Documentation ¶
Index ¶
- type AuthBackendCert
- func (*AuthBackendCert) ElementType() reflect.Type
- func (i *AuthBackendCert) ToAuthBackendCertOutput() AuthBackendCertOutput
- func (i *AuthBackendCert) ToAuthBackendCertOutputWithContext(ctx context.Context) AuthBackendCertOutput
- func (i *AuthBackendCert) ToAuthBackendCertPtrOutput() AuthBackendCertPtrOutput
- func (i *AuthBackendCert) ToAuthBackendCertPtrOutputWithContext(ctx context.Context) AuthBackendCertPtrOutput
- type AuthBackendCertArgs
- type AuthBackendCertArray
- type AuthBackendCertArrayInput
- type AuthBackendCertArrayOutput
- func (AuthBackendCertArrayOutput) ElementType() reflect.Type
- func (o AuthBackendCertArrayOutput) Index(i pulumi.IntInput) AuthBackendCertOutput
- func (o AuthBackendCertArrayOutput) ToAuthBackendCertArrayOutput() AuthBackendCertArrayOutput
- func (o AuthBackendCertArrayOutput) ToAuthBackendCertArrayOutputWithContext(ctx context.Context) AuthBackendCertArrayOutput
- type AuthBackendCertInput
- type AuthBackendCertMap
- type AuthBackendCertMapInput
- type AuthBackendCertMapOutput
- func (AuthBackendCertMapOutput) ElementType() reflect.Type
- func (o AuthBackendCertMapOutput) MapIndex(k pulumi.StringInput) AuthBackendCertOutput
- func (o AuthBackendCertMapOutput) ToAuthBackendCertMapOutput() AuthBackendCertMapOutput
- func (o AuthBackendCertMapOutput) ToAuthBackendCertMapOutputWithContext(ctx context.Context) AuthBackendCertMapOutput
- type AuthBackendCertOutput
- func (AuthBackendCertOutput) ElementType() reflect.Type
- func (o AuthBackendCertOutput) ToAuthBackendCertOutput() AuthBackendCertOutput
- func (o AuthBackendCertOutput) ToAuthBackendCertOutputWithContext(ctx context.Context) AuthBackendCertOutput
- func (o AuthBackendCertOutput) ToAuthBackendCertPtrOutput() AuthBackendCertPtrOutput
- func (o AuthBackendCertOutput) ToAuthBackendCertPtrOutputWithContext(ctx context.Context) AuthBackendCertPtrOutput
- type AuthBackendCertPtrInput
- type AuthBackendCertPtrOutput
- func (o AuthBackendCertPtrOutput) Elem() AuthBackendCertOutput
- func (AuthBackendCertPtrOutput) ElementType() reflect.Type
- func (o AuthBackendCertPtrOutput) ToAuthBackendCertPtrOutput() AuthBackendCertPtrOutput
- func (o AuthBackendCertPtrOutput) ToAuthBackendCertPtrOutputWithContext(ctx context.Context) AuthBackendCertPtrOutput
- type AuthBackendCertState
- type AuthBackendClient
- func (*AuthBackendClient) ElementType() reflect.Type
- func (i *AuthBackendClient) ToAuthBackendClientOutput() AuthBackendClientOutput
- func (i *AuthBackendClient) ToAuthBackendClientOutputWithContext(ctx context.Context) AuthBackendClientOutput
- func (i *AuthBackendClient) ToAuthBackendClientPtrOutput() AuthBackendClientPtrOutput
- func (i *AuthBackendClient) ToAuthBackendClientPtrOutputWithContext(ctx context.Context) AuthBackendClientPtrOutput
- type AuthBackendClientArgs
- type AuthBackendClientArray
- type AuthBackendClientArrayInput
- type AuthBackendClientArrayOutput
- func (AuthBackendClientArrayOutput) ElementType() reflect.Type
- func (o AuthBackendClientArrayOutput) Index(i pulumi.IntInput) AuthBackendClientOutput
- func (o AuthBackendClientArrayOutput) ToAuthBackendClientArrayOutput() AuthBackendClientArrayOutput
- func (o AuthBackendClientArrayOutput) ToAuthBackendClientArrayOutputWithContext(ctx context.Context) AuthBackendClientArrayOutput
- type AuthBackendClientInput
- type AuthBackendClientMap
- type AuthBackendClientMapInput
- type AuthBackendClientMapOutput
- func (AuthBackendClientMapOutput) ElementType() reflect.Type
- func (o AuthBackendClientMapOutput) MapIndex(k pulumi.StringInput) AuthBackendClientOutput
- func (o AuthBackendClientMapOutput) ToAuthBackendClientMapOutput() AuthBackendClientMapOutput
- func (o AuthBackendClientMapOutput) ToAuthBackendClientMapOutputWithContext(ctx context.Context) AuthBackendClientMapOutput
- type AuthBackendClientOutput
- func (AuthBackendClientOutput) ElementType() reflect.Type
- func (o AuthBackendClientOutput) ToAuthBackendClientOutput() AuthBackendClientOutput
- func (o AuthBackendClientOutput) ToAuthBackendClientOutputWithContext(ctx context.Context) AuthBackendClientOutput
- func (o AuthBackendClientOutput) ToAuthBackendClientPtrOutput() AuthBackendClientPtrOutput
- func (o AuthBackendClientOutput) ToAuthBackendClientPtrOutputWithContext(ctx context.Context) AuthBackendClientPtrOutput
- type AuthBackendClientPtrInput
- type AuthBackendClientPtrOutput
- func (o AuthBackendClientPtrOutput) Elem() AuthBackendClientOutput
- func (AuthBackendClientPtrOutput) ElementType() reflect.Type
- func (o AuthBackendClientPtrOutput) ToAuthBackendClientPtrOutput() AuthBackendClientPtrOutput
- func (o AuthBackendClientPtrOutput) ToAuthBackendClientPtrOutputWithContext(ctx context.Context) AuthBackendClientPtrOutput
- type AuthBackendClientState
- type AuthBackendIdentityWhitelist
- func (*AuthBackendIdentityWhitelist) ElementType() reflect.Type
- func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistOutput() AuthBackendIdentityWhitelistOutput
- func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistOutput
- func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistPtrOutput() AuthBackendIdentityWhitelistPtrOutput
- func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistPtrOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistPtrOutput
- type AuthBackendIdentityWhitelistArgs
- type AuthBackendIdentityWhitelistArray
- func (AuthBackendIdentityWhitelistArray) ElementType() reflect.Type
- func (i AuthBackendIdentityWhitelistArray) ToAuthBackendIdentityWhitelistArrayOutput() AuthBackendIdentityWhitelistArrayOutput
- func (i AuthBackendIdentityWhitelistArray) ToAuthBackendIdentityWhitelistArrayOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistArrayOutput
- type AuthBackendIdentityWhitelistArrayInput
- type AuthBackendIdentityWhitelistArrayOutput
- func (AuthBackendIdentityWhitelistArrayOutput) ElementType() reflect.Type
- func (o AuthBackendIdentityWhitelistArrayOutput) Index(i pulumi.IntInput) AuthBackendIdentityWhitelistOutput
- func (o AuthBackendIdentityWhitelistArrayOutput) ToAuthBackendIdentityWhitelistArrayOutput() AuthBackendIdentityWhitelistArrayOutput
- func (o AuthBackendIdentityWhitelistArrayOutput) ToAuthBackendIdentityWhitelistArrayOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistArrayOutput
- type AuthBackendIdentityWhitelistInput
- type AuthBackendIdentityWhitelistMap
- func (AuthBackendIdentityWhitelistMap) ElementType() reflect.Type
- func (i AuthBackendIdentityWhitelistMap) ToAuthBackendIdentityWhitelistMapOutput() AuthBackendIdentityWhitelistMapOutput
- func (i AuthBackendIdentityWhitelistMap) ToAuthBackendIdentityWhitelistMapOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistMapOutput
- type AuthBackendIdentityWhitelistMapInput
- type AuthBackendIdentityWhitelistMapOutput
- func (AuthBackendIdentityWhitelistMapOutput) ElementType() reflect.Type
- func (o AuthBackendIdentityWhitelistMapOutput) MapIndex(k pulumi.StringInput) AuthBackendIdentityWhitelistOutput
- func (o AuthBackendIdentityWhitelistMapOutput) ToAuthBackendIdentityWhitelistMapOutput() AuthBackendIdentityWhitelistMapOutput
- func (o AuthBackendIdentityWhitelistMapOutput) ToAuthBackendIdentityWhitelistMapOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistMapOutput
- type AuthBackendIdentityWhitelistOutput
- func (AuthBackendIdentityWhitelistOutput) ElementType() reflect.Type
- func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistOutput() AuthBackendIdentityWhitelistOutput
- func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistOutput
- func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistPtrOutput() AuthBackendIdentityWhitelistPtrOutput
- func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistPtrOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistPtrOutput
- type AuthBackendIdentityWhitelistPtrInput
- type AuthBackendIdentityWhitelistPtrOutput
- func (o AuthBackendIdentityWhitelistPtrOutput) Elem() AuthBackendIdentityWhitelistOutput
- func (AuthBackendIdentityWhitelistPtrOutput) ElementType() reflect.Type
- func (o AuthBackendIdentityWhitelistPtrOutput) ToAuthBackendIdentityWhitelistPtrOutput() AuthBackendIdentityWhitelistPtrOutput
- func (o AuthBackendIdentityWhitelistPtrOutput) ToAuthBackendIdentityWhitelistPtrOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistPtrOutput
- type AuthBackendIdentityWhitelistState
- type AuthBackendLogin
- func (*AuthBackendLogin) ElementType() reflect.Type
- func (i *AuthBackendLogin) ToAuthBackendLoginOutput() AuthBackendLoginOutput
- func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
- func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
- func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
- type AuthBackendLoginArgs
- type AuthBackendLoginArray
- type AuthBackendLoginArrayInput
- type AuthBackendLoginArrayOutput
- func (AuthBackendLoginArrayOutput) ElementType() reflect.Type
- func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput
- func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
- func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput
- type AuthBackendLoginInput
- type AuthBackendLoginMap
- type AuthBackendLoginMapInput
- type AuthBackendLoginMapOutput
- func (AuthBackendLoginMapOutput) ElementType() reflect.Type
- func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput
- func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
- func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput
- type AuthBackendLoginOutput
- func (AuthBackendLoginOutput) ElementType() reflect.Type
- func (o AuthBackendLoginOutput) ToAuthBackendLoginOutput() AuthBackendLoginOutput
- func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
- func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
- func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
- type AuthBackendLoginPtrInput
- type AuthBackendLoginPtrOutput
- func (o AuthBackendLoginPtrOutput) Elem() AuthBackendLoginOutput
- func (AuthBackendLoginPtrOutput) ElementType() reflect.Type
- func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
- func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
- type AuthBackendLoginState
- type AuthBackendRole
- func (*AuthBackendRole) ElementType() reflect.Type
- func (i *AuthBackendRole) ToAuthBackendRoleOutput() AuthBackendRoleOutput
- func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
- func (i *AuthBackendRole) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
- func (i *AuthBackendRole) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
- type AuthBackendRoleArgs
- type AuthBackendRoleArray
- type AuthBackendRoleArrayInput
- type AuthBackendRoleArrayOutput
- func (AuthBackendRoleArrayOutput) ElementType() reflect.Type
- func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput
- func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
- func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput
- type AuthBackendRoleInput
- type AuthBackendRoleMap
- type AuthBackendRoleMapInput
- type AuthBackendRoleMapOutput
- func (AuthBackendRoleMapOutput) ElementType() reflect.Type
- func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput
- func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
- func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput
- type AuthBackendRoleOutput
- func (AuthBackendRoleOutput) ElementType() reflect.Type
- func (o AuthBackendRoleOutput) ToAuthBackendRoleOutput() AuthBackendRoleOutput
- func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
- func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
- func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
- type AuthBackendRolePtrInput
- type AuthBackendRolePtrOutput
- func (o AuthBackendRolePtrOutput) Elem() AuthBackendRoleOutput
- func (AuthBackendRolePtrOutput) ElementType() reflect.Type
- func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
- func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
- type AuthBackendRoleState
- type AuthBackendRoleTag
- func (*AuthBackendRoleTag) ElementType() reflect.Type
- func (i *AuthBackendRoleTag) ToAuthBackendRoleTagOutput() AuthBackendRoleTagOutput
- func (i *AuthBackendRoleTag) ToAuthBackendRoleTagOutputWithContext(ctx context.Context) AuthBackendRoleTagOutput
- func (i *AuthBackendRoleTag) ToAuthBackendRoleTagPtrOutput() AuthBackendRoleTagPtrOutput
- func (i *AuthBackendRoleTag) ToAuthBackendRoleTagPtrOutputWithContext(ctx context.Context) AuthBackendRoleTagPtrOutput
- type AuthBackendRoleTagArgs
- type AuthBackendRoleTagArray
- type AuthBackendRoleTagArrayInput
- type AuthBackendRoleTagArrayOutput
- func (AuthBackendRoleTagArrayOutput) ElementType() reflect.Type
- func (o AuthBackendRoleTagArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleTagOutput
- func (o AuthBackendRoleTagArrayOutput) ToAuthBackendRoleTagArrayOutput() AuthBackendRoleTagArrayOutput
- func (o AuthBackendRoleTagArrayOutput) ToAuthBackendRoleTagArrayOutputWithContext(ctx context.Context) AuthBackendRoleTagArrayOutput
- type AuthBackendRoleTagInput
- type AuthBackendRoleTagMap
- type AuthBackendRoleTagMapInput
- type AuthBackendRoleTagMapOutput
- func (AuthBackendRoleTagMapOutput) ElementType() reflect.Type
- func (o AuthBackendRoleTagMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleTagOutput
- func (o AuthBackendRoleTagMapOutput) ToAuthBackendRoleTagMapOutput() AuthBackendRoleTagMapOutput
- func (o AuthBackendRoleTagMapOutput) ToAuthBackendRoleTagMapOutputWithContext(ctx context.Context) AuthBackendRoleTagMapOutput
- type AuthBackendRoleTagOutput
- func (AuthBackendRoleTagOutput) ElementType() reflect.Type
- func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagOutput() AuthBackendRoleTagOutput
- func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagOutputWithContext(ctx context.Context) AuthBackendRoleTagOutput
- func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagPtrOutput() AuthBackendRoleTagPtrOutput
- func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagPtrOutputWithContext(ctx context.Context) AuthBackendRoleTagPtrOutput
- type AuthBackendRoleTagPtrInput
- type AuthBackendRoleTagPtrOutput
- func (o AuthBackendRoleTagPtrOutput) Elem() AuthBackendRoleTagOutput
- func (AuthBackendRoleTagPtrOutput) ElementType() reflect.Type
- func (o AuthBackendRoleTagPtrOutput) ToAuthBackendRoleTagPtrOutput() AuthBackendRoleTagPtrOutput
- func (o AuthBackendRoleTagPtrOutput) ToAuthBackendRoleTagPtrOutputWithContext(ctx context.Context) AuthBackendRoleTagPtrOutput
- type AuthBackendRoleTagState
- type AuthBackendRoletagBlacklist
- func (*AuthBackendRoletagBlacklist) ElementType() reflect.Type
- func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistOutput() AuthBackendRoletagBlacklistOutput
- func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistOutput
- func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistPtrOutput() AuthBackendRoletagBlacklistPtrOutput
- func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistPtrOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistPtrOutput
- type AuthBackendRoletagBlacklistArgs
- type AuthBackendRoletagBlacklistArray
- func (AuthBackendRoletagBlacklistArray) ElementType() reflect.Type
- func (i AuthBackendRoletagBlacklistArray) ToAuthBackendRoletagBlacklistArrayOutput() AuthBackendRoletagBlacklistArrayOutput
- func (i AuthBackendRoletagBlacklistArray) ToAuthBackendRoletagBlacklistArrayOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistArrayOutput
- type AuthBackendRoletagBlacklistArrayInput
- type AuthBackendRoletagBlacklistArrayOutput
- func (AuthBackendRoletagBlacklistArrayOutput) ElementType() reflect.Type
- func (o AuthBackendRoletagBlacklistArrayOutput) Index(i pulumi.IntInput) AuthBackendRoletagBlacklistOutput
- func (o AuthBackendRoletagBlacklistArrayOutput) ToAuthBackendRoletagBlacklistArrayOutput() AuthBackendRoletagBlacklistArrayOutput
- func (o AuthBackendRoletagBlacklistArrayOutput) ToAuthBackendRoletagBlacklistArrayOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistArrayOutput
- type AuthBackendRoletagBlacklistInput
- type AuthBackendRoletagBlacklistMap
- func (AuthBackendRoletagBlacklistMap) ElementType() reflect.Type
- func (i AuthBackendRoletagBlacklistMap) ToAuthBackendRoletagBlacklistMapOutput() AuthBackendRoletagBlacklistMapOutput
- func (i AuthBackendRoletagBlacklistMap) ToAuthBackendRoletagBlacklistMapOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistMapOutput
- type AuthBackendRoletagBlacklistMapInput
- type AuthBackendRoletagBlacklistMapOutput
- func (AuthBackendRoletagBlacklistMapOutput) ElementType() reflect.Type
- func (o AuthBackendRoletagBlacklistMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoletagBlacklistOutput
- func (o AuthBackendRoletagBlacklistMapOutput) ToAuthBackendRoletagBlacklistMapOutput() AuthBackendRoletagBlacklistMapOutput
- func (o AuthBackendRoletagBlacklistMapOutput) ToAuthBackendRoletagBlacklistMapOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistMapOutput
- type AuthBackendRoletagBlacklistOutput
- func (AuthBackendRoletagBlacklistOutput) ElementType() reflect.Type
- func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistOutput() AuthBackendRoletagBlacklistOutput
- func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistOutput
- func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistPtrOutput() AuthBackendRoletagBlacklistPtrOutput
- func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistPtrOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistPtrOutput
- type AuthBackendRoletagBlacklistPtrInput
- type AuthBackendRoletagBlacklistPtrOutput
- func (o AuthBackendRoletagBlacklistPtrOutput) Elem() AuthBackendRoletagBlacklistOutput
- func (AuthBackendRoletagBlacklistPtrOutput) ElementType() reflect.Type
