identity

package
v6.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 4, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Entity 

type Entity struct {
	pulumi.CustomResourceState

	// True/false Is this entity currently disabled. Defaults to `false`
	Disabled pulumi.BoolPtrOutput `pulumi:"disabled"`
	// `false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner.
	ExternalPolicies pulumi.BoolPtrOutput `pulumi:"externalPolicies"`
	// A Map of additional metadata to associate with the user.
	Metadata pulumi.StringMapOutput `pulumi:"metadata"`
	// Name of the identity entity to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// A list of policies to apply to the entity.
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewEntity(ctx, "test", &identity.EntityArgs{
			Metadata: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Policies: pulumi.StringArray{
				pulumi.String("test"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Identity entity can be imported using the `id`, e.g.

```sh $ pulumi import vault:identity/entity:Entity test "ae6f8ued-0f1a-9f6b-2915-1a2be20dc053" ```

func GetEntity 

func GetEntity(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EntityState, opts ...pulumi.ResourceOption) (*Entity, error)

GetEntity gets an existing Entity resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEntity 

func NewEntity(ctx *pulumi.Context,
	name string, args *EntityArgs, opts ...pulumi.ResourceOption) (*Entity, error)

NewEntity registers a new resource with the given unique name, arguments, and options.

func (*Entity) ElementType 

func (*Entity) ElementType() reflect.Type

func (*Entity) ToEntityOutput 

func (i *Entity) ToEntityOutput() EntityOutput

func (*Entity) ToEntityOutputWithContext 

func (i *Entity) ToEntityOutputWithContext(ctx context.Context) EntityOutput

type EntityAlias 

type EntityAlias struct {
	pulumi.CustomResourceState

	// Entity ID to which this alias belongs to.
	CanonicalId pulumi.StringOutput `pulumi:"canonicalId"`
	// Custom metadata to be associated with this alias.
	CustomMetadata pulumi.StringMapOutput `pulumi:"customMetadata"`
	// Accessor of the mount to which the alias should belong to.
	MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"`
	// Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewEntityAlias(ctx, "test", &identity.EntityAliasArgs{
			CanonicalId:   pulumi.String("49877D63-07AD-4B85-BDA8-B61626C477E8"),
			MountAccessor: pulumi.String("token_1f2bd5"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Identity entity alias can be imported using the `id`, e.g.

```sh $ pulumi import vault:identity/entityAlias:EntityAlias test "3856fb4d-3c91-dcaf-2401-68f446796bfb" ```

func GetEntityAlias 

func GetEntityAlias(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EntityAliasState, opts ...pulumi.ResourceOption) (*EntityAlias, error)

GetEntityAlias gets an existing EntityAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEntityAlias 

func NewEntityAlias(ctx *pulumi.Context,
	name string, args *EntityAliasArgs, opts ...pulumi.ResourceOption) (*EntityAlias, error)

NewEntityAlias registers a new resource with the given unique name, arguments, and options.

func (*EntityAlias) ElementType 

func (*EntityAlias) ElementType() reflect.Type

func (*EntityAlias) ToEntityAliasOutput 

func (i *EntityAlias) ToEntityAliasOutput() EntityAliasOutput

func (*EntityAlias) ToEntityAliasOutputWithContext 

func (i *EntityAlias) ToEntityAliasOutputWithContext(ctx context.Context) EntityAliasOutput

type EntityAliasArgs 

type EntityAliasArgs struct {
	// Entity ID to which this alias belongs to.
	CanonicalId pulumi.StringInput
	// Custom metadata to be associated with this alias.
	CustomMetadata pulumi.StringMapInput
	// Accessor of the mount to which the alias should belong to.
	MountAccessor pulumi.StringInput
	// Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a EntityAlias resource.

func (EntityAliasArgs) ElementType 

func (EntityAliasArgs) ElementType() reflect.Type

type EntityAliasArray 

type EntityAliasArray []EntityAliasInput

func (EntityAliasArray) ElementType 

func (EntityAliasArray) ElementType() reflect.Type

func (EntityAliasArray) ToEntityAliasArrayOutput 

func (i EntityAliasArray) ToEntityAliasArrayOutput() EntityAliasArrayOutput

func (EntityAliasArray) ToEntityAliasArrayOutputWithContext 

func (i EntityAliasArray) ToEntityAliasArrayOutputWithContext(ctx context.Context) EntityAliasArrayOutput

type EntityAliasArrayInput 

type EntityAliasArrayInput interface {
	pulumi.Input

	ToEntityAliasArrayOutput() EntityAliasArrayOutput
	ToEntityAliasArrayOutputWithContext(context.Context) EntityAliasArrayOutput
}

EntityAliasArrayInput is an input type that accepts EntityAliasArray and EntityAliasArrayOutput values. You can construct a concrete instance of `EntityAliasArrayInput` via: 

EntityAliasArray{ EntityAliasArgs{...} }

type EntityAliasArrayOutput 

type EntityAliasArrayOutput struct{ *pulumi.OutputState }

func (EntityAliasArrayOutput) ElementType 

func (EntityAliasArrayOutput) ElementType() reflect.Type

func (EntityAliasArrayOutput) Index 

func (o EntityAliasArrayOutput) Index(i pulumi.IntInput) EntityAliasOutput

func (EntityAliasArrayOutput) ToEntityAliasArrayOutput 

func (o EntityAliasArrayOutput) ToEntityAliasArrayOutput() EntityAliasArrayOutput

func (EntityAliasArrayOutput) ToEntityAliasArrayOutputWithContext 

func (o EntityAliasArrayOutput) ToEntityAliasArrayOutputWithContext(ctx context.Context) EntityAliasArrayOutput

type EntityAliasInput 

type EntityAliasInput interface {
	pulumi.Input

	ToEntityAliasOutput() EntityAliasOutput
	ToEntityAliasOutputWithContext(ctx context.Context) EntityAliasOutput
}

type EntityAliasMap 

type EntityAliasMap map[string]EntityAliasInput

func (EntityAliasMap) ElementType 

func (EntityAliasMap) ElementType() reflect.Type

func (EntityAliasMap) ToEntityAliasMapOutput 

func (i EntityAliasMap) ToEntityAliasMapOutput() EntityAliasMapOutput

func (EntityAliasMap) ToEntityAliasMapOutputWithContext 

func (i EntityAliasMap) ToEntityAliasMapOutputWithContext(ctx context.Context) EntityAliasMapOutput

type EntityAliasMapInput 

type EntityAliasMapInput interface {
	pulumi.Input

	ToEntityAliasMapOutput() EntityAliasMapOutput
	ToEntityAliasMapOutputWithContext(context.Context) EntityAliasMapOutput
}

EntityAliasMapInput is an input type that accepts EntityAliasMap and EntityAliasMapOutput values. You can construct a concrete instance of `EntityAliasMapInput` via: 

EntityAliasMap{ "key": EntityAliasArgs{...} }

type EntityAliasMapOutput 

type EntityAliasMapOutput struct{ *pulumi.OutputState }

func (EntityAliasMapOutput) ElementType 

func (EntityAliasMapOutput) ElementType() reflect.Type

func (EntityAliasMapOutput) MapIndex 

func (o EntityAliasMapOutput) MapIndex(k pulumi.StringInput) EntityAliasOutput

func (EntityAliasMapOutput) ToEntityAliasMapOutput 

func (o EntityAliasMapOutput) ToEntityAliasMapOutput() EntityAliasMapOutput

func (EntityAliasMapOutput) ToEntityAliasMapOutputWithContext 

func (o EntityAliasMapOutput) ToEntityAliasMapOutputWithContext(ctx context.Context) EntityAliasMapOutput

type EntityAliasOutput 

type EntityAliasOutput struct{ *pulumi.OutputState }

func (EntityAliasOutput) CanonicalId 

func (o EntityAliasOutput) CanonicalId() pulumi.StringOutput

Entity ID to which this alias belongs to.

func (EntityAliasOutput) CustomMetadata 

func (o EntityAliasOutput) CustomMetadata() pulumi.StringMapOutput

Custom metadata to be associated with this alias.

func (EntityAliasOutput) ElementType 

func (EntityAliasOutput) ElementType() reflect.Type

func (EntityAliasOutput) MountAccessor 

func (o EntityAliasOutput) MountAccessor() pulumi.StringOutput

Accessor of the mount to which the alias should belong to.

func (EntityAliasOutput) Name 

func (o EntityAliasOutput) Name() pulumi.StringOutput

Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username.

func (EntityAliasOutput) Namespace 

func (o EntityAliasOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (EntityAliasOutput) ToEntityAliasOutput 

func (o EntityAliasOutput) ToEntityAliasOutput() EntityAliasOutput

func (EntityAliasOutput) ToEntityAliasOutputWithContext 

func (o EntityAliasOutput) ToEntityAliasOutputWithContext(ctx context.Context) EntityAliasOutput

type EntityAliasState 

type EntityAliasState struct {
	// Entity ID to which this alias belongs to.
	CanonicalId pulumi.StringPtrInput
	// Custom metadata to be associated with this alias.
	CustomMetadata pulumi.StringMapInput
	// Accessor of the mount to which the alias should belong to.
	MountAccessor pulumi.StringPtrInput
	// Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (EntityAliasState) ElementType 

func (EntityAliasState) ElementType() reflect.Type

type EntityArgs 

type EntityArgs struct {
	// True/false Is this entity currently disabled. Defaults to `false`
	Disabled pulumi.BoolPtrInput
	// `false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner.
	ExternalPolicies pulumi.BoolPtrInput
	// A Map of additional metadata to associate with the user.
	Metadata pulumi.StringMapInput
	// Name of the identity entity to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// A list of policies to apply to the entity.
	Policies pulumi.StringArrayInput
}

The set of arguments for constructing a Entity resource.

func (EntityArgs) ElementType 

func (EntityArgs) ElementType() reflect.Type

type EntityArray 

type EntityArray []EntityInput

func (EntityArray) ElementType 

func (EntityArray) ElementType() reflect.Type

func (EntityArray) ToEntityArrayOutput 

func (i EntityArray) ToEntityArrayOutput() EntityArrayOutput

func (EntityArray) ToEntityArrayOutputWithContext 

func (i EntityArray) ToEntityArrayOutputWithContext(ctx context.Context) EntityArrayOutput

type EntityArrayInput 

type EntityArrayInput interface {
	pulumi.Input

	ToEntityArrayOutput() EntityArrayOutput
	ToEntityArrayOutputWithContext(context.Context) EntityArrayOutput
}

EntityArrayInput is an input type that accepts EntityArray and EntityArrayOutput values. You can construct a concrete instance of `EntityArrayInput` via: 

EntityArray{ EntityArgs{...} }

type EntityArrayOutput 

type EntityArrayOutput struct{ *pulumi.OutputState }

func (EntityArrayOutput) ElementType 

func (EntityArrayOutput) ElementType() reflect.Type

func (EntityArrayOutput) Index 

func (o EntityArrayOutput) Index(i pulumi.IntInput) EntityOutput

func (EntityArrayOutput) ToEntityArrayOutput 

func (o EntityArrayOutput) ToEntityArrayOutput() EntityArrayOutput

func (EntityArrayOutput) ToEntityArrayOutputWithContext 

func (o EntityArrayOutput) ToEntityArrayOutputWithContext(ctx context.Context) EntityArrayOutput

type EntityInput 

type EntityInput interface {
	pulumi.Input

	ToEntityOutput() EntityOutput
	ToEntityOutputWithContext(ctx context.Context) EntityOutput
}

type EntityMap 

type EntityMap map[string]EntityInput

func (EntityMap) ElementType 

func (EntityMap) ElementType() reflect.Type

func (EntityMap) ToEntityMapOutput 

func (i EntityMap) ToEntityMapOutput() EntityMapOutput

func (EntityMap) ToEntityMapOutputWithContext 

func (i EntityMap) ToEntityMapOutputWithContext(ctx context.Context) EntityMapOutput

type EntityMapInput 

type EntityMapInput interface {
	pulumi.Input

	ToEntityMapOutput() EntityMapOutput
	ToEntityMapOutputWithContext(context.Context) EntityMapOutput
}

EntityMapInput is an input type that accepts EntityMap and EntityMapOutput values. You can construct a concrete instance of `EntityMapInput` via: 

EntityMap{ "key": EntityArgs{...} }

type EntityMapOutput 

type EntityMapOutput struct{ *pulumi.OutputState }

func (EntityMapOutput) ElementType 

func (EntityMapOutput) ElementType() reflect.Type

func (EntityMapOutput) MapIndex 

func (o EntityMapOutput) MapIndex(k pulumi.StringInput) EntityOutput

func (EntityMapOutput) ToEntityMapOutput 

func (o EntityMapOutput) ToEntityMapOutput() EntityMapOutput

func (EntityMapOutput) ToEntityMapOutputWithContext 

func (o EntityMapOutput) ToEntityMapOutputWithContext(ctx context.Context) EntityMapOutput

type EntityOutput 

type EntityOutput struct{ *pulumi.OutputState }

func (EntityOutput) Disabled 

func (o EntityOutput) Disabled() pulumi.BoolPtrOutput

True/false Is this entity currently disabled. Defaults to `false`

func (EntityOutput) ElementType 

func (EntityOutput) ElementType() reflect.Type

func (EntityOutput) ExternalPolicies 

func (o EntityOutput) ExternalPolicies() pulumi.BoolPtrOutput

`false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner.

func (EntityOutput) Metadata 

func (o EntityOutput) Metadata() pulumi.StringMapOutput

A Map of additional metadata to associate with the user.

func (EntityOutput) Name 

func (o EntityOutput) Name() pulumi.StringOutput

Name of the identity entity to create.

func (EntityOutput) Namespace 

func (o EntityOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (EntityOutput) Policies 

func (o EntityOutput) Policies() pulumi.StringArrayOutput

A list of policies to apply to the entity.

func (EntityOutput) ToEntityOutput 

func (o EntityOutput) ToEntityOutput() EntityOutput

func (EntityOutput) ToEntityOutputWithContext 

func (o EntityOutput) ToEntityOutputWithContext(ctx context.Context) EntityOutput

type EntityPolicies 

type EntityPolicies struct {
	pulumi.CustomResourceState

	// Entity ID to assign policies to.
	EntityId pulumi.StringOutput `pulumi:"entityId"`
	// The name of the entity that are assigned the policies.
	EntityName pulumi.StringOutput `pulumi:"entityName"`
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
	Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// List of policies to assign to the entity
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
}

Manages policies for an Identity Entity for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.

