approle

package
v3.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthBackendLogin 

type AuthBackendLogin struct {
	pulumi.CustomResourceState

	// The accessor for the token.
	Accessor pulumi.StringOutput `pulumi:"accessor"`
	// The unique path of the Vault backend to log in with.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// The Vault token created.
	ClientToken pulumi.StringOutput `pulumi:"clientToken"`
	// How long the token is valid for, in seconds.
	LeaseDuration pulumi.IntOutput `pulumi:"leaseDuration"`
	// The date and time the lease started, in RFC 3339 format.
	LeaseStarted pulumi.StringOutput `pulumi:"leaseStarted"`
	// The metadata associated with the token.
	Metadata pulumi.StringMapOutput `pulumi:"metadata"`
	// A list of policies applied to the token.
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// Whether the token is renewable or not.
	Renewable pulumi.BoolOutput `pulumi:"renewable"`
	// The ID of the role to log in with.
	RoleId pulumi.StringOutput `pulumi:"roleId"`
	// The secret ID of the role to log in with. Required
	// unless `bindSecretId` is set to false on the role.
	SecretId pulumi.StringPtrOutput `pulumi:"secretId"`
}

Logs into Vault using the AppRole auth backend. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{
			Type: pulumi.String("approle"),
		})
		if err != nil {
			return err
		}
		example, err := appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{
			Backend: approle.Path,
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("dev"),
				pulumi.String("prod"),
			},
			RoleName: pulumi.String("test-role"),
		})
		if err != nil {
			return err
		}
		id, err := appRole.NewAuthBackendRoleSecretID(ctx, "id", &appRole.AuthBackendRoleSecretIDArgs{
			Backend:  approle.Path,
			RoleName: example.RoleName,
		})
		if err != nil {
			return err
		}
		_, err = appRole.NewAuthBackendLogin(ctx, "login", &appRole.AuthBackendLoginArgs{
			Backend:  approle.Path,
			RoleId:   example.RoleId,
			SecretId: id.SecretId,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetAuthBackendLogin 

func GetAuthBackendLogin(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthBackendLoginState, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)

GetAuthBackendLogin gets an existing AuthBackendLogin resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthBackendLogin 

func NewAuthBackendLogin(ctx *pulumi.Context,
	name string, args *AuthBackendLoginArgs, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)

NewAuthBackendLogin registers a new resource with the given unique name, arguments, and options.

func (*AuthBackendLogin) ElementType added in v3.0.2 

func (*AuthBackendLogin) ElementType() reflect.Type

func (*AuthBackendLogin) ToAuthBackendLoginOutput added in v3.0.2 

func (i *AuthBackendLogin) ToAuthBackendLoginOutput() AuthBackendLoginOutput

func (*AuthBackendLogin) ToAuthBackendLoginOutputWithContext added in v3.0.2 

func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput

func (*AuthBackendLogin) ToAuthBackendLoginPtrOutput added in v3.4.1 

func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput

func (*AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext added in v3.4.1 

func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput

type AuthBackendLoginArgs 

type AuthBackendLoginArgs struct {
	// The unique path of the Vault backend to log in with.
	Backend pulumi.StringPtrInput
	// The ID of the role to log in with.
	RoleId pulumi.StringInput
	// The secret ID of the role to log in with. Required
	// unless `bindSecretId` is set to false on the role.
	SecretId pulumi.StringPtrInput
}

The set of arguments for constructing a AuthBackendLogin resource.

func (AuthBackendLoginArgs) ElementType 

func (AuthBackendLoginArgs) ElementType() reflect.Type

type AuthBackendLoginArray added in v3.4.1 

type AuthBackendLoginArray []AuthBackendLoginInput

func (AuthBackendLoginArray) ElementType added in v3.4.1 

func (AuthBackendLoginArray) ElementType() reflect.Type

func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutput added in v3.4.1 

func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput

func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext added in v3.4.1 

func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput

type AuthBackendLoginArrayInput added in v3.4.1 

type AuthBackendLoginArrayInput interface {
	pulumi.Input

	ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
	ToAuthBackendLoginArrayOutputWithContext(context.Context) AuthBackendLoginArrayOutput
}

