ssh

package
v4.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type SecretBackendCa 

type SecretBackendCa struct {
	pulumi.CustomResourceState

	// The path where the SSH secret backend is mounted. Defaults to 'ssh'
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// Whether Vault should generate the signing key pair internally. Defaults to true
	GenerateSigningKey pulumi.BoolPtrOutput `pulumi:"generateSigningKey"`
	// The private key part the SSH CA key pair; required if generateSigningKey is false.
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// The public key part the SSH CA key pair; required if generateSigningKey is false.
	PublicKey pulumi.StringOutput `pulumi:"publicKey"`
}

Provides a resource to manage CA information in an SSH secret backend [SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v4/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/ssh"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := vault.NewMount(ctx, "example", &vault.MountArgs{
			Type: pulumi.String("ssh"),
		})
		if err != nil {
			return err
		}
		_, err = ssh.NewSecretBackendCa(ctx, "foo", &ssh.SecretBackendCaArgs{
			Backend: example.Path,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetSecretBackendCa 

func GetSecretBackendCa(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendCaState, opts ...pulumi.ResourceOption) (*SecretBackendCa, error)

GetSecretBackendCa gets an existing SecretBackendCa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendCa 

func NewSecretBackendCa(ctx *pulumi.Context,
	name string, args *SecretBackendCaArgs, opts ...pulumi.ResourceOption) (*SecretBackendCa, error)

NewSecretBackendCa registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendCa) ElementType 

func (*SecretBackendCa) ElementType() reflect.Type

func (*SecretBackendCa) ToSecretBackendCaOutput 

func (i *SecretBackendCa) ToSecretBackendCaOutput() SecretBackendCaOutput

func (*SecretBackendCa) ToSecretBackendCaOutputWithContext 

func (i *SecretBackendCa) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput

func (*SecretBackendCa) ToSecretBackendCaPtrOutput 

func (i *SecretBackendCa) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput

func (*SecretBackendCa) ToSecretBackendCaPtrOutputWithContext 

func (i *SecretBackendCa) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput

type SecretBackendCaArgs 

type SecretBackendCaArgs struct {
	// The path where the SSH secret backend is mounted. Defaults to 'ssh'
	Backend pulumi.StringPtrInput
	// Whether Vault should generate the signing key pair internally. Defaults to true
	GenerateSigningKey pulumi.BoolPtrInput
	// The private key part the SSH CA key pair; required if generateSigningKey is false.
	PrivateKey pulumi.StringPtrInput
	// The public key part the SSH CA key pair; required if generateSigningKey is false.
	PublicKey pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendCa resource.

func (SecretBackendCaArgs) ElementType 

func (SecretBackendCaArgs) ElementType() reflect.Type

type SecretBackendCaArray 

type SecretBackendCaArray []SecretBackendCaInput

func (SecretBackendCaArray) ElementType 

func (SecretBackendCaArray) ElementType() reflect.Type

func (SecretBackendCaArray) ToSecretBackendCaArrayOutput 

func (i SecretBackendCaArray) ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput

func (SecretBackendCaArray) ToSecretBackendCaArrayOutputWithContext 

func (i SecretBackendCaArray) ToSecretBackendCaArrayOutputWithContext(ctx context.Context) SecretBackendCaArrayOutput

type SecretBackendCaArrayInput 

type SecretBackendCaArrayInput interface {
	pulumi.Input

	ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput
	ToSecretBackendCaArrayOutputWithContext(context.Context) SecretBackendCaArrayOutput
}

SecretBackendCaArrayInput is an input type that accepts SecretBackendCaArray and SecretBackendCaArrayOutput values. You can construct a concrete instance of `SecretBackendCaArrayInput` via: 

SecretBackendCaArray{ SecretBackendCaArgs{...} }

type SecretBackendCaArrayOutput 

type SecretBackendCaArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendCaArrayOutput) ElementType 

func (SecretBackendCaArrayOutput) ElementType() reflect.Type

func (SecretBackendCaArrayOutput) Index 

func (o SecretBackendCaArrayOutput) Index(i pulumi.IntInput) SecretBackendCaOutput

func (SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutput 

func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput

func (SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext 

func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext(ctx context.Context) SecretBackendCaArrayOutput

type SecretBackendCaInput 

type SecretBackendCaInput interface {
	pulumi.Input

	ToSecretBackendCaOutput() SecretBackendCaOutput
	ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput
}

type SecretBackendCaMap 

type SecretBackendCaMap map[string]SecretBackendCaInput

func (SecretBackendCaMap) ElementType 

func (SecretBackendCaMap) ElementType() reflect.Type

func (SecretBackendCaMap) ToSecretBackendCaMapOutput 

func (i SecretBackendCaMap) ToSecretBackendCaMapOutput() SecretBackendCaMapOutput

func (SecretBackendCaMap) ToSecretBackendCaMapOutputWithContext 

func (i SecretBackendCaMap) ToSecretBackendCaMapOutputWithContext(ctx context.Context) SecretBackendCaMapOutput

type SecretBackendCaMapInput 

type SecretBackendCaMapInput interface {
	pulumi.Input

	ToSecretBackendCaMapOutput() SecretBackendCaMapOutput
	ToSecretBackendCaMapOutputWithContext(context.Context) SecretBackendCaMapOutput
}

