consul

package
v5.20.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 20, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type SecretBackend 

type SecretBackend struct {
	pulumi.CustomResourceState

	// Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500".
	Address pulumi.StringOutput `pulumi:"address"`
	// Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap.
	Bootstrap pulumi.BoolPtrOutput `pulumi:"bootstrap"`
	// CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded.
	CaCert pulumi.StringPtrOutput `pulumi:"caCert"`
	// Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if
	// this is set you need to also set client_key.
	ClientCert pulumi.StringPtrOutput `pulumi:"clientCert"`
	// Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set
	// you need to also set client_cert.
	ClientKey pulumi.StringPtrOutput `pulumi:"clientKey"`
	// The default TTL for credentials issued by this backend.
	DefaultLeaseTtlSeconds pulumi.IntPtrOutput `pulumi:"defaultLeaseTtlSeconds"`
	// A human-friendly description for this backend.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// If set, opts out of mount migration on path updates.
	// See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
	DisableRemount pulumi.BoolPtrOutput `pulumi:"disableRemount"`
	// Specifies if the secret backend is local only.
	Local pulumi.BoolPtrOutput `pulumi:"local"`
	// The maximum TTL that can be requested
	// for credentials issued by this backend.
	MaxLeaseTtlSeconds pulumi.IntPtrOutput `pulumi:"maxLeaseTtlSeconds"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults
	// to `consul`.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// Specifies the URL scheme to use. Defaults to `http`.
	Scheme pulumi.StringPtrOutput `pulumi:"scheme"`
	// Specifies the Consul token to use when managing or issuing new tokens.
	Token pulumi.StringPtrOutput `pulumi:"token"`
}

## Example Usage ### Creating a standard backend resource: ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := consul.NewSecretBackend(ctx, "test", &consul.SecretBackendArgs{
			Address:     pulumi.String("127.0.0.1:8500"),
			Description: pulumi.String("Manages the Consul backend"),
			Path:        pulumi.String("consul"),
			Token:       pulumi.String("4240861b-ce3d-8530-115a-521ff070dd29"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Creating a backend resource to bootstrap a new Consul instance: ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := consul.NewSecretBackend(ctx, "test", &consul.SecretBackendArgs{
			Address:     pulumi.String("127.0.0.1:8500"),
			Bootstrap:   pulumi.Bool(true),
			Description: pulumi.String("Bootstrap the Consul backend"),
			Path:        pulumi.String("consul"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Consul secret backends can be imported using the `path`, e.g.

```sh 

$ pulumi import vault:consul/secretBackend:SecretBackend example consul

```

func GetSecretBackend 

func GetSecretBackend(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendState, opts ...pulumi.ResourceOption) (*SecretBackend, error)

GetSecretBackend gets an existing SecretBackend resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackend 

func NewSecretBackend(ctx *pulumi.Context,
	name string, args *SecretBackendArgs, opts ...pulumi.ResourceOption) (*SecretBackend, error)

NewSecretBackend registers a new resource with the given unique name, arguments, and options.

func (*SecretBackend) ElementType 

func (*SecretBackend) ElementType() reflect.Type

func (*SecretBackend) ToSecretBackendOutput 

func (i *SecretBackend) ToSecretBackendOutput() SecretBackendOutput

func (*SecretBackend) ToSecretBackendOutputWithContext 

func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput

type SecretBackendArgs 

type SecretBackendArgs struct {
	// Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500".
	Address pulumi.StringInput
	// Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap.
	Bootstrap pulumi.BoolPtrInput
	// CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded.
	CaCert pulumi.StringPtrInput
	// Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if
	// this is set you need to also set client_key.
	ClientCert pulumi.StringPtrInput
	// Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set
	// you need to also set client_cert.
	ClientKey pulumi.StringPtrInput
	// The default TTL for credentials issued by this backend.
	DefaultLeaseTtlSeconds pulumi.IntPtrInput
	// A human-friendly description for this backend.
	Description pulumi.StringPtrInput
	// If set, opts out of mount migration on path updates.
	// See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
	DisableRemount pulumi.BoolPtrInput
	// Specifies if the secret backend is local only.
	Local pulumi.BoolPtrInput
	// The maximum TTL that can be requested
	// for credentials issued by this backend.
	MaxLeaseTtlSeconds pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults
	// to `consul`.
	Path pulumi.StringPtrInput
	// Specifies the URL scheme to use. Defaults to `http`.
	Scheme pulumi.StringPtrInput
	// Specifies the Consul token to use when managing or issuing new tokens.
	Token pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackend resource.

