Documentation ¶
Index ¶
- type Keys
- type KeysArgs
- type KeysArray
- type KeysArrayInput
- type KeysArrayOutput
- type KeysAw
- type KeysAwArgs
- type KeysAwArray
- type KeysAwArrayInput
- type KeysAwArrayOutput
- type KeysAwInput
- type KeysAwOutput
- func (o KeysAwOutput) AccessKey() pulumi.StringOutput
- func (o KeysAwOutput) AllowGenerateKey() pulumi.BoolPtrOutput
- func (o KeysAwOutput) AllowReplaceKey() pulumi.BoolPtrOutput
- func (o KeysAwOutput) AllowStoreKey() pulumi.BoolPtrOutput
- func (o KeysAwOutput) AnyMount() pulumi.BoolPtrOutput
- func (o KeysAwOutput) Curve() pulumi.StringPtrOutput
- func (KeysAwOutput) ElementType() reflect.Type
- func (o KeysAwOutput) Endpoint() pulumi.StringPtrOutput
- func (o KeysAwOutput) KeyBits() pulumi.StringOutput
- func (o KeysAwOutput) KeyType() pulumi.StringOutput
- func (o KeysAwOutput) KmsKey() pulumi.StringOutput
- func (o KeysAwOutput) Name() pulumi.StringOutput
- func (o KeysAwOutput) Region() pulumi.StringPtrOutput
- func (o KeysAwOutput) SecretKey() pulumi.StringOutput
- func (o KeysAwOutput) ToKeysAwOutput() KeysAwOutput
- func (o KeysAwOutput) ToKeysAwOutputWithContext(ctx context.Context) KeysAwOutput
- func (o KeysAwOutput) Uuid() pulumi.StringPtrOutput
- type KeysAzure
- type KeysAzureArgs
- type KeysAzureArray
- type KeysAzureArrayInput
- type KeysAzureArrayOutput
- func (KeysAzureArrayOutput) ElementType() reflect.Type
- func (o KeysAzureArrayOutput) Index(i pulumi.IntInput) KeysAzureOutput
- func (o KeysAzureArrayOutput) ToKeysAzureArrayOutput() KeysAzureArrayOutput
- func (o KeysAzureArrayOutput) ToKeysAzureArrayOutputWithContext(ctx context.Context) KeysAzureArrayOutput
- type KeysAzureInput
- type KeysAzureOutput
- func (o KeysAzureOutput) AllowGenerateKey() pulumi.BoolPtrOutput
- func (o KeysAzureOutput) AllowReplaceKey() pulumi.BoolPtrOutput
- func (o KeysAzureOutput) AllowStoreKey() pulumi.BoolPtrOutput
- func (o KeysAzureOutput) AnyMount() pulumi.BoolPtrOutput
- func (o KeysAzureOutput) ClientId() pulumi.StringOutput
- func (o KeysAzureOutput) ClientSecret() pulumi.StringOutput
- func (KeysAzureOutput) ElementType() reflect.Type
- func (o KeysAzureOutput) Environment() pulumi.StringPtrOutput
- func (o KeysAzureOutput) KeyBits() pulumi.StringPtrOutput
- func (o KeysAzureOutput) KeyName() pulumi.StringOutput
- func (o KeysAzureOutput) KeyType() pulumi.StringOutput
- func (o KeysAzureOutput) Name() pulumi.StringOutput
- func (o KeysAzureOutput) Resource() pulumi.StringPtrOutput
- func (o KeysAzureOutput) TenantId() pulumi.StringOutput
- func (o KeysAzureOutput) ToKeysAzureOutput() KeysAzureOutput
- func (o KeysAzureOutput) ToKeysAzureOutputWithContext(ctx context.Context) KeysAzureOutput
- func (o KeysAzureOutput) Uuid() pulumi.StringPtrOutput
- func (o KeysAzureOutput) VaultName() pulumi.StringOutput
- type KeysInput
- type KeysMap
- type KeysMapInput
- type KeysMapOutput
- type KeysOutput
- func (o KeysOutput) Aws() KeysAwArrayOutput
- func (o KeysOutput) Azures() KeysAzureArrayOutput
- func (KeysOutput) ElementType() reflect.Type
- func (o KeysOutput) Namespace() pulumi.StringPtrOutput
- func (o KeysOutput) Pkcs() KeysPkcArrayOutput
- func (o KeysOutput) ToKeysOutput() KeysOutput
- func (o KeysOutput) ToKeysOutputWithContext(ctx context.Context) KeysOutput
- type KeysPkc
- type KeysPkcArgs
- type KeysPkcArray
- type KeysPkcArrayInput
- type KeysPkcArrayOutput
- type KeysPkcInput
- type KeysPkcOutput
- func (o KeysPkcOutput) AllowGenerateKey() pulumi.BoolPtrOutput
- func (o KeysPkcOutput) AllowReplaceKey() pulumi.BoolPtrOutput
- func (o KeysPkcOutput) AllowStoreKey() pulumi.BoolPtrOutput
- func (o KeysPkcOutput) AnyMount() pulumi.BoolPtrOutput
- func (o KeysPkcOutput) Curve() pulumi.StringPtrOutput
- func (KeysPkcOutput) ElementType() reflect.Type
- func (o KeysPkcOutput) ForceRwSession() pulumi.StringPtrOutput
- func (o KeysPkcOutput) KeyBits() pulumi.StringPtrOutput
- func (o KeysPkcOutput) KeyId() pulumi.StringOutput
- func (o KeysPkcOutput) KeyLabel() pulumi.StringOutput
- func (o KeysPkcOutput) Library() pulumi.StringOutput
- func (o KeysPkcOutput) Mechanism() pulumi.StringOutput
- func (o KeysPkcOutput) Name() pulumi.StringOutput
- func (o KeysPkcOutput) Pin() pulumi.StringOutput
- func (o KeysPkcOutput) Slot() pulumi.StringPtrOutput
