ssh

package
v3.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type SecretBackendCa 

type SecretBackendCa struct {
	pulumi.CustomResourceState

	// The path where the SSH secret backend is mounted. Defaults to 'ssh'
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// Whether Vault should generate the signing key pair internally. Defaults to true
	GenerateSigningKey pulumi.BoolPtrOutput `pulumi:"generateSigningKey"`
	// The private key part the SSH CA key pair; required if generateSigningKey is false.
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// The public key part the SSH CA key pair; required if generateSigningKey is false.
	PublicKey pulumi.StringOutput `pulumi:"publicKey"`
}

Provides a resource to manage CA information in an SSH secret backend [SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/ssh"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := vault.NewMount(ctx, "example", &vault.MountArgs{
			Type: pulumi.String("ssh"),
		})
		if err != nil {
			return err
		}
		_, err = ssh.NewSecretBackendCa(ctx, "foo", &ssh.SecretBackendCaArgs{
			Backend: example.Path,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendCa 

func GetSecretBackendCa(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendCaState, opts ...pulumi.ResourceOption) (*SecretBackendCa, error)

GetSecretBackendCa gets an existing SecretBackendCa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendCa 

func NewSecretBackendCa(ctx *pulumi.Context,
	name string, args *SecretBackendCaArgs, opts ...pulumi.ResourceOption) (*SecretBackendCa, error)

NewSecretBackendCa registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendCa) ElementType added in v3.0.2 

func (*SecretBackendCa) ElementType() reflect.Type

func (*SecretBackendCa) ToSecretBackendCaOutput added in v3.0.2 

func (i *SecretBackendCa) ToSecretBackendCaOutput() SecretBackendCaOutput

func (*SecretBackendCa) ToSecretBackendCaOutputWithContext added in v3.0.2 

func (i *SecretBackendCa) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput

func (*SecretBackendCa) ToSecretBackendCaPtrOutput added in v3.4.1 

func (i *SecretBackendCa) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput

func (*SecretBackendCa) ToSecretBackendCaPtrOutputWithContext added in v3.4.1 

func (i *SecretBackendCa) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput

type SecretBackendCaArgs 

type SecretBackendCaArgs struct {
	// The path where the SSH secret backend is mounted. Defaults to 'ssh'
	Backend pulumi.StringPtrInput
	// Whether Vault should generate the signing key pair internally. Defaults to true
	GenerateSigningKey pulumi.BoolPtrInput
	// The private key part the SSH CA key pair; required if generateSigningKey is false.
	PrivateKey pulumi.StringPtrInput
	// The public key part the SSH CA key pair; required if generateSigningKey is false.
	PublicKey pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendCa resource.

func (SecretBackendCaArgs) ElementType 

func (SecretBackendCaArgs) ElementType() reflect.Type

type SecretBackendCaArray added in v3.4.1 

type SecretBackendCaArray []SecretBackendCaInput

func (SecretBackendCaArray) ElementType added in v3.4.1 

func (SecretBackendCaArray) ElementType() reflect.Type

func (SecretBackendCaArray) ToSecretBackendCaArrayOutput added in v3.4.1 

func (i SecretBackendCaArray) ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput

func (SecretBackendCaArray) ToSecretBackendCaArrayOutputWithContext added in v3.4.1 

func (i SecretBackendCaArray) ToSecretBackendCaArrayOutputWithContext(ctx context.Context) SecretBackendCaArrayOutput

type SecretBackendCaArrayInput added in v3.4.1 

type SecretBackendCaArrayInput interface {
	pulumi.Input

	ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput
	ToSecretBackendCaArrayOutputWithContext(context.Context) SecretBackendCaArrayOutput
}

SecretBackendCaArrayInput is an input type that accepts SecretBackendCaArray and SecretBackendCaArrayOutput values. You can construct a concrete instance of `SecretBackendCaArrayInput` via: 

