Documentation ¶
Index ¶
- type SecretBackendCa
- func (*SecretBackendCa) ElementType() reflect.Type
- func (i *SecretBackendCa) ToSecretBackendCaOutput() SecretBackendCaOutput
- func (i *SecretBackendCa) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput
- func (i *SecretBackendCa) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
- func (i *SecretBackendCa) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
- type SecretBackendCaArgs
- type SecretBackendCaArray
- type SecretBackendCaArrayInput
- type SecretBackendCaArrayOutput
- func (SecretBackendCaArrayOutput) ElementType() reflect.Type
- func (o SecretBackendCaArrayOutput) Index(i pulumi.IntInput) SecretBackendCaOutput
- func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput
- func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext(ctx context.Context) SecretBackendCaArrayOutput
- type SecretBackendCaInput
- type SecretBackendCaMap
- type SecretBackendCaMapInput
- type SecretBackendCaMapOutput
- func (SecretBackendCaMapOutput) ElementType() reflect.Type
- func (o SecretBackendCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCaOutput
- func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutput() SecretBackendCaMapOutput
- func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext(ctx context.Context) SecretBackendCaMapOutput
- type SecretBackendCaOutput
- func (SecretBackendCaOutput) ElementType() reflect.Type
- func (o SecretBackendCaOutput) ToSecretBackendCaOutput() SecretBackendCaOutput
- func (o SecretBackendCaOutput) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput
- func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
- func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
- type SecretBackendCaPtrInput
- type SecretBackendCaPtrOutput
- func (o SecretBackendCaPtrOutput) Elem() SecretBackendCaOutput
- func (SecretBackendCaPtrOutput) ElementType() reflect.Type
- func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
- func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
- type SecretBackendCaState
- type SecretBackendRole
- func (*SecretBackendRole) ElementType() reflect.Type
- func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput
- func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
- func (i *SecretBackendRole) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
- func (i *SecretBackendRole) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
- type SecretBackendRoleArgs
- type SecretBackendRoleArray
- type SecretBackendRoleArrayInput
- type SecretBackendRoleArrayOutput
- func (SecretBackendRoleArrayOutput) ElementType() reflect.Type
- func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput
- func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
- func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
- type SecretBackendRoleInput
- type SecretBackendRoleMap
- type SecretBackendRoleMapInput
- type SecretBackendRoleMapOutput
- func (SecretBackendRoleMapOutput) ElementType() reflect.Type
- func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput
- func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
- func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
- type SecretBackendRoleOutput
- func (SecretBackendRoleOutput) ElementType() reflect.Type
- func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
- type SecretBackendRolePtrInput
- type SecretBackendRolePtrOutput
- func (o SecretBackendRolePtrOutput) Elem() SecretBackendRoleOutput
- func (SecretBackendRolePtrOutput) ElementType() reflect.Type
- func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
- func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
- type SecretBackendRoleState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecretBackendCa ¶
type SecretBackendCa struct { pulumi.CustomResourceState // The path where the SSH secret backend is mounted. Defaults to 'ssh' Backend pulumi.StringPtrOutput `pulumi:"backend"` // Whether Vault should generate the signing key pair internally. Defaults to true GenerateSigningKey pulumi.BoolPtrOutput `pulumi:"generateSigningKey"` // The private key part the SSH CA key pair; required if generateSigningKey is false. PrivateKey pulumi.StringOutput `pulumi:"privateKey"` // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey pulumi.StringOutput `pulumi:"publicKey"` }
Provides a resource to manage CA information in an SSH secret backend [SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/ssh" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := vault.NewMount(ctx, "example", &vault.MountArgs{ Type: pulumi.String("ssh"), }) if err != nil { return err } _, err = ssh.NewSecretBackendCa(ctx, "foo", &ssh.SecretBackendCaArgs{ Backend: example.Path, }) if err != nil { return err } return nil }) }
```
func GetSecretBackendCa ¶
func GetSecretBackendCa(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendCaState, opts ...pulumi.ResourceOption) (*SecretBackendCa, error)
GetSecretBackendCa gets an existing SecretBackendCa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackendCa ¶
func NewSecretBackendCa(ctx *pulumi.Context, name string, args *SecretBackendCaArgs, opts ...pulumi.ResourceOption) (*SecretBackendCa, error)
NewSecretBackendCa registers a new resource with the given unique name, arguments, and options.