- func (o KeysPkcOutput) ToKeysPkcOutput() KeysPkcOutput
- func (o KeysPkcOutput) ToKeysPkcOutputWithContext(ctx context.Context) KeysPkcOutput
- func (o KeysPkcOutput) TokenLabel() pulumi.StringPtrOutput
- func (o KeysPkcOutput) Uuid() pulumi.StringPtrOutput
- type KeysState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Keys ¶
type Keys struct { pulumi.CustomResourceState // Configuration block for AWS Managed Keys Aws KeysAwArrayOutput `pulumi:"aws"` // Configuration block for Azure Managed Keys Azures KeysAzureArrayOutput `pulumi:"azures"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured namespace. // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Configuration block for PKCS Managed Keys Pkcs KeysPkcArrayOutput `pulumi:"pkcs"` }
A resource that manages the lifecycle of all [Managed Keys](https://www.vaultproject.io/docs/enterprise/managed-keys) in Vault.
**Note** this feature is available only with Vault Enterprise.
## Caveats
This single resource handles the lifecycle of _all_ the managed keys that must be created in Vault. There can only be one such resource in the TF state, and if there are already provisioned managed keys in Vault, we recommend using `pulumi import` instead.
## Import
Mounts can be imported using the `id` of `default`, e.g.
```sh
$ pulumi import vault:managed/keys:Keys keys default
```
func GetKeys ¶
func GetKeys(ctx *pulumi.Context, name string, id pulumi.IDInput, state *KeysState, opts ...pulumi.ResourceOption) (*Keys, error)
GetKeys gets an existing Keys resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewKeys ¶
func NewKeys(ctx *pulumi.Context, name string, args *KeysArgs, opts ...pulumi.ResourceOption) (*Keys, error)
NewKeys registers a new resource with the given unique name, arguments, and options.
func (*Keys) ElementType ¶
func (*Keys) ToKeysOutput ¶
func (i *Keys) ToKeysOutput() KeysOutput
func (*Keys) ToKeysOutputWithContext ¶
func (i *Keys) ToKeysOutputWithContext(ctx context.Context) KeysOutput
type KeysArgs ¶
type KeysArgs struct { // Configuration block for AWS Managed Keys Aws KeysAwArrayInput // Configuration block for Azure Managed Keys Azures KeysAzureArrayInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured namespace. // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Configuration block for PKCS Managed Keys Pkcs KeysPkcArrayInput }
The set of arguments for constructing a Keys resource.
func (KeysArgs) ElementType ¶
type KeysArray ¶
type KeysArray []KeysInput
func (KeysArray) ElementType ¶
func (KeysArray) ToKeysArrayOutput ¶
func (i KeysArray) ToKeysArrayOutput() KeysArrayOutput
func (KeysArray) ToKeysArrayOutputWithContext ¶
func (i KeysArray) ToKeysArrayOutputWithContext(ctx context.Context) KeysArrayOutput
type KeysArrayInput ¶
type KeysArrayInput interface { pulumi.Input ToKeysArrayOutput() KeysArrayOutput ToKeysArrayOutputWithContext(context.Context) KeysArrayOutput }
KeysArrayInput is an input type that accepts KeysArray and KeysArrayOutput values. You can construct a concrete instance of `KeysArrayInput` via:
KeysArray{ KeysArgs{...} }
type KeysArrayOutput ¶
type KeysArrayOutput struct{ *pulumi.OutputState }
func (KeysArrayOutput) ElementType ¶
func (KeysArrayOutput) ElementType() reflect.Type
func (KeysArrayOutput) Index ¶
func (o KeysArrayOutput) Index(i pulumi.IntInput) KeysOutput
func (KeysArrayOutput) ToKeysArrayOutput ¶
func (o KeysArrayOutput) ToKeysArrayOutput() KeysArrayOutput
func (KeysArrayOutput) ToKeysArrayOutputWithContext ¶
func (o KeysArrayOutput) ToKeysArrayOutputWithContext(ctx context.Context) KeysArrayOutput
type KeysAw ¶
type KeysAw struct { // The AWS access key to use. AccessKey string `pulumi:"accessKey"` // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. AllowGenerateKey *bool `pulumi:"allowGenerateKey"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to `false` those operations are forbidden // if a key exists. AllowReplaceKey *bool `pulumi:"allowReplaceKey"` // Controls the ability for Vault to import a key to the // configured backend, if `false`, those operations will be forbidden. AllowStoreKey *bool `pulumi:"allowStoreKey"` // If `true`, allows usage from any mount point within the // namespace. AnyMount *bool `pulumi:"anyMount"` // The curve to use for an ECDSA key. Used when `keyType` // is `ECDSA`. Required