuerState struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the URL values for the CRL
	// Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that the AIA URL values should
	// be templated.
	EnableAiaUrlTemplating pulumi.BoolPtrInput
	// ID of the issuer.
	IssuerId pulumi.StringPtrInput
	// Name of the issuer.
	IssuerName pulumi.StringPtrInput
	// Reference to an existing issuer.
	IssuerRef pulumi.StringPtrInput
	// Specifies the URL values for the Issuing
	// Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// Behavior of a leaf's NotAfter field during
	// issuance.
	LeafNotAfterBehavior pulumi.StringPtrInput
	// Chain of issuer references to build this issuer's
	// computed CAChain field from, when non-empty.
	ManualChains pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
	// Which signature algorithm to use
	// when building CRLs.
	RevocationSignatureAlgorithm pulumi.StringPtrInput
	// Allowed usages for this issuer.
	Usage pulumi.StringPtrInput
}

func (SecretBackendIssuerState) ElementType 

func (SecretBackendIssuerState) ElementType() reflect.Type

type SecretBackendKey 

type SecretBackendKey struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the number of bits to use for the generated keys.
	// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
	// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
	// 384, or 521; ignored with `key_type=ed25519`.
	KeyBits pulumi.IntOutput `pulumi:"keyBits"`
	// ID of the generated key.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// When a new key is created with this request, optionally specifies the name for this.
	// The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrOutput `pulumi:"keyName"`
	// Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
	KeyType pulumi.StringOutput `pulumi:"keyType"`
	// The managed key's UUID.
	ManagedKeyId pulumi.StringPtrOutput `pulumi:"managedKeyId"`
	// The managed key's configured name.
	ManagedKeyName pulumi.StringPtrOutput `pulumi:"managedKeyName"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.
	Type pulumi.StringOutput `pulumi:"type"`
}

Creates a key on a PKI Secret Backend for Vault.

## Import

PKI secret backend key can be imported using the `id`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendKey:SecretBackendKey key pki/key/bf9b0d48-d0dd-652c-30be-77d04fc7e94d ```

func GetSecretBackendKey 

func GetSecretBackendKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendKeyState, opts ...pulumi.ResourceOption) (*SecretBackendKey, error)

GetSecretBackendKey gets an existing SecretBackendKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendKey 

func NewSecretBackendKey(ctx *pulumi.Context,
	name string, args *SecretBackendKeyArgs, opts ...pulumi.ResourceOption) (*SecretBackendKey, error)

NewSecretBackendKey registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendKey) ElementType 

func (*SecretBackendKey) ElementType() reflect.Type

func (*SecretBackendKey) ToSecretBackendKeyOutput 

func (i *SecretBackendKey) ToSecretBackendKeyOutput() SecretBackendKeyOutput

func (*SecretBackendKey) ToSecretBackendKeyOutputWithContext 

func (i *SecretBackendKey) ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput

type SecretBackendKeyArgs 

type SecretBackendKeyArgs struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the number of bits to use for the generated keys.
	// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
	// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
	// 384, or 521; ignored with `key_type=ed25519`.
	KeyBits pulumi.IntPtrInput
	// When a new key is created with this request, optionally specifies the name for this.
	// The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
	KeyType pulumi.StringPtrInput
	// The managed key's UUID.
	ManagedKeyId pulumi.StringPtrInput
	// The managed key's configured name.
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.
	Type pulumi.StringInput
}

The set of arguments for constructing a SecretBackendKey resource.

func (SecretBackendKeyArgs) ElementType 

func (SecretBackendKeyArgs) ElementType() reflect.Type

type SecretBackendKeyArray 

type SecretBackendKeyArray []SecretBackendKeyInput

func (SecretBackendKeyArray) ElementType 

func (SecretBackendKeyArray) ElementType() reflect.Type

func (SecretBackendKeyArray) ToSecretBackendKeyArrayOutput 

func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput

func (SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext 

func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext(ctx context.Context) SecretBackendKeyArrayOutput

type SecretBackendKeyArrayInput 

type SecretBackendKeyArrayInput interface {
	pulumi.Input

	ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput
	ToSecretBackendKeyArrayOutputWithContext(context.Context) SecretBackendKeyArrayOutput
}

SecretBackendKeyArrayInput is an input type that accepts SecretBackendKeyArray and SecretBackendKeyArrayOutput values. You can construct a concrete instance of `SecretBackendKeyArrayInput` via: 

SecretBackendKeyArray{ SecretBackendKeyArgs{...} }

type SecretBackendKeyArrayOutput 

type SecretBackendKeyArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendKeyArrayOutput) ElementType 

func (SecretBackendKeyArrayOutput) ElementType() reflect.Type

func (SecretBackendKeyArrayOutput) Index 

func (o SecretBackendKeyArrayOutput) Index(i pulumi.IntInput) SecretBackendKeyOutput

func (SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutput 

func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput

func (SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext 

func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext(ctx context.Context) SecretBackendKeyArrayOutput

type SecretBackendKeyInput 

type SecretBackendKeyInput interface {
	pulumi.Input

	ToSecretBackendKeyOutput() SecretBackendKeyOutput
	ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput
}

type SecretBackendKeyMap 

type SecretBackendKeyMap map[string]SecretBackendKeyInput

func (SecretBackendKeyMap) ElementType 

func (SecretBackendKeyMap) ElementType() reflect.Type

func (SecretBackendKeyMap) ToSecretBackendKeyMapOutput 

func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput

func (SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext 

func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext(ctx context.Context) SecretBackendKeyMapOutput

type SecretBackendKeyMapInput 

type SecretBackendKeyMapInput interface {
	pulumi.Input

	ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput
	ToSecretBackendKeyMapOutputWithContext(context.Context) SecretBackendKeyMapOutput
}

SecretBackendKeyMapInput is an input type that accepts SecretBackendKeyMap and SecretBackendKeyMapOutput values. You can construct a concrete instance of `SecretBackendKeyMapInput` via: 

SecretBackendKeyMap{ "key": SecretBackendKeyArgs{...} }

type SecretBackendKeyMapOutput 

type SecretBackendKeyMapOutput struct{ *pulumi.OutputState }

func (SecretBackendKeyMapOutput) ElementType 

func (SecretBackendKeyMapOutput) ElementType() reflect.Type

func (SecretBackendKeyMapOutput) MapIndex 

func (o SecretBackendKeyMapOutput) MapIndex(k pulumi.StringInput) SecretBackendKeyOutput

func (SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutput 

func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput

func (SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext 

func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext(ctx context.Context) SecretBackendKeyMapOutput

type SecretBackendKeyOutput 

type SecretBackendKeyOutput struct{ *pulumi.OutputState }

func (SecretBackendKeyOutput) Backend 

func (o SecretBackendKeyOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendKeyOutput) ElementType 

func (SecretBackendKeyOutput) ElementType() reflect.Type

func (SecretBackendKeyOutput) KeyBits 

func (o SecretBackendKeyOutput) KeyBits() pulumi.IntOutput

Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`.

func (SecretBackendKeyOutput) KeyId 

func (o SecretBackendKeyOutput) KeyId() pulumi.StringOutput

ID of the generated key.

func (SecretBackendKeyOutput) KeyName 

func (o SecretBackendKeyOutput) KeyName() pulumi.StringPtrOutput

When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name.

func (SecretBackendKeyOutput) KeyType 

func (o SecretBackendKeyOutput) KeyType() pulumi.StringOutput

Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.

func (SecretBackendKeyOutput) ManagedKeyId 

func (o SecretBackendKeyOutput) ManagedKeyId() pulumi.StringPtrOutput

The managed key's UUID.

func (SecretBackendKeyOutput) ManagedKeyName 

func (o SecretBackendKeyOutput) ManagedKeyName() pulumi.StringPtrOutput

The managed key's configured name.

func (SecretBackendKeyOutput) Namespace 

func (o SecretBackendKeyOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendKeyOutput) ToSecretBackendKeyOutput 

func (o SecretBackendKeyOutput) ToSecretBackendKeyOutput() SecretBackendKeyOutput

func (SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext 

func (o SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput

func (SecretBackendKeyOutput) Type 

func (o SecretBackendKeyOutput) Type() pulumi.StringOutput

Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.

