Documentation ¶
Index ¶
- type AuthBackend
- func (*AuthBackend) ElementType() reflect.Type
- func (i *AuthBackend) ToAuthBackendOutput() AuthBackendOutput
- func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput
- func (i *AuthBackend) ToAuthBackendPtrOutput() AuthBackendPtrOutput
- func (i *AuthBackend) ToAuthBackendPtrOutputWithContext(ctx context.Context) AuthBackendPtrOutput
- type AuthBackendArgs
- type AuthBackendArray
- type AuthBackendArrayInput
- type AuthBackendArrayOutput
- func (AuthBackendArrayOutput) ElementType() reflect.Type
- func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput
- func (o AuthBackendArrayOutput) ToAuthBackendArrayOutput() AuthBackendArrayOutput
- func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput
- type AuthBackendInput
- type AuthBackendMap
- type AuthBackendMapInput
- type AuthBackendMapOutput
- func (AuthBackendMapOutput) ElementType() reflect.Type
- func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput
- func (o AuthBackendMapOutput) ToAuthBackendMapOutput() AuthBackendMapOutput
- func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput
- type AuthBackendOutput
- func (AuthBackendOutput) ElementType() reflect.Type
- func (o AuthBackendOutput) ToAuthBackendOutput() AuthBackendOutput
- func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput
- func (o AuthBackendOutput) ToAuthBackendPtrOutput() AuthBackendPtrOutput
- func (o AuthBackendOutput) ToAuthBackendPtrOutputWithContext(ctx context.Context) AuthBackendPtrOutput
- type AuthBackendPtrInput
- type AuthBackendPtrOutput
- type AuthBackendState
- type AuthBackendTune
- type AuthBackendTuneArgs
- func (AuthBackendTuneArgs) ElementType() reflect.Type
- func (i AuthBackendTuneArgs) ToAuthBackendTuneOutput() AuthBackendTuneOutput
- func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
- func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
- func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
- type AuthBackendTuneInput
- type AuthBackendTuneOutput
- func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
- func (AuthBackendTuneOutput) ElementType() reflect.Type
- func (o AuthBackendTuneOutput) ListingVisibility() pulumi.StringPtrOutput
- func (o AuthBackendTuneOutput) MaxLeaseTtl() pulumi.StringPtrOutput
- func (o AuthBackendTuneOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTuneOutput() AuthBackendTuneOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
- func (o AuthBackendTuneOutput) TokenType() pulumi.StringPtrOutput
- type AuthBackendTunePtrInput
- type AuthBackendTunePtrOutput
- func (o AuthBackendTunePtrOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
- func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput
- func (AuthBackendTunePtrOutput) ElementType() reflect.Type
- func (o AuthBackendTunePtrOutput) ListingVisibility() pulumi.StringPtrOutput
- func (o AuthBackendTunePtrOutput) MaxLeaseTtl() pulumi.StringPtrOutput
- func (o AuthBackendTunePtrOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
- func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
- func (o AuthBackendTunePtrOutput) TokenType() pulumi.StringPtrOutput
- type Team
- type TeamArgs
- type TeamArray
- type TeamArrayInput
- type TeamArrayOutput
- type TeamInput
- type TeamMap
- type TeamMapInput
- type TeamMapOutput
- type TeamOutput
- func (TeamOutput) ElementType() reflect.Type
- func (o TeamOutput) ToTeamOutput() TeamOutput
- func (o TeamOutput) ToTeamOutputWithContext(ctx context.Context) TeamOutput
- func (o TeamOutput) ToTeamPtrOutput() TeamPtrOutput
- func (o TeamOutput) ToTeamPtrOutputWithContext(ctx context.Context) TeamPtrOutput
- type TeamPtrInput
- type TeamPtrOutput
- type TeamState
- type User
- type UserArgs
- type UserArray
- type UserArrayInput
- type UserArrayOutput
- type UserInput
- type UserMap
- type UserMapInput
- type UserMapOutput
- type UserOutput
- func (UserOutput) ElementType() reflect.Type
- func (o UserOutput) ToUserOutput() UserOutput
- func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput
- func (o UserOutput) ToUserPtrOutput() UserPtrOutput
- func (o UserOutput) ToUserPtrOutputWithContext(ctx context.Context) UserPtrOutput
- type UserPtrInput
- type UserPtrOutput
- type UserState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthBackend ¶
type AuthBackend struct { pulumi.CustomResourceState // The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html). Accessor pulumi.StringOutput `pulumi:"accessor"` // The API endpoint to use. Useful if you // are running GitHub Enterprise or an API-compatible authentication server. BaseUrl pulumi.StringPtrOutput `pulumi:"baseUrl"` // Specifies the description of the mount. // This overrides the current stored value, if any. Description pulumi.StringPtrOutput `pulumi:"description"` // (Optional; Deprecated, use `tokenMaxTtl` instead if you are running Vault >= 1.2) The maximum allowed lifetime of tokens // issued using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration). // // Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2 MaxTtl pulumi.StringPtrOutput `pulumi:"maxTtl"` // The organization configured users must be part of. Organization pulumi.StringOutput `pulumi:"organization"` // Path where the auth backend is mounted. Defaults to `auth/github` // if not specified. Path pulumi.StringPtrOutput `pulumi:"path"` // (Optional) List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"` // (Optional) If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"` // (Optional) The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"` // (Optional) If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"` // (Optional) The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"` // (Optional) If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"` // (Optional) List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"` // (Optional) The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` // (Optional; Deprecated, use `tokenTtl` instead if you are running Vault >= 1.2) The TTL period of tokens issued // using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration). // // Deprecated: use `token_ttl` instead if you are running Vault >= 1.2 Ttl pulumi.StringPtrOutput `pulumi:"ttl"` // Extra configuration block. Structure is documented below. Tune AuthBackendTuneOutput `pulumi:"tune"` }
Manages a GitHub Auth mount in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/github" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{ Organization: pulumi.String("myorg"), }) if err != nil { return err } return nil }) }
```
## Import
GitHub authentication mounts can be imported using the `path`, e.g.