if `allowGenerateKey` is `true`. Curve *string `pulumi:"curve"` // Used to specify a custom AWS endpoint. Endpoint *string `pulumi:"endpoint"` // The size in bits for an RSA key. KeyBits string `pulumi:"keyBits"` // The type of key to use. KeyType string `pulumi:"keyType"` // An identifier for the key. KmsKey string `pulumi:"kmsKey"` // A unique lowercase name that serves as identifying the key. Name string `pulumi:"name"` // The AWS region where the keys are stored (or will be stored). Region *string `pulumi:"region"` // The AWS access key to use. SecretKey string `pulumi:"secretKey"` // ID of the managed key read from Vault Uuid *string `pulumi:"uuid"` }
type KeysAwArgs ¶
type KeysAwArgs struct { // The AWS access key to use. AccessKey pulumi.StringInput `pulumi:"accessKey"` // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. AllowGenerateKey pulumi.BoolPtrInput `pulumi:"allowGenerateKey"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to `false` those operations are forbidden // if a key exists. AllowReplaceKey pulumi.BoolPtrInput `pulumi:"allowReplaceKey"` // Controls the ability for Vault to import a key to the // configured backend, if `false`, those operations will be forbidden. AllowStoreKey pulumi.BoolPtrInput `pulumi:"allowStoreKey"` // If `true`, allows usage from any mount point within the // namespace. AnyMount pulumi.BoolPtrInput `pulumi:"anyMount"` // The curve to use for an ECDSA key. Used when `keyType` // is `ECDSA`. Required if `allowGenerateKey` is `true`. Curve pulumi.StringPtrInput `pulumi:"curve"` // Used to specify a custom AWS endpoint. Endpoint pulumi.StringPtrInput `pulumi:"endpoint"` // The size in bits for an RSA key. KeyBits pulumi.StringInput `pulumi:"keyBits"` // The type of key to use. KeyType pulumi.StringInput `pulumi:"keyType"` // An identifier for the key. KmsKey pulumi.StringInput `pulumi:"kmsKey"` // A unique lowercase name that serves as identifying the key. Name pulumi.StringInput `pulumi:"name"` // The AWS region where the keys are stored (or will be stored). Region pulumi.StringPtrInput `pulumi:"region"` // The AWS access key to use. SecretKey pulumi.StringInput `pulumi:"secretKey"` // ID of the managed key read from Vault Uuid pulumi.StringPtrInput `pulumi:"uuid"` }
func (KeysAwArgs) ElementType ¶
func (KeysAwArgs) ElementType() reflect.Type
func (KeysAwArgs) ToKeysAwOutput ¶
func (i KeysAwArgs) ToKeysAwOutput() KeysAwOutput
func (KeysAwArgs) ToKeysAwOutputWithContext ¶
func (i KeysAwArgs) ToKeysAwOutputWithContext(ctx context.Context) KeysAwOutput
type KeysAwArray ¶
type KeysAwArray []KeysAwInput
func (KeysAwArray) ElementType ¶
func (KeysAwArray) ElementType() reflect.Type
func (KeysAwArray) ToKeysAwArrayOutput ¶
func (i KeysAwArray) ToKeysAwArrayOutput() KeysAwArrayOutput
func (KeysAwArray) ToKeysAwArrayOutputWithContext ¶
func (i KeysAwArray) ToKeysAwArrayOutputWithContext(ctx context.Context) KeysAwArrayOutput
type KeysAwArrayInput ¶
type KeysAwArrayInput interface { pulumi.Input ToKeysAwArrayOutput() KeysAwArrayOutput ToKeysAwArrayOutputWithContext(context.Context) KeysAwArrayOutput }
KeysAwArrayInput is an input type that accepts KeysAwArray and KeysAwArrayOutput values. You can construct a concrete instance of `KeysAwArrayInput` via:
KeysAwArray{ KeysAwArgs{...} }
type KeysAwArrayOutput ¶
type KeysAwArrayOutput struct{ *pulumi.OutputState }
func (KeysAwArrayOutput) ElementType ¶
func (KeysAwArrayOutput) ElementType() reflect.Type
func (KeysAwArrayOutput) Index ¶
func (o KeysAwArrayOutput) Index(i pulumi.IntInput) KeysAwOutput
func (KeysAwArrayOutput) ToKeysAwArrayOutput ¶
func (o KeysAwArrayOutput) ToKeysAwArrayOutput() KeysAwArrayOutput
func (KeysAwArrayOutput) ToKeysAwArrayOutputWithContext ¶
func (o KeysAwArrayOutput) ToKeysAwArrayOutputWithContext(ctx context.Context) KeysAwArrayOutput
type KeysAwInput ¶
type KeysAwInput interface { pulumi.Input ToKeysAwOutput() KeysAwOutput ToKeysAwOutputWithContext(context.Context) KeysAwOutput }
KeysAwInput is an input type that accepts KeysAwArgs and KeysAwOutput values. You can construct a concrete instance of `KeysAwInput` via:
KeysAwArgs{...}
type KeysAwOutput ¶
type KeysAwOutput struct{ *pulumi.OutputState }
func (KeysAwOutput) AccessKey ¶
func (o KeysAwOutput) AccessKey() pulumi.StringOutput
The AWS access key to use.