func (*SecretBackendCa) ElementType ¶
func (*SecretBackendCa) ElementType() reflect.Type
func (*SecretBackendCa) ToSecretBackendCaOutput ¶
func (i *SecretBackendCa) ToSecretBackendCaOutput() SecretBackendCaOutput
func (*SecretBackendCa) ToSecretBackendCaOutputWithContext ¶
func (i *SecretBackendCa) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput
func (*SecretBackendCa) ToSecretBackendCaPtrOutput ¶
func (i *SecretBackendCa) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
func (*SecretBackendCa) ToSecretBackendCaPtrOutputWithContext ¶
func (i *SecretBackendCa) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
type SecretBackendCaArgs ¶
type SecretBackendCaArgs struct { // The path where the SSH secret backend is mounted. Defaults to 'ssh' Backend pulumi.StringPtrInput // Whether Vault should generate the signing key pair internally. Defaults to true GenerateSigningKey pulumi.BoolPtrInput // The private key part the SSH CA key pair; required if generateSigningKey is false. PrivateKey pulumi.StringPtrInput // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey pulumi.StringPtrInput }
The set of arguments for constructing a SecretBackendCa resource.
func (SecretBackendCaArgs) ElementType ¶
func (SecretBackendCaArgs) ElementType() reflect.Type
type SecretBackendCaArray ¶
type SecretBackendCaArray []SecretBackendCaInput
func (SecretBackendCaArray) ElementType ¶
func (SecretBackendCaArray) ElementType() reflect.Type
func (SecretBackendCaArray) ToSecretBackendCaArrayOutput ¶
func (i SecretBackendCaArray) ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput
func (SecretBackendCaArray) ToSecretBackendCaArrayOutputWithContext ¶
func (i SecretBackendCaArray) ToSecretBackendCaArrayOutputWithContext(ctx context.Context) SecretBackendCaArrayOutput
type SecretBackendCaArrayInput ¶
type SecretBackendCaArrayInput interface { pulumi.Input ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput ToSecretBackendCaArrayOutputWithContext(context.Context) SecretBackendCaArrayOutput }
SecretBackendCaArrayInput is an input type that accepts SecretBackendCaArray and SecretBackendCaArrayOutput values. You can construct a concrete instance of `SecretBackendCaArrayInput` via:
SecretBackendCaArray{ SecretBackendCaArgs{...} }
type SecretBackendCaArrayOutput ¶
type SecretBackendCaArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendCaArrayOutput) ElementType ¶
func (SecretBackendCaArrayOutput) ElementType() reflect.Type
func (SecretBackendCaArrayOutput) Index ¶
func (o SecretBackendCaArrayOutput) Index(i pulumi.IntInput) SecretBackendCaOutput
func (SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutput ¶
func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutput() SecretBackendCaArrayOutput
func (SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext ¶
func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext(ctx context.Context) SecretBackendCaArrayOutput
type SecretBackendCaInput ¶
type SecretBackendCaInput interface { pulumi.Input ToSecretBackendCaOutput() SecretBackendCaOutput ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput }
type SecretBackendCaMap ¶
type SecretBackendCaMap map[string]SecretBackendCaInput
func (SecretBackendCaMap) ElementType ¶
func (SecretBackendCaMap) ElementType() reflect.Type
func (SecretBackendCaMap) ToSecretBackendCaMapOutput ¶
func (i SecretBackendCaMap) ToSecretBackendCaMapOutput() SecretBackendCaMapOutput
func (SecretBackendCaMap) ToSecretBackendCaMapOutputWithContext ¶
func (i SecretBackendCaMap) ToSecretBackendCaMapOutputWithContext(ctx context.Context) SecretBackendCaMapOutput
type SecretBackendCaMapInput ¶
type SecretBackendCaMapInput interface { pulumi.Input ToSecretBackendCaMapOutput() SecretBackendCaMapOutput ToSecretBackendCaMapOutputWithContext(context.Context) SecretBackendCaMapOutput }
SecretBackendCaMapInput is an input type that accepts SecretBackendCaMap and SecretBackendCaMapOutput values. You can construct a concrete instance of `SecretBackendCaMapInput` via:
SecretBackendCaMap{ "key": SecretBackendCaArgs{...} }
type SecretBackendCaMapOutput ¶
type SecretBackendCaMapOutput struct{ *pulumi.OutputState }
func (SecretBackendCaMapOutput) ElementType ¶
func (SecretBackendCaMapOutput) ElementType() reflect.Type
func (SecretBackendCaMapOutput) MapIndex ¶
func (o SecretBackendCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCaOutput
func (SecretBackendCaMapOutput) ToSecretBackendCaMapOutput ¶
func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutput() SecretBackendCaMapOutput
func (SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext ¶
func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext(ctx context.Context) SecretBackendCaMapOutput
type SecretBackendCaOutput ¶
type SecretBackendCaOutput struct{ *pulumi.OutputState }
func (SecretBackendCaOutput) ElementType ¶
func (SecretBackendCaOutput) ElementType() reflect.Type
func (SecretBackendCaOutput) ToSecretBackendCaOutput ¶
func (o SecretBackendCaOutput) ToSecretBackendCaOutput() SecretBackendCaOutput
func (SecretBackendCaOutput) ToSecretBackendCaOutputWithContext ¶
func (o SecretBackendCaOutput) ToSecretBackendCaOutputWithContext(ctx context.Context) SecretBackendCaOutput
func (SecretBackendCaOutput) ToSecretBackendCaPtrOutput ¶
func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
