Documentation ¶
Index ¶
- type SecretBackend
- type SecretBackendArgs
- type SecretBackendArray
- type SecretBackendArrayInput
- type SecretBackendArrayOutput
- func (SecretBackendArrayOutput) ElementType() reflect.Type
- func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput
- func (o SecretBackendArrayOutput) ToSecretBackendArrayOutput() SecretBackendArrayOutput
- func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
- type SecretBackendInput
- type SecretBackendMap
- type SecretBackendMapInput
- type SecretBackendMapOutput
- func (SecretBackendMapOutput) ElementType() reflect.Type
- func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput
- func (o SecretBackendMapOutput) ToSecretBackendMapOutput() SecretBackendMapOutput
- func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
- type SecretBackendOutput
- func (o SecretBackendOutput) Address() pulumi.StringOutput
- func (o SecretBackendOutput) Bootstrap() pulumi.BoolPtrOutput
- func (o SecretBackendOutput) CaCert() pulumi.StringPtrOutput
- func (o SecretBackendOutput) ClientCert() pulumi.StringPtrOutput
- func (o SecretBackendOutput) ClientKey() pulumi.StringPtrOutput
- func (o SecretBackendOutput) DefaultLeaseTtlSeconds() pulumi.IntPtrOutput
- func (o SecretBackendOutput) Description() pulumi.StringPtrOutput
- func (o SecretBackendOutput) DisableRemount() pulumi.BoolPtrOutput
- func (SecretBackendOutput) ElementType() reflect.Type
- func (o SecretBackendOutput) Local() pulumi.BoolPtrOutput
- func (o SecretBackendOutput) MaxLeaseTtlSeconds() pulumi.IntPtrOutput
- func (o SecretBackendOutput) Namespace() pulumi.StringPtrOutput
- func (o SecretBackendOutput) Path() pulumi.StringPtrOutput
- func (o SecretBackendOutput) Scheme() pulumi.StringPtrOutput
- func (o SecretBackendOutput) ToSecretBackendOutput() SecretBackendOutput
- func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
- func (o SecretBackendOutput) Token() pulumi.StringPtrOutput
- type SecretBackendRole
- type SecretBackendRoleArgs
- type SecretBackendRoleArray
- type SecretBackendRoleArrayInput
- type SecretBackendRoleArrayOutput
- func (SecretBackendRoleArrayOutput) ElementType() reflect.Type
- func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput
- func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
- func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
- type SecretBackendRoleInput
- type SecretBackendRoleMap
- type SecretBackendRoleMapInput
- type SecretBackendRoleMapOutput
- func (SecretBackendRoleMapOutput) ElementType() reflect.Type
- func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput
- func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
- func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
- type SecretBackendRoleOutput
- func (o SecretBackendRoleOutput) Backend() pulumi.StringPtrOutput
- func (o SecretBackendRoleOutput) ConsulNamespace() pulumi.StringOutput
- func (o SecretBackendRoleOutput) ConsulPolicies() pulumi.StringArrayOutput
- func (o SecretBackendRoleOutput) ConsulRoles() pulumi.StringArrayOutput
- func (SecretBackendRoleOutput) ElementType() reflect.Type
- func (o SecretBackendRoleOutput) Local() pulumi.BoolPtrOutput
- func (o SecretBackendRoleOutput) MaxTtl() pulumi.IntPtrOutput
- func (o SecretBackendRoleOutput) Name() pulumi.StringOutput
- func (o SecretBackendRoleOutput) Namespace() pulumi.StringPtrOutput
- func (o SecretBackendRoleOutput) NodeIdentities() pulumi.StringArrayOutput
- func (o SecretBackendRoleOutput) Partition() pulumi.StringOutput
- func (o SecretBackendRoleOutput) Policies() pulumi.StringArrayOutput
- func (o SecretBackendRoleOutput) ServiceIdentities() pulumi.StringArrayOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput
- func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
- func (o SecretBackendRoleOutput) TokenType() pulumi.StringPtrOutputdeprecated
- func (o SecretBackendRoleOutput) Ttl() pulumi.IntPtrOutput
- type SecretBackendRoleState
- type SecretBackendState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecretBackend ¶