- func (o AuthBackendRoletagBlacklistPtrOutput) ToAuthBackendRoletagBlacklistPtrOutput() AuthBackendRoletagBlacklistPtrOutput
- func (o AuthBackendRoletagBlacklistPtrOutput) ToAuthBackendRoletagBlacklistPtrOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistPtrOutput
- type AuthBackendRoletagBlacklistState
- type AuthBackendStsRole
- func (*AuthBackendStsRole) ElementType() reflect.Type
- func (i *AuthBackendStsRole) ToAuthBackendStsRoleOutput() AuthBackendStsRoleOutput
- func (i *AuthBackendStsRole) ToAuthBackendStsRoleOutputWithContext(ctx context.Context) AuthBackendStsRoleOutput
- func (i *AuthBackendStsRole) ToAuthBackendStsRolePtrOutput() AuthBackendStsRolePtrOutput
- func (i *AuthBackendStsRole) ToAuthBackendStsRolePtrOutputWithContext(ctx context.Context) AuthBackendStsRolePtrOutput
- type AuthBackendStsRoleArgs
- type AuthBackendStsRoleArray
- type AuthBackendStsRoleArrayInput
- type AuthBackendStsRoleArrayOutput
- func (AuthBackendStsRoleArrayOutput) ElementType() reflect.Type
- func (o AuthBackendStsRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendStsRoleOutput
- func (o AuthBackendStsRoleArrayOutput) ToAuthBackendStsRoleArrayOutput() AuthBackendStsRoleArrayOutput
- func (o AuthBackendStsRoleArrayOutput) ToAuthBackendStsRoleArrayOutputWithContext(ctx context.Context) AuthBackendStsRoleArrayOutput
- type AuthBackendStsRoleInput
- type AuthBackendStsRoleMap
- type AuthBackendStsRoleMapInput
- type AuthBackendStsRoleMapOutput
- func (AuthBackendStsRoleMapOutput) ElementType() reflect.Type
- func (o AuthBackendStsRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendStsRoleOutput
- func (o AuthBackendStsRoleMapOutput) ToAuthBackendStsRoleMapOutput() AuthBackendStsRoleMapOutput
- func (o AuthBackendStsRoleMapOutput) ToAuthBackendStsRoleMapOutputWithContext(ctx context.Context) AuthBackendStsRoleMapOutput
- type AuthBackendStsRoleOutput
- func (AuthBackendStsRoleOutput) ElementType() reflect.Type
- func (o AuthBackendStsRoleOutput) ToAuthBackendStsRoleOutput() AuthBackendStsRoleOutput
- func (o AuthBackendStsRoleOutput) ToAuthBackendStsRoleOutputWithContext(ctx context.Context) AuthBackendStsRoleOutput
- func (o AuthBackendStsRoleOutput) ToAuthBackendStsRolePtrOutput() AuthBackendStsRolePtrOutput
- func (o AuthBackendStsRoleOutput) ToAuthBackendStsRolePtrOutputWithContext(ctx context.Context) AuthBackendStsRolePtrOutput
- type AuthBackendStsRolePtrInput
- type AuthBackendStsRolePtrOutput
- func (o AuthBackendStsRolePtrOutput) Elem() AuthBackendStsRoleOutput
- func (AuthBackendStsRolePtrOutput) ElementType() reflect.Type
- func (o AuthBackendStsRolePtrOutput) ToAuthBackendStsRolePtrOutput() AuthBackendStsRolePtrOutput
- func (o AuthBackendStsRolePtrOutput) ToAuthBackendStsRolePtrOutputWithContext(ctx context.Context) AuthBackendStsRolePtrOutput
- type AuthBackendStsRoleState
- type GetAccessCredentialsArgs
- type GetAccessCredentialsOutputArgs
- type GetAccessCredentialsResult
- type GetAccessCredentialsResultOutput
- func (o GetAccessCredentialsResultOutput) AccessKey() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) Backend() pulumi.StringOutput
- func (GetAccessCredentialsResultOutput) ElementType() reflect.Type
- func (o GetAccessCredentialsResultOutput) Id() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) LeaseDuration() pulumi.IntOutput
- func (o GetAccessCredentialsResultOutput) LeaseId() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) LeaseRenewable() pulumi.BoolOutput
- func (o GetAccessCredentialsResultOutput) LeaseStartTime() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) Region() pulumi.StringPtrOutput
- func (o GetAccessCredentialsResultOutput) Role() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) RoleArn() pulumi.StringPtrOutput
- func (o GetAccessCredentialsResultOutput) SecretKey() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) SecurityToken() pulumi.StringOutput
- func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutput() GetAccessCredentialsResultOutput
- func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWithContext(ctx context.Context) GetAccessCredentialsResultOutput
- func (o GetAccessCredentialsResultOutput) Ttl() pulumi.StringPtrOutput
- func (o GetAccessCredentialsResultOutput) Type() pulumi.StringPtrOutput
- type SecretBackend
- func (*SecretBackend) ElementType() reflect.Type
- func (i *SecretBackend) ToSecretBackendOutput() SecretBackendOutput
- func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
- func (i *SecretBackend) ToSecretBackendPtrOutput() SecretBackendPtrOutput
- func (i *SecretBackend) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
- type SecretBackendArgs
- type SecretBackendArray
- type SecretBackendArrayInput
- type SecretBackendArrayOutput
- func (SecretBackendArrayOutput) ElementType() reflect.Type
- func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput
- func (o SecretBackendArrayOutput) ToSecretBackendArrayOutput() SecretBackendArrayOutput
- func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
- type SecretBackendInput
- type SecretBackendMap
- type SecretBackendMapInput
- type SecretBackendMapOutput
- func (SecretBackendMapOutput) ElementType() reflect.Type
- func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput
- func (o SecretBackendMapOutput) ToSecretBackendMapOutput() SecretBackendMapOutput
- func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
- type SecretBackendOutput
- func (SecretBackendOutput) ElementType() reflect.Type
- func (o SecretBackendOutput) ToSecretBackendOutput() SecretBackendOutput
- func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
- func (o SecretBackendOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
- func (o SecretBackendOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
- type SecretBackendPtrInput
- type SecretBackendPtrOutput
- func (o SecretBackendPtrOutput) Elem() SecretBackendOutput
- func (SecretBackendPtrOutput) ElementType() reflect.Type
- func (o SecretBackendPtrOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
- func (o SecretBackendPtrOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
- type SecretBackendRole
- func (*SecretBackendRole) ElementType() reflect.Type
- func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput
- func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
- func (i *SecretBackendRole) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
- func (i *SecretBackendRole) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
- type SecretBackendRoleArgs
- type SecretBackendRoleArray
- type SecretBackendRoleArrayInput
- type SecretBackendRoleArrayOutput
- func (SecretBackendRoleArrayOutput) ElementType() reflect.Type
- func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput
- func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
- func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
- type SecretBackendRoleInput
- type SecretBackendRoleMap
- type SecretBackendRoleMapInput
- type SecretBackendRoleMapOutput
- func (SecretBackendRoleMapOutput) ElementType() reflect.Type
- func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput
- func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
- func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
- type SecretBackendRoleOutput
- func (SecretBackendRoleOutput) ElementType() reflect.Type
- func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
- type SecretBackendRolePtrInput
- type SecretBackendRolePtrOutput
- func (o SecretBackendRolePtrOutput) Elem() SecretBackendRoleOutput
- func (SecretBackendRolePtrOutput) ElementType() reflect.Type
- func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
- func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
- type SecretBackendRoleState
- type SecretBackendState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthBackendCert ¶
type AuthBackendCert struct { pulumi.CustomResourceState // The Base64 encoded AWS Public key required to // verify PKCS7 signature of the EC2 instance metadata. You can find this key in // the [AWS // documentation](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html). AwsPublicCert pulumi.StringOutput `pulumi:"awsPublicCert"` // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrOutput `pulumi:"backend"` // The name of the certificate. CertName pulumi.StringOutput `pulumi:"certName"` // Either "pkcs7" or "identity", indicating the type of // document which can be verified using the given certificate. Defaults to // "pkcs7". Type pulumi.StringPtrOutput `pulumi:"type"` }
## Import
AWS auth backend certificates can be imported using `auth/`, the `backend` path, `/config/certificate/`, and the `cert_name` e.g.
```sh
$ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
```
func GetAuthBackendCert ¶
func GetAuthBackendCert(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendCertState, opts ...pulumi.ResourceOption) (*AuthBackendCert, error)
GetAuthBackendCert gets an existing AuthBackendCert resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendCert ¶
func NewAuthBackendCert(ctx *pulumi.Context, name string, args *AuthBackendCertArgs, opts ...pulumi.ResourceOption) (*AuthBackendCert, error)
NewAuthBackendCert registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendCert) ElementType ¶
func (*AuthBackendCert) ElementType() reflect.Type
func (*AuthBackendCert) ToAuthBackendCertOutput ¶
func (i *AuthBackendCert) ToAuthBackendCertOutput() AuthBackendCertOutput
func (*AuthBackendCert) ToAuthBackendCertOutputWithContext ¶
func (i *AuthBackendCert) ToAuthBackendCertOutputWithContext(ctx context.Context) AuthBackendCertOutput
func (*AuthBackendCert) ToAuthBackendCertPtrOutput ¶
func (i *AuthBackendCert) ToAuthBackendCertPtrOutput() AuthBackendCertPtrOutput
func (*AuthBackendCert) ToAuthBackendCertPtrOutputWithContext ¶
func (i *AuthBackendCert) ToAuthBackendCertPtrOutputWithContext(ctx context.Context) AuthBackendCertPtrOutput
type AuthBackendCertArgs ¶
type AuthBackendCertArgs struct { // The Base64 encoded AWS Public key required to // verify PKCS7 signature of the EC2 instance metadata. You can find this key in // the [AWS // documentation](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html). AwsPublicCert pulumi.StringInput // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrInput // The name of the certificate. CertName pulumi.StringInput // Either "pkcs7" or "identity", indicating the type of // document which can be verified using the given certificate. Defaults to // "pkcs7". Type pulumi.StringPtrInput }
The set of arguments for constructing a AuthBackendCert resource.
func (AuthBackendCertArgs) ElementType ¶
func (AuthBackendCertArgs) ElementType() reflect.Type
type AuthBackendCertArray ¶
type AuthBackendCertArray []AuthBackendCertInput
func (AuthBackendCertArray) ElementType ¶
func (AuthBackendCertArray) ElementType() reflect.Type
func (AuthBackendCertArray) ToAuthBackendCertArrayOutput ¶
func (i AuthBackendCertArray) ToAuthBackendCertArrayOutput() AuthBackendCertArrayOutput
func (AuthBackendCertArray) ToAuthBackendCertArrayOutputWithContext ¶
func (i AuthBackendCertArray) ToAuthBackendCertArrayOutputWithContext(ctx context.Context) AuthBackendCertArrayOutput
type AuthBackendCertArrayInput ¶
type AuthBackendCertArrayInput interface { pulumi.Input ToAuthBackendCertArrayOutput() AuthBackendCertArrayOutput ToAuthBackendCertArrayOutputWithContext(context.Context) AuthBackendCertArrayOutput }
AuthBackendCertArrayInput is an input type that accepts AuthBackendCertArray and AuthBackendCertArrayOutput values. You can construct a concrete instance of `AuthBackendCertArrayInput` via:
AuthBackendCertArray{ AuthBackendCertArgs{...} }
type AuthBackendCertArrayOutput ¶
type AuthBackendCertArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendCertArrayOutput) ElementType ¶
func (AuthBackendCertArrayOutput) ElementType() reflect.Type
func (AuthBackendCertArrayOutput) Index ¶
func (o AuthBackendCertArrayOutput) Index(i pulumi.IntInput) AuthBackendCertOutput
func (AuthBackendCertArrayOutput) ToAuthBackendCertArrayOutput ¶
func (o AuthBackendCertArrayOutput) ToAuthBackendCertArrayOutput() AuthBackendCertArrayOutput
func (AuthBackendCertArrayOutput) ToAuthBackendCertArrayOutputWithContext ¶
func (o AuthBackendCertArrayOutput) ToAuthBackendCertArrayOutputWithContext(ctx context.Context) AuthBackendCertArrayOutput
type AuthBackendCertInput ¶
type AuthBackendCertInput interface { pulumi.Input ToAuthBackendCertOutput() AuthBackendCertOutput ToAuthBackendCertOutputWithContext(ctx context.Context) AuthBackendCertOutput }
type AuthBackendCertMap ¶
type AuthBackendCertMap map[string]AuthBackendCertInput
func (AuthBackendCertMap) ElementType ¶
func (AuthBackendCertMap) ElementType() reflect.Type
func (AuthBackendCertMap) ToAuthBackendCertMapOutput ¶
func (i AuthBackendCertMap) ToAuthBackendCertMapOutput() AuthBackendCertMapOutput
func (AuthBackendCertMap) ToAuthBackendCertMapOutputWithContext ¶
func (i AuthBackendCertMap) ToAuthBackendCertMapOutputWithContext(ctx context.Context) AuthBackendCertMapOutput
type AuthBackendCertMapInput ¶
type AuthBackendCertMapInput interface { pulumi.Input ToAuthBackendCertMapOutput() AuthBackendCertMapOutput ToAuthBackendCertMapOutputWithContext(context.Context) AuthBackendCertMapOutput }
AuthBackendCertMapInput is an input type that accepts AuthBackendCertMap and AuthBackendCertMapOutput values. You can construct a concrete instance of `AuthBackendCertMapInput` via:
AuthBackendCertMap{ "key": AuthBackendCertArgs{...} }
type AuthBackendCertMapOutput ¶
type AuthBackendCertMapOutput struct{ *pulumi.OutputState }
func (AuthBackendCertMapOutput) ElementType ¶
func (AuthBackendCertMapOutput) ElementType() reflect.Type
func (AuthBackendCertMapOutput) MapIndex ¶
func (o AuthBackendCertMapOutput) MapIndex(k pulumi.StringInput) AuthBackendCertOutput
func (AuthBackendCertMapOutput) ToAuthBackendCertMapOutput ¶
func (o AuthBackendCertMapOutput) ToAuthBackendCertMapOutput() AuthBackendCertMapOutput
func (AuthBackendCertMapOutput) ToAuthBackendCertMapOutputWithContext ¶
func (o AuthBackendCertMapOutput) ToAuthBackendCertMapOutputWithContext(ctx context.Context) AuthBackendCertMapOutput
type AuthBackendCertOutput ¶
type AuthBackendCertOutput struct{ *pulumi.OutputState }
func (AuthBackendCertOutput) ElementType ¶
func (AuthBackendCertOutput) ElementType() reflect.Type
func (AuthBackendCertOutput) ToAuthBackendCertOutput ¶
func (o AuthBackendCertOutput) ToAuthBackendCertOutput() AuthBackendCertOutput
func (AuthBackendCertOutput) ToAuthBackendCertOutputWithContext ¶
func (o AuthBackendCertOutput) ToAuthBackendCertOutputWithContext(ctx context.Context) AuthBackendCertOutput
func (AuthBackendCertOutput) ToAuthBackendCertPtrOutput ¶
func (o AuthBackendCertOutput) ToAuthBackendCertPtrOutput() AuthBackendCertPtrOutput
func (AuthBackendCertOutput) ToAuthBackendCertPtrOutputWithContext ¶
func (o AuthBackendCertOutput) ToAuthBackendCertPtrOutputWithContext(ctx context.Context) AuthBackendCertPtrOutput
type AuthBackendCertPtrInput ¶
type AuthBackendCertPtrInput interface { pulumi.Input ToAuthBackendCertPtrOutput() AuthBackendCertPtrOutput ToAuthBackendCertPtrOutputWithContext(ctx context.Context) AuthBackendCertPtrOutput }
type AuthBackendCertPtrOutput ¶
type AuthBackendCertPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendCertPtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendCertPtrOutput) Elem() AuthBackendCertOutput
func (AuthBackendCertPtrOutput) ElementType ¶
func (AuthBackendCertPtrOutput) ElementType() reflect.Type
func (AuthBackendCertPtrOutput) ToAuthBackendCertPtrOutput ¶
func (o AuthBackendCertPtrOutput) ToAuthBackendCertPtrOutput() AuthBackendCertPtrOutput
func (AuthBackendCertPtrOutput) ToAuthBackendCertPtrOutputWithContext ¶
func (o AuthBackendCertPtrOutput) ToAuthBackendCertPtrOutputWithContext(ctx context.Context) AuthBackendCertPtrOutput
type AuthBackendCertState ¶
type AuthBackendCertState struct { // The Base64 encoded AWS Public key required to // verify PKCS7 signature of the EC2 instance metadata. You can find this key in // the [AWS // documentation](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html). AwsPublicCert pulumi.StringPtrInput // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrInput // The name of the certificate. CertName pulumi.StringPtrInput // Either "pkcs7" or "identity", indicating the type of // document which can be verified using the given certificate. Defaults to // "pkcs7". Type pulumi.StringPtrInput }
func (AuthBackendCertState) ElementType ¶
func (AuthBackendCertState) ElementType() reflect.Type
type AuthBackendClient ¶
type AuthBackendClient struct { pulumi.CustomResourceState // The AWS access key that Vault should use for the // auth backend. AccessKey pulumi.StringPtrOutput `pulumi:"accessKey"` // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrOutput `pulumi:"backend"` // Override the URL Vault uses when making EC2 API // calls. Ec2Endpoint pulumi.StringPtrOutput `pulumi:"ec2Endpoint"` // Override the URL Vault uses when making IAM API // calls. IamEndpoint pulumi.StringPtrOutput `pulumi:"iamEndpoint"` // The value to require in the // `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests // that are used in the IAM auth method. IamServerIdHeaderValue pulumi.StringPtrOutput `pulumi:"iamServerIdHeaderValue"` // The AWS secret key that Vault should use for the // auth backend. SecretKey pulumi.StringPtrOutput `pulumi:"secretKey"` // Override the URL Vault uses when making STS API // calls. StsEndpoint pulumi.StringPtrOutput `pulumi:"stsEndpoint"` // Override the default region when making STS API // calls. The `stsEndpoint` argument must be set when using `stsRegion`. StsRegion pulumi.StringPtrOutput `pulumi:"stsRegion"` }
## Import
AWS auth backend clients can be imported using `auth/`, the `backend` path, and `/config/client` e.g.
