HashiCorp Vault: Generate Certificate and Key: What is the format for time-to-live (ttl)?

HashiCorp Vault REST API has an endpoint to generate (signed) cert and key: /pki/issue/:name

Official docs: https://developer.hashicorp.com/vault/api-docs/secret/pki#generate-certificate-and-key

In the body of the request, there is a JSON object key "ttl" for time-to-live. What are the supported value formats for this key?

I cannot find supported formats in official docs. By luck, I found other examples that allow suffices "h" for hours, e.g., "360h", and "d" for days, e.g., "7d".

Solution

It expects a time duration string parsable by Go time.ParseDuration.

https://github.com/hashicorp/vault/issues/1195

https://pkg.go.dev/time#ParseDuration

AWX + Hashicorp Vault django.request Bad Request
Why does HVAC does not see secrets in HashiCorp Vault?
HashiCorp Vault 403 Permission Denied issue with Kubernetes Auth
Unable to get airflow variables in dags from Vault secret backend
Hashicorp vault - export key from one vault, import into another vault
HashiCorp Vault to populate kubernetes secrets
HASHICORP VAULT: How to read multiple items from a file and write them to Vault
Hashicorp vault how to list all roles
access property of an object using hash-vault-js
Vault secrets list permission denied
How can I encrypt data with an already generated AES 256 GCM 96 key (coming from Hashicorp Vault)?
Access Denied on vault secrets
hashicorp vault agent template fails when starts with "no known secret ID"
Create a Vault UI user using the vault CLI
Vault does not return token renewed by script
Getting permission denied error while trying to access any vault secret engines using Spring boot application on kubernetes
Environment variables concatenation issue with Vault agent-jnject in Kubernetes deployment
Vault secret fetch using hvac python fails with TypeError where Type of response is <class 'requests.models.Response'>
Detect when a secret changes in Hashicorp Vault
My Vault policies does not allow me to create/update/delete secrets
Vault scaling using Consul
Hashicorp Vault cli return 403 when trying to use kv
Cannot install Hashicorp vault in LinuxMint 21.3 : The repository does not have a Release file
HashiCorp Transit Engine, what permission are required to read the public key?
Vault Agent Injector - Use init container only (disable sidecar)
How to call Hashicorp Vault from AWS Lambda in NodeJS with IAM Authentication
How to use values in Vault annotation content in Helm Chart
What is the difference between a HashiCorp Vault lease and token accessor?
Is there a way to allow a user to change it's own password on Hashicorp's Vault UI
Injecting secrets into Kubernetes pods via Vault Agent containers