type SecretBackend struct { pulumi.CustomResourceState // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address pulumi.StringOutput `pulumi:"address"` // Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap. Bootstrap pulumi.BoolPtrOutput `pulumi:"bootstrap"` // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert pulumi.StringPtrOutput `pulumi:"caCert"` // Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if // this is set you need to also set client_key. ClientCert pulumi.StringPtrOutput `pulumi:"clientCert"` // Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set // you need to also set client_cert. ClientKey pulumi.StringPtrOutput `pulumi:"clientKey"` // The default TTL for credentials issued by this backend. DefaultLeaseTtlSeconds pulumi.IntPtrOutput `pulumi:"defaultLeaseTtlSeconds"` // A human-friendly description for this backend. Description pulumi.StringPtrOutput `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrOutput `pulumi:"disableRemount"` // Specifies if the secret backend is local only. Local pulumi.BoolPtrOutput `pulumi:"local"` // The maximum TTL that can be requested // for credentials issued by this backend. MaxLeaseTtlSeconds pulumi.IntPtrOutput `pulumi:"maxLeaseTtlSeconds"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults // to `consul`. Path pulumi.StringPtrOutput `pulumi:"path"` // Specifies the URL scheme to use. Defaults to `http`. Scheme pulumi.StringPtrOutput `pulumi:"scheme"` // Specifies the Consul token to use when managing or issuing new tokens. Token pulumi.StringPtrOutput `pulumi:"token"` }
## Example Usage ### Creating a standard backend resource: ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := consul.NewSecretBackend(ctx, "test", &consul.SecretBackendArgs{ Address: pulumi.String("127.0.0.1:8500"), Description: pulumi.String("Manages the Consul backend"), Path: pulumi.String("consul"), Token: pulumi.String("4240861b-ce3d-8530-115a-521ff070dd29"), }) if err != nil { return err } return nil }) }
``` ### Creating a backend resource to bootstrap a new Consul instance: ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := consul.NewSecretBackend(ctx, "test", &consul.SecretBackendArgs{ Address: pulumi.String("127.0.0.1:8500"), Bootstrap: pulumi.Bool(true), Description: pulumi.String("Bootstrap the Consul backend"), Path: pulumi.String("consul"), }) if err != nil { return err } return nil }) }
```
## Import
Consul secret backends can be imported using the `path`, e.g.
```sh
$ pulumi import vault:consul/secretBackend:SecretBackend example consul
```
func GetSecretBackend ¶
func GetSecretBackend(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendState, opts ...pulumi.ResourceOption) (*SecretBackend, error)
GetSecretBackend gets an existing SecretBackend resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackend ¶
func NewSecretBackend(ctx *pulumi.Context, name string, args *SecretBackendArgs, opts ...pulumi.ResourceOption) (*SecretBackend, error)
NewSecretBackend registers a new resource with the given unique name, arguments, and options.
func (*SecretBackend) ElementType ¶
func (*SecretBackend) ElementType() reflect.Type
func (*SecretBackend) ToSecretBackendOutput ¶
func (i *SecretBackend) ToSecretBackendOutput() SecretBackendOutput
func (*SecretBackend) ToSecretBackendOutputWithContext ¶
func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
type SecretBackendArgs ¶
type SecretBackendArgs struct { // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address pulumi.StringInput // Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap. Bootstrap pulumi.BoolPtrInput // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert pulumi.StringPtrInput // Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if // this is set you need to also set client_key. ClientCert pulumi.StringPtrInput // Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set // you need to also set client_cert. ClientKey pulumi.StringPtrInput // The default TTL for credentials issued by this backend. DefaultLeaseTtlSeconds pulumi.IntPtrInput // A human-friendly description for this backend. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput // Specifies if the secret backend is local only. Local pulumi.BoolPtrInput // The maximum TTL that can be requested // for credentials issued by this backend. MaxLeaseTtlSeconds pulumi.IntPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults // to `consul`. Path pulumi.StringPtrInput // Specifies the URL scheme to use. Defaults to `http`. Scheme pulumi.StringPtrInput // Specifies the Consul token to use when managing or issuing new tokens. Token pulumi.StringPtrInput }
The set of arguments for constructing a SecretBackend resource.