func (SecretBackendCaOutput) ToSecretBackendCaPtrOutputWithContext ¶
func (o SecretBackendCaOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
type SecretBackendCaPtrInput ¶
type SecretBackendCaPtrInput interface { pulumi.Input ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput }
type SecretBackendCaPtrOutput ¶
type SecretBackendCaPtrOutput struct{ *pulumi.OutputState }
func (SecretBackendCaPtrOutput) Elem ¶ added in v4.6.0
func (o SecretBackendCaPtrOutput) Elem() SecretBackendCaOutput
func (SecretBackendCaPtrOutput) ElementType ¶
func (SecretBackendCaPtrOutput) ElementType() reflect.Type
func (SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutput ¶
func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutput() SecretBackendCaPtrOutput
func (SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutputWithContext ¶
func (o SecretBackendCaPtrOutput) ToSecretBackendCaPtrOutputWithContext(ctx context.Context) SecretBackendCaPtrOutput
type SecretBackendCaState ¶
type SecretBackendCaState struct { // The path where the SSH secret backend is mounted. Defaults to 'ssh' Backend pulumi.StringPtrInput // Whether Vault should generate the signing key pair internally. Defaults to true GenerateSigningKey pulumi.BoolPtrInput // The private key part the SSH CA key pair; required if generateSigningKey is false. PrivateKey pulumi.StringPtrInput // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey pulumi.StringPtrInput }
func (SecretBackendCaState) ElementType ¶
func (SecretBackendCaState) ElementType() reflect.Type
type SecretBackendRole ¶
type SecretBackendRole struct { pulumi.CustomResourceState // When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512. AlgorithmSigner pulumi.StringOutput `pulumi:"algorithmSigner"` // Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`. AllowBareDomains pulumi.BoolPtrOutput `pulumi:"allowBareDomains"` // Specifies if certificates are allowed to be signed for use as a 'host'. AllowHostCertificates pulumi.BoolPtrOutput `pulumi:"allowHostCertificates"` // Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`. AllowSubdomains pulumi.BoolPtrOutput `pulumi:"allowSubdomains"` // Specifies if certificates are allowed to be signed for use as a 'user'. AllowUserCertificates pulumi.BoolPtrOutput `pulumi:"allowUserCertificates"` // Specifies if users can override the key ID for a signed certificate with the `keyId` field. AllowUserKeyIds pulumi.BoolPtrOutput `pulumi:"allowUserKeyIds"` // Specifies a comma-separated list of critical options that certificates can have when signed. AllowedCriticalOptions pulumi.StringPtrOutput `pulumi:"allowedCriticalOptions"` // The list of domains for which a client can request a host certificate. AllowedDomains pulumi.StringPtrOutput `pulumi:"allowedDomains"` // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrOutput `pulumi:"allowedExtensions"` // Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type. AllowedUserKeyLengths pulumi.MapOutput `pulumi:"allowedUserKeyLengths"` // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers pulumi.StringPtrOutput `pulumi:"allowedUsers"` // Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted. AllowedUsersTemplate pulumi.BoolPtrOutput `pulumi:"allowedUsersTemplate"` // The path where the SSH secret backend is mounted. Backend pulumi.StringOutput `pulumi:"backend"` // The comma-separated string of CIDR blocks for which this role is applicable. CidrList pulumi.StringPtrOutput `pulumi:"cidrList"` // Specifies a map of critical options that certificates have when signed. DefaultCriticalOptions pulumi.MapOutput `pulumi:"defaultCriticalOptions"` // Specifies a map of extensions that certificates have when signed. DefaultExtensions pulumi.MapOutput `pulumi:"defaultExtensions"` // Specifies the default username for which a credential will be generated. DefaultUser pulumi.StringPtrOutput `pulumi:"defaultUser"` // Specifies a custom format for the key id of a signed certificate. KeyIdFormat pulumi.StringPtrOutput `pulumi:"keyIdFormat"` // Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`. KeyType pulumi.StringOutput `pulumi:"keyType"` // Specifies the maximum Time To Live value. MaxTtl pulumi.StringOutput `pulumi:"maxTtl"` // Specifies the name of the role to create. Name pulumi.StringOutput `pulumi:"name"` // Specifies the Time To Live value. Ttl pulumi.StringOutput `pulumi:"ttl"` }
Provides a resource to manage roles in an SSH secret backend [SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v4/go/vault" "github.com/pulumi/pulumi-vault/sdk/v4/go/vault/ssh" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := vault.NewMount(ctx, "example", &vault.MountArgs{ Type: pulumi.String("ssh"), }) if err != nil { return err } _, err = ssh.NewSecretBackendRole(ctx, "foo", &ssh.SecretBackendRoleArgs{ Backend: example.Path, KeyType: pulumi.String("ca"), AllowUserCertificates: pulumi.Bool(true), }) if err != nil { return err } _, err = ssh.NewSecretBackendRole(ctx, "bar", &ssh.SecretBackendRoleArgs{ Backend: example.Path, KeyType: pulumi.String("otp"), DefaultUser: pulumi.String("default"), AllowedUsers: pulumi.String("default,baz"), CidrList: pulumi.String("0.0.0.0/0"), }) if err != nil { return err } return nil }) }
```
## Import
SSH secret backend roles can be imported using the `path`, e.g.