AuthBackendLoginArrayInput is an input type that accepts AuthBackendLoginArray and AuthBackendLoginArrayOutput values. You can construct a concrete instance of `AuthBackendLoginArrayInput` via: 

AuthBackendLoginArray{ AuthBackendLoginArgs{...} }

type AuthBackendLoginArrayOutput added in v3.4.1 

type AuthBackendLoginArrayOutput struct{ *pulumi.OutputState }

func (AuthBackendLoginArrayOutput) ElementType added in v3.4.1 

func (AuthBackendLoginArrayOutput) ElementType() reflect.Type

func (AuthBackendLoginArrayOutput) Index added in v3.4.1 

func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput

func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput added in v3.4.1 

func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput

func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext added in v3.4.1 

func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput

type AuthBackendLoginInput added in v3.0.2 

type AuthBackendLoginInput interface {
	pulumi.Input

	ToAuthBackendLoginOutput() AuthBackendLoginOutput
	ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
}

type AuthBackendLoginMap added in v3.4.1 

type AuthBackendLoginMap map[string]AuthBackendLoginInput

func (AuthBackendLoginMap) ElementType added in v3.4.1 

func (AuthBackendLoginMap) ElementType() reflect.Type

func (AuthBackendLoginMap) ToAuthBackendLoginMapOutput added in v3.4.1 

func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput

func (AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext added in v3.4.1 

func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput

type AuthBackendLoginMapInput added in v3.4.1 

type AuthBackendLoginMapInput interface {
	pulumi.Input

	ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
	ToAuthBackendLoginMapOutputWithContext(context.Context) AuthBackendLoginMapOutput
}

AuthBackendLoginMapInput is an input type that accepts AuthBackendLoginMap and AuthBackendLoginMapOutput values. You can construct a concrete instance of `AuthBackendLoginMapInput` via: 

AuthBackendLoginMap{ "key": AuthBackendLoginArgs{...} }

type AuthBackendLoginMapOutput added in v3.4.1 

type AuthBackendLoginMapOutput struct{ *pulumi.OutputState }

func (AuthBackendLoginMapOutput) ElementType added in v3.4.1 

func (AuthBackendLoginMapOutput) ElementType() reflect.Type

func (AuthBackendLoginMapOutput) MapIndex added in v3.4.1 

func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput

func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput added in v3.4.1 

func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput

func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext added in v3.4.1 

func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput

type AuthBackendLoginOutput added in v3.0.2 

type AuthBackendLoginOutput struct {
	*pulumi.OutputState
}

func (AuthBackendLoginOutput) ElementType added in v3.0.2 

func (AuthBackendLoginOutput) ElementType() reflect.Type

func (AuthBackendLoginOutput) ToAuthBackendLoginOutput added in v3.0.2 

func (o AuthBackendLoginOutput) ToAuthBackendLoginOutput() AuthBackendLoginOutput

func (AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext added in v3.0.2 

func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput

func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput added in v3.4.1 

func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput

func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext added in v3.4.1 

func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput

type AuthBackendLoginPtrInput added in v3.4.1 

type AuthBackendLoginPtrInput interface {
	pulumi.Input

	ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
	ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
}