type SecretBackendKeyState 

type SecretBackendKeyState struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the number of bits to use for the generated keys.
	// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
	// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
	// 384, or 521; ignored with `key_type=ed25519`.
	KeyBits pulumi.IntPtrInput
	// ID of the generated key.
	KeyId pulumi.StringPtrInput
	// When a new key is created with this request, optionally specifies the name for this.
	// The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
	KeyType pulumi.StringPtrInput
	// The managed key's UUID.
	ManagedKeyId pulumi.StringPtrInput
	// The managed key's configured name.
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.
	Type pulumi.StringPtrInput
}

func (SecretBackendKeyState) ElementType 

func (SecretBackendKeyState) ElementType() reflect.Type

type SecretBackendRole 

type SecretBackendRole struct {
	pulumi.CustomResourceState

	// Flag to allow any name
	AllowAnyName pulumi.BoolPtrOutput `pulumi:"allowAnyName"`
	// Flag to allow certificates matching the actual domain
	AllowBareDomains pulumi.BoolPtrOutput `pulumi:"allowBareDomains"`
	// Flag to allow names containing glob patterns.
	AllowGlobDomains pulumi.BoolPtrOutput `pulumi:"allowGlobDomains"`
	// Flag to allow IP SANs
	AllowIpSans pulumi.BoolPtrOutput `pulumi:"allowIpSans"`
	// Flag to allow certificates for localhost
	AllowLocalhost pulumi.BoolPtrOutput `pulumi:"allowLocalhost"`
	// Flag to allow certificates matching subdomains
	AllowSubdomains pulumi.BoolPtrOutput `pulumi:"allowSubdomains"`
	// Flag to allow wildcard certificates.
	AllowWildcardCertificates pulumi.BoolPtrOutput `pulumi:"allowWildcardCertificates"`
	// List of allowed domains for certificates
	AllowedDomains pulumi.StringArrayOutput `pulumi:"allowedDomains"`
	// Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedDomainsTemplate pulumi.BoolPtrOutput `pulumi:"allowedDomainsTemplate"`
	// Defines allowed custom SANs
	AllowedOtherSans pulumi.StringArrayOutput `pulumi:"allowedOtherSans"`
	// An array of allowed serial numbers to put in Subject
	AllowedSerialNumbers pulumi.StringArrayOutput `pulumi:"allowedSerialNumbers"`
	// Defines allowed URI SANs
	AllowedUriSans pulumi.StringArrayOutput `pulumi:"allowedUriSans"`
	// Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedUriSansTemplate pulumi.BoolOutput `pulumi:"allowedUriSansTemplate"`
	// Defines allowed User IDs
	AllowedUserIds pulumi.StringArrayOutput `pulumi:"allowedUserIds"`
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Flag to mark basic constraints valid when issuing non-CA certificates
	BasicConstraintsValidForNonCa pulumi.BoolPtrOutput `pulumi:"basicConstraintsValidForNonCa"`
	// Flag to specify certificates for client use
	ClientFlag pulumi.BoolPtrOutput `pulumi:"clientFlag"`
	// Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
	CnValidations pulumi.StringArrayOutput `pulumi:"cnValidations"`
	// Flag to specify certificates for code signing use
	CodeSigningFlag pulumi.BoolPtrOutput `pulumi:"codeSigningFlag"`
	// The country of generated certificates
	Countries pulumi.StringArrayOutput `pulumi:"countries"`
	// Flag to specify certificates for email protection use
	EmailProtectionFlag pulumi.BoolPtrOutput `pulumi:"emailProtectionFlag"`
	// Flag to allow only valid host names
	EnforceHostnames pulumi.BoolPtrOutput `pulumi:"enforceHostnames"`
	// Specify the allowed extended key usage OIDs constraint on issued certificates
	ExtKeyUsageOids pulumi.StringArrayOutput `pulumi:"extKeyUsageOids"`
	// Specify the allowed extended key usage constraint on issued certificates
	ExtKeyUsages pulumi.StringArrayOutput `pulumi:"extKeyUsages"`
	// Flag to generate leases with certificates
	GenerateLease pulumi.BoolPtrOutput `pulumi:"generateLease"`
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringOutput `pulumi:"issuerRef"`
	// The number of bits of generated keys
	KeyBits pulumi.IntPtrOutput `pulumi:"keyBits"`
	// The generated key type, choices: `rsa`, `ec`, `ed25519`, `any`
	// Defaults to `rsa`
	KeyType pulumi.StringPtrOutput `pulumi:"keyType"`
	// Specify the allowed key usage constraint on issued
	// certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`.
	// To specify no default key usage constraints, set this to an empty list `[]`.
	KeyUsages pulumi.StringArrayOutput `pulumi:"keyUsages"`
	// The locality of generated certificates
	Localities pulumi.StringArrayOutput `pulumi:"localities"`
	// The maximum lease TTL, in seconds, for the role.
	MaxTtl pulumi.StringOutput `pulumi:"maxTtl"`
	// The name to identify this role within the backend. Must be unique within the backend.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Flag to not store certificates in the storage backend
	NoStore pulumi.BoolPtrOutput `pulumi:"noStore"`
	// Specifies the duration by which to backdate the NotBefore property.
	NotBeforeDuration pulumi.StringOutput `pulumi:"notBeforeDuration"`
	// The organization unit of generated certificates
	OrganizationUnit pulumi.StringArrayOutput `pulumi:"organizationUnit"`
	// The organization of generated certificates
	Organizations pulumi.StringArrayOutput `pulumi:"organizations"`
	// (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:
	PolicyIdentifier SecretBackendRolePolicyIdentifierArrayOutput `pulumi:"policyIdentifier"`
	// Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead
	PolicyIdentifiers pulumi.StringArrayOutput `pulumi:"policyIdentifiers"`
	// The postal code of generated certificates
	PostalCodes pulumi.StringArrayOutput `pulumi:"postalCodes"`
	// The province of generated certificates
	Provinces pulumi.StringArrayOutput `pulumi:"provinces"`
	// Flag to force CN usage
	RequireCn pulumi.BoolPtrOutput `pulumi:"requireCn"`
	// Flag to specify certificates for server use
	ServerFlag pulumi.BoolPtrOutput `pulumi:"serverFlag"`
	// The street address of generated certificates
	StreetAddresses pulumi.StringArrayOutput `pulumi:"streetAddresses"`
	// The TTL, in seconds, for any certificate issued against this role.
	Ttl pulumi.StringOutput `pulumi:"ttl"`
	// Flag to use the CN in the CSR
	UseCsrCommonName pulumi.BoolPtrOutput `pulumi:"useCsrCommonName"`
	// Flag to use the SANs in the CSR
	UseCsrSans pulumi.BoolPtrOutput `pulumi:"useCsrSans"`
}

Creates a role on an PKI Secret Backend for Vault.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("pki"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		_, err = pkisecret.NewSecretBackendRole(ctx, "role", &pkisecret.SecretBackendRoleArgs{
			Backend:     pki.Path,
			Name:        pulumi.String("my_role"),
			Ttl:         pulumi.String("3600"),
			AllowIpSans: pulumi.Bool(true),
			KeyType:     pulumi.String("rsa"),
			KeyBits:     pulumi.Int(4096),
			AllowedDomains: pulumi.StringArray{
				pulumi.String("example.com"),
				pulumi.String("my.domain"),
			},
			AllowSubdomains: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

PKI secret backend roles can be imported using the `path`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendRole:SecretBackendRole role pki/roles/my_role ```

func GetSecretBackendRole 

func GetSecretBackendRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRole 

func NewSecretBackendRole(ctx *pulumi.Context,
	name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRole) ElementType 

func (*SecretBackendRole) ElementType() reflect.Type

func (*SecretBackendRole) ToSecretBackendRoleOutput 

func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext 

func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

type SecretBackendRoleArgs 

type SecretBackendRoleArgs struct {
	// Flag to allow any name
	AllowAnyName pulumi.BoolPtrInput
	// Flag to allow certificates matching the actual domain
	AllowBareDomains pulumi.BoolPtrInput
	// Flag to allow names containing glob patterns.
	AllowGlobDomains pulumi.BoolPtrInput
	// Flag to allow IP SANs
	AllowIpSans pulumi.BoolPtrInput
	// Flag to allow certificates for localhost
	AllowLocalhost pulumi.BoolPtrInput
	// Flag to allow certificates matching subdomains
	AllowSubdomains pulumi.BoolPtrInput
	// Flag to allow wildcard certificates.
	AllowWildcardCertificates pulumi.BoolPtrInput
	// List of allowed domains for certificates
	AllowedDomains pulumi.StringArrayInput
	// Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedDomainsTemplate pulumi.BoolPtrInput
	// Defines allowed custom SANs
	AllowedOtherSans pulumi.StringArrayInput
	// An array of allowed serial numbers to put in Subject
	AllowedSerialNumbers pulumi.StringArrayInput
	// Defines allowed URI SANs
	AllowedUriSans pulumi.StringArrayInput
	// Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedUriSansTemplate pulumi.BoolPtrInput
	// Defines allowed User IDs
	AllowedUserIds pulumi.StringArrayInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Flag to mark basic constraints valid when issuing non-CA certificates
	BasicConstraintsValidForNonCa pulumi.BoolPtrInput
	// Flag to specify certificates for client use
	ClientFlag pulumi.BoolPtrInput
	// Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
	CnValidations pulumi.StringArrayInput
	// Flag to specify certificates for code signing use
	CodeSigningFlag pulumi.BoolPtrInput
	// The country of generated certificates
	Countries pulumi.StringArrayInput
	// Flag to specify certificates for email protection use
	EmailProtectionFlag pulumi.BoolPtrInput
	// Flag to allow only valid host names
	EnforceHostnames pulumi.BoolPtrInput
	// Specify the allowed extended key usage OIDs constraint on issued certificates
	ExtKeyUsageOids pulumi.StringArrayInput
	// Specify the allowed extended key usage constraint on issued certificates
	ExtKeyUsages pulumi.StringArrayInput
	// Flag to generate leases with certificates
	GenerateLease pulumi.BoolPtrInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The number of bits of generated keys
	KeyBits pulumi.IntPtrInput
	// The generated key type, choices: `rsa`, `ec`, `ed25519`, `any`
	// Defaults to `rsa`
	KeyType pulumi.StringPtrInput
	// Specify the allowed key usage constraint on issued
	// certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`.
	// To specify no default key usage constraints, set this to an empty list `[]`.
	KeyUsages pulumi.StringArrayInput
	// The locality of generated certificates
	Localities pulumi.StringArrayInput
	// The maximum lease TTL, in seconds, for the role.
	MaxTtl pulumi.StringPtrInput
	// The name to identify this role within the backend. Must be unique within the backend.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Flag to not store certificates in the storage backend
	NoStore pulumi.BoolPtrInput
	// Specifies the duration by which to backdate the NotBefore property.
	NotBeforeDuration pulumi.StringPtrInput
	// The organization unit of generated certificates
	OrganizationUnit pulumi.StringArrayInput
	// The organization of generated certificates
	Organizations pulumi.StringArrayInput
	// (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:
	PolicyIdentifier SecretBackendRolePolicyIdentifierArrayInput
	// Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead
	PolicyIdentifiers pulumi.StringArrayInput
	// The postal code of generated certificates
	PostalCodes pulumi.StringArrayInput
	// The province of generated certificates
	Provinces pulumi.StringArrayInput
	// Flag to force CN usage
	RequireCn pulumi.BoolPtrInput
	// Flag to specify certificates for server use
	ServerFlag pulumi.BoolPtrInput
	// The street address of generated certificates
	StreetAddresses pulumi.StringArrayInput
	// The TTL, in seconds, for any certificate issued against this role.
	Ttl pulumi.StringPtrInput
	// Flag to use the CN in the CSR
	UseCsrCommonName pulumi.BoolPtrInput
	// Flag to use the SANs in the CSR
	UseCsrSans pulumi.BoolPtrInput
}

