approle

package
v4.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthBackendLogin 

type AuthBackendLogin struct {
	pulumi.CustomResourceState

	// The accessor for the token.
	Accessor pulumi.StringOutput `pulumi:"accessor"`
	// The unique path of the Vault backend to log in with.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// The Vault token created.
	ClientToken pulumi.StringOutput `pulumi:"clientToken"`
	// How long the token is valid for, in seconds.
	LeaseDuration pulumi.IntOutput `pulumi:"leaseDuration"`
	// The date and time the lease started, in RFC 3339 format.
	LeaseStarted pulumi.StringOutput `pulumi:"leaseStarted"`
	// The metadata associated with the token.
	Metadata pulumi.StringMapOutput `pulumi:"metadata"`
	// A list of policies applied to the token.
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// Whether the token is renewable or not.
	Renewable pulumi.BoolOutput `pulumi:"renewable"`
	// The ID of the role to log in with.
	RoleId pulumi.StringOutput `pulumi:"roleId"`
	// The secret ID of the role to log in with. Required
	// unless `bindSecretId` is set to false on the role.
	SecretId pulumi.StringPtrOutput `pulumi:"secretId"`
}

Logs into Vault using the AppRole auth backend. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v4/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{
			Type: pulumi.String("approle"),
		})
		if err != nil {
			return err
		}
		example, err := appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{
			Backend:  approle.Path,
			RoleName: pulumi.String("test-role"),
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("dev"),
				pulumi.String("prod"),
			},
		})
		if err != nil {
			return err
		}
		id, err := appRole.NewAuthBackendRoleSecretID(ctx, "id", &appRole.AuthBackendRoleSecretIDArgs{
			Backend:  approle.Path,
			RoleName: example.RoleName,
		})
		if err != nil {
			return err
		}
		_, err = appRole.NewAuthBackendLogin(ctx, "login", &appRole.AuthBackendLoginArgs{
			Backend:  approle.Path,
			RoleId:   example.RoleId,
			SecretId: id.SecretId,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetAuthBackendLogin 

func GetAuthBackendLogin(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthBackendLoginState, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)

GetAuthBackendLogin gets an existing AuthBackendLogin resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthBackendLogin 

func NewAuthBackendLogin(ctx *pulumi.Context,
	name string, args *AuthBackendLoginArgs, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)

NewAuthBackendLogin registers a new resource with the given unique name, arguments, and options.

func (*AuthBackendLogin) ElementType 

func (*AuthBackendLogin) ElementType() reflect.Type

func (*AuthBackendLogin) ToAuthBackendLoginOutput 

func (i *AuthBackendLogin) ToAuthBackendLoginOutput() AuthBackendLoginOutput

func (*AuthBackendLogin) ToAuthBackendLoginOutputWithContext 

func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput

func (*AuthBackendLogin) ToAuthBackendLoginPtrOutput 

func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput

func (*AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext 

func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput

type AuthBackendLoginArgs 

type AuthBackendLoginArgs struct {
	// The unique path of the Vault backend to log in with.
	Backend pulumi.StringPtrInput
	// The ID of the role to log in with.
	RoleId pulumi.StringInput
	// The secret ID of the role to log in with. Required
	// unless `bindSecretId` is set to false on the role.
	SecretId pulumi.StringPtrInput
}

The set of arguments for constructing a AuthBackendLogin resource.

func (AuthBackendLoginArgs) ElementType 

func (AuthBackendLoginArgs) ElementType() reflect.Type

type AuthBackendLoginArray 

type AuthBackendLoginArray []AuthBackendLoginInput

func (AuthBackendLoginArray) ElementType 

func (AuthBackendLoginArray) ElementType() reflect.Type

func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutput 

func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput

func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext 

func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput

type AuthBackendLoginArrayInput 

type AuthBackendLoginArrayInput interface {
	pulumi.Input

	ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
	ToAuthBackendLoginArrayOutputWithContext(context.Context) AuthBackendLoginArrayOutput
}

AuthBackendLoginArrayInput is an input type that accepts AuthBackendLoginArray and AuthBackendLoginArrayOutput values. You can construct a concrete instance of `AuthBackendLoginArrayInput` via: 

