Documentation ¶
Index ¶
- type AuthBackendLogin
- func (*AuthBackendLogin) ElementType() reflect.Type
- func (i *AuthBackendLogin) ToAuthBackendLoginOutput() AuthBackendLoginOutput
- func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
- func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
- func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
- type AuthBackendLoginArgs
- type AuthBackendLoginArray
- type AuthBackendLoginArrayInput
- type AuthBackendLoginArrayOutput
- func (AuthBackendLoginArrayOutput) ElementType() reflect.Type
- func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput
- func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
- func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput
- type AuthBackendLoginInput
- type AuthBackendLoginMap
- type AuthBackendLoginMapInput
- type AuthBackendLoginMapOutput
- func (AuthBackendLoginMapOutput) ElementType() reflect.Type
- func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput
- func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
- func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput
- type AuthBackendLoginOutput
- func (AuthBackendLoginOutput) ElementType() reflect.Type
- func (o AuthBackendLoginOutput) ToAuthBackendLoginOutput() AuthBackendLoginOutput
- func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
- func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
- func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
- type AuthBackendLoginPtrInput
- type AuthBackendLoginPtrOutput
- func (o AuthBackendLoginPtrOutput) Elem() AuthBackendLoginOutput
- func (AuthBackendLoginPtrOutput) ElementType() reflect.Type
- func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
- func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
- type AuthBackendLoginState
- type AuthBackendRole
- func (*AuthBackendRole) ElementType() reflect.Type
- func (i *AuthBackendRole) ToAuthBackendRoleOutput() AuthBackendRoleOutput
- func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
- func (i *AuthBackendRole) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
- func (i *AuthBackendRole) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
- type AuthBackendRoleArgs
- type AuthBackendRoleArray
- type AuthBackendRoleArrayInput
- type AuthBackendRoleArrayOutput
- func (AuthBackendRoleArrayOutput) ElementType() reflect.Type
- func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput
- func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
- func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput
- type AuthBackendRoleInput
- type AuthBackendRoleMap
- type AuthBackendRoleMapInput
- type AuthBackendRoleMapOutput
- func (AuthBackendRoleMapOutput) ElementType() reflect.Type
- func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput
- func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
- func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput
- type AuthBackendRoleOutput
- func (AuthBackendRoleOutput) ElementType() reflect.Type
- func (o AuthBackendRoleOutput) ToAuthBackendRoleOutput() AuthBackendRoleOutput
- func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
- func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
- func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
- type AuthBackendRolePtrInput
- type AuthBackendRolePtrOutput
- func (o AuthBackendRolePtrOutput) Elem() AuthBackendRoleOutput
- func (AuthBackendRolePtrOutput) ElementType() reflect.Type
- func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
- func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
- type AuthBackendRoleSecretID
- func (*AuthBackendRoleSecretID) ElementType() reflect.Type
- func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput
- func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput
- func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
- func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
- type AuthBackendRoleSecretIDArgs
- type AuthBackendRoleSecretIDArray
- func (AuthBackendRoleSecretIDArray) ElementType() reflect.Type
- func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput
- func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput
- type AuthBackendRoleSecretIDArrayInput
- type AuthBackendRoleSecretIDArrayOutput
- func (AuthBackendRoleSecretIDArrayOutput) ElementType() reflect.Type
- func (o AuthBackendRoleSecretIDArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleSecretIDOutput
- func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput
- func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput
- type AuthBackendRoleSecretIDInput
- type AuthBackendRoleSecretIDMap
- func (AuthBackendRoleSecretIDMap) ElementType() reflect.Type
- func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput
- func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput
- type AuthBackendRoleSecretIDMapInput
- type AuthBackendRoleSecretIDMapOutput
- func (AuthBackendRoleSecretIDMapOutput) ElementType() reflect.Type
- func (o AuthBackendRoleSecretIDMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleSecretIDOutput
- func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput
- func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput
- type AuthBackendRoleSecretIDOutput
- func (AuthBackendRoleSecretIDOutput) ElementType() reflect.Type
- func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput
- func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput
- func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
- func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
- type AuthBackendRoleSecretIDPtrInput
- type AuthBackendRoleSecretIDPtrOutput
- func (o AuthBackendRoleSecretIDPtrOutput) Elem() AuthBackendRoleSecretIDOutput
- func (AuthBackendRoleSecretIDPtrOutput) ElementType() reflect.Type
- func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
- func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
- type AuthBackendRoleSecretIDState
- type AuthBackendRoleState
- type GetAuthBackendRoleIdArgs
- type GetAuthBackendRoleIdOutputArgs
- type GetAuthBackendRoleIdResult
- type GetAuthBackendRoleIdResultOutput
- func (o GetAuthBackendRoleIdResultOutput) Backend() pulumi.StringPtrOutput
- func (GetAuthBackendRoleIdResultOutput) ElementType() reflect.Type
- func (o GetAuthBackendRoleIdResultOutput) Id() pulumi.StringOutput
- func (o GetAuthBackendRoleIdResultOutput) RoleId() pulumi.StringOutput
- func (o GetAuthBackendRoleIdResultOutput) RoleName() pulumi.StringOutput
- func (o GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutput() GetAuthBackendRoleIdResultOutput
- func (o GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutputWithContext(ctx context.Context) GetAuthBackendRoleIdResultOutput
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthBackendLogin ¶
type AuthBackendLogin struct { pulumi.CustomResourceState // The accessor for the token. Accessor pulumi.StringOutput `pulumi:"accessor"` // The unique path of the Vault backend to log in with. Backend pulumi.StringPtrOutput `pulumi:"backend"` // The Vault token created. ClientToken pulumi.StringOutput `pulumi:"clientToken"` // How long the token is valid for, in seconds. LeaseDuration pulumi.IntOutput `pulumi:"leaseDuration"` // The date and time the lease started, in RFC 3339 format. LeaseStarted pulumi.StringOutput `pulumi:"leaseStarted"` // The metadata associated with the token. Metadata pulumi.StringMapOutput `pulumi:"metadata"` // A list of policies applied to the token. Policies pulumi.StringArrayOutput `pulumi:"policies"` // Whether the token is renewable or not. Renewable pulumi.BoolOutput `pulumi:"renewable"` // The ID of the role to log in with. RoleId pulumi.StringOutput `pulumi:"roleId"` // The secret ID of the role to log in with. Required // unless `bindSecretId` is set to false on the role. SecretId pulumi.StringPtrOutput `pulumi:"secretId"` }
Logs into Vault using the AppRole auth backend. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{ Type: pulumi.String("approle"), }) if err != nil { return err } example, err := appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{ Backend: approle.Path, RoleName: pulumi.String("test-role"), Policies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("dev"), pulumi.String("prod"), }, }) if err != nil { return err } id, err := appRole.NewAuthBackendRoleSecretID(ctx, "id", &appRole.AuthBackendRoleSecretIDArgs{ Backend: approle.Path, RoleName: example.RoleName, }) if err != nil { return err } _, err = appRole.NewAuthBackendLogin(ctx, "login", &appRole.AuthBackendLoginArgs{ Backend: approle.Path, RoleId: example.RoleId, SecretId: id.SecretId, }) if err != nil { return err } return nil }) }
```
func GetAuthBackendLogin ¶
func GetAuthBackendLogin(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendLoginState, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)
GetAuthBackendLogin gets an existing AuthBackendLogin resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendLogin ¶
func NewAuthBackendLogin(ctx *pulumi.Context, name string, args *AuthBackendLoginArgs, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)
NewAuthBackendLogin registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendLogin) ElementType ¶
func (*AuthBackendLogin) ElementType() reflect.Type
func (*AuthBackendLogin) ToAuthBackendLoginOutput ¶
func (i *AuthBackendLogin) ToAuthBackendLoginOutput() AuthBackendLoginOutput
func (*AuthBackendLogin) ToAuthBackendLoginOutputWithContext ¶
func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
func (*AuthBackendLogin) ToAuthBackendLoginPtrOutput ¶
func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
func (*AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext ¶
func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
type AuthBackendLoginArgs ¶
type AuthBackendLoginArgs struct { // The unique path of the Vault backend to log in with. Backend pulumi.StringPtrInput // The ID of the role to log in with. RoleId pulumi.StringInput // The secret ID of the role to log in with. Required // unless `bindSecretId` is set to false on the role. SecretId pulumi.StringPtrInput }
The set of arguments for constructing a AuthBackendLogin resource.
