Documentation ¶
Index ¶
- type GetDecryptArgs
- type GetDecryptOutputArgs
- type GetDecryptResult
- type GetDecryptResultOutput
- func (o GetDecryptResultOutput) Backend() pulumi.StringOutput
- func (o GetDecryptResultOutput) Ciphertext() pulumi.StringOutput
- func (o GetDecryptResultOutput) Context() pulumi.StringPtrOutput
- func (GetDecryptResultOutput) ElementType() reflect.Type
- func (o GetDecryptResultOutput) Id() pulumi.StringOutput
- func (o GetDecryptResultOutput) Key() pulumi.StringOutput
- func (o GetDecryptResultOutput) Namespace() pulumi.StringPtrOutput
- func (o GetDecryptResultOutput) Plaintext() pulumi.StringOutput
- func (o GetDecryptResultOutput) ToGetDecryptResultOutput() GetDecryptResultOutput
- func (o GetDecryptResultOutput) ToGetDecryptResultOutputWithContext(ctx context.Context) GetDecryptResultOutput
- type GetEncryptArgs
- type GetEncryptOutputArgs
- type GetEncryptResult
- type GetEncryptResultOutput
- func (o GetEncryptResultOutput) Backend() pulumi.StringOutput
- func (o GetEncryptResultOutput) Ciphertext() pulumi.StringOutput
- func (o GetEncryptResultOutput) Context() pulumi.StringPtrOutput
- func (GetEncryptResultOutput) ElementType() reflect.Type
- func (o GetEncryptResultOutput) Id() pulumi.StringOutput
- func (o GetEncryptResultOutput) Key() pulumi.StringOutput
- func (o GetEncryptResultOutput) KeyVersion() pulumi.IntPtrOutput
- func (o GetEncryptResultOutput) Namespace() pulumi.StringPtrOutput
- func (o GetEncryptResultOutput) Plaintext() pulumi.StringOutput
- func (o GetEncryptResultOutput) ToGetEncryptResultOutput() GetEncryptResultOutput
- func (o GetEncryptResultOutput) ToGetEncryptResultOutputWithContext(ctx context.Context) GetEncryptResultOutput
- type SecretBackendKey
- type SecretBackendKeyArgs
- type SecretBackendKeyArray
- type SecretBackendKeyArrayInput
- type SecretBackendKeyArrayOutput
- func (SecretBackendKeyArrayOutput) ElementType() reflect.Type
- func (o SecretBackendKeyArrayOutput) Index(i pulumi.IntInput) SecretBackendKeyOutput
- func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput
- func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext(ctx context.Context) SecretBackendKeyArrayOutput
- type SecretBackendKeyInput
- type SecretBackendKeyMap
- type SecretBackendKeyMapInput
- type SecretBackendKeyMapOutput
- func (SecretBackendKeyMapOutput) ElementType() reflect.Type
- func (o SecretBackendKeyMapOutput) MapIndex(k pulumi.StringInput) SecretBackendKeyOutput
- func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput
- func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext(ctx context.Context) SecretBackendKeyMapOutput
- type SecretBackendKeyOutput
- func (o SecretBackendKeyOutput) AllowPlaintextBackup() pulumi.BoolPtrOutput
- func (o SecretBackendKeyOutput) AutoRotateInterval() pulumi.IntOutputdeprecated
- func (o SecretBackendKeyOutput) AutoRotatePeriod() pulumi.IntOutput
- func (o SecretBackendKeyOutput) Backend() pulumi.StringOutput
- func (o SecretBackendKeyOutput) ConvergentEncryption() pulumi.BoolPtrOutput
- func (o SecretBackendKeyOutput) DeletionAllowed() pulumi.BoolPtrOutput
- func (o SecretBackendKeyOutput) Derived() pulumi.BoolPtrOutput
- func (SecretBackendKeyOutput) ElementType() reflect.Type
- func (o SecretBackendKeyOutput) Exportable() pulumi.BoolPtrOutput
- func (o SecretBackendKeyOutput) KeySize() pulumi.IntPtrOutput
- func (o SecretBackendKeyOutput) Keys() pulumi.MapArrayOutput
- func (o SecretBackendKeyOutput) LatestVersion() pulumi.IntOutput
- func (o SecretBackendKeyOutput) MinAvailableVersion() pulumi.IntOutput
- func (o SecretBackendKeyOutput) MinDecryptionVersion() pulumi.IntPtrOutput
- func (o SecretBackendKeyOutput) MinEncryptionVersion() pulumi.IntPtrOutput
- func (o SecretBackendKeyOutput) Name() pulumi.StringOutput
- func (o SecretBackendKeyOutput) Namespace() pulumi.StringPtrOutput
- func (o SecretBackendKeyOutput) SupportsDecryption() pulumi.BoolOutput
- func (o SecretBackendKeyOutput) SupportsDerivation() pulumi.BoolOutput
- func (o SecretBackendKeyOutput) SupportsEncryption() pulumi.BoolOutput
- func (o SecretBackendKeyOutput) SupportsSigning() pulumi.BoolOutput