AuthBackendLoginArray{ AuthBackendLoginArgs{...} }

type AuthBackendLoginArrayOutput 

type AuthBackendLoginArrayOutput struct{ *pulumi.OutputState }

func (AuthBackendLoginArrayOutput) ElementType 

func (AuthBackendLoginArrayOutput) ElementType() reflect.Type

func (AuthBackendLoginArrayOutput) Index 

func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput

func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput 

func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput

func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext 

func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput

type AuthBackendLoginInput 

type AuthBackendLoginInput interface {
	pulumi.Input

	ToAuthBackendLoginOutput() AuthBackendLoginOutput
	ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
}

type AuthBackendLoginMap 

type AuthBackendLoginMap map[string]AuthBackendLoginInput

func (AuthBackendLoginMap) ElementType 

func (AuthBackendLoginMap) ElementType() reflect.Type

func (AuthBackendLoginMap) ToAuthBackendLoginMapOutput 

func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput

func (AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext 

func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput

type AuthBackendLoginMapInput 

type AuthBackendLoginMapInput interface {
	pulumi.Input

	ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
	ToAuthBackendLoginMapOutputWithContext(context.Context) AuthBackendLoginMapOutput
}

AuthBackendLoginMapInput is an input type that accepts AuthBackendLoginMap and AuthBackendLoginMapOutput values. You can construct a concrete instance of `AuthBackendLoginMapInput` via: 

AuthBackendLoginMap{ "key": AuthBackendLoginArgs{...} }

type AuthBackendLoginMapOutput 

type AuthBackendLoginMapOutput struct{ *pulumi.OutputState }

func (AuthBackendLoginMapOutput) ElementType 

func (AuthBackendLoginMapOutput) ElementType() reflect.Type

func (AuthBackendLoginMapOutput) MapIndex 

func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput

func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput 

func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput

func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext 

func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput

type AuthBackendLoginOutput 

type AuthBackendLoginOutput struct{ *pulumi.OutputState }

func (AuthBackendLoginOutput) ElementType 

func (AuthBackendLoginOutput) ElementType() reflect.Type

func (AuthBackendLoginOutput) ToAuthBackendLoginOutput 

func (o AuthBackendLoginOutput) ToAuthBackendLoginOutput() AuthBackendLoginOutput

func (AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext 

func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput

func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput 

func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput

func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext 

func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput

type AuthBackendLoginPtrInput 

type AuthBackendLoginPtrInput interface {
	pulumi.Input

	ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
	ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
}

type AuthBackendLoginPtrOutput 

type AuthBackendLoginPtrOutput struct{ *pulumi.OutputState }

func (AuthBackendLoginPtrOutput) Elem added in v4.6.0 

func (o AuthBackendLoginPtrOutput) Elem() AuthBackendLoginOutput

func (AuthBackendLoginPtrOutput) ElementType 

func (AuthBackendLoginPtrOutput) ElementType() reflect.Type

func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput 

func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput

func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext 

func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput

type AuthBackendLoginState 

type AuthBackendLoginState struct {
	// The accessor for the token.
	Accessor pulumi.StringPtrInput
	// The unique path of the Vault backend to log in with.
	Backend pulumi.StringPtrInput
	// The Vault token created.
	ClientToken pulumi.StringPtrInput
	// How long the token is valid for, in seconds.
	LeaseDuration pulumi.IntPtrInput
	// The date and time the lease started, in RFC 3339 format.
	LeaseStarted pulumi.StringPtrInput
	// The metadata associated with the token.
	Metadata pulumi.StringMapInput
	// A list of policies applied to the token.
	Policies pulumi.StringArrayInput
	// Whether the token is renewable or not.
	Renewable pulumi.BoolPtrInput
	// The ID of the role to log in with.
	RoleId pulumi.StringPtrInput
	// The secret ID of the role to log in with. Required
	// unless `bindSecretId` is set to false on the role.
	SecretId pulumi.StringPtrInput
}