## Example Usage

### Exclusive Policies

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		entity, err := identity.NewEntity(ctx, "entity", &identity.EntityArgs{
			ExternalPolicies: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewEntityPolicies(ctx, "policies", &identity.EntityPoliciesArgs{
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("test"),
			},
			Exclusive: pulumi.Bool(true),
			EntityId:  entity.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Non-exclusive Policies

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		entity, err := identity.NewEntity(ctx, "entity", &identity.EntityArgs{
			ExternalPolicies: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewEntityPolicies(ctx, "default", &identity.EntityPoliciesArgs{
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("test"),
			},
			Exclusive: pulumi.Bool(false),
			EntityId:  entity.ID(),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewEntityPolicies(ctx, "others", &identity.EntityPoliciesArgs{
			Policies: pulumi.StringArray{
				pulumi.String("others"),
			},
			Exclusive: pulumi.Bool(false),
			EntityId:  entity.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetEntityPolicies 

func GetEntityPolicies(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EntityPoliciesState, opts ...pulumi.ResourceOption) (*EntityPolicies, error)

GetEntityPolicies gets an existing EntityPolicies resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEntityPolicies 

func NewEntityPolicies(ctx *pulumi.Context,
	name string, args *EntityPoliciesArgs, opts ...pulumi.ResourceOption) (*EntityPolicies, error)

NewEntityPolicies registers a new resource with the given unique name, arguments, and options.

func (*EntityPolicies) ElementType 

func (*EntityPolicies) ElementType() reflect.Type

func (*EntityPolicies) ToEntityPoliciesOutput 

func (i *EntityPolicies) ToEntityPoliciesOutput() EntityPoliciesOutput

func (*EntityPolicies) ToEntityPoliciesOutputWithContext 

func (i *EntityPolicies) ToEntityPoliciesOutputWithContext(ctx context.Context) EntityPoliciesOutput

type EntityPoliciesArgs 

type EntityPoliciesArgs struct {
	// Entity ID to assign policies to.
	EntityId pulumi.StringInput
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
	Exclusive pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of policies to assign to the entity
	Policies pulumi.StringArrayInput
}

The set of arguments for constructing a EntityPolicies resource.

func (EntityPoliciesArgs) ElementType 

func (EntityPoliciesArgs) ElementType() reflect.Type

type EntityPoliciesArray 

type EntityPoliciesArray []EntityPoliciesInput

func (EntityPoliciesArray) ElementType 

func (EntityPoliciesArray) ElementType() reflect.Type

func (EntityPoliciesArray) ToEntityPoliciesArrayOutput 

func (i EntityPoliciesArray) ToEntityPoliciesArrayOutput() EntityPoliciesArrayOutput

func (EntityPoliciesArray) ToEntityPoliciesArrayOutputWithContext 

func (i EntityPoliciesArray) ToEntityPoliciesArrayOutputWithContext(ctx context.Context) EntityPoliciesArrayOutput

type EntityPoliciesArrayInput 

type EntityPoliciesArrayInput interface {
	pulumi.Input

	ToEntityPoliciesArrayOutput() EntityPoliciesArrayOutput
	ToEntityPoliciesArrayOutputWithContext(context.Context) EntityPoliciesArrayOutput
}

EntityPoliciesArrayInput is an input type that accepts EntityPoliciesArray and EntityPoliciesArrayOutput values. You can construct a concrete instance of `EntityPoliciesArrayInput` via: 

EntityPoliciesArray{ EntityPoliciesArgs{...} }

type EntityPoliciesArrayOutput 

type EntityPoliciesArrayOutput struct{ *pulumi.OutputState }

func (EntityPoliciesArrayOutput) ElementType 

func (EntityPoliciesArrayOutput) ElementType() reflect.Type

func (EntityPoliciesArrayOutput) Index 

func (o EntityPoliciesArrayOutput) Index(i pulumi.IntInput) EntityPoliciesOutput

func (EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutput 

func (o EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutput() EntityPoliciesArrayOutput

func (EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutputWithContext 

func (o EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutputWithContext(ctx context.Context) EntityPoliciesArrayOutput

type EntityPoliciesInput 

type EntityPoliciesInput interface {
	pulumi.Input

	ToEntityPoliciesOutput() EntityPoliciesOutput
	ToEntityPoliciesOutputWithContext(ctx context.Context) EntityPoliciesOutput
}

type EntityPoliciesMap 

type EntityPoliciesMap map[string]EntityPoliciesInput

func (EntityPoliciesMap) ElementType 

func (EntityPoliciesMap) ElementType() reflect.Type

func (EntityPoliciesMap) ToEntityPoliciesMapOutput 

func (i EntityPoliciesMap) ToEntityPoliciesMapOutput() EntityPoliciesMapOutput

func (EntityPoliciesMap) ToEntityPoliciesMapOutputWithContext 

func (i EntityPoliciesMap) ToEntityPoliciesMapOutputWithContext(ctx context.Context) EntityPoliciesMapOutput

type EntityPoliciesMapInput 

type EntityPoliciesMapInput interface {
	pulumi.Input

	ToEntityPoliciesMapOutput() EntityPoliciesMapOutput
	ToEntityPoliciesMapOutputWithContext(context.Context) EntityPoliciesMapOutput
}

EntityPoliciesMapInput is an input type that accepts EntityPoliciesMap and EntityPoliciesMapOutput values. You can construct a concrete instance of `EntityPoliciesMapInput` via: 

EntityPoliciesMap{ "key": EntityPoliciesArgs{...} }

type EntityPoliciesMapOutput 

type EntityPoliciesMapOutput struct{ *pulumi.OutputState }

func (EntityPoliciesMapOutput) ElementType 

func (EntityPoliciesMapOutput) ElementType() reflect.Type

func (EntityPoliciesMapOutput) MapIndex 

func (o EntityPoliciesMapOutput) MapIndex(k pulumi.StringInput) EntityPoliciesOutput

func (EntityPoliciesMapOutput) ToEntityPoliciesMapOutput 

func (o EntityPoliciesMapOutput) ToEntityPoliciesMapOutput() EntityPoliciesMapOutput

func (EntityPoliciesMapOutput) ToEntityPoliciesMapOutputWithContext 

func (o EntityPoliciesMapOutput) ToEntityPoliciesMapOutputWithContext(ctx context.Context) EntityPoliciesMapOutput

type EntityPoliciesOutput 

type EntityPoliciesOutput struct{ *pulumi.OutputState }

func (EntityPoliciesOutput) ElementType 

func (EntityPoliciesOutput) ElementType() reflect.Type

func (EntityPoliciesOutput) EntityId 

func (o EntityPoliciesOutput) EntityId() pulumi.StringOutput

Entity ID to assign policies to.

func (EntityPoliciesOutput) EntityName 

func (o EntityPoliciesOutput) EntityName() pulumi.StringOutput

The name of the entity that are assigned the policies.

func (EntityPoliciesOutput) Exclusive 

func (o EntityPoliciesOutput) Exclusive() pulumi.BoolPtrOutput

Defaults to `true`.

If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.

If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.

func (EntityPoliciesOutput) Namespace 

func (o EntityPoliciesOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (EntityPoliciesOutput) Policies 

func (o EntityPoliciesOutput) Policies() pulumi.StringArrayOutput

List of policies to assign to the entity

func (EntityPoliciesOutput) ToEntityPoliciesOutput 

func (o EntityPoliciesOutput) ToEntityPoliciesOutput() EntityPoliciesOutput

func (EntityPoliciesOutput) ToEntityPoliciesOutputWithContext 

func (o EntityPoliciesOutput) ToEntityPoliciesOutputWithContext(ctx context.Context) EntityPoliciesOutput

type EntityPoliciesState 

type EntityPoliciesState struct {
	// Entity ID to assign policies to.
	EntityId pulumi.StringPtrInput
	// The name of the entity that are assigned the policies.
	EntityName pulumi.StringPtrInput
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
	Exclusive pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of policies to assign to the entity
	Policies pulumi.StringArrayInput
}

func (EntityPoliciesState) ElementType 

func (EntityPoliciesState) ElementType() reflect.Type

type EntityState 

type EntityState struct {
	// True/false Is this entity currently disabled. Defaults to `false`
	Disabled pulumi.BoolPtrInput
	// `false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner.
	ExternalPolicies pulumi.BoolPtrInput
	// A Map of additional metadata to associate with the user.
	Metadata pulumi.StringMapInput
	// Name of the identity entity to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// A list of policies to apply to the entity.
	Policies pulumi.StringArrayInput
}

func (EntityState) ElementType 

func (EntityState) ElementType() reflect.Type

type GetEntityAliasType 

type GetEntityAliasType struct {
	// Canonical ID of the Alias
	CanonicalId string `pulumi:"canonicalId"`
	// Creation time of the Alias
	CreationTime string `pulumi:"creationTime"`
	// ID of the alias
	Id string `pulumi:"id"`
	// Last update time of the alias
	LastUpdateTime string `pulumi:"lastUpdateTime"`
	// List of canonical IDs merged with this alias
	MergedFromCanonicalIds []string `pulumi:"mergedFromCanonicalIds"`
	// Arbitrary metadata
	Metadata map[string]interface{} `pulumi:"metadata"`
	// Authentication mount acccessor which this alias belongs to
	MountAccessor string `pulumi:"mountAccessor"`
	// Authentication mount path which this alias belongs to
	MountPath string `pulumi:"mountPath"`
	// Authentication mount type which this alias belongs to
	MountType string `pulumi:"mountType"`
	// Name of the alias
	Name string `pulumi:"name"`
}

type GetEntityAliasTypeArgs 

type GetEntityAliasTypeArgs struct {
	// Canonical ID of the Alias
	CanonicalId pulumi.StringInput `pulumi:"canonicalId"`
	// Creation time of the Alias
	CreationTime pulumi.StringInput `pulumi:"creationTime"`
	// ID of the alias
	Id pulumi.StringInput `pulumi:"id"`
	// Last update time of the alias
	LastUpdateTime pulumi.StringInput `pulumi:"lastUpdateTime"`
	// List of canonical IDs merged with this alias
	MergedFromCanonicalIds pulumi.StringArrayInput `pulumi:"mergedFromCanonicalIds"`
	// Arbitrary metadata
	Metadata pulumi.MapInput `pulumi:"metadata"`
	// Authentication mount acccessor which this alias belongs to
	MountAccessor pulumi.StringInput `pulumi:"mountAccessor"`
	// Authentication mount path which this alias belongs to
	MountPath pulumi.StringInput `pulumi:"mountPath"`
	// Authentication mount type which this alias belongs to
	MountType pulumi.StringInput `pulumi:"mountType"`
	// Name of the alias
	Name pulumi.StringInput `pulumi:"name"`
}

func (GetEntityAliasTypeArgs) ElementType 

func (GetEntityAliasTypeArgs) ElementType() reflect.Type

func (GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutput 

func (i GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutput() GetEntityAliasTypeOutput

func (GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutputWithContext 

func (i GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutputWithContext(ctx context.Context) GetEntityAliasTypeOutput

type GetEntityAliasTypeArray 

type GetEntityAliasTypeArray []GetEntityAliasTypeInput

func (GetEntityAliasTypeArray) ElementType 

func (GetEntityAliasTypeArray) ElementType() reflect.Type

func (GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutput 

func (i GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutput() GetEntityAliasTypeArrayOutput

func (GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutputWithContext 

func (i GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutputWithContext(ctx context.Context) GetEntityAliasTypeArrayOutput

type GetEntityAliasTypeArrayInput 

type GetEntityAliasTypeArrayInput interface {
	pulumi.Input

	ToGetEntityAliasTypeArrayOutput() GetEntityAliasTypeArrayOutput
	ToGetEntityAliasTypeArrayOutputWithContext(context.Context) GetEntityAliasTypeArrayOutput
}

GetEntityAliasTypeArrayInput is an input type that accepts GetEntityAliasTypeArray and GetEntityAliasTypeArrayOutput values. You can construct a concrete instance of `GetEntityAliasTypeArrayInput` via: 

GetEntityAliasTypeArray{ GetEntityAliasTypeArgs{...} }

type GetEntityAliasTypeArrayOutput 

type GetEntityAliasTypeArrayOutput struct{ *pulumi.OutputState }

func (GetEntityAliasTypeArrayOutput) ElementType 

func (GetEntityAliasTypeArrayOutput) ElementType() reflect.Type

func (GetEntityAliasTypeArrayOutput) Index 

func (o GetEntityAliasTypeArrayOutput) Index(i pulumi.IntInput) GetEntityAliasTypeOutput

func (GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutput 

func (o GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutput() GetEntityAliasTypeArrayOutput

func (GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutputWithContext 

func (o GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutputWithContext(ctx context.Context) GetEntityAliasTypeArrayOutput

type GetEntityAliasTypeInput 

type GetEntityAliasTypeInput interface {
	pulumi.Input

	ToGetEntityAliasTypeOutput() GetEntityAliasTypeOutput
	ToGetEntityAliasTypeOutputWithContext(context.Context) GetEntityAliasTypeOutput
}

GetEntityAliasTypeInput is an input type that accepts GetEntityAliasTypeArgs and GetEntityAliasTypeOutput values. You can construct a concrete instance of `GetEntityAliasTypeInput` via: 

GetEntityAliasTypeArgs{...}

type GetEntityAliasTypeOutput 

type GetEntityAliasTypeOutput struct{ *pulumi.OutputState }

func (GetEntityAliasTypeOutput) CanonicalId 

func (o GetEntityAliasTypeOutput) CanonicalId() pulumi.StringOutput

Canonical ID of the Alias

func (GetEntityAliasTypeOutput) CreationTime 

func (o GetEntityAliasTypeOutput) CreationTime() pulumi.StringOutput

Creation time of the Alias

func (GetEntityAliasTypeOutput) ElementType 

func (GetEntityAliasTypeOutput) ElementType() reflect.Type

func (GetEntityAliasTypeOutput) Id 

func (o GetEntityAliasTypeOutput) Id() pulumi.StringOutput

ID of the alias

func (GetEntityAliasTypeOutput) LastUpdateTime 

func (o GetEntityAliasTypeOutput) LastUpdateTime() pulumi.StringOutput

Last update time of the alias

func (GetEntityAliasTypeOutput) MergedFromCanonicalIds 

func (o GetEntityAliasTypeOutput) MergedFromCanonicalIds() pulumi.StringArrayOutput