```sh
$ pulumi import vault:github/authBackend:AuthBackend example github
```
func GetAuthBackend ¶
func GetAuthBackend(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendState, opts ...pulumi.ResourceOption) (*AuthBackend, error)
GetAuthBackend gets an existing AuthBackend resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackend ¶
func NewAuthBackend(ctx *pulumi.Context, name string, args *AuthBackendArgs, opts ...pulumi.ResourceOption) (*AuthBackend, error)
NewAuthBackend registers a new resource with the given unique name, arguments, and options.
func (*AuthBackend) ElementType ¶
func (*AuthBackend) ElementType() reflect.Type
func (*AuthBackend) ToAuthBackendOutput ¶
func (i *AuthBackend) ToAuthBackendOutput() AuthBackendOutput
func (*AuthBackend) ToAuthBackendOutputWithContext ¶
func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput
func (*AuthBackend) ToAuthBackendPtrOutput ¶
func (i *AuthBackend) ToAuthBackendPtrOutput() AuthBackendPtrOutput
func (*AuthBackend) ToAuthBackendPtrOutputWithContext ¶
func (i *AuthBackend) ToAuthBackendPtrOutputWithContext(ctx context.Context) AuthBackendPtrOutput
type AuthBackendArgs ¶
type AuthBackendArgs struct { // The API endpoint to use. Useful if you // are running GitHub Enterprise or an API-compatible authentication server. BaseUrl pulumi.StringPtrInput // Specifies the description of the mount. // This overrides the current stored value, if any. Description pulumi.StringPtrInput // (Optional; Deprecated, use `tokenMaxTtl` instead if you are running Vault >= 1.2) The maximum allowed lifetime of tokens // issued using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration). // // Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2 MaxTtl pulumi.StringPtrInput // The organization configured users must be part of. Organization pulumi.StringInput // Path where the auth backend is mounted. Defaults to `auth/github` // if not specified. Path pulumi.StringPtrInput // (Optional) List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // (Optional) If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // (Optional) The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // (Optional) If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // (Optional) The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrInput // (Optional) If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // (Optional) List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // (Optional) The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput // (Optional; Deprecated, use `tokenTtl` instead if you are running Vault >= 1.2) The TTL period of tokens issued // using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration). // // Deprecated: use `token_ttl` instead if you are running Vault >= 1.2 Ttl pulumi.StringPtrInput // Extra configuration block. Structure is documented below. Tune AuthBackendTunePtrInput }
The set of arguments for constructing a AuthBackend resource.