func (SecretBackendArgs) ElementType 

func (SecretBackendArgs) ElementType() reflect.Type

type SecretBackendArray 

type SecretBackendArray []SecretBackendInput

func (SecretBackendArray) ElementType 

func (SecretBackendArray) ElementType() reflect.Type

func (SecretBackendArray) ToSecretBackendArrayOutput 

func (i SecretBackendArray) ToSecretBackendArrayOutput() SecretBackendArrayOutput

func (SecretBackendArray) ToSecretBackendArrayOutputWithContext 

func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput

type SecretBackendArrayInput 

type SecretBackendArrayInput interface {
	pulumi.Input

	ToSecretBackendArrayOutput() SecretBackendArrayOutput
	ToSecretBackendArrayOutputWithContext(context.Context) SecretBackendArrayOutput
}

SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. You can construct a concrete instance of `SecretBackendArrayInput` via: 

SecretBackendArray{ SecretBackendArgs{...} }

type SecretBackendArrayOutput 

type SecretBackendArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendArrayOutput) ElementType 

func (SecretBackendArrayOutput) ElementType() reflect.Type

func (SecretBackendArrayOutput) Index 

func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput

func (SecretBackendArrayOutput) ToSecretBackendArrayOutput 

func (o SecretBackendArrayOutput) ToSecretBackendArrayOutput() SecretBackendArrayOutput

func (SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext 

func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx context.Context) SecretBackendArrayOutput

type SecretBackendInput 

type SecretBackendInput interface {
	pulumi.Input

	ToSecretBackendOutput() SecretBackendOutput
	ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput
}

type SecretBackendMap 

type SecretBackendMap map[string]SecretBackendInput

func (SecretBackendMap) ElementType 

func (SecretBackendMap) ElementType() reflect.Type

func (SecretBackendMap) ToSecretBackendMapOutput 

func (i SecretBackendMap) ToSecretBackendMapOutput() SecretBackendMapOutput

func (SecretBackendMap) ToSecretBackendMapOutputWithContext 

func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput

type SecretBackendMapInput 

type SecretBackendMapInput interface {
	pulumi.Input

	ToSecretBackendMapOutput() SecretBackendMapOutput
	ToSecretBackendMapOutputWithContext(context.Context) SecretBackendMapOutput
}

SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. You can construct a concrete instance of `SecretBackendMapInput` via: 

SecretBackendMap{ "key": SecretBackendArgs{...} }

type SecretBackendMapOutput 

type SecretBackendMapOutput struct{ *pulumi.OutputState }

func (SecretBackendMapOutput) ElementType 

func (SecretBackendMapOutput) ElementType() reflect.Type

func (SecretBackendMapOutput) MapIndex 

func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput

func (SecretBackendMapOutput) ToSecretBackendMapOutput 

func (o SecretBackendMapOutput) ToSecretBackendMapOutput() SecretBackendMapOutput

func (SecretBackendMapOutput) ToSecretBackendMapOutputWithContext 

func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context.Context) SecretBackendMapOutput

type SecretBackendOutput 

type SecretBackendOutput struct{ *pulumi.OutputState }

func (SecretBackendOutput) Address added in v5.6.0 

func (o SecretBackendOutput) Address() pulumi.StringOutput

Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500".

func (SecretBackendOutput) Bootstrap added in v5.7.0 

func (o SecretBackendOutput) Bootstrap() pulumi.BoolPtrOutput

Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap.

func (SecretBackendOutput) CaCert added in v5.6.0 

func (o SecretBackendOutput) CaCert() pulumi.StringPtrOutput

CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded.

func (SecretBackendOutput) ClientCert added in v5.6.0 

func (o SecretBackendOutput) ClientCert() pulumi.StringPtrOutput

Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key.

func (SecretBackendOutput) ClientKey added in v5.6.0 

func (o SecretBackendOutput) ClientKey() pulumi.StringPtrOutput

Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_cert.

func (SecretBackendOutput) DefaultLeaseTtlSeconds added in v5.6.0 

func (o SecretBackendOutput) DefaultLeaseTtlSeconds() pulumi.IntPtrOutput

The default TTL for credentials issued by this backend.

func (SecretBackendOutput) Description added in v5.6.0 

func (o SecretBackendOutput) Description() pulumi.StringPtrOutput

A human-friendly description for this backend.