func (AuthBackendLoginArgs) ElementType ¶
func (AuthBackendLoginArgs) ElementType() reflect.Type
type AuthBackendLoginArray ¶
type AuthBackendLoginArray []AuthBackendLoginInput
func (AuthBackendLoginArray) ElementType ¶
func (AuthBackendLoginArray) ElementType() reflect.Type
func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutput ¶
func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext ¶
func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput
type AuthBackendLoginArrayInput ¶
type AuthBackendLoginArrayInput interface { pulumi.Input ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput ToAuthBackendLoginArrayOutputWithContext(context.Context) AuthBackendLoginArrayOutput }
AuthBackendLoginArrayInput is an input type that accepts AuthBackendLoginArray and AuthBackendLoginArrayOutput values. You can construct a concrete instance of `AuthBackendLoginArrayInput` via:
AuthBackendLoginArray{ AuthBackendLoginArgs{...} }
type AuthBackendLoginArrayOutput ¶
type AuthBackendLoginArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginArrayOutput) ElementType ¶
func (AuthBackendLoginArrayOutput) ElementType() reflect.Type
func (AuthBackendLoginArrayOutput) Index ¶
func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput
func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput ¶
func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext ¶
func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput
type AuthBackendLoginInput ¶
type AuthBackendLoginInput interface { pulumi.Input ToAuthBackendLoginOutput() AuthBackendLoginOutput ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput }
type AuthBackendLoginMap ¶
type AuthBackendLoginMap map[string]AuthBackendLoginInput
func (AuthBackendLoginMap) ElementType ¶
func (AuthBackendLoginMap) ElementType() reflect.Type
func (AuthBackendLoginMap) ToAuthBackendLoginMapOutput ¶
func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
func (AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext ¶
func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput
type AuthBackendLoginMapInput ¶
type AuthBackendLoginMapInput interface { pulumi.Input ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput ToAuthBackendLoginMapOutputWithContext(context.Context) AuthBackendLoginMapOutput }
AuthBackendLoginMapInput is an input type that accepts AuthBackendLoginMap and AuthBackendLoginMapOutput values. You can construct a concrete instance of `AuthBackendLoginMapInput` via:
AuthBackendLoginMap{ "key": AuthBackendLoginArgs{...} }
type AuthBackendLoginMapOutput ¶
type AuthBackendLoginMapOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginMapOutput) ElementType ¶
func (AuthBackendLoginMapOutput) ElementType() reflect.Type
func (AuthBackendLoginMapOutput) MapIndex ¶
func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput
func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput ¶
func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext ¶
func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput
type AuthBackendLoginOutput ¶
type AuthBackendLoginOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginOutput) ElementType ¶
func (AuthBackendLoginOutput) ElementType() reflect.Type
func (AuthBackendLoginOutput) ToAuthBackendLoginOutput ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginOutput() AuthBackendLoginOutput
func (AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
type AuthBackendLoginPtrInput ¶
type AuthBackendLoginPtrInput interface { pulumi.Input ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput }
type AuthBackendLoginPtrOutput ¶
type AuthBackendLoginPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginPtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendLoginPtrOutput) Elem() AuthBackendLoginOutput
func (AuthBackendLoginPtrOutput) ElementType ¶
func (AuthBackendLoginPtrOutput) ElementType() reflect.Type
func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput ¶
func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext ¶
func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
type AuthBackendLoginState ¶
type AuthBackendLoginState struct { // The accessor for the token. Accessor pulumi.StringPtrInput // The unique path of the Vault backend to log in with. Backend pulumi.StringPtrInput // The Vault token created. ClientToken pulumi.StringPtrInput // How long the token is valid for, in seconds. LeaseDuration pulumi.IntPtrInput // The date and time the lease started, in RFC 3339 format. LeaseStarted pulumi.StringPtrInput // The metadata associated with the token. Metadata pulumi.StringMapInput // A list of policies applied to the token. Policies pulumi.StringArrayInput // Whether the token is renewable or not. Renewable pulumi.BoolPtrInput // The ID of the role to log in with. RoleId pulumi.StringPtrInput // The secret ID of the role to log in with. Required // unless `bindSecretId` is set to false on the role. SecretId pulumi.StringPtrInput }
func (AuthBackendLoginState) ElementType ¶
func (AuthBackendLoginState) ElementType() reflect.Type
type AuthBackendRole ¶