SecretBackendCaArray{ SecretBackendCaArgs{...} }

type SecretBackendCaArrayOutput added in v3.4.1 

type SecretBackendCaArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendCaArrayOutput) ElementType added in v3.4.1 

func (SecretBackendCaArrayOutput) ElementType() reflect.Type

func (SecretBackendCaArrayOutput) Index added in v3.4.1 

func (o SecretBackendCaArrayOutput) Index(i pulumi.IntInput) SecretBackendCaOutput

func (SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutput added in v3.4.1 

func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput

func (SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext added in v3.4.1 

func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext(ctx context.Context) SecretBackendCaArrayOutput

type SecretBackendCaInput added in v3.0.2 

type SecretBackendCaInput interface {
	pulumi.Input

	ToSecretBackendCaOutput() SecretBackendCaOutput
	ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput
}

type SecretBackendCaMap added in v3.4.1 

type SecretBackendCaMap map[string]SecretBackendCaInput

func (SecretBackendCaMap) ElementType added in v3.4.1 

func (SecretBackendCaMap) ElementType() reflect.Type

func (SecretBackendCaMap) ToSecretBackendCaMapOutput added in v3.4.1 

func (i SecretBackendCaMap) ToSecretBackendCaMapOutput() SecretBackendCaMapOutput

func (SecretBackendCaMap) ToSecretBackendCaMapOutputWithContext added in v3.4.1 

func (i SecretBackendCaMap) ToSecretBackendCaMapOutputWithContext(ctx context.Context) SecretBackendCaMapOutput

type SecretBackendCaMapInput added in v3.4.1 

type SecretBackendCaMapInput interface {
	pulumi.Input

	ToSecretBackendCaMapOutput() SecretBackendCaMapOutput
	ToSecretBackendCaMapOutputWithContext(context.Context) SecretBackendCaMapOutput
}

SecretBackendCaMapInput is an input type that accepts SecretBackendCaMap and SecretBackendCaMapOutput values. You can construct a concrete instance of `SecretBackendCaMapInput` via: 

SecretBackendCaMap{ "key": SecretBackendCaArgs{...} }

type SecretBackendCaMapOutput added in v3.4.1 

type SecretBackendCaMapOutput struct{ *pulumi.OutputState }

func (SecretBackendCaMapOutput) ElementType added in v3.4.1 

func (SecretBackendCaMapOutput) ElementType() reflect.Type

func (SecretBackendCaMapOutput) MapIndex added in v3.4.1 

func (o SecretBackendCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCaOutput

func (SecretBackendCaMapOutput) ToSecretBackendCaMapOutput added in v3.4.1 

func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutput() SecretBackendCaMapOutput

func (SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext added in v3.4.1 

func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext(ctx context.Context) SecretBackendCaMapOutput

type SecretBackendCaOutput added in v3.0.2 

type SecretBackendCaOutput struct {
	*pulumi.OutputState
}

func (SecretBackendCaOutput) ElementType added in v3.0.2 

func (SecretBackendCaOutput) ElementType() reflect.Type

func (SecretBackendCaOutput) ToSecretBackendCaOutput added in v3.0.2 

func (o SecretBackendCaOutput) ToSecretBackendCaOutput() SecretBackendCaOutput

func (SecretBackendCaOutput) ToSecretBackendCaOutputWithContext added in v3.0.2 

func (o SecretBackendCaOutput) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput

func (SecretBackendCaOutput) ToSecretBackendCaPtrOutput added in v3.4.1 

func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput

func (SecretBackendCaOutput) ToSecretBackendCaPtrOutputWithContext added in v3.4.1 

func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput

type SecretBackendCaPtrInput added in v3.4.1 

type SecretBackendCaPtrInput interface {
	pulumi.Input

	ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
	ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
}

type SecretBackendCaPtrOutput added in v3.4.1 

type SecretBackendCaPtrOutput struct {
	*pulumi.OutputState
}

func (SecretBackendCaPtrOutput) ElementType added in v3.4.1 

func (SecretBackendCaPtrOutput) ElementType() reflect.Type

func (SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutput added in v3.4.1 

func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput

func (SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutputWithContext added in v3.4.1 

