Documentation ¶
Index ¶
- type GetAccessCredentialsArgs
- type GetAccessCredentialsOutputArgs
- type GetAccessCredentialsResult
- type GetAccessCredentialsResultOutput
- func (o GetAccessCredentialsResultOutput) Backend() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) CurrentPassword() pulumi.StringOutput
- func (GetAccessCredentialsResultOutput) ElementType() reflect.Type
- func (o GetAccessCredentialsResultOutput) Id() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) LastPassword() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) Role() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutput() GetAccessCredentialsResultOutput
- func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWithContext(ctx context.Context) GetAccessCredentialsResultOutput
- func (o GetAccessCredentialsResultOutput) Username() pulumi.StringOutput
- type SecretBackend
- func (*SecretBackend) ElementType() reflect.Type
- func (i *SecretBackend) ToSecretBackendOutput() SecretBackendOutput
- func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
- func (i *SecretBackend) ToSecretBackendPtrOutput() SecretBackendPtrOutput
- func (i *SecretBackend) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
- type SecretBackendArgs
- type SecretBackendArray
- type SecretBackendArrayInput
- type SecretBackendArrayOutput
- func (SecretBackendArrayOutput) ElementType() reflect.Type
- func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput
- func (o SecretBackendArrayOutput) ToSecretBackendArrayOutput() SecretBackendArrayOutput
- func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
- type SecretBackendInput
- type SecretBackendMap
- type SecretBackendMapInput
- type SecretBackendMapOutput
- func (SecretBackendMapOutput) ElementType() reflect.Type
- func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput
- func (o SecretBackendMapOutput) ToSecretBackendMapOutput() SecretBackendMapOutput
- func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
- type SecretBackendOutput
- func (SecretBackendOutput) ElementType() reflect.Type
- func (o SecretBackendOutput) ToSecretBackendOutput() SecretBackendOutput
- func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
- func (o SecretBackendOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
- func (o SecretBackendOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
- type SecretBackendPtrInput
- type SecretBackendPtrOutput
- func (o SecretBackendPtrOutput) Elem() SecretBackendOutput
- func (SecretBackendPtrOutput) ElementType() reflect.Type
- func (o SecretBackendPtrOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
- func (o SecretBackendPtrOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
- type SecretBackendState
- type SecretLibrary
- func (*SecretLibrary) ElementType() reflect.Type
- func (i *SecretLibrary) ToSecretLibraryOutput() SecretLibraryOutput
- func (i *SecretLibrary) ToSecretLibraryOutputWithContext(ctx context.Context) SecretLibraryOutput
- func (i *SecretLibrary) ToSecretLibraryPtrOutput() SecretLibraryPtrOutput
- func (i *SecretLibrary) ToSecretLibraryPtrOutputWithContext(ctx context.Context) SecretLibraryPtrOutput
- type SecretLibraryArgs
- type SecretLibraryArray
- type SecretLibraryArrayInput
- type SecretLibraryArrayOutput
- func (SecretLibraryArrayOutput) ElementType() reflect.Type
- func (o SecretLibraryArrayOutput) Index(i pulumi.IntInput) SecretLibraryOutput
- func (o SecretLibraryArrayOutput) ToSecretLibraryArrayOutput() SecretLibraryArrayOutput
- func (o SecretLibraryArrayOutput) ToSecretLibraryArrayOutputWithContext(ctx context.Context) SecretLibraryArrayOutput
- type SecretLibraryInput
- type SecretLibraryMap
- type SecretLibraryMapInput
- type SecretLibraryMapOutput
- func (SecretLibraryMapOutput) ElementType() reflect.Type
- func (o SecretLibraryMapOutput) MapIndex(k pulumi.StringInput) SecretLibraryOutput
- func (o SecretLibraryMapOutput) ToSecretLibraryMapOutput() SecretLibraryMapOutput
- func (o SecretLibraryMapOutput) ToSecretLibraryMapOutputWithContext(ctx context.Context) SecretLibraryMapOutput
- type SecretLibraryOutput
- func (SecretLibraryOutput) ElementType() reflect.Type
- func (o SecretLibraryOutput) ToSecretLibraryOutput() SecretLibraryOutput
- func (o SecretLibraryOutput) ToSecretLibraryOutputWithContext(ctx context.Context) SecretLibraryOutput
- func (o SecretLibraryOutput) ToSecretLibraryPtrOutput() SecretLibraryPtrOutput
- func (o SecretLibraryOutput) ToSecretLibraryPtrOutputWithContext(ctx context.Context) SecretLibraryPtrOutput
- type SecretLibraryPtrInput
- type SecretLibraryPtrOutput
- func (o SecretLibraryPtrOutput) Elem() SecretLibraryOutput
- func (SecretLibraryPtrOutput) ElementType() reflect.Type
- func (o SecretLibraryPtrOutput) ToSecretLibraryPtrOutput() SecretLibraryPtrOutput
- func (o SecretLibraryPtrOutput) ToSecretLibraryPtrOutputWithContext(ctx context.Context) SecretLibraryPtrOutput
- type SecretLibraryState
- type SecretRole
- func (*SecretRole) ElementType() reflect.Type
- func (i *SecretRole) ToSecretRoleOutput() SecretRoleOutput
- func (i *SecretRole) ToSecretRoleOutputWithContext(ctx context.Context) SecretRoleOutput
- func (i *SecretRole) ToSecretRolePtrOutput() SecretRolePtrOutput
- func (i *SecretRole) ToSecretRolePtrOutputWithContext(ctx context.Context) SecretRolePtrOutput
- type SecretRoleArgs
- type SecretRoleArray
- type SecretRoleArrayInput
- type SecretRoleArrayOutput
- func (SecretRoleArrayOutput) ElementType() reflect.Type
- func (o SecretRoleArrayOutput) Index(i pulumi.IntInput) SecretRoleOutput
- func (o SecretRoleArrayOutput) ToSecretRoleArrayOutput() SecretRoleArrayOutput
- func (o SecretRoleArrayOutput) ToSecretRoleArrayOutputWithContext(ctx context.Context) SecretRoleArrayOutput
- type SecretRoleInput
- type SecretRoleMap
- type SecretRoleMapInput
- type SecretRoleMapOutput
- func (SecretRoleMapOutput) ElementType() reflect.Type
- func (o SecretRoleMapOutput) MapIndex(k pulumi.StringInput) SecretRoleOutput
- func (o SecretRoleMapOutput) ToSecretRoleMapOutput() SecretRoleMapOutput
- func (o SecretRoleMapOutput) ToSecretRoleMapOutputWithContext(ctx context.Context) SecretRoleMapOutput
- type SecretRoleOutput
- func (SecretRoleOutput) ElementType() reflect.Type
- func (o SecretRoleOutput) ToSecretRoleOutput() SecretRoleOutput
- func (o SecretRoleOutput) ToSecretRoleOutputWithContext(ctx context.Context) SecretRoleOutput
- func (o SecretRoleOutput) ToSecretRolePtrOutput() SecretRolePtrOutput
- func (o SecretRoleOutput) ToSecretRolePtrOutputWithContext(ctx context.Context) SecretRolePtrOutput
- type SecretRolePtrInput
- type SecretRolePtrOutput
- type SecretRoleState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GetAccessCredentialsArgs ¶
type GetAccessCredentialsArgs struct { // The path to the AD secret backend to // read credentials from, with no leading or trailing `/`s. Backend string `pulumi:"backend"` // The name of the AD secret backend role to read // credentials from, with no leading or trailing `/`s. Role string `pulumi:"role"` }
A collection of arguments for invoking getAccessCredentials.