func (SecretBackendArgs) ElementType ¶
func (SecretBackendArgs) ElementType() reflect.Type
type SecretBackendArray ¶
type SecretBackendArray []SecretBackendInput
func (SecretBackendArray) ElementType ¶
func (SecretBackendArray) ElementType() reflect.Type
func (SecretBackendArray) ToSecretBackendArrayOutput ¶
func (i SecretBackendArray) ToSecretBackendArrayOutput() SecretBackendArrayOutput
func (SecretBackendArray) ToSecretBackendArrayOutputWithContext ¶
func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
type SecretBackendArrayInput ¶
type SecretBackendArrayInput interface { pulumi.Input ToSecretBackendArrayOutput() SecretBackendArrayOutput ToSecretBackendArrayOutputWithContext(context.Context) SecretBackendArrayOutput }
SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. You can construct a concrete instance of `SecretBackendArrayInput` via:
SecretBackendArray{ SecretBackendArgs{...} }
type SecretBackendArrayOutput ¶
type SecretBackendArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendArrayOutput) ElementType ¶
func (SecretBackendArrayOutput) ElementType() reflect.Type
func (SecretBackendArrayOutput) Index ¶
func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput
func (SecretBackendArrayOutput) ToSecretBackendArrayOutput ¶
func (o SecretBackendArrayOutput) ToSecretBackendArrayOutput() SecretBackendArrayOutput
func (SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext ¶
func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput
type SecretBackendInput ¶
type SecretBackendInput interface { pulumi.Input ToSecretBackendOutput() SecretBackendOutput ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput }
type SecretBackendMap ¶
type SecretBackendMap map[string]SecretBackendInput
func (SecretBackendMap) ElementType ¶
func (SecretBackendMap) ElementType() reflect.Type
func (SecretBackendMap) ToSecretBackendMapOutput ¶
func (i SecretBackendMap) ToSecretBackendMapOutput() SecretBackendMapOutput
func (SecretBackendMap) ToSecretBackendMapOutputWithContext ¶
func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
type SecretBackendMapInput ¶
type SecretBackendMapInput interface { pulumi.Input ToSecretBackendMapOutput() SecretBackendMapOutput ToSecretBackendMapOutputWithContext(context.Context) SecretBackendMapOutput }
SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. You can construct a concrete instance of `SecretBackendMapInput` via:
SecretBackendMap{ "key": SecretBackendArgs{...} }
type SecretBackendMapOutput ¶
type SecretBackendMapOutput struct{ *pulumi.OutputState }
func (SecretBackendMapOutput) ElementType ¶
func (SecretBackendMapOutput) ElementType() reflect.Type
func (SecretBackendMapOutput) MapIndex ¶
func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput
func (SecretBackendMapOutput) ToSecretBackendMapOutput ¶
func (o SecretBackendMapOutput) ToSecretBackendMapOutput() SecretBackendMapOutput
func (SecretBackendMapOutput) ToSecretBackendMapOutputWithContext ¶
func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput
type SecretBackendOutput ¶
type SecretBackendOutput struct{ *pulumi.OutputState }
func (SecretBackendOutput) Address ¶ added in v5.6.0
func (o SecretBackendOutput) Address() pulumi.StringOutput
Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500".
func (SecretBackendOutput) Bootstrap ¶ added in v5.7.0
func (o SecretBackendOutput) Bootstrap() pulumi.BoolPtrOutput
Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap.
func (SecretBackendOutput) CaCert ¶ added in v5.6.0
func (o SecretBackendOutput) CaCert() pulumi.StringPtrOutput
CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded.
func (SecretBackendOutput) ClientCert ¶ added in v5.6.0
func (o SecretBackendOutput) ClientCert() pulumi.StringPtrOutput
Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key.
func (SecretBackendOutput) ClientKey ¶ added in v5.6.0
func (o SecretBackendOutput) ClientKey() pulumi.StringPtrOutput
Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_cert.
func (SecretBackendOutput) DefaultLeaseTtlSeconds ¶ added in v5.6.0
func (o SecretBackendOutput) DefaultLeaseTtlSeconds() pulumi.IntPtrOutput
The default TTL for credentials issued by this backend.
func (SecretBackendOutput) Description ¶ added in v5.6.0
func (o SecretBackendOutput) Description() pulumi.StringPtrOutput
A human-friendly description for this backend.
func (SecretBackendOutput) DisableRemount ¶ added in v5.7.0
func (o SecretBackendOutput) DisableRemount() pulumi.BoolPtrOutput
If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
func (SecretBackendOutput) ElementType ¶
func (SecretBackendOutput) ElementType() reflect.Type
func (SecretBackendOutput) Local ¶ added in v5.6.0
func (o SecretBackendOutput) Local() pulumi.BoolPtrOutput
Specifies if the secret backend is local only.