- func (o SecretBackendKeyOutput) ToSecretBackendKeyOutput() SecretBackendKeyOutput
- func (o SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput
- func (o SecretBackendKeyOutput) Type() pulumi.StringPtrOutput
- type SecretBackendKeyState
- type SecretCacheConfig
- type SecretCacheConfigArgs
- type SecretCacheConfigArray
- type SecretCacheConfigArrayInput
- type SecretCacheConfigArrayOutput
- func (SecretCacheConfigArrayOutput) ElementType() reflect.Type
- func (o SecretCacheConfigArrayOutput) Index(i pulumi.IntInput) SecretCacheConfigOutput
- func (o SecretCacheConfigArrayOutput) ToSecretCacheConfigArrayOutput() SecretCacheConfigArrayOutput
- func (o SecretCacheConfigArrayOutput) ToSecretCacheConfigArrayOutputWithContext(ctx context.Context) SecretCacheConfigArrayOutput
- type SecretCacheConfigInput
- type SecretCacheConfigMap
- type SecretCacheConfigMapInput
- type SecretCacheConfigMapOutput
- func (SecretCacheConfigMapOutput) ElementType() reflect.Type
- func (o SecretCacheConfigMapOutput) MapIndex(k pulumi.StringInput) SecretCacheConfigOutput
- func (o SecretCacheConfigMapOutput) ToSecretCacheConfigMapOutput() SecretCacheConfigMapOutput
- func (o SecretCacheConfigMapOutput) ToSecretCacheConfigMapOutputWithContext(ctx context.Context) SecretCacheConfigMapOutput
- type SecretCacheConfigOutput
- func (o SecretCacheConfigOutput) Backend() pulumi.StringOutput
- func (SecretCacheConfigOutput) ElementType() reflect.Type
- func (o SecretCacheConfigOutput) Namespace() pulumi.StringPtrOutput
- func (o SecretCacheConfigOutput) Size() pulumi.IntOutput
- func (o SecretCacheConfigOutput) ToSecretCacheConfigOutput() SecretCacheConfigOutput
- func (o SecretCacheConfigOutput) ToSecretCacheConfigOutputWithContext(ctx context.Context) SecretCacheConfigOutput
- type SecretCacheConfigState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GetDecryptArgs ¶
type GetDecryptArgs struct { // The path the transit secret backend is mounted at, with no leading or trailing `/`. Backend string `pulumi:"backend"` // Ciphertext to be decoded. Ciphertext string `pulumi:"ciphertext"` // Context for key derivation. This is required if key derivation is enabled for this key. Context *string `pulumi:"context"` // Specifies the name of the transit key to decrypt against. Key string `pulumi:"key"` Namespace *string `pulumi:"namespace"` }
A collection of arguments for invoking getDecrypt.
type GetDecryptOutputArgs ¶
type GetDecryptOutputArgs struct { // The path the transit secret backend is mounted at, with no leading or trailing `/`. Backend pulumi.StringInput `pulumi:"backend"` // Ciphertext to be decoded. Ciphertext pulumi.StringInput `pulumi:"ciphertext"` // Context for key derivation. This is required if key derivation is enabled for this key. Context pulumi.StringPtrInput `pulumi:"context"` // Specifies the name of the transit key to decrypt against. Key pulumi.StringInput `pulumi:"key"` Namespace pulumi.StringPtrInput `pulumi:"namespace"` }
A collection of arguments for invoking getDecrypt.
func (GetDecryptOutputArgs) ElementType ¶
func (GetDecryptOutputArgs) ElementType() reflect.Type
type GetDecryptResult ¶
type GetDecryptResult struct { Backend string `pulumi:"backend"` Ciphertext string `pulumi:"ciphertext"` Context *string `pulumi:"context"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Key string `pulumi:"key"` Namespace *string `pulumi:"namespace"` // Decrypted plaintext returned from Vault Plaintext string `pulumi:"plaintext"` }
A collection of values returned by getDecrypt.
func GetDecrypt ¶
func GetDecrypt(ctx *pulumi.Context, args *GetDecryptArgs, opts ...pulumi.InvokeOption) (*GetDecryptResult, error)
This is a data source which can be used to decrypt ciphertext using a Vault Transit key.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := transit.GetDecrypt(ctx, &transit.GetDecryptArgs{ Backend: "transit", Ciphertext: "vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==", Key: "test", }, nil) if err != nil { return err } return nil }) }
```
type GetDecryptResultOutput ¶
type GetDecryptResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getDecrypt.