```sh
$ pulumi import vault:aws/authBackendClient:AuthBackendClient example auth/aws/config/client
```
func GetAuthBackendClient ¶
func GetAuthBackendClient(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendClientState, opts ...pulumi.ResourceOption) (*AuthBackendClient, error)
GetAuthBackendClient gets an existing AuthBackendClient resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendClient ¶
func NewAuthBackendClient(ctx *pulumi.Context, name string, args *AuthBackendClientArgs, opts ...pulumi.ResourceOption) (*AuthBackendClient, error)
NewAuthBackendClient registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendClient) ElementType ¶
func (*AuthBackendClient) ElementType() reflect.Type
func (*AuthBackendClient) ToAuthBackendClientOutput ¶
func (i *AuthBackendClient) ToAuthBackendClientOutput() AuthBackendClientOutput
func (*AuthBackendClient) ToAuthBackendClientOutputWithContext ¶
func (i *AuthBackendClient) ToAuthBackendClientOutputWithContext(ctx context.Context) AuthBackendClientOutput
func (*AuthBackendClient) ToAuthBackendClientPtrOutput ¶
func (i *AuthBackendClient) ToAuthBackendClientPtrOutput() AuthBackendClientPtrOutput
func (*AuthBackendClient) ToAuthBackendClientPtrOutputWithContext ¶
func (i *AuthBackendClient) ToAuthBackendClientPtrOutputWithContext(ctx context.Context) AuthBackendClientPtrOutput
type AuthBackendClientArgs ¶
type AuthBackendClientArgs struct { // The AWS access key that Vault should use for the // auth backend. AccessKey pulumi.StringPtrInput // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrInput // Override the URL Vault uses when making EC2 API // calls. Ec2Endpoint pulumi.StringPtrInput // Override the URL Vault uses when making IAM API // calls. IamEndpoint pulumi.StringPtrInput // The value to require in the // `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests // that are used in the IAM auth method. IamServerIdHeaderValue pulumi.StringPtrInput // The AWS secret key that Vault should use for the // auth backend. SecretKey pulumi.StringPtrInput // Override the URL Vault uses when making STS API // calls. StsEndpoint pulumi.StringPtrInput // Override the default region when making STS API // calls. The `stsEndpoint` argument must be set when using `stsRegion`. StsRegion pulumi.StringPtrInput }
The set of arguments for constructing a AuthBackendClient resource.
func (AuthBackendClientArgs) ElementType ¶
func (AuthBackendClientArgs) ElementType() reflect.Type
type AuthBackendClientArray ¶
type AuthBackendClientArray []AuthBackendClientInput
func (AuthBackendClientArray) ElementType ¶
func (AuthBackendClientArray) ElementType() reflect.Type
func (AuthBackendClientArray) ToAuthBackendClientArrayOutput ¶
func (i AuthBackendClientArray) ToAuthBackendClientArrayOutput() AuthBackendClientArrayOutput
func (AuthBackendClientArray) ToAuthBackendClientArrayOutputWithContext ¶
func (i AuthBackendClientArray) ToAuthBackendClientArrayOutputWithContext(ctx context.Context) AuthBackendClientArrayOutput
type AuthBackendClientArrayInput ¶
type AuthBackendClientArrayInput interface { pulumi.Input ToAuthBackendClientArrayOutput() AuthBackendClientArrayOutput ToAuthBackendClientArrayOutputWithContext(context.Context) AuthBackendClientArrayOutput }
AuthBackendClientArrayInput is an input type that accepts AuthBackendClientArray and AuthBackendClientArrayOutput values. You can construct a concrete instance of `AuthBackendClientArrayInput` via:
AuthBackendClientArray{ AuthBackendClientArgs{...} }
type AuthBackendClientArrayOutput ¶
type AuthBackendClientArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendClientArrayOutput) ElementType ¶
func (AuthBackendClientArrayOutput) ElementType() reflect.Type
func (AuthBackendClientArrayOutput) Index ¶
func (o AuthBackendClientArrayOutput) Index(i pulumi.IntInput) AuthBackendClientOutput
func (AuthBackendClientArrayOutput) ToAuthBackendClientArrayOutput ¶
func (o AuthBackendClientArrayOutput) ToAuthBackendClientArrayOutput() AuthBackendClientArrayOutput
func (AuthBackendClientArrayOutput) ToAuthBackendClientArrayOutputWithContext ¶
func (o AuthBackendClientArrayOutput) ToAuthBackendClientArrayOutputWithContext(ctx context.Context) AuthBackendClientArrayOutput
type AuthBackendClientInput ¶
type AuthBackendClientInput interface { pulumi.Input ToAuthBackendClientOutput() AuthBackendClientOutput ToAuthBackendClientOutputWithContext(ctx context.Context) AuthBackendClientOutput }
type AuthBackendClientMap ¶
type AuthBackendClientMap map[string]AuthBackendClientInput
func (AuthBackendClientMap) ElementType ¶
func (AuthBackendClientMap) ElementType() reflect.Type
func (AuthBackendClientMap) ToAuthBackendClientMapOutput ¶
func (i AuthBackendClientMap) ToAuthBackendClientMapOutput() AuthBackendClientMapOutput
func (AuthBackendClientMap) ToAuthBackendClientMapOutputWithContext ¶
func (i AuthBackendClientMap) ToAuthBackendClientMapOutputWithContext(ctx context.Context) AuthBackendClientMapOutput
type AuthBackendClientMapInput ¶
type AuthBackendClientMapInput interface { pulumi.Input ToAuthBackendClientMapOutput() AuthBackendClientMapOutput ToAuthBackendClientMapOutputWithContext(context.Context) AuthBackendClientMapOutput }
AuthBackendClientMapInput is an input type that accepts AuthBackendClientMap and AuthBackendClientMapOutput values. You can construct a concrete instance of `AuthBackendClientMapInput` via:
AuthBackendClientMap{ "key": AuthBackendClientArgs{...} }
type AuthBackendClientMapOutput ¶
type AuthBackendClientMapOutput struct{ *pulumi.OutputState }
func (AuthBackendClientMapOutput) ElementType ¶
func (AuthBackendClientMapOutput) ElementType() reflect.Type
func (AuthBackendClientMapOutput) MapIndex ¶
func (o AuthBackendClientMapOutput) MapIndex(k pulumi.StringInput) AuthBackendClientOutput
func (AuthBackendClientMapOutput) ToAuthBackendClientMapOutput ¶
func (o AuthBackendClientMapOutput) ToAuthBackendClientMapOutput() AuthBackendClientMapOutput
func (AuthBackendClientMapOutput) ToAuthBackendClientMapOutputWithContext ¶
func (o AuthBackendClientMapOutput) ToAuthBackendClientMapOutputWithContext(ctx context.Context) AuthBackendClientMapOutput
type AuthBackendClientOutput ¶
type AuthBackendClientOutput struct{ *pulumi.OutputState }
func (AuthBackendClientOutput) ElementType ¶
func (AuthBackendClientOutput) ElementType() reflect.Type
func (AuthBackendClientOutput) ToAuthBackendClientOutput ¶
func (o AuthBackendClientOutput) ToAuthBackendClientOutput() AuthBackendClientOutput
func (AuthBackendClientOutput) ToAuthBackendClientOutputWithContext ¶
func (o AuthBackendClientOutput) ToAuthBackendClientOutputWithContext(ctx context.Context) AuthBackendClientOutput
func (AuthBackendClientOutput) ToAuthBackendClientPtrOutput ¶
func (o AuthBackendClientOutput) ToAuthBackendClientPtrOutput() AuthBackendClientPtrOutput
func (AuthBackendClientOutput) ToAuthBackendClientPtrOutputWithContext ¶
func (o AuthBackendClientOutput) ToAuthBackendClientPtrOutputWithContext(ctx context.Context) AuthBackendClientPtrOutput
type AuthBackendClientPtrInput ¶
type AuthBackendClientPtrInput interface { pulumi.Input ToAuthBackendClientPtrOutput() AuthBackendClientPtrOutput ToAuthBackendClientPtrOutputWithContext(ctx context.Context) AuthBackendClientPtrOutput }
type AuthBackendClientPtrOutput ¶
type AuthBackendClientPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendClientPtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendClientPtrOutput) Elem() AuthBackendClientOutput
func (AuthBackendClientPtrOutput) ElementType ¶
func (AuthBackendClientPtrOutput) ElementType() reflect.Type
func (AuthBackendClientPtrOutput) ToAuthBackendClientPtrOutput ¶
func (o AuthBackendClientPtrOutput) ToAuthBackendClientPtrOutput() AuthBackendClientPtrOutput
func (AuthBackendClientPtrOutput) ToAuthBackendClientPtrOutputWithContext ¶
func (o AuthBackendClientPtrOutput) ToAuthBackendClientPtrOutputWithContext(ctx context.Context) AuthBackendClientPtrOutput
type AuthBackendClientState ¶
type AuthBackendClientState struct { // The AWS access key that Vault should use for the // auth backend. AccessKey pulumi.StringPtrInput // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrInput // Override the URL Vault uses when making EC2 API // calls. Ec2Endpoint pulumi.StringPtrInput // Override the URL Vault uses when making IAM API // calls. IamEndpoint pulumi.StringPtrInput // The value to require in the // `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests // that are used in the IAM auth method. IamServerIdHeaderValue pulumi.StringPtrInput // The AWS secret key that Vault should use for the // auth backend. SecretKey pulumi.StringPtrInput // Override the URL Vault uses when making STS API // calls. StsEndpoint pulumi.StringPtrInput // Override the default region when making STS API // calls. The `stsEndpoint` argument must be set when using `stsRegion`. StsRegion pulumi.StringPtrInput }
func (AuthBackendClientState) ElementType ¶
func (AuthBackendClientState) ElementType() reflect.Type
type AuthBackendIdentityWhitelist ¶
type AuthBackendIdentityWhitelist struct { pulumi.CustomResourceState // The path of the AWS backend being configured. Backend pulumi.StringPtrOutput `pulumi:"backend"` // If set to true, disables the periodic // tidying of the identity-whitelist entries. DisablePeriodicTidy pulumi.BoolPtrOutput `pulumi:"disablePeriodicTidy"` // The amount of extra time, in minutes, that must // have passed beyond the roletag expiration, before it is removed from the // backend storage. SafetyBuffer pulumi.IntPtrOutput `pulumi:"safetyBuffer"` }
Configures the periodic tidying operation of the whitelisted identity entries.
For more information, see the [Vault docs](https://www.vaultproject.io/api-docs/auth/aws#configure-identity-whitelist-tidy-operation).
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/aws" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleAuthBackend, err := vault.NewAuthBackend(ctx, "exampleAuthBackend", &vault.AuthBackendArgs{ Type: pulumi.String("aws"), }) if err != nil { return err } _, err = aws.NewAuthBackendIdentityWhitelist(ctx, "exampleAuthBackendIdentityWhitelist", &aws.AuthBackendIdentityWhitelistArgs{ Backend: exampleAuthBackend.Path, SafetyBuffer: pulumi.Int(3600), }) if err != nil { return err } return nil }) }
```
## Import
AWS auth backend identity whitelists can be imported using `auth/`, the `backend` path, and `/config/tidy/identity-whitelist` e.g.
```sh
$ pulumi import vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist example auth/aws/config/tidy/identity-whitelist
```
func GetAuthBackendIdentityWhitelist ¶
func GetAuthBackendIdentityWhitelist(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendIdentityWhitelistState, opts ...pulumi.ResourceOption) (*AuthBackendIdentityWhitelist, error)
GetAuthBackendIdentityWhitelist gets an existing AuthBackendIdentityWhitelist resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendIdentityWhitelist ¶
func NewAuthBackendIdentityWhitelist(ctx *pulumi.Context, name string, args *AuthBackendIdentityWhitelistArgs, opts ...pulumi.ResourceOption) (*AuthBackendIdentityWhitelist, error)
NewAuthBackendIdentityWhitelist registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendIdentityWhitelist) ElementType ¶
func (*AuthBackendIdentityWhitelist) ElementType() reflect.Type
func (*AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistOutput ¶
func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistOutput() AuthBackendIdentityWhitelistOutput
func (*AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistOutputWithContext ¶
func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistOutput
func (*AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistPtrOutput ¶
func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistPtrOutput() AuthBackendIdentityWhitelistPtrOutput
func (*AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistPtrOutputWithContext ¶
func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistPtrOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistPtrOutput
type AuthBackendIdentityWhitelistArgs ¶
type AuthBackendIdentityWhitelistArgs struct { // The path of the AWS backend being configured. Backend pulumi.StringPtrInput // If set to true, disables the periodic // tidying of the identity-whitelist entries. DisablePeriodicTidy pulumi.BoolPtrInput // The amount of extra time, in minutes, that must // have passed beyond the roletag expiration, before it is removed from the // backend storage. SafetyBuffer pulumi.IntPtrInput }
The set of arguments for constructing a AuthBackendIdentityWhitelist resource.
func (AuthBackendIdentityWhitelistArgs) ElementType ¶
func (AuthBackendIdentityWhitelistArgs) ElementType() reflect.Type
type AuthBackendIdentityWhitelistArray ¶
type AuthBackendIdentityWhitelistArray []AuthBackendIdentityWhitelistInput
func (AuthBackendIdentityWhitelistArray) ElementType ¶
func (AuthBackendIdentityWhitelistArray) ElementType() reflect.Type
func (AuthBackendIdentityWhitelistArray) ToAuthBackendIdentityWhitelistArrayOutput ¶
func (i AuthBackendIdentityWhitelistArray) ToAuthBackendIdentityWhitelistArrayOutput() AuthBackendIdentityWhitelistArrayOutput
func (AuthBackendIdentityWhitelistArray) ToAuthBackendIdentityWhitelistArrayOutputWithContext ¶
func (i AuthBackendIdentityWhitelistArray) ToAuthBackendIdentityWhitelistArrayOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistArrayOutput
type AuthBackendIdentityWhitelistArrayInput ¶
type AuthBackendIdentityWhitelistArrayInput interface { pulumi.Input ToAuthBackendIdentityWhitelistArrayOutput() AuthBackendIdentityWhitelistArrayOutput ToAuthBackendIdentityWhitelistArrayOutputWithContext(context.Context) AuthBackendIdentityWhitelistArrayOutput }
AuthBackendIdentityWhitelistArrayInput is an input type that accepts AuthBackendIdentityWhitelistArray and AuthBackendIdentityWhitelistArrayOutput values. You can construct a concrete instance of `AuthBackendIdentityWhitelistArrayInput` via:
AuthBackendIdentityWhitelistArray{ AuthBackendIdentityWhitelistArgs{...} }
type AuthBackendIdentityWhitelistArrayOutput ¶
type AuthBackendIdentityWhitelistArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendIdentityWhitelistArrayOutput) ElementType ¶
func (AuthBackendIdentityWhitelistArrayOutput) ElementType() reflect.Type
func (AuthBackendIdentityWhitelistArrayOutput) ToAuthBackendIdentityWhitelistArrayOutput ¶
func (o AuthBackendIdentityWhitelistArrayOutput) ToAuthBackendIdentityWhitelistArrayOutput() AuthBackendIdentityWhitelistArrayOutput
func (AuthBackendIdentityWhitelistArrayOutput) ToAuthBackendIdentityWhitelistArrayOutputWithContext ¶
func (o AuthBackendIdentityWhitelistArrayOutput) ToAuthBackendIdentityWhitelistArrayOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistArrayOutput
type AuthBackendIdentityWhitelistInput ¶
type AuthBackendIdentityWhitelistInput interface { pulumi.Input ToAuthBackendIdentityWhitelistOutput() AuthBackendIdentityWhitelistOutput ToAuthBackendIdentityWhitelistOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistOutput }
type AuthBackendIdentityWhitelistMap ¶
type AuthBackendIdentityWhitelistMap map[string]AuthBackendIdentityWhitelistInput
func (AuthBackendIdentityWhitelistMap) ElementType ¶
func (AuthBackendIdentityWhitelistMap) ElementType() reflect.Type
func (AuthBackendIdentityWhitelistMap) ToAuthBackendIdentityWhitelistMapOutput ¶
func (i AuthBackendIdentityWhitelistMap) ToAuthBackendIdentityWhitelistMapOutput() AuthBackendIdentityWhitelistMapOutput
func (AuthBackendIdentityWhitelistMap) ToAuthBackendIdentityWhitelistMapOutputWithContext ¶
func (i AuthBackendIdentityWhitelistMap) ToAuthBackendIdentityWhitelistMapOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistMapOutput
type AuthBackendIdentityWhitelistMapInput ¶
type AuthBackendIdentityWhitelistMapInput interface { pulumi.Input ToAuthBackendIdentityWhitelistMapOutput() AuthBackendIdentityWhitelistMapOutput ToAuthBackendIdentityWhitelistMapOutputWithContext(context.Context) AuthBackendIdentityWhitelistMapOutput }
AuthBackendIdentityWhitelistMapInput is an input type that accepts AuthBackendIdentityWhitelistMap and AuthBackendIdentityWhitelistMapOutput values. You can construct a concrete instance of `AuthBackendIdentityWhitelistMapInput` via:
AuthBackendIdentityWhitelistMap{ "key": AuthBackendIdentityWhitelistArgs{...} }
type AuthBackendIdentityWhitelistMapOutput ¶
type AuthBackendIdentityWhitelistMapOutput struct{ *pulumi.OutputState }
func (AuthBackendIdentityWhitelistMapOutput) ElementType ¶
func (AuthBackendIdentityWhitelistMapOutput) ElementType() reflect.Type
func (AuthBackendIdentityWhitelistMapOutput) MapIndex ¶
func (o AuthBackendIdentityWhitelistMapOutput) MapIndex(k pulumi.StringInput) AuthBackendIdentityWhitelistOutput
func (AuthBackendIdentityWhitelistMapOutput) ToAuthBackendIdentityWhitelistMapOutput ¶
func (o AuthBackendIdentityWhitelistMapOutput) ToAuthBackendIdentityWhitelistMapOutput() AuthBackendIdentityWhitelistMapOutput
func (AuthBackendIdentityWhitelistMapOutput) ToAuthBackendIdentityWhitelistMapOutputWithContext ¶
func (o AuthBackendIdentityWhitelistMapOutput) ToAuthBackendIdentityWhitelistMapOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistMapOutput
type AuthBackendIdentityWhitelistOutput ¶
type AuthBackendIdentityWhitelistOutput struct{ *pulumi.OutputState }
func (AuthBackendIdentityWhitelistOutput) ElementType ¶
func (AuthBackendIdentityWhitelistOutput) ElementType() reflect.Type
func (AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistOutput ¶
func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistOutput() AuthBackendIdentityWhitelistOutput
func (AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistOutputWithContext ¶
func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistOutput
func (AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistPtrOutput ¶
func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistPtrOutput() AuthBackendIdentityWhitelistPtrOutput
func (AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistPtrOutputWithContext ¶
func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistPtrOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistPtrOutput
type AuthBackendIdentityWhitelistPtrInput ¶
type AuthBackendIdentityWhitelistPtrInput interface { pulumi.Input ToAuthBackendIdentityWhitelistPtrOutput() AuthBackendIdentityWhitelistPtrOutput ToAuthBackendIdentityWhitelistPtrOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistPtrOutput }
type AuthBackendIdentityWhitelistPtrOutput ¶
type AuthBackendIdentityWhitelistPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendIdentityWhitelistPtrOutput) ElementType ¶
func (AuthBackendIdentityWhitelistPtrOutput) ElementType() reflect.Type
func (AuthBackendIdentityWhitelistPtrOutput) ToAuthBackendIdentityWhitelistPtrOutput ¶
func (o AuthBackendIdentityWhitelistPtrOutput) ToAuthBackendIdentityWhitelistPtrOutput() AuthBackendIdentityWhitelistPtrOutput
func (AuthBackendIdentityWhitelistPtrOutput) ToAuthBackendIdentityWhitelistPtrOutputWithContext ¶
func (o AuthBackendIdentityWhitelistPtrOutput) ToAuthBackendIdentityWhitelistPtrOutputWithContext(ctx context.Context) AuthBackendIdentityWhitelistPtrOutput
type AuthBackendIdentityWhitelistState ¶
type AuthBackendIdentityWhitelistState struct { // The path of the AWS backend being configured. Backend pulumi.StringPtrInput // If set to true, disables the periodic // tidying of the identity-whitelist entries. DisablePeriodicTidy pulumi.BoolPtrInput // The amount of extra time, in minutes, that must // have passed beyond the roletag expiration, before it is removed from the // backend storage. SafetyBuffer pulumi.IntPtrInput }
func (AuthBackendIdentityWhitelistState) ElementType ¶
func (AuthBackendIdentityWhitelistState) ElementType() reflect.Type
type AuthBackendLogin ¶
type AuthBackendLogin struct { pulumi.CustomResourceState // The token's accessor. Accessor pulumi.StringOutput `pulumi:"accessor"` // The authentication type used to generate this token. AuthType pulumi.StringOutput `pulumi:"authType"` // The unique name of the AWS auth backend. Defaults to // 'aws'. Backend pulumi.StringPtrOutput `pulumi:"backend"` // The token returned by Vault. ClientToken pulumi.StringOutput `pulumi:"clientToken"` // The HTTP method used in the signed IAM // request. IamHttpRequestMethod pulumi.StringPtrOutput `pulumi:"iamHttpRequestMethod"` // The base64-encoded body of the signed // request. IamRequestBody pulumi.StringPtrOutput `pulumi:"iamRequestBody"` // The base64-encoded, JSON serialized // representation of the GetCallerIdentity HTTP request headers. IamRequestHeaders pulumi.StringPtrOutput `pulumi:"iamRequestHeaders"` // The base64-encoded HTTP URL used in the signed // request. IamRequestUrl pulumi.StringPtrOutput `pulumi:"iamRequestUrl"` // The base64-encoded EC2 instance identity document to // authenticate with. Can be retrieved from the EC2 metadata server. Identity pulumi.StringPtrOutput `pulumi:"identity"` // The duration in seconds the token will be valid, relative // to the time in `leaseStartTime`. LeaseDuration pulumi.IntOutput `pulumi:"leaseDuration"` // Time at which the lease was read, using the clock of the system where Terraform was running LeaseStartTime pulumi.StringOutput `pulumi:"leaseStartTime"` // A map of information returned by the Vault server about the // authentication used to generate this token. Metadata pulumi.MapOutput `pulumi:"metadata"` // The unique nonce to be used for login requests. Can be // set to a user-specified value, or will contain the server-generated value // once a token is issued. EC2 instances can only acquire a single token until // the whitelist is tidied again unless they keep track of this nonce. Nonce pulumi.StringOutput `pulumi:"nonce"` // The PKCS#7 signature of the identity document to // authenticate with, with all newline characters removed. Can be retrieved from // the EC2 metadata server. Pkcs7 pulumi.StringPtrOutput `pulumi:"pkcs7"` // The Vault policies assigned to this token. Policies pulumi.StringArrayOutput `pulumi:"policies"` // Set to true if the token can be extended through renewal. Renewable pulumi.BoolOutput `pulumi:"renewable"` // The name of the AWS auth backend role to create tokens // against. Role pulumi.StringOutput `pulumi:"role"` // The base64-encoded SHA256 RSA signature of the // instance identity document to authenticate with, with all newline characters // removed. Can be retrieved from the EC2 metadata server. Signature pulumi.StringPtrOutput `pulumi:"signature"` }
Logs into a Vault server using an AWS auth backend. Login can be accomplished using a signed identity request from IAM or using ec2 instance metadata. For more information, see the [Vault documentation](https://www.vaultproject.io/docs/auth/aws.html).