The set of arguments for constructing a SecretBackendRole resource.

func (SecretBackendRoleArgs) ElementType 

func (SecretBackendRoleArgs) ElementType() reflect.Type

type SecretBackendRoleArray 

type SecretBackendRoleArray []SecretBackendRoleInput

func (SecretBackendRoleArray) ElementType 

func (SecretBackendRoleArray) ElementType() reflect.Type

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleArrayInput 

type SecretBackendRoleArrayInput interface {
	pulumi.Input

	ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
	ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput
}

SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via: 

SecretBackendRoleArray{ SecretBackendRoleArgs{...} }

type SecretBackendRoleArrayOutput 

type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleArrayOutput) ElementType 

func (SecretBackendRoleArrayOutput) ElementType() reflect.Type

func (SecretBackendRoleArrayOutput) Index 

func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleInput 

type SecretBackendRoleInput interface {
	pulumi.Input

	ToSecretBackendRoleOutput() SecretBackendRoleOutput
	ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
}

type SecretBackendRoleMap 

type SecretBackendRoleMap map[string]SecretBackendRoleInput

func (SecretBackendRoleMap) ElementType 

func (SecretBackendRoleMap) ElementType() reflect.Type

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleMapInput 

type SecretBackendRoleMapInput interface {
	pulumi.Input

	ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
	ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput
}

SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via: 

SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }

type SecretBackendRoleMapOutput 

type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleMapOutput) ElementType 

func (SecretBackendRoleMapOutput) ElementType() reflect.Type

func (SecretBackendRoleMapOutput) MapIndex 

func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleOutput 

type SecretBackendRoleOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleOutput) AllowAnyName 

func (o SecretBackendRoleOutput) AllowAnyName() pulumi.BoolPtrOutput

Flag to allow any name

func (SecretBackendRoleOutput) AllowBareDomains 

func (o SecretBackendRoleOutput) AllowBareDomains() pulumi.BoolPtrOutput

Flag to allow certificates matching the actual domain

func (SecretBackendRoleOutput) AllowGlobDomains 

func (o SecretBackendRoleOutput) AllowGlobDomains() pulumi.BoolPtrOutput

Flag to allow names containing glob patterns.

func (SecretBackendRoleOutput) AllowIpSans 

func (o SecretBackendRoleOutput) AllowIpSans() pulumi.BoolPtrOutput

Flag to allow IP SANs

func (SecretBackendRoleOutput) AllowLocalhost 

func (o SecretBackendRoleOutput) AllowLocalhost() pulumi.BoolPtrOutput

Flag to allow certificates for localhost

func (SecretBackendRoleOutput) AllowSubdomains 

func (o SecretBackendRoleOutput) AllowSubdomains() pulumi.BoolPtrOutput

Flag to allow certificates matching subdomains

func (SecretBackendRoleOutput) AllowWildcardCertificates 

func (o SecretBackendRoleOutput) AllowWildcardCertificates() pulumi.BoolPtrOutput

Flag to allow wildcard certificates.

func (SecretBackendRoleOutput) AllowedDomains 

func (o SecretBackendRoleOutput) AllowedDomains() pulumi.StringArrayOutput

List of allowed domains for certificates

func (SecretBackendRoleOutput) AllowedDomainsTemplate 

func (o SecretBackendRoleOutput) AllowedDomainsTemplate() pulumi.BoolPtrOutput

Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.

func (SecretBackendRoleOutput) AllowedOtherSans 

func (o SecretBackendRoleOutput) AllowedOtherSans() pulumi.StringArrayOutput

Defines allowed custom SANs

func (SecretBackendRoleOutput) AllowedSerialNumbers 

func (o SecretBackendRoleOutput) AllowedSerialNumbers() pulumi.StringArrayOutput

An array of allowed serial numbers to put in Subject

func (SecretBackendRoleOutput) AllowedUriSans 

func (o SecretBackendRoleOutput) AllowedUriSans() pulumi.StringArrayOutput

Defines allowed URI SANs

func (SecretBackendRoleOutput) AllowedUriSansTemplate 

func (o SecretBackendRoleOutput) AllowedUriSansTemplate() pulumi.BoolOutput

Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.

func (SecretBackendRoleOutput) AllowedUserIds 

func (o SecretBackendRoleOutput) AllowedUserIds() pulumi.StringArrayOutput

Defines allowed User IDs

func (SecretBackendRoleOutput) Backend 

func (o SecretBackendRoleOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendRoleOutput) BasicConstraintsValidForNonCa 

func (o SecretBackendRoleOutput) BasicConstraintsValidForNonCa() pulumi.BoolPtrOutput

Flag to mark basic constraints valid when issuing non-CA certificates

func (SecretBackendRoleOutput) ClientFlag 

func (o SecretBackendRoleOutput) ClientFlag() pulumi.BoolPtrOutput

Flag to specify certificates for client use

func (SecretBackendRoleOutput) CnValidations added in v6.5.0 

func (o SecretBackendRoleOutput) CnValidations() pulumi.StringArrayOutput

Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`

func (SecretBackendRoleOutput) CodeSigningFlag 

func (o SecretBackendRoleOutput) CodeSigningFlag() pulumi.BoolPtrOutput

Flag to specify certificates for code signing use

func (SecretBackendRoleOutput) Countries 

func (o SecretBackendRoleOutput) Countries() pulumi.StringArrayOutput

The country of generated certificates

func (SecretBackendRoleOutput) ElementType 

func (SecretBackendRoleOutput) ElementType() reflect.Type

func (SecretBackendRoleOutput) EmailProtectionFlag 

func (o SecretBackendRoleOutput) EmailProtectionFlag() pulumi.BoolPtrOutput

Flag to specify certificates for email protection use

func (SecretBackendRoleOutput) EnforceHostnames 

func (o SecretBackendRoleOutput) EnforceHostnames() pulumi.BoolPtrOutput

Flag to allow only valid host names

func (SecretBackendRoleOutput) ExtKeyUsageOids 

func (o SecretBackendRoleOutput) ExtKeyUsageOids() pulumi.StringArrayOutput

Specify the allowed extended key usage OIDs constraint on issued certificates

func (SecretBackendRoleOutput) ExtKeyUsages 

func (o SecretBackendRoleOutput) ExtKeyUsages() pulumi.StringArrayOutput

Specify the allowed extended key usage constraint on issued certificates

func (SecretBackendRoleOutput) GenerateLease 

func (o SecretBackendRoleOutput) GenerateLease() pulumi.BoolPtrOutput

Flag to generate leases with certificates

func (SecretBackendRoleOutput) IssuerRef 

func (o SecretBackendRoleOutput) IssuerRef() pulumi.StringOutput

Specifies the default issuer of this request. May be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users overriding the role's `issuerRef` value.

func (SecretBackendRoleOutput) KeyBits 

func (o SecretBackendRoleOutput) KeyBits() pulumi.IntPtrOutput

The number of bits of generated keys

func (SecretBackendRoleOutput) KeyType 

func (o SecretBackendRoleOutput) KeyType() pulumi.StringPtrOutput

The generated key type, choices: `rsa`, `ec`, `ed25519`, `any` Defaults to `rsa`

func (SecretBackendRoleOutput) KeyUsages 

func (o SecretBackendRoleOutput) KeyUsages() pulumi.StringArrayOutput

Specify the allowed key usage constraint on issued certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`. To specify no default key usage constraints, set this to an empty list `[]`.

func (SecretBackendRoleOutput) Localities 

func (o SecretBackendRoleOutput) Localities() pulumi.StringArrayOutput

The locality of generated certificates

func (SecretBackendRoleOutput) MaxTtl 

func (o SecretBackendRoleOutput) MaxTtl() pulumi.StringOutput

The maximum lease TTL, in seconds, for the role.

func (SecretBackendRoleOutput) Name 

func (o SecretBackendRoleOutput) Name() pulumi.StringOutput

The name to identify this role within the backend. Must be unique within the backend.

func (SecretBackendRoleOutput) Namespace 

func (o SecretBackendRoleOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendRoleOutput) NoStore 

func (o SecretBackendRoleOutput) NoStore() pulumi.BoolPtrOutput

Flag to not store certificates in the storage backend

func (SecretBackendRoleOutput) NotBeforeDuration 

func (o SecretBackendRoleOutput) NotBeforeDuration() pulumi.StringOutput

Specifies the duration by which to backdate the NotBefore property.