type GetAccessCredentialsOutputArgs ¶ added in v4.6.0
type GetAccessCredentialsOutputArgs struct { // The path to the AD secret backend to // read credentials from, with no leading or trailing `/`s. Backend pulumi.StringInput `pulumi:"backend"` // The name of the AD secret backend role to read // credentials from, with no leading or trailing `/`s. Role pulumi.StringInput `pulumi:"role"` }
A collection of arguments for invoking getAccessCredentials.
func (GetAccessCredentialsOutputArgs) ElementType ¶ added in v4.6.0
func (GetAccessCredentialsOutputArgs) ElementType() reflect.Type
type GetAccessCredentialsResult ¶
type GetAccessCredentialsResult struct { Backend string `pulumi:"backend"` // The current set password on the Active Directory service account. CurrentPassword string `pulumi:"currentPassword"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The current set password on the Active Directory service account, provided because AD is eventually consistent. LastPassword string `pulumi:"lastPassword"` Role string `pulumi:"role"` // The Active Directory service account username. Username string `pulumi:"username"` }
A collection of values returned by getAccessCredentials.
func GetAccessCredentials ¶
func GetAccessCredentials(ctx *pulumi.Context, args *GetAccessCredentialsArgs, opts ...pulumi.InvokeOption) (*GetAccessCredentialsResult, error)
type GetAccessCredentialsResultOutput ¶ added in v4.6.0
type GetAccessCredentialsResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getAccessCredentials.
func GetAccessCredentialsOutput ¶ added in v4.6.0
func GetAccessCredentialsOutput(ctx *pulumi.Context, args GetAccessCredentialsOutputArgs, opts ...pulumi.InvokeOption) GetAccessCredentialsResultOutput
func (GetAccessCredentialsResultOutput) Backend ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Backend() pulumi.StringOutput
func (GetAccessCredentialsResultOutput) CurrentPassword ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) CurrentPassword() pulumi.StringOutput
The current set password on the Active Directory service account.
func (GetAccessCredentialsResultOutput) ElementType ¶ added in v4.6.0
func (GetAccessCredentialsResultOutput) ElementType() reflect.Type
func (GetAccessCredentialsResultOutput) Id ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetAccessCredentialsResultOutput) LastPassword ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) LastPassword() pulumi.StringOutput
The current set password on the Active Directory service account, provided because AD is eventually consistent.
func (GetAccessCredentialsResultOutput) Role ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Role() pulumi.StringOutput
func (GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutput ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutput() GetAccessCredentialsResultOutput
func (GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWithContext ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWithContext(ctx context.Context) GetAccessCredentialsResultOutput
func (GetAccessCredentialsResultOutput) Username ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Username() pulumi.StringOutput
The Active Directory service account username.
type SecretBackend ¶
type SecretBackend struct { pulumi.CustomResourceState // Use anonymous binds when performing LDAP group searches // (if true the initial credentials will still be used for the initial connection test). AnonymousGroupSearch pulumi.BoolPtrOutput `pulumi:"anonymousGroupSearch"` // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `ad`. Backend pulumi.StringPtrOutput `pulumi:"backend"` // Distinguished name of object to bind when performing user and group search. Binddn pulumi.StringOutput `pulumi:"binddn"` // Password to use along with binddn when performing user search. Bindpass pulumi.StringOutput `pulumi:"bindpass"` // If set, user and group names assigned to policies within the // backend will be case sensitive. Otherwise, names will be normalized to lower case. CaseSensitiveNames pulumi.BoolPtrOutput `pulumi:"caseSensitiveNames"` // CA certificate to use when verifying LDAP server certificate, must be // x509 PEM encoded. Certificate pulumi.StringPtrOutput `pulumi:"certificate"` // Client certificate to provide to the LDAP server, must be x509 PEM encoded. ClientTlsCert pulumi.StringPtrOutput `pulumi:"clientTlsCert"` // Client certificate key to provide to the LDAP server, must be x509 PEM encoded. ClientTlsKey pulumi.StringPtrOutput `pulumi:"clientTlsKey"` // Default lease duration for secrets in seconds. DefaultLeaseTtlSeconds pulumi.IntOutput `pulumi:"defaultLeaseTtlSeconds"` // Denies an unauthenticated LDAP bind request if the user's password is empty; // defaults to true. DenyNullBind pulumi.BoolPtrOutput `pulumi:"denyNullBind"` // Human-friendly description of the mount for the Active Directory backend. Description pulumi.StringPtrOutput `pulumi:"description"` // Use anonymous bind to discover the bind Distinguished Name of a user. Discoverdn pulumi.BoolPtrOutput `pulumi:"discoverdn"` // Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix". This // setting is deprecated and should instead use `passwordPolicy`. // // Deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5. Formatter pulumi.StringOutput `pulumi:"formatter"` // LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate // user group membership. Examples: `cn` or `memberOf`, etc. Defaults to `cn`. Groupattr pulumi.StringPtrOutput `pulumi:"groupattr"` // LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org). Groupdn pulumi.StringPtrOutput `pulumi:"groupdn"` // Go template for querying group membership of user (optional) The template can access // the following context variables: UserDN, Username. Defaults to `(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))` Groupfilter pulumi.StringPtrOutput `pulumi:"groupfilter"` // Skip LDAP server SSL Certificate verification. This is not recommended for production. // Defaults to `false`. InsecureTls pulumi.BoolPtrOutput `pulumi:"insecureTls"` // The number of seconds after a Vault rotation where, if Active Directory // shows a later rotation, it should be considered out-of-band LastRotationTolerance pulumi.IntOutput `pulumi:"lastRotationTolerance"` // The desired length of passwords that Vault generates. This // setting is deprecated and should instead use `passwordPolicy`. // // Deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5. Length pulumi.IntOutput `pulumi:"length"` // Mark the secrets engine as local-only. Local engines are not replicated or removed by // replication.Tolerance