func GetAuthBackendLogin ¶
func GetAuthBackendLogin(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendLoginState, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)
GetAuthBackendLogin gets an existing AuthBackendLogin resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendLogin ¶
func NewAuthBackendLogin(ctx *pulumi.Context, name string, args *AuthBackendLoginArgs, opts ...pulumi.ResourceOption) (*AuthBackendLogin, error)
NewAuthBackendLogin registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendLogin) ElementType ¶
func (*AuthBackendLogin) ElementType() reflect.Type
func (*AuthBackendLogin) ToAuthBackendLoginOutput ¶
func (i *AuthBackendLogin) ToAuthBackendLoginOutput() AuthBackendLoginOutput
func (*AuthBackendLogin) ToAuthBackendLoginOutputWithContext ¶
func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
func (*AuthBackendLogin) ToAuthBackendLoginPtrOutput ¶
func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
func (*AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext ¶
func (i *AuthBackendLogin) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
type AuthBackendLoginArgs ¶
type AuthBackendLoginArgs struct { // The unique name of the AWS auth backend. Defaults to // 'aws'. Backend pulumi.StringPtrInput // The HTTP method used in the signed IAM // request. IamHttpRequestMethod pulumi.StringPtrInput // The base64-encoded body of the signed // request. IamRequestBody pulumi.StringPtrInput // The base64-encoded, JSON serialized // representation of the GetCallerIdentity HTTP request headers. IamRequestHeaders pulumi.StringPtrInput // The base64-encoded HTTP URL used in the signed // request. IamRequestUrl pulumi.StringPtrInput // The base64-encoded EC2 instance identity document to // authenticate with. Can be retrieved from the EC2 metadata server. Identity pulumi.StringPtrInput // The unique nonce to be used for login requests. Can be // set to a user-specified value, or will contain the server-generated value // once a token is issued. EC2 instances can only acquire a single token until // the whitelist is tidied again unless they keep track of this nonce. Nonce pulumi.StringPtrInput // The PKCS#7 signature of the identity document to // authenticate with, with all newline characters removed. Can be retrieved from // the EC2 metadata server. Pkcs7 pulumi.StringPtrInput // The name of the AWS auth backend role to create tokens // against. Role pulumi.StringPtrInput // The base64-encoded SHA256 RSA signature of the // instance identity document to authenticate with, with all newline characters // removed. Can be retrieved from the EC2 metadata server. Signature pulumi.StringPtrInput }
The set of arguments for constructing a AuthBackendLogin resource.
func (AuthBackendLoginArgs) ElementType ¶
func (AuthBackendLoginArgs) ElementType() reflect.Type
type AuthBackendLoginArray ¶
type AuthBackendLoginArray []AuthBackendLoginInput
func (AuthBackendLoginArray) ElementType ¶
func (AuthBackendLoginArray) ElementType() reflect.Type
func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutput ¶
func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
func (AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext ¶
func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput
type AuthBackendLoginArrayInput ¶
type AuthBackendLoginArrayInput interface { pulumi.Input ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput ToAuthBackendLoginArrayOutputWithContext(context.Context) AuthBackendLoginArrayOutput }
AuthBackendLoginArrayInput is an input type that accepts AuthBackendLoginArray and AuthBackendLoginArrayOutput values. You can construct a concrete instance of `AuthBackendLoginArrayInput` via:
AuthBackendLoginArray{ AuthBackendLoginArgs{...} }
type AuthBackendLoginArrayOutput ¶
type AuthBackendLoginArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginArrayOutput) ElementType ¶
func (AuthBackendLoginArrayOutput) ElementType() reflect.Type
func (AuthBackendLoginArrayOutput) Index ¶
func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput
func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput ¶
func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutput() AuthBackendLoginArrayOutput
func (AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext ¶
func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ctx context.Context) AuthBackendLoginArrayOutput
type AuthBackendLoginInput ¶
type AuthBackendLoginInput interface { pulumi.Input ToAuthBackendLoginOutput() AuthBackendLoginOutput ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput }
type AuthBackendLoginMap ¶
type AuthBackendLoginMap map[string]AuthBackendLoginInput
func (AuthBackendLoginMap) ElementType ¶
func (AuthBackendLoginMap) ElementType() reflect.Type
func (AuthBackendLoginMap) ToAuthBackendLoginMapOutput ¶
func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
func (AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext ¶
func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput
type AuthBackendLoginMapInput ¶
type AuthBackendLoginMapInput interface { pulumi.Input ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput ToAuthBackendLoginMapOutputWithContext(context.Context) AuthBackendLoginMapOutput }
AuthBackendLoginMapInput is an input type that accepts AuthBackendLoginMap and AuthBackendLoginMapOutput values. You can construct a concrete instance of `AuthBackendLoginMapInput` via:
AuthBackendLoginMap{ "key": AuthBackendLoginArgs{...} }
type AuthBackendLoginMapOutput ¶
type AuthBackendLoginMapOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginMapOutput) ElementType ¶
func (AuthBackendLoginMapOutput) ElementType() reflect.Type
func (AuthBackendLoginMapOutput) MapIndex ¶
func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput
func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput ¶
func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutput() AuthBackendLoginMapOutput
func (AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext ¶
func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx context.Context) AuthBackendLoginMapOutput
type AuthBackendLoginOutput ¶
type AuthBackendLoginOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginOutput) ElementType ¶
func (AuthBackendLoginOutput) ElementType() reflect.Type
func (AuthBackendLoginOutput) ToAuthBackendLoginOutput ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginOutput() AuthBackendLoginOutput
func (AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context.Context) AuthBackendLoginOutput
func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
func (AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext ¶
func (o AuthBackendLoginOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
type AuthBackendLoginPtrInput ¶
type AuthBackendLoginPtrInput interface { pulumi.Input ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput }
type AuthBackendLoginPtrOutput ¶
type AuthBackendLoginPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendLoginPtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendLoginPtrOutput) Elem() AuthBackendLoginOutput
func (AuthBackendLoginPtrOutput) ElementType ¶
func (AuthBackendLoginPtrOutput) ElementType() reflect.Type
func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput ¶
func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutput() AuthBackendLoginPtrOutput
func (AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext ¶
func (o AuthBackendLoginPtrOutput) ToAuthBackendLoginPtrOutputWithContext(ctx context.Context) AuthBackendLoginPtrOutput
type AuthBackendLoginState ¶
type AuthBackendLoginState struct { // The token's accessor. Accessor pulumi.StringPtrInput // The authentication type used to generate this token. AuthType pulumi.StringPtrInput // The unique name of the AWS auth backend. Defaults to // 'aws'. Backend pulumi.StringPtrInput // The token returned by Vault. ClientToken pulumi.StringPtrInput // The HTTP method used in the signed IAM // request. IamHttpRequestMethod pulumi.StringPtrInput // The base64-encoded body of the signed // request. IamRequestBody pulumi.StringPtrInput // The base64-encoded, JSON serialized // representation of the GetCallerIdentity HTTP request headers. IamRequestHeaders pulumi.StringPtrInput // The base64-encoded HTTP URL used in the signed // request. IamRequestUrl pulumi.StringPtrInput // The base64-encoded EC2 instance identity document to // authenticate with. Can be retrieved from the EC2 metadata server. Identity pulumi.StringPtrInput // The duration in seconds the token will be valid, relative // to the time in `leaseStartTime`. LeaseDuration pulumi.IntPtrInput // Time at which the lease was read, using the clock of the system where Terraform was running LeaseStartTime pulumi.StringPtrInput // A map of information returned by the Vault server about the // authentication used to generate this token. Metadata pulumi.MapInput // The unique nonce to be used for login requests. Can be // set to a user-specified value, or will contain the server-generated value // once a token is issued. EC2 instances can only acquire a single token until // the whitelist is tidied again unless they keep track of this nonce. Nonce pulumi.StringPtrInput // The PKCS#7 signature of the identity document to // authenticate with, with all newline characters removed. Can be retrieved from // the EC2 metadata server. Pkcs7 pulumi.StringPtrInput // The Vault policies assigned to this token. Policies pulumi.StringArrayInput // Set to true if the token can be extended through renewal. Renewable pulumi.BoolPtrInput // The name of the AWS auth backend role to create tokens // against. Role pulumi.StringPtrInput // The base64-encoded SHA256 RSA signature of the // instance identity document to authenticate with, with all newline characters // removed. Can be retrieved from the EC2 metadata server. Signature pulumi.StringPtrInput }
func (AuthBackendLoginState) ElementType ¶
func (AuthBackendLoginState) ElementType() reflect.Type
type AuthBackendRole ¶
type AuthBackendRole struct { pulumi.CustomResourceState // If set to `true`, allows migration of // the underlying instance where the client resides. AllowInstanceMigration pulumi.BoolPtrOutput `pulumi:"allowInstanceMigration"` // The auth type permitted for this role. Valid choices // are `ec2` and `iam`. Defaults to `iam`. AuthType pulumi.StringPtrOutput `pulumi:"authType"` // Unique name of the auth backend to configure. Backend pulumi.StringPtrOutput `pulumi:"backend"` // If set, defines a constraint on the EC2 // instances that can perform the login operation that they should be using the // account ID specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundAccountIds pulumi.StringArrayOutput `pulumi:"boundAccountIds"` // If set, defines a constraint on the EC2 instances // that can perform the login operation that they should be using the AMI ID // specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundAmiIds pulumi.StringArrayOutput `pulumi:"boundAmiIds"` // Only EC2 instances that match this instance ID will be permitted to log in. BoundEc2InstanceIds pulumi.StringArrayOutput `pulumi:"boundEc2InstanceIds"` // If set, defines a constraint on // the EC2 instances that can perform the login operation that they must be // associated with an IAM instance profile ARN which has a prefix that matches // the value specified by this field. The value is prefix-matched as though it // were a glob ending in `*`. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundIamInstanceProfileArns pulumi.StringArrayOutput `pulumi:"boundIamInstanceProfileArns"` // If set, defines the IAM principal that // must be authenticated when `authType` is set to `iam`. Wildcards are // supported at the end of the ARN. BoundIamPrincipalArns pulumi.StringArrayOutput `pulumi:"boundIamPrincipalArns"` // If set, defines a constraint on the EC2 // instances that can perform the login operation that they must match the IAM // role ARN specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundIamRoleArns pulumi.StringArrayOutput `pulumi:"boundIamRoleArns"` // If set, defines a constraint on the EC2 instances // that can perform the login operation that the region in their identity // document must match the one specified by this field. `authType` must be set // to `ec2` or `inferredEntityType` must be set to `ec2Instance` to use this // constraint. BoundRegions pulumi.StringArrayOutput `pulumi:"boundRegions"` // If set, defines a constraint on the EC2 // instances that can perform the login operation that they be associated with // the subnet ID that matches the value specified by this field. `authType` // must be set to `ec2` or `inferredEntityType` must be set to `ec2Instance` // to use this constraint. BoundSubnetIds pulumi.StringArrayOutput `pulumi:"boundSubnetIds"` // If set, defines a constraint on the EC2 instances // that can perform the login operation that they be associated with the VPC ID // that matches the value specified by this field. `authType` must be set to // `ec2` or `inferredEntityType` must be set to `ec2Instance` to use this // constraint. BoundVpcIds pulumi.StringArrayOutput `pulumi:"boundVpcIds"` // IF set to `true`, only allows a // single token to be granted per instance ID. This can only be set when // `authType` is set to `ec2`. DisallowReauthentication pulumi.BoolPtrOutput `pulumi:"disallowReauthentication"` // When `inferredEntityType` is set, this // is the region to search for the inferred entities. Required if // `inferredEntityType` is set. This only applies when `authType` is set to // `iam`. InferredAwsRegion pulumi.StringPtrOutput `pulumi:"inferredAwsRegion"` // If set, instructs Vault to turn on // inferencing. The only valid value is `ec2Instance`, which instructs Vault to // infer that the role comes from an EC2 instance in an IAM instance profile. // This only applies when `authType` is set to `iam`. InferredEntityType pulumi.StringPtrOutput `pulumi:"inferredEntityType"` // The maximum allowed lifetime of tokens // issued using this role, provided as a number of seconds. // // Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2 MaxTtl pulumi.IntPtrOutput `pulumi:"maxTtl"` // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. // // Deprecated: use `token_period` instead if you are running Vault >= 1.2 Period pulumi.IntPtrOutput `pulumi:"period"` // An array of strings // specifying the policies to be set on tokens issued using this role. // // Deprecated: use `token_policies` instead if you are running Vault >= 1.2 Policies pulumi.StringArrayOutput `pulumi:"policies"` // Only valid when // `authType` is `iam`. If set to `true`, the `boundIamPrincipalArns` are // resolved to [AWS Unique // IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids) // for the bound principal ARN. This field is ignored when a // `boundIamPrincipalArn` ends in a wildcard. Resolving to unique IDs more // closely mimics the behavior of AWS services in that if an IAM user or role is // deleted and a new one is recreated with the same name, those new users or // roles won't get access to roles in Vault that were permissioned to the prior // principals of the same name. Defaults to `true`. // Once set to `true`, this cannot be changed to `false` without recreating the role. ResolveAwsUniqueIds pulumi.BoolPtrOutput `pulumi:"resolveAwsUniqueIds"` // The name of the role. Role pulumi.StringOutput `pulumi:"role"` // If set, enable role tags for this role. The value set // for this field should be the key of the tag on the EC2 instance. `authType` // must be set to `ec2` or `inferredEntityType` must be set to `ec2Instance` // to use this constraint. RoleTag pulumi.StringPtrOutput `pulumi:"roleTag"` // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"` // If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"` // The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"` // If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"` // The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"` // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"` // List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"` // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` // The type of token that should be generated. Can be `service`, // `batch`, or `default` to use the mount's tuned default (which unless changed will be // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` // The TTL period of tokens issued // using this role, provided as a number of seconds. // // Deprecated: use `token_ttl` instead if you are running Vault >= 1.2 Ttl pulumi.IntPtrOutput `pulumi:"ttl"` }
Manages an AWS auth backend role in a Vault server. Roles constrain the instances or principals that can perform the login operation against the backend. See the [Vault documentation](https://www.vaultproject.io/docs/auth/aws.html) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/aws" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { aws, err := vault.NewAuthBackend(ctx, "aws", &vault.AuthBackendArgs{ Type: pulumi.String("aws"), }) if err != nil { return err } _, err = aws.NewAuthBackendRole(ctx, "example", &aws.AuthBackendRoleArgs{ Backend: aws.Path, Role: pulumi.String("test-role"), AuthType: pulumi.String("iam"), BoundAmiIds: pulumi.StringArray{ pulumi.String("ami-8c1be5f6"), }, BoundAccountIds: pulumi.StringArray{ pulumi.String("123456789012"), }, BoundVpcIds: pulumi.StringArray{ pulumi.String("vpc-b61106d4"), }, BoundSubnetIds: pulumi.StringArray{ pulumi.String("vpc-133128f1"), }, BoundIamRoleArns: pulumi.StringArray{ pulumi.String("arn:aws:iam::123456789012:role/MyRole"), }, BoundIamInstanceProfileArns: pulumi.StringArray{ pulumi.String("arn:aws:iam::123456789012:instance-profile/MyProfile"), }, InferredEntityType: pulumi.String("ec2_instance"), InferredAwsRegion: pulumi.String("us-east-1"), TokenTtl: pulumi.Int(60), TokenMaxTtl: pulumi.Int(120), TokenPolicies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("dev"), pulumi.String("prod"), }, }) if err != nil { return err } return nil }) }
```
## Import
AWS auth backend roles can be imported using `auth/`, the `backend` path, `/role/`, and the `role` name e.g.