```sh
$ pulumi import vault:ssh/secretBackendRole:SecretBackendRole foo ssh/roles/my-role
```
func GetSecretBackendRole ¶
func GetSecretBackendRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)
GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackendRole ¶
func NewSecretBackendRole(ctx *pulumi.Context, name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)
NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.
func (*SecretBackendRole) ElementType ¶
func (*SecretBackendRole) ElementType() reflect.Type
func (*SecretBackendRole) ToSecretBackendRoleOutput ¶
func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput
func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext ¶
func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
func (*SecretBackendRole) ToSecretBackendRolePtrOutput ¶
func (i *SecretBackendRole) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
func (*SecretBackendRole) ToSecretBackendRolePtrOutputWithContext ¶
func (i *SecretBackendRole) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
type SecretBackendRoleArgs ¶
type SecretBackendRoleArgs struct { // When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512. AlgorithmSigner pulumi.StringPtrInput // Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`. AllowBareDomains pulumi.BoolPtrInput // Specifies if certificates are allowed to be signed for use as a 'host'. AllowHostCertificates pulumi.BoolPtrInput // Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`. AllowSubdomains pulumi.BoolPtrInput // Specifies if certificates are allowed to be signed for use as a 'user'. AllowUserCertificates pulumi.BoolPtrInput // Specifies if users can override the key ID for a signed certificate with the `keyId` field. AllowUserKeyIds pulumi.BoolPtrInput // Specifies a comma-separated list of critical options that certificates can have when signed. AllowedCriticalOptions pulumi.StringPtrInput // The list of domains for which a client can request a host certificate. AllowedDomains pulumi.StringPtrInput // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrInput // Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type. AllowedUserKeyLengths pulumi.MapInput // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers pulumi.StringPtrInput // Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted. AllowedUsersTemplate pulumi.BoolPtrInput // The path where the SSH secret backend is mounted. Backend pulumi.StringInput // The comma-separated string of CIDR blocks for which this role is applicable. CidrList pulumi.StringPtrInput // Specifies a map of critical options that certificates have when signed. DefaultCriticalOptions pulumi.MapInput // Specifies a map of extensions that certificates have when signed. DefaultExtensions pulumi.MapInput // Specifies the default username for which a credential will be generated. DefaultUser pulumi.StringPtrInput // Specifies a custom format for the key id of a signed certificate. KeyIdFormat pulumi.StringPtrInput // Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`. KeyType pulumi.StringInput // Specifies the maximum Time To Live value. MaxTtl pulumi.StringPtrInput // Specifies the name of the role to create. Name pulumi.StringPtrInput // Specifies the Time To Live value. Ttl pulumi.StringPtrInput }
The set of arguments for constructing a SecretBackendRole resource.