duration to use when checking the last rotation time. Local pulumi.BoolPtrOutput `pulumi:"local"` // Maximum possible lease duration for secrets in seconds. MaxLeaseTtlSeconds pulumi.IntOutput `pulumi:"maxLeaseTtlSeconds"` // In seconds, the maximum password time-to-live. MaxTtl pulumi.IntOutput `pulumi:"maxTtl"` // Name of the password policy to use to generate passwords. PasswordPolicy pulumi.StringPtrOutput `pulumi:"passwordPolicy"` // Timeout, in seconds, for the connection when making requests against the server // before returning back an error. RequestTimeout pulumi.IntPtrOutput `pulumi:"requestTimeout"` // Issue a StartTLS command after establishing unencrypted connection. Starttls pulumi.BoolOutput `pulumi:"starttls"` // Maximum TLS version to use. Accepted values are `tls10`, `tls11`, // `tls12` or `tls13`. Defaults to `tls12`. TlsMaxVersion pulumi.StringOutput `pulumi:"tlsMaxVersion"` // Minimum TLS version to use. Accepted values are `tls10`, `tls11`, // `tls12` or `tls13`. Defaults to `tls12`. TlsMinVersion pulumi.StringOutput `pulumi:"tlsMinVersion"` // In seconds, the default password time-to-live. Ttl pulumi.IntOutput `pulumi:"ttl"` // Enables userPrincipalDomain login with [username]@UPNDomain. Upndomain pulumi.StringOutput `pulumi:"upndomain"` // LDAP URL to connect to. Multiple URLs can be specified by concatenating // them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`. Url pulumi.StringPtrOutput `pulumi:"url"` // In Vault 1.1.1 a fix for handling group CN values of // different cases unfortunately introduced a regression that could cause previously defined groups // to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for // matching group CNs will be used. This is only needed in some upgrade scenarios for backwards // compatibility. It is enabled by default if the config is upgraded but disabled by default on // new configurations. UsePre111GroupCnBehavior pulumi.BoolOutput `pulumi:"usePre111GroupCnBehavior"` // If true, use the Active Directory tokenGroups constructed attribute of the // user to find the group memberships. This will find all security groups including nested ones. UseTokenGroups pulumi.BoolPtrOutput `pulumi:"useTokenGroups"` // Attribute used when searching users. Defaults to `cn`. Userattr pulumi.StringPtrOutput `pulumi:"userattr"` // LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`. Userdn pulumi.StringPtrOutput `pulumi:"userdn"` }
## Import
AD secret backend can be imported using the `backend`, e.g.
```sh
$ pulumi import vault:ad/secretBackend:SecretBackend ad ad
```
func GetSecretBackend ¶
func GetSecretBackend(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendState, opts ...pulumi.ResourceOption) (*SecretBackend, error)
GetSecretBackend gets an existing SecretBackend resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackend ¶
func NewSecretBackend(ctx *pulumi.Context, name string, args *SecretBackendArgs, opts ...pulumi.ResourceOption) (*SecretBackend, error)
NewSecretBackend registers a new resource with the given unique name, arguments, and options.
func (*SecretBackend) ElementType ¶
func (*SecretBackend) ElementType() reflect.Type
func (*SecretBackend) ToSecretBackendOutput ¶
func (i *SecretBackend) ToSecretBackendOutput() SecretBackendOutput
func (*SecretBackend) ToSecretBackendOutputWithContext ¶
func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
func (*SecretBackend) ToSecretBackendPtrOutput ¶
func (i *SecretBackend) ToSecretBackendPtrOutput() SecretBackendPtrOutput
func (*SecretBackend) ToSecretBackendPtrOutputWithContext ¶
func (i *SecretBackend) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
type SecretBackendArgs ¶
type SecretBackendArgs struct { // Use anonymous binds when performing LDAP group searches // (if true the initial credentials will still be used for the initial connection test). AnonymousGroupSearch pulumi.BoolPtrInput // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `ad`. Backend pulumi.StringPtrInput // Distinguished name of object to bind when performing user and group search. Binddn pulumi.StringInput // Password to use along with binddn when performing user search. Bindpass pulumi.StringInput // If set, user and group names assigned to policies within the // backend will be case sensitive. Otherwise, names will be normalized to lower case. CaseSensitiveNames pulumi.BoolPtrInput // CA certificate to use when verifying LDAP server certificate, must be // x509 PEM encoded. Certificate pulumi.StringPtrInput // Client certificate to provide to the LDAP server, must be x509 PEM encoded. ClientTlsCert pulumi.StringPtrInput // Client certificate key to provide to the LDAP server, must be x509 PEM encoded. ClientTlsKey pulumi.StringPtrInput // Default lease duration for secrets in seconds. DefaultLeaseTtlSeconds pulumi.IntPtrInput // Denies an unauthenticated LDAP bind request if the user's password is empty; // defaults to true. DenyNullBind pulumi.BoolPtrInput // Human-friendly description of the mount for the Active Directory backend. Description pulumi.StringPtrInput // Use anonymous bind to discover the bind Distinguished Name of a user. Discoverdn pulumi.BoolPtrInput // Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix". This // setting is deprecated and should instead use `passwordPolicy`. // // Deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5. Formatter pulumi.StringPtrInput // LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate // user group membership. Examples: `cn` or `memberOf`, etc. Defaults to `cn`. Groupattr pulumi.StringPtrInput // LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org). Groupdn pulumi.StringPtrInput // Go template for querying group membership of user (optional) The template can access // the following context variables: UserDN, Username. Defaults to `(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))` Groupfilter pulumi.StringPtrInput // Skip LDAP server SSL Certificate verification. This is not recommended for production. // Defaults to `false`. InsecureTls pulumi.BoolPtrInput // The number of seconds after a Vault rotation where, if Active Directory // shows a later rotation, it should be considered out-of-band LastRotationTolerance pulumi.IntPtrInput // The desired length of passwords that Vault generates. This // setting is deprecated and should instead use `passwordPolicy`. // // Deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5. Length pulumi.IntPtrInput // Mark the secrets engine as local-only. Local engines are not replicated or removed by // replication.Tolerance duration to use when checking the