Resource Type: vault_cert

Defined in:
lib/puppet/type/vault_cert.rb
Providers:
vault_cert

Overview

A type representing a certificate issued by Hashicorp Vault

Properties

  • cert (defaults to: auto)

    Read-only property which contains the value of the certificate

    Supported values:
    • auto
  • cert_chain (defaults to: auto)

    Read-only property which contains the value of the CA chain

    Supported values:
    • auto
  • cert_chain_file

    Where the CA chain file should be written

  • cert_chain_group (defaults to: root)

    The group which the cert_chain_file should be owned by

  • cert_chain_mode (defaults to: 0644)

    The file mode the cert_chain_file should be written with

  • cert_chain_owner (defaults to: root)

    The user which the cert_chain_file should be owned by

  • cert_data

    The attributes of the certificate to be issued

  • cert_file

    Where the certificate file should be written

  • cert_group (defaults to: root)

    The group which the cert_file should be owned by

  • cert_mode (defaults to: 0644)

    The file mode the cert _file should be written with

  • cert_owner (defaults to: root)

    The user which the cert_file should be owned by

  • ensure (defaults to: present)

    The basic property that the resource should be in.

    Supported values:
    • present
    • absent
  • expiration (defaults to: auto)

    Read-only property showing the expiration time of the certificate

    Supported values:
    • auto
  • info_cert (defaults to: auto)

    Read-only property which contains the value of the cerificate from the info file

    Supported values:
    • auto
  • info_cert_chain (defaults to: auto)

    Read-only property which contains the value of the CA chain from the info file

    Supported values:
    • auto
  • info_group (defaults to: root)

    The group which the info_file should be owned by

  • info_key (defaults to: auto)

    Read-only property which contains the value of the private key from the info file

    Supported values:
    • auto
  • info_mode (defaults to: 0600)

    The file mode the info_file should be written with

  • info_owner (defaults to: root)

    The user which the info_file should be owned by

  • key (defaults to: auto)

    Read-only property which contains the value of the privat ekey

    Supported values:
    • auto
  • key_file

    Where the key file should be written

  • key_group (defaults to: root)

    The group which the key_file should be owned by

  • key_mode (defaults to: 0600)

    The file mode the key file should be written with

  • key_owner (defaults to: root)

    The user which the key_file should be owned by

Parameters

  • auth_name

    The named certificate role used to authenticate puppet agent to vault

  • auth_path (defaults to: puppet-pki)

    The path used to authenticate puppet agent to vault

  • ca_trust

    Optional path to the file containing trusted certificate authorities

  • name (namevar)

    The name of the certificate

  • provider

    The specific backend to use for this ‘vault_cert` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.

  • renewal_threshold (defaults to: 3)

    Certificate should be renewed when fewer than this many days remain before expiry

  • timeout (defaults to: 5)

    Length of time to wait on vault connections

  • vault_uri

    The full URI of the vault PKI secrets engine