func (KeysAwOutput) AllowGenerateKey ¶
func (o KeysAwOutput) AllowGenerateKey() pulumi.BoolPtrOutput
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend.
func (KeysAwOutput) AllowReplaceKey ¶
func (o KeysAwOutput) AllowReplaceKey() pulumi.BoolPtrOutput
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to `false` those operations are forbidden if a key exists.
func (KeysAwOutput) AllowStoreKey ¶
func (o KeysAwOutput) AllowStoreKey() pulumi.BoolPtrOutput
Controls the ability for Vault to import a key to the configured backend, if `false`, those operations will be forbidden.
func (KeysAwOutput) AnyMount ¶
func (o KeysAwOutput) AnyMount() pulumi.BoolPtrOutput
If `true`, allows usage from any mount point within the namespace.
func (KeysAwOutput) Curve ¶
func (o KeysAwOutput) Curve() pulumi.StringPtrOutput
The curve to use for an ECDSA key. Used when `keyType` is `ECDSA`. Required if `allowGenerateKey` is `true`.
func (KeysAwOutput) ElementType ¶
func (KeysAwOutput) ElementType() reflect.Type
func (KeysAwOutput) Endpoint ¶
func (o KeysAwOutput) Endpoint() pulumi.StringPtrOutput
Used to specify a custom AWS endpoint.
func (KeysAwOutput) KeyBits ¶
func (o KeysAwOutput) KeyBits() pulumi.StringOutput
The size in bits for an RSA key.
func (KeysAwOutput) KeyType ¶
func (o KeysAwOutput) KeyType() pulumi.StringOutput
The type of key to use.
func (KeysAwOutput) KmsKey ¶
func (o KeysAwOutput) KmsKey() pulumi.StringOutput
An identifier for the key.
func (KeysAwOutput) Name ¶
func (o KeysAwOutput) Name() pulumi.StringOutput
A unique lowercase name that serves as identifying the key.
func (KeysAwOutput) Region ¶
func (o KeysAwOutput) Region() pulumi.StringPtrOutput
The AWS region where the keys are stored (or will be stored).
func (KeysAwOutput) SecretKey ¶
func (o KeysAwOutput) SecretKey() pulumi.StringOutput
The AWS access key to use.
func (KeysAwOutput) ToKeysAwOutput ¶
func (o KeysAwOutput) ToKeysAwOutput() KeysAwOutput
func (KeysAwOutput) ToKeysAwOutputWithContext ¶
func (o KeysAwOutput) ToKeysAwOutputWithContext(ctx context.Context) KeysAwOutput
func (KeysAwOutput) Uuid ¶
func (o KeysAwOutput) Uuid() pulumi.StringPtrOutput
ID of the managed key read from Vault
type KeysAzure ¶
type KeysAzure struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. AllowGenerateKey *bool `pulumi:"allowGenerateKey"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to `false` those operations are forbidden // if a key exists. AllowReplaceKey *bool `pulumi:"allowReplaceKey"` // Controls the ability for Vault to import a key to the // configured backend, if `false`, those operations will be forbidden. AllowStoreKey *bool `pulumi:"allowStoreKey"` // If `true`, allows usage from any mount point within the // namespace. AnyMount *bool `pulumi:"anyMount"` // The client id for credentials to query the Azure APIs. ClientId string `pulumi:"clientId"` // The client secret for credentials to query the Azure APIs. ClientSecret string `pulumi:"clientSecret"` // The Azure Cloud environment API endpoints to use. Environment *string `pulumi:"environment"` // The size in bits for an RSA key. KeyBits *string `pulumi:"keyBits"` // The Key Vault key to use for encryption and decryption. KeyName string `pulumi:"keyName"` // The type of key to use. KeyType string `pulumi:"keyType"` // A unique lowercase name that serves as identifying the key. Name string `pulumi:"name"` // The Azure Key Vault resource's DNS Suffix to connect to. Resource *string `pulumi:"resource"` // The tenant id for the Azure Active Directory organization. TenantId string `pulumi:"tenantId"` // ID of the managed key read from Vault Uuid *string `pulumi:"uuid"` // The Key Vault vault to use for encryption and decryption. VaultName string `pulumi:"vaultName"` }
type KeysAzureArgs ¶