```sh
$ pulumi import vault:aws/authBackendRole:AuthBackendRole example auth/aws/role/test-role
```
func GetAuthBackendRole ¶
func GetAuthBackendRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendRoleState, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)
GetAuthBackendRole gets an existing AuthBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendRole ¶
func NewAuthBackendRole(ctx *pulumi.Context, name string, args *AuthBackendRoleArgs, opts ...pulumi.ResourceOption) (*AuthBackendRole, error)
NewAuthBackendRole registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendRole) ElementType ¶
func (*AuthBackendRole) ElementType() reflect.Type
func (*AuthBackendRole) ToAuthBackendRoleOutput ¶
func (i *AuthBackendRole) ToAuthBackendRoleOutput() AuthBackendRoleOutput
func (*AuthBackendRole) ToAuthBackendRoleOutputWithContext ¶
func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
func (*AuthBackendRole) ToAuthBackendRolePtrOutput ¶
func (i *AuthBackendRole) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
func (*AuthBackendRole) ToAuthBackendRolePtrOutputWithContext ¶
func (i *AuthBackendRole) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
type AuthBackendRoleArgs ¶
type AuthBackendRoleArgs struct { // If set to `true`, allows migration of // the underlying instance where the client resides. AllowInstanceMigration pulumi.BoolPtrInput // The auth type permitted for this role. Valid choices // are `ec2` and `iam`. Defaults to `iam`. AuthType pulumi.StringPtrInput // Unique name of the auth backend to configure. Backend pulumi.StringPtrInput // If set, defines a constraint on the EC2 // instances that can perform the login operation that they should be using the // account ID specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundAccountIds pulumi.StringArrayInput // If set, defines a constraint on the EC2 instances // that can perform the login operation that they should be using the AMI ID // specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundAmiIds pulumi.StringArrayInput // Only EC2 instances that match this instance ID will be permitted to log in. BoundEc2InstanceIds pulumi.StringArrayInput // If set, defines a constraint on // the EC2 instances that can perform the login operation that they must be // associated with an IAM instance profile ARN which has a prefix that matches // the value specified by this field. The value is prefix-matched as though it // were a glob ending in `*`. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundIamInstanceProfileArns pulumi.StringArrayInput // If set, defines the IAM principal that // must be authenticated when `authType` is set to `iam`. Wildcards are // supported at the end of the ARN. BoundIamPrincipalArns pulumi.StringArrayInput // If set, defines a constraint on the EC2 // instances that can perform the login operation that they must match the IAM // role ARN specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundIamRoleArns pulumi.StringArrayInput // If set, defines a constraint on the EC2 instances // that can perform the login operation that the region in their identity // document must match the one specified by this field. `authType` must be set // to `ec2` or `inferredEntityType` must be set to `ec2Instance` to use this // constraint. BoundRegions pulumi.StringArrayInput // If set, defines a constraint on the EC2 // instances that can perform the login operation that they be associated with // the subnet ID that matches the value specified by this field. `authType` // must be set to `ec2` or `inferredEntityType` must be set to `ec2Instance` // to use this constraint. BoundSubnetIds pulumi.StringArrayInput // If set, defines a constraint on the EC2 instances // that can perform the login operation that they be associated with the VPC ID // that matches the value specified by this field. `authType` must be set to // `ec2` or `inferredEntityType` must be set to `ec2Instance` to use this // constraint. BoundVpcIds pulumi.StringArrayInput // IF set to `true`, only allows a // single token to be granted per instance ID. This can only be set when // `authType` is set to `ec2`. DisallowReauthentication pulumi.BoolPtrInput // When `inferredEntityType` is set, this // is the region to search for the inferred entities. Required if // `inferredEntityType` is set. This only applies when `authType` is set to // `iam`. InferredAwsRegion pulumi.StringPtrInput // If set, instructs Vault to turn on // inferencing. The only valid value is `ec2Instance`, which instructs Vault to // infer that the role comes from an EC2 instance in an IAM instance profile. // This only applies when `authType` is set to `iam`. InferredEntityType pulumi.StringPtrInput // The maximum allowed lifetime of tokens // issued using this role, provided as a number of seconds. // // Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2 MaxTtl pulumi.IntPtrInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. // // Deprecated: use `token_period` instead if you are running Vault >= 1.2 Period pulumi.IntPtrInput // An array of strings // specifying the policies to be set on tokens issued using this role. // // Deprecated: use `token_policies` instead if you are running Vault >= 1.2 Policies pulumi.StringArrayInput // Only valid when // `authType` is `iam`. If set to `true`, the `boundIamPrincipalArns` are // resolved to [AWS Unique // IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids) // for the bound principal ARN. This field is ignored when a // `boundIamPrincipalArn` ends in a wildcard. Resolving to unique IDs more // closely mimics the behavior of AWS services in that if an IAM user or role is // deleted and a new one is recreated with the same name, those new users or // roles won't get access to roles in Vault that were permissioned to the prior // principals of the same name. Defaults to `true`. // Once set to `true`, this cannot be changed to `false` without recreating the role. ResolveAwsUniqueIds pulumi.BoolPtrInput // The name of the role. Role pulumi.StringInput // If set, enable role tags for this role. The value set // for this field should be the key of the tag on the EC2 instance. `authType` // must be set to `ec2` or `inferredEntityType` must be set to `ec2Instance` // to use this constraint. RoleTag pulumi.StringPtrInput // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // The type of token that should be generated. Can be `service`, // `batch`, or `default` to use the mount's tuned default (which unless changed will be // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. TokenType pulumi.StringPtrInput // The TTL period of tokens issued // using this role, provided as a number of seconds. // // Deprecated: use `token_ttl` instead if you are running Vault >= 1.2 Ttl pulumi.IntPtrInput }
The set of arguments for constructing a AuthBackendRole resource.
func (AuthBackendRoleArgs) ElementType ¶
func (AuthBackendRoleArgs) ElementType() reflect.Type
type AuthBackendRoleArray ¶
type AuthBackendRoleArray []AuthBackendRoleInput
func (AuthBackendRoleArray) ElementType ¶
func (AuthBackendRoleArray) ElementType() reflect.Type
func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutput ¶
func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
func (AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext ¶
func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput
type AuthBackendRoleArrayInput ¶
type AuthBackendRoleArrayInput interface { pulumi.Input ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput ToAuthBackendRoleArrayOutputWithContext(context.Context) AuthBackendRoleArrayOutput }
AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. You can construct a concrete instance of `AuthBackendRoleArrayInput` via:
AuthBackendRoleArray{ AuthBackendRoleArgs{...} }
type AuthBackendRoleArrayOutput ¶
type AuthBackendRoleArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleArrayOutput) ElementType ¶
func (AuthBackendRoleArrayOutput) ElementType() reflect.Type
func (AuthBackendRoleArrayOutput) Index ¶
func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput
func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput ¶
func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput
func (AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext ¶
func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput
type AuthBackendRoleInput ¶
type AuthBackendRoleInput interface { pulumi.Input ToAuthBackendRoleOutput() AuthBackendRoleOutput ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput }
type AuthBackendRoleMap ¶
type AuthBackendRoleMap map[string]AuthBackendRoleInput
func (AuthBackendRoleMap) ElementType ¶
func (AuthBackendRoleMap) ElementType() reflect.Type
func (AuthBackendRoleMap) ToAuthBackendRoleMapOutput ¶
func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
func (AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext ¶
func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput
type AuthBackendRoleMapInput ¶
type AuthBackendRoleMapInput interface { pulumi.Input ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput ToAuthBackendRoleMapOutputWithContext(context.Context) AuthBackendRoleMapOutput }
AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. You can construct a concrete instance of `AuthBackendRoleMapInput` via:
AuthBackendRoleMap{ "key": AuthBackendRoleArgs{...} }
type AuthBackendRoleMapOutput ¶
type AuthBackendRoleMapOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleMapOutput) ElementType ¶
func (AuthBackendRoleMapOutput) ElementType() reflect.Type
func (AuthBackendRoleMapOutput) MapIndex ¶
func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput
func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput ¶
func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput
func (AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext ¶
func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput
type AuthBackendRoleOutput ¶
type AuthBackendRoleOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleOutput) ElementType ¶
func (AuthBackendRoleOutput) ElementType() reflect.Type
func (AuthBackendRoleOutput) ToAuthBackendRoleOutput ¶
func (o AuthBackendRoleOutput) ToAuthBackendRoleOutput() AuthBackendRoleOutput
func (AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext ¶
func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput
func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutput ¶
func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
func (AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext ¶
func (o AuthBackendRoleOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
type AuthBackendRolePtrInput ¶
type AuthBackendRolePtrInput interface { pulumi.Input ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput }
type AuthBackendRolePtrOutput ¶
type AuthBackendRolePtrOutput struct{ *pulumi.OutputState }
func (AuthBackendRolePtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendRolePtrOutput) Elem() AuthBackendRoleOutput
func (AuthBackendRolePtrOutput) ElementType ¶
func (AuthBackendRolePtrOutput) ElementType() reflect.Type
func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput ¶
func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutput() AuthBackendRolePtrOutput
func (AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext ¶
func (o AuthBackendRolePtrOutput) ToAuthBackendRolePtrOutputWithContext(ctx context.Context) AuthBackendRolePtrOutput
type AuthBackendRoleState ¶
type AuthBackendRoleState struct { // If set to `true`, allows migration of // the underlying instance where the client resides. AllowInstanceMigration pulumi.BoolPtrInput // The auth type permitted for this role. Valid choices // are `ec2` and `iam`. Defaults to `iam`. AuthType pulumi.StringPtrInput // Unique name of the auth backend to configure. Backend pulumi.StringPtrInput // If set, defines a constraint on the EC2 // instances that can perform the login operation that they should be using the // account ID specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundAccountIds pulumi.StringArrayInput // If set, defines a constraint on the EC2 instances // that can perform the login operation that they should be using the AMI ID // specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundAmiIds pulumi.StringArrayInput // Only EC2 instances that match this instance ID will be permitted to log in. BoundEc2InstanceIds pulumi.StringArrayInput // If set, defines a constraint on // the EC2 instances that can perform the login operation that they must be // associated with an IAM instance profile ARN which has a prefix that matches // the value specified by this field. The value is prefix-matched as though it // were a glob ending in `*`. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundIamInstanceProfileArns pulumi.StringArrayInput // If set, defines the IAM principal that // must be authenticated when `authType` is set to `iam`. Wildcards are // supported at the end of the ARN. BoundIamPrincipalArns pulumi.StringArrayInput // If set, defines a constraint on the EC2 // instances that can perform the login operation that they must match the IAM // role ARN specified by this field. `authType` must be set to `ec2` or // `inferredEntityType` must be set to `ec2Instance` to use this constraint. BoundIamRoleArns pulumi.StringArrayInput // If set, defines a constraint on the EC2 instances // that can perform the login operation that the region in their identity // document must match the one specified by this field. `authType` must be set // to `ec2` or `inferredEntityType` must be set to `ec2Instance` to use this // constraint. BoundRegions pulumi.StringArrayInput // If set, defines a constraint on the EC2 // instances that can perform the login operation that they be associated with // the subnet ID that matches the value specified by this field. `authType` // must be set to `ec2` or `inferredEntityType` must be set to `ec2Instance` // to use this constraint. BoundSubnetIds pulumi.StringArrayInput // If set, defines a constraint on the EC2 instances // that can perform the login operation that they be associated with the VPC ID // that matches the value specified by this field. `authType` must be set to // `ec2` or `inferredEntityType` must be set to `ec2Instance` to use this // constraint. BoundVpcIds pulumi.StringArrayInput // IF set to `true`, only allows a // single token to be granted per instance ID. This can only be set when // `authType` is set to `ec2`. DisallowReauthentication pulumi.BoolPtrInput // When `inferredEntityType` is set, this // is the region to search for the inferred entities. Required if // `inferredEntityType` is set. This only applies when `authType` is set to // `iam`. InferredAwsRegion pulumi.StringPtrInput // If set, instructs Vault to turn on // inferencing. The only valid value is `ec2Instance`, which instructs Vault to // infer that the role comes from an EC2 instance in an IAM instance profile. // This only applies when `authType` is set to `iam`. InferredEntityType pulumi.StringPtrInput // The maximum allowed lifetime of tokens // issued using this role, provided as a number of seconds. // // Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2 MaxTtl pulumi.IntPtrInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. // // Deprecated: use `token_period` instead if you are running Vault >= 1.2 Period pulumi.IntPtrInput // An array of strings // specifying the policies to be set on tokens issued using this role. // // Deprecated: use `token_policies` instead if you are running Vault >= 1.2 Policies pulumi.StringArrayInput // Only valid when // `authType` is `iam`. If set to `true`, the `boundIamPrincipalArns` are // resolved to [AWS Unique // IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids) // for the bound principal ARN. This field is ignored when a // `boundIamPrincipalArn` ends in a wildcard. Resolving to unique IDs more // closely mimics the behavior of AWS services in that if an IAM user or role is // deleted and a new one is recreated with the same name, those new users or // roles won't get access to roles in Vault that were permissioned to the prior // principals of the same name. Defaults to `true`. // Once set to `true`, this cannot be changed to `false` without recreating the role. ResolveAwsUniqueIds pulumi.BoolPtrInput // The name of the role. Role pulumi.StringPtrInput // If set, enable role tags for this role. The value set // for this field should be the key of the tag on the EC2 instance. `authType` // must be set to `ec2` or `inferredEntityType` must be set to `ec2Instance` // to use this constraint. RoleTag pulumi.StringPtrInput // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrInput // If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // The type of token that should be generated. Can be `service`, // `batch`, or `default` to use the mount's tuned default (which unless changed will be // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. TokenType pulumi.StringPtrInput // The TTL period of tokens issued // using this role, provided as a number of seconds. // // Deprecated: use `token_ttl` instead if you are running Vault >= 1.2 Ttl pulumi.IntPtrInput }
func (AuthBackendRoleState) ElementType ¶
func (AuthBackendRoleState) ElementType() reflect.Type
type AuthBackendRoleTag ¶
type AuthBackendRoleTag struct { pulumi.CustomResourceState // If set, allows migration of the underlying instances where the client resides. Use with caution. AllowInstanceMigration pulumi.BoolPtrOutput `pulumi:"allowInstanceMigration"` // The path to the AWS auth backend to // read role tags from, with no leading or trailing `/`s. Defaults to "aws". Backend pulumi.StringPtrOutput `pulumi:"backend"` // If set, only allows a single token to be granted per instance ID. DisallowReauthentication pulumi.BoolPtrOutput `pulumi:"disallowReauthentication"` // Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID. InstanceId pulumi.StringPtrOutput `pulumi:"instanceId"` // The maximum TTL of the tokens issued using this role. MaxTtl pulumi.StringPtrOutput `pulumi:"maxTtl"` // The policies to be associated with the tag. Must be a subset of the policies associated with the role. Policies pulumi.StringArrayOutput `pulumi:"policies"` // The name of the AWS auth backend role to read // role tags from, with no leading or trailing `/`s. Role pulumi.StringOutput `pulumi:"role"` // The key of the role tag. TagKey pulumi.StringOutput `pulumi:"tagKey"` // The value to set the role key. TagValue pulumi.StringOutput `pulumi:"tagValue"` }
Reads role tag information from an AWS auth backend in Vault.
func GetAuthBackendRoleTag ¶
func GetAuthBackendRoleTag(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendRoleTagState, opts ...pulumi.ResourceOption) (*AuthBackendRoleTag, error)
GetAuthBackendRoleTag gets an existing AuthBackendRoleTag resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendRoleTag ¶
func NewAuthBackendRoleTag(ctx *pulumi.Context, name string, args *AuthBackendRoleTagArgs, opts ...pulumi.ResourceOption) (*AuthBackendRoleTag, error)
NewAuthBackendRoleTag registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendRoleTag) ElementType ¶
func (*AuthBackendRoleTag) ElementType() reflect.Type
func (*AuthBackendRoleTag) ToAuthBackendRoleTagOutput ¶
func (i *AuthBackendRoleTag) ToAuthBackendRoleTagOutput() AuthBackendRoleTagOutput
func (*AuthBackendRoleTag) ToAuthBackendRoleTagOutputWithContext ¶
func (i *AuthBackendRoleTag) ToAuthBackendRoleTagOutputWithContext(ctx context.Context) AuthBackendRoleTagOutput
func (*AuthBackendRoleTag) ToAuthBackendRoleTagPtrOutput ¶
func (i *AuthBackendRoleTag) ToAuthBackendRoleTagPtrOutput() AuthBackendRoleTagPtrOutput
func (*AuthBackendRoleTag) ToAuthBackendRoleTagPtrOutputWithContext ¶
func (i *AuthBackendRoleTag) ToAuthBackendRoleTagPtrOutputWithContext(ctx context.Context) AuthBackendRoleTagPtrOutput
type AuthBackendRoleTagArgs ¶
type AuthBackendRoleTagArgs struct { // If set, allows migration of the underlying instances where the client resides. Use with caution. AllowInstanceMigration pulumi.BoolPtrInput // The path to the AWS auth backend to // read role tags from, with no leading or trailing `/`s. Defaults to "aws". Backend pulumi.StringPtrInput // If set, only allows a single token to be granted per instance ID. DisallowReauthentication pulumi.BoolPtrInput // Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID. InstanceId pulumi.StringPtrInput // The maximum TTL of the tokens issued using this role. MaxTtl pulumi.StringPtrInput // The policies to be associated with the tag. Must be a subset of the policies associated with the role. Policies pulumi.StringArrayInput // The name of the AWS auth backend role to read // role tags from, with no leading or trailing `/`s. Role pulumi.StringInput }
The set of arguments for constructing a AuthBackendRoleTag resource.