func (AuthBackendLoginState) ElementType 

func (AuthBackendLoginState) ElementType() reflect.Type

type AuthBackendRole 

type AuthBackendRole struct {
	pulumi.CustomResourceState

	// The unique name of the auth backend to configure.
	// Defaults to `approle`.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// Whether or not to require `secretId` to be
	// presented when logging in using this AppRole. Defaults to `true`.
	BindSecretId pulumi.BoolPtrOutput `pulumi:"bindSecretId"`
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	//
	// Deprecated: use `secret_id_bound_cidrs` instead
	BoundCidrLists pulumi.StringArrayOutput `pulumi:"boundCidrLists"`
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	//
	// Deprecated: use `token_period` instead if you are running Vault >= 1.2
	Period pulumi.IntPtrOutput `pulumi:"period"`
	// An array of strings
	// specifying the policies to be set on tokens issued using this role.
	//
	// Deprecated: use `token_policies` instead if you are running Vault >= 1.2
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// The RoleID of this role. If not specified, one will be
	// auto-generated.
	RoleId pulumi.StringOutput `pulumi:"roleId"`
	// The name of the role.
	RoleName pulumi.StringOutput `pulumi:"roleName"`
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs pulumi.StringArrayOutput `pulumi:"secretIdBoundCidrs"`
	// The number of times any particular SecretID
	// can be used to fetch a token from this AppRole, after which the SecretID will
	// expire. A value of zero will allow unlimited uses.
	SecretIdNumUses pulumi.IntPtrOutput `pulumi:"secretIdNumUses"`
	// The number of seconds after which any SecretID
	// expires.
	SecretIdTtl pulumi.IntPtrOutput `pulumi:"secretIdTtl"`
	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"`
	// If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"`
	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"`
	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"`
	// The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"`
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"`
	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"`
	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"`
	// The type of token that should be generated. Can be `service`,
	// `batch`, or `default` to use the mount's tuned default (which unless changed will be
	// `service` tokens). For token store roles, there are two additional possibilities:
	// `default-service` and `default-batch` which specify the type to return unless the client
	// requests a different type at generation time.
	TokenType pulumi.StringPtrOutput `pulumi:"tokenType"`
}

Manages an AppRole auth backend role in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v4/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{
			Type: pulumi.String("approle"),
		})
		if err != nil {
			return err
		}
		_, err = appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{
			Backend:  approle.Path,
			RoleName: pulumi.String("test-role"),
			TokenPolicies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("dev"),
				pulumi.String("prod"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AppRole authentication backend roles can be imported using the `path`, e.g.

```sh 

$ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role

```

func GetAuthBackendRole 

func GetAuthBackendRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthBackendRoleState, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)

GetAuthBackendRole gets an existing AuthBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthBackendRole 

func NewAuthBackendRole(ctx *pulumi.Context,
	name string, args *AuthBackendRoleArgs, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)

NewAuthBackendRole registers a new resource with the given unique name, arguments, and options.

func (*AuthBackendRole) ElementType 

func (*AuthBackendRole) ElementType() reflect.Type

func (*AuthBackendRole) ToAuthBackendRoleOutput 

func (i *AuthBackendRole) ToAuthBackendRoleOutput() AuthBackendRoleOutput

func (*AuthBackendRole) ToAuthBackendRoleOutputWithContext 

func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput

func (*AuthBackendRole) ToAuthBackendRolePtrOutput 

func (i *AuthBackendRole) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput

func (*AuthBackendRole) ToAuthBackendRolePtrOutputWithContext 

func (i *AuthBackendRole) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput

type AuthBackendRoleArgs 

type AuthBackendRoleArgs struct {
	// The unique name of the auth backend to configure.
	// Defaults to `approle`.
	Backend pulumi.StringPtrInput
	// Whether or not to require `secretId` to be
	// presented when logging in using this AppRole. Defaults to `true`.
	BindSecretId pulumi.BoolPtrInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	//
	// Deprecated: use `secret_id_bound_cidrs` instead
	BoundCidrLists pulumi.StringArrayInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	//
	// Deprecated: use `token_period` instead if you are running Vault >= 1.2
	Period pulumi.IntPtrInput
	// An array of strings
	// specifying the policies to be set on tokens issued using this role.
	//
	// Deprecated: use `token_policies` instead if you are running Vault >= 1.2
	Policies pulumi.StringArrayInput
	// The RoleID of this role. If not specified, one will be
	// auto-generated.
	RoleId pulumi.StringPtrInput
	// The name of the role.
	RoleName pulumi.StringInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs pulumi.StringArrayInput
	// The number of times any particular SecretID
	// can be used to fetch a token from this AppRole, after which the SecretID will
	// expire. A value of zero will allow unlimited uses.
	SecretIdNumUses pulumi.IntPtrInput
	// The number of seconds after which any SecretID
	// expires.
	SecretIdTtl pulumi.IntPtrInput
	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayInput
	// If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrInput
	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrInput
	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayInput
	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrInput
	// The type of token that should be generated. Can be `service`,
	// `batch`, or `default` to use the mount's tuned default (which unless changed will be
	// `service` tokens). For token store roles, there are two additional possibilities:
	// `default-service` and `default-batch` which specify the type to return unless the client
	// requests a different type at generation time.
	TokenType pulumi.StringPtrInput
}

The set of arguments for constructing a AuthBackendRole resource.

func (AuthBackendRoleArgs) ElementType 

func (AuthBackendRoleArgs) ElementType() reflect.Type

type AuthBackendRoleArray 

type AuthBackendRoleArray []AuthBackendRoleInput

func (AuthBackendRoleArray) ElementType 

func (AuthBackendRoleArray) ElementType() reflect.Type

func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutput 

func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput

func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext 

func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput

type AuthBackendRoleArrayInput 

type AuthBackendRoleArrayInput interface {
	pulumi.Input

	ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
	ToAuthBackendRoleArrayOutputWithContext(context.Context) AuthBackendRoleArrayOutput
}

AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. You can construct a concrete instance of `AuthBackendRoleArrayInput` via: 

AuthBackendRoleArray{ AuthBackendRoleArgs{...} }

type AuthBackendRoleArrayOutput 

type AuthBackendRoleArrayOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleArrayOutput) ElementType 

func (AuthBackendRoleArrayOutput) ElementType() reflect.Type

func (AuthBackendRoleArrayOutput) Index 

func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput

func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput 

func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput

func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext 

func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput

type AuthBackendRoleInput 

type AuthBackendRoleInput interface {
	pulumi.Input

	ToAuthBackendRoleOutput() AuthBackendRoleOutput
	ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
}

type AuthBackendRoleMap 

type AuthBackendRoleMap map[string]AuthBackendRoleInput

func (AuthBackendRoleMap) ElementType 

func (AuthBackendRoleMap) ElementType() reflect.Type

func (AuthBackendRoleMap) ToAuthBackendRoleMapOutput 

func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput

func (AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext 

func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput

type AuthBackendRoleMapInput 

type AuthBackendRoleMapInput interface {
	pulumi.Input

	ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
	ToAuthBackendRoleMapOutputWithContext(context.Context) AuthBackendRoleMapOutput
}

AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. You can construct a concrete instance of `AuthBackendRoleMapInput` via: 

AuthBackendRoleMap{ "key": AuthBackendRoleArgs{...} }

type AuthBackendRoleMapOutput 

type AuthBackendRoleMapOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleMapOutput) ElementType 

func (AuthBackendRoleMapOutput) ElementType() reflect.Type

func (AuthBackendRoleMapOutput) MapIndex 

func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput

func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput 

func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput

func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext 

func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput

type AuthBackendRoleOutput 

type AuthBackendRoleOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleOutput) ElementType 

func (AuthBackendRoleOutput) ElementType() reflect.Type

func (AuthBackendRoleOutput) ToAuthBackendRoleOutput 

func (o AuthBackendRoleOutput) ToAuthBackendRoleOutput() AuthBackendRoleOutput

func (AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext 

func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput

func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutput 

func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput

func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext 

func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput

type AuthBackendRolePtrInput 

type AuthBackendRolePtrInput interface {
	pulumi.Input

	ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
	ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
}