type AuthBackendRole struct { pulumi.CustomResourceState // The unique name of the auth backend to configure. // Defaults to `approle`. Backend pulumi.StringPtrOutput `pulumi:"backend"` // Whether or not to require `secretId` to be // presented when logging in using this AppRole. Defaults to `true`. BindSecretId pulumi.BoolPtrOutput `pulumi:"bindSecretId"` // If set, // specifies blocks of IP addresses which can perform the login operation. // // Deprecated: use `secret_id_bound_cidrs` instead BoundCidrLists pulumi.StringArrayOutput `pulumi:"boundCidrLists"` // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. // // Deprecated: use `token_period` instead if you are running Vault >= 1.2 Period pulumi.IntPtrOutput `pulumi:"period"` // An array of strings // specifying the policies to be set on tokens issued using this role. // // Deprecated: use `token_policies` instead if you are running Vault >= 1.2 Policies pulumi.StringArrayOutput `pulumi:"policies"` // The RoleID of this role. If not specified, one will be // auto-generated. RoleId pulumi.StringOutput `pulumi:"roleId"` // The name of the role. RoleName pulumi.StringOutput `pulumi:"roleName"` // If set, // specifies blocks of IP addresses which can perform the login operation. SecretIdBoundCidrs pulumi.StringArrayOutput `pulumi:"secretIdBoundCidrs"` // The number of times any particular SecretID // can be used to fetch a token from this AppRole, after which the SecretID will // expire. A value of zero will allow unlimited uses. SecretIdNumUses pulumi.IntPtrOutput `pulumi:"secretIdNumUses"` // The number of seconds after which any SecretID // expires. SecretIdTtl pulumi.IntPtrOutput `pulumi:"secretIdTtl"` // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"` // If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"` // The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"` // If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"` // The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"` // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"` // List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"` // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` // The type of token that should be generated. Can be `service`, // `batch`, or `default` to use the mount's tuned default (which unless changed will be // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` }
Manages an AppRole auth backend role in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{ Type: pulumi.String("approle"), }) if err != nil { return err } _, err = appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{ Backend: approle.Path, RoleName: pulumi.String("test-role"), TokenPolicies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("dev"), pulumi.String("prod"), }, }) if err != nil { return err } return nil }) }
```
## Import
AppRole authentication backend roles can be imported using the `path`, e.g.
```sh
$ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role
```
func GetAuthBackendRole ¶
func GetAuthBackendRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendRoleState, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)
GetAuthBackendRole gets an existing AuthBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendRole ¶
func NewAuthBackendRole(ctx *pulumi.Context, name string, args *AuthBackendRoleArgs, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)
NewAuthBackendRole registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendRole) ElementType ¶
func (*AuthBackendRole) ElementType() reflect.Type
func (*AuthBackendRole) ToAuthBackendRoleOutput ¶
func (i *AuthBackendRole) ToAuthBackendRoleOutput() AuthBackendRoleOutput
func (*AuthBackendRole) ToAuthBackendRoleOutputWithContext ¶
func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
func (*AuthBackendRole) ToAuthBackendRolePtrOutput ¶
func (i *AuthBackendRole) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
func (*AuthBackendRole) ToAuthBackendRolePtrOutputWithContext ¶
func (i *AuthBackendRole) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
type AuthBackendRoleArgs ¶
type AuthBackendRoleArgs struct { // The unique name of the auth backend to configure. // Defaults to `approle`. Backend pulumi.StringPtrInput // Whether or not to require `secretId` to be // presented when logging in using this AppRole. Defaults to `true`. BindSecretId pulumi.BoolPtrInput // If set, // specifies blocks of IP addresses which can perform the login operation. // // Deprecated: use `secret_id_bound_cidrs` instead BoundCidrLists pulumi.StringArrayInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. // // Deprecated: use `token_period` instead if you are running Vault >= 1.2 Period pulumi.IntPtrInput // An array of strings // specifying the policies to be set on tokens issued using this role. // // Deprecated: use `token_policies` instead if you are running Vault >= 1.2 Policies pulumi.StringArrayInput // The RoleID of this role. If not specified, one will be // auto-generated. RoleId pulumi.StringPtrInput // The name of the role. RoleName pulumi.StringInput // If set, // specifies blocks of IP addresses which can perform the login operation. SecretIdBoundCidrs pulumi.StringArrayInput // The number of times any particular SecretID // can be used to fetch a token from this AppRole, after which the SecretID will // expire. A value of zero will allow unlimited uses. SecretIdNumUses pulumi.IntPtrInput // The number of seconds after which any SecretID // expires. SecretIdTtl pulumi.IntPtrInput // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // The type of token that should be generated. Can be `service`, // `batch`, or `default` to use the mount's tuned default (which unless changed will be // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. TokenType pulumi.StringPtrInput }
The set of arguments for constructing a AuthBackendRole resource.