func (AuthBackendArgs) ElementType ¶
func (AuthBackendArgs) ElementType() reflect.Type
type AuthBackendArray ¶
type AuthBackendArray []AuthBackendInput
func (AuthBackendArray) ElementType ¶
func (AuthBackendArray) ElementType() reflect.Type
func (AuthBackendArray) ToAuthBackendArrayOutput ¶
func (i AuthBackendArray) ToAuthBackendArrayOutput() AuthBackendArrayOutput
func (AuthBackendArray) ToAuthBackendArrayOutputWithContext ¶
func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput
type AuthBackendArrayInput ¶
type AuthBackendArrayInput interface { pulumi.Input ToAuthBackendArrayOutput() AuthBackendArrayOutput ToAuthBackendArrayOutputWithContext(context.Context) AuthBackendArrayOutput }
AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. You can construct a concrete instance of `AuthBackendArrayInput` via:
AuthBackendArray{ AuthBackendArgs{...} }
type AuthBackendArrayOutput ¶
type AuthBackendArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendArrayOutput) ElementType ¶
func (AuthBackendArrayOutput) ElementType() reflect.Type
func (AuthBackendArrayOutput) Index ¶
func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput
func (AuthBackendArrayOutput) ToAuthBackendArrayOutput ¶
func (o AuthBackendArrayOutput) ToAuthBackendArrayOutput() AuthBackendArrayOutput
func (AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext ¶
func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput
type AuthBackendInput ¶
type AuthBackendInput interface { pulumi.Input ToAuthBackendOutput() AuthBackendOutput ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput }
type AuthBackendMap ¶
type AuthBackendMap map[string]AuthBackendInput
func (AuthBackendMap) ElementType ¶
func (AuthBackendMap) ElementType() reflect.Type
func (AuthBackendMap) ToAuthBackendMapOutput ¶
func (i AuthBackendMap) ToAuthBackendMapOutput() AuthBackendMapOutput
func (AuthBackendMap) ToAuthBackendMapOutputWithContext ¶
func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput
type AuthBackendMapInput ¶
type AuthBackendMapInput interface { pulumi.Input ToAuthBackendMapOutput() AuthBackendMapOutput ToAuthBackendMapOutputWithContext(context.Context) AuthBackendMapOutput }
AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. You can construct a concrete instance of `AuthBackendMapInput` via:
AuthBackendMap{ "key": AuthBackendArgs{...} }
type AuthBackendMapOutput ¶
type AuthBackendMapOutput struct{ *pulumi.OutputState }
func (AuthBackendMapOutput) ElementType ¶
func (AuthBackendMapOutput) ElementType() reflect.Type
func (AuthBackendMapOutput) MapIndex ¶
func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput
func (AuthBackendMapOutput) ToAuthBackendMapOutput ¶
func (o AuthBackendMapOutput) ToAuthBackendMapOutput() AuthBackendMapOutput
func (AuthBackendMapOutput) ToAuthBackendMapOutputWithContext ¶
func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput
type AuthBackendOutput ¶
type AuthBackendOutput struct{ *pulumi.OutputState }
func (AuthBackendOutput) ElementType ¶
func (AuthBackendOutput) ElementType() reflect.Type
func (AuthBackendOutput) ToAuthBackendOutput ¶
func (o AuthBackendOutput) ToAuthBackendOutput() AuthBackendOutput
func (AuthBackendOutput) ToAuthBackendOutputWithContext ¶
func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput
func (AuthBackendOutput) ToAuthBackendPtrOutput ¶
func (o AuthBackendOutput) ToAuthBackendPtrOutput() AuthBackendPtrOutput
func (AuthBackendOutput) ToAuthBackendPtrOutputWithContext ¶
func (o AuthBackendOutput) ToAuthBackendPtrOutputWithContext(ctx context.Context) AuthBackendPtrOutput
type AuthBackendPtrInput ¶
type AuthBackendPtrInput interface { pulumi.Input ToAuthBackendPtrOutput() AuthBackendPtrOutput ToAuthBackendPtrOutputWithContext(ctx context.Context) AuthBackendPtrOutput }
type AuthBackendPtrOutput ¶
type AuthBackendPtrOutput struct{ *pulumi.OutputState }
func (AuthBackendPtrOutput) Elem ¶ added in v4.6.0
func (o AuthBackendPtrOutput) Elem() AuthBackendOutput
func (AuthBackendPtrOutput) ElementType ¶
func (AuthBackendPtrOutput) ElementType() reflect.Type
func (AuthBackendPtrOutput) ToAuthBackendPtrOutput ¶
func (o AuthBackendPtrOutput) ToAuthBackendPtrOutput() AuthBackendPtrOutput
func (AuthBackendPtrOutput) ToAuthBackendPtrOutputWithContext ¶
func (o AuthBackendPtrOutput) ToAuthBackendPtrOutputWithContext(ctx context.Context) AuthBackendPtrOutput
type AuthBackendState ¶
type AuthBackendState struct { // The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html). Accessor pulumi.StringPtrInput // The API endpoint to use. Useful if you // are running GitHub Enterprise or an API-compatible authentication server. BaseUrl pulumi.StringPtrInput // Specifies the description of the mount. // This overrides the current stored value, if any. Description pulumi.StringPtrInput // (Optional; Deprecated, use `tokenMaxTtl` instead if you are running Vault >= 1.2) The maximum allowed lifetime of tokens // issued using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration). // // Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2 MaxTtl pulumi.StringPtrInput // The organization configured users must be part of. Organization pulumi.StringPtrInput // Path where the auth backend is mounted. Defaults to `auth/github` // if not specified. Path pulumi.StringPtrInput // (Optional) List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // (Optional) If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // (Optional) The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // (Optional) If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // (Optional) The // [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls), // if any, in number of seconds to set on the token. TokenNumUses pulumi.IntPtrInput // (Optional) If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // (Optional) List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // (Optional) The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput // (Optional; Deprecated, use `tokenTtl` instead if you are running Vault >= 1.2) The TTL period of tokens issued // using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration). // // Deprecated: use `token_ttl` instead if you are running Vault >= 1.2 Ttl pulumi.StringPtrInput // Extra configuration block. Structure is documented below. Tune AuthBackendTunePtrInput }