func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput

type SecretBackendCaState 

type SecretBackendCaState struct {
	// The path where the SSH secret backend is mounted. Defaults to 'ssh'
	Backend pulumi.StringPtrInput
	// Whether Vault should generate the signing key pair internally. Defaults to true
	GenerateSigningKey pulumi.BoolPtrInput
	// The private key part the SSH CA key pair; required if generateSigningKey is false.
	PrivateKey pulumi.StringPtrInput
	// The public key part the SSH CA key pair; required if generateSigningKey is false.
	PublicKey pulumi.StringPtrInput
}

func (SecretBackendCaState) ElementType 

func (SecretBackendCaState) ElementType() reflect.Type

type SecretBackendRole 

type SecretBackendRole struct {
	pulumi.CustomResourceState

	// When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
	AlgorithmSigner pulumi.StringOutput `pulumi:"algorithmSigner"`
	// Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`.
	AllowBareDomains pulumi.BoolPtrOutput `pulumi:"allowBareDomains"`
	// Specifies if certificates are allowed to be signed for use as a 'host'.
	AllowHostCertificates pulumi.BoolPtrOutput `pulumi:"allowHostCertificates"`
	// Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`.
	AllowSubdomains pulumi.BoolPtrOutput `pulumi:"allowSubdomains"`
	// Specifies if certificates are allowed to be signed for use as a 'user'.
	AllowUserCertificates pulumi.BoolPtrOutput `pulumi:"allowUserCertificates"`
	// Specifies if users can override the key ID for a signed certificate with the `keyId` field.
	AllowUserKeyIds pulumi.BoolPtrOutput `pulumi:"allowUserKeyIds"`
	// Specifies a comma-separated list of critical options that certificates can have when signed.
	AllowedCriticalOptions pulumi.StringPtrOutput `pulumi:"allowedCriticalOptions"`
	// The list of domains for which a client can request a host certificate.
	AllowedDomains pulumi.StringPtrOutput `pulumi:"allowedDomains"`
	// Specifies a comma-separated list of extensions that certificates can have when signed.
	AllowedExtensions pulumi.StringPtrOutput `pulumi:"allowedExtensions"`
	// Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type.
	AllowedUserKeyLengths pulumi.MapOutput `pulumi:"allowedUserKeyLengths"`
	// Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
	AllowedUsers pulumi.StringPtrOutput `pulumi:"allowedUsers"`
	// Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted.
	AllowedUsersTemplate pulumi.BoolPtrOutput `pulumi:"allowedUsersTemplate"`
	// The path where the SSH secret backend is mounted.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The comma-separated string of CIDR blocks for which this role is applicable.
	CidrList pulumi.StringPtrOutput `pulumi:"cidrList"`
	// Specifies a map of critical options that certificates have when signed.
	DefaultCriticalOptions pulumi.MapOutput `pulumi:"defaultCriticalOptions"`
	// Specifies a map of extensions that certificates have when signed.
	DefaultExtensions pulumi.MapOutput `pulumi:"defaultExtensions"`
	// Specifies the default username for which a credential will be generated.
	DefaultUser pulumi.StringPtrOutput `pulumi:"defaultUser"`
	// Specifies a custom format for the key id of a signed certificate.
	KeyIdFormat pulumi.StringPtrOutput `pulumi:"keyIdFormat"`
	// Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
	KeyType pulumi.StringOutput `pulumi:"keyType"`
	// Specifies the maximum Time To Live value.
	MaxTtl pulumi.StringOutput `pulumi:"maxTtl"`
	// Specifies the name of the role to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// Specifies the Time To Live value.
	Ttl pulumi.StringOutput `pulumi:"ttl"`
}

Provides a resource to manage roles in an SSH secret backend [SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/ssh"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := vault.NewMount(ctx, "example", &vault.MountArgs{
			Type: pulumi.String("ssh"),
		})
		if err != nil {
			return err
		}
		_, err = ssh.NewSecretBackendRole(ctx, "foo", &ssh.SecretBackendRoleArgs{
			AllowUserCertificates: pulumi.Bool(true),
			Backend:               example.Path,
			KeyType:               pulumi.String("ca"),
		})
		if err != nil {
			return err
		}
		_, err = ssh.NewSecretBackendRole(ctx, "bar", &ssh.SecretBackendRoleArgs{
			AllowedUsers: pulumi.String("default,baz"),
			Backend:      example.Path,
			CidrList:     pulumi.String("0.0.0.0/0"),
			DefaultUser:  pulumi.String("default"),
			KeyType:      pulumi.String("otp"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SSH secret backend roles can be imported using the `path`, e.g.

```sh 

$ pulumi import vault:ssh/secretBackendRole:SecretBackendRole foo ssh/roles/my-role