func GetDecryptOutput ¶
func GetDecryptOutput(ctx *pulumi.Context, args GetDecryptOutputArgs, opts ...pulumi.InvokeOption) GetDecryptResultOutput
func (GetDecryptResultOutput) Backend ¶
func (o GetDecryptResultOutput) Backend() pulumi.StringOutput
func (GetDecryptResultOutput) Ciphertext ¶
func (o GetDecryptResultOutput) Ciphertext() pulumi.StringOutput
func (GetDecryptResultOutput) Context ¶
func (o GetDecryptResultOutput) Context() pulumi.StringPtrOutput
func (GetDecryptResultOutput) ElementType ¶
func (GetDecryptResultOutput) ElementType() reflect.Type
func (GetDecryptResultOutput) Id ¶
func (o GetDecryptResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetDecryptResultOutput) Key ¶
func (o GetDecryptResultOutput) Key() pulumi.StringOutput
func (GetDecryptResultOutput) Namespace ¶ added in v5.7.0
func (o GetDecryptResultOutput) Namespace() pulumi.StringPtrOutput
func (GetDecryptResultOutput) Plaintext ¶
func (o GetDecryptResultOutput) Plaintext() pulumi.StringOutput
Decrypted plaintext returned from Vault
func (GetDecryptResultOutput) ToGetDecryptResultOutput ¶
func (o GetDecryptResultOutput) ToGetDecryptResultOutput() GetDecryptResultOutput
func (GetDecryptResultOutput) ToGetDecryptResultOutputWithContext ¶
func (o GetDecryptResultOutput) ToGetDecryptResultOutputWithContext(ctx context.Context) GetDecryptResultOutput
type GetEncryptArgs ¶
type GetEncryptArgs struct { // The path the transit secret backend is mounted at, with no leading or trailing `/`. Backend string `pulumi:"backend"` // Context for key derivation. This is required if key derivation is enabled for this key. Context *string `pulumi:"context"` // Specifies the name of the transit key to encrypt against. Key string `pulumi:"key"` // The version of the key to use for encryption. If not set, uses the latest version. Must be greater than or equal to the key's `minEncryptionVersion`, if set. KeyVersion *int `pulumi:"keyVersion"` Namespace *string `pulumi:"namespace"` // Plaintext to be encoded. Plaintext string `pulumi:"plaintext"` }
A collection of arguments for invoking getEncrypt.
type GetEncryptOutputArgs ¶
type GetEncryptOutputArgs struct { // The path the transit secret backend is mounted at, with no leading or trailing `/`. Backend pulumi.StringInput `pulumi:"backend"` // Context for key derivation. This is required if key derivation is enabled for this key. Context pulumi.StringPtrInput `pulumi:"context"` // Specifies the name of the transit key to encrypt against. Key pulumi.StringInput `pulumi:"key"` // The version of the key to use for encryption. If not set, uses the latest version. Must be greater than or equal to the key's `minEncryptionVersion`, if set. KeyVersion pulumi.IntPtrInput `pulumi:"keyVersion"` Namespace pulumi.StringPtrInput `pulumi:"namespace"` // Plaintext to be encoded. Plaintext pulumi.StringInput `pulumi:"plaintext"` }
A collection of arguments for invoking getEncrypt.
func (GetEncryptOutputArgs) ElementType ¶
func (GetEncryptOutputArgs) ElementType() reflect.Type
type GetEncryptResult ¶
type GetEncryptResult struct { Backend string `pulumi:"backend"` // Encrypted ciphertext returned from Vault Ciphertext string `pulumi:"ciphertext"` Context *string `pulumi:"context"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Key string `pulumi:"key"` KeyVersion *int `pulumi:"keyVersion"` Namespace *string `pulumi:"namespace"` Plaintext string `pulumi:"plaintext"` }
A collection of values returned by getEncrypt.
func GetEncrypt ¶
func GetEncrypt(ctx *pulumi.Context, args *GetEncryptArgs, opts ...pulumi.InvokeOption) (*GetEncryptResult, error)
This is a data source which can be used to encrypt plaintext using a Vault Transit key.
type GetEncryptResultOutput ¶
type GetEncryptResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getEncrypt.
func GetEncryptOutput ¶
func GetEncryptOutput(ctx *pulumi.Context, args GetEncryptOutputArgs, opts ...pulumi.InvokeOption) GetEncryptResultOutput
func (GetEncryptResultOutput) Backend ¶
func (o GetEncryptResultOutput) Backend() pulumi.StringOutput
func (GetEncryptResultOutput) Ciphertext ¶
func (o GetEncryptResultOutput) Ciphertext() pulumi.StringOutput
Encrypted ciphertext returned from Vault
func (GetEncryptResultOutput) Context ¶
func (o GetEncryptResultOutput) Context() pulumi.StringPtrOutput
func (GetEncryptResultOutput) ElementType ¶
func (GetEncryptResultOutput) ElementType() reflect.Type
func (GetEncryptResultOutput) Id ¶
func (o GetEncryptResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetEncryptResultOutput) Key ¶
func (o GetEncryptResultOutput) Key() pulumi.StringOutput
func (GetEncryptResultOutput) KeyVersion ¶
func (o GetEncryptResultOutput) KeyVersion() pulumi.IntPtrOutput
func (GetEncryptResultOutput) Namespace ¶ added in v5.7.0
func (o GetEncryptResultOutput) Namespace() pulumi.StringPtrOutput
func (GetEncryptResultOutput) Plaintext ¶
func (o GetEncryptResultOutput) Plaintext() pulumi.StringOutput
func (GetEncryptResultOutput) ToGetEncryptResultOutput ¶
