PUT PKI/HashiCorp/Role/{guid}
Updates Trust Protection Platform information about a HashiCorp role.
Requirements
- Permissions: The caller must have Manage Policy permission to the Role policy object.
- Token scope: Certificate:Manage
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
For additional information, about HashiCorp roles, see https://www.vaultproject.io/api-docs/secret/pki/#createupdate-role [vaultproject.io].
Name |
Description |
---|---|
{guid} |
In the request URL, specify the GUID that uniquely identifies a HashiCorp role. To get the GUID, call POST Config/FindObjectsOfClass with these parameters:
|
City | (Optional) The allowed City or Locality (L) that this role can use for CSRs. |
Country | (Optional) The allowed Country (C) that this role can use for CSRs. |
EnhancedKeyUsage |
(Optional) An array of role capability:
|
KeyAlgorithm |
(Optional) Required when the HashiCorp Vault CA is responsible for generating the key pair and CSR. Use in conjunction with KeyBitSize.
|
KeyBitSize |
|
Organization | (Optional) The allowed Organization (O) that this role can use for CSRs. |
OrganizationalUnits | (Optional) An array of allowed department or divisions within the organization (OU) that this role can use for CSRs. |
State | (Optional) The allowed State (ST) that this role can use to generate CSRs. |
WhitelistedDomains | (Optional) This role only allows the Common Name (CN) and Domain Name Server (DNS) SANs in CSRs to end with one of the domains from the array. |
Returns
Name |
Description |
---|---|
HTTP 400 on Error |
Returns an Error message for bad parameters, data, or syntax.
|
HTTP 200 on Success |
For valid requests, this method returns a HTTP 200 message and the following message body:
|
Example: Change the key algorithm and key bit strength for the HashiCorp role.
Request for Example
PUT https://test.venafi.example/vedsdk/PKI/HashiCorp/Role/{1ec53de0-8773-45a5-862f-f5ea56df8be2} Authorization:Bearer 4MyGeneratedBearerTknz== { "KeyAlgorithm":"EC", "KeyBitSize":"p256" }
Response for Example
HTTP/1.1 200 OK { "Error": null, "Guid": "{1ec53de0-8773-45a5-862f-f5ea56df8be2}" }