List of canonical IDs merged with this alias

func (GetEntityAliasTypeOutput) Metadata 

func (o GetEntityAliasTypeOutput) Metadata() pulumi.MapOutput

Arbitrary metadata

func (GetEntityAliasTypeOutput) MountAccessor 

func (o GetEntityAliasTypeOutput) MountAccessor() pulumi.StringOutput

Authentication mount acccessor which this alias belongs to

func (GetEntityAliasTypeOutput) MountPath 

func (o GetEntityAliasTypeOutput) MountPath() pulumi.StringOutput

Authentication mount path which this alias belongs to

func (GetEntityAliasTypeOutput) MountType 

func (o GetEntityAliasTypeOutput) MountType() pulumi.StringOutput

Authentication mount type which this alias belongs to

func (GetEntityAliasTypeOutput) Name 

func (o GetEntityAliasTypeOutput) Name() pulumi.StringOutput

Name of the alias

func (GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutput 

func (o GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutput() GetEntityAliasTypeOutput

func (GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutputWithContext 

func (o GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutputWithContext(ctx context.Context) GetEntityAliasTypeOutput

type GetOidcClientCredsArgs 

type GetOidcClientCredsArgs struct {
	// The name of the OIDC Client in Vault.
	Name string `pulumi:"name"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getOidcClientCreds.

type GetOidcClientCredsOutputArgs 

type GetOidcClientCredsOutputArgs struct {
	// The name of the OIDC Client in Vault.
	Name pulumi.StringInput `pulumi:"name"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getOidcClientCreds.

func (GetOidcClientCredsOutputArgs) ElementType 

func (GetOidcClientCredsOutputArgs) ElementType() reflect.Type

type GetOidcClientCredsResult 

type GetOidcClientCredsResult struct {
	// The Client ID returned by Vault.
	ClientId string `pulumi:"clientId"`
	// The Client Secret Key returned by Vault.
	// For public OpenID Clients `clientSecret` is set to an empty string `""`
	ClientSecret string `pulumi:"clientSecret"`
	// The provider-assigned unique ID for this managed resource.
	Id        string  `pulumi:"id"`
	Name      string  `pulumi:"name"`
	Namespace *string `pulumi:"namespace"`
}

A collection of values returned by getOidcClientCreds.

func GetOidcClientCreds 

func GetOidcClientCreds(ctx *pulumi.Context, args *GetOidcClientCredsArgs, opts ...pulumi.InvokeOption) (*GetOidcClientCredsResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		app, err := identity.NewOidcClient(ctx, "app", &identity.OidcClientArgs{
			RedirectUris: pulumi.StringArray{
				pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"),
				pulumi.String("http://127.0.0.1:8251/callback"),
				pulumi.String("http://127.0.0.1:8080/callback"),
			},
			IdTokenTtl:     pulumi.Int(2400),
			AccessTokenTtl: pulumi.Int(7200),
		})
		if err != nil {
			return err
		}
		_ = identity.GetOidcClientCredsOutput(ctx, identity.GetOidcClientCredsOutputArgs{
			Name: app.Name,
		}, nil)
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetOidcClientCredsResultOutput 

type GetOidcClientCredsResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getOidcClientCreds.

func GetOidcClientCredsOutput 

func GetOidcClientCredsOutput(ctx *pulumi.Context, args GetOidcClientCredsOutputArgs, opts ...pulumi.InvokeOption) GetOidcClientCredsResultOutput

func (GetOidcClientCredsResultOutput) ClientId 

func (o GetOidcClientCredsResultOutput) ClientId() pulumi.StringOutput

The Client ID returned by Vault.

func (GetOidcClientCredsResultOutput) ClientSecret 

func (o GetOidcClientCredsResultOutput) ClientSecret() pulumi.StringOutput

The Client Secret Key returned by Vault. For public OpenID Clients `clientSecret` is set to an empty string `""`

func (GetOidcClientCredsResultOutput) ElementType 

func (GetOidcClientCredsResultOutput) ElementType() reflect.Type

func (GetOidcClientCredsResultOutput) Id 

func (o GetOidcClientCredsResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetOidcClientCredsResultOutput) Name 

func (o GetOidcClientCredsResultOutput) Name() pulumi.StringOutput

func (GetOidcClientCredsResultOutput) Namespace 

func (o GetOidcClientCredsResultOutput) Namespace() pulumi.StringPtrOutput

func (GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutput 

func (o GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutput() GetOidcClientCredsResultOutput

func (GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutputWithContext 

func (o GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutputWithContext(ctx context.Context) GetOidcClientCredsResultOutput

type GetOidcOpenidConfigArgs 

type GetOidcOpenidConfigArgs struct {
	// The name of the OIDC Provider in Vault.
	Name string `pulumi:"name"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getOidcOpenidConfig.

type GetOidcOpenidConfigOutputArgs 

type GetOidcOpenidConfigOutputArgs struct {
	// The name of the OIDC Provider in Vault.
	Name pulumi.StringInput `pulumi:"name"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getOidcOpenidConfig.

func (GetOidcOpenidConfigOutputArgs) ElementType 

func (GetOidcOpenidConfigOutputArgs) ElementType() reflect.Type

type GetOidcOpenidConfigResult 

type GetOidcOpenidConfigResult struct {
	// The Authorization Endpoint for the provider.
	AuthorizationEndpoint string `pulumi:"authorizationEndpoint"`
	// The grant types supported by the provider.
	GrantTypesSupporteds []string `pulumi:"grantTypesSupporteds"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The signing algorithms supported by
	// the provider.
	IdTokenSigningAlgValuesSupporteds []string `pulumi:"idTokenSigningAlgValuesSupporteds"`
	// The URL of the issuer for the provider.
	Issuer string `pulumi:"issuer"`
	// The well known keys URI for the provider.
	JwksUri   string  `pulumi:"jwksUri"`
	Name      string  `pulumi:"name"`
	Namespace *string `pulumi:"namespace"`
	// Specifies whether Request URI Parameter is
	// supported by the provider.
	RequestUriParameterSupported bool `pulumi:"requestUriParameterSupported"`
	// The response types supported by the provider.
	ResponseTypesSupporteds []string `pulumi:"responseTypesSupporteds"`
	// The scopes supported by the provider.
	ScopesSupporteds []string `pulumi:"scopesSupporteds"`
	// The subject types supported by the provider.
	SubjectTypesSupporteds []string `pulumi:"subjectTypesSupporteds"`
	// The Token Endpoint for the provider.
	TokenEndpoint string `pulumi:"tokenEndpoint"`
	// The token endpoint auth methods supported by the provider.
	TokenEndpointAuthMethodsSupporteds []string `pulumi:"tokenEndpointAuthMethodsSupporteds"`
	// The User Info Endpoint for the provider
	UserinfoEndpoint string `pulumi:"userinfoEndpoint"`
}

A collection of values returned by getOidcOpenidConfig.

func GetOidcOpenidConfig 

func GetOidcOpenidConfig(ctx *pulumi.Context, args *GetOidcOpenidConfigArgs, opts ...pulumi.InvokeOption) (*GetOidcOpenidConfigResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{
			AllowedClientIds: pulumi.StringArray{
				pulumi.String("*"),
			},
			RotationPeriod:  pulumi.Int(3600),
			VerificationTtl: pulumi.Int(3600),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcClient(ctx, "app", &identity.OidcClientArgs{
			Key: key.Name,
			RedirectUris: pulumi.StringArray{
				pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"),
				pulumi.String("http://127.0.0.1:8251/callback"),
				pulumi.String("http://127.0.0.1:8080/callback"),
			},
			IdTokenTtl:     pulumi.Int(2400),
			AccessTokenTtl: pulumi.Int(7200),
		})
		if err != nil {
			return err
		}
		provider, err := identity.NewOidcProvider(ctx, "provider", &identity.OidcProviderArgs{
			AllowedClientIds: pulumi.StringArray{
				vault_identity_oidc_client.Test.Client_id,
			},
		})
		if err != nil {
			return err
		}
		_ = identity.GetOidcOpenidConfigOutput(ctx, identity.GetOidcOpenidConfigOutputArgs{
			Name: provider.Name,
		}, nil)
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetOidcOpenidConfigResultOutput 

type GetOidcOpenidConfigResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getOidcOpenidConfig.

func GetOidcOpenidConfigOutput 

func GetOidcOpenidConfigOutput(ctx *pulumi.Context, args GetOidcOpenidConfigOutputArgs, opts ...pulumi.InvokeOption) GetOidcOpenidConfigResultOutput

func (GetOidcOpenidConfigResultOutput) AuthorizationEndpoint 

func (o GetOidcOpenidConfigResultOutput) AuthorizationEndpoint() pulumi.StringOutput

The Authorization Endpoint for the provider.

func (GetOidcOpenidConfigResultOutput) ElementType 

func (GetOidcOpenidConfigResultOutput) ElementType() reflect.Type

func (GetOidcOpenidConfigResultOutput) GrantTypesSupporteds 

func (o GetOidcOpenidConfigResultOutput) GrantTypesSupporteds() pulumi.StringArrayOutput

The grant types supported by the provider.

func (GetOidcOpenidConfigResultOutput) Id 

func (o GetOidcOpenidConfigResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetOidcOpenidConfigResultOutput) IdTokenSigningAlgValuesSupporteds 

func (o GetOidcOpenidConfigResultOutput) IdTokenSigningAlgValuesSupporteds() pulumi.StringArrayOutput

The signing algorithms supported by the provider.

func (GetOidcOpenidConfigResultOutput) Issuer 

func (o GetOidcOpenidConfigResultOutput) Issuer() pulumi.StringOutput

The URL of the issuer for the provider.

func (GetOidcOpenidConfigResultOutput) JwksUri 

func (o GetOidcOpenidConfigResultOutput) JwksUri() pulumi.StringOutput

The well known keys URI for the provider.

func (GetOidcOpenidConfigResultOutput) Name 

func (o GetOidcOpenidConfigResultOutput) Name() pulumi.StringOutput

func (GetOidcOpenidConfigResultOutput) Namespace 

func (o GetOidcOpenidConfigResultOutput) Namespace() pulumi.StringPtrOutput

func (GetOidcOpenidConfigResultOutput) RequestUriParameterSupported 

func (o GetOidcOpenidConfigResultOutput) RequestUriParameterSupported() pulumi.BoolOutput

Specifies whether Request URI Parameter is supported by the provider.

func (GetOidcOpenidConfigResultOutput) ResponseTypesSupporteds 

func (o GetOidcOpenidConfigResultOutput) ResponseTypesSupporteds() pulumi.StringArrayOutput

The response types supported by the provider.

func (GetOidcOpenidConfigResultOutput) ScopesSupporteds 

func (o GetOidcOpenidConfigResultOutput) ScopesSupporteds() pulumi.StringArrayOutput

The scopes supported by the provider.

func (GetOidcOpenidConfigResultOutput) SubjectTypesSupporteds 

func (o GetOidcOpenidConfigResultOutput) SubjectTypesSupporteds() pulumi.StringArrayOutput

The subject types supported by the provider.

func (GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutput 

func (o GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutput() GetOidcOpenidConfigResultOutput

func (GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutputWithContext 

func (o GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutputWithContext(ctx context.Context) GetOidcOpenidConfigResultOutput

func (GetOidcOpenidConfigResultOutput) TokenEndpoint 

func (o GetOidcOpenidConfigResultOutput) TokenEndpoint() pulumi.StringOutput

The Token Endpoint for the provider.

func (GetOidcOpenidConfigResultOutput) TokenEndpointAuthMethodsSupporteds 

func (o GetOidcOpenidConfigResultOutput) TokenEndpointAuthMethodsSupporteds() pulumi.StringArrayOutput

The token endpoint auth methods supported by the provider.

func (GetOidcOpenidConfigResultOutput) UserinfoEndpoint 

func (o GetOidcOpenidConfigResultOutput) UserinfoEndpoint() pulumi.StringOutput

The User Info Endpoint for the provider

type GetOidcPublicKeysArgs 

type GetOidcPublicKeysArgs struct {
	// The name of the OIDC Provider in Vault.
	Name string `pulumi:"name"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getOidcPublicKeys.

type GetOidcPublicKeysOutputArgs 

type GetOidcPublicKeysOutputArgs struct {
	// The name of the OIDC Provider in Vault.
	Name pulumi.StringInput `pulumi:"name"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getOidcPublicKeys.

func (GetOidcPublicKeysOutputArgs) ElementType 

func (GetOidcPublicKeysOutputArgs) ElementType() reflect.Type

type GetOidcPublicKeysResult 

type GetOidcPublicKeysResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The public portion of keys for an OIDC provider.
	// Clients can use them to validate the authenticity of an identity token.
	Keys      []map[string]interface{} `pulumi:"keys"`
	Name      string                   `pulumi:"name"`
	Namespace *string                  `pulumi:"namespace"`
}

A collection of values returned by getOidcPublicKeys.

func GetOidcPublicKeys 

func GetOidcPublicKeys(ctx *pulumi.Context, args *GetOidcPublicKeysArgs, opts ...pulumi.InvokeOption) (*GetOidcPublicKeysResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{
			AllowedClientIds: pulumi.StringArray{
				pulumi.String("*"),
			},
			RotationPeriod:  pulumi.Int(3600),
			VerificationTtl: pulumi.Int(3600),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcClient(ctx, "app", &identity.OidcClientArgs{
			Key: key.Name,
			RedirectUris: pulumi.StringArray{
				pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"),
				pulumi.String("http://127.0.0.1:8251/callback"),
				pulumi.String("http://127.0.0.1:8080/callback"),
			},
			IdTokenTtl:     pulumi.Int(2400),
			AccessTokenTtl: pulumi.Int(7200),
		})
		if err != nil {
			return err
		}
		provider, err := identity.NewOidcProvider(ctx, "provider", &identity.OidcProviderArgs{
			AllowedClientIds: pulumi.StringArray{
				vault_identity_oidc_client.Test.Client_id,
			},
		})
		if err != nil {
			return err
		}
		_ = identity.GetOidcPublicKeysOutput(ctx, identity.GetOidcPublicKeysOutputArgs{
			Name: provider.Name,
		}, nil)
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetOidcPublicKeysResultOutput 

type GetOidcPublicKeysResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getOidcPublicKeys.