func (SecretBackendRoleOutput) OrganizationUnit 

func (o SecretBackendRoleOutput) OrganizationUnit() pulumi.StringArrayOutput

The organization unit of generated certificates

func (SecretBackendRoleOutput) Organizations 

func (o SecretBackendRoleOutput) Organizations() pulumi.StringArrayOutput

The organization of generated certificates

func (SecretBackendRoleOutput) PolicyIdentifier 

func (o SecretBackendRoleOutput) PolicyIdentifier() SecretBackendRolePolicyIdentifierArrayOutput

(Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:

func (SecretBackendRoleOutput) PolicyIdentifiers 

func (o SecretBackendRoleOutput) PolicyIdentifiers() pulumi.StringArrayOutput

Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead

func (SecretBackendRoleOutput) PostalCodes 

func (o SecretBackendRoleOutput) PostalCodes() pulumi.StringArrayOutput

The postal code of generated certificates

func (SecretBackendRoleOutput) Provinces 

func (o SecretBackendRoleOutput) Provinces() pulumi.StringArrayOutput

The province of generated certificates

func (SecretBackendRoleOutput) RequireCn 

func (o SecretBackendRoleOutput) RequireCn() pulumi.BoolPtrOutput

Flag to force CN usage

func (SecretBackendRoleOutput) ServerFlag 

func (o SecretBackendRoleOutput) ServerFlag() pulumi.BoolPtrOutput

Flag to specify certificates for server use

func (SecretBackendRoleOutput) StreetAddresses 

func (o SecretBackendRoleOutput) StreetAddresses() pulumi.StringArrayOutput

The street address of generated certificates

func (SecretBackendRoleOutput) ToSecretBackendRoleOutput 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

func (SecretBackendRoleOutput) Ttl 

func (o SecretBackendRoleOutput) Ttl() pulumi.StringOutput

The TTL, in seconds, for any certificate issued against this role.

func (SecretBackendRoleOutput) UseCsrCommonName 

func (o SecretBackendRoleOutput) UseCsrCommonName() pulumi.BoolPtrOutput

Flag to use the CN in the CSR

func (SecretBackendRoleOutput) UseCsrSans 

func (o SecretBackendRoleOutput) UseCsrSans() pulumi.BoolPtrOutput

Flag to use the SANs in the CSR

type SecretBackendRolePolicyIdentifier 

type SecretBackendRolePolicyIdentifier struct {
	// The URL of the CPS for the policy identifier
	//
	// Example usage:
	Cps *string `pulumi:"cps"`
	// A notice for the policy identifier
	Notice *string `pulumi:"notice"`
	// The OID for the policy identifier
	Oid string `pulumi:"oid"`
}

type SecretBackendRolePolicyIdentifierArgs 

type SecretBackendRolePolicyIdentifierArgs struct {
	// The URL of the CPS for the policy identifier
	//
	// Example usage:
	Cps pulumi.StringPtrInput `pulumi:"cps"`
	// A notice for the policy identifier
	Notice pulumi.StringPtrInput `pulumi:"notice"`
	// The OID for the policy identifier
	Oid pulumi.StringInput `pulumi:"oid"`
}

func (SecretBackendRolePolicyIdentifierArgs) ElementType 

func (SecretBackendRolePolicyIdentifierArgs) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutput 

func (i SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutput() SecretBackendRolePolicyIdentifierOutput

func (SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutputWithContext 

func (i SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierOutput

type SecretBackendRolePolicyIdentifierArray 

type SecretBackendRolePolicyIdentifierArray []SecretBackendRolePolicyIdentifierInput

func (SecretBackendRolePolicyIdentifierArray) ElementType 

func (SecretBackendRolePolicyIdentifierArray) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutput 

func (i SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput

func (SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext 

func (i SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierArrayOutput

type SecretBackendRolePolicyIdentifierArrayInput 

type SecretBackendRolePolicyIdentifierArrayInput interface {
	pulumi.Input

	ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput
	ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(context.Context) SecretBackendRolePolicyIdentifierArrayOutput
}

SecretBackendRolePolicyIdentifierArrayInput is an input type that accepts SecretBackendRolePolicyIdentifierArray and SecretBackendRolePolicyIdentifierArrayOutput values. You can construct a concrete instance of `SecretBackendRolePolicyIdentifierArrayInput` via: 

SecretBackendRolePolicyIdentifierArray{ SecretBackendRolePolicyIdentifierArgs{...} }

type SecretBackendRolePolicyIdentifierArrayOutput 

type SecretBackendRolePolicyIdentifierArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRolePolicyIdentifierArrayOutput) ElementType 

func (SecretBackendRolePolicyIdentifierArrayOutput) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierArrayOutput) Index 

func (o SecretBackendRolePolicyIdentifierArrayOutput) Index(i pulumi.IntInput) SecretBackendRolePolicyIdentifierOutput

func (SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutput 

func (o SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput

func (SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext 

func (o SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierArrayOutput

type SecretBackendRolePolicyIdentifierInput 

type SecretBackendRolePolicyIdentifierInput interface {
	pulumi.Input

	ToSecretBackendRolePolicyIdentifierOutput() SecretBackendRolePolicyIdentifierOutput
	ToSecretBackendRolePolicyIdentifierOutputWithContext(context.Context) SecretBackendRolePolicyIdentifierOutput
}

SecretBackendRolePolicyIdentifierInput is an input type that accepts SecretBackendRolePolicyIdentifierArgs and SecretBackendRolePolicyIdentifierOutput values. You can construct a concrete instance of `SecretBackendRolePolicyIdentifierInput` via: 

SecretBackendRolePolicyIdentifierArgs{...}

type SecretBackendRolePolicyIdentifierOutput 

type SecretBackendRolePolicyIdentifierOutput struct{ *pulumi.OutputState }

func (SecretBackendRolePolicyIdentifierOutput) Cps 

func (o SecretBackendRolePolicyIdentifierOutput) Cps() pulumi.StringPtrOutput

The URL of the CPS for the policy identifier

Example usage:

func (SecretBackendRolePolicyIdentifierOutput) ElementType 

func (SecretBackendRolePolicyIdentifierOutput) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierOutput) Notice 

func (o SecretBackendRolePolicyIdentifierOutput) Notice() pulumi.StringPtrOutput

A notice for the policy identifier

func (SecretBackendRolePolicyIdentifierOutput) Oid 

func (o SecretBackendRolePolicyIdentifierOutput) Oid() pulumi.StringOutput

The OID for the policy identifier

func (SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutput 

func (o SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutput() SecretBackendRolePolicyIdentifierOutput

func (SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutputWithContext 

func (o SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierOutput

type SecretBackendRoleState 

type SecretBackendRoleState struct {
	// Flag to allow any name
	AllowAnyName pulumi.BoolPtrInput
	// Flag to allow certificates matching the actual domain
	AllowBareDomains pulumi.BoolPtrInput
	// Flag to allow names containing glob patterns.
	AllowGlobDomains pulumi.BoolPtrInput
	// Flag to allow IP SANs
	AllowIpSans pulumi.BoolPtrInput
	// Flag to allow certificates for localhost
	AllowLocalhost pulumi.BoolPtrInput
	// Flag to allow certificates matching subdomains
	AllowSubdomains pulumi.BoolPtrInput
	// Flag to allow wildcard certificates.
	AllowWildcardCertificates pulumi.BoolPtrInput
	// List of allowed domains for certificates
	AllowedDomains pulumi.StringArrayInput
	// Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedDomainsTemplate pulumi.BoolPtrInput
	// Defines allowed custom SANs
	AllowedOtherSans pulumi.StringArrayInput
	// An array of allowed serial numbers to put in Subject
	AllowedSerialNumbers pulumi.StringArrayInput
	// Defines allowed URI SANs
	AllowedUriSans pulumi.StringArrayInput
	// Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedUriSansTemplate pulumi.BoolPtrInput
	// Defines allowed User IDs
	AllowedUserIds pulumi.StringArrayInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Flag to mark basic constraints valid when issuing non-CA certificates
	BasicConstraintsValidForNonCa pulumi.BoolPtrInput
	// Flag to specify certificates for client use
	ClientFlag pulumi.BoolPtrInput
	// Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
	CnValidations pulumi.StringArrayInput
	// Flag to specify certificates for code signing use
	CodeSigningFlag pulumi.BoolPtrInput
	// The country of generated certificates
	Countries pulumi.StringArrayInput
	// Flag to specify certificates for email protection use
	EmailProtectionFlag pulumi.BoolPtrInput
	// Flag to allow only valid host names
	EnforceHostnames pulumi.BoolPtrInput
	// Specify the allowed extended key usage OIDs constraint on issued certificates
	ExtKeyUsageOids pulumi.StringArrayInput
	// Specify the allowed extended key usage constraint on issued certificates
	ExtKeyUsages pulumi.StringArrayInput
	// Flag to generate leases with certificates
	GenerateLease pulumi.BoolPtrInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The number of bits of generated keys
	KeyBits pulumi.IntPtrInput
	// The generated key type, choices: `rsa`, `ec`, `ed25519`, `any`
	// Defaults to `rsa`
	KeyType pulumi.StringPtrInput
	// Specify the allowed key usage constraint on issued
	// certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`.
	// To specify no default key usage constraints, set this to an empty list `[]`.
	KeyUsages pulumi.StringArrayInput
	// The locality of generated certificates
	Localities pulumi.StringArrayInput
	// The maximum lease TTL, in seconds, for the role.
	MaxTtl pulumi.StringPtrInput
	// The name to identify this role within the backend. Must be unique within the backend.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Flag to not store certificates in the storage backend
	NoStore pulumi.BoolPtrInput
	// Specifies the duration by which to backdate the NotBefore property.
	NotBeforeDuration pulumi.StringPtrInput
	// The organization unit of generated certificates
	OrganizationUnit pulumi.StringArrayInput
	// The organization of generated certificates
	Organizations pulumi.StringArrayInput
	// (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:
	PolicyIdentifier SecretBackendRolePolicyIdentifierArrayInput
	// Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead
	PolicyIdentifiers pulumi.StringArrayInput
	// The postal code of generated certificates
	PostalCodes pulumi.StringArrayInput
	// The province of generated certificates
	Provinces pulumi.StringArrayInput
	// Flag to force CN usage
	RequireCn pulumi.BoolPtrInput
	// Flag to specify certificates for server use
	ServerFlag pulumi.BoolPtrInput
	// The street address of generated certificates
	StreetAddresses pulumi.StringArrayInput
	// The TTL, in seconds, for any certificate issued against this role.
	Ttl pulumi.StringPtrInput
	// Flag to use the CN in the CSR
	UseCsrCommonName pulumi.BoolPtrInput
	// Flag to use the SANs in the CSR
	UseCsrSans pulumi.BoolPtrInput
}