last rotation time. Local pulumi.BoolPtrInput // Maximum possible lease duration for secrets in seconds. MaxLeaseTtlSeconds pulumi.IntPtrInput // In seconds, the maximum password time-to-live. MaxTtl pulumi.IntPtrInput // Name of the password policy to use to generate passwords. PasswordPolicy pulumi.StringPtrInput // Timeout, in seconds, for the connection when making requests against the server // before returning back an error. RequestTimeout pulumi.IntPtrInput // Issue a StartTLS command after establishing unencrypted connection. Starttls pulumi.BoolPtrInput // Maximum TLS version to use. Accepted values are `tls10`, `tls11`, // `tls12` or `tls13`. Defaults to `tls12`. TlsMaxVersion pulumi.StringPtrInput // Minimum TLS version to use. Accepted values are `tls10`, `tls11`, // `tls12` or `tls13`. Defaults to `tls12`. TlsMinVersion pulumi.StringPtrInput // In seconds, the default password time-to-live. Ttl pulumi.IntPtrInput // Enables userPrincipalDomain login with [username]@UPNDomain. Upndomain pulumi.StringPtrInput // LDAP URL to connect to. Multiple URLs can be specified by concatenating // them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`. Url pulumi.StringPtrInput // In Vault 1.1.1 a fix for handling group CN values of // different cases unfortunately introduced a regression that could cause previously defined groups // to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for // matching group CNs will be used. This is only needed in some upgrade scenarios for backwards // compatibility. It is enabled by default if the config is upgraded but disabled by default on // new configurations. UsePre111GroupCnBehavior pulumi.BoolPtrInput // If true, use the Active Directory tokenGroups constructed attribute of the // user to find the group memberships. This will find all security groups including nested ones. UseTokenGroups pulumi.BoolPtrInput // Attribute used when searching users. Defaults to `cn`. Userattr pulumi.StringPtrInput // LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`. Userdn pulumi.StringPtrInput }
The set of arguments for constructing a SecretBackend resource.
func (SecretBackendArgs) ElementType ¶
func (SecretBackendArgs) ElementType() reflect.Type
type SecretBackendArray ¶
type SecretBackendArray []SecretBackendInput
func (SecretBackendArray) ElementType ¶
func (SecretBackendArray) ElementType() reflect.Type
func (SecretBackendArray) ToSecretBackendArrayOutput ¶
func (i SecretBackendArray) ToSecretBackendArrayOutput() SecretBackendArrayOutput
func (SecretBackendArray) ToSecretBackendArrayOutputWithContext ¶
func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
type SecretBackendArrayInput ¶
type SecretBackendArrayInput interface { pulumi.Input ToSecretBackendArrayOutput() SecretBackendArrayOutput ToSecretBackendArrayOutputWithContext(context.Context) SecretBackendArrayOutput }
SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. You can construct a concrete instance of `SecretBackendArrayInput` via:
SecretBackendArray{ SecretBackendArgs{...} }
type SecretBackendArrayOutput ¶
type SecretBackendArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendArrayOutput) ElementType ¶
func (SecretBackendArrayOutput) ElementType() reflect.Type
func (SecretBackendArrayOutput) Index ¶
func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput
func (SecretBackendArrayOutput) ToSecretBackendArrayOutput ¶
func (o SecretBackendArrayOutput) ToSecretBackendArrayOutput() SecretBackendArrayOutput
func (SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext ¶
func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
type SecretBackendInput ¶
type SecretBackendInput interface { pulumi.Input ToSecretBackendOutput() SecretBackendOutput ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput }
type SecretBackendMap ¶
type SecretBackendMap map[string]SecretBackendInput
func (SecretBackendMap) ElementType ¶
func (SecretBackendMap) ElementType() reflect.Type
func (SecretBackendMap) ToSecretBackendMapOutput ¶
func (i SecretBackendMap) ToSecretBackendMapOutput() SecretBackendMapOutput
func (SecretBackendMap) ToSecretBackendMapOutputWithContext ¶
func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
type SecretBackendMapInput ¶
type SecretBackendMapInput interface { pulumi.Input ToSecretBackendMapOutput() SecretBackendMapOutput ToSecretBackendMapOutputWithContext(context.Context) SecretBackendMapOutput }
SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. You can construct a concrete instance of `SecretBackendMapInput` via:
SecretBackendMap{ "key": SecretBackendArgs{...} }
type SecretBackendMapOutput ¶
type SecretBackendMapOutput struct{ *pulumi.OutputState }
func (SecretBackendMapOutput) ElementType ¶
func (SecretBackendMapOutput) ElementType() reflect.Type
func (SecretBackendMapOutput) MapIndex ¶
func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput
func (SecretBackendMapOutput) ToSecretBackendMapOutput ¶
func (o SecretBackendMapOutput) ToSecretBackendMapOutput() SecretBackendMapOutput
func (SecretBackendMapOutput) ToSecretBackendMapOutputWithContext ¶
func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
type SecretBackendOutput ¶
type SecretBackendOutput struct{ *pulumi.OutputState }
func (SecretBackendOutput) ElementType ¶
func (SecretBackendOutput) ElementType() reflect.Type
func (SecretBackendOutput) ToSecretBackendOutput ¶
func (o SecretBackendOutput) ToSecretBackendOutput() SecretBackendOutput
func (SecretBackendOutput) ToSecretBackendOutputWithContext ¶
func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
func (SecretBackendOutput) ToSecretBackendPtrOutput ¶
func (o SecretBackendOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
func (SecretBackendOutput) ToSecretBackendPtrOutputWithContext ¶
func (o SecretBackendOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
type SecretBackendPtrInput ¶
type SecretBackendPtrInput interface { pulumi.Input ToSecretBackendPtrOutput() SecretBackendPtrOutput ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput }
type SecretBackendPtrOutput ¶
type SecretBackendPtrOutput struct{ *pulumi.OutputState }
func (SecretBackendPtrOutput) Elem ¶ added in v4.6.0
func (o SecretBackendPtrOutput) Elem() SecretBackendOutput
func (SecretBackendPtrOutput) ElementType ¶
func (SecretBackendPtrOutput) ElementType() reflect.Type
func (SecretBackendPtrOutput) ToSecretBackendPtrOutput ¶
func (o SecretBackendPtrOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
func (SecretBackendPtrOutput) ToSecretBackendPtrOutputWithContext ¶
func (o SecretBackendPtrOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
