From 4323cbec9476b8e58044d92252c2ea379379bac9 Mon Sep 17 00:00:00 2001
From: hc-github-team-secure-vault-core
 <82990506+hc-github-team-secure-vault-core@users.noreply.github.com>
Date: Tue, 7 Jun 2022 14:32:28 -0400
Subject: [PATCH] backport of commit 06c56355b59c14a950de627ac3724769bb3c0834
 (#15853)

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
---
 website/content/docs/agent/template.mdx | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/website/content/docs/agent/template.mdx b/website/content/docs/agent/template.mdx
index b121e9200503..4208c44fbea8 100644
--- a/website/content/docs/agent/template.mdx
+++ b/website/content/docs/agent/template.mdx
@@ -45,17 +45,25 @@ The following links contain additional resources for the templating language use
 
 ### Template Language Example
 
-Template with Vault Agent requires the use of the `secret` [function from Consul
-Template](https://github.com/hashicorp/consul-template/blob/master/docs/templating-language.md#secret).
+Template with Vault Agent requires the use of the `secret` [function](https://github.com/hashicorp/consul-template/blob/master/docs/templating-language.md#secret)
+or `pkiCert` [function](https://github.com/hashicorp/consul-template/blob/main/docs/templating-language.md#pkicert)
+from Consul Template.
+
 The following is an example of a template that retrieves a generic secret from Vault's
 KV store:
-
 ```
 {{ with secret "secret/my-secret" }}
 {{ .Data.data.foo }}
 {{ end }}
 ```
 
+The following is an example of a template that retrieves a PKI certificate from
+Vault's PKI secrets engine. The fetching of a certificate from a PKI role
+through this function will be based on the certificate's expiration.
+```
+{{ pkiCert "pki/issue/my-domain-dot-com" "common_name=foo.example.com" }}
+```
+
 ## Global Configurations
 
 The top level `template_config` block has the following configuration entries that affect