type AuthBackendLoginPtrOutput added in v3.4.1 

type AuthBackendLoginPtrOutput struct {
	*pulumi.OutputState
}

func (AuthBackendLoginPtrOutput) ElementType added in v3.4.1 

func (AuthBackendLoginPtrOutput) ElementType() reflect.Type

func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput added in v3.4.1 

func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput

func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext added in v3.4.1 

func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput

type AuthBackendLoginState 

type AuthBackendLoginState struct {
	// The accessor for the token.
	Accessor pulumi.StringPtrInput
	// The unique path of the Vault backend to log in with.
	Backend pulumi.StringPtrInput
	// The Vault token created.
	ClientToken pulumi.StringPtrInput
	// How long the token is valid for, in seconds.
	LeaseDuration pulumi.IntPtrInput
	// The date and time the lease started, in RFC 3339 format.
	LeaseStarted pulumi.StringPtrInput
	// The metadata associated with the token.
	Metadata pulumi.StringMapInput
	// A list of policies applied to the token.
	Policies pulumi.StringArrayInput
	// Whether the token is renewable or not.
	Renewable pulumi.BoolPtrInput
	// The ID of the role to log in with.
	RoleId pulumi.StringPtrInput
	// The secret ID of the role to log in with. Required
	// unless `bindSecretId` is set to false on the role.
	SecretId pulumi.StringPtrInput
}

func (AuthBackendLoginState) ElementType 

func (AuthBackendLoginState) ElementType() reflect.Type

type AuthBackendRole 

type AuthBackendRole struct {
	pulumi.CustomResourceState

	// The unique name of the auth backend to configure.
	// Defaults to `approle`.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// Whether or not to require `secretId` to be
	// presented when logging in using this AppRole. Defaults to `true`.
	BindSecretId pulumi.BoolPtrOutput `pulumi:"bindSecretId"`
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	//
	// Deprecated: use `secret_id_bound_cidrs` instead
	BoundCidrLists pulumi.StringArrayOutput `pulumi:"boundCidrLists"`
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	//
	// Deprecated: use `token_period` instead if you are running Vault >= 1.2
	Period pulumi.IntPtrOutput `pulumi:"period"`
	// An array of strings
	// specifying the policies to be set on tokens issued using this role.
	//
	// Deprecated: use `token_policies` instead if you are running Vault >= 1.2
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// The RoleID of this role. If not specified, one will be
	// auto-generated.
	RoleId pulumi.StringOutput `pulumi:"roleId"`
	// The name of the role.
	RoleName pulumi.StringOutput `pulumi:"roleName"`
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs pulumi.StringArrayOutput `pulumi:"secretIdBoundCidrs"`
	// The number of times any particular SecretID
	// can be used to fetch a token from this AppRole, after which the SecretID will
	// expire. A value of zero will allow unlimited uses.
	SecretIdNumUses pulumi.IntPtrOutput `pulumi:"secretIdNumUses"`
	// The number of seconds after which any SecretID
	// expires.
	SecretIdTtl pulumi.IntPtrOutput `pulumi:"secretIdTtl"`
	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"`
	// If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"`
	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"`
	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"`
	// The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"`
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"`
	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"`
	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"`
	// The type of token that should be generated. Can be `service`,
	// `batch`, or `default` to use the mount's tuned default (which unless changed will be
	// `service` tokens). For token store roles, there are two additional possibilities:
	// `default-service` and `default-batch` which specify the type to return unless the client
	// requests a different type at generation time.
	TokenType pulumi.StringPtrOutput `pulumi:"tokenType"`
}

Manages an AppRole auth backend role in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{
			Type: pulumi.String("approle"),
		})
		if err != nil {
			return err
		}
		_, err = appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{
			Backend:  approle.Path,
			RoleName: pulumi.String("test-role"),
			TokenPolicies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("dev"),
				pulumi.String("prod"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AppRole authentication backend roles can be imported using the `path`, e.g.

```sh 

$ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role

```

func GetAuthBackendRole 

func GetAuthBackendRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthBackendRoleState, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)

GetAuthBackendRole gets an existing AuthBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthBackendRole 

func NewAuthBackendRole(ctx *pulumi.Context,
	name string, args *AuthBackendRoleArgs, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)

NewAuthBackendRole registers a new resource with the given unique name, arguments, and options.