type SecretBackendState ¶
type SecretBackendState struct { // Use anonymous binds when performing LDAP group searches // (if true the initial credentials will still be used for the initial connection test). AnonymousGroupSearch pulumi.BoolPtrInput // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `ad`. Backend pulumi.StringPtrInput // Distinguished name of object to bind when performing user and group search. Binddn pulumi.StringPtrInput // Password to use along with binddn when performing user search. Bindpass pulumi.StringPtrInput // If set, user and group names assigned to policies within the // backend will be case sensitive. Otherwise, names will be normalized to lower case. CaseSensitiveNames pulumi.BoolPtrInput // CA certificate to use when verifying LDAP server certificate, must be // x509 PEM encoded. Certificate pulumi.StringPtrInput // Client certificate to provide to the LDAP server, must be x509 PEM encoded. ClientTlsCert pulumi.StringPtrInput // Client certificate key to provide to the LDAP server, must be x509 PEM encoded. ClientTlsKey pulumi.StringPtrInput // Default lease duration for secrets in seconds. DefaultLeaseTtlSeconds pulumi.IntPtrInput // Denies an unauthenticated LDAP bind request if the user's password is empty; // defaults to true. DenyNullBind pulumi.BoolPtrInput // Human-friendly description of the mount for the Active Directory backend. Description pulumi.StringPtrInput // Use anonymous bind to discover the bind Distinguished Name of a user. Discoverdn pulumi.BoolPtrInput // Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix". This // setting is deprecated and should instead use `passwordPolicy`. // // Deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5. Formatter pulumi.StringPtrInput // LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate // user group membership. Examples: `cn` or `memberOf`, etc. Defaults to `cn`. Groupattr pulumi.StringPtrInput // LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org). Groupdn pulumi.StringPtrInput // Go template for querying group membership of user (optional) The template can access // the following context variables: UserDN, Username. Defaults to `(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))` Groupfilter pulumi.StringPtrInput // Skip LDAP server SSL Certificate verification. This is not recommended for production. // Defaults to `false`. InsecureTls pulumi.BoolPtrInput // The number of seconds after a Vault rotation where, if Active Directory // shows a later rotation, it should be considered out-of-band LastRotationTolerance pulumi.IntPtrInput // The desired length of passwords that Vault generates. This // setting is deprecated and should instead use `passwordPolicy`. // // Deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5. Length pulumi.IntPtrInput // Mark the secrets engine as local-only. Local engines are not replicated or removed by // replication.Tolerance duration to use when checking the last rotation time. Local pulumi.BoolPtrInput // Maximum possible lease duration for secrets in seconds. MaxLeaseTtlSeconds pulumi.IntPtrInput // In seconds, the maximum password time-to-live. MaxTtl pulumi.IntPtrInput // Name of the password policy to use to generate passwords. PasswordPolicy pulumi.StringPtrInput // Timeout, in seconds, for the connection when making requests against the server // before returning back an error. RequestTimeout pulumi.IntPtrInput // Issue a StartTLS command after establishing unencrypted connection. Starttls pulumi.BoolPtrInput // Maximum TLS version to use. Accepted values are `tls10`, `tls11`, // `tls12` or `tls13`. Defaults to `tls12`. TlsMaxVersion pulumi.StringPtrInput // Minimum TLS version to use. Accepted values are `tls10`, `tls11`, // `tls12` or `tls13`. Defaults to `tls12`. TlsMinVersion pulumi.StringPtrInput // In seconds, the default password time-to-live. Ttl pulumi.IntPtrInput // Enables userPrincipalDomain login with [username]@UPNDomain. Upndomain pulumi.StringPtrInput // LDAP URL to connect to. Multiple URLs can be specified by concatenating // them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`. Url pulumi.StringPtrInput // In Vault 1.1.1 a fix for handling group CN values of // different cases unfortunately introduced a regression that could cause previously defined groups // to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for // matching group CNs will be used. This is only needed in some upgrade scenarios for backwards // compatibility. It is enabled by default if the config is upgraded but disabled by default on // new configurations. UsePre111GroupCnBehavior pulumi.BoolPtrInput // If true, use the Active Directory tokenGroups constructed attribute of the // user to find the group memberships. This will find all security groups including nested ones. UseTokenGroups pulumi.BoolPtrInput // Attribute used when searching users. Defaults to `cn`. Userattr pulumi.StringPtrInput // LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`. Userdn pulumi.StringPtrInput }
func (SecretBackendState) ElementType ¶
func (SecretBackendState) ElementType() reflect.Type
type SecretLibrary ¶
type SecretLibrary struct { pulumi.CustomResourceState // The mount path for the AD backend. Backend pulumi.StringOutput `pulumi:"backend"` // Disable enforcing that service accounts must be checked in by the entity or client token that checked them out. DisableCheckInEnforcement pulumi.BoolPtrOutput `pulumi:"disableCheckInEnforcement"` // The maximum amount of time, in seconds, a check-out last with renewal before Vault automatically checks it back in. MaxTtl pulumi.IntOutput `pulumi:"maxTtl"` // The name of the set of service accounts. Name pulumi.StringOutput `pulumi:"name"` // The names of all the service accounts that can be checked out from this set. These service accounts must already exist // in Active Directory. ServiceAccountNames pulumi.StringArrayOutput `pulumi:"serviceAccountNames"` // The amount of time, in seconds, a single check-out lasts before Vault automatically checks it back in. Ttl pulumi.IntOutput `pulumi:"ttl"` }
func GetSecretLibrary ¶
func GetSecretLibrary(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretLibraryState, opts ...pulumi.ResourceOption) (*SecretLibrary, error)
GetSecretLibrary gets an existing SecretLibrary resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretLibrary ¶
func NewSecretLibrary(ctx *pulumi.Context, name string, args *SecretLibraryArgs, opts ...pulumi.ResourceOption) (*SecretLibrary, error)
NewSecretLibrary registers a new resource with the given unique name, arguments, and options.