func (SecretBackendOutput) DisableRemount added in v5.7.0 

func (o SecretBackendOutput) DisableRemount() pulumi.BoolPtrOutput

If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)

func (SecretBackendOutput) ElementType 

func (SecretBackendOutput) ElementType() reflect.Type

func (SecretBackendOutput) Local added in v5.6.0 

func (o SecretBackendOutput) Local() pulumi.BoolPtrOutput

Specifies if the secret backend is local only.

func (SecretBackendOutput) MaxLeaseTtlSeconds added in v5.6.0 

func (o SecretBackendOutput) MaxLeaseTtlSeconds() pulumi.IntPtrOutput

The maximum TTL that can be requested for credentials issued by this backend.

func (SecretBackendOutput) Namespace added in v5.7.0 

func (o SecretBackendOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*.

func (SecretBackendOutput) Path added in v5.6.0 

func (o SecretBackendOutput) Path() pulumi.StringPtrOutput

The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults to `consul`.

func (SecretBackendOutput) Scheme added in v5.6.0 

func (o SecretBackendOutput) Scheme() pulumi.StringPtrOutput

Specifies the URL scheme to use. Defaults to `http`.

func (SecretBackendOutput) ToSecretBackendOutput 

func (o SecretBackendOutput) ToSecretBackendOutput() SecretBackendOutput

func (SecretBackendOutput) ToSecretBackendOutputWithContext 

func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Context) SecretBackendOutput

func (SecretBackendOutput) Token added in v5.6.0 

func (o SecretBackendOutput) Token() pulumi.StringPtrOutput

Specifies the Consul token to use when managing or issuing new tokens.

type SecretBackendRole 

type SecretBackendRole struct {
	pulumi.CustomResourceState

	// The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// The Consul namespace that the token will be created in.
	// Applicable for Vault 1.10+ and Consul 1.7+".
	ConsulNamespace pulumi.StringOutput `pulumi:"consulNamespace"`
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
	ConsulPolicies pulumi.StringArrayOutput `pulumi:"consulPolicies"`
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
	// Applicable for Vault 1.10+ with Consul 1.5+.
	ConsulRoles pulumi.StringArrayOutput `pulumi:"consulRoles"`
	// Indicates that the token should not be replicated globally and instead be local to the current datacenter.
	Local pulumi.BoolPtrOutput `pulumi:"local"`
	// Maximum TTL for leases associated with this role, in seconds.
	MaxTtl pulumi.IntPtrOutput `pulumi:"maxTtl"`
	// The name of the Consul secrets engine role to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
	// identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
	NodeIdentities pulumi.StringArrayOutput `pulumi:"nodeIdentities"`
	// The admin partition that the token will be created in.
	// Applicable for Vault 1.10+ and Consul 1.11+".
	Partition pulumi.StringOutput `pulumi:"partition"`
	// The list of Consul ACL policies to associate with these roles.
	// **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter,
	// `policies`, remains supported for legacy users, but Vault has deprecated this field.
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
	// service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
	ServiceIdentities pulumi.StringArrayOutput `pulumi:"serviceIdentities"`
	// Specifies the type of token to create when using this role. Valid values are "client" or "management".
	// *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
	//
	// Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.
	TokenType pulumi.StringPtrOutput `pulumi:"tokenType"`
	// Specifies the TTL for this role.
	Ttl pulumi.IntPtrOutput `pulumi:"ttl"`
}

Manages a Consul secrets role for a Consul secrets engine in Vault. Consul secret backends can then issue Consul tokens.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		test, err := consul.NewSecretBackend(ctx, "test", &consul.SecretBackendArgs{
			Path:        pulumi.String("consul"),
			Description: pulumi.String("Manages the Consul backend"),
			Address:     pulumi.String("127.0.0.1:8500"),
			Token:       pulumi.String("4240861b-ce3d-8530-115a-521ff070dd29"),
		})
		if err != nil {
			return err
		}
		_, err = consul.NewSecretBackendRole(ctx, "example", &consul.SecretBackendRoleArgs{
			Backend: test.Path,
			ConsulPolicies: pulumi.StringArray{
				pulumi.String("example-policy"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## Note About Required Arguments

*At least one* of the four arguments `consulPolicies`, `consulRoles`, `serviceIdentities`, or `nodeIdentities` is required for a token. If desired, any combination of the four arguments up-to and including all four, is valid.