func (*AuthBackendRole) ElementType added in v3.0.2 

func (*AuthBackendRole) ElementType() reflect.Type

func (*AuthBackendRole) ToAuthBackendRoleOutput added in v3.0.2 

func (i *AuthBackendRole) ToAuthBackendRoleOutput() AuthBackendRoleOutput

func (*AuthBackendRole) ToAuthBackendRoleOutputWithContext added in v3.0.2 

func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput

func (*AuthBackendRole) ToAuthBackendRolePtrOutput added in v3.4.1 

func (i *AuthBackendRole) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput

func (*AuthBackendRole) ToAuthBackendRolePtrOutputWithContext added in v3.4.1 

func (i *AuthBackendRole) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput

type AuthBackendRoleArgs 

type AuthBackendRoleArgs struct {
	// The unique name of the auth backend to configure.
	// Defaults to `approle`.
	Backend pulumi.StringPtrInput
	// Whether or not to require `secretId` to be
	// presented when logging in using this AppRole. Defaults to `true`.
	BindSecretId pulumi.BoolPtrInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	//
	// Deprecated: use `secret_id_bound_cidrs` instead
	BoundCidrLists pulumi.StringArrayInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	//
	// Deprecated: use `token_period` instead if you are running Vault >= 1.2
	Period pulumi.IntPtrInput
	// An array of strings
	// specifying the policies to be set on tokens issued using this role.
	//
	// Deprecated: use `token_policies` instead if you are running Vault >= 1.2
	Policies pulumi.StringArrayInput
	// The RoleID of this role. If not specified, one will be
	// auto-generated.
	RoleId pulumi.StringPtrInput
	// The name of the role.
	RoleName pulumi.StringInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs pulumi.StringArrayInput
	// The number of times any particular SecretID
	// can be used to fetch a token from this AppRole, after which the SecretID will
	// expire. A value of zero will allow unlimited uses.
	SecretIdNumUses pulumi.IntPtrInput
	// The number of seconds after which any SecretID
	// expires.
	SecretIdTtl pulumi.IntPtrInput
	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayInput
	// If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrInput
	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrInput
	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayInput
	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrInput
	// The type of token that should be generated. Can be `service`,
	// `batch`, or `default` to use the mount's tuned default (which unless changed will be
	// `service` tokens). For token store roles, there are two additional possibilities:
	// `default-service` and `default-batch` which specify the type to return unless the client
	// requests a different type at generation time.
	TokenType pulumi.StringPtrInput
}

The set of arguments for constructing a AuthBackendRole resource.

func (AuthBackendRoleArgs) ElementType 

func (AuthBackendRoleArgs) ElementType() reflect.Type

type AuthBackendRoleArray added in v3.4.1 

type AuthBackendRoleArray []AuthBackendRoleInput

func (AuthBackendRoleArray) ElementType added in v3.4.1 

func (AuthBackendRoleArray) ElementType() reflect.Type

func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutput added in v3.4.1 

func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput

func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext added in v3.4.1 

func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput

type AuthBackendRoleArrayInput added in v3.4.1 

type AuthBackendRoleArrayInput interface {
	pulumi.Input

	ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
	ToAuthBackendRoleArrayOutputWithContext(context.Context) AuthBackendRoleArrayOutput
}

AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. You can construct a concrete instance of `AuthBackendRoleArrayInput` via: 