func (o GetEncryptResultOutput) ToGetEncryptResultOutput() GetEncryptResultOutput
func (GetEncryptResultOutput) ToGetEncryptResultOutputWithContext ¶
func (o GetEncryptResultOutput) ToGetEncryptResultOutputWithContext(ctx context.Context) GetEncryptResultOutput
type SecretBackendKey ¶
type SecretBackendKey struct { pulumi.CustomResourceState // Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled. // * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key) AllowPlaintextBackup pulumi.BoolPtrOutput `pulumi:"allowPlaintextBackup"` // Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the // key. // // Deprecated: Use auto_rotate_period instead AutoRotateInterval pulumi.IntOutput `pulumi:"autoRotateInterval"` // Amount of seconds the key should live before being automatically rotated. // A value of 0 disables automatic rotation for the key. AutoRotatePeriod pulumi.IntOutput `pulumi:"autoRotatePeriod"` // The path the transit secret backend is mounted at, with no leading or trailing `/`s. Backend pulumi.StringOutput `pulumi:"backend"` // Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`. ConvergentEncryption pulumi.BoolPtrOutput `pulumi:"convergentEncryption"` // Specifies if the key is allowed to be deleted. DeletionAllowed pulumi.BoolPtrOutput `pulumi:"deletionAllowed"` // Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation. Derived pulumi.BoolPtrOutput `pulumi:"derived"` // Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled. Exportable pulumi.BoolPtrOutput `pulumi:"exportable"` // The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes. KeySize pulumi.IntPtrOutput `pulumi:"keySize"` // List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key. // * for key types `aes128-gcm96`, `aes256-gcm96` and `chacha20-poly1305`, each key version will be a map of a single value `id` which is just a hash of the key's metadata. // * for key types `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `rsa-2048`, `rsa-3072` and `rsa-4096`, each key version will be a map of the following: Keys pulumi.MapArrayOutput `pulumi:"keys"` // Latest key version available. This value is 1-indexed, so if `latestVersion` is `1`, then the key's information can be referenced from `keys` by selecting element `0` LatestVersion pulumi.IntOutput `pulumi:"latestVersion"` // Minimum key version available for use. If keys have been archived by increasing `minDecryptionVersion`, this attribute will reflect that change. MinAvailableVersion pulumi.IntOutput `pulumi:"minAvailableVersion"` // Minimum key version to use for decryption. MinDecryptionVersion pulumi.IntPtrOutput `pulumi:"minDecryptionVersion"` // Minimum key version to use for encryption MinEncryptionVersion pulumi.IntPtrOutput `pulumi:"minEncryptionVersion"` // The name to identify this key within the backend. Must be unique within the backend. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Whether or not the key supports decryption, based on key type. SupportsDecryption pulumi.BoolOutput `pulumi:"supportsDecryption"` // Whether or not the key supports derivation, based on key type. SupportsDerivation pulumi.BoolOutput `pulumi:"supportsDerivation"` // Whether or not the key supports encryption, based on key type. SupportsEncryption pulumi.BoolOutput `pulumi:"supportsEncryption"` // Whether or not the key supports signing, based on key type. SupportsSigning pulumi.BoolOutput `pulumi:"supportsSigning"` // Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`. // * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types) Type pulumi.StringPtrOutput `pulumi:"type"` }
Creates an Encryption Keyring on a Transit Secret Backend for Vault.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault" "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { transit, err := vault.NewMount(ctx, "transit", &vault.MountArgs{ Path: pulumi.String("transit"), Type: pulumi.String("transit"), Description: pulumi.String("Example description"), DefaultLeaseTtlSeconds: pulumi.Int(3600), MaxLeaseTtlSeconds: pulumi.Int(86400), }) if err != nil { return err } _, err = transit.NewSecretBackendKey(ctx, "key", &transit.SecretBackendKeyArgs{ Backend: transit.Path, }) if err != nil { return err } return nil }) }
``` ## Deprecations
* `autoRotateInterval` - Replaced by `autoRotatePeriod`.
## Import
Transit secret backend keys can be imported using the `path`, e.g.
```sh
$ pulumi import vault:transit/secretBackendKey:SecretBackendKey key transit/keys/my_key
```
func GetSecretBackendKey ¶
func GetSecretBackendKey(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretBackendKeyState, opts ...pulumi.ResourceOption) (*SecretBackendKey, error)
GetSecretBackendKey gets an existing SecretBackendKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretBackendKey ¶
func NewSecretBackendKey(ctx *pulumi.Context, name string, args *SecretBackendKeyArgs, opts ...pulumi.ResourceOption) (*SecretBackendKey, error)
NewSecretBackendKey registers a new resource with the given unique name, arguments, and options.