type AuthBackendRolePtrOutput 

type AuthBackendRolePtrOutput struct{ *pulumi.OutputState }

func (AuthBackendRolePtrOutput) Elem added in v4.6.0 

func (o AuthBackendRolePtrOutput) Elem() AuthBackendRoleOutput

func (AuthBackendRolePtrOutput) ElementType 

func (AuthBackendRolePtrOutput) ElementType() reflect.Type

func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput 

func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput

func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext 

func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput

type AuthBackendRoleSecretID 

type AuthBackendRoleSecretID struct {
	pulumi.CustomResourceState

	// The unique ID for this SecretID that can be safely logged.
	Accessor pulumi.StringOutput `pulumi:"accessor"`
	// Unique name of the auth backend to configure.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// If set, specifies blocks of IP addresses which can
	// perform the login operation using this SecretID.
	CidrLists pulumi.StringArrayOutput `pulumi:"cidrLists"`
	// A JSON-encoded string containing metadata in
	// key-value pairs to be set on tokens issued with this SecretID.
	Metadata pulumi.StringPtrOutput `pulumi:"metadata"`
	// The name of the role to create the SecretID for.
	RoleName pulumi.StringOutput `pulumi:"roleName"`
	// The SecretID to be created. If set, uses "Push"
	// mode.  Defaults to Vault auto-generating SecretIDs.
	SecretId pulumi.StringOutput `pulumi:"secretId"`
	// The unique ID for the response-wrapped SecretID that can
	// be safely logged.
	WrappingAccessor pulumi.StringOutput `pulumi:"wrappingAccessor"`
	// The token used to retrieve a response-wrapped SecretID.
	WrappingToken pulumi.StringOutput `pulumi:"wrappingToken"`
	// If set, the SecretID response will be
	// [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping)
	// and available for the duration specified. Only a single unwrapping of the
	// token is allowed.
	WrappingTtl pulumi.StringPtrOutput `pulumi:"wrappingTtl"`
}

Manages an AppRole auth backend SecretID in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/approle) for more information.

## Example Usage

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-vault/sdk/v4/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		approle, err := vault.NewAuthBackend(ctx, "approle", &vault.AuthBackendArgs{
			Type: pulumi.String("approle"),
		})
		if err != nil {
			return err
		}
		example, err := appRole.NewAuthBackendRole(ctx, "example", &appRole.AuthBackendRoleArgs{
			Backend:  approle.Path,
			RoleName: pulumi.String("test-role"),
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("dev"),
				pulumi.String("prod"),
			},
		})
		if err != nil {
			return err
		}
		_, err = appRole.NewAuthBackendRoleSecretID(ctx, "id", &appRole.AuthBackendRoleSecretIDArgs{
			Backend:  approle.Path,
			RoleName: example.RoleName,
			Metadata: pulumi.String(fmt.Sprintf("%v%v%v", "  {\n", "    \"hello\": \"world\"\n", "  }\n")),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetAuthBackendRoleSecretID 

func GetAuthBackendRoleSecretID(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthBackendRoleSecretIDState, opts ...pulumi.ResourceOption) (*AuthBackendRoleSecretID, error)

GetAuthBackendRoleSecretID gets an existing AuthBackendRoleSecretID resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthBackendRoleSecretID 

func NewAuthBackendRoleSecretID(ctx *pulumi.Context,
	name string, args *AuthBackendRoleSecretIDArgs, opts ...pulumi.ResourceOption) (*AuthBackendRoleSecretID, error)

NewAuthBackendRoleSecretID registers a new resource with the given unique name, arguments, and options.