func GetOidcPublicKeysOutput 

func GetOidcPublicKeysOutput(ctx *pulumi.Context, args GetOidcPublicKeysOutputArgs, opts ...pulumi.InvokeOption) GetOidcPublicKeysResultOutput

func (GetOidcPublicKeysResultOutput) ElementType 

func (GetOidcPublicKeysResultOutput) ElementType() reflect.Type

func (GetOidcPublicKeysResultOutput) Id 

func (o GetOidcPublicKeysResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetOidcPublicKeysResultOutput) Keys 

func (o GetOidcPublicKeysResultOutput) Keys() pulumi.MapArrayOutput

The public portion of keys for an OIDC provider. Clients can use them to validate the authenticity of an identity token.

func (GetOidcPublicKeysResultOutput) Name 

func (o GetOidcPublicKeysResultOutput) Name() pulumi.StringOutput

func (GetOidcPublicKeysResultOutput) Namespace 

func (o GetOidcPublicKeysResultOutput) Namespace() pulumi.StringPtrOutput

func (GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutput 

func (o GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutput() GetOidcPublicKeysResultOutput

func (GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutputWithContext 

func (o GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutputWithContext(ctx context.Context) GetOidcPublicKeysResultOutput

type Group 

type Group struct {
	pulumi.CustomResourceState

	// `false` by default. If set to `true`, this resource will ignore any Entity IDs
	// returned from Vault or specified in the resource. You can use
	// `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a
	// decoupled manner.
	ExternalMemberEntityIds pulumi.BoolPtrOutput `pulumi:"externalMemberEntityIds"`
	// `false` by default. If set to `true`, this resource will ignore any Group IDs
	// returned from Vault or specified in the resource. You can use
	// `identity.GroupMemberGroupIds` to manage Group IDs for this group in a
	// decoupled manner.
	ExternalMemberGroupIds pulumi.BoolPtrOutput `pulumi:"externalMemberGroupIds"`
	// `false` by default. If set to `true`, this resource will ignore any policies returned from
	// Vault or specified in the resource. You can use `identity.GroupPolicies` to manage
	// policies for this group in a decoupled manner.
	ExternalPolicies pulumi.BoolPtrOutput `pulumi:"externalPolicies"`
	// A list of Entity IDs to be assigned as group members. Not allowed on `external` groups.
	MemberEntityIds pulumi.StringArrayOutput `pulumi:"memberEntityIds"`
	// A list of Group IDs to be assigned as group members. Not allowed on `external` groups.
	MemberGroupIds pulumi.StringArrayOutput `pulumi:"memberGroupIds"`
	// A Map of additional metadata to associate with the group.
	Metadata pulumi.StringMapOutput `pulumi:"metadata"`
	// Name of the identity group to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// A list of policies to apply to the group.
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// Type of the group, internal or external. Defaults to `internal`.
	Type pulumi.StringPtrOutput `pulumi:"type"`
}

Creates an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.

A group can contain multiple entities as its members. A group can also have subgroups. Policies set on the group is granted to all members of the group. During request time, when the token's entity ID is being evaluated for the policies that it has access to; along with the policies on the entity itself, policies that are inherited due to group memberships are also granted.

## Example Usage

### Internal Group

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
			Policies: pulumi.StringArray{
				pulumi.String("dev"),
				pulumi.String("test"),
			},
			Type: pulumi.String("internal"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### External Group

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewGroup(ctx, "group", &identity.GroupArgs{
			Metadata: pulumi.StringMap{
				"version": pulumi.String("1"),
			},
			Policies: pulumi.StringArray{
				pulumi.String("test"),
			},
			Type: pulumi.String("external"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Caveats

It's important to note that Vault identity groups names are *case-insensitive*. For example the following resources would be equivalent. Applying this configuration would result in the provider failing to create one of the identity groups, since the resources share the same `name`.

This sort of pattern should be avoided: <!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewGroup(ctx, "internalIdentity/groupGroup", &identity.GroupArgs{
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
			Policies: pulumi.StringArray{
				pulumi.String("dev"),
				pulumi.String("test"),
			},
			Type: pulumi.String("internal"),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroup(ctx, "internalGroup", &identity.GroupArgs{
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
			Policies: pulumi.StringArray{
				pulumi.String("dev"),
				pulumi.String("test"),
			},
			Type: pulumi.String("internal"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Identity group can be imported using the `id`, e.g.

```sh $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3' ```

func GetGroup 

func GetGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupState, opts ...pulumi.ResourceOption) (*Group, error)

GetGroup gets an existing Group resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroup 

func NewGroup(ctx *pulumi.Context,
	name string, args *GroupArgs, opts ...pulumi.ResourceOption) (*Group, error)

NewGroup registers a new resource with the given unique name, arguments, and options.

func (*Group) ElementType 

func (*Group) ElementType() reflect.Type

func (*Group) ToGroupOutput 

func (i *Group) ToGroupOutput() GroupOutput

func (*Group) ToGroupOutputWithContext 

func (i *Group) ToGroupOutputWithContext(ctx context.Context) GroupOutput

type GroupAlias 

type GroupAlias struct {
	pulumi.CustomResourceState

	// ID of the group to which this is an alias.
	CanonicalId pulumi.StringOutput `pulumi:"canonicalId"`
	// Mount accessor of the authentication backend to which this alias belongs to.
	MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"`
	// Name of the group alias to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Creates an Identity Group Alias for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.

Group aliases allows entity membership in external groups to be managed semi-automatically. External group serves as a mapping to a group that is outside of the identity store. External groups can have one (and only one) alias. This alias should map to a notion of group that is outside of the identity store. For example, groups in LDAP, and teams in GitHub. A username in LDAP, belonging to a group in LDAP, can get its entity ID added as a member of a group in Vault automatically during logins and token renewals. This works only if the group in Vault is an external group and has an alias that maps to the group in LDAP. If the user is removed from the group in LDAP, that change gets reflected in Vault only upon the subsequent login or renewal operation.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		group, err := identity.NewGroup(ctx, "group", &identity.GroupArgs{
			Type: pulumi.String("external"),
			Policies: pulumi.StringArray{
				pulumi.String("test"),
			},
		})
		if err != nil {
			return err
		}
		github, err := vault.NewAuthBackend(ctx, "github", &vault.AuthBackendArgs{
			Type: pulumi.String("github"),
			Path: pulumi.String("github"),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupAlias(ctx, "group-alias", &identity.GroupAliasArgs{
			Name:          pulumi.String("Github_Team_Slug"),
			MountAccessor: github.Accessor,
			CanonicalId:   group.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

The group alias can be imported with the group alias `id`, for example:

```sh $ pulumi import vault:identity/groupAlias:GroupAlias group-alias id ```

Group aliases can also be imported using the UUID of the alias record, e.g.

```sh $ pulumi import vault:identity/groupAlias:GroupAlias alias_name 63104e20-88e4-11eb-8d04-cf7ac9d60157 ```

func GetGroupAlias 

func GetGroupAlias(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupAliasState, opts ...pulumi.ResourceOption) (*GroupAlias, error)

GetGroupAlias gets an existing GroupAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupAlias 

func NewGroupAlias(ctx *pulumi.Context,
	name string, args *GroupAliasArgs, opts ...pulumi.ResourceOption) (*GroupAlias, error)

NewGroupAlias registers a new resource with the given unique name, arguments, and options.

func (*GroupAlias) ElementType 

func (*GroupAlias) ElementType() reflect.Type

func (*GroupAlias) ToGroupAliasOutput 

func (i *GroupAlias) ToGroupAliasOutput() GroupAliasOutput

func (*GroupAlias) ToGroupAliasOutputWithContext 

func (i *GroupAlias) ToGroupAliasOutputWithContext(ctx context.Context) GroupAliasOutput

type GroupAliasArgs 

type GroupAliasArgs struct {
	// ID of the group to which this is an alias.
	CanonicalId pulumi.StringInput
	// Mount accessor of the authentication backend to which this alias belongs to.
	MountAccessor pulumi.StringInput
	// Name of the group alias to create.
	Name pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a GroupAlias resource.

func (GroupAliasArgs) ElementType 

func (GroupAliasArgs) ElementType() reflect.Type

type GroupAliasArray 

type GroupAliasArray []GroupAliasInput

func (GroupAliasArray) ElementType 

func (GroupAliasArray) ElementType() reflect.Type

func (GroupAliasArray) ToGroupAliasArrayOutput 

func (i GroupAliasArray) ToGroupAliasArrayOutput() GroupAliasArrayOutput

func (GroupAliasArray) ToGroupAliasArrayOutputWithContext 

func (i GroupAliasArray) ToGroupAliasArrayOutputWithContext(ctx context.Context) GroupAliasArrayOutput

type GroupAliasArrayInput 

type GroupAliasArrayInput interface {
	pulumi.Input

	ToGroupAliasArrayOutput() GroupAliasArrayOutput
	ToGroupAliasArrayOutputWithContext(context.Context) GroupAliasArrayOutput
}

GroupAliasArrayInput is an input type that accepts GroupAliasArray and GroupAliasArrayOutput values. You can construct a concrete instance of `GroupAliasArrayInput` via: 

GroupAliasArray{ GroupAliasArgs{...} }

type GroupAliasArrayOutput 

type GroupAliasArrayOutput struct{ *pulumi.OutputState }

func (GroupAliasArrayOutput) ElementType 

func (GroupAliasArrayOutput) ElementType() reflect.Type

func (GroupAliasArrayOutput) Index 

func (o GroupAliasArrayOutput) Index(i pulumi.IntInput) GroupAliasOutput

func (GroupAliasArrayOutput) ToGroupAliasArrayOutput 

func (o GroupAliasArrayOutput) ToGroupAliasArrayOutput() GroupAliasArrayOutput

func (GroupAliasArrayOutput) ToGroupAliasArrayOutputWithContext 

func (o GroupAliasArrayOutput) ToGroupAliasArrayOutputWithContext(ctx context.Context) GroupAliasArrayOutput

type GroupAliasInput 

type GroupAliasInput interface {
	pulumi.Input

	ToGroupAliasOutput() GroupAliasOutput
	ToGroupAliasOutputWithContext(ctx context.Context) GroupAliasOutput
}

type GroupAliasMap 

type GroupAliasMap map[string]GroupAliasInput

func (GroupAliasMap) ElementType 

func (GroupAliasMap) ElementType() reflect.Type

func (GroupAliasMap) ToGroupAliasMapOutput 

func (i GroupAliasMap) ToGroupAliasMapOutput() GroupAliasMapOutput

func (GroupAliasMap) ToGroupAliasMapOutputWithContext 

func (i GroupAliasMap) ToGroupAliasMapOutputWithContext(ctx context.Context) GroupAliasMapOutput

type GroupAliasMapInput 

type GroupAliasMapInput interface {
	pulumi.Input

	ToGroupAliasMapOutput() GroupAliasMapOutput
	ToGroupAliasMapOutputWithContext(context.Context) GroupAliasMapOutput
}

GroupAliasMapInput is an input type that accepts GroupAliasMap and GroupAliasMapOutput values. You can construct a concrete instance of `GroupAliasMapInput` via: 

GroupAliasMap{ "key": GroupAliasArgs{...} }

type GroupAliasMapOutput 

type GroupAliasMapOutput struct{ *pulumi.OutputState }

func (GroupAliasMapOutput) ElementType 

func (GroupAliasMapOutput) ElementType() reflect.Type

func (GroupAliasMapOutput) MapIndex 

func (o GroupAliasMapOutput) MapIndex(k pulumi.StringInput) GroupAliasOutput

func (GroupAliasMapOutput) ToGroupAliasMapOutput 

func (o GroupAliasMapOutput) ToGroupAliasMapOutput() GroupAliasMapOutput

func (GroupAliasMapOutput) ToGroupAliasMapOutputWithContext 

func (o GroupAliasMapOutput) ToGroupAliasMapOutputWithContext(ctx context.Context) GroupAliasMapOutput

type GroupAliasOutput 

type GroupAliasOutput struct{ *pulumi.OutputState }

func (GroupAliasOutput) CanonicalId 

func (o GroupAliasOutput) CanonicalId() pulumi.StringOutput

ID of the group to which this is an alias.

func (GroupAliasOutput) ElementType 

func (GroupAliasOutput) ElementType() reflect.Type

func (GroupAliasOutput) MountAccessor 

func (o GroupAliasOutput) MountAccessor() pulumi.StringOutput

Mount accessor of the authentication backend to which this alias belongs to.

func (GroupAliasOutput) Name 

func (o GroupAliasOutput) Name() pulumi.StringOutput

Name of the group alias to create.

func (GroupAliasOutput) Namespace 

func (o GroupAliasOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (GroupAliasOutput) ToGroupAliasOutput 

func (o GroupAliasOutput) ToGroupAliasOutput() GroupAliasOutput

func (GroupAliasOutput) ToGroupAliasOutputWithContext 

func (o GroupAliasOutput) ToGroupAliasOutputWithContext(ctx context.Context) GroupAliasOutput

type GroupAliasState 

type GroupAliasState struct {
	// ID of the group to which this is an alias.
	CanonicalId pulumi.StringPtrInput
	// Mount accessor of the authentication backend to which this alias belongs to.
	MountAccessor pulumi.StringPtrInput
	// Name of the group alias to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (GroupAliasState) ElementType 

func (GroupAliasState) ElementType() reflect.Type

type GroupArgs 

type GroupArgs struct {
	// `false` by default. If set to `true`, this resource will ignore any Entity IDs
	// returned from Vault or specified in the resource. You can use
	// `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a
	// decoupled manner.
	ExternalMemberEntityIds pulumi.BoolPtrInput
	// `false` by default. If set to `true`, this resource will ignore any Group IDs
	// returned from Vault or specified in the resource. You can use
	// `identity.GroupMemberGroupIds` to manage Group IDs for this group in a
	// decoupled manner.
	ExternalMemberGroupIds pulumi.BoolPtrInput
	// `false` by default. If set to `true`, this resource will ignore any policies returned from
	// Vault or specified in the resource. You can use `identity.GroupPolicies` to manage
	// policies for this group in a decoupled manner.
	ExternalPolicies pulumi.BoolPtrInput
	// A list of Entity IDs to be assigned as group members. Not allowed on `external` groups.
	MemberEntityIds pulumi.StringArrayInput
	// A list of Group IDs to be assigned as group members. Not allowed on `external` groups.
	MemberGroupIds pulumi.StringArrayInput
	// A Map of additional metadata to associate with the group.
	Metadata pulumi.StringMapInput
	// Name of the identity group to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// A list of policies to apply to the group.
	Policies pulumi.StringArrayInput
	// Type of the group, internal or external. Defaults to `internal`.
	Type pulumi.StringPtrInput
}

The set of arguments for constructing a Group resource.

func (GroupArgs) ElementType 

func (GroupArgs) ElementType() reflect.Type

type GroupArray 

type GroupArray []GroupInput

func (GroupArray) ElementType 

func (GroupArray) ElementType() reflect.Type

func (GroupArray) ToGroupArrayOutput 

func (i GroupArray) ToGroupArrayOutput() GroupArrayOutput

func (GroupArray) ToGroupArrayOutputWithContext 

func (i GroupArray) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupArrayInput 

type GroupArrayInput interface {
	pulumi.Input

	ToGroupArrayOutput() GroupArrayOutput
	ToGroupArrayOutputWithContext(context.Context) GroupArrayOutput
}

GroupArrayInput is an input type that accepts GroupArray and GroupArrayOutput values. You can construct a concrete instance of `GroupArrayInput` via: 

GroupArray{ GroupArgs{...} }

type GroupArrayOutput 

type GroupArrayOutput struct{ *pulumi.OutputState }

func (GroupArrayOutput) ElementType 

func (GroupArrayOutput) ElementType() reflect.Type

func (GroupArrayOutput) Index 

func (o GroupArrayOutput) Index(i pulumi.IntInput) GroupOutput

func (GroupArrayOutput) ToGroupArrayOutput 

func (o GroupArrayOutput) ToGroupArrayOutput() GroupArrayOutput

func (GroupArrayOutput) ToGroupArrayOutputWithContext 

func (o GroupArrayOutput) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupInput 

type GroupInput interface {
	pulumi.Input

	ToGroupOutput() GroupOutput
	ToGroupOutputWithContext(ctx context.Context) GroupOutput
}

type GroupMap 

type GroupMap map[string]GroupInput

func (GroupMap) ElementType 

func (GroupMap) ElementType() reflect.Type

func (GroupMap) ToGroupMapOutput 

func (i GroupMap) ToGroupMapOutput() GroupMapOutput

func (GroupMap) ToGroupMapOutputWithContext 

func (i GroupMap) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMapInput 

type GroupMapInput interface {
	pulumi.Input

	ToGroupMapOutput() GroupMapOutput
	ToGroupMapOutputWithContext(context.Context) GroupMapOutput
}

GroupMapInput is an input type that accepts GroupMap and GroupMapOutput values. You can construct a concrete instance of `GroupMapInput` via: 

GroupMap{ "key": GroupArgs{...} }

type GroupMapOutput 

type GroupMapOutput struct{ *pulumi.OutputState }

func (GroupMapOutput) ElementType 

func (GroupMapOutput) ElementType() reflect.Type

func (GroupMapOutput) MapIndex 

func (o GroupMapOutput) MapIndex(k pulumi.StringInput) GroupOutput

func (GroupMapOutput) ToGroupMapOutput 

func (o GroupMapOutput) ToGroupMapOutput() GroupMapOutput

func (GroupMapOutput) ToGroupMapOutputWithContext 

func (o GroupMapOutput) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMemberEntityIds 

type GroupMemberEntityIds struct {
	pulumi.CustomResourceState

	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.
	Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"`
	// Group ID to assign member entities to.
	GroupId pulumi.StringOutput `pulumi:"groupId"`
	// List of member entities that belong to the group
	MemberEntityIds pulumi.StringArrayOutput `pulumi:"memberEntityIds"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Manages member entities for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.

## Example Usage

### Exclusive Member Entities

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:                    pulumi.String("internal"),
			ExternalMemberEntityIds: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		user, err := identity.NewEntity(ctx, "user", nil)
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberEntityIds(ctx, "members", &identity.GroupMemberEntityIdsArgs{
			Exclusive: pulumi.Bool(true),
			MemberEntityIds: pulumi.StringArray{
				user.ID(),
			},
			GroupId: internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Non-exclusive Member Entities

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:                    pulumi.String("internal"),
			ExternalMemberEntityIds: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		testUser, err := identity.NewEntity(ctx, "testUser", nil)
		if err != nil {
			return err
		}
		secondTestUser, err := identity.NewEntity(ctx, "secondTestUser", nil)
		if err != nil {
			return err
		}
		devUser, err := identity.NewEntity(ctx, "devUser", nil)
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberEntityIds(ctx, "test", &identity.GroupMemberEntityIdsArgs{
			MemberEntityIds: pulumi.StringArray{
				testUser.ID(),
				secondTestUser.ID(),
			},
			Exclusive: pulumi.Bool(false),
			GroupId:   internal.ID(),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberEntityIds(ctx, "others", &identity.GroupMemberEntityIdsArgs{
			MemberEntityIds: pulumi.StringArray{
				devUser.ID(),
			},
			Exclusive: pulumi.Bool(false),
			GroupId:   internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetGroupMemberEntityIds 

func GetGroupMemberEntityIds(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupMemberEntityIdsState, opts ...pulumi.ResourceOption) (*GroupMemberEntityIds, error)

GetGroupMemberEntityIds gets an existing GroupMemberEntityIds resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupMemberEntityIds 

func NewGroupMemberEntityIds(ctx *pulumi.Context,
	name string, args *GroupMemberEntityIdsArgs, opts ...pulumi.ResourceOption) (*GroupMemberEntityIds, error)

NewGroupMemberEntityIds registers a new resource with the given unique name, arguments, and options.

func (*GroupMemberEntityIds) ElementType 

func (*GroupMemberEntityIds) ElementType() reflect.Type

func (*GroupMemberEntityIds) ToGroupMemberEntityIdsOutput 

func (i *GroupMemberEntityIds) ToGroupMemberEntityIdsOutput() GroupMemberEntityIdsOutput

func (*GroupMemberEntityIds) ToGroupMemberEntityIdsOutputWithContext 

func (i *GroupMemberEntityIds) ToGroupMemberEntityIdsOutputWithContext(ctx context.Context) GroupMemberEntityIdsOutput

type GroupMemberEntityIdsArgs 

type GroupMemberEntityIdsArgs struct {
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.
	Exclusive pulumi.BoolPtrInput
	// Group ID to assign member entities to.
	GroupId pulumi.StringInput
	// List of member entities that belong to the group
	MemberEntityIds pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a GroupMemberEntityIds resource.

func (GroupMemberEntityIdsArgs) ElementType 

func (GroupMemberEntityIdsArgs) ElementType() reflect.Type

type GroupMemberEntityIdsArray 

type GroupMemberEntityIdsArray []GroupMemberEntityIdsInput

func (GroupMemberEntityIdsArray) ElementType 

func (GroupMemberEntityIdsArray) ElementType() reflect.Type

func (GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutput 

func (i GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutput() GroupMemberEntityIdsArrayOutput

func (GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutputWithContext 

func (i GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutputWithContext(ctx context.Context) GroupMemberEntityIdsArrayOutput

type GroupMemberEntityIdsArrayInput 

type GroupMemberEntityIdsArrayInput interface {
	pulumi.Input

	ToGroupMemberEntityIdsArrayOutput() GroupMemberEntityIdsArrayOutput
	ToGroupMemberEntityIdsArrayOutputWithContext(context.Context) GroupMemberEntityIdsArrayOutput
}

GroupMemberEntityIdsArrayInput is an input type that accepts GroupMemberEntityIdsArray and GroupMemberEntityIdsArrayOutput values. You can construct a concrete instance of `GroupMemberEntityIdsArrayInput` via: 

GroupMemberEntityIdsArray{ GroupMemberEntityIdsArgs{...} }

type GroupMemberEntityIdsArrayOutput 

type GroupMemberEntityIdsArrayOutput struct{ *pulumi.OutputState }

func (GroupMemberEntityIdsArrayOutput) ElementType 

func (GroupMemberEntityIdsArrayOutput) ElementType() reflect.Type

func (GroupMemberEntityIdsArrayOutput) Index 

func (o GroupMemberEntityIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberEntityIdsOutput

func (GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutput 

func (o GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutput() GroupMemberEntityIdsArrayOutput

func (GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutputWithContext 

func (o GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutputWithContext(ctx context.Context) GroupMemberEntityIdsArrayOutput

type GroupMemberEntityIdsInput 

type GroupMemberEntityIdsInput interface {
	pulumi.Input

	ToGroupMemberEntityIdsOutput() GroupMemberEntityIdsOutput
	ToGroupMemberEntityIdsOutputWithContext(ctx context.Context) GroupMemberEntityIdsOutput
}

type GroupMemberEntityIdsMap 

type GroupMemberEntityIdsMap map[string]GroupMemberEntityIdsInput

func (GroupMemberEntityIdsMap) ElementType 

func (GroupMemberEntityIdsMap) ElementType() reflect.Type

func (GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutput 

func (i GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutput() GroupMemberEntityIdsMapOutput

func (GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutputWithContext 

func (i GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutputWithContext(ctx context.Context) GroupMemberEntityIdsMapOutput

type GroupMemberEntityIdsMapInput 

type GroupMemberEntityIdsMapInput interface {
	pulumi.Input

	ToGroupMemberEntityIdsMapOutput() GroupMemberEntityIdsMapOutput
	ToGroupMemberEntityIdsMapOutputWithContext(context.Context) GroupMemberEntityIdsMapOutput
}

GroupMemberEntityIdsMapInput is an input type that accepts GroupMemberEntityIdsMap and GroupMemberEntityIdsMapOutput values. You can construct a concrete instance of `GroupMemberEntityIdsMapInput` via: 

GroupMemberEntityIdsMap{ "key": GroupMemberEntityIdsArgs{...} }

type GroupMemberEntityIdsMapOutput 

type GroupMemberEntityIdsMapOutput struct{ *pulumi.OutputState }

func (GroupMemberEntityIdsMapOutput) ElementType 

func (GroupMemberEntityIdsMapOutput) ElementType() reflect.Type

func (GroupMemberEntityIdsMapOutput) MapIndex 

func (o GroupMemberEntityIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberEntityIdsOutput

func (GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutput 

func (o GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutput() GroupMemberEntityIdsMapOutput

func (GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutputWithContext 

func (o GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutputWithContext(ctx context.Context) GroupMemberEntityIdsMapOutput

type GroupMemberEntityIdsOutput 

type GroupMemberEntityIdsOutput struct{ *pulumi.OutputState }

func (GroupMemberEntityIdsOutput) ElementType 

func (GroupMemberEntityIdsOutput) ElementType() reflect.Type

func (GroupMemberEntityIdsOutput) Exclusive 

func (o GroupMemberEntityIdsOutput) Exclusive() pulumi.BoolPtrOutput

Defaults to `true`.

If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.

If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.

func (GroupMemberEntityIdsOutput) GroupId 

func (o GroupMemberEntityIdsOutput) GroupId() pulumi.StringOutput

Group ID to assign member entities to.

func (GroupMemberEntityIdsOutput) MemberEntityIds 

func (o GroupMemberEntityIdsOutput) MemberEntityIds() pulumi.StringArrayOutput

List of member entities that belong to the group

func (GroupMemberEntityIdsOutput) Namespace 

func (o GroupMemberEntityIdsOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutput 

func (o GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutput() GroupMemberEntityIdsOutput

func (GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutputWithContext 

func (o GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutputWithContext(ctx context.Context) GroupMemberEntityIdsOutput

type GroupMemberEntityIdsState 

type GroupMemberEntityIdsState struct {
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.
	Exclusive pulumi.BoolPtrInput
	// Group ID to assign member entities to.
	GroupId pulumi.StringPtrInput
	// List of member entities that belong to the group