func (AuthBackendRoleTagArgs) ElementType ¶
func (AuthBackendRoleTagArgs) ElementType() reflect.Type
type AuthBackendRoleTagArray ¶
type AuthBackendRoleTagArray []AuthBackendRoleTagInput
func (AuthBackendRoleTagArray) ElementType ¶
func (AuthBackendRoleTagArray) ElementType() reflect.Type
func (AuthBackendRoleTagArray) ToAuthBackendRoleTagArrayOutput ¶
func (i AuthBackendRoleTagArray) ToAuthBackendRoleTagArrayOutput() AuthBackendRoleTagArrayOutput
func (AuthBackendRoleTagArray) ToAuthBackendRoleTagArrayOutputWithContext ¶
func (i AuthBackendRoleTagArray) ToAuthBackendRoleTagArrayOutputWithContext(ctx context.Context) AuthBackendRoleTagArrayOutput
type AuthBackendRoleTagArrayInput ¶
type AuthBackendRoleTagArrayInput interface { pulumi.Input ToAuthBackendRoleTagArrayOutput() AuthBackendRoleTagArrayOutput ToAuthBackendRoleTagArrayOutputWithContext(context.Context) AuthBackendRoleTagArrayOutput }
AuthBackendRoleTagArrayInput is an input type that accepts AuthBackendRoleTagArray and AuthBackendRoleTagArrayOutput values. You can construct a concrete instance of `AuthBackendRoleTagArrayInput` via:
AuthBackendRoleTagArray{ AuthBackendRoleTagArgs{...} }
type AuthBackendRoleTagArrayOutput ¶
type AuthBackendRoleTagArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleTagArrayOutput) ElementType ¶
func (AuthBackendRoleTagArrayOutput) ElementType() reflect.Type
func (AuthBackendRoleTagArrayOutput) Index ¶
func (o AuthBackendRoleTagArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleTagOutput
func (AuthBackendRoleTagArrayOutput) ToAuthBackendRoleTagArrayOutput ¶
func (o AuthBackendRoleTagArrayOutput) ToAuthBackendRoleTagArrayOutput() AuthBackendRoleTagArrayOutput
func (AuthBackendRoleTagArrayOutput) ToAuthBackendRoleTagArrayOutputWithContext ¶
func (o AuthBackendRoleTagArrayOutput) ToAuthBackendRoleTagArrayOutputWithContext(ctx context.Context) AuthBackendRoleTagArrayOutput
type AuthBackendRoleTagInput ¶
type AuthBackendRoleTagInput interface { pulumi.Input ToAuthBackendRoleTagOutput() AuthBackendRoleTagOutput ToAuthBackendRoleTagOutputWithContext(ctx context.Context) AuthBackendRoleTagOutput }
type AuthBackendRoleTagMap ¶
type AuthBackendRoleTagMap map[string]AuthBackendRoleTagInput
func (AuthBackendRoleTagMap) ElementType ¶
func (AuthBackendRoleTagMap) ElementType() reflect.Type
func (AuthBackendRoleTagMap) ToAuthBackendRoleTagMapOutput ¶
func (i AuthBackendRoleTagMap) ToAuthBackendRoleTagMapOutput() AuthBackendRoleTagMapOutput
func (AuthBackendRoleTagMap) ToAuthBackendRoleTagMapOutputWithContext ¶
func (i AuthBackendRoleTagMap) ToAuthBackendRoleTagMapOutputWithContext(ctx context.Context) AuthBackendRoleTagMapOutput
type AuthBackendRoleTagMapInput ¶
type AuthBackendRoleTagMapInput interface { pulumi.Input ToAuthBackendRoleTagMapOutput() AuthBackendRoleTagMapOutput ToAuthBackendRoleTagMapOutputWithContext(context.Context) AuthBackendRoleTagMapOutput }
AuthBackendRoleTagMapInput is an input type that accepts AuthBackendRoleTagMap and AuthBackendRoleTagMapOutput values. You can construct a concrete instance of `AuthBackendRoleTagMapInput` via:
AuthBackendRoleTagMap{ "key": AuthBackendRoleTagArgs{...} }
type AuthBackendRoleTagMapOutput ¶
type AuthBackendRoleTagMapOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleTagMapOutput) ElementType ¶
func (AuthBackendRoleTagMapOutput) ElementType() reflect.Type
func (AuthBackendRoleTagMapOutput) MapIndex ¶
func (o AuthBackendRoleTagMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleTagOutput
func (AuthBackendRoleTagMapOutput) ToAuthBackendRoleTagMapOutput ¶
func (o AuthBackendRoleTagMapOutput) ToAuthBackendRoleTagMapOutput() AuthBackendRoleTagMapOutput
func (AuthBackendRoleTagMapOutput) ToAuthBackendRoleTagMapOutputWithContext ¶
func (o AuthBackendRoleTagMapOutput) ToAuthBackendRoleTagMapOutputWithContext(ctx context.Context) AuthBackendRoleTagMapOutput
type AuthBackendRoleTagOutput ¶
type AuthBackendRoleTagOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleTagOutput) ElementType ¶
func (AuthBackendRoleTagOutput) ElementType() reflect.Type
func (AuthBackendRoleTagOutput) ToAuthBackendRoleTagOutput ¶
func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagOutput() AuthBackendRoleTagOutput
func (AuthBackendRoleTagOutput) ToAuthBackendRoleTagOutputWithContext ¶
func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagOutputWithContext(ctx context.Context) AuthBackendRoleTagOutput
func (AuthBackendRoleTagOutput) ToAuthBackendRoleTagPtrOutput ¶
func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagPtrOutput() AuthBackendRoleTagPtrOutput
func (AuthBackendRoleTagOutput) ToAuthBackendRoleTagPtrOutputWithContext ¶
func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagPtrOutputWithContext(ctx context.Context) AuthBackendRoleTagPtrOutput
type AuthBackendRoleTagPtrInput ¶
type AuthBackendRoleTagPtrInput interface { pulumi.Input ToAuthBackendRoleTagPtrOutput() AuthBackendRoleTagPtrOutput ToAuthBackendRoleTagPtrOutputWithContext(ctx context.Context) AuthBackendRoleTagPtrOutput }
type AuthBackendRoleTagPtrOutput ¶
type AuthBackendRoleTagPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendRoleTagPtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendRoleTagPtrOutput) Elem() AuthBackendRoleTagOutput
func (AuthBackendRoleTagPtrOutput) ElementType ¶
func (AuthBackendRoleTagPtrOutput) ElementType() reflect.Type
func (AuthBackendRoleTagPtrOutput) ToAuthBackendRoleTagPtrOutput ¶
func (o AuthBackendRoleTagPtrOutput) ToAuthBackendRoleTagPtrOutput() AuthBackendRoleTagPtrOutput
func (AuthBackendRoleTagPtrOutput) ToAuthBackendRoleTagPtrOutputWithContext ¶
func (o AuthBackendRoleTagPtrOutput) ToAuthBackendRoleTagPtrOutputWithContext(ctx context.Context) AuthBackendRoleTagPtrOutput
type AuthBackendRoleTagState ¶
type AuthBackendRoleTagState struct { // If set, allows migration of the underlying instances where the client resides. Use with caution. AllowInstanceMigration pulumi.BoolPtrInput // The path to the AWS auth backend to // read role tags from, with no leading or trailing `/`s. Defaults to "aws". Backend pulumi.StringPtrInput // If set, only allows a single token to be granted per instance ID. DisallowReauthentication pulumi.BoolPtrInput // Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID. InstanceId pulumi.StringPtrInput // The maximum TTL of the tokens issued using this role. MaxTtl pulumi.StringPtrInput // The policies to be associated with the tag. Must be a subset of the policies associated with the role. Policies pulumi.StringArrayInput // The name of the AWS auth backend role to read // role tags from, with no leading or trailing `/`s. Role pulumi.StringPtrInput // The key of the role tag. TagKey pulumi.StringPtrInput // The value to set the role key. TagValue pulumi.StringPtrInput }
func (AuthBackendRoleTagState) ElementType ¶
func (AuthBackendRoleTagState) ElementType() reflect.Type
type AuthBackendRoletagBlacklist ¶
type AuthBackendRoletagBlacklist struct { pulumi.CustomResourceState // The path the AWS auth backend being configured was // mounted at. Backend pulumi.StringOutput `pulumi:"backend"` // If set to true, disables the periodic // tidying of the roletag blacklist entries. Defaults to false. DisablePeriodicTidy pulumi.BoolPtrOutput `pulumi:"disablePeriodicTidy"` // The amount of extra time that must have passed // beyond the roletag expiration, before it is removed from the backend storage. // Defaults to 259,200 seconds, or 72 hours. SafetyBuffer pulumi.IntPtrOutput `pulumi:"safetyBuffer"` }
Configures the periodic tidying operation of the blacklisted role tag entries.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/aws" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleAuthBackend, err := vault.NewAuthBackend(ctx, "exampleAuthBackend", &vault.AuthBackendArgs{ Type: pulumi.String("aws"), }) if err != nil { return err } _, err = aws.NewAuthBackendRoletagBlacklist(ctx, "exampleAuthBackendRoletagBlacklist", &aws.AuthBackendRoletagBlacklistArgs{ Backend: exampleAuthBackend.Path, SafetyBuffer: pulumi.Int(360), }) if err != nil { return err } return nil }) }
```
func GetAuthBackendRoletagBlacklist ¶
func GetAuthBackendRoletagBlacklist(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendRoletagBlacklistState, opts ...pulumi.ResourceOption) (*AuthBackendRoletagBlacklist, error)
GetAuthBackendRoletagBlacklist gets an existing AuthBackendRoletagBlacklist resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendRoletagBlacklist ¶
func NewAuthBackendRoletagBlacklist(ctx *pulumi.Context, name string, args *AuthBackendRoletagBlacklistArgs, opts ...pulumi.ResourceOption) (*AuthBackendRoletagBlacklist, error)
NewAuthBackendRoletagBlacklist registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendRoletagBlacklist) ElementType ¶
func (*AuthBackendRoletagBlacklist) ElementType() reflect.Type
func (*AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistOutput ¶
func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistOutput() AuthBackendRoletagBlacklistOutput
func (*AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistOutputWithContext ¶
func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistOutput
func (*AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistPtrOutput ¶
func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistPtrOutput() AuthBackendRoletagBlacklistPtrOutput
func (*AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistPtrOutputWithContext ¶
func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistPtrOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistPtrOutput
type AuthBackendRoletagBlacklistArgs ¶
type AuthBackendRoletagBlacklistArgs struct { // The path the AWS auth backend being configured was // mounted at. Backend pulumi.StringInput // If set to true, disables the periodic // tidying of the roletag blacklist entries. Defaults to false. DisablePeriodicTidy pulumi.BoolPtrInput // The amount of extra time that must have passed // beyond the roletag expiration, before it is removed from the backend storage. // Defaults to 259,200 seconds, or 72 hours. SafetyBuffer pulumi.IntPtrInput }
The set of arguments for constructing a AuthBackendRoletagBlacklist resource.
func (AuthBackendRoletagBlacklistArgs) ElementType ¶
func (AuthBackendRoletagBlacklistArgs) ElementType() reflect.Type
type AuthBackendRoletagBlacklistArray ¶
type AuthBackendRoletagBlacklistArray []AuthBackendRoletagBlacklistInput
func (AuthBackendRoletagBlacklistArray) ElementType ¶
func (AuthBackendRoletagBlacklistArray) ElementType() reflect.Type
func (AuthBackendRoletagBlacklistArray) ToAuthBackendRoletagBlacklistArrayOutput ¶
func (i AuthBackendRoletagBlacklistArray) ToAuthBackendRoletagBlacklistArrayOutput() AuthBackendRoletagBlacklistArrayOutput
func (AuthBackendRoletagBlacklistArray) ToAuthBackendRoletagBlacklistArrayOutputWithContext ¶
func (i AuthBackendRoletagBlacklistArray) ToAuthBackendRoletagBlacklistArrayOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistArrayOutput
type AuthBackendRoletagBlacklistArrayInput ¶
type AuthBackendRoletagBlacklistArrayInput interface { pulumi.Input ToAuthBackendRoletagBlacklistArrayOutput() AuthBackendRoletagBlacklistArrayOutput ToAuthBackendRoletagBlacklistArrayOutputWithContext(context.Context) AuthBackendRoletagBlacklistArrayOutput }
AuthBackendRoletagBlacklistArrayInput is an input type that accepts AuthBackendRoletagBlacklistArray and AuthBackendRoletagBlacklistArrayOutput values. You can construct a concrete instance of `AuthBackendRoletagBlacklistArrayInput` via:
AuthBackendRoletagBlacklistArray{ AuthBackendRoletagBlacklistArgs{...} }
type AuthBackendRoletagBlacklistArrayOutput ¶
type AuthBackendRoletagBlacklistArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendRoletagBlacklistArrayOutput) ElementType ¶
func (AuthBackendRoletagBlacklistArrayOutput) ElementType() reflect.Type
func (AuthBackendRoletagBlacklistArrayOutput) ToAuthBackendRoletagBlacklistArrayOutput ¶
func (o AuthBackendRoletagBlacklistArrayOutput) ToAuthBackendRoletagBlacklistArrayOutput() AuthBackendRoletagBlacklistArrayOutput
func (AuthBackendRoletagBlacklistArrayOutput) ToAuthBackendRoletagBlacklistArrayOutputWithContext ¶
func (o AuthBackendRoletagBlacklistArrayOutput) ToAuthBackendRoletagBlacklistArrayOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistArrayOutput
type AuthBackendRoletagBlacklistInput ¶
type AuthBackendRoletagBlacklistInput interface { pulumi.Input ToAuthBackendRoletagBlacklistOutput() AuthBackendRoletagBlacklistOutput ToAuthBackendRoletagBlacklistOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistOutput }
type AuthBackendRoletagBlacklistMap ¶
type AuthBackendRoletagBlacklistMap map[string]AuthBackendRoletagBlacklistInput
func (AuthBackendRoletagBlacklistMap) ElementType ¶
func (AuthBackendRoletagBlacklistMap) ElementType() reflect.Type
func (AuthBackendRoletagBlacklistMap) ToAuthBackendRoletagBlacklistMapOutput ¶
func (i AuthBackendRoletagBlacklistMap) ToAuthBackendRoletagBlacklistMapOutput() AuthBackendRoletagBlacklistMapOutput
func (AuthBackendRoletagBlacklistMap) ToAuthBackendRoletagBlacklistMapOutputWithContext ¶
func (i AuthBackendRoletagBlacklistMap) ToAuthBackendRoletagBlacklistMapOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistMapOutput
type AuthBackendRoletagBlacklistMapInput ¶
type AuthBackendRoletagBlacklistMapInput interface { pulumi.Input ToAuthBackendRoletagBlacklistMapOutput() AuthBackendRoletagBlacklistMapOutput ToAuthBackendRoletagBlacklistMapOutputWithContext(context.Context) AuthBackendRoletagBlacklistMapOutput }
AuthBackendRoletagBlacklistMapInput is an input type that accepts AuthBackendRoletagBlacklistMap and AuthBackendRoletagBlacklistMapOutput values. You can construct a concrete instance of `AuthBackendRoletagBlacklistMapInput` via:
AuthBackendRoletagBlacklistMap{ "key": AuthBackendRoletagBlacklistArgs{...} }
type AuthBackendRoletagBlacklistMapOutput ¶
type AuthBackendRoletagBlacklistMapOutput struct{ *pulumi.OutputState }
func (AuthBackendRoletagBlacklistMapOutput) ElementType ¶
func (AuthBackendRoletagBlacklistMapOutput) ElementType() reflect.Type
func (AuthBackendRoletagBlacklistMapOutput) MapIndex ¶
func (o AuthBackendRoletagBlacklistMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoletagBlacklistOutput
func (AuthBackendRoletagBlacklistMapOutput) ToAuthBackendRoletagBlacklistMapOutput ¶
func (o AuthBackendRoletagBlacklistMapOutput) ToAuthBackendRoletagBlacklistMapOutput() AuthBackendRoletagBlacklistMapOutput
func (AuthBackendRoletagBlacklistMapOutput) ToAuthBackendRoletagBlacklistMapOutputWithContext ¶
func (o AuthBackendRoletagBlacklistMapOutput) ToAuthBackendRoletagBlacklistMapOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistMapOutput
type AuthBackendRoletagBlacklistOutput ¶
type AuthBackendRoletagBlacklistOutput struct{ *pulumi.OutputState }
func (AuthBackendRoletagBlacklistOutput) ElementType ¶
func (AuthBackendRoletagBlacklistOutput) ElementType() reflect.Type
func (AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistOutput ¶
func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistOutput() AuthBackendRoletagBlacklistOutput
func (AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistOutputWithContext ¶
func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistOutput
func (AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistPtrOutput ¶
func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistPtrOutput() AuthBackendRoletagBlacklistPtrOutput
func (AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistPtrOutputWithContext ¶
func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistPtrOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistPtrOutput
type AuthBackendRoletagBlacklistPtrInput ¶
type AuthBackendRoletagBlacklistPtrInput interface { pulumi.Input ToAuthBackendRoletagBlacklistPtrOutput() AuthBackendRoletagBlacklistPtrOutput ToAuthBackendRoletagBlacklistPtrOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistPtrOutput }
type AuthBackendRoletagBlacklistPtrOutput ¶
type AuthBackendRoletagBlacklistPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendRoletagBlacklistPtrOutput) ElementType ¶
func (AuthBackendRoletagBlacklistPtrOutput) ElementType() reflect.Type
func (AuthBackendRoletagBlacklistPtrOutput) ToAuthBackendRoletagBlacklistPtrOutput ¶
func (o AuthBackendRoletagBlacklistPtrOutput) ToAuthBackendRoletagBlacklistPtrOutput() AuthBackendRoletagBlacklistPtrOutput
func (AuthBackendRoletagBlacklistPtrOutput) ToAuthBackendRoletagBlacklistPtrOutputWithContext ¶
func (o AuthBackendRoletagBlacklistPtrOutput) ToAuthBackendRoletagBlacklistPtrOutputWithContext(ctx context.Context) AuthBackendRoletagBlacklistPtrOutput
type AuthBackendRoletagBlacklistState ¶
type AuthBackendRoletagBlacklistState struct { // The path the AWS auth backend being configured was // mounted at. Backend pulumi.StringPtrInput // If set to true, disables the periodic // tidying of the roletag blacklist entries. Defaults to false. DisablePeriodicTidy pulumi.BoolPtrInput // The amount of extra time that must have passed // beyond the roletag expiration, before it is removed from the backend storage. // Defaults to 259,200 seconds, or 72 hours. SafetyBuffer pulumi.IntPtrInput }
func (AuthBackendRoletagBlacklistState) ElementType ¶
func (AuthBackendRoletagBlacklistState) ElementType() reflect.Type
type AuthBackendStsRole ¶
type AuthBackendStsRole struct { pulumi.CustomResourceState // The AWS account ID to configure the STS role for. AccountId pulumi.StringOutput `pulumi:"accountId"` // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrOutput `pulumi:"backend"` // The STS role to assume when verifying requests made // by EC2 instances in the account specified by `accountId`. StsRole pulumi.StringOutput `pulumi:"stsRole"` }
## Import
AWS auth backend STS roles can be imported using `auth/`, the `backend` path, `/config/sts/`, and the `account_id` e.g.