func (AuthBackendState) ElementType ¶
func (AuthBackendState) ElementType() reflect.Type
type AuthBackendTune ¶
type AuthBackendTune struct { // List of headers to whitelist and allowing // a plugin to include them in the response. AllowedResponseHeaders []string `pulumi:"allowedResponseHeaders"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys []string `pulumi:"auditNonHmacRequestKeys"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys []string `pulumi:"auditNonHmacResponseKeys"` // Specifies the default time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) DefaultLeaseTtl *string `pulumi:"defaultLeaseTtl"` // Specifies whether to show this mount in // the UI-specific listing endpoint. Valid values are "unauth" or "hidden". ListingVisibility *string `pulumi:"listingVisibility"` // Specifies the maximum time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) MaxLeaseTtl *string `pulumi:"maxLeaseTtl"` // List of headers to whitelist and // pass from the request to the backend. PassthroughRequestHeaders []string `pulumi:"passthroughRequestHeaders"` // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType *string `pulumi:"tokenType"` }
type AuthBackendTuneArgs ¶
type AuthBackendTuneArgs struct { // List of headers to whitelist and allowing // a plugin to include them in the response. AllowedResponseHeaders pulumi.StringArrayInput `pulumi:"allowedResponseHeaders"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys pulumi.StringArrayInput `pulumi:"auditNonHmacRequestKeys"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys pulumi.StringArrayInput `pulumi:"auditNonHmacResponseKeys"` // Specifies the default time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) DefaultLeaseTtl pulumi.StringPtrInput `pulumi:"defaultLeaseTtl"` // Specifies whether to show this mount in // the UI-specific listing endpoint. Valid values are "unauth" or "hidden". ListingVisibility pulumi.StringPtrInput `pulumi:"listingVisibility"` // Specifies the maximum time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) MaxLeaseTtl pulumi.StringPtrInput `pulumi:"maxLeaseTtl"` // List of headers to whitelist and // pass from the request to the backend. PassthroughRequestHeaders pulumi.StringArrayInput `pulumi:"passthroughRequestHeaders"` // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput `pulumi:"tokenType"` }
func (AuthBackendTuneArgs) ElementType ¶
func (AuthBackendTuneArgs) ElementType() reflect.Type
func (AuthBackendTuneArgs) ToAuthBackendTuneOutput ¶
func (i AuthBackendTuneArgs) ToAuthBackendTuneOutput() AuthBackendTuneOutput
func (AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext ¶
func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
func (AuthBackendTuneArgs) ToAuthBackendTunePtrOutput ¶
func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
func (AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext ¶
func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
type AuthBackendTuneInput ¶
type AuthBackendTuneInput interface { pulumi.Input ToAuthBackendTuneOutput() AuthBackendTuneOutput ToAuthBackendTuneOutputWithContext(context.Context) AuthBackendTuneOutput }
AuthBackendTuneInput is an input type that accepts AuthBackendTuneArgs and AuthBackendTuneOutput values. You can construct a concrete instance of `AuthBackendTuneInput` via:
AuthBackendTuneArgs{...}
type AuthBackendTuneOutput ¶
type AuthBackendTuneOutput struct{ *pulumi.OutputState }
func (AuthBackendTuneOutput) AllowedResponseHeaders ¶
func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
List of headers to whitelist and allowing a plugin to include them in the response.
func (AuthBackendTuneOutput) AuditNonHmacRequestKeys ¶
func (o AuthBackendTuneOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
func (AuthBackendTuneOutput) AuditNonHmacResponseKeys ¶
func (o AuthBackendTuneOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
func (AuthBackendTuneOutput) DefaultLeaseTtl ¶
func (o AuthBackendTuneOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
Specifies the default time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTuneOutput) ElementType ¶
func (AuthBackendTuneOutput) ElementType() reflect.Type
func (AuthBackendTuneOutput) ListingVisibility ¶
func (o AuthBackendTuneOutput) ListingVisibility() pulumi.StringPtrOutput
Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
func (AuthBackendTuneOutput) MaxLeaseTtl ¶
func (o AuthBackendTuneOutput) MaxLeaseTtl() pulumi.StringPtrOutput
Specifies the maximum time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTuneOutput) PassthroughRequestHeaders ¶
func (o AuthBackendTuneOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
List of headers to whitelist and pass from the request to the backend.
func (AuthBackendTuneOutput) ToAuthBackendTuneOutput ¶
func (o AuthBackendTuneOutput) ToAuthBackendTuneOutput() AuthBackendTuneOutput
func (AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext ¶
func (o AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
func (AuthBackendTuneOutput) ToAuthBackendTunePtrOutput ¶
func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
func (AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext ¶
func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
func (AuthBackendTuneOutput) TokenType ¶
func (o AuthBackendTuneOutput) TokenType() pulumi.StringPtrOutput
Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch".