func (*SecretLibrary) ElementType ¶
func (*SecretLibrary) ElementType() reflect.Type
func (*SecretLibrary) ToSecretLibraryOutput ¶
func (i *SecretLibrary) ToSecretLibraryOutput() SecretLibraryOutput
func (*SecretLibrary) ToSecretLibraryOutputWithContext ¶
func (i *SecretLibrary) ToSecretLibraryOutputWithContext(ctx context.Context) SecretLibraryOutput
func (*SecretLibrary) ToSecretLibraryPtrOutput ¶
func (i *SecretLibrary) ToSecretLibraryPtrOutput() SecretLibraryPtrOutput
func (*SecretLibrary) ToSecretLibraryPtrOutputWithContext ¶
func (i *SecretLibrary) ToSecretLibraryPtrOutputWithContext(ctx context.Context) SecretLibraryPtrOutput
type SecretLibraryArgs ¶
type SecretLibraryArgs struct { // The mount path for the AD backend. Backend pulumi.StringInput // Disable enforcing that service accounts must be checked in by the entity or client token that checked them out. DisableCheckInEnforcement pulumi.BoolPtrInput // The maximum amount of time, in seconds, a check-out last with renewal before Vault automatically checks it back in. MaxTtl pulumi.IntPtrInput // The name of the set of service accounts. Name pulumi.StringPtrInput // The names of all the service accounts that can be checked out from this set. These service accounts must already exist // in Active Directory. ServiceAccountNames pulumi.StringArrayInput // The amount of time, in seconds, a single check-out lasts before Vault automatically checks it back in. Ttl pulumi.IntPtrInput }
The set of arguments for constructing a SecretLibrary resource.
func (SecretLibraryArgs) ElementType ¶
func (SecretLibraryArgs) ElementType() reflect.Type
type SecretLibraryArray ¶
type SecretLibraryArray []SecretLibraryInput
func (SecretLibraryArray) ElementType ¶
func (SecretLibraryArray) ElementType() reflect.Type
func (SecretLibraryArray) ToSecretLibraryArrayOutput ¶
func (i SecretLibraryArray) ToSecretLibraryArrayOutput() SecretLibraryArrayOutput
func (SecretLibraryArray) ToSecretLibraryArrayOutputWithContext ¶
func (i SecretLibraryArray) ToSecretLibraryArrayOutputWithContext(ctx context.Context) SecretLibraryArrayOutput
type SecretLibraryArrayInput ¶
type SecretLibraryArrayInput interface { pulumi.Input ToSecretLibraryArrayOutput() SecretLibraryArrayOutput ToSecretLibraryArrayOutputWithContext(context.Context) SecretLibraryArrayOutput }
SecretLibraryArrayInput is an input type that accepts SecretLibraryArray and SecretLibraryArrayOutput values. You can construct a concrete instance of `SecretLibraryArrayInput` via:
SecretLibraryArray{ SecretLibraryArgs{...} }
type SecretLibraryArrayOutput ¶
type SecretLibraryArrayOutput struct{ *pulumi.OutputState }
func (SecretLibraryArrayOutput) ElementType ¶
func (SecretLibraryArrayOutput) ElementType() reflect.Type
func (SecretLibraryArrayOutput) Index ¶
func (o SecretLibraryArrayOutput) Index(i pulumi.IntInput) SecretLibraryOutput
func (SecretLibraryArrayOutput) ToSecretLibraryArrayOutput ¶
func (o SecretLibraryArrayOutput) ToSecretLibraryArrayOutput() SecretLibraryArrayOutput
func (SecretLibraryArrayOutput) ToSecretLibraryArrayOutputWithContext ¶
func (o SecretLibraryArrayOutput) ToSecretLibraryArrayOutputWithContext(ctx context.Context) SecretLibraryArrayOutput
type SecretLibraryInput ¶
type SecretLibraryInput interface { pulumi.Input ToSecretLibraryOutput() SecretLibraryOutput ToSecretLibraryOutputWithContext(ctx context.Context) SecretLibraryOutput }
type SecretLibraryMap ¶
type SecretLibraryMap map[string]SecretLibraryInput
func (SecretLibraryMap) ElementType ¶
func (SecretLibraryMap) ElementType() reflect.Type
func (SecretLibraryMap) ToSecretLibraryMapOutput ¶
func (i SecretLibraryMap) ToSecretLibraryMapOutput() SecretLibraryMapOutput
func (SecretLibraryMap) ToSecretLibraryMapOutputWithContext ¶
func (i SecretLibraryMap) ToSecretLibraryMapOutputWithContext(ctx context.Context) SecretLibraryMapOutput
type SecretLibraryMapInput ¶
type SecretLibraryMapInput interface { pulumi.Input ToSecretLibraryMapOutput() SecretLibraryMapOutput ToSecretLibraryMapOutputWithContext(context.Context) SecretLibraryMapOutput }
SecretLibraryMapInput is an input type that accepts SecretLibraryMap and SecretLibraryMapOutput values. You can construct a concrete instance of `SecretLibraryMapInput` via:
SecretLibraryMap{ "key": SecretLibraryArgs{...} }
type SecretLibraryMapOutput ¶
type SecretLibraryMapOutput struct{ *pulumi.OutputState }
func (SecretLibraryMapOutput) ElementType ¶
func (SecretLibraryMapOutput) ElementType() reflect.Type
func (SecretLibraryMapOutput) MapIndex ¶
func (o SecretLibraryMapOutput) MapIndex(k pulumi.StringInput) SecretLibraryOutput
func (SecretLibraryMapOutput) ToSecretLibraryMapOutput ¶
func (o SecretLibraryMapOutput) ToSecretLibraryMapOutput() SecretLibraryMapOutput
func (SecretLibraryMapOutput) ToSecretLibraryMapOutputWithContext ¶