```sh
$ pulumi import vault:aws/authBackendStsRole:AuthBackendStsRole example auth/aws/config/sts/1234567890
```
func GetAuthBackendStsRole ¶
func GetAuthBackendStsRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendStsRoleState, opts ...pulumi.ResourceOption) (*AuthBackendStsRole, error)
GetAuthBackendStsRole gets an existing AuthBackendStsRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackendStsRole ¶
func NewAuthBackendStsRole(ctx *pulumi.Context, name string, args *AuthBackendStsRoleArgs, opts ...pulumi.ResourceOption) (*AuthBackendStsRole, error)
NewAuthBackendStsRole registers a new resource with the given unique name, arguments, and options.
func (*AuthBackendStsRole) ElementType ¶
func (*AuthBackendStsRole) ElementType() reflect.Type
func (*AuthBackendStsRole) ToAuthBackendStsRoleOutput ¶
func (i *AuthBackendStsRole) ToAuthBackendStsRoleOutput() AuthBackendStsRoleOutput
func (*AuthBackendStsRole) ToAuthBackendStsRoleOutputWithContext ¶
func (i *AuthBackendStsRole) ToAuthBackendStsRoleOutputWithContext(ctx context.Context) AuthBackendStsRoleOutput
func (*AuthBackendStsRole) ToAuthBackendStsRolePtrOutput ¶
func (i *AuthBackendStsRole) ToAuthBackendStsRolePtrOutput() AuthBackendStsRolePtrOutput
func (*AuthBackendStsRole) ToAuthBackendStsRolePtrOutputWithContext ¶
func (i *AuthBackendStsRole) ToAuthBackendStsRolePtrOutputWithContext(ctx context.Context) AuthBackendStsRolePtrOutput
type AuthBackendStsRoleArgs ¶
type AuthBackendStsRoleArgs struct { // The AWS account ID to configure the STS role for. AccountId pulumi.StringInput // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrInput // The STS role to assume when verifying requests made // by EC2 instances in the account specified by `accountId`. StsRole pulumi.StringInput }
The set of arguments for constructing a AuthBackendStsRole resource.
func (AuthBackendStsRoleArgs) ElementType ¶
func (AuthBackendStsRoleArgs) ElementType() reflect.Type
type AuthBackendStsRoleArray ¶
type AuthBackendStsRoleArray []AuthBackendStsRoleInput
func (AuthBackendStsRoleArray) ElementType ¶
func (AuthBackendStsRoleArray) ElementType() reflect.Type
func (AuthBackendStsRoleArray) ToAuthBackendStsRoleArrayOutput ¶
func (i AuthBackendStsRoleArray) ToAuthBackendStsRoleArrayOutput() AuthBackendStsRoleArrayOutput
func (AuthBackendStsRoleArray) ToAuthBackendStsRoleArrayOutputWithContext ¶
func (i AuthBackendStsRoleArray) ToAuthBackendStsRoleArrayOutputWithContext(ctx context.Context) AuthBackendStsRoleArrayOutput
type AuthBackendStsRoleArrayInput ¶
type AuthBackendStsRoleArrayInput interface { pulumi.Input ToAuthBackendStsRoleArrayOutput() AuthBackendStsRoleArrayOutput ToAuthBackendStsRoleArrayOutputWithContext(context.Context) AuthBackendStsRoleArrayOutput }
AuthBackendStsRoleArrayInput is an input type that accepts AuthBackendStsRoleArray and AuthBackendStsRoleArrayOutput values. You can construct a concrete instance of `AuthBackendStsRoleArrayInput` via:
AuthBackendStsRoleArray{ AuthBackendStsRoleArgs{...} }
type AuthBackendStsRoleArrayOutput ¶
type AuthBackendStsRoleArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendStsRoleArrayOutput) ElementType ¶
func (AuthBackendStsRoleArrayOutput) ElementType() reflect.Type
func (AuthBackendStsRoleArrayOutput) Index ¶
func (o AuthBackendStsRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendStsRoleOutput
func (AuthBackendStsRoleArrayOutput) ToAuthBackendStsRoleArrayOutput ¶
func (o AuthBackendStsRoleArrayOutput) ToAuthBackendStsRoleArrayOutput() AuthBackendStsRoleArrayOutput
func (AuthBackendStsRoleArrayOutput) ToAuthBackendStsRoleArrayOutputWithContext ¶
func (o AuthBackendStsRoleArrayOutput) ToAuthBackendStsRoleArrayOutputWithContext(ctx context.Context) AuthBackendStsRoleArrayOutput
type AuthBackendStsRoleInput ¶
type AuthBackendStsRoleInput interface { pulumi.Input ToAuthBackendStsRoleOutput() AuthBackendStsRoleOutput ToAuthBackendStsRoleOutputWithContext(ctx context.Context) AuthBackendStsRoleOutput }
type AuthBackendStsRoleMap ¶
type AuthBackendStsRoleMap map[string]AuthBackendStsRoleInput
func (AuthBackendStsRoleMap) ElementType ¶
func (AuthBackendStsRoleMap) ElementType() reflect.Type
func (AuthBackendStsRoleMap) ToAuthBackendStsRoleMapOutput ¶
func (i AuthBackendStsRoleMap) ToAuthBackendStsRoleMapOutput() AuthBackendStsRoleMapOutput
func (AuthBackendStsRoleMap) ToAuthBackendStsRoleMapOutputWithContext ¶
func (i AuthBackendStsRoleMap) ToAuthBackendStsRoleMapOutputWithContext(ctx context.Context) AuthBackendStsRoleMapOutput
type AuthBackendStsRoleMapInput ¶
type AuthBackendStsRoleMapInput interface { pulumi.Input ToAuthBackendStsRoleMapOutput() AuthBackendStsRoleMapOutput ToAuthBackendStsRoleMapOutputWithContext(context.Context) AuthBackendStsRoleMapOutput }
AuthBackendStsRoleMapInput is an input type that accepts AuthBackendStsRoleMap and AuthBackendStsRoleMapOutput values. You can construct a concrete instance of `AuthBackendStsRoleMapInput` via:
AuthBackendStsRoleMap{ "key": AuthBackendStsRoleArgs{...} }
type AuthBackendStsRoleMapOutput ¶
type AuthBackendStsRoleMapOutput struct{ *pulumi.OutputState }
func (AuthBackendStsRoleMapOutput) ElementType ¶
func (AuthBackendStsRoleMapOutput) ElementType() reflect.Type
func (AuthBackendStsRoleMapOutput) MapIndex ¶
func (o AuthBackendStsRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendStsRoleOutput
func (AuthBackendStsRoleMapOutput) ToAuthBackendStsRoleMapOutput ¶
func (o AuthBackendStsRoleMapOutput) ToAuthBackendStsRoleMapOutput() AuthBackendStsRoleMapOutput
func (AuthBackendStsRoleMapOutput) ToAuthBackendStsRoleMapOutputWithContext ¶
func (o AuthBackendStsRoleMapOutput) ToAuthBackendStsRoleMapOutputWithContext(ctx context.Context) AuthBackendStsRoleMapOutput
type AuthBackendStsRoleOutput ¶
type AuthBackendStsRoleOutput struct{ *pulumi.OutputState }
func (AuthBackendStsRoleOutput) ElementType ¶
func (AuthBackendStsRoleOutput) ElementType() reflect.Type
func (AuthBackendStsRoleOutput) ToAuthBackendStsRoleOutput ¶
func (o AuthBackendStsRoleOutput) ToAuthBackendStsRoleOutput() AuthBackendStsRoleOutput
func (AuthBackendStsRoleOutput) ToAuthBackendStsRoleOutputWithContext ¶
func (o AuthBackendStsRoleOutput) ToAuthBackendStsRoleOutputWithContext(ctx context.Context) AuthBackendStsRoleOutput
func (AuthBackendStsRoleOutput) ToAuthBackendStsRolePtrOutput ¶
func (o AuthBackendStsRoleOutput) ToAuthBackendStsRolePtrOutput() AuthBackendStsRolePtrOutput
func (AuthBackendStsRoleOutput) ToAuthBackendStsRolePtrOutputWithContext ¶
func (o AuthBackendStsRoleOutput) ToAuthBackendStsRolePtrOutputWithContext(ctx context.Context) AuthBackendStsRolePtrOutput
type AuthBackendStsRolePtrInput ¶
type AuthBackendStsRolePtrInput interface { pulumi.Input ToAuthBackendStsRolePtrOutput() AuthBackendStsRolePtrOutput ToAuthBackendStsRolePtrOutputWithContext(ctx context.Context) AuthBackendStsRolePtrOutput }
type AuthBackendStsRolePtrOutput ¶
type AuthBackendStsRolePtrOutput struct{ *pulumi.OutputState }
func (AuthBackendStsRolePtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendStsRolePtrOutput) Elem() AuthBackendStsRoleOutput
func (AuthBackendStsRolePtrOutput) ElementType ¶
func (AuthBackendStsRolePtrOutput) ElementType() reflect.Type
func (AuthBackendStsRolePtrOutput) ToAuthBackendStsRolePtrOutput ¶
func (o AuthBackendStsRolePtrOutput) ToAuthBackendStsRolePtrOutput() AuthBackendStsRolePtrOutput
func (AuthBackendStsRolePtrOutput) ToAuthBackendStsRolePtrOutputWithContext ¶
func (o AuthBackendStsRolePtrOutput) ToAuthBackendStsRolePtrOutputWithContext(ctx context.Context) AuthBackendStsRolePtrOutput
type AuthBackendStsRoleState ¶
type AuthBackendStsRoleState struct { // The AWS account ID to configure the STS role for. AccountId pulumi.StringPtrInput // The path the AWS auth backend being configured was // mounted at. Defaults to `aws`. Backend pulumi.StringPtrInput // The STS role to assume when verifying requests made // by EC2 instances in the account specified by `accountId`. StsRole pulumi.StringPtrInput }
func (AuthBackendStsRoleState) ElementType ¶
func (AuthBackendStsRoleState) ElementType() reflect.Type
type GetAccessCredentialsArgs ¶
type GetAccessCredentialsArgs struct { // The path to the AWS secret backend to // read credentials from, with no leading or trailing `/`s. Backend string `pulumi:"backend"` Region *string `pulumi:"region"` // The name of the AWS secret backend role to read // credentials from, with no leading or trailing `/`s. Role string `pulumi:"role"` // The specific AWS ARN to use // from the configured role. If the role does not have multiple ARNs, this does // not need to be specified. RoleArn *string `pulumi:"roleArn"` // Specifies the TTL for the use of the STS token. This // is specified as a string with a duration suffix. Valid only when // `credentialType` is `assumedRole` or `federationToken` Ttl *string `pulumi:"ttl"` // The type of credentials to read. Defaults // to `"creds"`, which just returns an AWS Access Key ID and Secret // Key. Can also be set to `"sts"`, which will return a security token // in addition to the keys. Type *string `pulumi:"type"` }
A collection of arguments for invoking getAccessCredentials.
type GetAccessCredentialsOutputArgs ¶ added in v4.6.0
type GetAccessCredentialsOutputArgs struct { // The path to the AWS secret backend to // read credentials from, with no leading or trailing `/`s. Backend pulumi.StringInput `pulumi:"backend"` Region pulumi.StringPtrInput `pulumi:"region"` // The name of the AWS secret backend role to read // credentials from, with no leading or trailing `/`s. Role pulumi.StringInput `pulumi:"role"` // The specific AWS ARN to use // from the configured role. If the role does not have multiple ARNs, this does // not need to be specified. RoleArn pulumi.StringPtrInput `pulumi:"roleArn"` // Specifies the TTL for the use of the STS token. This // is specified as a string with a duration suffix. Valid only when // `credentialType` is `assumedRole` or `federationToken` Ttl pulumi.StringPtrInput `pulumi:"ttl"` // The type of credentials to read. Defaults // to `"creds"`, which just returns an AWS Access Key ID and Secret // Key. Can also be set to `"sts"`, which will return a security token // in addition to the keys. Type pulumi.StringPtrInput `pulumi:"type"` }
A collection of arguments for invoking getAccessCredentials.
func (GetAccessCredentialsOutputArgs) ElementType ¶ added in v4.6.0
func (GetAccessCredentialsOutputArgs) ElementType() reflect.Type
type GetAccessCredentialsResult ¶
type GetAccessCredentialsResult struct { // The AWS Access Key ID returned by Vault. AccessKey string `pulumi:"accessKey"` Backend string `pulumi:"backend"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The duration of the secret lease, in seconds relative // to the time the data was requested. Once this time has passed any plan // generated with this data may fail to apply. LeaseDuration int `pulumi:"leaseDuration"` // The lease identifier assigned by Vault. LeaseId string `pulumi:"leaseId"` LeaseRenewable bool `pulumi:"leaseRenewable"` LeaseStartTime string `pulumi:"leaseStartTime"` Region *string `pulumi:"region"` Role string `pulumi:"role"` RoleArn *string `pulumi:"roleArn"` // The AWS Secret Key returned by Vault. SecretKey string `pulumi:"secretKey"` // The STS token returned by Vault, if any. SecurityToken string `pulumi:"securityToken"` Ttl *string `pulumi:"ttl"` Type *string `pulumi:"type"` }
A collection of values returned by getAccessCredentials.
func GetAccessCredentials ¶
func GetAccessCredentials(ctx *pulumi.Context, args *GetAccessCredentialsArgs, opts ...pulumi.InvokeOption) (*GetAccessCredentialsResult, error)
type GetAccessCredentialsResultOutput ¶ added in v4.6.0
type GetAccessCredentialsResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getAccessCredentials.
func GetAccessCredentialsOutput ¶ added in v4.6.0
func GetAccessCredentialsOutput(ctx *pulumi.Context, args GetAccessCredentialsOutputArgs, opts ...pulumi.InvokeOption) GetAccessCredentialsResultOutput
func (GetAccessCredentialsResultOutput) AccessKey ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) AccessKey() pulumi.StringOutput
The AWS Access Key ID returned by Vault.
func (GetAccessCredentialsResultOutput) Backend ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Backend() pulumi.StringOutput
func (GetAccessCredentialsResultOutput) ElementType ¶ added in v4.6.0
func (GetAccessCredentialsResultOutput) ElementType() reflect.Type
func (GetAccessCredentialsResultOutput) Id ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetAccessCredentialsResultOutput) LeaseDuration ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) LeaseDuration() pulumi.IntOutput
The duration of the secret lease, in seconds relative to the time the data was requested. Once this time has passed any plan generated with this data may fail to apply.
func (GetAccessCredentialsResultOutput) LeaseId ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) LeaseId() pulumi.StringOutput
The lease identifier assigned by Vault.
func (GetAccessCredentialsResultOutput) LeaseRenewable ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) LeaseRenewable() pulumi.BoolOutput
func (GetAccessCredentialsResultOutput) LeaseStartTime ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) LeaseStartTime() pulumi.StringOutput
func (GetAccessCredentialsResultOutput) Region ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Region() pulumi.StringPtrOutput
func (GetAccessCredentialsResultOutput) Role ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Role() pulumi.StringOutput
func (GetAccessCredentialsResultOutput) RoleArn ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) RoleArn() pulumi.StringPtrOutput
func (GetAccessCredentialsResultOutput) SecretKey ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) SecretKey() pulumi.StringOutput
The AWS Secret Key returned by Vault.
func (GetAccessCredentialsResultOutput) SecurityToken ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) SecurityToken() pulumi.StringOutput
The STS token returned by Vault, if any.
func (GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutput ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutput() GetAccessCredentialsResultOutput
func (GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWithContext ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWithContext(ctx context.Context) GetAccessCredentialsResultOutput
func (GetAccessCredentialsResultOutput) Ttl ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Ttl() pulumi.StringPtrOutput
func (GetAccessCredentialsResultOutput) Type ¶ added in v4.6.0
func (o GetAccessCredentialsResultOutput) Type() pulumi.StringPtrOutput
type SecretBackend ¶
type SecretBackend struct { pulumi.CustomResourceState // The AWS Access Key ID this backend should use to // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. AccessKey pulumi.StringPtrOutput `pulumi:"accessKey"` // The default TTL for credentials // issued by this backend. DefaultLeaseTtlSeconds pulumi.IntOutput `pulumi:"defaultLeaseTtlSeconds"` // A human-friendly description for this backend. Description pulumi.StringPtrOutput `pulumi:"description"` // Specifies a custom HTTP IAM endpoint to use. IamEndpoint pulumi.StringPtrOutput `pulumi:"iamEndpoint"` // The maximum TTL that can be requested // for credentials issued by this backend. MaxLeaseTtlSeconds pulumi.IntOutput `pulumi:"maxLeaseTtlSeconds"` // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path pulumi.StringPtrOutput `pulumi:"path"` // The AWS region for API calls. Defaults to `us-east-1`. Region pulumi.StringOutput `pulumi:"region"` // The AWS Secret Key this backend should use to // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. SecretKey pulumi.StringPtrOutput `pulumi:"secretKey"` // Specifies a custom HTTP STS endpoint to use. StsEndpoint pulumi.StringPtrOutput `pulumi:"stsEndpoint"` }
## Import
AWS secret backends can be imported using the `path`, e.g.