func (SecretBackendRoleState) ElementType 

func (SecretBackendRoleState) ElementType() reflect.Type

type SecretBackendRootCert 

type SecretBackendRootCert struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The certificate.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// CN of intermediate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The country
	Country pulumi.StringPtrOutput `pulumi:"country"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// The ID of the generated issuer.
	IssuerId pulumi.StringOutput `pulumi:"issuerId"`
	// Provides a name to the specified issuer. The name must be unique
	// across all issuers and not be the reserved value `default`
	IssuerName pulumi.StringOutput `pulumi:"issuerName"`
	// The issuing CA certificate.
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// The number of bits to use
	KeyBits pulumi.IntPtrOutput `pulumi:"keyBits"`
	// The ID of the generated key.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringOutput `pulumi:"keyName"`
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringOutput `pulumi:"keyRef"`
	// The desired key type
	KeyType pulumi.StringPtrOutput `pulumi:"keyType"`
	// The locality
	Locality pulumi.StringPtrOutput `pulumi:"locality"`
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringOutput `pulumi:"managedKeyId"`
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringOutput `pulumi:"managedKeyName"`
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrOutput `pulumi:"maxPathLength"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The organization
	Organization pulumi.StringPtrOutput `pulumi:"organization"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The organization unit
	Ou pulumi.StringPtrOutput `pulumi:"ou"`
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayOutput `pulumi:"permittedDnsDomains"`
	// The postal code
	PostalCode pulumi.StringPtrOutput `pulumi:"postalCode"`
	// The private key format
	PrivateKeyFormat pulumi.StringPtrOutput `pulumi:"privateKeyFormat"`
	// The province
	Province pulumi.StringPtrOutput `pulumi:"province"`
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// The street address
	StreetAddress pulumi.StringPtrOutput `pulumi:"streetAddress"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// Type of intermediate to create. Must be either \"exported\", \"internal\"
	// or \"kms\"
	Type pulumi.StringOutput `pulumi:"type"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkisecret.NewSecretBackendRootCert(ctx, "test", &pkisecret.SecretBackendRootCertArgs{
			Backend:           pulumi.Any(pki.Path),
			Type:              pulumi.String("internal"),
			CommonName:        pulumi.String("Root CA"),
			Ttl:               pulumi.String("315360000"),
			Format:            pulumi.String("pem"),
			PrivateKeyFormat:  pulumi.String("der"),
			KeyType:           pulumi.String("rsa"),
			KeyBits:           pulumi.Int(4096),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("My OU"),
			Organization:      pulumi.String("My organization"),
		}, pulumi.DependsOn([]pulumi.Resource{
			pki,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendRootCert 

func GetSecretBackendRootCert(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRootCertState, opts ...pulumi.ResourceOption) (*SecretBackendRootCert, error)

GetSecretBackendRootCert gets an existing SecretBackendRootCert resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRootCert 

func NewSecretBackendRootCert(ctx *pulumi.Context,
	name string, args *SecretBackendRootCertArgs, opts ...pulumi.ResourceOption) (*SecretBackendRootCert, error)

NewSecretBackendRootCert registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRootCert) ElementType 

func (*SecretBackendRootCert) ElementType() reflect.Type

func (*SecretBackendRootCert) ToSecretBackendRootCertOutput 

func (i *SecretBackendRootCert) ToSecretBackendRootCertOutput() SecretBackendRootCertOutput

func (*SecretBackendRootCert) ToSecretBackendRootCertOutputWithContext 

func (i *SecretBackendRootCert) ToSecretBackendRootCertOutputWithContext(ctx context.Context) SecretBackendRootCertOutput

type SecretBackendRootCertArgs 

type SecretBackendRootCertArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of intermediate to create
	CommonName pulumi.StringInput
	// The country
	Country pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Provides a name to the specified issuer. The name must be unique
	// across all issuers and not be the reserved value `default`
	IssuerName pulumi.StringPtrInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\", \"internal\"
	// or \"kms\"
	Type pulumi.StringInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendRootCert resource.

func (SecretBackendRootCertArgs) ElementType 

func (SecretBackendRootCertArgs) ElementType() reflect.Type

type SecretBackendRootCertArray 

type SecretBackendRootCertArray []SecretBackendRootCertInput

func (SecretBackendRootCertArray) ElementType 

func (SecretBackendRootCertArray) ElementType() reflect.Type

func (SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutput 

func (i SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutput() SecretBackendRootCertArrayOutput

func (SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutputWithContext 

func (i SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutputWithContext(ctx context.Context) SecretBackendRootCertArrayOutput

type SecretBackendRootCertArrayInput 

type SecretBackendRootCertArrayInput interface {
	pulumi.Input

	ToSecretBackendRootCertArrayOutput() SecretBackendRootCertArrayOutput
	ToSecretBackendRootCertArrayOutputWithContext(context.Context) SecretBackendRootCertArrayOutput
}

SecretBackendRootCertArrayInput is an input type that accepts SecretBackendRootCertArray and SecretBackendRootCertArrayOutput values. You can construct a concrete instance of `SecretBackendRootCertArrayInput` via: 

SecretBackendRootCertArray{ SecretBackendRootCertArgs{...} }

type SecretBackendRootCertArrayOutput 

type SecretBackendRootCertArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRootCertArrayOutput) ElementType 

func (SecretBackendRootCertArrayOutput) ElementType() reflect.Type

func (SecretBackendRootCertArrayOutput) Index 

func (o SecretBackendRootCertArrayOutput) Index(i pulumi.IntInput) SecretBackendRootCertOutput

func (SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutput 

func (o SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutput() SecretBackendRootCertArrayOutput

func (SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutputWithContext 

func (o SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutputWithContext(ctx context.Context) SecretBackendRootCertArrayOutput

type SecretBackendRootCertInput 

type SecretBackendRootCertInput interface {
	pulumi.Input

	ToSecretBackendRootCertOutput() SecretBackendRootCertOutput
	ToSecretBackendRootCertOutputWithContext(ctx context.Context) SecretBackendRootCertOutput
}

type SecretBackendRootCertMap 

type SecretBackendRootCertMap map[string]SecretBackendRootCertInput

func (SecretBackendRootCertMap) ElementType 

func (SecretBackendRootCertMap) ElementType() reflect.Type

func (SecretBackendRootCertMap) ToSecretBackendRootCertMapOutput 

func (i SecretBackendRootCertMap) ToSecretBackendRootCertMapOutput() SecretBackendRootCertMapOutput

func (SecretBackendRootCertMap) ToSecretBackendRootCertMapOutputWithContext 

func (i SecretBackendRootCertMap) ToSecretBackendRootCertMapOutputWithContext(ctx context.Context) SecretBackendRootCertMapOutput

type SecretBackendRootCertMapInput 

type SecretBackendRootCertMapInput interface {
	pulumi.Input

	ToSecretBackendRootCertMapOutput() SecretBackendRootCertMapOutput
	ToSecretBackendRootCertMapOutputWithContext(context.Context) SecretBackendRootCertMapOutput
}

SecretBackendRootCertMapInput is an input type that accepts SecretBackendRootCertMap and SecretBackendRootCertMapOutput values. You can construct a concrete instance of `SecretBackendRootCertMapInput` via: 

SecretBackendRootCertMap{ "key": SecretBackendRootCertArgs{...} }

type SecretBackendRootCertMapOutput 

type SecretBackendRootCertMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRootCertMapOutput) ElementType 

func (SecretBackendRootCertMapOutput) ElementType() reflect.Type

func (SecretBackendRootCertMapOutput) MapIndex 

func (o SecretBackendRootCertMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRootCertOutput

func (SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutput 

func (o SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutput() SecretBackendRootCertMapOutput

func (SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutputWithContext 

func (o SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutputWithContext(ctx context.Context) SecretBackendRootCertMapOutput

type SecretBackendRootCertOutput 

type SecretBackendRootCertOutput struct{ *pulumi.OutputState }

func (SecretBackendRootCertOutput) AltNames 

func (o SecretBackendRootCertOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendRootCertOutput) Backend 

func (o SecretBackendRootCertOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendRootCertOutput) Certificate 

func (o SecretBackendRootCertOutput) Certificate() pulumi.StringOutput

The certificate.