AuthBackendRoleArray{ AuthBackendRoleArgs{...} }

type AuthBackendRoleArrayOutput added in v3.4.1 

type AuthBackendRoleArrayOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleArrayOutput) ElementType added in v3.4.1 

func (AuthBackendRoleArrayOutput) ElementType() reflect.Type

func (AuthBackendRoleArrayOutput) Index added in v3.4.1 

func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput

func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput added in v3.4.1 

func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput

func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext added in v3.4.1 

func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput

type AuthBackendRoleInput added in v3.0.2 

type AuthBackendRoleInput interface {
	pulumi.Input

	ToAuthBackendRoleOutput() AuthBackendRoleOutput
	ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
}

type AuthBackendRoleMap added in v3.4.1 

type AuthBackendRoleMap map[string]AuthBackendRoleInput

func (AuthBackendRoleMap) ElementType added in v3.4.1 

func (AuthBackendRoleMap) ElementType() reflect.Type

func (AuthBackendRoleMap) ToAuthBackendRoleMapOutput added in v3.4.1 

func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput

func (AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext added in v3.4.1 

func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput

type AuthBackendRoleMapInput added in v3.4.1 

type AuthBackendRoleMapInput interface {
	pulumi.Input

	ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
	ToAuthBackendRoleMapOutputWithContext(context.Context) AuthBackendRoleMapOutput
}

AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. You can construct a concrete instance of `AuthBackendRoleMapInput` via: 

AuthBackendRoleMap{ "key": AuthBackendRoleArgs{...} }

type AuthBackendRoleMapOutput added in v3.4.1 

type AuthBackendRoleMapOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleMapOutput) ElementType added in v3.4.1 

func (AuthBackendRoleMapOutput) ElementType() reflect.Type

func (AuthBackendRoleMapOutput) MapIndex added in v3.4.1 

func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput

func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput added in v3.4.1 

func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput

func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext added in v3.4.1 

func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput

type AuthBackendRoleOutput added in v3.0.2 

type AuthBackendRoleOutput struct {
	*pulumi.OutputState
}

func (AuthBackendRoleOutput) ElementType added in v3.0.2 

func (AuthBackendRoleOutput) ElementType() reflect.Type

func (AuthBackendRoleOutput) ToAuthBackendRoleOutput added in v3.0.2 

func (o AuthBackendRoleOutput) ToAuthBackendRoleOutput() AuthBackendRoleOutput

func (AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext added in v3.0.2 

func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput

func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutput added in v3.4.1 

func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput

func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext added in v3.4.1 

func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput

type AuthBackendRolePtrInput added in v3.4.1 

type AuthBackendRolePtrInput interface {
	pulumi.Input

	ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
	ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
}

type AuthBackendRolePtrOutput added in v3.4.1 

type AuthBackendRolePtrOutput struct {
	*pulumi.OutputState
}

func (AuthBackendRolePtrOutput) ElementType added in v3.4.1 

func (AuthBackendRolePtrOutput) ElementType() reflect.Type

func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput added in v3.4.1 

func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput

func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext added in v3.4.1 

func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput

type AuthBackendRoleSecretID 

type AuthBackendRoleSecretID struct {
	pulumi.CustomResourceState

	// The unique ID for this SecretID that can be safely logged.
	Accessor pulumi.StringOutput `pulumi:"accessor"`
	// Unique name of the auth backend to configure.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// If set, specifies blocks of IP addresses which can
	// perform the login operation using this SecretID.
	CidrLists pulumi.StringArrayOutput `pulumi:"cidrLists"`
	// A JSON-encoded string containing metadata in
	// key-value pairs to be set on tokens issued with this SecretID.
	Metadata pulumi.StringPtrOutput `pulumi:"metadata"`
	// The name of the role to create the SecretID for.
	RoleName pulumi.StringOutput `pulumi:"roleName"`
	// The SecretID to be created. If set, uses "Push"
	// mode.  Defaults to Vault auto-generating SecretIDs.
	SecretId pulumi.StringOutput `pulumi:"secretId"`
	// The unique ID for the response-wrapped SecretID that can
	// be safely logged.
	WrappingAccessor pulumi.StringOutput `pulumi:"wrappingAccessor"`
	// The token used to retrieve a response-wrapped SecretID.
	WrappingToken pulumi.StringOutput `pulumi:"wrappingToken"`
	// If set, the SecretID response will be
	// [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping)
	// and available for the duration specified. Only a single unwrapping of the
	// token is allowed.
	WrappingTtl pulumi.StringPtrOutput `pulumi:"wrappingTtl"`
}

Manages an AppRole auth backend SecretID in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.