## Import

Consul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.

```sh 

$ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role

```

func GetSecretBackendRole 

func GetSecretBackendRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRole 

func NewSecretBackendRole(ctx *pulumi.Context,
	name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRole) ElementType 

func (*SecretBackendRole) ElementType() reflect.Type

func (*SecretBackendRole) ToSecretBackendRoleOutput 

func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext 

func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

type SecretBackendRoleArgs 

type SecretBackendRoleArgs struct {
	// The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
	Backend pulumi.StringPtrInput
	// The Consul namespace that the token will be created in.
	// Applicable for Vault 1.10+ and Consul 1.7+".
	ConsulNamespace pulumi.StringPtrInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
	ConsulPolicies pulumi.StringArrayInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
	// Applicable for Vault 1.10+ with Consul 1.5+.
	ConsulRoles pulumi.StringArrayInput
	// Indicates that the token should not be replicated globally and instead be local to the current datacenter.
	Local pulumi.BoolPtrInput
	// Maximum TTL for leases associated with this role, in seconds.
	MaxTtl pulumi.IntPtrInput
	// The name of the Consul secrets engine role to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
	// identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
	NodeIdentities pulumi.StringArrayInput
	// The admin partition that the token will be created in.
	// Applicable for Vault 1.10+ and Consul 1.11+".
	Partition pulumi.StringPtrInput
	// The list of Consul ACL policies to associate with these roles.
	// **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter,
	// `policies`, remains supported for legacy users, but Vault has deprecated this field.
	Policies pulumi.StringArrayInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
	// service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
	ServiceIdentities pulumi.StringArrayInput
	// Specifies the type of token to create when using this role. Valid values are "client" or "management".
	// *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
	//
	// Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.
	TokenType pulumi.StringPtrInput
	// Specifies the TTL for this role.
	Ttl pulumi.IntPtrInput
}

The set of arguments for constructing a SecretBackendRole resource.

func (SecretBackendRoleArgs) ElementType 

func (SecretBackendRoleArgs) ElementType() reflect.Type

type SecretBackendRoleArray 

type SecretBackendRoleArray []SecretBackendRoleInput

func (SecretBackendRoleArray) ElementType 

func (SecretBackendRoleArray) ElementType() reflect.Type

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleArrayInput 

type SecretBackendRoleArrayInput interface {
	pulumi.Input

	ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
	ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput
}

SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via: 

SecretBackendRoleArray{ SecretBackendRoleArgs{...} }

type SecretBackendRoleArrayOutput 

type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleArrayOutput) ElementType 

func (SecretBackendRoleArrayOutput) ElementType() reflect.Type

func (SecretBackendRoleArrayOutput) Index 

func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleInput 

type SecretBackendRoleInput interface {
	pulumi.Input

	ToSecretBackendRoleOutput() SecretBackendRoleOutput
	ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
}

type SecretBackendRoleMap 

type SecretBackendRoleMap map[string]SecretBackendRoleInput

func (SecretBackendRoleMap) ElementType 

func (SecretBackendRoleMap) ElementType() reflect.Type

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleMapInput 

type SecretBackendRoleMapInput interface {
	pulumi.Input

	ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
	ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput
}

SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via: 

SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }

type SecretBackendRoleMapOutput 

type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleMapOutput) ElementType 

func (SecretBackendRoleMapOutput) ElementType() reflect.Type

func (SecretBackendRoleMapOutput) MapIndex 

func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleOutput 

type SecretBackendRoleOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleOutput) Backend added in v5.6.0 

func (o SecretBackendRoleOutput) Backend() pulumi.StringPtrOutput

The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.

func (SecretBackendRoleOutput) ConsulNamespace added in v5.6.0 

func (o SecretBackendRoleOutput) ConsulNamespace() pulumi.StringOutput

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

func (SecretBackendRoleOutput) ConsulPolicies added in v5.7.0 

func (o SecretBackendRoleOutput) ConsulPolicies() pulumi.StringArrayOutput

<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.

func (SecretBackendRoleOutput) ConsulRoles added in v5.6.0 

func (o SecretBackendRoleOutput) ConsulRoles() pulumi.StringArrayOutput

<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

func (SecretBackendRoleOutput) ElementType 

func (SecretBackendRoleOutput) ElementType() reflect.Type

func (SecretBackendRoleOutput) Local added in v5.6.0 

func (o SecretBackendRoleOutput) Local() pulumi.BoolPtrOutput

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

func (SecretBackendRoleOutput) MaxTtl added in v5.6.0 

func (o SecretBackendRoleOutput) MaxTtl() pulumi.IntPtrOutput

Maximum TTL for leases associated with this role, in seconds.

func (SecretBackendRoleOutput) Name added in v5.6.0 

func (o SecretBackendRoleOutput) Name() pulumi.StringOutput

The name of the Consul secrets engine role to create.