func (*SecretBackendKey) ElementType ¶
func (*SecretBackendKey) ElementType() reflect.Type
func (*SecretBackendKey) ToSecretBackendKeyOutput ¶
func (i *SecretBackendKey) ToSecretBackendKeyOutput() SecretBackendKeyOutput
func (*SecretBackendKey) ToSecretBackendKeyOutputWithContext ¶
func (i *SecretBackendKey) ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput
type SecretBackendKeyArgs ¶
type SecretBackendKeyArgs struct { // Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled. // * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key) AllowPlaintextBackup pulumi.BoolPtrInput // Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the // key. // // Deprecated: Use auto_rotate_period instead AutoRotateInterval pulumi.IntPtrInput // Amount of seconds the key should live before being automatically rotated. // A value of 0 disables automatic rotation for the key. AutoRotatePeriod pulumi.IntPtrInput // The path the transit secret backend is mounted at, with no leading or trailing `/`s. Backend pulumi.StringInput // Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`. ConvergentEncryption pulumi.BoolPtrInput // Specifies if the key is allowed to be deleted. DeletionAllowed pulumi.BoolPtrInput // Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation. Derived pulumi.BoolPtrInput // Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled. Exportable pulumi.BoolPtrInput // The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes. KeySize pulumi.IntPtrInput // Minimum key version to use for decryption. MinDecryptionVersion pulumi.IntPtrInput // Minimum key version to use for encryption MinEncryptionVersion pulumi.IntPtrInput // The name to identify this key within the backend. Must be unique within the backend. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`. // * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types) Type pulumi.StringPtrInput }
The set of arguments for constructing a SecretBackendKey resource.
func (SecretBackendKeyArgs) ElementType ¶
func (SecretBackendKeyArgs) ElementType() reflect.Type
type SecretBackendKeyArray ¶
type SecretBackendKeyArray []SecretBackendKeyInput
func (SecretBackendKeyArray) ElementType ¶
func (SecretBackendKeyArray) ElementType() reflect.Type
func (SecretBackendKeyArray) ToSecretBackendKeyArrayOutput ¶
func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput
func (SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext ¶
func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext(ctx context.Context) SecretBackendKeyArrayOutput
type SecretBackendKeyArrayInput ¶
type SecretBackendKeyArrayInput interface { pulumi.Input ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput ToSecretBackendKeyArrayOutputWithContext(context.Context) SecretBackendKeyArrayOutput }
SecretBackendKeyArrayInput is an input type that accepts SecretBackendKeyArray and SecretBackendKeyArrayOutput values. You can construct a concrete instance of `SecretBackendKeyArrayInput` via:
SecretBackendKeyArray{ SecretBackendKeyArgs{...} }
type SecretBackendKeyArrayOutput ¶
type SecretBackendKeyArrayOutput struct{ *pulumi.OutputState }
func (SecretBackendKeyArrayOutput) ElementType ¶
func (SecretBackendKeyArrayOutput) ElementType() reflect.Type
func (SecretBackendKeyArrayOutput) Index ¶
func (o SecretBackendKeyArrayOutput) Index(i pulumi.IntInput) SecretBackendKeyOutput
func (SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutput ¶
func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput
func (SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext ¶
func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext(ctx context.Context) SecretBackendKeyArrayOutput
type SecretBackendKeyInput ¶
type SecretBackendKeyInput interface { pulumi.Input ToSecretBackendKeyOutput() SecretBackendKeyOutput ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput }
type SecretBackendKeyMap ¶
type SecretBackendKeyMap map[string]SecretBackendKeyInput
func (SecretBackendKeyMap) ElementType ¶
func (SecretBackendKeyMap) ElementType() reflect.Type
func (SecretBackendKeyMap) ToSecretBackendKeyMapOutput ¶
func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput
func (SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext ¶
func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext(ctx context.Context) SecretBackendKeyMapOutput
type SecretBackendKeyMapInput ¶
type SecretBackendKeyMapInput interface { pulumi.Input ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput ToSecretBackendKeyMapOutputWithContext(context.Context) SecretBackendKeyMapOutput }
SecretBackendKeyMapInput is an input type that accepts SecretBackendKeyMap and SecretBackendKeyMapOutput values. You can construct a concrete instance of `SecretBackendKeyMapInput` via:
SecretBackendKeyMap{ "key": SecretBackendKeyArgs{...} }
type SecretBackendKeyMapOutput ¶
type SecretBackendKeyMapOutput struct{ *pulumi.OutputState }
func (SecretBackendKeyMapOutput) ElementType ¶
func (SecretBackendKeyMapOutput) ElementType() reflect.Type
func (SecretBackendKeyMapOutput) MapIndex ¶
func (o SecretBackendKeyMapOutput) MapIndex(k pulumi.StringInput) SecretBackendKeyOutput
func (SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutput ¶
func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput
func (SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext ¶
func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext(ctx context.Context) SecretBackendKeyMapOutput
type SecretBackendKeyOutput ¶
type SecretBackendKeyOutput struct{ *pulumi.OutputState }
func (SecretBackendKeyOutput) AllowPlaintextBackup ¶ added in v5.6.0
func (o SecretBackendKeyOutput) AllowPlaintextBackup() pulumi.BoolPtrOutput
Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled. * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
func (SecretBackendKeyOutput) AutoRotateInterval
deprecated
added in
v5.6.0
func (o SecretBackendKeyOutput) AutoRotateInterval() pulumi.IntOutput
Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the key.