type KeysAzureArgs struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. AllowGenerateKey pulumi.BoolPtrInput `pulumi:"allowGenerateKey"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to `false` those operations are forbidden // if a key exists. AllowReplaceKey pulumi.BoolPtrInput `pulumi:"allowReplaceKey"` // Controls the ability for Vault to import a key to the // configured backend, if `false`, those operations will be forbidden. AllowStoreKey pulumi.BoolPtrInput `pulumi:"allowStoreKey"` // If `true`, allows usage from any mount point within the // namespace. AnyMount pulumi.BoolPtrInput `pulumi:"anyMount"` // The client id for credentials to query the Azure APIs. ClientId pulumi.StringInput `pulumi:"clientId"` // The client secret for credentials to query the Azure APIs. ClientSecret pulumi.StringInput `pulumi:"clientSecret"` // The Azure Cloud environment API endpoints to use. Environment pulumi.StringPtrInput `pulumi:"environment"` // The size in bits for an RSA key. KeyBits pulumi.StringPtrInput `pulumi:"keyBits"` // The Key Vault key to use for encryption and decryption. KeyName pulumi.StringInput `pulumi:"keyName"` // The type of key to use. KeyType pulumi.StringInput `pulumi:"keyType"` // A unique lowercase name that serves as identifying the key. Name pulumi.StringInput `pulumi:"name"` // The Azure Key Vault resource's DNS Suffix to connect to. Resource pulumi.StringPtrInput `pulumi:"resource"` // The tenant id for the Azure Active Directory organization. TenantId pulumi.StringInput `pulumi:"tenantId"` // ID of the managed key read from Vault Uuid pulumi.StringPtrInput `pulumi:"uuid"` // The Key Vault vault to use for encryption and decryption. VaultName pulumi.StringInput `pulumi:"vaultName"` }
func (KeysAzureArgs) ElementType ¶
func (KeysAzureArgs) ElementType() reflect.Type
func (KeysAzureArgs) ToKeysAzureOutput ¶
func (i KeysAzureArgs) ToKeysAzureOutput() KeysAzureOutput
func (KeysAzureArgs) ToKeysAzureOutputWithContext ¶
func (i KeysAzureArgs) ToKeysAzureOutputWithContext(ctx context.Context) KeysAzureOutput
type KeysAzureArray ¶
type KeysAzureArray []KeysAzureInput
func (KeysAzureArray) ElementType ¶
func (KeysAzureArray) ElementType() reflect.Type
func (KeysAzureArray) ToKeysAzureArrayOutput ¶
func (i KeysAzureArray) ToKeysAzureArrayOutput() KeysAzureArrayOutput
func (KeysAzureArray) ToKeysAzureArrayOutputWithContext ¶
func (i KeysAzureArray) ToKeysAzureArrayOutputWithContext(ctx context.Context) KeysAzureArrayOutput
type KeysAzureArrayInput ¶
type KeysAzureArrayInput interface { pulumi.Input ToKeysAzureArrayOutput() KeysAzureArrayOutput ToKeysAzureArrayOutputWithContext(context.Context) KeysAzureArrayOutput }
KeysAzureArrayInput is an input type that accepts KeysAzureArray and KeysAzureArrayOutput values. You can construct a concrete instance of `KeysAzureArrayInput` via:
KeysAzureArray{ KeysAzureArgs{...} }
type KeysAzureArrayOutput ¶
type KeysAzureArrayOutput struct{ *pulumi.OutputState }
func (KeysAzureArrayOutput) ElementType ¶
func (KeysAzureArrayOutput) ElementType() reflect.Type
func (KeysAzureArrayOutput) Index ¶
func (o KeysAzureArrayOutput) Index(i pulumi.IntInput) KeysAzureOutput
func (KeysAzureArrayOutput) ToKeysAzureArrayOutput ¶
func (o KeysAzureArrayOutput) ToKeysAzureArrayOutput() KeysAzureArrayOutput
func (KeysAzureArrayOutput) ToKeysAzureArrayOutputWithContext ¶
func (o KeysAzureArrayOutput) ToKeysAzureArrayOutputWithContext(ctx context.Context) KeysAzureArrayOutput
type KeysAzureInput ¶
type KeysAzureInput interface { pulumi.Input ToKeysAzureOutput() KeysAzureOutput ToKeysAzureOutputWithContext(context.Context) KeysAzureOutput }
KeysAzureInput is an input type that accepts KeysAzureArgs and KeysAzureOutput values. You can construct a concrete instance of `KeysAzureInput` via:
KeysAzureArgs{...}
type KeysAzureOutput ¶
type KeysAzureOutput struct{ *pulumi.OutputState }
func (KeysAzureOutput) AllowGenerateKey ¶
func (o KeysAzureOutput) AllowGenerateKey() pulumi.BoolPtrOutput
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend.
func (KeysAzureOutput) AllowReplaceKey ¶
func (o KeysAzureOutput) AllowReplaceKey() pulumi.BoolPtrOutput
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to `false` those operations are forbidden if a key exists.
func (KeysAzureOutput) AllowStoreKey ¶
func (o KeysAzureOutput) AllowStoreKey() pulumi.BoolPtrOutput
Controls the ability for Vault to import a key to the configured backend, if `false`, those operations will be forbidden.