func (SecretBackendRoleArgs) ElementType ¶
func (SecretBackendRoleArgs) ElementType() reflect.Type
type SecretBackendRoleArray ¶
type SecretBackendRoleArray []SecretBackendRoleInput
func (SecretBackendRoleArray) ElementType ¶
func (SecretBackendRoleArray) ElementType() reflect.Type
func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput ¶
func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext ¶
func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
type SecretBackendRoleArrayInput ¶
type SecretBackendRoleArrayInput interface { pulumi.Input ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput }
SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via:
SecretBackendRoleArray{ SecretBackendRoleArgs{...} }
type SecretBackendRoleArrayOutput ¶
type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleArrayOutput) ElementType ¶
func (SecretBackendRoleArrayOutput) ElementType() reflect.Type
func (SecretBackendRoleArrayOutput) Index ¶
func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput
func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput ¶
func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext ¶
func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
type SecretBackendRoleInput ¶
type SecretBackendRoleInput interface { pulumi.Input ToSecretBackendRoleOutput() SecretBackendRoleOutput ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput }
type SecretBackendRoleMap ¶
type SecretBackendRoleMap map[string]SecretBackendRoleInput
func (SecretBackendRoleMap) ElementType ¶
func (SecretBackendRoleMap) ElementType() reflect.Type
func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput ¶
func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext ¶
func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
type SecretBackendRoleMapInput ¶
type SecretBackendRoleMapInput interface { pulumi.Input ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput }
SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via:
SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }
type SecretBackendRoleMapOutput ¶
type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleMapOutput) ElementType ¶
func (SecretBackendRoleMapOutput) ElementType() reflect.Type
func (SecretBackendRoleMapOutput) MapIndex ¶
func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput
func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput ¶
func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext ¶
func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
type SecretBackendRoleOutput ¶
type SecretBackendRoleOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleOutput) ElementType ¶
func (SecretBackendRoleOutput) ElementType() reflect.Type
func (SecretBackendRoleOutput) ToSecretBackendRoleOutput ¶
func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput
func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext ¶
func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutput ¶
func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
func (SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext ¶
func (o SecretBackendRoleOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
type SecretBackendRolePtrInput ¶
type SecretBackendRolePtrInput interface { pulumi.Input ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput }
type SecretBackendRolePtrOutput ¶
type SecretBackendRolePtrOutput struct{ *pulumi.OutputState }
func (SecretBackendRolePtrOutput) Elem ¶ added in v4.6.0
func (o SecretBackendRolePtrOutput) Elem() SecretBackendRoleOutput
func (SecretBackendRolePtrOutput) ElementType ¶
func (SecretBackendRolePtrOutput) ElementType() reflect.Type
func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput ¶
func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutput() SecretBackendRolePtrOutput
func (SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext ¶
func (o SecretBackendRolePtrOutput) ToSecretBackendRolePtrOutputWithContext(ctx context.Context) SecretBackendRolePtrOutput
type SecretBackendRoleState ¶
type SecretBackendRoleState struct { // When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512. AlgorithmSigner pulumi.StringPtrInput // Specifies if host certificates that are requested are allowed to use the base domains listed in `allowedDomains`. AllowBareDomains pulumi.BoolPtrInput // Specifies if certificates are allowed to be signed for use as a 'host'. AllowHostCertificates pulumi.BoolPtrInput // Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowedDomains`. AllowSubdomains pulumi.BoolPtrInput // Specifies if certificates are allowed to be signed for use as a 'user'. AllowUserCertificates pulumi.BoolPtrInput // Specifies if users can override the key ID for a signed certificate with the `keyId` field. AllowUserKeyIds pulumi.BoolPtrInput // Specifies a comma-separated list of critical options that certificates can have when signed. AllowedCriticalOptions pulumi.StringPtrInput // The list of domains for which a client can request a host certificate. AllowedDomains pulumi.StringPtrInput // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrInput // Specifies a map of ssh key types and their expected sizes which are allowed to be signed by the CA type. AllowedUserKeyLengths pulumi.MapInput // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers pulumi.StringPtrInput // Specifies if `allowedUsers` can be declared using identity template policies. Non-templated users are also permitted. AllowedUsersTemplate pulumi.BoolPtrInput // The path where the SSH secret backend is mounted. Backend pulumi.StringPtrInput // The comma-separated string of CIDR blocks for which this role is applicable. CidrList pulumi.StringPtrInput // Specifies a map of critical options that certificates have when signed. DefaultCriticalOptions pulumi.MapInput // Specifies a map of extensions that certificates have when signed. DefaultExtensions pulumi.MapInput // Specifies the default username for which a credential will be generated. DefaultUser pulumi.StringPtrInput // Specifies a custom format for the key id of a signed certificate. KeyIdFormat pulumi.StringPtrInput // Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`. KeyType pulumi.StringPtrInput // Specifies the maximum Time To Live value. MaxTtl pulumi.StringPtrInput // Specifies the name of the role to create. Name pulumi.StringPtrInput // Specifies the Time To Live value. Ttl pulumi.StringPtrInput }
func (SecretBackendRoleState) ElementType ¶
func (SecretBackendRoleState) ElementType() reflect.Type