	MemberEntityIds pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (GroupMemberEntityIdsState) ElementType 

func (GroupMemberEntityIdsState) ElementType() reflect.Type

type GroupMemberGroupIds 

type GroupMemberGroupIds struct {
	pulumi.CustomResourceState

	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set
	// it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present
	// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource
	// are removed.
	Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"`
	// Group ID to assign member entities to.
	GroupId pulumi.StringOutput `pulumi:"groupId"`
	// List of member groups that belong to the group
	MemberGroupIds pulumi.StringArrayOutput `pulumi:"memberGroupIds"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Manages member groups for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.

## Example Usage

### Exclusive Member Groups

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:                   pulumi.String("internal"),
			ExternalMemberGroupIds: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		users, err := identity.NewGroup(ctx, "users", &identity.GroupArgs{
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberGroupIds(ctx, "members", &identity.GroupMemberGroupIdsArgs{
			Exclusive: pulumi.Bool(true),
			MemberGroupIds: pulumi.StringArray{
				users.ID(),
			},
			GroupId: internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Non-Exclusive Member Groups

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:                   pulumi.String("internal"),
			ExternalMemberGroupIds: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		users, err := identity.NewGroup(ctx, "users", &identity.GroupArgs{
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberGroupIds(ctx, "members", &identity.GroupMemberGroupIdsArgs{
			Exclusive: pulumi.Bool(false),
			MemberGroupIds: pulumi.StringArray{
				users.ID(),
			},
			GroupId: internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetGroupMemberGroupIds 

func GetGroupMemberGroupIds(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupMemberGroupIdsState, opts ...pulumi.ResourceOption) (*GroupMemberGroupIds, error)

GetGroupMemberGroupIds gets an existing GroupMemberGroupIds resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupMemberGroupIds 

func NewGroupMemberGroupIds(ctx *pulumi.Context,
	name string, args *GroupMemberGroupIdsArgs, opts ...pulumi.ResourceOption) (*GroupMemberGroupIds, error)

NewGroupMemberGroupIds registers a new resource with the given unique name, arguments, and options.

func (*GroupMemberGroupIds) ElementType 

func (*GroupMemberGroupIds) ElementType() reflect.Type

func (*GroupMemberGroupIds) ToGroupMemberGroupIdsOutput 

func (i *GroupMemberGroupIds) ToGroupMemberGroupIdsOutput() GroupMemberGroupIdsOutput

func (*GroupMemberGroupIds) ToGroupMemberGroupIdsOutputWithContext 

func (i *GroupMemberGroupIds) ToGroupMemberGroupIdsOutputWithContext(ctx context.Context) GroupMemberGroupIdsOutput

type GroupMemberGroupIdsArgs 

type GroupMemberGroupIdsArgs struct {
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set
	// it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present
	// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource
	// are removed.
	Exclusive pulumi.BoolPtrInput
	// Group ID to assign member entities to.
	GroupId pulumi.StringInput
	// List of member groups that belong to the group
	MemberGroupIds pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a GroupMemberGroupIds resource.

func (GroupMemberGroupIdsArgs) ElementType 

func (GroupMemberGroupIdsArgs) ElementType() reflect.Type

type GroupMemberGroupIdsArray 

type GroupMemberGroupIdsArray []GroupMemberGroupIdsInput

func (GroupMemberGroupIdsArray) ElementType 

func (GroupMemberGroupIdsArray) ElementType() reflect.Type

func (GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutput 

func (i GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutput() GroupMemberGroupIdsArrayOutput

func (GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutputWithContext 

func (i GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutputWithContext(ctx context.Context) GroupMemberGroupIdsArrayOutput

type GroupMemberGroupIdsArrayInput 

type GroupMemberGroupIdsArrayInput interface {
	pulumi.Input

	ToGroupMemberGroupIdsArrayOutput() GroupMemberGroupIdsArrayOutput
	ToGroupMemberGroupIdsArrayOutputWithContext(context.Context) GroupMemberGroupIdsArrayOutput
}

GroupMemberGroupIdsArrayInput is an input type that accepts GroupMemberGroupIdsArray and GroupMemberGroupIdsArrayOutput values. You can construct a concrete instance of `GroupMemberGroupIdsArrayInput` via: 

GroupMemberGroupIdsArray{ GroupMemberGroupIdsArgs{...} }

type GroupMemberGroupIdsArrayOutput 

type GroupMemberGroupIdsArrayOutput struct{ *pulumi.OutputState }

func (GroupMemberGroupIdsArrayOutput) ElementType 

func (GroupMemberGroupIdsArrayOutput) ElementType() reflect.Type

func (GroupMemberGroupIdsArrayOutput) Index 

func (o GroupMemberGroupIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberGroupIdsOutput

func (GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutput 

func (o GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutput() GroupMemberGroupIdsArrayOutput

func (GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutputWithContext 

func (o GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutputWithContext(ctx context.Context) GroupMemberGroupIdsArrayOutput

type GroupMemberGroupIdsInput 

type GroupMemberGroupIdsInput interface {
	pulumi.Input

	ToGroupMemberGroupIdsOutput() GroupMemberGroupIdsOutput
	ToGroupMemberGroupIdsOutputWithContext(ctx context.Context) GroupMemberGroupIdsOutput
}

type GroupMemberGroupIdsMap 

type GroupMemberGroupIdsMap map[string]GroupMemberGroupIdsInput

func (GroupMemberGroupIdsMap) ElementType 

func (GroupMemberGroupIdsMap) ElementType() reflect.Type

func (GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutput 

func (i GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutput() GroupMemberGroupIdsMapOutput

func (GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutputWithContext 

func (i GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutputWithContext(ctx context.Context) GroupMemberGroupIdsMapOutput

type GroupMemberGroupIdsMapInput 

type GroupMemberGroupIdsMapInput interface {
	pulumi.Input

	ToGroupMemberGroupIdsMapOutput() GroupMemberGroupIdsMapOutput
	ToGroupMemberGroupIdsMapOutputWithContext(context.Context) GroupMemberGroupIdsMapOutput
}

GroupMemberGroupIdsMapInput is an input type that accepts GroupMemberGroupIdsMap and GroupMemberGroupIdsMapOutput values. You can construct a concrete instance of `GroupMemberGroupIdsMapInput` via: 

GroupMemberGroupIdsMap{ "key": GroupMemberGroupIdsArgs{...} }

type GroupMemberGroupIdsMapOutput 

type GroupMemberGroupIdsMapOutput struct{ *pulumi.OutputState }

func (GroupMemberGroupIdsMapOutput) ElementType 

func (GroupMemberGroupIdsMapOutput) ElementType() reflect.Type

func (GroupMemberGroupIdsMapOutput) MapIndex 

func (o GroupMemberGroupIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberGroupIdsOutput

func (GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutput 

func (o GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutput() GroupMemberGroupIdsMapOutput

func (GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutputWithContext 

func (o GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutputWithContext(ctx context.Context) GroupMemberGroupIdsMapOutput

type GroupMemberGroupIdsOutput 

type GroupMemberGroupIdsOutput struct{ *pulumi.OutputState }

func (GroupMemberGroupIdsOutput) ElementType 

func (GroupMemberGroupIdsOutput) ElementType() reflect.Type

func (GroupMemberGroupIdsOutput) Exclusive 

func (o GroupMemberGroupIdsOutput) Exclusive() pulumi.BoolPtrOutput

Defaults to `true`.

If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource.

If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed.

func (GroupMemberGroupIdsOutput) GroupId 

func (o GroupMemberGroupIdsOutput) GroupId() pulumi.StringOutput

Group ID to assign member entities to.

func (GroupMemberGroupIdsOutput) MemberGroupIds 

func (o GroupMemberGroupIdsOutput) MemberGroupIds() pulumi.StringArrayOutput

List of member groups that belong to the group

func (GroupMemberGroupIdsOutput) Namespace 

func (o GroupMemberGroupIdsOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutput 

func (o GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutput() GroupMemberGroupIdsOutput

func (GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutputWithContext 

func (o GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutputWithContext(ctx context.Context) GroupMemberGroupIdsOutput

type GroupMemberGroupIdsState 

type GroupMemberGroupIdsState struct {
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set
	// it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present
	// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource
	// are removed.
	Exclusive pulumi.BoolPtrInput
	// Group ID to assign member entities to.
	GroupId pulumi.StringPtrInput
	// List of member groups that belong to the group
	MemberGroupIds pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (GroupMemberGroupIdsState) ElementType 

func (GroupMemberGroupIdsState) ElementType() reflect.Type

type GroupOutput 

type GroupOutput struct{ *pulumi.OutputState }

func (GroupOutput) ElementType 

func (GroupOutput) ElementType() reflect.Type

func (GroupOutput) ExternalMemberEntityIds 

func (o GroupOutput) ExternalMemberEntityIds() pulumi.BoolPtrOutput

`false` by default. If set to `true`, this resource will ignore any Entity IDs returned from Vault or specified in the resource. You can use `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a decoupled manner.

func (GroupOutput) ExternalMemberGroupIds 

func (o GroupOutput) ExternalMemberGroupIds() pulumi.BoolPtrOutput

`false` by default. If set to `true`, this resource will ignore any Group IDs returned from Vault or specified in the resource. You can use `identity.GroupMemberGroupIds` to manage Group IDs for this group in a decoupled manner.

func (GroupOutput) ExternalPolicies 

func (o GroupOutput) ExternalPolicies() pulumi.BoolPtrOutput

`false` by default. If set to `true`, this resource will ignore any policies returned from Vault or specified in the resource. You can use `identity.GroupPolicies` to manage policies for this group in a decoupled manner.

func (GroupOutput) MemberEntityIds 

func (o GroupOutput) MemberEntityIds() pulumi.StringArrayOutput

A list of Entity IDs to be assigned as group members. Not allowed on `external` groups.

func (GroupOutput) MemberGroupIds 

func (o GroupOutput) MemberGroupIds() pulumi.StringArrayOutput

A list of Group IDs to be assigned as group members. Not allowed on `external` groups.

func (GroupOutput) Metadata 

func (o GroupOutput) Metadata() pulumi.StringMapOutput

A Map of additional metadata to associate with the group.

func (GroupOutput) Name 

func (o GroupOutput) Name() pulumi.StringOutput

Name of the identity group to create.

func (GroupOutput) Namespace 

func (o GroupOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (GroupOutput) Policies 

func (o GroupOutput) Policies() pulumi.StringArrayOutput

A list of policies to apply to the group.

func (GroupOutput) ToGroupOutput 

func (o GroupOutput) ToGroupOutput() GroupOutput

func (GroupOutput) ToGroupOutputWithContext 

func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput

func (GroupOutput) Type 

func (o GroupOutput) Type() pulumi.StringPtrOutput

Type of the group, internal or external. Defaults to `internal`.

type GroupPolicies 

type GroupPolicies struct {
	pulumi.CustomResourceState

	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
	Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"`
	// Group ID to assign policies to.
	GroupId pulumi.StringOutput `pulumi:"groupId"`
	// The name of the group that are assigned the policies.
	GroupName pulumi.StringOutput `pulumi:"groupName"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// List of policies to assign to the group
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
}

Manages policies for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.

## Example Usage

### Exclusive Policies

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:             pulumi.String("internal"),
			ExternalPolicies: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupPolicies(ctx, "policies", &identity.GroupPoliciesArgs{
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("test"),
			},
			Exclusive: pulumi.Bool(true),
			GroupId:   internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Non-exclusive Policies

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:             pulumi.String("internal"),
			ExternalPolicies: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupPolicies(ctx, "default", &identity.GroupPoliciesArgs{
			Policies: pulumi.StringArray{
				pulumi.String("default"),
				pulumi.String("test"),
			},
			Exclusive: pulumi.Bool(false),
			GroupId:   internal.ID(),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupPolicies(ctx, "others", &identity.GroupPoliciesArgs{
			Policies: pulumi.StringArray{
				pulumi.String("others"),
			},
			Exclusive: pulumi.Bool(false),
			GroupId:   internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetGroupPolicies 

func GetGroupPolicies(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupPoliciesState, opts ...pulumi.ResourceOption) (*GroupPolicies, error)

GetGroupPolicies gets an existing GroupPolicies resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicies 

func NewGroupPolicies(ctx *pulumi.Context,
	name string, args *GroupPoliciesArgs, opts ...pulumi.ResourceOption) (*GroupPolicies, error)

NewGroupPolicies registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicies) ElementType 

func (*GroupPolicies) ElementType() reflect.Type

func (*GroupPolicies) ToGroupPoliciesOutput 

func (i *GroupPolicies) ToGroupPoliciesOutput() GroupPoliciesOutput

func (*GroupPolicies) ToGroupPoliciesOutputWithContext 

func (i *GroupPolicies) ToGroupPoliciesOutputWithContext(ctx context.Context) GroupPoliciesOutput

type GroupPoliciesArgs 

type GroupPoliciesArgs struct {
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
	Exclusive pulumi.BoolPtrInput
	// Group ID to assign policies to.
	GroupId pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of policies to assign to the group
	Policies pulumi.StringArrayInput
}

The set of arguments for constructing a GroupPolicies resource.

func (GroupPoliciesArgs) ElementType 

func (GroupPoliciesArgs) ElementType() reflect.Type

type GroupPoliciesArray 

type GroupPoliciesArray []GroupPoliciesInput

func (GroupPoliciesArray) ElementType 

func (GroupPoliciesArray) ElementType() reflect.Type

func (GroupPoliciesArray) ToGroupPoliciesArrayOutput 

func (i GroupPoliciesArray) ToGroupPoliciesArrayOutput() GroupPoliciesArrayOutput

func (GroupPoliciesArray) ToGroupPoliciesArrayOutputWithContext 

func (i GroupPoliciesArray) ToGroupPoliciesArrayOutputWithContext(ctx context.Context) GroupPoliciesArrayOutput

type GroupPoliciesArrayInput 

type GroupPoliciesArrayInput interface {
	pulumi.Input

	ToGroupPoliciesArrayOutput() GroupPoliciesArrayOutput
	ToGroupPoliciesArrayOutputWithContext(context.Context) GroupPoliciesArrayOutput
}

GroupPoliciesArrayInput is an input type that accepts GroupPoliciesArray and GroupPoliciesArrayOutput values. You can construct a concrete instance of `GroupPoliciesArrayInput` via: 

GroupPoliciesArray{ GroupPoliciesArgs{...} }

type GroupPoliciesArrayOutput 

type GroupPoliciesArrayOutput struct{ *pulumi.OutputState }

func (GroupPoliciesArrayOutput) ElementType 

func (GroupPoliciesArrayOutput) ElementType() reflect.Type

func (GroupPoliciesArrayOutput) Index 

func (o GroupPoliciesArrayOutput) Index(i pulumi.IntInput) GroupPoliciesOutput

func (GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutput 

func (o GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutput() GroupPoliciesArrayOutput

func (GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutputWithContext 

func (o GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutputWithContext(ctx context.Context) GroupPoliciesArrayOutput

type GroupPoliciesInput 

type GroupPoliciesInput interface {
	pulumi.Input

	ToGroupPoliciesOutput() GroupPoliciesOutput
	ToGroupPoliciesOutputWithContext(ctx context.Context) GroupPoliciesOutput
}

type GroupPoliciesMap 

type GroupPoliciesMap map[string]GroupPoliciesInput

func (GroupPoliciesMap) ElementType 

func (GroupPoliciesMap) ElementType() reflect.Type

func (GroupPoliciesMap) ToGroupPoliciesMapOutput 

func (i GroupPoliciesMap) ToGroupPoliciesMapOutput() GroupPoliciesMapOutput

func (GroupPoliciesMap) ToGroupPoliciesMapOutputWithContext 

func (i GroupPoliciesMap) ToGroupPoliciesMapOutputWithContext(ctx context.Context) GroupPoliciesMapOutput

type GroupPoliciesMapInput 

type GroupPoliciesMapInput interface {
	pulumi.Input

	ToGroupPoliciesMapOutput() GroupPoliciesMapOutput
	ToGroupPoliciesMapOutputWithContext(context.Context) GroupPoliciesMapOutput
}

GroupPoliciesMapInput is an input type that accepts GroupPoliciesMap and GroupPoliciesMapOutput values. You can construct a concrete instance of `GroupPoliciesMapInput` via: 

GroupPoliciesMap{ "key": GroupPoliciesArgs{...} }

type GroupPoliciesMapOutput 

type GroupPoliciesMapOutput struct{ *pulumi.OutputState }

func (GroupPoliciesMapOutput) ElementType 

func (GroupPoliciesMapOutput) ElementType() reflect.Type

func (GroupPoliciesMapOutput) MapIndex 

func (o GroupPoliciesMapOutput) MapIndex(k pulumi.StringInput) GroupPoliciesOutput

func (GroupPoliciesMapOutput) ToGroupPoliciesMapOutput 

func (o GroupPoliciesMapOutput) ToGroupPoliciesMapOutput() GroupPoliciesMapOutput

func (GroupPoliciesMapOutput) ToGroupPoliciesMapOutputWithContext 

func (o GroupPoliciesMapOutput) ToGroupPoliciesMapOutputWithContext(ctx context.Context) GroupPoliciesMapOutput

type GroupPoliciesOutput 

type GroupPoliciesOutput struct{ *pulumi.OutputState }

func (GroupPoliciesOutput) ElementType 

func (GroupPoliciesOutput) ElementType() reflect.Type

func (GroupPoliciesOutput) Exclusive 

func (o GroupPoliciesOutput) Exclusive() pulumi.BoolPtrOutput

Defaults to `true`.

If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.

If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.

func (GroupPoliciesOutput) GroupId 

func (o GroupPoliciesOutput) GroupId() pulumi.StringOutput

Group ID to assign policies to.

func (GroupPoliciesOutput) GroupName 

func (o GroupPoliciesOutput) GroupName() pulumi.StringOutput

The name of the group that are assigned the policies.

func (GroupPoliciesOutput) Namespace 

func (o GroupPoliciesOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (GroupPoliciesOutput) Policies 

func (o GroupPoliciesOutput) Policies() pulumi.StringArrayOutput

List of policies to assign to the group

func (GroupPoliciesOutput) ToGroupPoliciesOutput 

func (o GroupPoliciesOutput) ToGroupPoliciesOutput() GroupPoliciesOutput

func (GroupPoliciesOutput) ToGroupPoliciesOutputWithContext 

