example failing to create a certificate

console.txt

> vault write pki/roles/example allowed_domains=example.com allow_subdomains=true max_ttl=72h
Success! Data written to: pki/roles/example

> > terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + vault_generic_secret.cert
      id:           <computed>
      data_json:    "{\"common_name\":\"foo.example.com\",\"ip_sans\":\"1.2.3.4\"}"
      disable_read: "false"
      path:         "pki/issue/example"


Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

vault_generic_secret.cert: Creating...
  data_json:    "" => "{\"common_name\":\"foo.example.com\",\"ip_sans\":\"1.2.3.4\"}"
  disable_read: "" => "false"
  path:         "" => "pki/issue/example"

Error: Error applying plan:

1 error(s) occurred:

* vault_generic_secret.cert: 1 error(s) occurred:

* vault_generic_secret.cert: error reading from Vault: Error making API request.

URL: GET http://127.0.0.1:8200/v1/pki/issue/example
Code: 405. Errors:

* 1 error occurred:

* unsupported operation

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

main.tf

resource "vault_generic_secret" "cert" {
  path = "pki/issue/example"

  data_json = <<EOT
        { 
            "common_name": "foo.example.com",
            "ip_sans": "1.2.3.4"
        }
EOT
}