func (AuthBackendRoleArgs) ElementType ¶
func (AuthBackendRoleArgs) ElementType() reflect.Type
type AuthBackendRoleArray ¶
type AuthBackendRoleArray []AuthBackendRoleInput
func (AuthBackendRoleArray) ElementType ¶
func (AuthBackendRoleArray) ElementType() reflect.Type
func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutput ¶
func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext ¶
func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput
type AuthBackendRoleArrayInput ¶
type AuthBackendRoleArrayInput interface { pulumi.Input ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput ToAuthBackendRoleArrayOutputWithContext(context.Context) AuthBackendRoleArrayOutput }
AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. You can construct a concrete instance of `AuthBackendRoleArrayInput` via:
AuthBackendRoleArray{ AuthBackendRoleArgs{...} }
type AuthBackendRoleArrayOutput ¶
type AuthBackendRoleArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleArrayOutput) ElementType ¶
func (AuthBackendRoleArrayOutput) ElementType() reflect.Type
func (AuthBackendRoleArrayOutput) Index ¶
func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput
func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput ¶
func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext ¶
func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput
type AuthBackendRoleInput ¶
type AuthBackendRoleInput interface { pulumi.Input ToAuthBackendRoleOutput() AuthBackendRoleOutput ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput }
type AuthBackendRoleMap ¶
type AuthBackendRoleMap map[string]AuthBackendRoleInput
func (AuthBackendRoleMap) ElementType ¶
func (AuthBackendRoleMap) ElementType() reflect.Type
func (AuthBackendRoleMap) ToAuthBackendRoleMapOutput ¶
func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
func (AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext ¶
func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput
type AuthBackendRoleMapInput ¶
type AuthBackendRoleMapInput interface { pulumi.Input ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput ToAuthBackendRoleMapOutputWithContext(context.Context) AuthBackendRoleMapOutput }
AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. You can construct a concrete instance of `AuthBackendRoleMapInput` via:
AuthBackendRoleMap{ "key": AuthBackendRoleArgs{...} }
type AuthBackendRoleMapOutput ¶
type AuthBackendRoleMapOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleMapOutput) ElementType ¶
func (AuthBackendRoleMapOutput) ElementType() reflect.Type
func (AuthBackendRoleMapOutput) MapIndex ¶
func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput
func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput ¶
func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext ¶
func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput
type AuthBackendRoleOutput ¶
type AuthBackendRoleOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleOutput) ElementType ¶
func (AuthBackendRoleOutput) ElementType() reflect.Type
func (AuthBackendRoleOutput) ToAuthBackendRoleOutput ¶
func (o AuthBackendRoleOutput) ToAuthBackendRoleOutput() AuthBackendRoleOutput
func (AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext ¶
func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutput ¶
func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext ¶
func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
type AuthBackendRolePtrInput ¶
type AuthBackendRolePtrInput interface { pulumi.Input ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput }
type AuthBackendRolePtrOutput ¶
type AuthBackendRolePtrOutput struct{ *pulumi.OutputState }
func (AuthBackendRolePtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendRolePtrOutput) Elem() AuthBackendRoleOutput
func (AuthBackendRolePtrOutput) ElementType ¶
func (AuthBackendRolePtrOutput) ElementType() reflect.Type
func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput ¶
func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext ¶
func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
type AuthBackendRoleSecretID ¶
type AuthBackendRoleSecretID struct { pulumi.CustomResourceState // The unique ID for this SecretID that can be safely logged. Accessor pulumi.StringOutput `pulumi:"accessor"` // Unique name of the auth backend to configure. Backend pulumi.StringPtrOutput `pulumi:"backend"` // If set, specifies blocks of IP addresses which can // perform the login operation using this SecretID. CidrLists pulumi.StringArrayOutput `pulumi:"cidrLists"` // A JSON-encoded string containing metadata in // key-value pairs to be set on tokens issued with this SecretID. Metadata pulumi.StringPtrOutput `pulumi:"metadata"` // The name of the role to create the SecretID for. RoleName pulumi.StringOutput `pulumi:"roleName"` // The SecretID to be created. If set, uses "Push" // mode. Defaults to Vault auto-generating SecretIDs. SecretId pulumi.StringOutput `pulumi:"secretId"` // The unique ID for the response-wrapped SecretID that can // be safely logged. WrappingAccessor pulumi.StringOutput `pulumi:"wrappingAccessor"` // The token used to retrieve a response-wrapped SecretID. WrappingToken pulumi.StringOutput `pulumi:"wrappingToken"` // If set, the SecretID response will be // [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping) // and available for the duration specified. Only a single unwrapping of the // token is allowed. WrappingTtl pulumi.StringPtrOutput `pulumi:"wrappingTtl"` }
Manages an AppRole auth backend SecretID in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.