SecretBackendCaMapInput is an input type that accepts SecretBackendCaMap and SecretBackendCaMapOutput values. You can construct a concrete instance of `SecretBackendCaMapInput` via: 

SecretBackendCaMap{ "key": SecretBackendCaArgs{...} }

type SecretBackendCaMapOutput 

type SecretBackendCaMapOutput struct{ *pulumi.OutputState }

func (SecretBackendCaMapOutput) ElementType 

func (SecretBackendCaMapOutput) ElementType() reflect.Type

func (SecretBackendCaMapOutput) MapIndex 

func (o SecretBackendCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCaOutput

func (SecretBackendCaMapOutput) ToSecretBackendCaMapOutput 

func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutput() SecretBackendCaMapOutput

func (SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext 

func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext(ctx context.Context) SecretBackendCaMapOutput

type SecretBackendCaOutput 

type SecretBackendCaOutput struct{ *pulumi.OutputState }

func (SecretBackendCaOutput) ElementType 

func (SecretBackendCaOutput) ElementType() reflect.Type

func (SecretBackendCaOutput) ToSecretBackendCaOutput 

func (o SecretBackendCaOutput) ToSecretBackendCaOutput() SecretBackendCaOutput

func (SecretBackendCaOutput) ToSecretBackendCaOutputWithContext 

func (o SecretBackendCaOutput) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput

func (SecretBackendCaOutput) ToSecretBackendCaPtrOutput 

func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput

func (SecretBackendCaOutput) ToSecretBackendCaPtrOutputWithContext 

func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput

type SecretBackendCaPtrInput 

type SecretBackendCaPtrInput interface {
	pulumi.Input

	ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
	ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
}

type SecretBackendCaPtrOutput 

type SecretBackendCaPtrOutput struct{ *pulumi.OutputState }

func (SecretBackendCaPtrOutput) Elem added in v4.6.0 

func (o SecretBackendCaPtrOutput) Elem() SecretBackendCaOutput

func (SecretBackendCaPtrOutput) ElementType 

func (SecretBackendCaPtrOutput) ElementType() reflect.Type

func (SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutput 

func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput

func (SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutputWithContext 

func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput

type SecretBackendCaState 

type SecretBackendCaState struct {
	// The path where the SSH secret backend is mounted. Defaults to 'ssh'
	Backend pulumi.StringPtrInput
	// Whether Vault should generate the signing key pair internally. Defaults to true
	GenerateSigningKey pulumi.BoolPtrInput
	// The private key part the SSH CA key pair; required if generateSigningKey is false.
	PrivateKey pulumi.StringPtrInput
	// The public key part the SSH CA key pair; required if generateSigningKey is false.
	PublicKey pulumi.StringPtrInput
}