Deprecated: Use auto_rotate_period instead
func (SecretBackendKeyOutput) AutoRotatePeriod ¶ added in v5.6.0
func (o SecretBackendKeyOutput) AutoRotatePeriod() pulumi.IntOutput
Amount of seconds the key should live before being automatically rotated. A value of 0 disables automatic rotation for the key.
func (SecretBackendKeyOutput) Backend ¶ added in v5.6.0
func (o SecretBackendKeyOutput) Backend() pulumi.StringOutput
The path the transit secret backend is mounted at, with no leading or trailing `/`s.
func (SecretBackendKeyOutput) ConvergentEncryption ¶ added in v5.6.0
func (o SecretBackendKeyOutput) ConvergentEncryption() pulumi.BoolPtrOutput
Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
func (SecretBackendKeyOutput) DeletionAllowed ¶ added in v5.6.0
func (o SecretBackendKeyOutput) DeletionAllowed() pulumi.BoolPtrOutput
Specifies if the key is allowed to be deleted.
func (SecretBackendKeyOutput) Derived ¶ added in v5.6.0
func (o SecretBackendKeyOutput) Derived() pulumi.BoolPtrOutput
Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
func (SecretBackendKeyOutput) ElementType ¶
func (SecretBackendKeyOutput) ElementType() reflect.Type
func (SecretBackendKeyOutput) Exportable ¶ added in v5.6.0
func (o SecretBackendKeyOutput) Exportable() pulumi.BoolPtrOutput
Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
func (SecretBackendKeyOutput) KeySize ¶ added in v5.16.0
func (o SecretBackendKeyOutput) KeySize() pulumi.IntPtrOutput
The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
func (SecretBackendKeyOutput) Keys ¶ added in v5.6.0
func (o SecretBackendKeyOutput) Keys() pulumi.MapArrayOutput
List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key. * for key types `aes128-gcm96`, `aes256-gcm96` and `chacha20-poly1305`, each key version will be a map of a single value `id` which is just a hash of the key's metadata. * for key types `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `rsa-2048`, `rsa-3072` and `rsa-4096`, each key version will be a map of the following:
func (SecretBackendKeyOutput) LatestVersion ¶ added in v5.6.0
func (o SecretBackendKeyOutput) LatestVersion() pulumi.IntOutput
Latest key version available. This value is 1-indexed, so if `latestVersion` is `1`, then the key's information can be referenced from `keys` by selecting element `0`
func (SecretBackendKeyOutput) MinAvailableVersion ¶ added in v5.6.0
func (o SecretBackendKeyOutput) MinAvailableVersion() pulumi.IntOutput
Minimum key version available for use. If keys have been archived by increasing `minDecryptionVersion`, this attribute will reflect that change.
func (SecretBackendKeyOutput) MinDecryptionVersion ¶ added in v5.6.0
func (o SecretBackendKeyOutput) MinDecryptionVersion() pulumi.IntPtrOutput
Minimum key version to use for decryption.
func (SecretBackendKeyOutput) MinEncryptionVersion ¶ added in v5.6.0
func (o SecretBackendKeyOutput) MinEncryptionVersion() pulumi.IntPtrOutput
Minimum key version to use for encryption
func (SecretBackendKeyOutput) Name ¶ added in v5.6.0
func (o SecretBackendKeyOutput) Name() pulumi.StringOutput
The name to identify this key within the backend. Must be unique within the backend.
func (SecretBackendKeyOutput) Namespace ¶ added in v5.7.0
func (o SecretBackendKeyOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*.
func (SecretBackendKeyOutput) SupportsDecryption ¶ added in v5.6.0
func (o SecretBackendKeyOutput) SupportsDecryption() pulumi.BoolOutput
Whether or not the key supports decryption, based on key type.
func (SecretBackendKeyOutput) SupportsDerivation ¶ added in v5.6.0
func (o SecretBackendKeyOutput) SupportsDerivation() pulumi.BoolOutput
Whether or not the key supports derivation, based on key type.
func (SecretBackendKeyOutput) SupportsEncryption ¶ added in v5.6.0
func (o SecretBackendKeyOutput) SupportsEncryption() pulumi.BoolOutput
Whether or not the key supports encryption, based on key type.
func (SecretBackendKeyOutput) SupportsSigning ¶ added in v5.6.0
func (o SecretBackendKeyOutput) SupportsSigning() pulumi.BoolOutput
Whether or not the key supports signing, based on key type.