func (o GroupPoliciesOutput) ToGroupPoliciesOutputWithContext(ctx context.Context) GroupPoliciesOutput

type GroupPoliciesState 

type GroupPoliciesState struct {
	// Defaults to `true`.
	//
	// If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.
	//
	// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
	Exclusive pulumi.BoolPtrInput
	// Group ID to assign policies to.
	GroupId pulumi.StringPtrInput
	// The name of the group that are assigned the policies.
	GroupName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of policies to assign to the group
	Policies pulumi.StringArrayInput
}

func (GroupPoliciesState) ElementType 

func (GroupPoliciesState) ElementType() reflect.Type

type GroupState 

type GroupState struct {
	// `false` by default. If set to `true`, this resource will ignore any Entity IDs
	// returned from Vault or specified in the resource. You can use
	// `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a
	// decoupled manner.
	ExternalMemberEntityIds pulumi.BoolPtrInput
	// `false` by default. If set to `true`, this resource will ignore any Group IDs
	// returned from Vault or specified in the resource. You can use
	// `identity.GroupMemberGroupIds` to manage Group IDs for this group in a
	// decoupled manner.
	ExternalMemberGroupIds pulumi.BoolPtrInput
	// `false` by default. If set to `true`, this resource will ignore any policies returned from
	// Vault or specified in the resource. You can use `identity.GroupPolicies` to manage
	// policies for this group in a decoupled manner.
	ExternalPolicies pulumi.BoolPtrInput
	// A list of Entity IDs to be assigned as group members. Not allowed on `external` groups.
	MemberEntityIds pulumi.StringArrayInput
	// A list of Group IDs to be assigned as group members. Not allowed on `external` groups.
	MemberGroupIds pulumi.StringArrayInput
	// A Map of additional metadata to associate with the group.
	Metadata pulumi.StringMapInput
	// Name of the identity group to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// A list of policies to apply to the group.
	Policies pulumi.StringArrayInput
	// Type of the group, internal or external. Defaults to `internal`.
	Type pulumi.StringPtrInput
}

func (GroupState) ElementType 

func (GroupState) ElementType() reflect.Type

type LookupEntityArgs 

type LookupEntityArgs struct {
	// ID of the alias.
	AliasId *string `pulumi:"aliasId"`
	// Accessor of the mount to which the alias belongs to.
	// This should be supplied in conjunction with `aliasName`.
	//
	// The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of
	// `aliasName` and `aliasMountAccessor`.
	AliasMountAccessor *string `pulumi:"aliasMountAccessor"`
	// Name of the alias. This should be supplied in conjunction with
	// `aliasMountAccessor`.
	AliasName *string `pulumi:"aliasName"`
	// ID of the entity.
	EntityId *string `pulumi:"entityId"`
	// Name of the entity.
	EntityName *string `pulumi:"entityName"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getEntity.

type LookupEntityOutputArgs 

type LookupEntityOutputArgs struct {
	// ID of the alias.
	AliasId pulumi.StringPtrInput `pulumi:"aliasId"`
	// Accessor of the mount to which the alias belongs to.
	// This should be supplied in conjunction with `aliasName`.
	//
	// The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of
	// `aliasName` and `aliasMountAccessor`.
	AliasMountAccessor pulumi.StringPtrInput `pulumi:"aliasMountAccessor"`
	// Name of the alias. This should be supplied in conjunction with
	// `aliasMountAccessor`.
	AliasName pulumi.StringPtrInput `pulumi:"aliasName"`
	// ID of the entity.
	EntityId pulumi.StringPtrInput `pulumi:"entityId"`
	// Name of the entity.
	EntityName pulumi.StringPtrInput `pulumi:"entityName"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getEntity.

func (LookupEntityOutputArgs) ElementType 

func (LookupEntityOutputArgs) ElementType() reflect.Type

type LookupEntityResult 

type LookupEntityResult struct {
	AliasId            string `pulumi:"aliasId"`
	AliasMountAccessor string `pulumi:"aliasMountAccessor"`
	AliasName          string `pulumi:"aliasName"`
	// A list of entity alias. Structure is documented below.
	Aliases []GetEntityAliasType `pulumi:"aliases"`
	// Creation time of the Alias
	CreationTime string `pulumi:"creationTime"`
	// A string containing the full data payload retrieved from
	// Vault, serialized in JSON format.
	DataJson string `pulumi:"dataJson"`
	// List of Group IDs of which the entity is directly a member of
	DirectGroupIds []string `pulumi:"directGroupIds"`
	// Whether the entity is disabled
	Disabled   bool   `pulumi:"disabled"`
	EntityId   string `pulumi:"entityId"`
	EntityName string `pulumi:"entityName"`
	// List of all Group IDs of which the entity is a member of
	GroupIds []string `pulumi:"groupIds"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// List of all Group IDs of which the entity is a member of transitively
	InheritedGroupIds []string `pulumi:"inheritedGroupIds"`
	// Last update time of the alias
	LastUpdateTime string `pulumi:"lastUpdateTime"`
	// Other entity IDs which is merged with this entity
	MergedEntityIds []string `pulumi:"mergedEntityIds"`
	// Arbitrary metadata
	Metadata  map[string]interface{} `pulumi:"metadata"`
	Namespace *string                `pulumi:"namespace"`
	// Namespace of which the entity is part of
	NamespaceId string `pulumi:"namespaceId"`
	// List of policies attached to the entity
	Policies []string `pulumi:"policies"`
}

A collection of values returned by getEntity.

func LookupEntity 

func LookupEntity(ctx *pulumi.Context, args *LookupEntityArgs, opts ...pulumi.InvokeOption) (*LookupEntityResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.LookupEntity(ctx, &identity.LookupEntityArgs{
			EntityName: pulumi.StringRef("entity_12345"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Required Vault Capabilities

Use of this resource requires the `create` capability on `/identity/lookup/entity`.

type LookupEntityResultOutput 

type LookupEntityResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getEntity.

func LookupEntityOutput 

func LookupEntityOutput(ctx *pulumi.Context, args LookupEntityOutputArgs, opts ...pulumi.InvokeOption) LookupEntityResultOutput

func (LookupEntityResultOutput) AliasId 

func (o LookupEntityResultOutput) AliasId() pulumi.StringOutput

func (LookupEntityResultOutput) AliasMountAccessor 

func (o LookupEntityResultOutput) AliasMountAccessor() pulumi.StringOutput

func (LookupEntityResultOutput) AliasName 

func (o LookupEntityResultOutput) AliasName() pulumi.StringOutput

func (LookupEntityResultOutput) Aliases 

func (o LookupEntityResultOutput) Aliases() GetEntityAliasTypeArrayOutput

A list of entity alias. Structure is documented below.

func (LookupEntityResultOutput) CreationTime 

func (o LookupEntityResultOutput) CreationTime() pulumi.StringOutput

Creation time of the Alias

func (LookupEntityResultOutput) DataJson 

func (o LookupEntityResultOutput) DataJson() pulumi.StringOutput

A string containing the full data payload retrieved from Vault, serialized in JSON format.

func (LookupEntityResultOutput) DirectGroupIds 

func (o LookupEntityResultOutput) DirectGroupIds() pulumi.StringArrayOutput

List of Group IDs of which the entity is directly a member of

func (LookupEntityResultOutput) Disabled 

func (o LookupEntityResultOutput) Disabled() pulumi.BoolOutput

Whether the entity is disabled

func (LookupEntityResultOutput) ElementType 

func (LookupEntityResultOutput) ElementType() reflect.Type

func (LookupEntityResultOutput) EntityId 

func (o LookupEntityResultOutput) EntityId() pulumi.StringOutput

func (LookupEntityResultOutput) EntityName 

func (o LookupEntityResultOutput) EntityName() pulumi.StringOutput

func (LookupEntityResultOutput) GroupIds 

func (o LookupEntityResultOutput) GroupIds() pulumi.StringArrayOutput

List of all Group IDs of which the entity is a member of

func (LookupEntityResultOutput) Id 

func (o LookupEntityResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupEntityResultOutput) InheritedGroupIds 

func (o LookupEntityResultOutput) InheritedGroupIds() pulumi.StringArrayOutput

List of all Group IDs of which the entity is a member of transitively

func (LookupEntityResultOutput) LastUpdateTime 

func (o LookupEntityResultOutput) LastUpdateTime() pulumi.StringOutput

Last update time of the alias

func (LookupEntityResultOutput) MergedEntityIds 

func (o LookupEntityResultOutput) MergedEntityIds() pulumi.StringArrayOutput

Other entity IDs which is merged with this entity

func (LookupEntityResultOutput) Metadata 

func (o LookupEntityResultOutput) Metadata() pulumi.MapOutput

Arbitrary metadata

func (LookupEntityResultOutput) Namespace 

func (o LookupEntityResultOutput) Namespace() pulumi.StringPtrOutput

func (LookupEntityResultOutput) NamespaceId 

func (o LookupEntityResultOutput) NamespaceId() pulumi.StringOutput

Namespace of which the entity is part of

func (LookupEntityResultOutput) Policies 

func (o LookupEntityResultOutput) Policies() pulumi.StringArrayOutput

List of policies attached to the entity

func (LookupEntityResultOutput) ToLookupEntityResultOutput 

func (o LookupEntityResultOutput) ToLookupEntityResultOutput() LookupEntityResultOutput

func (LookupEntityResultOutput) ToLookupEntityResultOutputWithContext 

func (o LookupEntityResultOutput) ToLookupEntityResultOutputWithContext(ctx context.Context) LookupEntityResultOutput

type LookupGroupArgs 

type LookupGroupArgs struct {
	// ID of the alias.
	AliasId *string `pulumi:"aliasId"`
	// Accessor of the mount to which the alias belongs to.
	// This should be supplied in conjunction with `aliasName`.
	//
	// The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of
	// `aliasName` and `aliasMountAccessor`.
	AliasMountAccessor *string `pulumi:"aliasMountAccessor"`
	// Name of the alias. This should be supplied in conjunction with
	// `aliasMountAccessor`.
	AliasName *string `pulumi:"aliasName"`
	// ID of the group.
	GroupId *string `pulumi:"groupId"`
	// Name of the group.
	GroupName *string `pulumi:"groupName"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getGroup.

type LookupGroupOutputArgs 

type LookupGroupOutputArgs struct {
	// ID of the alias.
	AliasId pulumi.StringPtrInput `pulumi:"aliasId"`
	// Accessor of the mount to which the alias belongs to.
	// This should be supplied in conjunction with `aliasName`.
	//
	// The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of
	// `aliasName` and `aliasMountAccessor`.
	AliasMountAccessor pulumi.StringPtrInput `pulumi:"aliasMountAccessor"`
	// Name of the alias. This should be supplied in conjunction with
	// `aliasMountAccessor`.
	AliasName pulumi.StringPtrInput `pulumi:"aliasName"`
	// ID of the group.
	GroupId pulumi.StringPtrInput `pulumi:"groupId"`
	// Name of the group.
	GroupName pulumi.StringPtrInput `pulumi:"groupName"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getGroup.

func (LookupGroupOutputArgs) ElementType 

func (LookupGroupOutputArgs) ElementType() reflect.Type

type LookupGroupResult 

type LookupGroupResult struct {
	// Canonical ID of the Alias
	AliasCanonicalId string `pulumi:"aliasCanonicalId"`
	// Creation time of the Alias
	AliasCreationTime string `pulumi:"aliasCreationTime"`
	AliasId           string `pulumi:"aliasId"`
	// Last update time of the alias
	AliasLastUpdateTime string `pulumi:"aliasLastUpdateTime"`
	// List of canonical IDs merged with this alias
	AliasMergedFromCanonicalIds []string `pulumi:"aliasMergedFromCanonicalIds"`
	// Arbitrary metadata
	AliasMetadata      map[string]interface{} `pulumi:"aliasMetadata"`
	AliasMountAccessor string                 `pulumi:"aliasMountAccessor"`
	// Authentication mount path which this alias belongs to
	AliasMountPath string `pulumi:"aliasMountPath"`
	// Authentication mount type which this alias belongs to
	AliasMountType string `pulumi:"aliasMountType"`
	AliasName      string `pulumi:"aliasName"`
	// Creation timestamp of the group
	CreationTime string `pulumi:"creationTime"`
	// A string containing the full data payload retrieved from
	// Vault, serialized in JSON format.
	DataJson  string `pulumi:"dataJson"`
	GroupId   string `pulumi:"groupId"`
	GroupName string `pulumi:"groupName"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Last updated time of the group
	LastUpdateTime string `pulumi:"lastUpdateTime"`
	// List of Entity IDs which are members of this group
	MemberEntityIds []string `pulumi:"memberEntityIds"`
	// List of Group IDs which are members of this group
	MemberGroupIds []string `pulumi:"memberGroupIds"`
	// Arbitrary metadata
	Metadata map[string]interface{} `pulumi:"metadata"`
	// Modify index of the group
	ModifyIndex int     `pulumi:"modifyIndex"`
	Namespace   *string `pulumi:"namespace"`
	// Namespace of which the group is part of
	NamespaceId string `pulumi:"namespaceId"`
	// List of Group IDs which are parents of this group.
	ParentGroupIds []string `pulumi:"parentGroupIds"`
	// List of policies attached to the group
	Policies []string `pulumi:"policies"`
	// Type of group
	Type string `pulumi:"type"`
}

A collection of values returned by getGroup.

func LookupGroup 

func LookupGroup(ctx *pulumi.Context, args *LookupGroupArgs, opts ...pulumi.InvokeOption) (*LookupGroupResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.LookupGroup(ctx, &identity.LookupGroupArgs{
			GroupName: pulumi.StringRef("user"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Required Vault Capabilities

Use of this resource requires the `create` capability on `/identity/lookup/group`.

type LookupGroupResultOutput 

type LookupGroupResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getGroup.

func LookupGroupOutput 

func LookupGroupOutput(ctx *pulumi.Context, args LookupGroupOutputArgs, opts ...pulumi.InvokeOption) LookupGroupResultOutput

func (LookupGroupResultOutput) AliasCanonicalId 

func (o LookupGroupResultOutput) AliasCanonicalId() pulumi.StringOutput

Canonical ID of the Alias

func (LookupGroupResultOutput) AliasCreationTime 

func (o LookupGroupResultOutput) AliasCreationTime() pulumi.StringOutput

Creation time of the Alias

func (LookupGroupResultOutput) AliasId 

func (o LookupGroupResultOutput) AliasId() pulumi.StringOutput

func (LookupGroupResultOutput) AliasLastUpdateTime 

func (o LookupGroupResultOutput) AliasLastUpdateTime() pulumi.StringOutput

Last update time of the alias

func (LookupGroupResultOutput) AliasMergedFromCanonicalIds 

func (o LookupGroupResultOutput) AliasMergedFromCanonicalIds() pulumi.StringArrayOutput

List of canonical IDs merged with this alias

func (LookupGroupResultOutput) AliasMetadata 

func (o LookupGroupResultOutput) AliasMetadata() pulumi.MapOutput

Arbitrary metadata

func (LookupGroupResultOutput) AliasMountAccessor 

func (o LookupGroupResultOutput) AliasMountAccessor() pulumi.StringOutput

func (LookupGroupResultOutput) AliasMountPath 

func (o LookupGroupResultOutput) AliasMountPath() pulumi.StringOutput

Authentication mount path which this alias belongs to

func (LookupGroupResultOutput) AliasMountType 

func (o LookupGroupResultOutput) AliasMountType() pulumi.StringOutput

Authentication mount type which this alias belongs to

func (LookupGroupResultOutput) AliasName 

func (o LookupGroupResultOutput) AliasName() pulumi.StringOutput

func (LookupGroupResultOutput) CreationTime 

func (o LookupGroupResultOutput) CreationTime() pulumi.StringOutput

Creation timestamp of the group

func (LookupGroupResultOutput) DataJson 

func (o LookupGroupResultOutput) DataJson() pulumi.StringOutput

A string containing the full data payload retrieved from Vault, serialized in JSON format.

func (LookupGroupResultOutput) ElementType 

func (LookupGroupResultOutput) ElementType() reflect.Type

func (LookupGroupResultOutput) GroupId 

func (o LookupGroupResultOutput) GroupId() pulumi.StringOutput

func (LookupGroupResultOutput) GroupName 

func (o LookupGroupResultOutput) GroupName() pulumi.StringOutput

func (LookupGroupResultOutput) Id 

func (o LookupGroupResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupGroupResultOutput) LastUpdateTime 

func (o LookupGroupResultOutput) LastUpdateTime() pulumi.StringOutput

Last updated time of the group

func (LookupGroupResultOutput) MemberEntityIds 

func (o LookupGroupResultOutput) MemberEntityIds() pulumi.StringArrayOutput

List of Entity IDs which are members of this group

func (LookupGroupResultOutput) MemberGroupIds 

func (o LookupGroupResultOutput) MemberGroupIds() pulumi.StringArrayOutput

List of Group IDs which are members of this group

func (LookupGroupResultOutput) Metadata 

func (o LookupGroupResultOutput) Metadata() pulumi.MapOutput

Arbitrary metadata

func (LookupGroupResultOutput) ModifyIndex 

func (o LookupGroupResultOutput) ModifyIndex() pulumi.IntOutput

Modify index of the group

func (LookupGroupResultOutput) Namespace 

func (o LookupGroupResultOutput) Namespace() pulumi.StringPtrOutput

func (LookupGroupResultOutput) NamespaceId 

func (o LookupGroupResultOutput) NamespaceId() pulumi.StringOutput

Namespace of which the group is part of

func (LookupGroupResultOutput) ParentGroupIds 

func (o LookupGroupResultOutput) ParentGroupIds() pulumi.StringArrayOutput

List of Group IDs which are parents of this group.

func (LookupGroupResultOutput) Policies 

func (o LookupGroupResultOutput) Policies() pulumi.StringArrayOutput

List of policies attached to the group

func (LookupGroupResultOutput) ToLookupGroupResultOutput 

func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput

func (LookupGroupResultOutput) ToLookupGroupResultOutputWithContext 

func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput

func (LookupGroupResultOutput) Type 

func (o LookupGroupResultOutput) Type() pulumi.StringOutput

Type of group

type MfaDuo 

type MfaDuo struct {
	pulumi.CustomResourceState

	// API hostname for Duo
	ApiHostname pulumi.StringOutput `pulumi:"apiHostname"`
	// Integration key for Duo
	IntegrationKey pulumi.StringOutput `pulumi:"integrationKey"`
	// Method ID.
	MethodId pulumi.StringOutput `pulumi:"methodId"`
	// Mount accessor.
	MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"`
	// Method name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Method's namespace ID.
	NamespaceId pulumi.StringOutput `pulumi:"namespaceId"`
	// Method's namespace path.
	NamespacePath pulumi.StringOutput `pulumi:"namespacePath"`
	// Push information for Duo.
	PushInfo pulumi.StringPtrOutput `pulumi:"pushInfo"`
	// Secret key for Duo
	SecretKey pulumi.StringOutput `pulumi:"secretKey"`
	// MFA type.
	Type pulumi.StringOutput `pulumi:"type"`
	// Require passcode upon MFA validation.
	UsePasscode pulumi.BoolPtrOutput `pulumi:"usePasscode"`
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrOutput `pulumi:"usernameFormat"`
	// Resource UUID.
	Uuid pulumi.StringOutput `pulumi:"uuid"`
}

Resource for configuring the duo MFA method.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewMfaDuo(ctx, "example", &identity.MfaDuoArgs{
			ApiHostname:    pulumi.String("api-xxxxxxxx.duosecurity.com"),
			IntegrationKey: pulumi.String("secret-int-key"),
			SecretKey:      pulumi.String("secret-key"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Resource can be imported using its `uuid` field, e.g.