func (SecretBackendOutput) MaxLeaseTtlSeconds ¶ added in v5.6.0
func (o SecretBackendOutput) MaxLeaseTtlSeconds() pulumi.IntPtrOutput
The maximum TTL that can be requested for credentials issued by this backend.
func (SecretBackendOutput) Namespace ¶ added in v5.7.0
func (o SecretBackendOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*.
func (SecretBackendOutput) Path ¶ added in v5.6.0
func (o SecretBackendOutput) Path() pulumi.StringPtrOutput
The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults to `consul`.
func (SecretBackendOutput) Scheme ¶ added in v5.6.0
func (o SecretBackendOutput) Scheme() pulumi.StringPtrOutput
Specifies the URL scheme to use. Defaults to `http`.
func (SecretBackendOutput) ToSecretBackendOutput ¶
func (o SecretBackendOutput) ToSecretBackendOutput() SecretBackendOutput
func (SecretBackendOutput) ToSecretBackendOutputWithContext ¶
func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
func (SecretBackendOutput) Token ¶ added in v5.6.0
func (o SecretBackendOutput) Token() pulumi.StringPtrOutput
Specifies the Consul token to use when managing or issuing new tokens.
type SecretBackendRole ¶
type SecretBackendRole struct { pulumi.CustomResourceState // The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required. Backend pulumi.StringPtrOutput `pulumi:"backend"` // The Consul namespace that the token will be created in. // Applicable for Vault 1.10+ and Consul 1.7+". ConsulNamespace pulumi.StringOutput `pulumi:"consulNamespace"` // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles. ConsulPolicies pulumi.StringArrayOutput `pulumi:"consulPolicies"` // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token. // Applicable for Vault 1.10+ with Consul 1.5+. ConsulRoles pulumi.StringArrayOutput `pulumi:"consulRoles"` // Indicates that the token should not be replicated globally and instead be local to the current datacenter. Local pulumi.BoolPtrOutput `pulumi:"local"` // Maximum TTL for leases associated with this role, in seconds. MaxTtl pulumi.IntPtrOutput `pulumi:"maxTtl"` // The name of the Consul secrets engine role to create. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node // identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+. NodeIdentities pulumi.StringArrayOutput `pulumi:"nodeIdentities"` // The admin partition that the token will be created in. // Applicable for Vault 1.10+ and Consul 1.11+". Partition pulumi.StringOutput `pulumi:"partition"` // The list of Consul ACL policies to associate with these roles. // **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter, // `policies`, remains supported for legacy users, but Vault has deprecated this field. Policies pulumi.StringArrayOutput `pulumi:"policies"` // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul // service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+. ServiceIdentities pulumi.StringArrayOutput `pulumi:"serviceIdentities"` // Specifies the type of token to create when using this role. Valid values are "client" or "management". // *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.* // // Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field. TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` // Specifies the TTL for this role. Ttl pulumi.IntPtrOutput `pulumi:"ttl"` }
Manages a Consul secrets role for a Consul secrets engine in Vault. Consul secret backends can then issue Consul tokens.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { test, err := consul.NewSecretBackend(ctx, "test", &consul.SecretBackendArgs{ Path: pulumi.String("consul"), Description: pulumi.String("Manages the Consul backend"), Address: pulumi.String("127.0.0.1:8500"), Token: pulumi.String("4240861b-ce3d-8530-115a-521ff070dd29"), }) if err != nil { return err } _, err = consul.NewSecretBackendRole(ctx, "example", &consul.SecretBackendRoleArgs{ Backend: test.Path, ConsulPolicies: pulumi.StringArray{ pulumi.String("example-policy"), }, }) if err != nil { return err } return nil }) }
``` ## Note About Required Arguments
*At least one* of the four arguments `consulPolicies`, `consulRoles`, `serviceIdentities`, or `nodeIdentities` is required for a token. If desired, any combination of the four arguments up-to and including all four, is valid.
## Import
Consul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.