## Example Usage

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{
			Type: pulumi.String("approle"),
		})
		if err != nil {
			return err
		}
		example, err := appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{
			Backend: approle.Path,
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("dev"),
				pulumi.String("prod"),
			},
			RoleName: pulumi.String("test-role"),
		})
		if err != nil {
			return err
		}
		_, err = appRole.NewAuthBackendRoleSecretID(ctx, "id", &appRole.AuthBackendRoleSecretIDArgs{
			Backend:  approle.Path,
			Metadata: pulumi.String(fmt.Sprintf("%v%v%v%v", "{\n", "  \"hello\": \"world\"\n", "}\n", "\n")),
			RoleName: example.RoleName,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetAuthBackendRoleSecretID 

func GetAuthBackendRoleSecretID(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthBackendRoleSecretIDState, opts ...pulumi.ResourceOption) (*AuthBackendRoleSecretID, error)

GetAuthBackendRoleSecretID gets an existing AuthBackendRoleSecretID resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthBackendRoleSecretID 

func NewAuthBackendRoleSecretID(ctx *pulumi.Context,
	name string, args *AuthBackendRoleSecretIDArgs, opts ...pulumi.ResourceOption) (*AuthBackendRoleSecretID, error)

NewAuthBackendRoleSecretID registers a new resource with the given unique name, arguments, and options.

func (*AuthBackendRoleSecretID) ElementType added in v3.0.2 

func (*AuthBackendRoleSecretID) ElementType() reflect.Type

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutput added in v3.0.2 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutputWithContext added in v3.0.2 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutput added in v3.4.1 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutputWithContext added in v3.4.1 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput

type AuthBackendRoleSecretIDArgs 

type AuthBackendRoleSecretIDArgs struct {
	// Unique name of the auth backend to configure.
	Backend pulumi.StringPtrInput
	// If set, specifies blocks of IP addresses which can
	// perform the login operation using this SecretID.
	CidrLists pulumi.StringArrayInput
	// A JSON-encoded string containing metadata in
	// key-value pairs to be set on tokens issued with this SecretID.
	Metadata pulumi.StringPtrInput
	// The name of the role to create the SecretID for.
	RoleName pulumi.StringInput
	// The SecretID to be created. If set, uses "Push"
	// mode.  Defaults to Vault auto-generating SecretIDs.
	SecretId pulumi.StringPtrInput
	// If set, the SecretID response will be
	// [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping)
	// and available for the duration specified. Only a single unwrapping of the
	// token is allowed.
	WrappingTtl pulumi.StringPtrInput
}

The set of arguments for constructing a AuthBackendRoleSecretID resource.

func (AuthBackendRoleSecretIDArgs) ElementType 

func (AuthBackendRoleSecretIDArgs) ElementType() reflect.Type

type AuthBackendRoleSecretIDArray added in v3.4.1 

type AuthBackendRoleSecretIDArray []AuthBackendRoleSecretIDInput

func (AuthBackendRoleSecretIDArray) ElementType added in v3.4.1 

func (AuthBackendRoleSecretIDArray) ElementType() reflect.Type

func (AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutput added in v3.4.1 

func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput

func (AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutputWithContext added in v3.4.1 

func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput

type AuthBackendRoleSecretIDArrayInput added in v3.4.1 

type AuthBackendRoleSecretIDArrayInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput
	ToAuthBackendRoleSecretIDArrayOutputWithContext(context.Context) AuthBackendRoleSecretIDArrayOutput
}

AuthBackendRoleSecretIDArrayInput is an input type that accepts AuthBackendRoleSecretIDArray and AuthBackendRoleSecretIDArrayOutput values. You can construct a concrete instance of `AuthBackendRoleSecretIDArrayInput` via: 