type AuthBackendTunePtrInput ¶
type AuthBackendTunePtrInput interface { pulumi.Input ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput ToAuthBackendTunePtrOutputWithContext(context.Context) AuthBackendTunePtrOutput }
AuthBackendTunePtrInput is an input type that accepts AuthBackendTuneArgs, AuthBackendTunePtr and AuthBackendTunePtrOutput values. You can construct a concrete instance of `AuthBackendTunePtrInput` via:
AuthBackendTuneArgs{...} or: nil
func AuthBackendTunePtr ¶
func AuthBackendTunePtr(v *AuthBackendTuneArgs) AuthBackendTunePtrInput
type AuthBackendTunePtrOutput ¶
type AuthBackendTunePtrOutput struct{ *pulumi.OutputState }
func (AuthBackendTunePtrOutput) AllowedResponseHeaders ¶
func (o AuthBackendTunePtrOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
List of headers to whitelist and allowing a plugin to include them in the response.
func (AuthBackendTunePtrOutput) AuditNonHmacRequestKeys ¶
func (o AuthBackendTunePtrOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
func (AuthBackendTunePtrOutput) AuditNonHmacResponseKeys ¶
func (o AuthBackendTunePtrOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
func (AuthBackendTunePtrOutput) DefaultLeaseTtl ¶
func (o AuthBackendTunePtrOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
Specifies the default time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTunePtrOutput) Elem ¶
func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput
func (AuthBackendTunePtrOutput) ElementType ¶
func (AuthBackendTunePtrOutput) ElementType() reflect.Type
func (AuthBackendTunePtrOutput) ListingVisibility ¶
func (o AuthBackendTunePtrOutput) ListingVisibility() pulumi.StringPtrOutput
Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
func (AuthBackendTunePtrOutput) MaxLeaseTtl ¶
func (o AuthBackendTunePtrOutput) MaxLeaseTtl() pulumi.StringPtrOutput
Specifies the maximum time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTunePtrOutput) PassthroughRequestHeaders ¶
func (o AuthBackendTunePtrOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
List of headers to whitelist and pass from the request to the backend.
func (AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput ¶
func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
func (AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext ¶
func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
func (AuthBackendTunePtrOutput) TokenType ¶
func (o AuthBackendTunePtrOutput) TokenType() pulumi.StringPtrOutput
Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch".
type Team ¶
type Team struct { pulumi.CustomResourceState // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrOutput `pulumi:"backend"` // An array of strings specifying the policies to be set on tokens // issued using this role. Policies pulumi.StringArrayOutput `pulumi:"policies"` // GitHub team name in "slugified" format. Team pulumi.StringOutput `pulumi:"team"` // Specifies the blocks of IP addresses which are allowed to use the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"` // Generated Token's Explicit Maximum TTL in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"` // The maximum lifetime of the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"` // If true, the 'default' policy will not automatically be added to generated tokens // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"` // The maximum number of times a token may be used, a value of zero means unlimited // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"` // Generated Token's Period // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"` // Generated Token's Policies // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"` // The initial ttl of the token to generate in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` // The type of token to generate, service or batch // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` }
Manages policy mappings for Github Teams authenticated via Github. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/github" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{ Organization: pulumi.String("myorg"), }) if err != nil { return err } _, err = github.NewTeam(ctx, "tfDevs", &github.TeamArgs{ Backend: example.ID(), Team: pulumi.String("terraform-developers"), Policies: pulumi.StringArray{ pulumi.String("developer"), pulumi.String("read-only"), }, }) if err != nil { return err } return nil }) }
```
## Import
Github team mappings can be imported using the `path`, e.g.
```sh
$ pulumi import vault:github/team:Team tf_devs auth/github/map/teams/terraform-developers
```
func GetTeam ¶
func GetTeam(ctx *pulumi.Context, name string, id pulumi.IDInput, state *TeamState, opts ...pulumi.ResourceOption) (*Team, error)
GetTeam gets an existing Team resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewTeam ¶
func NewTeam(ctx *pulumi.Context, name string, args *TeamArgs, opts ...pulumi.ResourceOption) (*Team, error)
NewTeam registers a new resource with the given unique name, arguments, and options.
