Table: vault_pki_role
For querying Roles in the pki engines
Examples
Get all roles in PKI mounts
select *from vault_pki_role;Obtain roles which have Code Signing capabilities
select path, name,from vault_pki_rolewhere code_signing_flag = 1;Schema for vault_pki_role
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| allow_any_name | boolean | Allow any name | |
| allow_ip_sans | boolean | Allow IP based subject alternative names | |
| allow_localhost | boolean | Allow localhost | |
| allow_sub_domains | boolean | Allow subdomains | |
| allowed_domains | jsonb | Array of allowed domain names | |
| allowed_other_sans | jsonb | Array of allowed other subject alternative names | |
| allowed_uri_sans | jsonb | Array of allowed URI based subject alternative names | |
| client_flag | boolean | Can generate client based certificates | |
| code_signing_flag | boolean | Can generate code-signing based certificates | |
| key_bits | bigint | Length of key in bits | |
| key_type | text | Type of key used, example 'RSA' | |
| max_ttl | bigint | Maximum TTL | |
| name | text | The PKI role | |
| path | text | The path (mount point) of the engine containing PKI roles | |
| server_flag | boolean | Can generate server based certificates | |
| ttl | bigint | Default TTL |