## Example Usage
```go package main
import (
"fmt" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{ Type: pulumi.String("approle"), }) if err != nil { return err } example, err := appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{ Backend: approle.Path, RoleName: pulumi.String("test-role"), Policies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("dev"), pulumi.String("prod"), }, }) if err != nil { return err } _, err = appRole.NewAuthBackendRoleSecretID(ctx, "id", &appRole.AuthBackendRoleSecretIDArgs{ Backend: approle.Path, RoleName: example.RoleName, Metadata: pulumi.String(fmt.Sprintf("%v%v%v", " {\n", " \"hello\": \"world\"\n", " }\n")), }) if err != nil { return err } return nil }) }
```
func GetAuthBackendRoleSecretID ¶
func GetAuthBackendRoleSecretID(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendRoleSecretIDState, opts ...pulumi.ResourceOption) (*AuthBackendRoleSecretID, error)
GetAuthBackendRoleSecretID gets an existing AuthBackendRoleSecretID resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendRoleSecretID ¶
func NewAuthBackendRoleSecretID(ctx *pulumi.Context, name string, args *AuthBackendRoleSecretIDArgs, opts ...pulumi.ResourceOption) (*AuthBackendRoleSecretID, error)
NewAuthBackendRoleSecretID registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendRoleSecretID) ElementType ¶
func (*AuthBackendRoleSecretID) ElementType() reflect.Type
func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutput ¶
func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput
func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutputWithContext ¶
func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput
func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutput ¶
func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutputWithContext ¶
func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
type AuthBackendRoleSecretIDArgs ¶
type AuthBackendRoleSecretIDArgs struct { // Unique name of the auth backend to configure. Backend pulumi.StringPtrInput // If set, specifies blocks of IP addresses which can // perform the login operation using this SecretID. CidrLists pulumi.StringArrayInput // A JSON-encoded string containing metadata in // key-value pairs to be set on tokens issued with this SecretID. Metadata pulumi.StringPtrInput // The name of the role to create the SecretID for. RoleName pulumi.StringInput // The SecretID to be created. If set, uses "Push" // mode. Defaults to Vault auto-generating SecretIDs. SecretId pulumi.StringPtrInput // If set, the SecretID response will be // [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping) // and available for the duration specified. Only a single unwrapping of the // token is allowed. WrappingTtl pulumi.StringPtrInput }
The set of arguments for constructing a AuthBackendRoleSecretID resource.
func (AuthBackendRoleSecretIDArgs) ElementType ¶
func (AuthBackendRoleSecretIDArgs) ElementType() reflect.Type
type AuthBackendRoleSecretIDArray ¶
type AuthBackendRoleSecretIDArray []AuthBackendRoleSecretIDInput
func (AuthBackendRoleSecretIDArray) ElementType ¶
func (AuthBackendRoleSecretIDArray) ElementType() reflect.Type
func (AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutput ¶
func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput
func (AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutputWithContext ¶
func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput
type AuthBackendRoleSecretIDArrayInput ¶
type AuthBackendRoleSecretIDArrayInput interface { pulumi.Input ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput ToAuthBackendRoleSecretIDArrayOutputWithContext(context.Context) AuthBackendRoleSecretIDArrayOutput }
AuthBackendRoleSecretIDArrayInput is an input type that accepts AuthBackendRoleSecretIDArray and AuthBackendRoleSecretIDArrayOutput values. You can construct a concrete instance of `AuthBackendRoleSecretIDArrayInput` via:
AuthBackendRoleSecretIDArray{ AuthBackendRoleSecretIDArgs{...} }
type AuthBackendRoleSecretIDArrayOutput ¶
type AuthBackendRoleSecretIDArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleSecretIDArrayOutput) ElementType ¶
func (AuthBackendRoleSecretIDArrayOutput) ElementType() reflect.Type
func (AuthBackendRoleSecretIDArrayOutput) Index ¶
func (o AuthBackendRoleSecretIDArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleSecretIDOutput
func (AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutput ¶
func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput
func (AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutputWithContext ¶
func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput
type AuthBackendRoleSecretIDInput ¶
type AuthBackendRoleSecretIDInput interface { pulumi.Input ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput }
type AuthBackendRoleSecretIDMap ¶
type AuthBackendRoleSecretIDMap map[string]AuthBackendRoleSecretIDInput
func (AuthBackendRoleSecretIDMap) ElementType ¶
func (AuthBackendRoleSecretIDMap) ElementType() reflect.Type
func (AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutput ¶
func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput
func (AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutputWithContext ¶
func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput
type AuthBackendRoleSecretIDMapInput ¶
type AuthBackendRoleSecretIDMapInput interface { pulumi.Input ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput ToAuthBackendRoleSecretIDMapOutputWithContext(context.Context) AuthBackendRoleSecretIDMapOutput }
AuthBackendRoleSecretIDMapInput is an input type that accepts AuthBackendRoleSecretIDMap and AuthBackendRoleSecretIDMapOutput values. You can construct a concrete instance of `AuthBackendRoleSecretIDMapInput` via:
AuthBackendRoleSecretIDMap{ "key": AuthBackendRoleSecretIDArgs{...} }
type AuthBackendRoleSecretIDMapOutput ¶
type AuthBackendRoleSecretIDMapOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleSecretIDMapOutput) ElementType ¶
func (AuthBackendRoleSecretIDMapOutput) ElementType() reflect.Type
func (AuthBackendRoleSecretIDMapOutput) MapIndex ¶
func (o AuthBackendRoleSecretIDMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleSecretIDOutput
func (AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutput ¶
func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput
func (AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutputWithContext ¶
func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput
type AuthBackendRoleSecretIDOutput ¶
type AuthBackendRoleSecretIDOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleSecretIDOutput) ElementType ¶
func (AuthBackendRoleSecretIDOutput) ElementType() reflect.Type
func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutput ¶
func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput
func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutputWithContext ¶
func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput
func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutput ¶
func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext ¶
func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
type AuthBackendRoleSecretIDPtrInput ¶
type AuthBackendRoleSecretIDPtrInput interface { pulumi.Input ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput }
type AuthBackendRoleSecretIDPtrOutput ¶
type AuthBackendRoleSecretIDPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleSecretIDPtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendRoleSecretIDPtrOutput) Elem() AuthBackendRoleSecretIDOutput
func (AuthBackendRoleSecretIDPtrOutput) ElementType ¶
func (AuthBackendRoleSecretIDPtrOutput) ElementType() reflect.Type
func (AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutput ¶
func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
func (AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext ¶
func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
type AuthBackendRoleSecretIDState ¶
type AuthBackendRoleSecretIDState struct { // The unique ID for this SecretID that can be safely logged. Accessor pulumi.StringPtrInput // Unique name of the auth backend to configure. Backend pulumi.StringPtrInput // If set, specifies blocks of IP addresses which can // perform the login operation using this SecretID. CidrLists pulumi.StringArrayInput // A JSON-encoded string containing metadata in // key-value pairs to be set on tokens issued with this SecretID. Metadata pulumi.StringPtrInput // The name of the role to create the SecretID for. RoleName pulumi.StringPtrInput // The SecretID to be created. If set, uses "Push" // mode. Defaults to Vault auto-generating SecretIDs. SecretId pulumi.StringPtrInput // The unique ID for the response-wrapped SecretID that can // be safely logged. WrappingAccessor pulumi.StringPtrInput // The token used to retrieve a response-wrapped SecretID. WrappingToken pulumi.StringPtrInput // If set, the SecretID response will be // [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping) // and available for the duration specified. Only a single unwrapping of the // token is allowed. WrappingTtl pulumi.StringPtrInput }
func (AuthBackendRoleSecretIDState) ElementType ¶
func (AuthBackendRoleSecretIDState) ElementType() reflect.Type
type AuthBackendRoleState ¶
type AuthBackendRoleState struct { // The unique name of the auth backend to configure. // Defaults to `approle`. Backend pulumi.StringPtrInput // Whether or not to require `secretId` to be // presented when logging in using this AppRole. Defaults to `true`. BindSecretId pulumi.BoolPtrInput // If set, // specifies blocks of IP addresses which can perform the login operation. // // Deprecated: use `secret_id_bound_cidrs` instead BoundCidrLists pulumi.StringArrayInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. // // Deprecated: use `token_period` instead if you are running Vault >= 1.2 Period pulumi.IntPtrInput // An array of strings // specifying the policies to be set on tokens issued using this role. // // Deprecated: use `token_policies` instead if you are running Vault >= 1.2 Policies pulumi.StringArrayInput // The RoleID of this role. If not specified, one will be // auto-generated. RoleId pulumi.StringPtrInput // The name of the role. RoleName pulumi.StringPtrInput // If set, // specifies blocks of IP addresses which can perform the login operation. SecretIdBoundCidrs pulumi.StringArrayInput // The number of times any particular SecretID // can be used to fetch a token from this AppRole, after which the SecretID will // expire. A value of zero will allow unlimited uses. SecretIdNumUses pulumi.IntPtrInput // The number of seconds after which any SecretID // expires. SecretIdTtl pulumi.IntPtrInput // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // The type of token that should be generated. Can be `service`, // `batch`, or `default` to use the mount's tuned default (which unless changed will be // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. TokenType pulumi.StringPtrInput }
func (AuthBackendRoleState) ElementType ¶
func (AuthBackendRoleState) ElementType() reflect.Type
type GetAuthBackendRoleIdArgs ¶
type GetAuthBackendRoleIdArgs struct { // The unique name for the AppRole backend the role to // retrieve a RoleID for resides in. Defaults to "approle". Backend *string `pulumi:"backend"` // The name of the role to retrieve the Role ID for. RoleName string `pulumi:"roleName"` }
A collection of arguments for invoking getAuthBackendRoleId.