func (*AuthBackendRoleSecretID) ElementType 

func (*AuthBackendRoleSecretID) ElementType() reflect.Type

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutput 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutputWithContext 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutput 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput

func (*AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutputWithContext 

func (i *AuthBackendRoleSecretID) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput

type AuthBackendRoleSecretIDArgs 

type AuthBackendRoleSecretIDArgs struct {
	// Unique name of the auth backend to configure.
	Backend pulumi.StringPtrInput
	// If set, specifies blocks of IP addresses which can
	// perform the login operation using this SecretID.
	CidrLists pulumi.StringArrayInput
	// A JSON-encoded string containing metadata in
	// key-value pairs to be set on tokens issued with this SecretID.
	Metadata pulumi.StringPtrInput
	// The name of the role to create the SecretID for.
	RoleName pulumi.StringInput
	// The SecretID to be created. If set, uses "Push"
	// mode.  Defaults to Vault auto-generating SecretIDs.
	SecretId pulumi.StringPtrInput
	// If set, the SecretID response will be
	// [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping)
	// and available for the duration specified. Only a single unwrapping of the
	// token is allowed.
	WrappingTtl pulumi.StringPtrInput
}

The set of arguments for constructing a AuthBackendRoleSecretID resource.

func (AuthBackendRoleSecretIDArgs) ElementType 

func (AuthBackendRoleSecretIDArgs) ElementType() reflect.Type

type AuthBackendRoleSecretIDArray 

type AuthBackendRoleSecretIDArray []AuthBackendRoleSecretIDInput

func (AuthBackendRoleSecretIDArray) ElementType 

func (AuthBackendRoleSecretIDArray) ElementType() reflect.Type

func (AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutput 

func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput

func (AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutputWithContext 

func (i AuthBackendRoleSecretIDArray) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput

type AuthBackendRoleSecretIDArrayInput 

type AuthBackendRoleSecretIDArrayInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput
	ToAuthBackendRoleSecretIDArrayOutputWithContext(context.Context) AuthBackendRoleSecretIDArrayOutput
}

AuthBackendRoleSecretIDArrayInput is an input type that accepts AuthBackendRoleSecretIDArray and AuthBackendRoleSecretIDArrayOutput values. You can construct a concrete instance of `AuthBackendRoleSecretIDArrayInput` via: 

AuthBackendRoleSecretIDArray{ AuthBackendRoleSecretIDArgs{...} }

type AuthBackendRoleSecretIDArrayOutput 

type AuthBackendRoleSecretIDArrayOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleSecretIDArrayOutput) ElementType 

func (AuthBackendRoleSecretIDArrayOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDArrayOutput) Index 

func (o AuthBackendRoleSecretIDArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutput 

func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutput() AuthBackendRoleSecretIDArrayOutput

func (AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutputWithContext 

func (o AuthBackendRoleSecretIDArrayOutput) ToAuthBackendRoleSecretIDArrayOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDArrayOutput

type AuthBackendRoleSecretIDInput 

type AuthBackendRoleSecretIDInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput
	ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput
}

type AuthBackendRoleSecretIDMap 

type AuthBackendRoleSecretIDMap map[string]AuthBackendRoleSecretIDInput

func (AuthBackendRoleSecretIDMap) ElementType 

func (AuthBackendRoleSecretIDMap) ElementType() reflect.Type

func (AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutput 

func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput

func (AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutputWithContext 

func (i AuthBackendRoleSecretIDMap) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput

type AuthBackendRoleSecretIDMapInput 

type AuthBackendRoleSecretIDMapInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput
	ToAuthBackendRoleSecretIDMapOutputWithContext(context.Context) AuthBackendRoleSecretIDMapOutput
}

AuthBackendRoleSecretIDMapInput is an input type that accepts AuthBackendRoleSecretIDMap and AuthBackendRoleSecretIDMapOutput values. You can construct a concrete instance of `AuthBackendRoleSecretIDMapInput` via: 

AuthBackendRoleSecretIDMap{ "key": AuthBackendRoleSecretIDArgs{...} }

type AuthBackendRoleSecretIDMapOutput 

type AuthBackendRoleSecretIDMapOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleSecretIDMapOutput) ElementType 

func (AuthBackendRoleSecretIDMapOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDMapOutput) MapIndex 

func (o AuthBackendRoleSecretIDMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutput 

func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutput() AuthBackendRoleSecretIDMapOutput

func (AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutputWithContext 

func (o AuthBackendRoleSecretIDMapOutput) ToAuthBackendRoleSecretIDMapOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDMapOutput

type AuthBackendRoleSecretIDOutput 

type AuthBackendRoleSecretIDOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleSecretIDOutput) ElementType 

func (AuthBackendRoleSecretIDOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutput 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutput() AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutputWithContext 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutput 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput

func (AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext 

func (o AuthBackendRoleSecretIDOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput

type AuthBackendRoleSecretIDPtrInput 

type AuthBackendRoleSecretIDPtrInput interface {
	pulumi.Input

	ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput
	ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput
}

type AuthBackendRoleSecretIDPtrOutput 

type AuthBackendRoleSecretIDPtrOutput struct{ *pulumi.OutputState }

func (AuthBackendRoleSecretIDPtrOutput) Elem added in v4.6.0 

func (o AuthBackendRoleSecretIDPtrOutput) Elem() AuthBackendRoleSecretIDOutput

func (AuthBackendRoleSecretIDPtrOutput) ElementType 

func (AuthBackendRoleSecretIDPtrOutput) ElementType() reflect.Type

func (AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutput 

func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutput() AuthBackendRoleSecretIDPtrOutput

func (AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext 

func (o AuthBackendRoleSecretIDPtrOutput) ToAuthBackendRoleSecretIDPtrOutputWithContext(ctx context.Context) AuthBackendRoleSecretIDPtrOutput

type AuthBackendRoleSecretIDState 

type AuthBackendRoleSecretIDState struct {
	// The unique ID for this SecretID that can be safely logged.
	Accessor pulumi.StringPtrInput
	// Unique name of the auth backend to configure.
	Backend pulumi.StringPtrInput
	// If set, specifies blocks of IP addresses which can
	// perform the login operation using this SecretID.
	CidrLists pulumi.StringArrayInput
	// A JSON-encoded string containing metadata in
	// key-value pairs to be set on tokens issued with this SecretID.
	Metadata pulumi.StringPtrInput
	// The name of the role to create the SecretID for.
	RoleName pulumi.StringPtrInput
	// The SecretID to be created. If set, uses "Push"
	// mode.  Defaults to Vault auto-generating SecretIDs.
	SecretId pulumi.StringPtrInput
	// The unique ID for the response-wrapped SecretID that can
	// be safely logged.
	WrappingAccessor pulumi.StringPtrInput
	// The token used to retrieve a response-wrapped SecretID.
	WrappingToken pulumi.StringPtrInput
	// If set, the SecretID response will be
	// [response-wrapped](https://www.vaultproject.io/docs/concepts/response-wrapping)
	// and available for the duration specified. Only a single unwrapping of the
	// token is allowed.
	WrappingTtl pulumi.StringPtrInput
}

func (AuthBackendRoleSecretIDState) ElementType 

func (AuthBackendRoleSecretIDState) ElementType() reflect.Type

type AuthBackendRoleState 

type AuthBackendRoleState struct {
	// The unique name of the auth backend to configure.
	// Defaults to `approle`.
	Backend pulumi.StringPtrInput
	// Whether or not to require `secretId` to be
	// presented when logging in using this AppRole. Defaults to `true`.
	BindSecretId pulumi.BoolPtrInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	//
	// Deprecated: use `secret_id_bound_cidrs` instead
	BoundCidrLists pulumi.StringArrayInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	//
	// Deprecated: use `token_period` instead if you are running Vault >= 1.2
	Period pulumi.IntPtrInput
	// An array of strings
	// specifying the policies to be set on tokens issued using this role.
	//
	// Deprecated: use `token_policies` instead if you are running Vault >= 1.2
	Policies pulumi.StringArrayInput
	// The RoleID of this role. If not specified, one will be
	// auto-generated.
	RoleId pulumi.StringPtrInput
	// The name of the role.
	RoleName pulumi.StringPtrInput
	// If set,
	// specifies blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs pulumi.StringArrayInput
	// The number of times any particular SecretID
	// can be used to fetch a token from this AppRole, after which the SecretID will
	// expire. A value of zero will allow unlimited uses.
	SecretIdNumUses pulumi.IntPtrInput
	// The number of seconds after which any SecretID
	// expires.
	SecretIdTtl pulumi.IntPtrInput
	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayInput
	// If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrInput
	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrInput
	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrInput
	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayInput
	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrInput
	// The type of token that should be generated. Can be `service`,
	// `batch`, or `default` to use the mount's tuned default (which unless changed will be
	// `service` tokens). For token store roles, there are two additional possibilities:
	// `default-service` and `default-batch` which specify the type to return unless the client
	// requests a different type at generation time.
	TokenType pulumi.StringPtrInput
}