AuthBackendRoleSecretIDArray{ AuthBackendRoleSecretIDArgs{...} }

type AuthBackendRoleSecretIDArrayOutput added in v3.4.1 

type AuthBackendRoleSecretIDArrayOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleSecretIDArrayOutput) ElementType added in v3.4.1 

func (AuthBackendRoleSecretIDArrayOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDArrayOutput) Index added in v3.4.1 

func (o AuthBackendRoleSecretIDArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutput added in v3.4.1 

func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput

func (AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutputWithContext added in v3.4.1 

func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput

type AuthBackendRoleSecretIDInput added in v3.0.2 

type AuthBackendRoleSecretIDInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput
	ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput
}

type AuthBackendRoleSecretIDMap added in v3.4.1 

type AuthBackendRoleSecretIDMap map[string]AuthBackendRoleSecretIDInput

func (AuthBackendRoleSecretIDMap) ElementType added in v3.4.1 

func (AuthBackendRoleSecretIDMap) ElementType() reflect.Type

func (AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutput added in v3.4.1 

func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput

func (AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutputWithContext added in v3.4.1 

func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput

type AuthBackendRoleSecretIDMapInput added in v3.4.1 

type AuthBackendRoleSecretIDMapInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput
	ToAuthBackendRoleSecretIDMapOutputWithContext(context.Context) AuthBackendRoleSecretIDMapOutput
}

AuthBackendRoleSecretIDMapInput is an input type that accepts AuthBackendRoleSecretIDMap and AuthBackendRoleSecretIDMapOutput values. You can construct a concrete instance of `AuthBackendRoleSecretIDMapInput` via: 

AuthBackendRoleSecretIDMap{ "key": AuthBackendRoleSecretIDArgs{...} }

type AuthBackendRoleSecretIDMapOutput added in v3.4.1 

type AuthBackendRoleSecretIDMapOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleSecretIDMapOutput) ElementType added in v3.4.1 

func (AuthBackendRoleSecretIDMapOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDMapOutput) MapIndex added in v3.4.1 

func (o AuthBackendRoleSecretIDMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutput added in v3.4.1 

func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput

func (AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutputWithContext added in v3.4.1 

func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput

type AuthBackendRoleSecretIDOutput added in v3.0.2 

type AuthBackendRoleSecretIDOutput struct {
	*pulumi.OutputState
}

func (AuthBackendRoleSecretIDOutput) ElementType added in v3.0.2 

func (AuthBackendRoleSecretIDOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutput added in v3.0.2 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutputWithContext added in v3.0.2 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutput added in v3.4.1 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext added in v3.4.1 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput

type AuthBackendRoleSecretIDPtrInput added in v3.4.1 

type AuthBackendRoleSecretIDPtrInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
	ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
}

type AuthBackendRoleSecretIDPtrOutput added in v3.4.1 

type AuthBackendRoleSecretIDPtrOutput struct {
	*pulumi.OutputState
}

func (AuthBackendRoleSecretIDPtrOutput) ElementType added in v3.4.1 

func (AuthBackendRoleSecretIDPtrOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutput added in v3.4.1 

func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput

func (AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext added in v3.4.1 

func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput

type AuthBackendRoleSecretIDState 

type AuthBackendRoleSecretIDState struct {
	// The unique ID for this SecretID that can be safely logged.
	Accessor pulumi.StringPtrInput
	// Unique name of the auth backend to configure.
	Backend pulumi.StringPtrInput
	// If set, specifies blocks of IP addresses which can
	// perform the login operation using this SecretID.
	CidrLists pulumi.StringArrayInput
	// A JSON-encoded string containing metadata in
	// key-value pairs to be set on tokens issued with this SecretID.
	Metadata pulumi.StringPtrInput
	// The name of the role to create the SecretID for.
	RoleName pulumi.StringPtrInput
	// The SecretID to be created. If set, uses "Push"
	// mode.  Defaults to Vault auto-generating SecretIDs.
	SecretId pulumi.StringPtrInput
	// The unique ID for the response-wrapped SecretID that can
	// be safely logged.
	WrappingAccessor pulumi.StringPtrInput
	// The token used to retrieve a response-wrapped SecretID.
	WrappingToken pulumi.StringPtrInput
	// If set, the SecretID response will be
	// [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping)
	// and available for the duration specified. Only a single unwrapping of the
	// token is allowed.
	WrappingTtl pulumi.StringPtrInput
}