func (SecretBackendCaState) ElementType 

func (SecretBackendCaState) ElementType() reflect.Type

type SecretBackendRole 

type SecretBackendRole struct {
	pulumi.CustomResourceState

	// When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
	AlgorithmSigner pulumi.StringOutput `pulumi:"algorithmSigner"`
	// Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`.
	AllowBareDomains pulumi.BoolPtrOutput `pulumi:"allowBareDomains"`
	// Specifies if certificates are allowed to be signed for use as a 'host'.
	AllowHostCertificates pulumi.BoolPtrOutput `pulumi:"allowHostCertificates"`
	// Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`.
	AllowSubdomains pulumi.BoolPtrOutput `pulumi:"allowSubdomains"`
	// Specifies if certificates are allowed to be signed for use as a 'user'.
	AllowUserCertificates pulumi.BoolPtrOutput `pulumi:"allowUserCertificates"`
	// Specifies if users can override the key ID for a signed certificate with the `keyId` field.
	AllowUserKeyIds pulumi.BoolPtrOutput `pulumi:"allowUserKeyIds"`
	// Specifies a comma-separated list of critical options that certificates can have when signed.
	AllowedCriticalOptions pulumi.StringPtrOutput `pulumi:"allowedCriticalOptions"`
	// The list of domains for which a client can request a host certificate.
	AllowedDomains pulumi.StringPtrOutput `pulumi:"allowedDomains"`
	// Specifies a comma-separated list of extensions that certificates can have when signed.
	AllowedExtensions pulumi.StringPtrOutput `pulumi:"allowedExtensions"`
	// Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type.
	AllowedUserKeyLengths pulumi.MapOutput `pulumi:"allowedUserKeyLengths"`
	// Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
	AllowedUsers pulumi.StringPtrOutput `pulumi:"allowedUsers"`
	// Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted.
	AllowedUsersTemplate pulumi.BoolPtrOutput `pulumi:"allowedUsersTemplate"`
	// The path where the SSH secret backend is mounted.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The comma-separated string of CIDR blocks for which this role is applicable.
	CidrList pulumi.StringPtrOutput `pulumi:"cidrList"`
	// Specifies a map of critical options that certificates have when signed.
	DefaultCriticalOptions pulumi.MapOutput `pulumi:"defaultCriticalOptions"`
	// Specifies a map of extensions that certificates have when signed.
	DefaultExtensions pulumi.MapOutput `pulumi:"defaultExtensions"`
	// Specifies the default username for which a credential will be generated.
	DefaultUser pulumi.StringPtrOutput `pulumi:"defaultUser"`
	// Specifies a custom format for the key id of a signed certificate.
	KeyIdFormat pulumi.StringPtrOutput `pulumi:"keyIdFormat"`
	// Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
	KeyType pulumi.StringOutput `pulumi:"keyType"`
	// Specifies the maximum Time To Live value.
	MaxTtl pulumi.StringOutput `pulumi:"maxTtl"`
	// Specifies the name of the role to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// Specifies the Time To Live value.
	Ttl pulumi.StringOutput `pulumi:"ttl"`
}

Provides a resource to manage roles in an SSH secret backend [SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v4/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/ssh"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := vault.NewMount(ctx, "example", &vault.MountArgs{
			Type: pulumi.String("ssh"),
		})
		if err != nil {
			return err
		}
		_, err = ssh.NewSecretBackendRole(ctx, "foo", &ssh.SecretBackendRoleArgs{
			Backend:               example.Path,
			KeyType:               pulumi.String("ca"),
			AllowUserCertificates: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = ssh.NewSecretBackendRole(ctx, "bar", &ssh.SecretBackendRoleArgs{
			Backend:      example.Path,
			KeyType:      pulumi.String("otp"),
			DefaultUser:  pulumi.String("default"),
			AllowedUsers: pulumi.String("default,baz"),
			CidrList:     pulumi.String("0.0.0.0/0"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SSH secret backend roles can be imported using the `path`, e.g.

```sh 

$ pulumi import vault:ssh/secretBackendRole:SecretBackendRole foo ssh/roles/my-role

```

func GetSecretBackendRole 

func GetSecretBackendRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRole 

func NewSecretBackendRole(ctx *pulumi.Context,
	name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRole) ElementType 

func (*SecretBackendRole) ElementType() reflect.Type

func (*SecretBackendRole) ToSecretBackendRoleOutput 

func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext 

func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

func (*SecretBackendRole) ToSecretBackendRolePtrOutput 

func (i *SecretBackendRole) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput

func (*SecretBackendRole) ToSecretBackendRolePtrOutputWithContext 

func (i *SecretBackendRole) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput

type SecretBackendRoleArgs 

type SecretBackendRoleArgs struct {
	// When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
	AlgorithmSigner pulumi.StringPtrInput
	// Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`.
	AllowBareDomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'host'.
	AllowHostCertificates pulumi.BoolPtrInput
	// Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`.
	AllowSubdomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'user'.
	AllowUserCertificates pulumi.BoolPtrInput
	// Specifies if users can override the key ID for a signed certificate with the `keyId` field.
	AllowUserKeyIds pulumi.BoolPtrInput
	// Specifies a comma-separated list of critical options that certificates can have when signed.
	AllowedCriticalOptions pulumi.StringPtrInput
	// The list of domains for which a client can request a host certificate.
	AllowedDomains pulumi.StringPtrInput
	// Specifies a comma-separated list of extensions that certificates can have when signed.
	AllowedExtensions pulumi.StringPtrInput
	// Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type.
	AllowedUserKeyLengths pulumi.MapInput
	// Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
	AllowedUsers pulumi.StringPtrInput
	// Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted.
	AllowedUsersTemplate pulumi.BoolPtrInput
	// The path where the SSH secret backend is mounted.
	Backend pulumi.StringInput
	// The comma-separated string of CIDR blocks for which this role is applicable.
	CidrList pulumi.StringPtrInput
	// Specifies a map of critical options that certificates have when signed.
	DefaultCriticalOptions pulumi.MapInput
	// Specifies a map of extensions that certificates have when signed.
	DefaultExtensions pulumi.MapInput
	// Specifies the default username for which a credential will be generated.
	DefaultUser pulumi.StringPtrInput
	// Specifies a custom format for the key id of a signed certificate.
	KeyIdFormat pulumi.StringPtrInput
	// Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
	KeyType pulumi.StringInput
	// Specifies the maximum Time To Live value.
	MaxTtl pulumi.StringPtrInput
	// Specifies the name of the role to create.
	Name pulumi.StringPtrInput
	// Specifies the Time To Live value.
	Ttl pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendRole resource.