func (SecretBackendKeyOutput) ToSecretBackendKeyOutput ¶
func (o SecretBackendKeyOutput) ToSecretBackendKeyOutput() SecretBackendKeyOutput
func (SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext ¶
func (o SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput
func (SecretBackendKeyOutput) Type ¶ added in v5.6.0
func (o SecretBackendKeyOutput) Type() pulumi.StringPtrOutput
Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`. * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)
type SecretBackendKeyState ¶
type SecretBackendKeyState struct { // Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled. // * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key) AllowPlaintextBackup pulumi.BoolPtrInput // Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the // key. // // Deprecated: Use auto_rotate_period instead AutoRotateInterval pulumi.IntPtrInput // Amount of seconds the key should live before being automatically rotated. // A value of 0 disables automatic rotation for the key. AutoRotatePeriod pulumi.IntPtrInput // The path the transit secret backend is mounted at, with no leading or trailing `/`s. Backend pulumi.StringPtrInput // Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`. ConvergentEncryption pulumi.BoolPtrInput // Specifies if the key is allowed to be deleted. DeletionAllowed pulumi.BoolPtrInput // Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation. Derived pulumi.BoolPtrInput // Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled. Exportable pulumi.BoolPtrInput // The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes. KeySize pulumi.IntPtrInput // List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key. // * for key types `aes128-gcm96`, `aes256-gcm96` and `chacha20-poly1305`, each key version will be a map of a single value `id` which is just a hash of the key's metadata. // * for key types `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `rsa-2048`, `rsa-3072` and `rsa-4096`, each key version will be a map of the following: Keys pulumi.MapArrayInput // Latest key version available. This value is 1-indexed, so if `latestVersion` is `1`, then the key's information can be referenced from `keys` by selecting element `0` LatestVersion pulumi.IntPtrInput // Minimum key version available for use. If keys have been archived by increasing `minDecryptionVersion`, this attribute will reflect that change. MinAvailableVersion pulumi.IntPtrInput // Minimum key version to use for decryption. MinDecryptionVersion pulumi.IntPtrInput // Minimum key version to use for encryption MinEncryptionVersion pulumi.IntPtrInput // The name to identify this key within the backend. Must be unique within the backend. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Whether or not the key supports decryption, based on key type. SupportsDecryption pulumi.BoolPtrInput // Whether or not the key supports derivation, based on key type. SupportsDerivation pulumi.BoolPtrInput // Whether or not the key supports encryption, based on key type. SupportsEncryption pulumi.BoolPtrInput // Whether or not the key supports signing, based on key type. SupportsSigning pulumi.BoolPtrInput // Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`. // * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types) Type pulumi.StringPtrInput }
func (SecretBackendKeyState) ElementType ¶
func (SecretBackendKeyState) ElementType() reflect.Type
type SecretCacheConfig ¶
type SecretCacheConfig struct { pulumi.CustomResourceState // The path the transit secret backend is mounted at, with no leading or trailing `/`s. Backend pulumi.StringOutput `pulumi:"backend"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // The number of cache entries. 0 means unlimited. Size pulumi.IntOutput `pulumi:"size"` }
Configure the cache for the Transit Secret Backend in Vault.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault" "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { transit, err := vault.NewMount(ctx, "transit", &vault.MountArgs{ Path: pulumi.String("transit"), Type: pulumi.String("transit"), Description: pulumi.String("Example description"), DefaultLeaseTtlSeconds: pulumi.Int(3600), MaxLeaseTtlSeconds: pulumi.Int(86400), }) if err != nil { return err } _, err = transit.NewSecretCacheConfig(ctx, "cfg", &transit.SecretCacheConfigArgs{ Backend: transit.Path, Size: pulumi.Int(500), }) if err != nil { return err } return nil }) }
```
func GetSecretCacheConfig ¶
func GetSecretCacheConfig(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretCacheConfigState, opts ...pulumi.ResourceOption) (*SecretCacheConfig, error)
GetSecretCacheConfig gets an existing SecretCacheConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretCacheConfig ¶
func NewSecretCacheConfig(ctx *pulumi.Context, name string, args *SecretCacheConfigArgs, opts ...pulumi.ResourceOption) (*SecretCacheConfig, error)
NewSecretCacheConfig registers a new resource with the given unique name, arguments, and options.
func (*SecretCacheConfig) ElementType ¶
func (*SecretCacheConfig) ElementType() reflect.Type
func (*SecretCacheConfig) ToSecretCacheConfigOutput ¶
func (i *SecretCacheConfig) ToSecretCacheConfigOutput() SecretCacheConfigOutput
func (*SecretCacheConfig) ToSecretCacheConfigOutputWithContext ¶
func (i *SecretCacheConfig) ToSecretCacheConfigOutputWithContext(ctx context.Context) SecretCacheConfigOutput
type SecretCacheConfigArgs ¶
type SecretCacheConfigArgs struct { // The path the transit secret backend is mounted at, with no leading or trailing `/`s. Backend pulumi.StringInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The number of cache entries. 0 means unlimited. Size pulumi.IntInput }
The set of arguments for constructing a SecretCacheConfig resource.