func (KeysAzureOutput) AnyMount ¶
func (o KeysAzureOutput) AnyMount() pulumi.BoolPtrOutput
If `true`, allows usage from any mount point within the namespace.
func (KeysAzureOutput) ClientId ¶
func (o KeysAzureOutput) ClientId() pulumi.StringOutput
The client id for credentials to query the Azure APIs.
func (KeysAzureOutput) ClientSecret ¶
func (o KeysAzureOutput) ClientSecret() pulumi.StringOutput
The client secret for credentials to query the Azure APIs.
func (KeysAzureOutput) ElementType ¶
func (KeysAzureOutput) ElementType() reflect.Type
func (KeysAzureOutput) Environment ¶
func (o KeysAzureOutput) Environment() pulumi.StringPtrOutput
The Azure Cloud environment API endpoints to use.
func (KeysAzureOutput) KeyBits ¶
func (o KeysAzureOutput) KeyBits() pulumi.StringPtrOutput
The size in bits for an RSA key.
func (KeysAzureOutput) KeyName ¶
func (o KeysAzureOutput) KeyName() pulumi.StringOutput
The Key Vault key to use for encryption and decryption.
func (KeysAzureOutput) KeyType ¶
func (o KeysAzureOutput) KeyType() pulumi.StringOutput
The type of key to use.
func (KeysAzureOutput) Name ¶
func (o KeysAzureOutput) Name() pulumi.StringOutput
A unique lowercase name that serves as identifying the key.
func (KeysAzureOutput) Resource ¶
func (o KeysAzureOutput) Resource() pulumi.StringPtrOutput
The Azure Key Vault resource's DNS Suffix to connect to.
func (KeysAzureOutput) TenantId ¶
func (o KeysAzureOutput) TenantId() pulumi.StringOutput
The tenant id for the Azure Active Directory organization.
func (KeysAzureOutput) ToKeysAzureOutput ¶
func (o KeysAzureOutput) ToKeysAzureOutput() KeysAzureOutput
func (KeysAzureOutput) ToKeysAzureOutputWithContext ¶
func (o KeysAzureOutput) ToKeysAzureOutputWithContext(ctx context.Context) KeysAzureOutput
func (KeysAzureOutput) Uuid ¶
func (o KeysAzureOutput) Uuid() pulumi.StringPtrOutput
ID of the managed key read from Vault
func (KeysAzureOutput) VaultName ¶
func (o KeysAzureOutput) VaultName() pulumi.StringOutput
The Key Vault vault to use for encryption and decryption.
type KeysInput ¶
type KeysInput interface { pulumi.Input ToKeysOutput() KeysOutput ToKeysOutputWithContext(ctx context.Context) KeysOutput }
type KeysMap ¶
func (KeysMap) ElementType ¶
func (KeysMap) ToKeysMapOutput ¶
func (i KeysMap) ToKeysMapOutput() KeysMapOutput
func (KeysMap) ToKeysMapOutputWithContext ¶
func (i KeysMap) ToKeysMapOutputWithContext(ctx context.Context) KeysMapOutput
type KeysMapInput ¶
type KeysMapInput interface { pulumi.Input ToKeysMapOutput() KeysMapOutput ToKeysMapOutputWithContext(context.Context) KeysMapOutput }
KeysMapInput is an input type that accepts KeysMap and KeysMapOutput values. You can construct a concrete instance of `KeysMapInput` via:
KeysMap{ "key": KeysArgs{...} }
type KeysMapOutput ¶
type KeysMapOutput struct{ *pulumi.OutputState }
func (KeysMapOutput) ElementType ¶
func (KeysMapOutput) ElementType() reflect.Type
func (KeysMapOutput) MapIndex ¶
func (o KeysMapOutput) MapIndex(k pulumi.StringInput) KeysOutput
func (KeysMapOutput) ToKeysMapOutput ¶
func (o KeysMapOutput) ToKeysMapOutput() KeysMapOutput
func (KeysMapOutput) ToKeysMapOutputWithContext ¶
func (o KeysMapOutput) ToKeysMapOutputWithContext(ctx context.Context) KeysMapOutput
type KeysOutput ¶
type KeysOutput struct{ *pulumi.OutputState }
func (KeysOutput) Aws ¶
func (o KeysOutput) Aws() KeysAwArrayOutput
Configuration block for AWS Managed Keys
func (KeysOutput) Azures ¶
func (o KeysOutput) Azures() KeysAzureArrayOutput
Configuration block for Azure Managed Keys
func (KeysOutput) ElementType ¶
func (KeysOutput) ElementType() reflect.Type
func (KeysOutput) Namespace ¶
func (o KeysOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured namespace. *Available only for Vault Enterprise*.