func (SecretBackendRootCertOutput) CommonName 

func (o SecretBackendRootCertOutput) CommonName() pulumi.StringOutput

CN of intermediate to create

func (SecretBackendRootCertOutput) Country 

func (o SecretBackendRootCertOutput) Country() pulumi.StringPtrOutput

The country

func (SecretBackendRootCertOutput) ElementType 

func (SecretBackendRootCertOutput) ElementType() reflect.Type

func (SecretBackendRootCertOutput) ExcludeCnFromSans 

func (o SecretBackendRootCertOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendRootCertOutput) Format 

func (o SecretBackendRootCertOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendRootCertOutput) IpSans 

func (o SecretBackendRootCertOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendRootCertOutput) IssuerId 

func (o SecretBackendRootCertOutput) IssuerId() pulumi.StringOutput

The ID of the generated issuer.

func (SecretBackendRootCertOutput) IssuerName 

func (o SecretBackendRootCertOutput) IssuerName() pulumi.StringOutput

Provides a name to the specified issuer. The name must be unique across all issuers and not be the reserved value `default`

func (SecretBackendRootCertOutput) IssuingCa 

func (o SecretBackendRootCertOutput) IssuingCa() pulumi.StringOutput

The issuing CA certificate.

func (SecretBackendRootCertOutput) KeyBits 

func (o SecretBackendRootCertOutput) KeyBits() pulumi.IntPtrOutput

The number of bits to use

func (SecretBackendRootCertOutput) KeyId 

func (o SecretBackendRootCertOutput) KeyId() pulumi.StringOutput

The ID of the generated key.

func (SecretBackendRootCertOutput) KeyName 

func (o SecretBackendRootCertOutput) KeyName() pulumi.StringOutput

When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name.

func (SecretBackendRootCertOutput) KeyRef 

func (o SecretBackendRootCertOutput) KeyRef() pulumi.StringOutput

Specifies the key (either default, by name, or by identifier) to use for generating this request. Only suitable for `type=existing` requests.

func (SecretBackendRootCertOutput) KeyType 

func (o SecretBackendRootCertOutput) KeyType() pulumi.StringPtrOutput

The desired key type

func (SecretBackendRootCertOutput) Locality 

func (o SecretBackendRootCertOutput) Locality() pulumi.StringPtrOutput

The locality

func (SecretBackendRootCertOutput) ManagedKeyId 

func (o SecretBackendRootCertOutput) ManagedKeyId() pulumi.StringOutput

The ID of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyName`

func (SecretBackendRootCertOutput) ManagedKeyName 

func (o SecretBackendRootCertOutput) ManagedKeyName() pulumi.StringOutput

The name of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyId`

func (SecretBackendRootCertOutput) MaxPathLength 

func (o SecretBackendRootCertOutput) MaxPathLength() pulumi.IntPtrOutput

The maximum path length to encode in the generated certificate

func (SecretBackendRootCertOutput) Namespace 

func (o SecretBackendRootCertOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendRootCertOutput) Organization 

func (o SecretBackendRootCertOutput) Organization() pulumi.StringPtrOutput

The organization

func (SecretBackendRootCertOutput) OtherSans 

func (o SecretBackendRootCertOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendRootCertOutput) Ou 

func (o SecretBackendRootCertOutput) Ou() pulumi.StringPtrOutput

The organization unit

func (SecretBackendRootCertOutput) PermittedDnsDomains 

func (o SecretBackendRootCertOutput) PermittedDnsDomains() pulumi.StringArrayOutput

List of domains for which certificates are allowed to be issued

func (SecretBackendRootCertOutput) PostalCode 

func (o SecretBackendRootCertOutput) PostalCode() pulumi.StringPtrOutput

The postal code

func (SecretBackendRootCertOutput) PrivateKeyFormat 

func (o SecretBackendRootCertOutput) PrivateKeyFormat() pulumi.StringPtrOutput

The private key format

func (SecretBackendRootCertOutput) Province 

func (o SecretBackendRootCertOutput) Province() pulumi.StringPtrOutput

The province

func (SecretBackendRootCertOutput) SerialNumber 

func (o SecretBackendRootCertOutput) SerialNumber() pulumi.StringOutput

The certificate's serial number, hex formatted.

func (SecretBackendRootCertOutput) StreetAddress 

func (o SecretBackendRootCertOutput) StreetAddress() pulumi.StringPtrOutput

The street address

func (SecretBackendRootCertOutput) ToSecretBackendRootCertOutput 

func (o SecretBackendRootCertOutput) ToSecretBackendRootCertOutput() SecretBackendRootCertOutput

func (SecretBackendRootCertOutput) ToSecretBackendRootCertOutputWithContext 

func (o SecretBackendRootCertOutput) ToSecretBackendRootCertOutputWithContext(ctx context.Context) SecretBackendRootCertOutput

func (SecretBackendRootCertOutput) Ttl 

func (o SecretBackendRootCertOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendRootCertOutput) Type 

func (o SecretBackendRootCertOutput) Type() pulumi.StringOutput

Type of intermediate to create. Must be either \"exported\", \"internal\" or \"kms\"

func (SecretBackendRootCertOutput) UriSans 

func (o SecretBackendRootCertOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

type SecretBackendRootCertState 

type SecretBackendRootCertState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The certificate.
	Certificate pulumi.StringPtrInput
	// CN of intermediate to create
	CommonName pulumi.StringPtrInput
	// The country
	Country pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// The ID of the generated issuer.
	IssuerId pulumi.StringPtrInput
	// Provides a name to the specified issuer. The name must be unique
	// across all issuers and not be the reserved value `default`
	IssuerName pulumi.StringPtrInput
	// The issuing CA certificate.
	IssuingCa pulumi.StringPtrInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// The ID of the generated key.
	KeyId pulumi.StringPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\", \"internal\"
	// or \"kms\"
	Type pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

func (SecretBackendRootCertState) ElementType 

func (SecretBackendRootCertState) ElementType() reflect.Type

type SecretBackendRootSignIntermediate 

type SecretBackendRootSignIntermediate struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// A list of the issuing and intermediate CA certificates in the `format` specified.
	CaChains pulumi.StringArrayOutput `pulumi:"caChains"`
	// The intermediate CA certificate in the `format` specified.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
	// Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
	CertificateBundle pulumi.StringOutput `pulumi:"certificateBundle"`
	// CN of intermediate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The country
	Country pulumi.StringPtrOutput `pulumi:"country"`
	// The CSR
	Csr pulumi.StringOutput `pulumi:"csr"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrOutput `pulumi:"issuerRef"`
	// The issuing CA certificate in the `format` specified.
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// The locality
	Locality pulumi.StringPtrOutput `pulumi:"locality"`
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrOutput `pulumi:"maxPathLength"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The organization
	Organization pulumi.StringPtrOutput `pulumi:"organization"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The organization unit
	Ou pulumi.StringPtrOutput `pulumi:"ou"`
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayOutput `pulumi:"permittedDnsDomains"`
	// The postal code
	PostalCode pulumi.StringPtrOutput `pulumi:"postalCode"`
	// The province
	Province pulumi.StringPtrOutput `pulumi:"province"`
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrOutput `pulumi:"revoke"`
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// The street address
	StreetAddress pulumi.StringPtrOutput `pulumi:"streetAddress"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
	// Preserve CSR values
	UseCsrValues pulumi.BoolPtrOutput `pulumi:"useCsrValues"`
}

Creates PKI certificate.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkisecret.NewSecretBackendRootSignIntermediate(ctx, "root", &pkisecret.SecretBackendRootSignIntermediateArgs{
			Backend:           pulumi.Any(rootVaultMount.Path),
			Csr:               pulumi.Any(intermediate.Csr),
			CommonName:        pulumi.String("Intermediate CA"),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("My OU"),
			Organization:      pulumi.String("My organization"),
		}, pulumi.DependsOn([]pulumi.Resource{
			intermediate,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendRootSignIntermediate 

func GetSecretBackendRootSignIntermediate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRootSignIntermediateState, opts ...pulumi.ResourceOption) (*SecretBackendRootSignIntermediate, error)

GetSecretBackendRootSignIntermediate gets an existing SecretBackendRootSignIntermediate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRootSignIntermediate 

func NewSecretBackendRootSignIntermediate(ctx *pulumi.Context,
	name string, args *SecretBackendRootSignIntermediateArgs, opts ...pulumi.ResourceOption) (*SecretBackendRootSignIntermediate, error)

NewSecretBackendRootSignIntermediate registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRootSignIntermediate) ElementType 

func (*SecretBackendRootSignIntermediate) ElementType() reflect.Type

func (*SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutput 

func (i *SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutput() SecretBackendRootSignIntermediateOutput

func (*SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutputWithContext 

func (i *SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateOutput

type SecretBackendRootSignIntermediateArgs 

type SecretBackendRootSignIntermediateArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of intermediate to create
	CommonName pulumi.StringInput
	// The country
	Country pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// Preserve CSR values
	UseCsrValues pulumi.BoolPtrInput
}

The set of arguments for constructing a SecretBackendRootSignIntermediate resource.