```sh
$ pulumi import vault:aws/secretBackend:SecretBackend aws aws
```
func GetSecretBackend ¶
func GetSecretBackend(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendState, opts ...pulumi.ResourceOption) (*SecretBackend, error)
GetSecretBackend gets an existing SecretBackend resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackend ¶
func NewSecretBackend(ctx *pulumi.Context, name string, args *SecretBackendArgs, opts ...pulumi.ResourceOption) (*SecretBackend, error)
NewSecretBackend registers a new resource with the given unique name, arguments, and options.
func (*SecretBackend) ElementType ¶
func (*SecretBackend) ElementType() reflect.Type
func (*SecretBackend) ToSecretBackendOutput ¶
func (i *SecretBackend) ToSecretBackendOutput() SecretBackendOutput
func (*SecretBackend) ToSecretBackendOutputWithContext ¶
func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
func (*SecretBackend) ToSecretBackendPtrOutput ¶
func (i *SecretBackend) ToSecretBackendPtrOutput() SecretBackendPtrOutput
func (*SecretBackend) ToSecretBackendPtrOutputWithContext ¶
func (i *SecretBackend) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
type SecretBackendArgs ¶
type SecretBackendArgs struct { // The AWS Access Key ID this backend should use to // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. AccessKey pulumi.StringPtrInput // The default TTL for credentials // issued by this backend. DefaultLeaseTtlSeconds pulumi.IntPtrInput // A human-friendly description for this backend. Description pulumi.StringPtrInput // Specifies a custom HTTP IAM endpoint to use. IamEndpoint pulumi.StringPtrInput // The maximum TTL that can be requested // for credentials issued by this backend. MaxLeaseTtlSeconds pulumi.IntPtrInput // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path pulumi.StringPtrInput // The AWS region for API calls. Defaults to `us-east-1`. Region pulumi.StringPtrInput // The AWS Secret Key this backend should use to // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. SecretKey pulumi.StringPtrInput // Specifies a custom HTTP STS endpoint to use. StsEndpoint pulumi.StringPtrInput }
The set of arguments for constructing a SecretBackend resource.
func (SecretBackendArgs) ElementType ¶
func (SecretBackendArgs) ElementType() reflect.Type
type SecretBackendArray ¶
type SecretBackendArray []SecretBackendInput
func (SecretBackendArray) ElementType ¶
func (SecretBackendArray) ElementType() reflect.Type
func (SecretBackendArray) ToSecretBackendArrayOutput ¶
func (i SecretBackendArray) ToSecretBackendArrayOutput() SecretBackendArrayOutput
func (SecretBackendArray) ToSecretBackendArrayOutputWithContext ¶
func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
type SecretBackendArrayInput ¶
type SecretBackendArrayInput interface { pulumi.Input ToSecretBackendArrayOutput() SecretBackendArrayOutput ToSecretBackendArrayOutputWithContext(context.Context) SecretBackendArrayOutput }
SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. You can construct a concrete instance of `SecretBackendArrayInput` via:
SecretBackendArray{ SecretBackendArgs{...} }
type SecretBackendArrayOutput ¶
type SecretBackendArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendArrayOutput) ElementType ¶
func (SecretBackendArrayOutput) ElementType() reflect.Type
func (SecretBackendArrayOutput) Index ¶
func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput
func (SecretBackendArrayOutput) ToSecretBackendArrayOutput ¶
func (o SecretBackendArrayOutput) ToSecretBackendArrayOutput() SecretBackendArrayOutput
func (SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext ¶
func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
type SecretBackendInput ¶
type SecretBackendInput interface { pulumi.Input ToSecretBackendOutput() SecretBackendOutput ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput }
type SecretBackendMap ¶
type SecretBackendMap map[string]SecretBackendInput
func (SecretBackendMap) ElementType ¶
func (SecretBackendMap) ElementType() reflect.Type
func (SecretBackendMap) ToSecretBackendMapOutput ¶
func (i SecretBackendMap) ToSecretBackendMapOutput() SecretBackendMapOutput
func (SecretBackendMap) ToSecretBackendMapOutputWithContext ¶
func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
type SecretBackendMapInput ¶
type SecretBackendMapInput interface { pulumi.Input ToSecretBackendMapOutput() SecretBackendMapOutput ToSecretBackendMapOutputWithContext(context.Context) SecretBackendMapOutput }
SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. You can construct a concrete instance of `SecretBackendMapInput` via:
SecretBackendMap{ "key": SecretBackendArgs{...} }
type SecretBackendMapOutput ¶
type SecretBackendMapOutput struct{ *pulumi.OutputState }
func (SecretBackendMapOutput) ElementType ¶
func (SecretBackendMapOutput) ElementType() reflect.Type
func (SecretBackendMapOutput) MapIndex ¶
func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput
func (SecretBackendMapOutput) ToSecretBackendMapOutput ¶
func (o SecretBackendMapOutput) ToSecretBackendMapOutput() SecretBackendMapOutput
func (SecretBackendMapOutput) ToSecretBackendMapOutputWithContext ¶
func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
type SecretBackendOutput ¶
type SecretBackendOutput struct{ *pulumi.OutputState }
func (SecretBackendOutput) ElementType ¶
func (SecretBackendOutput) ElementType() reflect.Type
func (SecretBackendOutput) ToSecretBackendOutput ¶
func (o SecretBackendOutput) ToSecretBackendOutput() SecretBackendOutput
func (SecretBackendOutput) ToSecretBackendOutputWithContext ¶
func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
func (SecretBackendOutput) ToSecretBackendPtrOutput ¶
func (o SecretBackendOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
func (SecretBackendOutput) ToSecretBackendPtrOutputWithContext ¶
func (o SecretBackendOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
type SecretBackendPtrInput ¶
type SecretBackendPtrInput interface { pulumi.Input ToSecretBackendPtrOutput() SecretBackendPtrOutput ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput }
type SecretBackendPtrOutput ¶
type SecretBackendPtrOutput struct{ *pulumi.OutputState }
func (SecretBackendPtrOutput) Elem ¶ added in v4.6.0
func (o SecretBackendPtrOutput) Elem() SecretBackendOutput
func (SecretBackendPtrOutput) ElementType ¶
func (SecretBackendPtrOutput) ElementType() reflect.Type
func (SecretBackendPtrOutput) ToSecretBackendPtrOutput ¶
func (o SecretBackendPtrOutput) ToSecretBackendPtrOutput() SecretBackendPtrOutput
func (SecretBackendPtrOutput) ToSecretBackendPtrOutputWithContext ¶
func (o SecretBackendPtrOutput) ToSecretBackendPtrOutputWithContext(ctx context.Context) SecretBackendPtrOutput
type SecretBackendRole ¶
type SecretBackendRole struct { pulumi.CustomResourceState // The path the AWS secret backend is mounted at, // with no leading or trailing `/`s. Backend pulumi.StringOutput `pulumi:"backend"` // Specifies the type of credential to be used when // retrieving credentials from the role. Must be one of `iamUser`, `assumedRole`, or // `federationToken`. CredentialType pulumi.StringOutput `pulumi:"credentialType"` // The default TTL in seconds for STS credentials. // When a TTL is not specified when STS credentials are requested, // and a default TTL is specified on the role, // then this default TTL will be used. Valid only when `credentialType` is one of // `assumedRole` or `federationToken`. DefaultStsTtl pulumi.IntOutput `pulumi:"defaultStsTtl"` // A list of IAM group names. IAM users generated // against this vault role will be added to these IAM Groups. For a credential // type of `assumedRole` or `federationToken`, the policies sent to the // corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the // policies from each group in `iamGroups` combined with the `policyDocument` // and `policyArns` parameters. IamGroups pulumi.StringArrayOutput `pulumi:"iamGroups"` // The max allowed TTL in seconds for STS credentials // (credentials TTL are capped to `maxStsTtl`). Valid only when `credentialType` is // one of `assumedRole` or `federationToken`. MaxStsTtl pulumi.IntOutput `pulumi:"maxStsTtl"` // The name to identify this role within the backend. // Must be unique within the backend. Name pulumi.StringOutput `pulumi:"name"` // Specifies a list of AWS managed policy ARNs. The // behavior depends on the credential type. With `iamUser`, the policies will be // attached to IAM users when they are requested. With `assumedRole` and // `federationToken`, the policy ARNs will act as a filter on what the credentials // can do, similar to `policyDocument`. When `credentialType` is `iamUser` or // `federationToken`, at least one of `policyDocument` or `policyArns` must // be specified. PolicyArns pulumi.StringArrayOutput `pulumi:"policyArns"` // The IAM policy document for the role. The // behavior depends on the credential type. With `iamUser`, the policy document // will be attached to the IAM user generated and augment the permissions the IAM // user has. With `assumedRole` and `federationToken`, the policy document will // act as a filter on what the credentials can do, similar to `policyArns`. PolicyDocument pulumi.StringPtrOutput `pulumi:"policyDocument"` // Specifies the ARNs of the AWS roles this Vault role // is allowed to assume. Required when `credentialType` is `assumedRole` and // prohibited otherwise. RoleArns pulumi.StringArrayOutput `pulumi:"roleArns"` }
## Import
AWS secret backend roles can be imported using the `path`, e.g.
```sh
$ pulumi import vault:aws/secretBackendRole:SecretBackendRole role aws/roles/deploy
```
func GetSecretBackendRole ¶
func GetSecretBackendRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)
GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackendRole ¶
func NewSecretBackendRole(ctx *pulumi.Context, name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)
NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.
func (*SecretBackendRole) ElementType ¶
func (*SecretBackendRole) ElementType() reflect.Type
func (*SecretBackendRole) ToSecretBackendRoleOutput ¶
func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput
func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext ¶
func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
func (*SecretBackendRole) ToSecretBackendRolePtrOutput ¶
func (i *SecretBackendRole) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
func (*SecretBackendRole) ToSecretBackendRolePtrOutputWithContext ¶
func (i *SecretBackendRole) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
type SecretBackendRoleArgs ¶
type SecretBackendRoleArgs struct { // The path the AWS secret backend is mounted at, // with no leading or trailing `/`s. Backend pulumi.StringInput // Specifies the type of credential to be used when // retrieving credentials from the role. Must be one of `iamUser`, `assumedRole`, or // `federationToken`. CredentialType pulumi.StringInput // The default TTL in seconds for STS credentials. // When a TTL is not specified when STS credentials are requested, // and a default TTL is specified on the role, // then this default TTL will be used. Valid only when `credentialType` is one of // `assumedRole` or `federationToken`. DefaultStsTtl pulumi.IntPtrInput // A list of IAM group names. IAM users generated // against this vault role will be added to these IAM Groups. For a credential // type of `assumedRole` or `federationToken`, the policies sent to the // corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the // policies from each group in `iamGroups` combined with the `policyDocument` // and `policyArns` parameters. IamGroups pulumi.StringArrayInput // The max allowed TTL in seconds for STS credentials // (credentials TTL are capped to `maxStsTtl`). Valid only when `credentialType` is // one of `assumedRole` or `federationToken`. MaxStsTtl pulumi.IntPtrInput // The name to identify this role within the backend. // Must be unique within the backend. Name pulumi.StringPtrInput // Specifies a list of AWS managed policy ARNs. The // behavior depends on the credential type. With `iamUser`, the policies will be // attached to IAM users when they are requested. With `assumedRole` and // `federationToken`, the policy ARNs will act as a filter on what the credentials // can do, similar to `policyDocument`. When `credentialType` is `iamUser` or // `federationToken`, at least one of `policyDocument` or `policyArns` must // be specified. PolicyArns pulumi.StringArrayInput // The IAM policy document for the role. The // behavior depends on the credential type. With `iamUser`, the policy document // will be attached to the IAM user generated and augment the permissions the IAM // user has. With `assumedRole` and `federationToken`, the policy document will // act as a filter on what the credentials can do, similar to `policyArns`. PolicyDocument pulumi.StringPtrInput // Specifies the ARNs of the AWS roles this Vault role // is allowed to assume. Required when `credentialType` is `assumedRole` and // prohibited otherwise. RoleArns pulumi.StringArrayInput }
The set of arguments for constructing a SecretBackendRole resource.
func (SecretBackendRoleArgs) ElementType ¶
func (SecretBackendRoleArgs) ElementType() reflect.Type
type SecretBackendRoleArray ¶
type SecretBackendRoleArray []SecretBackendRoleInput
func (SecretBackendRoleArray) ElementType ¶
func (SecretBackendRoleArray) ElementType() reflect.Type
func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput ¶
func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext ¶
func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
type SecretBackendRoleArrayInput ¶
type SecretBackendRoleArrayInput interface { pulumi.Input ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput }
SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via:
SecretBackendRoleArray{ SecretBackendRoleArgs{...} }
type SecretBackendRoleArrayOutput ¶
type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleArrayOutput) ElementType ¶
func (SecretBackendRoleArrayOutput) ElementType() reflect.Type
func (SecretBackendRoleArrayOutput) Index ¶
func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput
func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput ¶
func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext ¶
func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
type SecretBackendRoleInput ¶
type SecretBackendRoleInput interface { pulumi.Input ToSecretBackendRoleOutput() SecretBackendRoleOutput ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput }
type SecretBackendRoleMap ¶
type SecretBackendRoleMap map[string]SecretBackendRoleInput
func (SecretBackendRoleMap) ElementType ¶
func (SecretBackendRoleMap) ElementType() reflect.Type
func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput ¶
func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext ¶
func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
type SecretBackendRoleMapInput ¶
type SecretBackendRoleMapInput interface { pulumi.Input ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput }
SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via:
SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }
type SecretBackendRoleMapOutput ¶
type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleMapOutput) ElementType ¶
func (SecretBackendRoleMapOutput) ElementType() reflect.Type
func (SecretBackendRoleMapOutput) MapIndex ¶
func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput
func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput ¶
func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext ¶
func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
type SecretBackendRoleOutput ¶
type SecretBackendRoleOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleOutput) ElementType ¶
func (SecretBackendRoleOutput) ElementType() reflect.Type
func (SecretBackendRoleOutput) ToSecretBackendRoleOutput ¶
func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput
func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext ¶
func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutput ¶
func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext ¶
func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
type SecretBackendRolePtrInput ¶
type SecretBackendRolePtrInput interface { pulumi.Input ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput }
type SecretBackendRolePtrOutput ¶
type SecretBackendRolePtrOutput struct{ *pulumi.OutputState }
func (SecretBackendRolePtrOutput) Elem ¶ added in v4.6.0
func (o SecretBackendRolePtrOutput) Elem() SecretBackendRoleOutput
func (SecretBackendRolePtrOutput) ElementType ¶
func (SecretBackendRolePtrOutput) ElementType() reflect.Type
func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput ¶
func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext ¶
func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
type SecretBackendRoleState ¶
type SecretBackendRoleState struct { // The path the AWS secret backend is mounted at, // with no leading or trailing `/`s. Backend pulumi.StringPtrInput // Specifies the type of credential to be used when // retrieving credentials from the role. Must be one of `iamUser`, `assumedRole`, or // `federationToken`. CredentialType pulumi.StringPtrInput // The default TTL in seconds for STS credentials. // When a TTL is not specified when STS credentials are requested, // and a default TTL is specified on the role, // then this default TTL will be used. Valid only when `credentialType` is one of // `assumedRole` or `federationToken`. DefaultStsTtl pulumi.IntPtrInput // A list of IAM group names. IAM users generated // against this vault role will be added to these IAM Groups. For a credential // type of `assumedRole` or `federationToken`, the policies sent to the // corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the // policies from each group in `iamGroups` combined with the `policyDocument` // and `policyArns` parameters. IamGroups pulumi.StringArrayInput // The max allowed TTL in seconds for STS credentials // (credentials TTL are capped to `maxStsTtl`). Valid only when `credentialType` is // one of `assumedRole` or `federationToken`. MaxStsTtl pulumi.IntPtrInput // The name to identify this role within the backend. // Must be unique within the backend. Name pulumi.StringPtrInput // Specifies a list of AWS managed policy ARNs. The // behavior depends on the credential type. With `iamUser`, the policies will be // attached to IAM users when they are requested. With `assumedRole` and // `federationToken`, the policy ARNs will act as a filter on what the credentials // can do, similar to `policyDocument`. When `credentialType` is `iamUser` or // `federationToken`, at least one of `policyDocument` or `policyArns` must // be specified. PolicyArns pulumi.StringArrayInput // The IAM policy document for the role. The // behavior depends on the credential type. With `iamUser`, the policy document // will be attached to the IAM user generated and augment the permissions the IAM // user has. With `assumedRole` and `federationToken`, the policy document will // act as a filter on what the credentials can do, similar to `policyArns`. PolicyDocument pulumi.StringPtrInput // Specifies the ARNs of the AWS roles this Vault role // is allowed to assume. Required when `credentialType` is `assumedRole` and // prohibited otherwise. RoleArns pulumi.StringArrayInput }
func (SecretBackendRoleState) ElementType ¶
func (SecretBackendRoleState) ElementType() reflect.Type
type SecretBackendState ¶
type SecretBackendState struct { // The AWS Access Key ID this backend should use to // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. AccessKey pulumi.StringPtrInput // The default TTL for credentials // issued by this backend. DefaultLeaseTtlSeconds pulumi.IntPtrInput // A human-friendly description for this backend. Description pulumi.StringPtrInput // Specifies a custom HTTP IAM endpoint to use. IamEndpoint pulumi.StringPtrInput // The maximum TTL that can be requested // for credentials issued by this backend. MaxLeaseTtlSeconds pulumi.IntPtrInput // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path pulumi.StringPtrInput // The AWS region for API calls. Defaults to `us-east-1`. Region pulumi.StringPtrInput // The AWS Secret Key this backend should use to // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. SecretKey pulumi.StringPtrInput // Specifies a custom HTTP STS endpoint to use. StsEndpoint pulumi.StringPtrInput }
func (SecretBackendState) ElementType ¶
func (SecretBackendState) ElementType() reflect.Type