func (AuthBackendRoleState) ElementType 

func (AuthBackendRoleState) ElementType() reflect.Type

type GetAuthBackendRoleIdArgs 

type GetAuthBackendRoleIdArgs struct {
	// The unique name for the AppRole backend the role to
	// retrieve a RoleID for resides in. Defaults to "approle".
	Backend *string `pulumi:"backend"`
	// The name of the role to retrieve the Role ID for.
	RoleName string `pulumi:"roleName"`
}

A collection of arguments for invoking getAuthBackendRoleId.

type GetAuthBackendRoleIdOutputArgs added in v4.6.0 

type GetAuthBackendRoleIdOutputArgs struct {
	// The unique name for the AppRole backend the role to
	// retrieve a RoleID for resides in. Defaults to "approle".
	Backend pulumi.StringPtrInput `pulumi:"backend"`
	// The name of the role to retrieve the Role ID for.
	RoleName pulumi.StringInput `pulumi:"roleName"`
}

A collection of arguments for invoking getAuthBackendRoleId.

func (GetAuthBackendRoleIdOutputArgs) ElementType added in v4.6.0 

func (GetAuthBackendRoleIdOutputArgs) ElementType() reflect.Type

type GetAuthBackendRoleIdResult 

type GetAuthBackendRoleIdResult struct {
	Backend *string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The RoleID of the role.
	RoleId   string `pulumi:"roleId"`
	RoleName string `pulumi:"roleName"`
}

A collection of values returned by getAuthBackendRoleId.

func GetAuthBackendRoleId 

func GetAuthBackendRoleId(ctx *pulumi.Context, args *GetAuthBackendRoleIdArgs, opts ...pulumi.InvokeOption) (*GetAuthBackendRoleIdResult, error)

Reads the Role ID of an AppRole from a Vault server.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/appRole"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "my-approle-backend"
		role, err := appRole.GetAuthBackendRoleId(ctx, &approle.GetAuthBackendRoleIdArgs{
			Backend:  &opt0,
			RoleName: "my-role",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("role-id", role.RoleId)
		return nil
	})
}

```

type GetAuthBackendRoleIdResultOutput added in v4.6.0 

type GetAuthBackendRoleIdResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getAuthBackendRoleId.

func GetAuthBackendRoleIdOutput added in v4.6.0 

func GetAuthBackendRoleIdOutput(ctx *pulumi.Context, args GetAuthBackendRoleIdOutputArgs, opts ...pulumi.InvokeOption) GetAuthBackendRoleIdResultOutput

func (GetAuthBackendRoleIdResultOutput) Backend added in v4.6.0 

func (o GetAuthBackendRoleIdResultOutput) Backend() pulumi.StringPtrOutput

func (GetAuthBackendRoleIdResultOutput) ElementType added in v4.6.0 

func (GetAuthBackendRoleIdResultOutput) ElementType() reflect.Type

func (GetAuthBackendRoleIdResultOutput) Id added in v4.6.0 

func (o GetAuthBackendRoleIdResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetAuthBackendRoleIdResultOutput) RoleId added in v4.6.0 

func (o GetAuthBackendRoleIdResultOutput) RoleId() pulumi.StringOutput

The RoleID of the role.

func (GetAuthBackendRoleIdResultOutput) RoleName added in v4.6.0 

func (o GetAuthBackendRoleIdResultOutput) RoleName() pulumi.StringOutput

func (GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutput added in v4.6.0 

func (o GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutput() GetAuthBackendRoleIdResultOutput

func (GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutputWithContext added in v4.6.0 

func (o GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutputWithContext(ctx context.Context) GetAuthBackendRoleIdResultOutput

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.