func (SecretBackendRoleOutput) Namespace added in v5.7.0 

func (o SecretBackendRoleOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*.

func (SecretBackendRoleOutput) NodeIdentities added in v5.7.0 

func (o SecretBackendRoleOutput) NodeIdentities() pulumi.StringArrayOutput

<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

func (SecretBackendRoleOutput) Partition added in v5.6.0 

func (o SecretBackendRoleOutput) Partition() pulumi.StringOutput

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

func (SecretBackendRoleOutput) Policies added in v5.6.0 

func (o SecretBackendRoleOutput) Policies() pulumi.StringArrayOutput

The list of Consul ACL policies to associate with these roles. **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter, `policies`, remains supported for legacy users, but Vault has deprecated this field.

func (SecretBackendRoleOutput) ServiceIdentities added in v5.7.0 

func (o SecretBackendRoleOutput) ServiceIdentities() pulumi.StringArrayOutput

<sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

func (SecretBackendRoleOutput) ToSecretBackendRoleOutput 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

func (SecretBackendRoleOutput) TokenType deprecated added in v5.6.0 

func (o SecretBackendRoleOutput) TokenType() pulumi.StringPtrOutput

Specifies the type of token to create when using this role. Valid values are "client" or "management". *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*

Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

func (SecretBackendRoleOutput) Ttl added in v5.6.0 

func (o SecretBackendRoleOutput) Ttl() pulumi.IntPtrOutput

Specifies the TTL for this role.

type SecretBackendRoleState 

type SecretBackendRoleState struct {
	// The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
	Backend pulumi.StringPtrInput
	// The Consul namespace that the token will be created in.
	// Applicable for Vault 1.10+ and Consul 1.7+".
	ConsulNamespace pulumi.StringPtrInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
	ConsulPolicies pulumi.StringArrayInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
	// Applicable for Vault 1.10+ with Consul 1.5+.
	ConsulRoles pulumi.StringArrayInput
	// Indicates that the token should not be replicated globally and instead be local to the current datacenter.
	Local pulumi.BoolPtrInput
	// Maximum TTL for leases associated with this role, in seconds.
	MaxTtl pulumi.IntPtrInput
	// The name of the Consul secrets engine role to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
	// identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
	NodeIdentities pulumi.StringArrayInput
	// The admin partition that the token will be created in.
	// Applicable for Vault 1.10+ and Consul 1.11+".
	Partition pulumi.StringPtrInput
	// The list of Consul ACL policies to associate with these roles.
	// **NOTE:** The new parameter `consulPolicies` should be used in favor of this. This parameter,
	// `policies`, remains supported for legacy users, but Vault has deprecated this field.
	Policies pulumi.StringArrayInput
	// <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
	// service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
	ServiceIdentities pulumi.StringArrayInput
	// Specifies the type of token to create when using this role. Valid values are "client" or "management".
	// *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
	//
	// Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.
	TokenType pulumi.StringPtrInput
	// Specifies the TTL for this role.
	Ttl pulumi.IntPtrInput
}

func (SecretBackendRoleState) ElementType 

func (SecretBackendRoleState) ElementType() reflect.Type

type SecretBackendState 

type SecretBackendState struct {
	// Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500".
	Address pulumi.StringPtrInput
	// Denotes a backend resource that is used to bootstrap the Consul ACL system. Only one resource may be used to bootstrap.
	Bootstrap pulumi.BoolPtrInput
	// CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded.
	CaCert pulumi.StringPtrInput
	// Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if
	// this is set you need to also set client_key.
	ClientCert pulumi.StringPtrInput
	// Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set
	// you need to also set client_cert.
	ClientKey pulumi.StringPtrInput
	// The default TTL for credentials issued by this backend.
	DefaultLeaseTtlSeconds pulumi.IntPtrInput
	// A human-friendly description for this backend.
	Description pulumi.StringPtrInput
	// If set, opts out of mount migration on path updates.
	// See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
	DisableRemount pulumi.BoolPtrInput
	// Specifies if the secret backend is local only.
	Local pulumi.BoolPtrInput
	// The maximum TTL that can be requested
	// for credentials issued by this backend.
	MaxLeaseTtlSeconds pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults
	// to `consul`.
	Path pulumi.StringPtrInput
	// Specifies the URL scheme to use. Defaults to `http`.
	Scheme pulumi.StringPtrInput
	// Specifies the Consul token to use when managing or issuing new tokens.
	Token pulumi.StringPtrInput
}

func (SecretBackendState) ElementType 

func (SecretBackendState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.