```

func GetSecretBackendRole 

func GetSecretBackendRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRole 

func NewSecretBackendRole(ctx *pulumi.Context,
	name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRole) ElementType added in v3.0.2 

func (*SecretBackendRole) ElementType() reflect.Type

func (*SecretBackendRole) ToSecretBackendRoleOutput added in v3.0.2 

func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext added in v3.0.2 

func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

func (*SecretBackendRole) ToSecretBackendRolePtrOutput added in v3.4.1 

func (i *SecretBackendRole) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput

func (*SecretBackendRole) ToSecretBackendRolePtrOutputWithContext added in v3.4.1 

func (i *SecretBackendRole) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput

type SecretBackendRoleArgs 

type SecretBackendRoleArgs struct {
	// When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
	AlgorithmSigner pulumi.StringPtrInput
	// Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`.
	AllowBareDomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'host'.
	AllowHostCertificates pulumi.BoolPtrInput
	// Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`.
	AllowSubdomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'user'.
	AllowUserCertificates pulumi.BoolPtrInput
	// Specifies if users can override the key ID for a signed certificate with the `keyId` field.
	AllowUserKeyIds pulumi.BoolPtrInput
	// Specifies a comma-separated list of critical options that certificates can have when signed.
	AllowedCriticalOptions pulumi.StringPtrInput
	// The list of domains for which a client can request a host certificate.
	AllowedDomains pulumi.StringPtrInput
	// Specifies a comma-separated list of extensions that certificates can have when signed.
	AllowedExtensions pulumi.StringPtrInput
	// Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type.
	AllowedUserKeyLengths pulumi.MapInput
	// Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
	AllowedUsers pulumi.StringPtrInput
	// Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted.
	AllowedUsersTemplate pulumi.BoolPtrInput
	// The path where the SSH secret backend is mounted.
	Backend pulumi.StringInput
	// The comma-separated string of CIDR blocks for which this role is applicable.
	CidrList pulumi.StringPtrInput
	// Specifies a map of critical options that certificates have when signed.
	DefaultCriticalOptions pulumi.MapInput
	// Specifies a map of extensions that certificates have when signed.
	DefaultExtensions pulumi.MapInput
	// Specifies the default username for which a credential will be generated.
	DefaultUser pulumi.StringPtrInput
	// Specifies a custom format for the key id of a signed certificate.
	KeyIdFormat pulumi.StringPtrInput
	// Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
	KeyType pulumi.StringInput
	// Specifies the maximum Time To Live value.
	MaxTtl pulumi.StringPtrInput
	// Specifies the name of the role to create.
	Name pulumi.StringPtrInput
	// Specifies the Time To Live value.
	Ttl pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendRole resource.

func (SecretBackendRoleArgs) ElementType 

func (SecretBackendRoleArgs) ElementType() reflect.Type

type SecretBackendRoleArray added in v3.4.1 

type SecretBackendRoleArray []SecretBackendRoleInput

func (SecretBackendRoleArray) ElementType added in v3.4.1 

func (SecretBackendRoleArray) ElementType() reflect.Type

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput added in v3.4.1 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext added in v3.4.1 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleArrayInput added in v3.4.1 

type SecretBackendRoleArrayInput interface {
	pulumi.Input

	ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
	ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput
}

SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via: 