func (SecretBackendRootSignIntermediateArgs) ElementType 

func (SecretBackendRootSignIntermediateArgs) ElementType() reflect.Type

type SecretBackendRootSignIntermediateArray 

type SecretBackendRootSignIntermediateArray []SecretBackendRootSignIntermediateInput

func (SecretBackendRootSignIntermediateArray) ElementType 

func (SecretBackendRootSignIntermediateArray) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutput 

func (i SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutput() SecretBackendRootSignIntermediateArrayOutput

func (SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutputWithContext 

func (i SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateArrayOutput

type SecretBackendRootSignIntermediateArrayInput 

type SecretBackendRootSignIntermediateArrayInput interface {
	pulumi.Input

	ToSecretBackendRootSignIntermediateArrayOutput() SecretBackendRootSignIntermediateArrayOutput
	ToSecretBackendRootSignIntermediateArrayOutputWithContext(context.Context) SecretBackendRootSignIntermediateArrayOutput
}

SecretBackendRootSignIntermediateArrayInput is an input type that accepts SecretBackendRootSignIntermediateArray and SecretBackendRootSignIntermediateArrayOutput values. You can construct a concrete instance of `SecretBackendRootSignIntermediateArrayInput` via: 

SecretBackendRootSignIntermediateArray{ SecretBackendRootSignIntermediateArgs{...} }

type SecretBackendRootSignIntermediateArrayOutput 

type SecretBackendRootSignIntermediateArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRootSignIntermediateArrayOutput) ElementType 

func (SecretBackendRootSignIntermediateArrayOutput) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateArrayOutput) Index 

func (o SecretBackendRootSignIntermediateArrayOutput) Index(i pulumi.IntInput) SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutput 

func (o SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutput() SecretBackendRootSignIntermediateArrayOutput

func (SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutputWithContext 

func (o SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateArrayOutput

type SecretBackendRootSignIntermediateInput 

type SecretBackendRootSignIntermediateInput interface {
	pulumi.Input

	ToSecretBackendRootSignIntermediateOutput() SecretBackendRootSignIntermediateOutput
	ToSecretBackendRootSignIntermediateOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateOutput
}

type SecretBackendRootSignIntermediateMap 

type SecretBackendRootSignIntermediateMap map[string]SecretBackendRootSignIntermediateInput

func (SecretBackendRootSignIntermediateMap) ElementType 

func (SecretBackendRootSignIntermediateMap) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutput 

func (i SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutput() SecretBackendRootSignIntermediateMapOutput

func (SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutputWithContext 

func (i SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateMapOutput

type SecretBackendRootSignIntermediateMapInput 

type SecretBackendRootSignIntermediateMapInput interface {
	pulumi.Input

	ToSecretBackendRootSignIntermediateMapOutput() SecretBackendRootSignIntermediateMapOutput
	ToSecretBackendRootSignIntermediateMapOutputWithContext(context.Context) SecretBackendRootSignIntermediateMapOutput
}

SecretBackendRootSignIntermediateMapInput is an input type that accepts SecretBackendRootSignIntermediateMap and SecretBackendRootSignIntermediateMapOutput values. You can construct a concrete instance of `SecretBackendRootSignIntermediateMapInput` via: 

SecretBackendRootSignIntermediateMap{ "key": SecretBackendRootSignIntermediateArgs{...} }

type SecretBackendRootSignIntermediateMapOutput 

type SecretBackendRootSignIntermediateMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRootSignIntermediateMapOutput) ElementType 

func (SecretBackendRootSignIntermediateMapOutput) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateMapOutput) MapIndex 

func (o SecretBackendRootSignIntermediateMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutput 

func (o SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutput() SecretBackendRootSignIntermediateMapOutput

func (SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutputWithContext 

func (o SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateMapOutput

type SecretBackendRootSignIntermediateOutput 

type SecretBackendRootSignIntermediateOutput struct{ *pulumi.OutputState }

func (SecretBackendRootSignIntermediateOutput) AltNames 

func (o SecretBackendRootSignIntermediateOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendRootSignIntermediateOutput) Backend 

func (o SecretBackendRootSignIntermediateOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendRootSignIntermediateOutput) CaChains 

func (o SecretBackendRootSignIntermediateOutput) CaChains() pulumi.StringArrayOutput

A list of the issuing and intermediate CA certificates in the `format` specified.

func (SecretBackendRootSignIntermediateOutput) Certificate 

func (o SecretBackendRootSignIntermediateOutput) Certificate() pulumi.StringOutput

The intermediate CA certificate in the `format` specified.

func (SecretBackendRootSignIntermediateOutput) CertificateBundle 

func (o SecretBackendRootSignIntermediateOutput) CertificateBundle() pulumi.StringOutput

The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.

func (SecretBackendRootSignIntermediateOutput) CommonName 

func (o SecretBackendRootSignIntermediateOutput) CommonName() pulumi.StringOutput

CN of intermediate to create

func (SecretBackendRootSignIntermediateOutput) Country 

func (o SecretBackendRootSignIntermediateOutput) Country() pulumi.StringPtrOutput

The country

func (SecretBackendRootSignIntermediateOutput) Csr 

func (o SecretBackendRootSignIntermediateOutput) Csr() pulumi.StringOutput

The CSR

func (SecretBackendRootSignIntermediateOutput) ElementType 

func (SecretBackendRootSignIntermediateOutput) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateOutput) ExcludeCnFromSans 

func (o SecretBackendRootSignIntermediateOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendRootSignIntermediateOutput) Format 

func (o SecretBackendRootSignIntermediateOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendRootSignIntermediateOutput) IpSans 

func (o SecretBackendRootSignIntermediateOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendRootSignIntermediateOutput) IssuerRef 

func (o SecretBackendRootSignIntermediateOutput) IssuerRef() pulumi.StringPtrOutput

Specifies the default issuer of this request. May be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users overriding the role's `issuerRef` value.

func (SecretBackendRootSignIntermediateOutput) IssuingCa 

func (o SecretBackendRootSignIntermediateOutput) IssuingCa() pulumi.StringOutput

The issuing CA certificate in the `format` specified.

func (SecretBackendRootSignIntermediateOutput) Locality 

func (o SecretBackendRootSignIntermediateOutput) Locality() pulumi.StringPtrOutput

The locality

func (SecretBackendRootSignIntermediateOutput) MaxPathLength 

func (o SecretBackendRootSignIntermediateOutput) MaxPathLength() pulumi.IntPtrOutput

The maximum path length to encode in the generated certificate

func (SecretBackendRootSignIntermediateOutput) Namespace 

func (o SecretBackendRootSignIntermediateOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendRootSignIntermediateOutput) Organization 

func (o SecretBackendRootSignIntermediateOutput) Organization() pulumi.StringPtrOutput

The organization

func (SecretBackendRootSignIntermediateOutput) OtherSans 

func (o SecretBackendRootSignIntermediateOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendRootSignIntermediateOutput) Ou 

func (o SecretBackendRootSignIntermediateOutput) Ou() pulumi.StringPtrOutput

The organization unit

func (SecretBackendRootSignIntermediateOutput) PermittedDnsDomains 

func (o SecretBackendRootSignIntermediateOutput) PermittedDnsDomains() pulumi.StringArrayOutput

List of domains for which certificates are allowed to be issued

func (SecretBackendRootSignIntermediateOutput) PostalCode 

func (o SecretBackendRootSignIntermediateOutput) PostalCode() pulumi.StringPtrOutput

The postal code

func (SecretBackendRootSignIntermediateOutput) Province 

func (o SecretBackendRootSignIntermediateOutput) Province() pulumi.StringPtrOutput

The province

func (SecretBackendRootSignIntermediateOutput) Revoke 

func (o SecretBackendRootSignIntermediateOutput) Revoke() pulumi.BoolPtrOutput

If set to `true`, the certificate will be revoked on resource destruction.

func (SecretBackendRootSignIntermediateOutput) SerialNumber 

func (o SecretBackendRootSignIntermediateOutput) SerialNumber() pulumi.StringOutput

The certificate's serial number, hex formatted.

func (SecretBackendRootSignIntermediateOutput) StreetAddress 

func (o SecretBackendRootSignIntermediateOutput) StreetAddress() pulumi.StringPtrOutput

The street address

func (SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutput 

func (o SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutput() SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutputWithContext 

func (o SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateOutput) Ttl 

func (o SecretBackendRootSignIntermediateOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendRootSignIntermediateOutput) UriSans 

func (o SecretBackendRootSignIntermediateOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

func (SecretBackendRootSignIntermediateOutput) UseCsrValues 

func (o SecretBackendRootSignIntermediateOutput) UseCsrValues() pulumi.BoolPtrOutput

Preserve CSR values

type SecretBackendRootSignIntermediateState 

type SecretBackendRootSignIntermediateState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// A list of the issuing and intermediate CA certificates in the `format` specified.
	CaChains pulumi.StringArrayInput
	// The intermediate CA certificate in the `format` specified.
	Certificate pulumi.StringPtrInput
	// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
	// Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
	CertificateBundle pulumi.StringPtrInput
	// CN of intermediate to create
	CommonName pulumi.StringPtrInput
	// The country
	Country pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The issuing CA certificate in the `format` specified.
	IssuingCa pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// Preserve CSR values
	UseCsrValues pulumi.BoolPtrInput
}

func (SecretBackendRootSignIntermediateState) ElementType 

func (SecretBackendRootSignIntermediateState) ElementType() reflect.Type

type SecretBackendSign 

type SecretBackendSign struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrOutput `pulumi:"autoRenew"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The CA chain
	CaChains pulumi.StringArrayOutput `pulumi:"caChains"`
	// The certificate
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// CN of certificate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The CSR
	Csr pulumi.StringOutput `pulumi:"csr"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntOutput `pulumi:"expiration"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// Specifies the default issuer of this request. Can
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrOutput `pulumi:"issuerRef"`
	// The issuing CA
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrOutput `pulumi:"minSecondsRemaining"`
	// Name of the role to create the certificate against
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolOutput `pulumi:"renewPending"`
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkisecret.NewSecretBackendSign(ctx, "test", &pkisecret.SecretBackendSignArgs{
			Backend: pulumi.Any(pki.Path),
			Name:    pulumi.Any(admin.Name),
			Csr: pulumi.String(`-----BEGIN CERTIFICATE REQUEST-----

MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0 V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01 te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD 5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I 1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG 9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN 77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1 OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8 OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0 o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys= -----END CERTIFICATE REQUEST----- `), 

			CommonName: pulumi.String("test.my.domain"),
		}, pulumi.DependsOn([]pulumi.Resource{
			admin,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendSign 

func GetSecretBackendSign(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendSignState, opts ...pulumi.ResourceOption) (*SecretBackendSign, error)

GetSecretBackendSign gets an existing SecretBackendSign resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendSign 

func NewSecretBackendSign(ctx *pulumi.Context,
	name string, args *SecretBackendSignArgs, opts ...pulumi.ResourceOption) (*SecretBackendSign, error)

NewSecretBackendSign registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendSign) ElementType 

func (*SecretBackendSign) ElementType() reflect.Type

func (*SecretBackendSign) ToSecretBackendSignOutput 

func (i *SecretBackendSign) ToSecretBackendSignOutput() SecretBackendSignOutput

func (*SecretBackendSign) ToSecretBackendSignOutputWithContext 

func (i *SecretBackendSign) ToSecretBackendSignOutputWithContext(ctx context.Context) SecretBackendSignOutput

type SecretBackendSignArgs 

type SecretBackendSignArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of certificate to create
	CommonName pulumi.StringInput
	// The CSR
	Csr pulumi.StringInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. Can
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendSign resource.

func (SecretBackendSignArgs) ElementType 

func (SecretBackendSignArgs) ElementType() reflect.Type

type SecretBackendSignArray 

type SecretBackendSignArray []SecretBackendSignInput

func (SecretBackendSignArray) ElementType 

func (SecretBackendSignArray) ElementType() reflect.Type

func (SecretBackendSignArray) ToSecretBackendSignArrayOutput 

func (i SecretBackendSignArray) ToSecretBackendSignArrayOutput() SecretBackendSignArrayOutput

func (SecretBackendSignArray) ToSecretBackendSignArrayOutputWithContext 

func (i SecretBackendSignArray) ToSecretBackendSignArrayOutputWithContext(ctx context.Context) SecretBackendSignArrayOutput

type SecretBackendSignArrayInput 

type SecretBackendSignArrayInput interface {
	pulumi.Input

	ToSecretBackendSignArrayOutput() SecretBackendSignArrayOutput
	ToSecretBackendSignArrayOutputWithContext(context.Context) SecretBackendSignArrayOutput
}

SecretBackendSignArrayInput is an input type that accepts SecretBackendSignArray and SecretBackendSignArrayOutput values. You can construct a concrete instance of `SecretBackendSignArrayInput` via: 

SecretBackendSignArray{ SecretBackendSignArgs{...} }

type SecretBackendSignArrayOutput 

type SecretBackendSignArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendSignArrayOutput) ElementType 

func (SecretBackendSignArrayOutput) ElementType() reflect.Type

func (SecretBackendSignArrayOutput) Index 

func (o SecretBackendSignArrayOutput) Index(i pulumi.IntInput) SecretBackendSignOutput

func (SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutput 

func (o SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutput() SecretBackendSignArrayOutput

func (SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutputWithContext 

func (o SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutputWithContext(ctx context.Context) SecretBackendSignArrayOutput

type SecretBackendSignInput 

type SecretBackendSignInput interface {
	pulumi.Input

	ToSecretBackendSignOutput() SecretBackendSignOutput
	ToSecretBackendSignOutputWithContext(ctx context.Context) SecretBackendSignOutput
}

type SecretBackendSignMap 

type SecretBackendSignMap map[string]SecretBackendSignInput

func (SecretBackendSignMap) ElementType 

func (SecretBackendSignMap) ElementType() reflect.Type

func (SecretBackendSignMap) ToSecretBackendSignMapOutput 

func (i SecretBackendSignMap) ToSecretBackendSignMapOutput() SecretBackendSignMapOutput

func (SecretBackendSignMap) ToSecretBackendSignMapOutputWithContext 

func (i SecretBackendSignMap) ToSecretBackendSignMapOutputWithContext(ctx context.Context) SecretBackendSignMapOutput

type SecretBackendSignMapInput 

type SecretBackendSignMapInput interface {
	pulumi.Input

	ToSecretBackendSignMapOutput() SecretBackendSignMapOutput
	ToSecretBackendSignMapOutputWithContext(context.Context) SecretBackendSignMapOutput
}

SecretBackendSignMapInput is an input type that accepts SecretBackendSignMap and SecretBackendSignMapOutput values. You can construct a concrete instance of `SecretBackendSignMapInput` via: 

SecretBackendSignMap{ "key": SecretBackendSignArgs{...} }

type SecretBackendSignMapOutput 

type SecretBackendSignMapOutput struct{ *pulumi.OutputState }

func (SecretBackendSignMapOutput) ElementType 

func (SecretBackendSignMapOutput) ElementType() reflect.Type

func (SecretBackendSignMapOutput) MapIndex 

func (o SecretBackendSignMapOutput) MapIndex(k pulumi.StringInput) SecretBackendSignOutput

func (SecretBackendSignMapOutput) ToSecretBackendSignMapOutput 

func (o SecretBackendSignMapOutput) ToSecretBackendSignMapOutput() SecretBackendSignMapOutput

func (SecretBackendSignMapOutput) ToSecretBackendSignMapOutputWithContext 

func (o SecretBackendSignMapOutput) ToSecretBackendSignMapOutputWithContext(ctx context.Context) SecretBackendSignMapOutput

type SecretBackendSignOutput 

type SecretBackendSignOutput struct{ *pulumi.OutputState }

func (SecretBackendSignOutput) AltNames 

func (o SecretBackendSignOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendSignOutput) AutoRenew 

func (o SecretBackendSignOutput) AutoRenew() pulumi.BoolPtrOutput

If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`

func (SecretBackendSignOutput) Backend 

func (o SecretBackendSignOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendSignOutput) CaChains 

func (o SecretBackendSignOutput) CaChains() pulumi.StringArrayOutput

The CA chain

func (SecretBackendSignOutput) Certificate 

func (o SecretBackendSignOutput) Certificate() pulumi.StringOutput

The certificate

func (SecretBackendSignOutput) CommonName 

func (o SecretBackendSignOutput) CommonName() pulumi.StringOutput

CN of certificate to create

func (SecretBackendSignOutput) Csr 

func (o SecretBackendSignOutput) Csr() pulumi.StringOutput

The CSR

func (SecretBackendSignOutput) ElementType 

func (SecretBackendSignOutput) ElementType() reflect.Type

func (SecretBackendSignOutput) ExcludeCnFromSans 

func (o SecretBackendSignOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendSignOutput) Expiration 

func (o SecretBackendSignOutput) Expiration() pulumi.IntOutput

The expiration date of the certificate in unix epoch format

func (SecretBackendSignOutput) Format 

func (o SecretBackendSignOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendSignOutput) IpSans 

func (o SecretBackendSignOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendSignOutput) IssuerRef 

func (o SecretBackendSignOutput) IssuerRef() pulumi.StringPtrOutput

Specifies the default issuer of this request. Can be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users overriding the role's `issuerRef` value.

func (SecretBackendSignOutput) IssuingCa 

func (o SecretBackendSignOutput) IssuingCa() pulumi.StringOutput

The issuing CA

func (SecretBackendSignOutput) MinSecondsRemaining 

func (o SecretBackendSignOutput) MinSecondsRemaining() pulumi.IntPtrOutput

Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)

func (SecretBackendSignOutput) Name 

func (o SecretBackendSignOutput) Name() pulumi.StringOutput

Name of the role to create the certificate against

func (SecretBackendSignOutput) Namespace 

func (o SecretBackendSignOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendSignOutput) OtherSans 

func (o SecretBackendSignOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendSignOutput) RenewPending 

func (o SecretBackendSignOutput) RenewPending() pulumi.BoolOutput

`true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.

func (SecretBackendSignOutput) SerialNumber 

func (o SecretBackendSignOutput) SerialNumber() pulumi.StringOutput

The certificate's serial number, hex formatted.

func (SecretBackendSignOutput) ToSecretBackendSignOutput 

func (o SecretBackendSignOutput) ToSecretBackendSignOutput() SecretBackendSignOutput

func (SecretBackendSignOutput) ToSecretBackendSignOutputWithContext 

func (o SecretBackendSignOutput) ToSecretBackendSignOutputWithContext(ctx context.Context) SecretBackendSignOutput

func (SecretBackendSignOutput) Ttl 

func (o SecretBackendSignOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendSignOutput) UriSans 

func (o SecretBackendSignOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

type SecretBackendSignState 

type SecretBackendSignState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The CA chain
	CaChains pulumi.StringArrayInput
	// The certificate
	Certificate pulumi.StringPtrInput
	// CN of certificate to create
	CommonName pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. Can
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The issuing CA
	IssuingCa pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolPtrInput
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

func (SecretBackendSignState) ElementType 

func (SecretBackendSignState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.