func (*Team) ElementType ¶
func (*Team) ToTeamOutput ¶
func (i *Team) ToTeamOutput() TeamOutput
func (*Team) ToTeamOutputWithContext ¶
func (i *Team) ToTeamOutputWithContext(ctx context.Context) TeamOutput
func (*Team) ToTeamPtrOutput ¶
func (i *Team) ToTeamPtrOutput() TeamPtrOutput
func (*Team) ToTeamPtrOutputWithContext ¶
func (i *Team) ToTeamPtrOutputWithContext(ctx context.Context) TeamPtrOutput
type TeamArgs ¶
type TeamArgs struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens // issued using this role. Policies pulumi.StringArrayInput // GitHub team name in "slugified" format. Team pulumi.StringInput // Specifies the blocks of IP addresses which are allowed to use the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenBoundCidrs pulumi.StringArrayInput // Generated Token's Explicit Maximum TTL in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime of the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenMaxTtl pulumi.IntPtrInput // If true, the 'default' policy will not automatically be added to generated tokens // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNoDefaultPolicy pulumi.BoolPtrInput // The maximum number of times a token may be used, a value of zero means unlimited // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNumUses pulumi.IntPtrInput // Generated Token's Period // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPeriod pulumi.IntPtrInput // Generated Token's Policies // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPolicies pulumi.StringArrayInput // The initial ttl of the token to generate in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenTtl pulumi.IntPtrInput // The type of token to generate, service or batch // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenType pulumi.StringPtrInput }
The set of arguments for constructing a Team resource.
func (TeamArgs) ElementType ¶
type TeamArray ¶
type TeamArray []TeamInput
func (TeamArray) ElementType ¶
func (TeamArray) ToTeamArrayOutput ¶
func (i TeamArray) ToTeamArrayOutput() TeamArrayOutput
func (TeamArray) ToTeamArrayOutputWithContext ¶
func (i TeamArray) ToTeamArrayOutputWithContext(ctx context.Context) TeamArrayOutput
type TeamArrayInput ¶
type TeamArrayInput interface { pulumi.Input ToTeamArrayOutput() TeamArrayOutput ToTeamArrayOutputWithContext(context.Context) TeamArrayOutput }
TeamArrayInput is an input type that accepts TeamArray and TeamArrayOutput values. You can construct a concrete instance of `TeamArrayInput` via:
TeamArray{ TeamArgs{...} }
type TeamArrayOutput ¶
type TeamArrayOutput struct{ *pulumi.OutputState }
func (TeamArrayOutput) ElementType ¶
func (TeamArrayOutput) ElementType() reflect.Type
func (TeamArrayOutput) Index ¶
func (o TeamArrayOutput) Index(i pulumi.IntInput) TeamOutput
func (TeamArrayOutput) ToTeamArrayOutput ¶
func (o TeamArrayOutput) ToTeamArrayOutput() TeamArrayOutput
func (TeamArrayOutput) ToTeamArrayOutputWithContext ¶
func (o TeamArrayOutput) ToTeamArrayOutputWithContext(ctx context.Context) TeamArrayOutput
type TeamInput ¶
type TeamInput interface { pulumi.Input ToTeamOutput() TeamOutput ToTeamOutputWithContext(ctx context.Context) TeamOutput }
type TeamMap ¶
func (TeamMap) ElementType ¶
func (TeamMap) ToTeamMapOutput ¶
func (i TeamMap) ToTeamMapOutput() TeamMapOutput
func (TeamMap) ToTeamMapOutputWithContext ¶
func (i TeamMap) ToTeamMapOutputWithContext(ctx context.Context) TeamMapOutput
type TeamMapInput ¶
type TeamMapInput interface { pulumi.Input ToTeamMapOutput() TeamMapOutput ToTeamMapOutputWithContext(context.Context) TeamMapOutput }
TeamMapInput is an input type that accepts TeamMap and TeamMapOutput values. You can construct a concrete instance of `TeamMapInput` via:
TeamMap{ "key": TeamArgs{...} }
type TeamMapOutput ¶
type TeamMapOutput struct{ *pulumi.OutputState }
func (TeamMapOutput) ElementType ¶
func (TeamMapOutput) ElementType() reflect.Type
func (TeamMapOutput) MapIndex ¶
func (o TeamMapOutput) MapIndex(k pulumi.StringInput) TeamOutput
func (TeamMapOutput) ToTeamMapOutput ¶
func (o TeamMapOutput) ToTeamMapOutput() TeamMapOutput
func (TeamMapOutput) ToTeamMapOutputWithContext ¶
func (o TeamMapOutput) ToTeamMapOutputWithContext(ctx context.Context) TeamMapOutput
type TeamOutput ¶
type TeamOutput struct{ *pulumi.OutputState }
func (TeamOutput) ElementType ¶
func (TeamOutput) ElementType() reflect.Type
func (TeamOutput) ToTeamOutput ¶
func (o TeamOutput) ToTeamOutput() TeamOutput
func (TeamOutput) ToTeamOutputWithContext ¶
func (o TeamOutput) ToTeamOutputWithContext(ctx context.Context) TeamOutput
func (TeamOutput) ToTeamPtrOutput ¶
func (o TeamOutput) ToTeamPtrOutput() TeamPtrOutput
func (TeamOutput) ToTeamPtrOutputWithContext ¶
func (o TeamOutput) ToTeamPtrOutputWithContext(ctx context.Context) TeamPtrOutput
type TeamPtrInput ¶
type TeamPtrInput interface { pulumi.Input ToTeamPtrOutput() TeamPtrOutput ToTeamPtrOutputWithContext(ctx context.Context) TeamPtrOutput }
type TeamPtrOutput ¶
type TeamPtrOutput struct{ *pulumi.OutputState }
func (TeamPtrOutput) Elem ¶ added in v4.6.0
func (o TeamPtrOutput) Elem() TeamOutput
func (TeamPtrOutput) ElementType ¶
func (TeamPtrOutput) ElementType() reflect.Type
func (TeamPtrOutput) ToTeamPtrOutput ¶
func (o TeamPtrOutput) ToTeamPtrOutput() TeamPtrOutput
func (TeamPtrOutput) ToTeamPtrOutputWithContext ¶
func (o TeamPtrOutput) ToTeamPtrOutputWithContext(ctx context.Context) TeamPtrOutput
type TeamState ¶
