Creating a Root Certificate Authority in Vault with Terraform

root_ca.tf

resource tls_self_signed_cert ca_cert {
   private_key_pem = tls_private_key.ca_key.private_key_pem
   key_algorithm = "RSA"
   subject {
     common_name = "${var.server_cert_domain} Root CA"
     organization = "Acme Inc"
     organizational_unit = "Development"
     street_address = ["1234 Main Street"]
     locality = "Beverly Hills"
     province = "CA"
     country = "USA"
     postal_code = "90210"

   }
   # 175200 = 20 years
   validity_period_hours = 175200
   allowed_uses = [
     "cert_signing",
     "crl_signing"
   ]
   is_ca_certificate = true 

}