```sh
$ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role
```
func GetSecretBackendRole ¶
func GetSecretBackendRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)
GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackendRole ¶
func NewSecretBackendRole(ctx *pulumi.Context, name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)
NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.
func (*SecretBackendRole) ElementType ¶
func (*SecretBackendRole) ElementType() reflect.Type
func (*SecretBackendRole) ToSecretBackendRoleOutput ¶
func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput
func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext ¶
func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
type SecretBackendRoleArgs ¶
type SecretBackendRoleArgs struct { // The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required. Backend pulumi.StringPtrInput // The Consul namespace that the token will be created in. // Applicable for Vault 1.10+ and Consul 1.7+". ConsulNamespace pulumi.StringPtrInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles. ConsulPolicies pulumi.StringArrayInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token. // Applicable for Vault 1.10+ with Consul 1.5+. ConsulRoles pulumi.StringArrayInput // Indicates that the token should not be replicated globally and instead be local to the current datacenter. Local pulumi.BoolPtrInput // Maximum TTL for leases associated with this role, in seconds. MaxTtl pulumi.IntPtrInput // The name of the Consul secrets engine role to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node // identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+. NodeIdentities pulumi.StringArrayInput // The admin partition that the token will be created in. // Applicable for Vault 1.10+ and Consul 1.11+". Partition pulumi.StringPtrInput // The list of Consul ACL policies to associate with these roles. // **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter, // `policies`, remains supported for legacy users, but Vault has deprecated this field. Policies pulumi.StringArrayInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul // service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+. ServiceIdentities pulumi.StringArrayInput // Specifies the type of token to create when using this role. Valid values are "client" or "management". // *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.* // // Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field. TokenType pulumi.StringPtrInput // Specifies the TTL for this role. Ttl pulumi.IntPtrInput }
The set of arguments for constructing a SecretBackendRole resource.
func (SecretBackendRoleArgs) ElementType ¶
func (SecretBackendRoleArgs) ElementType() reflect.Type
type SecretBackendRoleArray ¶
type SecretBackendRoleArray []SecretBackendRoleInput
func (SecretBackendRoleArray) ElementType ¶
func (SecretBackendRoleArray) ElementType() reflect.Type
func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput ¶
func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext ¶
func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
type SecretBackendRoleArrayInput ¶
type SecretBackendRoleArrayInput interface { pulumi.Input ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput }
SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via:
SecretBackendRoleArray{ SecretBackendRoleArgs{...} }
type SecretBackendRoleArrayOutput ¶
type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleArrayOutput) ElementType ¶
func (SecretBackendRoleArrayOutput) ElementType() reflect.Type
func (SecretBackendRoleArrayOutput) Index ¶
func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput
func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput ¶
func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext ¶
func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput
type SecretBackendRoleInput ¶
type SecretBackendRoleInput interface { pulumi.Input ToSecretBackendRoleOutput() SecretBackendRoleOutput ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput }
type SecretBackendRoleMap ¶
type SecretBackendRoleMap map[string]SecretBackendRoleInput
func (SecretBackendRoleMap) ElementType ¶
func (SecretBackendRoleMap) ElementType() reflect.Type
func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput ¶
func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext ¶
func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
type SecretBackendRoleMapInput ¶
type SecretBackendRoleMapInput interface { pulumi.Input ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput }
SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via:
SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }
type SecretBackendRoleMapOutput ¶
type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleMapOutput) ElementType ¶
func (SecretBackendRoleMapOutput) ElementType() reflect.Type
func (SecretBackendRoleMapOutput) MapIndex ¶
func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput
func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput ¶
func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext ¶
func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput
type SecretBackendRoleOutput ¶
type SecretBackendRoleOutput struct{ *pulumi.OutputState }
func (SecretBackendRoleOutput) Backend ¶ added in v5.6.0
func (o SecretBackendRoleOutput) Backend() pulumi.StringPtrOutput
The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
func (SecretBackendRoleOutput) ConsulNamespace ¶ added in v5.6.0
func (o SecretBackendRoleOutput) ConsulNamespace() pulumi.StringOutput
The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".
func (SecretBackendRoleOutput) ConsulPolicies ¶ added in v5.7.0
func (o SecretBackendRoleOutput) ConsulPolicies() pulumi.StringArrayOutput
<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
func (SecretBackendRoleOutput) ConsulRoles ¶ added in v5.6.0
func (o SecretBackendRoleOutput) ConsulRoles() pulumi.StringArrayOutput
<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.
func (SecretBackendRoleOutput) ElementType ¶
func (SecretBackendRoleOutput) ElementType() reflect.Type
func (SecretBackendRoleOutput) Local ¶ added in v5.6.0
func (o SecretBackendRoleOutput) Local() pulumi.BoolPtrOutput
Indicates that the token should not be replicated globally and instead be local to the current datacenter.