func (AuthBackendRoleSecretIDState) ElementType 

func (AuthBackendRoleSecretIDState) ElementType() reflect.Type

type AuthBackendRoleState 

type AuthBackendRoleState struct {
	// The unique name of the auth backend to configure.
	// Defaults to `approle`.
	Backend pulumi.StringPtrInput
	// Whether or not to require `secretId` to be
	// presented when logging in using this AppRole. Defaults to `true`.
	BindSecretId pulumi.BoolPtrInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	//
	// Deprecated: use `secret_id_bound_cidrs` instead
	BoundCidrLists pulumi.StringArrayInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	//
	// Deprecated: use `token_period` instead if you are running Vault >= 1.2
	Period pulumi.IntPtrInput
	// An array of strings
	// specifying the policies to be set on tokens issued using this role.
	//
	// Deprecated: use `token_policies` instead if you are running Vault >= 1.2
	Policies pulumi.StringArrayInput
	// The RoleID of this role. If not specified, one will be
	// auto-generated.
	RoleId pulumi.StringPtrInput
	// The name of the role.
	RoleName pulumi.StringPtrInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs pulumi.StringArrayInput
	// The number of times any particular SecretID
	// can be used to fetch a token from this AppRole, after which the SecretID will
	// expire. A value of zero will allow unlimited uses.
	SecretIdNumUses pulumi.IntPtrInput
	// The number of seconds after which any SecretID
	// expires.
	SecretIdTtl pulumi.IntPtrInput
	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayInput
	// If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrInput
	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrInput
	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayInput
	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrInput
	// The type of token that should be generated. Can be `service`,
	// `batch`, or `default` to use the mount's tuned default (which unless changed will be
	// `service` tokens). For token store roles, there are two additional possibilities:
	// `default-service` and `default-batch` which specify the type to return unless the client
	// requests a different type at generation time.
	TokenType pulumi.StringPtrInput
}

func (AuthBackendRoleState) ElementType 

func (AuthBackendRoleState) ElementType() reflect.Type

type GetAuthBackendRoleIdArgs 

type GetAuthBackendRoleIdArgs struct {
	// The unique name for the AppRole backend the role to
	// retrieve a RoleID for resides in. Defaults to "approle".
	Backend *string `pulumi:"backend"`
	// The name of the role to retrieve the Role ID for.
	RoleName string `pulumi:"roleName"`
}

A collection of arguments for invoking getAuthBackendRoleId.

type GetAuthBackendRoleIdResult 

type GetAuthBackendRoleIdResult struct {
	Backend *string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The RoleID of the role.
	RoleId   string `pulumi:"roleId"`
	RoleName string `pulumi:"roleName"`
}

A collection of values returned by getAuthBackendRoleId.

func GetAuthBackendRoleId 

func GetAuthBackendRoleId(ctx *pulumi.Context, args *GetAuthBackendRoleIdArgs, opts ...pulumi.InvokeOption) (*GetAuthBackendRoleIdResult, error)

Reads the Role ID of an AppRole from a Vault server.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "my-approle-backend"
		role, err := appRole.GetAuthBackendRoleId(ctx, &appRole.GetAuthBackendRoleIdArgs{
			Backend:  &opt0,
			RoleName: "my-role",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("role-id", role.RoleId)
		return nil
	})
}

```

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.