Skip to content

Latest commit

 

History

History
32 lines (28 loc) · 2.85 KB

CreateSSHCertIssuer.md

File metadata and controls

32 lines (28 loc) · 2.85 KB

CreateSSHCertIssuer

Properties

Name Type Description Notes
provider_type str [optional]
allowed_users str Users allowed to fetch the certificate, e.g root,ubuntu
delete_protection str Protection from accidental deletion of this object [true/false] [optional]
description str Description of the object [optional]
extensions dict(str, str) Signed certificates with extensions, e.g permit-port-forwarding=\"\" [optional]
host_provider str Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret [optional]
json bool Set output format to JSON [optional] [default to False]
metadata str Deprecated - use description [optional]
name str SSH certificate issuer name
principals str Signed certificates with principal, e.g example_role1,example_role2 [optional]
secure_access_bastion_api str Bastion's SSH control API endpoint. E.g. https://my.bastion:9900 [optional]
secure_access_bastion_ssh str Bastion's SSH server. E.g. my.bastion:22 [optional]
secure_access_enable str Enable/Disable secure remote access [true/false] [optional]
secure_access_enforce_hosts_restriction bool Enable this flag to enforce connections only to the hosts listed in --secure-access-host [optional]
secure_access_host list[str] Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers) [optional]
secure_access_ssh_creds_user str SSH username to connect to target server, must be in 'Allowed Users' list [optional]
secure_access_use_internal_bastion bool Use internal SSH Bastion [optional]
signer_key_name str A key to sign the certificate with
tag list[str] List of the tags attached to this key [optional]
target list[str] A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times [optional]
token str Authentication token (see `/auth` and `/configure`) [optional]
ttl int The requested Time To Live for the certificate, in seconds
uid_token str The universal identity token, Required only for universal_identity authentication [optional]

[Back to Model list] [Back to API list] [Back to README]