func (o SecretLibraryMapOutput) ToSecretLibraryMapOutputWithContext(ctx context.Context) SecretLibraryMapOutput
type SecretLibraryOutput ¶
type SecretLibraryOutput struct{ *pulumi.OutputState }
func (SecretLibraryOutput) ElementType ¶
func (SecretLibraryOutput) ElementType() reflect.Type
func (SecretLibraryOutput) ToSecretLibraryOutput ¶
func (o SecretLibraryOutput) ToSecretLibraryOutput() SecretLibraryOutput
func (SecretLibraryOutput) ToSecretLibraryOutputWithContext ¶
func (o SecretLibraryOutput) ToSecretLibraryOutputWithContext(ctx context.Context) SecretLibraryOutput
func (SecretLibraryOutput) ToSecretLibraryPtrOutput ¶
func (o SecretLibraryOutput) ToSecretLibraryPtrOutput() SecretLibraryPtrOutput
func (SecretLibraryOutput) ToSecretLibraryPtrOutputWithContext ¶
func (o SecretLibraryOutput) ToSecretLibraryPtrOutputWithContext(ctx context.Context) SecretLibraryPtrOutput
type SecretLibraryPtrInput ¶
type SecretLibraryPtrInput interface { pulumi.Input ToSecretLibraryPtrOutput() SecretLibraryPtrOutput ToSecretLibraryPtrOutputWithContext(ctx context.Context) SecretLibraryPtrOutput }
type SecretLibraryPtrOutput ¶
type SecretLibraryPtrOutput struct{ *pulumi.OutputState }
func (SecretLibraryPtrOutput) Elem ¶ added in v4.6.0
func (o SecretLibraryPtrOutput) Elem() SecretLibraryOutput
func (SecretLibraryPtrOutput) ElementType ¶
func (SecretLibraryPtrOutput) ElementType() reflect.Type
func (SecretLibraryPtrOutput) ToSecretLibraryPtrOutput ¶
func (o SecretLibraryPtrOutput) ToSecretLibraryPtrOutput() SecretLibraryPtrOutput
func (SecretLibraryPtrOutput) ToSecretLibraryPtrOutputWithContext ¶
func (o SecretLibraryPtrOutput) ToSecretLibraryPtrOutputWithContext(ctx context.Context) SecretLibraryPtrOutput
type SecretLibraryState ¶
type SecretLibraryState struct { // The mount path for the AD backend. Backend pulumi.StringPtrInput // Disable enforcing that service accounts must be checked in by the entity or client token that checked them out. DisableCheckInEnforcement pulumi.BoolPtrInput // The maximum amount of time, in seconds, a check-out last with renewal before Vault automatically checks it back in. MaxTtl pulumi.IntPtrInput // The name of the set of service accounts. Name pulumi.StringPtrInput // The names of all the service accounts that can be checked out from this set. These service accounts must already exist // in Active Directory. ServiceAccountNames pulumi.StringArrayInput // The amount of time, in seconds, a single check-out lasts before Vault automatically checks it back in. Ttl pulumi.IntPtrInput }
func (SecretLibraryState) ElementType ¶
func (SecretLibraryState) ElementType() reflect.Type
type SecretRole ¶
type SecretRole struct { pulumi.CustomResourceState // The mount path for the AD backend. Backend pulumi.StringOutput `pulumi:"backend"` // Last time Vault rotated this service account's password. LastVaultRotation pulumi.StringOutput `pulumi:"lastVaultRotation"` // Last time Vault set this service account's password. PasswordLastSet pulumi.StringOutput `pulumi:"passwordLastSet"` // Name of the role. Role pulumi.StringOutput `pulumi:"role"` // The username/logon name for the service account with which this role will be associated. ServiceAccountName pulumi.StringOutput `pulumi:"serviceAccountName"` // In seconds, the default password time-to-live. Ttl pulumi.IntPtrOutput `pulumi:"ttl"` }
func GetSecretRole ¶
func GetSecretRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretRoleState, opts ...pulumi.ResourceOption) (*SecretRole, error)
GetSecretRole gets an existing SecretRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretRole ¶
func NewSecretRole(ctx *pulumi.Context, name string, args *SecretRoleArgs, opts ...pulumi.ResourceOption) (*SecretRole, error)
NewSecretRole registers a new resource with the given unique name, arguments, and options.
func (*SecretRole) ElementType ¶
func (*SecretRole) ElementType() reflect.Type
func (*SecretRole) ToSecretRoleOutput ¶
func (i *SecretRole) ToSecretRoleOutput() SecretRoleOutput
func (*SecretRole) ToSecretRoleOutputWithContext ¶
func (i *SecretRole) ToSecretRoleOutputWithContext(ctx context.Context) SecretRoleOutput
func (*SecretRole) ToSecretRolePtrOutput ¶
func (i *SecretRole) ToSecretRolePtrOutput() SecretRolePtrOutput
func (*SecretRole) ToSecretRolePtrOutputWithContext ¶
func (i *SecretRole) ToSecretRolePtrOutputWithContext(ctx context.Context) SecretRolePtrOutput
type SecretRoleArgs ¶
type SecretRoleArgs struct { // The mount path for the AD backend. Backend pulumi.StringInput // Name of the role. Role pulumi.StringInput // The username/logon name for the service account with which this role will be associated. ServiceAccountName pulumi.StringInput // In seconds, the default password time-to-live. Ttl pulumi.IntPtrInput }
The set of arguments for constructing a SecretRole resource.