type TeamState struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens // issued using this role. Policies pulumi.StringArrayInput // GitHub team name in "slugified" format. Team pulumi.StringPtrInput // Specifies the blocks of IP addresses which are allowed to use the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenBoundCidrs pulumi.StringArrayInput // Generated Token's Explicit Maximum TTL in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime of the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenMaxTtl pulumi.IntPtrInput // If true, the 'default' policy will not automatically be added to generated tokens // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNoDefaultPolicy pulumi.BoolPtrInput // The maximum number of times a token may be used, a value of zero means unlimited // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNumUses pulumi.IntPtrInput // Generated Token's Period // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPeriod pulumi.IntPtrInput // Generated Token's Policies // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPolicies pulumi.StringArrayInput // The initial ttl of the token to generate in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenTtl pulumi.IntPtrInput // The type of token to generate, service or batch // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenType pulumi.StringPtrInput }
func (TeamState) ElementType ¶
type User ¶
type User struct { pulumi.CustomResourceState // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrOutput `pulumi:"backend"` // An array of strings specifying the policies to be set on tokens issued // using this role. Policies pulumi.StringArrayOutput `pulumi:"policies"` // Specifies the blocks of IP addresses which are allowed to use the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"` // Generated Token's Explicit Maximum TTL in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"` // The maximum lifetime of the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"` // If true, the 'default' policy will not automatically be added to generated tokens // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"` // The maximum number of times a token may be used, a value of zero means unlimited // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"` // Generated Token's Period // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"` // Generated Token's Policies // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"` // The initial ttl of the token to generate in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` // The type of token to generate, service or batch // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` // GitHub user name. User pulumi.StringOutput `pulumi:"user"` }
Manages policy mappings for Github Users authenticated via Github. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/github" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{ Organization: pulumi.String("myorg"), }) if err != nil { return err } _, err = github.NewUser(ctx, "tfUser", &github.UserArgs{ Backend: example.ID(), User: pulumi.String("john.doe"), Policies: pulumi.StringArray{ pulumi.String("developer"), pulumi.String("read-only"), }, }) if err != nil { return err } return nil }) }
```
## Import
Github user mappings can be imported using the `path`, e.g.
```sh
$ pulumi import vault:github/user:User tf_user auth/github/map/users/john.doe
```
func GetUser ¶
func GetUser(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserState, opts ...pulumi.ResourceOption) (*User, error)
GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUser ¶
func NewUser(ctx *pulumi.Context, name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error)
NewUser registers a new resource with the given unique name, arguments, and options.
func (*User) ElementType ¶
func (*User) ToUserOutput ¶
func (i *User) ToUserOutput() UserOutput
func (*User) ToUserOutputWithContext ¶
func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput
func (*User) ToUserPtrOutput ¶
func (i *User) ToUserPtrOutput() UserPtrOutput
func (*User) ToUserPtrOutputWithContext ¶
func (i *User) ToUserPtrOutputWithContext(ctx context.Context) UserPtrOutput
type UserArgs ¶
type UserArgs struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens issued // using this role. Policies pulumi.StringArrayInput // Specifies the blocks of IP addresses which are allowed to use the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenBoundCidrs pulumi.StringArrayInput // Generated Token's Explicit Maximum TTL in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime of the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenMaxTtl pulumi.IntPtrInput // If true, the 'default' policy will not automatically be added to generated tokens // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNoDefaultPolicy pulumi.BoolPtrInput // The maximum number of times a token may be used, a value of zero means unlimited // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNumUses pulumi.IntPtrInput // Generated Token's Period // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPeriod pulumi.IntPtrInput // Generated Token's Policies // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPolicies pulumi.StringArrayInput // The initial ttl of the token to generate in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenTtl pulumi.IntPtrInput // The type of token to generate, service or batch // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenType pulumi.StringPtrInput // GitHub user name. User pulumi.StringInput }
The set of arguments for constructing a User resource.