func (KeysOutput) Pkcs ¶
func (o KeysOutput) Pkcs() KeysPkcArrayOutput
Configuration block for PKCS Managed Keys
func (KeysOutput) ToKeysOutput ¶
func (o KeysOutput) ToKeysOutput() KeysOutput
func (KeysOutput) ToKeysOutputWithContext ¶
func (o KeysOutput) ToKeysOutputWithContext(ctx context.Context) KeysOutput
type KeysPkc ¶
type KeysPkc struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. AllowGenerateKey *bool `pulumi:"allowGenerateKey"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to `false` those operations are forbidden // if a key exists. AllowReplaceKey *bool `pulumi:"allowReplaceKey"` // Controls the ability for Vault to import a key to the // configured backend, if `false`, those operations will be forbidden. AllowStoreKey *bool `pulumi:"allowStoreKey"` // If `true`, allows usage from any mount point within the // namespace. AnyMount *bool `pulumi:"anyMount"` // The curve to use for an ECDSA key. Used when `keyType` // is `ECDSA`. Required if `allowGenerateKey` is `true`. Curve *string `pulumi:"curve"` // Force all operations to open up a read-write session to // the HSM. ForceRwSession *string `pulumi:"forceRwSession"` // The size in bits for an RSA key. KeyBits *string `pulumi:"keyBits"` // The id of a PKCS#11 key to use. KeyId string `pulumi:"keyId"` // The label of the key to use. KeyLabel string `pulumi:"keyLabel"` // The name of the kmsLibrary stanza to use from Vault's config // to lookup the local library path. Library string `pulumi:"library"` // The encryption/decryption mechanism to use, specified as a // hexadecimal (prefixed by 0x) string. Mechanism string `pulumi:"mechanism"` // A unique lowercase name that serves as identifying the key. Name string `pulumi:"name"` // The PIN for login. Pin string `pulumi:"pin"` // The slot number to use, specified as a string in a decimal format // (e.g. `2305843009213693953`). Slot *string `pulumi:"slot"` // The slot token label to use. TokenLabel *string `pulumi:"tokenLabel"` // ID of the managed key read from Vault Uuid *string `pulumi:"uuid"` }
type KeysPkcArgs ¶
type KeysPkcArgs struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. AllowGenerateKey pulumi.BoolPtrInput `pulumi:"allowGenerateKey"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to `false` those operations are forbidden // if a key exists. AllowReplaceKey pulumi.BoolPtrInput `pulumi:"allowReplaceKey"` // Controls the ability for Vault to import a key to the // configured backend, if `false`, those operations will be forbidden. AllowStoreKey pulumi.BoolPtrInput `pulumi:"allowStoreKey"` // If `true`, allows usage from any mount point within the // namespace. AnyMount pulumi.BoolPtrInput `pulumi:"anyMount"` // The curve to use for an ECDSA key. Used when `keyType` // is `ECDSA`. Required if `allowGenerateKey` is `true`. Curve pulumi.StringPtrInput `pulumi:"curve"` // Force all operations to open up a read-write session to // the HSM. ForceRwSession pulumi.StringPtrInput `pulumi:"forceRwSession"` // The size in bits for an RSA key. KeyBits pulumi.StringPtrInput `pulumi:"keyBits"` // The id of a PKCS#11 key to use. KeyId pulumi.StringInput `pulumi:"keyId"` // The label of the key to use. KeyLabel pulumi.StringInput `pulumi:"keyLabel"` // The name of the kmsLibrary stanza to use from Vault's config // to lookup the local library path. Library pulumi.StringInput `pulumi:"library"` // The encryption/decryption mechanism to use, specified as a // hexadecimal (prefixed by 0x) string. Mechanism pulumi.StringInput `pulumi:"mechanism"` // A unique lowercase name that serves as identifying the key. Name pulumi.StringInput `pulumi:"name"` // The PIN for login. Pin pulumi.StringInput `pulumi:"pin"` // The slot number to use, specified as a string in a decimal format // (e.g. `2305843009213693953`). Slot pulumi.StringPtrInput `pulumi:"slot"` // The slot token label to use. TokenLabel pulumi.StringPtrInput `pulumi:"tokenLabel"` // ID of the managed key read from Vault Uuid pulumi.StringPtrInput `pulumi:"uuid"` }
func (KeysPkcArgs) ElementType ¶
func (KeysPkcArgs) ElementType() reflect.Type
func (KeysPkcArgs) ToKeysPkcOutput ¶
func (i KeysPkcArgs) ToKeysPkcOutput() KeysPkcOutput
func (KeysPkcArgs) ToKeysPkcOutputWithContext ¶
func (i KeysPkcArgs) ToKeysPkcOutputWithContext(ctx context.Context) KeysPkcOutput
type KeysPkcArray ¶
type KeysPkcArray []KeysPkcInput
func (KeysPkcArray) ElementType ¶
func (KeysPkcArray) ElementType() reflect.Type
func (KeysPkcArray) ToKeysPkcArrayOutput ¶