func (SecretCacheConfigArgs) ElementType ¶
func (SecretCacheConfigArgs) ElementType() reflect.Type
type SecretCacheConfigArray ¶
type SecretCacheConfigArray []SecretCacheConfigInput
func (SecretCacheConfigArray) ElementType ¶
func (SecretCacheConfigArray) ElementType() reflect.Type
func (SecretCacheConfigArray) ToSecretCacheConfigArrayOutput ¶
func (i SecretCacheConfigArray) ToSecretCacheConfigArrayOutput() SecretCacheConfigArrayOutput
func (SecretCacheConfigArray) ToSecretCacheConfigArrayOutputWithContext ¶
func (i SecretCacheConfigArray) ToSecretCacheConfigArrayOutputWithContext(ctx context.Context) SecretCacheConfigArrayOutput
type SecretCacheConfigArrayInput ¶
type SecretCacheConfigArrayInput interface { pulumi.Input ToSecretCacheConfigArrayOutput() SecretCacheConfigArrayOutput ToSecretCacheConfigArrayOutputWithContext(context.Context) SecretCacheConfigArrayOutput }
SecretCacheConfigArrayInput is an input type that accepts SecretCacheConfigArray and SecretCacheConfigArrayOutput values. You can construct a concrete instance of `SecretCacheConfigArrayInput` via:
SecretCacheConfigArray{ SecretCacheConfigArgs{...} }
type SecretCacheConfigArrayOutput ¶
type SecretCacheConfigArrayOutput struct{ *pulumi.OutputState }
func (SecretCacheConfigArrayOutput) ElementType ¶
func (SecretCacheConfigArrayOutput) ElementType() reflect.Type
func (SecretCacheConfigArrayOutput) Index ¶
func (o SecretCacheConfigArrayOutput) Index(i pulumi.IntInput) SecretCacheConfigOutput
func (SecretCacheConfigArrayOutput) ToSecretCacheConfigArrayOutput ¶
func (o SecretCacheConfigArrayOutput) ToSecretCacheConfigArrayOutput() SecretCacheConfigArrayOutput
func (SecretCacheConfigArrayOutput) ToSecretCacheConfigArrayOutputWithContext ¶
func (o SecretCacheConfigArrayOutput) ToSecretCacheConfigArrayOutputWithContext(ctx context.Context) SecretCacheConfigArrayOutput
type SecretCacheConfigInput ¶
type SecretCacheConfigInput interface { pulumi.Input ToSecretCacheConfigOutput() SecretCacheConfigOutput ToSecretCacheConfigOutputWithContext(ctx context.Context) SecretCacheConfigOutput }
type SecretCacheConfigMap ¶
type SecretCacheConfigMap map[string]SecretCacheConfigInput
func (SecretCacheConfigMap) ElementType ¶
func (SecretCacheConfigMap) ElementType() reflect.Type
func (SecretCacheConfigMap) ToSecretCacheConfigMapOutput ¶
func (i SecretCacheConfigMap) ToSecretCacheConfigMapOutput() SecretCacheConfigMapOutput
func (SecretCacheConfigMap) ToSecretCacheConfigMapOutputWithContext ¶
func (i SecretCacheConfigMap) ToSecretCacheConfigMapOutputWithContext(ctx context.Context) SecretCacheConfigMapOutput
type SecretCacheConfigMapInput ¶
type SecretCacheConfigMapInput interface { pulumi.Input ToSecretCacheConfigMapOutput() SecretCacheConfigMapOutput ToSecretCacheConfigMapOutputWithContext(context.Context) SecretCacheConfigMapOutput }
SecretCacheConfigMapInput is an input type that accepts SecretCacheConfigMap and SecretCacheConfigMapOutput values. You can construct a concrete instance of `SecretCacheConfigMapInput` via:
SecretCacheConfigMap{ "key": SecretCacheConfigArgs{...} }
type SecretCacheConfigMapOutput ¶
type SecretCacheConfigMapOutput struct{ *pulumi.OutputState }
func (SecretCacheConfigMapOutput) ElementType ¶
func (SecretCacheConfigMapOutput) ElementType() reflect.Type
func (SecretCacheConfigMapOutput) MapIndex ¶
func (o SecretCacheConfigMapOutput) MapIndex(k pulumi.StringInput) SecretCacheConfigOutput
func (SecretCacheConfigMapOutput) ToSecretCacheConfigMapOutput ¶
func (o SecretCacheConfigMapOutput) ToSecretCacheConfigMapOutput() SecretCacheConfigMapOutput
func (SecretCacheConfigMapOutput) ToSecretCacheConfigMapOutputWithContext ¶
func (o SecretCacheConfigMapOutput) ToSecretCacheConfigMapOutputWithContext(ctx context.Context) SecretCacheConfigMapOutput
type SecretCacheConfigOutput ¶
type SecretCacheConfigOutput struct{ *pulumi.OutputState }
func (SecretCacheConfigOutput) Backend ¶ added in v5.6.0
func (o SecretCacheConfigOutput) Backend() pulumi.StringOutput
The path the transit secret backend is mounted at, with no leading or trailing `/`s.
func (SecretCacheConfigOutput) ElementType ¶
func (SecretCacheConfigOutput) ElementType() reflect.Type
func (SecretCacheConfigOutput) Namespace ¶ added in v5.7.0
func (o SecretCacheConfigOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*.
func (SecretCacheConfigOutput) Size ¶ added in v5.6.0
func (o SecretCacheConfigOutput) Size() pulumi.IntOutput
The number of cache entries. 0 means unlimited.
func (SecretCacheConfigOutput) ToSecretCacheConfigOutput ¶
func (o SecretCacheConfigOutput) ToSecretCacheConfigOutput() SecretCacheConfigOutput
func (SecretCacheConfigOutput) ToSecretCacheConfigOutputWithContext ¶
func (o SecretCacheConfigOutput) ToSecretCacheConfigOutputWithContext(ctx context.Context) SecretCacheConfigOutput
type SecretCacheConfigState ¶
type SecretCacheConfigState struct { // The path the transit secret backend is mounted at, with no leading or trailing `/`s. Backend pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The number of cache entries. 0 means unlimited. Size pulumi.IntPtrInput }
func (SecretCacheConfigState) ElementType ¶
func (SecretCacheConfigState) ElementType() reflect.Type