func (SecretRoleArgs) ElementType ¶
func (SecretRoleArgs) ElementType() reflect.Type
type SecretRoleArray ¶
type SecretRoleArray []SecretRoleInput
func (SecretRoleArray) ElementType ¶
func (SecretRoleArray) ElementType() reflect.Type
func (SecretRoleArray) ToSecretRoleArrayOutput ¶
func (i SecretRoleArray) ToSecretRoleArrayOutput() SecretRoleArrayOutput
func (SecretRoleArray) ToSecretRoleArrayOutputWithContext ¶
func (i SecretRoleArray) ToSecretRoleArrayOutputWithContext(ctx context.Context) SecretRoleArrayOutput
type SecretRoleArrayInput ¶
type SecretRoleArrayInput interface { pulumi.Input ToSecretRoleArrayOutput() SecretRoleArrayOutput ToSecretRoleArrayOutputWithContext(context.Context) SecretRoleArrayOutput }
SecretRoleArrayInput is an input type that accepts SecretRoleArray and SecretRoleArrayOutput values. You can construct a concrete instance of `SecretRoleArrayInput` via:
SecretRoleArray{ SecretRoleArgs{...} }
type SecretRoleArrayOutput ¶
type SecretRoleArrayOutput struct{ *pulumi.OutputState }
func (SecretRoleArrayOutput) ElementType ¶
func (SecretRoleArrayOutput) ElementType() reflect.Type
func (SecretRoleArrayOutput) Index ¶
func (o SecretRoleArrayOutput) Index(i pulumi.IntInput) SecretRoleOutput
func (SecretRoleArrayOutput) ToSecretRoleArrayOutput ¶
func (o SecretRoleArrayOutput) ToSecretRoleArrayOutput() SecretRoleArrayOutput
func (SecretRoleArrayOutput) ToSecretRoleArrayOutputWithContext ¶
func (o SecretRoleArrayOutput) ToSecretRoleArrayOutputWithContext(ctx context.Context) SecretRoleArrayOutput
type SecretRoleInput ¶
type SecretRoleInput interface { pulumi.Input ToSecretRoleOutput() SecretRoleOutput ToSecretRoleOutputWithContext(ctx context.Context) SecretRoleOutput }
type SecretRoleMap ¶
type SecretRoleMap map[string]SecretRoleInput
func (SecretRoleMap) ElementType ¶
func (SecretRoleMap) ElementType() reflect.Type
func (SecretRoleMap) ToSecretRoleMapOutput ¶
func (i SecretRoleMap) ToSecretRoleMapOutput() SecretRoleMapOutput
func (SecretRoleMap) ToSecretRoleMapOutputWithContext ¶
func (i SecretRoleMap) ToSecretRoleMapOutputWithContext(ctx context.Context) SecretRoleMapOutput
type SecretRoleMapInput ¶
type SecretRoleMapInput interface { pulumi.Input ToSecretRoleMapOutput() SecretRoleMapOutput ToSecretRoleMapOutputWithContext(context.Context) SecretRoleMapOutput }
SecretRoleMapInput is an input type that accepts SecretRoleMap and SecretRoleMapOutput values. You can construct a concrete instance of `SecretRoleMapInput` via:
SecretRoleMap{ "key": SecretRoleArgs{...} }
type SecretRoleMapOutput ¶
type SecretRoleMapOutput struct{ *pulumi.OutputState }
func (SecretRoleMapOutput) ElementType ¶
func (SecretRoleMapOutput) ElementType() reflect.Type
func (SecretRoleMapOutput) MapIndex ¶
func (o SecretRoleMapOutput) MapIndex(k pulumi.StringInput) SecretRoleOutput
func (SecretRoleMapOutput) ToSecretRoleMapOutput ¶
func (o SecretRoleMapOutput) ToSecretRoleMapOutput() SecretRoleMapOutput
func (SecretRoleMapOutput) ToSecretRoleMapOutputWithContext ¶
func (o SecretRoleMapOutput) ToSecretRoleMapOutputWithContext(ctx context.Context) SecretRoleMapOutput
type SecretRoleOutput ¶
type SecretRoleOutput struct{ *pulumi.OutputState }
func (SecretRoleOutput) ElementType ¶
func (SecretRoleOutput) ElementType() reflect.Type
func (SecretRoleOutput) ToSecretRoleOutput ¶
func (o SecretRoleOutput) ToSecretRoleOutput() SecretRoleOutput
func (SecretRoleOutput) ToSecretRoleOutputWithContext ¶
func (o SecretRoleOutput) ToSecretRoleOutputWithContext(ctx context.Context) SecretRoleOutput
func (SecretRoleOutput) ToSecretRolePtrOutput ¶
func (o SecretRoleOutput) ToSecretRolePtrOutput() SecretRolePtrOutput
func (SecretRoleOutput) ToSecretRolePtrOutputWithContext ¶
func (o SecretRoleOutput) ToSecretRolePtrOutputWithContext(ctx context.Context) SecretRolePtrOutput
type SecretRolePtrInput ¶
type SecretRolePtrInput interface { pulumi.Input ToSecretRolePtrOutput() SecretRolePtrOutput ToSecretRolePtrOutputWithContext(ctx context.Context) SecretRolePtrOutput }
type SecretRolePtrOutput ¶
type SecretRolePtrOutput struct{ *pulumi.OutputState }
func (SecretRolePtrOutput) Elem ¶ added in v4.6.0
func (o SecretRolePtrOutput) Elem() SecretRoleOutput
func (SecretRolePtrOutput) ElementType ¶
func (SecretRolePtrOutput) ElementType() reflect.Type
func (SecretRolePtrOutput) ToSecretRolePtrOutput ¶
func (o SecretRolePtrOutput) ToSecretRolePtrOutput() SecretRolePtrOutput
func (SecretRolePtrOutput) ToSecretRolePtrOutputWithContext ¶
func (o SecretRolePtrOutput) ToSecretRolePtrOutputWithContext(ctx context.Context) SecretRolePtrOutput
type SecretRoleState ¶
type SecretRoleState struct { // The mount path for the AD backend. Backend pulumi.StringPtrInput // Last time Vault rotated this service account's password. LastVaultRotation pulumi.StringPtrInput // Last time Vault set this service account's password. PasswordLastSet pulumi.StringPtrInput // Name of the role. Role pulumi.StringPtrInput // The username/logon name for the service account with which this role will be associated. ServiceAccountName pulumi.StringPtrInput // In seconds, the default password time-to-live. Ttl pulumi.IntPtrInput }
func (SecretRoleState) ElementType ¶
func (SecretRoleState) ElementType() reflect.Type