func (UserArgs) ElementType ¶
type UserArray ¶
type UserArray []UserInput
func (UserArray) ElementType ¶
func (UserArray) ToUserArrayOutput ¶
func (i UserArray) ToUserArrayOutput() UserArrayOutput
func (UserArray) ToUserArrayOutputWithContext ¶
func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput
type UserArrayInput ¶
type UserArrayInput interface { pulumi.Input ToUserArrayOutput() UserArrayOutput ToUserArrayOutputWithContext(context.Context) UserArrayOutput }
UserArrayInput is an input type that accepts UserArray and UserArrayOutput values. You can construct a concrete instance of `UserArrayInput` via:
UserArray{ UserArgs{...} }
type UserArrayOutput ¶
type UserArrayOutput struct{ *pulumi.OutputState }
func (UserArrayOutput) ElementType ¶
func (UserArrayOutput) ElementType() reflect.Type
func (UserArrayOutput) Index ¶
func (o UserArrayOutput) Index(i pulumi.IntInput) UserOutput
func (UserArrayOutput) ToUserArrayOutput ¶
func (o UserArrayOutput) ToUserArrayOutput() UserArrayOutput
func (UserArrayOutput) ToUserArrayOutputWithContext ¶
func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput
type UserInput ¶
type UserInput interface { pulumi.Input ToUserOutput() UserOutput ToUserOutputWithContext(ctx context.Context) UserOutput }
type UserMap ¶
func (UserMap) ElementType ¶
func (UserMap) ToUserMapOutput ¶
func (i UserMap) ToUserMapOutput() UserMapOutput
func (UserMap) ToUserMapOutputWithContext ¶
func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput
type UserMapInput ¶
type UserMapInput interface { pulumi.Input ToUserMapOutput() UserMapOutput ToUserMapOutputWithContext(context.Context) UserMapOutput }
UserMapInput is an input type that accepts UserMap and UserMapOutput values. You can construct a concrete instance of `UserMapInput` via:
UserMap{ "key": UserArgs{...} }
type UserMapOutput ¶
type UserMapOutput struct{ *pulumi.OutputState }
func (UserMapOutput) ElementType ¶
func (UserMapOutput) ElementType() reflect.Type
func (UserMapOutput) MapIndex ¶
func (o UserMapOutput) MapIndex(k pulumi.StringInput) UserOutput
func (UserMapOutput) ToUserMapOutput ¶
func (o UserMapOutput) ToUserMapOutput() UserMapOutput
func (UserMapOutput) ToUserMapOutputWithContext ¶
func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput
type UserOutput ¶
type UserOutput struct{ *pulumi.OutputState }
func (UserOutput) ElementType ¶
func (UserOutput) ElementType() reflect.Type
func (UserOutput) ToUserOutput ¶
func (o UserOutput) ToUserOutput() UserOutput
func (UserOutput) ToUserOutputWithContext ¶
func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput
func (UserOutput) ToUserPtrOutput ¶
func (o UserOutput) ToUserPtrOutput() UserPtrOutput
func (UserOutput) ToUserPtrOutputWithContext ¶
func (o UserOutput) ToUserPtrOutputWithContext(ctx context.Context) UserPtrOutput
type UserPtrInput ¶
type UserPtrInput interface { pulumi.Input ToUserPtrOutput() UserPtrOutput ToUserPtrOutputWithContext(ctx context.Context) UserPtrOutput }
type UserPtrOutput ¶
type UserPtrOutput struct{ *pulumi.OutputState }
func (UserPtrOutput) Elem ¶ added in v4.6.0
func (o UserPtrOutput) Elem() UserOutput
func (UserPtrOutput) ElementType ¶
func (UserPtrOutput) ElementType() reflect.Type
func (UserPtrOutput) ToUserPtrOutput ¶
func (o UserPtrOutput) ToUserPtrOutput() UserPtrOutput
func (UserPtrOutput) ToUserPtrOutputWithContext ¶
func (o UserPtrOutput) ToUserPtrOutputWithContext(ctx context.Context) UserPtrOutput
type UserState ¶
type UserState struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens issued // using this role. Policies pulumi.StringArrayInput // Specifies the blocks of IP addresses which are allowed to use the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenBoundCidrs pulumi.StringArrayInput // Generated Token's Explicit Maximum TTL in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenExplicitMaxTtl pulumi.IntPtrInput // The maximum lifetime of the generated token // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenMaxTtl pulumi.IntPtrInput // If true, the 'default' policy will not automatically be added to generated tokens // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNoDefaultPolicy pulumi.BoolPtrInput // The maximum number of times a token may be used, a value of zero means unlimited // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenNumUses pulumi.IntPtrInput // Generated Token's Period // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPeriod pulumi.IntPtrInput // Generated Token's Policies // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenPolicies pulumi.StringArrayInput // The initial ttl of the token to generate in seconds // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenTtl pulumi.IntPtrInput // The type of token to generate, service or batch // // Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block. TokenType pulumi.StringPtrInput // GitHub user name. User pulumi.StringPtrInput }