type GetAuthBackendRoleIdOutputArgs ¶ added in v4.6.0
type GetAuthBackendRoleIdOutputArgs struct { // The unique name for the AppRole backend the role to // retrieve a RoleID for resides in. Defaults to "approle". Backend pulumi.StringPtrInput `pulumi:"backend"` // The name of the role to retrieve the Role ID for. RoleName pulumi.StringInput `pulumi:"roleName"` }
A collection of arguments for invoking getAuthBackendRoleId.
func (GetAuthBackendRoleIdOutputArgs) ElementType ¶ added in v4.6.0
func (GetAuthBackendRoleIdOutputArgs) ElementType() reflect.Type
type GetAuthBackendRoleIdResult ¶
type GetAuthBackendRoleIdResult struct { Backend *string `pulumi:"backend"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The RoleID of the role. RoleId string `pulumi:"roleId"` RoleName string `pulumi:"roleName"` }
A collection of values returned by getAuthBackendRoleId.
func GetAuthBackendRoleId ¶
func GetAuthBackendRoleId(ctx *pulumi.Context, args *GetAuthBackendRoleIdArgs, opts ...pulumi.InvokeOption) (*GetAuthBackendRoleIdResult, error)
Reads the Role ID of an AppRole from a Vault server.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { opt0 := "my-approle-backend" role, err := appRole.GetAuthBackendRoleId(ctx, &approle.GetAuthBackendRoleIdArgs{ Backend: &opt0, RoleName: "my-role", }, nil) if err != nil { return err } ctx.Export("role-id", role.RoleId) return nil }) }
```
type GetAuthBackendRoleIdResultOutput ¶ added in v4.6.0
type GetAuthBackendRoleIdResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getAuthBackendRoleId.
func GetAuthBackendRoleIdOutput ¶ added in v4.6.0
func GetAuthBackendRoleIdOutput(ctx *pulumi.Context, args GetAuthBackendRoleIdOutputArgs, opts ...pulumi.InvokeOption) GetAuthBackendRoleIdResultOutput
func (GetAuthBackendRoleIdResultOutput) Backend ¶ added in v4.6.0
func (o GetAuthBackendRoleIdResultOutput) Backend() pulumi.StringPtrOutput
func (GetAuthBackendRoleIdResultOutput) ElementType ¶ added in v4.6.0
func (GetAuthBackendRoleIdResultOutput) ElementType() reflect.Type
func (GetAuthBackendRoleIdResultOutput) Id ¶ added in v4.6.0
func (o GetAuthBackendRoleIdResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetAuthBackendRoleIdResultOutput) RoleId ¶ added in v4.6.0
func (o GetAuthBackendRoleIdResultOutput) RoleId() pulumi.StringOutput
The RoleID of the role.
func (GetAuthBackendRoleIdResultOutput) RoleName ¶ added in v4.6.0
func (o GetAuthBackendRoleIdResultOutput) RoleName() pulumi.StringOutput
func (GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutput ¶ added in v4.6.0
func (o GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutput() GetAuthBackendRoleIdResultOutput
func (GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutputWithContext ¶ added in v4.6.0
func (o GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutputWithContext(ctx context.Context) GetAuthBackendRoleIdResultOutput