func (SecretBackendRoleArgs) ElementType 

func (SecretBackendRoleArgs) ElementType() reflect.Type

type SecretBackendRoleArray 

type SecretBackendRoleArray []SecretBackendRoleInput

func (SecretBackendRoleArray) ElementType 

func (SecretBackendRoleArray) ElementType() reflect.Type

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleArrayInput 

type SecretBackendRoleArrayInput interface {
	pulumi.Input

	ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
	ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput
}

SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via: 

SecretBackendRoleArray{ SecretBackendRoleArgs{...} }

type SecretBackendRoleArrayOutput 

type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleArrayOutput) ElementType 

func (SecretBackendRoleArrayOutput) ElementType() reflect.Type

func (SecretBackendRoleArrayOutput) Index 

func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleInput 

type SecretBackendRoleInput interface {
	pulumi.Input

	ToSecretBackendRoleOutput() SecretBackendRoleOutput
	ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
}

type SecretBackendRoleMap 

type SecretBackendRoleMap map[string]SecretBackendRoleInput

func (SecretBackendRoleMap) ElementType 

func (SecretBackendRoleMap) ElementType() reflect.Type

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleMapInput 

type SecretBackendRoleMapInput interface {
	pulumi.Input

	ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
	ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput
}

SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via: 

SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }

type SecretBackendRoleMapOutput 

type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleMapOutput) ElementType 

func (SecretBackendRoleMapOutput) ElementType() reflect.Type

func (SecretBackendRoleMapOutput) MapIndex 

func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleOutput 

type SecretBackendRoleOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleOutput) ElementType 

func (SecretBackendRoleOutput) ElementType() reflect.Type

func (SecretBackendRoleOutput) ToSecretBackendRoleOutput 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutput 

func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput

func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext 

func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput

type SecretBackendRolePtrInput 

type SecretBackendRolePtrInput interface {
	pulumi.Input

	ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
	ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
}

type SecretBackendRolePtrOutput 

type SecretBackendRolePtrOutput struct{ *pulumi.OutputState }

func (SecretBackendRolePtrOutput) Elem added in v4.6.0 

func (o SecretBackendRolePtrOutput) Elem() SecretBackendRoleOutput

func (SecretBackendRolePtrOutput) ElementType 

func (SecretBackendRolePtrOutput) ElementType() reflect.Type

func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput 

func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput

func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext 

func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput

type SecretBackendRoleState 

type SecretBackendRoleState struct {
	// When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
	AlgorithmSigner pulumi.StringPtrInput
	// Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`.
	AllowBareDomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'host'.
	AllowHostCertificates pulumi.BoolPtrInput
	// Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`.
	AllowSubdomains pulumi.BoolPtrInput
	// Specifies if certificates are allowed to be signed for use as a 'user'.
	AllowUserCertificates pulumi.BoolPtrInput
	// Specifies if users can override the key ID for a signed certificate with the `keyId` field.
	AllowUserKeyIds pulumi.BoolPtrInput
	// Specifies a comma-separated list of critical options that certificates can have when signed.
	AllowedCriticalOptions pulumi.StringPtrInput
	// The list of domains for which a client can request a host certificate.
	AllowedDomains pulumi.StringPtrInput
	// Specifies a comma-separated list of extensions that certificates can have when signed.
	AllowedExtensions pulumi.StringPtrInput
	// Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type.
	AllowedUserKeyLengths pulumi.MapInput
	// Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
	AllowedUsers pulumi.StringPtrInput
	// Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted.
	AllowedUsersTemplate pulumi.BoolPtrInput
	// The path where the SSH secret backend is mounted.
	Backend pulumi.StringPtrInput
	// The comma-separated string of CIDR blocks for which this role is applicable.
	CidrList pulumi.StringPtrInput
	// Specifies a map of critical options that certificates have when signed.
	DefaultCriticalOptions pulumi.MapInput
	// Specifies a map of extensions that certificates have when signed.
	DefaultExtensions pulumi.MapInput
	// Specifies the default username for which a credential will be generated.
	DefaultUser pulumi.StringPtrInput
	// Specifies a custom format for the key id of a signed certificate.
	KeyIdFormat pulumi.StringPtrInput
	// Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
	KeyType pulumi.StringPtrInput
	// Specifies the maximum Time To Live value.
	MaxTtl pulumi.StringPtrInput
	// Specifies the name of the role to create.
	Name pulumi.StringPtrInput
	// Specifies the Time To Live value.
	Ttl pulumi.StringPtrInput
}

func (SecretBackendRoleState) ElementType 

func (SecretBackendRoleState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.