func (SecretBackendRoleOutput) MaxTtl ¶ added in v5.6.0
func (o SecretBackendRoleOutput) MaxTtl() pulumi.IntPtrOutput
Maximum TTL for leases associated with this role, in seconds.
func (SecretBackendRoleOutput) Name ¶ added in v5.6.0
func (o SecretBackendRoleOutput) Name() pulumi.StringOutput
The name of the Consul secrets engine role to create.
func (SecretBackendRoleOutput) Namespace ¶ added in v5.7.0
func (o SecretBackendRoleOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*.
func (SecretBackendRoleOutput) NodeIdentities ¶ added in v5.7.0
func (o SecretBackendRoleOutput) NodeIdentities() pulumi.StringArrayOutput
<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
func (SecretBackendRoleOutput) Partition ¶ added in v5.6.0
func (o SecretBackendRoleOutput) Partition() pulumi.StringOutput
The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".
func (SecretBackendRoleOutput) Policies ¶ added in v5.6.0
func (o SecretBackendRoleOutput) Policies() pulumi.StringArrayOutput
The list of Consul ACL policies to associate with these roles. **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter, `policies`, remains supported for legacy users, but Vault has deprecated this field.
func (SecretBackendRoleOutput) ServiceIdentities ¶ added in v5.7.0
func (o SecretBackendRoleOutput) ServiceIdentities() pulumi.StringArrayOutput
<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
func (SecretBackendRoleOutput) ToSecretBackendRoleOutput ¶
func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput
func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext ¶
func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
func (SecretBackendRoleOutput) TokenType
deprecated
added in
v5.6.0
func (o SecretBackendRoleOutput) TokenType() pulumi.StringPtrOutput
Specifies the type of token to create when using this role. Valid values are "client" or "management". *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.
func (SecretBackendRoleOutput) Ttl ¶ added in v5.6.0
func (o SecretBackendRoleOutput) Ttl() pulumi.IntPtrOutput
Specifies the TTL for this role.
type SecretBackendRoleState ¶
type SecretBackendRoleState struct { // The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required. Backend pulumi.StringPtrInput // The Consul namespace that the token will be created in. // Applicable for Vault 1.10+ and Consul 1.7+". ConsulNamespace pulumi.StringPtrInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles. ConsulPolicies pulumi.StringArrayInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token. // Applicable for Vault 1.10+ with Consul 1.5+. ConsulRoles pulumi.StringArrayInput // Indicates that the token should not be replicated globally and instead be local to the current datacenter. Local pulumi.BoolPtrInput // Maximum TTL for leases associated with this role, in seconds. MaxTtl pulumi.IntPtrInput // The name of the Consul secrets engine role to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node // identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+. NodeIdentities pulumi.StringArrayInput // The admin partition that the token will be created in. // Applicable for Vault 1.10+ and Consul 1.11+". Partition pulumi.StringPtrInput // The list of Consul ACL policies to associate with these roles. // **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter, // `policies`, remains supported for legacy users, but Vault has deprecated this field. Policies pulumi.StringArrayInput // <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul // service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+. ServiceIdentities pulumi.StringArrayInput // Specifies the type of token to create when using this role. Valid values are "client" or "management". // *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.* // // Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field. TokenType pulumi.StringPtrInput // Specifies the TTL for this role. Ttl pulumi.IntPtrInput }
func (SecretBackendRoleState) ElementType ¶
func (SecretBackendRoleState) ElementType() reflect.Type
type SecretBackendState ¶
type SecretBackendState struct { // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address pulumi.StringPtrInput // Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap. Bootstrap pulumi.BoolPtrInput // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert pulumi.StringPtrInput // Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if // this is set you need to also set client_key. ClientCert pulumi.StringPtrInput // Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set // you need to also set client_cert. ClientKey pulumi.StringPtrInput // The default TTL for credentials issued by this backend. DefaultLeaseTtlSeconds pulumi.IntPtrInput // A human-friendly description for this backend. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput // Specifies if the secret backend is local only. Local pulumi.BoolPtrInput // The maximum TTL that can be requested // for credentials issued by this backend. MaxLeaseTtlSeconds pulumi.IntPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults // to `consul`. Path pulumi.StringPtrInput // Specifies the URL scheme to use. Defaults to `http`. Scheme pulumi.StringPtrInput // Specifies the Consul token to use when managing or issuing new tokens. Token pulumi.StringPtrInput }
func (SecretBackendState) ElementType ¶
func (SecretBackendState) ElementType() reflect.Type