SecretBackendRoleArray{ SecretBackendRoleArgs{...} }

type SecretBackendRoleArrayOutput added in v3.4.1 

type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleArrayOutput) ElementType added in v3.4.1 

func (SecretBackendRoleArrayOutput) ElementType() reflect.Type

func (SecretBackendRoleArrayOutput) Index added in v3.4.1 

func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput added in v3.4.1 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext added in v3.4.1 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleInput added in v3.0.2 

type SecretBackendRoleInput interface {
	pulumi.Input

	ToSecretBackendRoleOutput() SecretBackendRoleOutput
	ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
}

type SecretBackendRoleMap added in v3.4.1 

type SecretBackendRoleMap map[string]SecretBackendRoleInput

func (SecretBackendRoleMap) ElementType added in v3.4.1 

func (SecretBackendRoleMap) ElementType() reflect.Type

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput added in v3.4.1 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext added in v3.4.1 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleMapInput added in v3.4.1 

type SecretBackendRoleMapInput interface {
	pulumi.Input

	ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
	ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput
}

SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via: 

SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }

type SecretBackendRoleMapOutput added in v3.4.1 

type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleMapOutput) ElementType added in v3.4.1 

func (SecretBackendRoleMapOutput) ElementType() reflect.Type

func (SecretBackendRoleMapOutput) MapIndex added in v3.4.1 

func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput added in v3.4.1 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext added in v3.4.1 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleOutput added in v3.0.2 

type SecretBackendRoleOutput struct {
	*pulumi.OutputState
}

func (SecretBackendRoleOutput) ElementType added in v3.0.2 

func (SecretBackendRoleOutput) ElementType() reflect.Type

func (SecretBackendRoleOutput) ToSecretBackendRoleOutput added in v3.0.2 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext added in v3.0.2 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutput added in v3.4.1 

func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput

func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext added in v3.4.1 

func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput

type SecretBackendRolePtrInput added in v3.4.1 

type SecretBackendRolePtrInput interface {
	pulumi.Input

	ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
	ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
}

type SecretBackendRolePtrOutput added in v3.4.1 

type SecretBackendRolePtrOutput struct {
	*pulumi.OutputState
}

func (SecretBackendRolePtrOutput) ElementType added in v3.4.1 

func (SecretBackendRolePtrOutput) ElementType() reflect.Type

func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput added in v3.4.1 

func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput

func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext added in v3.4.1 

func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput

type SecretBackendRoleState 

type SecretBackendRoleState struct {
	// When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
	AlgorithmSigner pulumi.StringPtrInput
	// Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`.
	AllowBareDomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'host'.
	AllowHostCertificates pulumi.BoolPtrInput
	// Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`.
	AllowSubdomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'user'.
	AllowUserCertificates pulumi.BoolPtrInput
	// Specifies if users can override the key ID for a signed certificate with the `keyId` field.
	AllowUserKeyIds pulumi.BoolPtrInput
	// Specifies a comma-separated list of critical options that certificates can have when signed.
	AllowedCriticalOptions pulumi.StringPtrInput
	// The list of domains for which a client can request a host certificate.
	AllowedDomains pulumi.StringPtrInput
	// Specifies a comma-separated list of extensions that certificates can have when signed.
	AllowedExtensions pulumi.StringPtrInput
	// Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type.
	AllowedUserKeyLengths pulumi.MapInput
	// Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
	AllowedUsers pulumi.StringPtrInput
	// Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted.
	AllowedUsersTemplate pulumi.BoolPtrInput
	// The path where the SSH secret backend is mounted.
	Backend pulumi.StringPtrInput
	// The comma-separated string of CIDR blocks for which this role is applicable.
	CidrList pulumi.StringPtrInput
	// Specifies a map of critical options that certificates have when signed.
	DefaultCriticalOptions pulumi.MapInput
	// Specifies a map of extensions that certificates have when signed.
	DefaultExtensions pulumi.MapInput
	// Specifies the default username for which a credential will be generated.
	DefaultUser pulumi.StringPtrInput
	// Specifies a custom format for the key id of a signed certificate.
	KeyIdFormat pulumi.StringPtrInput
	// Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
	KeyType pulumi.StringPtrInput
	// Specifies the maximum Time To Live value.
	MaxTtl pulumi.StringPtrInput
	// Specifies the name of the role to create.
	Name pulumi.StringPtrInput
	// Specifies the Time To Live value.
	Ttl pulumi.StringPtrInput
}

func (SecretBackendRoleState) ElementType 

func (SecretBackendRoleState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.