func (i KeysPkcArray) ToKeysPkcArrayOutput() KeysPkcArrayOutput
func (KeysPkcArray) ToKeysPkcArrayOutputWithContext ¶
func (i KeysPkcArray) ToKeysPkcArrayOutputWithContext(ctx context.Context) KeysPkcArrayOutput
type KeysPkcArrayInput ¶
type KeysPkcArrayInput interface { pulumi.Input ToKeysPkcArrayOutput() KeysPkcArrayOutput ToKeysPkcArrayOutputWithContext(context.Context) KeysPkcArrayOutput }
KeysPkcArrayInput is an input type that accepts KeysPkcArray and KeysPkcArrayOutput values. You can construct a concrete instance of `KeysPkcArrayInput` via:
KeysPkcArray{ KeysPkcArgs{...} }
type KeysPkcArrayOutput ¶
type KeysPkcArrayOutput struct{ *pulumi.OutputState }
func (KeysPkcArrayOutput) ElementType ¶
func (KeysPkcArrayOutput) ElementType() reflect.Type
func (KeysPkcArrayOutput) Index ¶
func (o KeysPkcArrayOutput) Index(i pulumi.IntInput) KeysPkcOutput
func (KeysPkcArrayOutput) ToKeysPkcArrayOutput ¶
func (o KeysPkcArrayOutput) ToKeysPkcArrayOutput() KeysPkcArrayOutput
func (KeysPkcArrayOutput) ToKeysPkcArrayOutputWithContext ¶
func (o KeysPkcArrayOutput) ToKeysPkcArrayOutputWithContext(ctx context.Context) KeysPkcArrayOutput
type KeysPkcInput ¶
type KeysPkcInput interface { pulumi.Input ToKeysPkcOutput() KeysPkcOutput ToKeysPkcOutputWithContext(context.Context) KeysPkcOutput }
KeysPkcInput is an input type that accepts KeysPkcArgs and KeysPkcOutput values. You can construct a concrete instance of `KeysPkcInput` via:
KeysPkcArgs{...}
type KeysPkcOutput ¶
type KeysPkcOutput struct{ *pulumi.OutputState }
func (KeysPkcOutput) AllowGenerateKey ¶
func (o KeysPkcOutput) AllowGenerateKey() pulumi.BoolPtrOutput
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend.
func (KeysPkcOutput) AllowReplaceKey ¶
func (o KeysPkcOutput) AllowReplaceKey() pulumi.BoolPtrOutput
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to `false` those operations are forbidden if a key exists.
func (KeysPkcOutput) AllowStoreKey ¶
func (o KeysPkcOutput) AllowStoreKey() pulumi.BoolPtrOutput
Controls the ability for Vault to import a key to the configured backend, if `false`, those operations will be forbidden.
func (KeysPkcOutput) AnyMount ¶
func (o KeysPkcOutput) AnyMount() pulumi.BoolPtrOutput
If `true`, allows usage from any mount point within the namespace.
func (KeysPkcOutput) Curve ¶
func (o KeysPkcOutput) Curve() pulumi.StringPtrOutput
The curve to use for an ECDSA key. Used when `keyType` is `ECDSA`. Required if `allowGenerateKey` is `true`.
func (KeysPkcOutput) ElementType ¶
func (KeysPkcOutput) ElementType() reflect.Type
func (KeysPkcOutput) ForceRwSession ¶
func (o KeysPkcOutput) ForceRwSession() pulumi.StringPtrOutput
Force all operations to open up a read-write session to the HSM.
func (KeysPkcOutput) KeyBits ¶
func (o KeysPkcOutput) KeyBits() pulumi.StringPtrOutput
The size in bits for an RSA key.
func (KeysPkcOutput) KeyId ¶
func (o KeysPkcOutput) KeyId() pulumi.StringOutput
The id of a PKCS#11 key to use.
func (KeysPkcOutput) KeyLabel ¶
func (o KeysPkcOutput) KeyLabel() pulumi.StringOutput
The label of the key to use.
func (KeysPkcOutput) Library ¶
func (o KeysPkcOutput) Library() pulumi.StringOutput
The name of the kmsLibrary stanza to use from Vault's config to lookup the local library path.
func (KeysPkcOutput) Mechanism ¶
func (o KeysPkcOutput) Mechanism() pulumi.StringOutput
The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
func (KeysPkcOutput) Name ¶
func (o KeysPkcOutput) Name() pulumi.StringOutput
A unique lowercase name that serves as identifying the key.
func (KeysPkcOutput) Slot ¶
func (o KeysPkcOutput) Slot() pulumi.StringPtrOutput
The slot number to use, specified as a string in a decimal format (e.g. `2305843009213693953`).
func (KeysPkcOutput) ToKeysPkcOutput ¶
func (o KeysPkcOutput) ToKeysPkcOutput() KeysPkcOutput
func (KeysPkcOutput) ToKeysPkcOutputWithContext ¶
func (o KeysPkcOutput) ToKeysPkcOutputWithContext(ctx context.Context) KeysPkcOutput
func (KeysPkcOutput) TokenLabel ¶
func (o KeysPkcOutput) TokenLabel() pulumi.StringPtrOutput
The slot token label to use.
func (KeysPkcOutput) Uuid ¶
func (o KeysPkcOutput) Uuid() pulumi.StringPtrOutput
ID of the managed key read from Vault
type KeysState ¶
type KeysState struct { // Configuration block for AWS Managed Keys Aws KeysAwArrayInput // Configuration block for Azure Managed Keys Azures KeysAzureArrayInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured namespace. // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Configuration block for PKCS Managed Keys Pkcs KeysPkcArrayInput }