```sh $ pulumi import vault:identity/mfaDuo:MfaDuo example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```

func GetMfaDuo 

func GetMfaDuo(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MfaDuoState, opts ...pulumi.ResourceOption) (*MfaDuo, error)

GetMfaDuo gets an existing MfaDuo resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMfaDuo 

func NewMfaDuo(ctx *pulumi.Context,
	name string, args *MfaDuoArgs, opts ...pulumi.ResourceOption) (*MfaDuo, error)

NewMfaDuo registers a new resource with the given unique name, arguments, and options.

func (*MfaDuo) ElementType 

func (*MfaDuo) ElementType() reflect.Type

func (*MfaDuo) ToMfaDuoOutput 

func (i *MfaDuo) ToMfaDuoOutput() MfaDuoOutput

func (*MfaDuo) ToMfaDuoOutputWithContext 

func (i *MfaDuo) ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput

type MfaDuoArgs 

type MfaDuoArgs struct {
	// API hostname for Duo
	ApiHostname pulumi.StringInput
	// Integration key for Duo
	IntegrationKey pulumi.StringInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// Push information for Duo.
	PushInfo pulumi.StringPtrInput
	// Secret key for Duo
	SecretKey pulumi.StringInput
	// Require passcode upon MFA validation.
	UsePasscode pulumi.BoolPtrInput
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrInput
}

The set of arguments for constructing a MfaDuo resource.

func (MfaDuoArgs) ElementType 

func (MfaDuoArgs) ElementType() reflect.Type

type MfaDuoArray 

type MfaDuoArray []MfaDuoInput

func (MfaDuoArray) ElementType 

func (MfaDuoArray) ElementType() reflect.Type

func (MfaDuoArray) ToMfaDuoArrayOutput 

func (i MfaDuoArray) ToMfaDuoArrayOutput() MfaDuoArrayOutput

func (MfaDuoArray) ToMfaDuoArrayOutputWithContext 

func (i MfaDuoArray) ToMfaDuoArrayOutputWithContext(ctx context.Context) MfaDuoArrayOutput

type MfaDuoArrayInput 

type MfaDuoArrayInput interface {
	pulumi.Input

	ToMfaDuoArrayOutput() MfaDuoArrayOutput
	ToMfaDuoArrayOutputWithContext(context.Context) MfaDuoArrayOutput
}

MfaDuoArrayInput is an input type that accepts MfaDuoArray and MfaDuoArrayOutput values. You can construct a concrete instance of `MfaDuoArrayInput` via: 

MfaDuoArray{ MfaDuoArgs{...} }

type MfaDuoArrayOutput 

type MfaDuoArrayOutput struct{ *pulumi.OutputState }

func (MfaDuoArrayOutput) ElementType 

func (MfaDuoArrayOutput) ElementType() reflect.Type

func (MfaDuoArrayOutput) Index 

func (o MfaDuoArrayOutput) Index(i pulumi.IntInput) MfaDuoOutput

func (MfaDuoArrayOutput) ToMfaDuoArrayOutput 

func (o MfaDuoArrayOutput) ToMfaDuoArrayOutput() MfaDuoArrayOutput

func (MfaDuoArrayOutput) ToMfaDuoArrayOutputWithContext 

func (o MfaDuoArrayOutput) ToMfaDuoArrayOutputWithContext(ctx context.Context) MfaDuoArrayOutput

type MfaDuoInput 

type MfaDuoInput interface {
	pulumi.Input

	ToMfaDuoOutput() MfaDuoOutput
	ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput
}

type MfaDuoMap 

type MfaDuoMap map[string]MfaDuoInput

func (MfaDuoMap) ElementType 

func (MfaDuoMap) ElementType() reflect.Type

func (MfaDuoMap) ToMfaDuoMapOutput 

func (i MfaDuoMap) ToMfaDuoMapOutput() MfaDuoMapOutput

func (MfaDuoMap) ToMfaDuoMapOutputWithContext 

func (i MfaDuoMap) ToMfaDuoMapOutputWithContext(ctx context.Context) MfaDuoMapOutput

type MfaDuoMapInput 

type MfaDuoMapInput interface {
	pulumi.Input

	ToMfaDuoMapOutput() MfaDuoMapOutput
	ToMfaDuoMapOutputWithContext(context.Context) MfaDuoMapOutput
}

MfaDuoMapInput is an input type that accepts MfaDuoMap and MfaDuoMapOutput values. You can construct a concrete instance of `MfaDuoMapInput` via: 

MfaDuoMap{ "key": MfaDuoArgs{...} }

type MfaDuoMapOutput 

type MfaDuoMapOutput struct{ *pulumi.OutputState }

func (MfaDuoMapOutput) ElementType 

func (MfaDuoMapOutput) ElementType() reflect.Type

func (MfaDuoMapOutput) MapIndex 

func (o MfaDuoMapOutput) MapIndex(k pulumi.StringInput) MfaDuoOutput

func (MfaDuoMapOutput) ToMfaDuoMapOutput 

func (o MfaDuoMapOutput) ToMfaDuoMapOutput() MfaDuoMapOutput

func (MfaDuoMapOutput) ToMfaDuoMapOutputWithContext 

func (o MfaDuoMapOutput) ToMfaDuoMapOutputWithContext(ctx context.Context) MfaDuoMapOutput

type MfaDuoOutput 

type MfaDuoOutput struct{ *pulumi.OutputState }

func (MfaDuoOutput) ApiHostname 

func (o MfaDuoOutput) ApiHostname() pulumi.StringOutput

API hostname for Duo

func (MfaDuoOutput) ElementType 

func (MfaDuoOutput) ElementType() reflect.Type

func (MfaDuoOutput) IntegrationKey 

func (o MfaDuoOutput) IntegrationKey() pulumi.StringOutput

Integration key for Duo

func (MfaDuoOutput) MethodId 

func (o MfaDuoOutput) MethodId() pulumi.StringOutput

Method ID.

func (MfaDuoOutput) MountAccessor 

func (o MfaDuoOutput) MountAccessor() pulumi.StringOutput

Mount accessor.

func (MfaDuoOutput) Name 

func (o MfaDuoOutput) Name() pulumi.StringOutput

Method name.

func (MfaDuoOutput) Namespace 

func (o MfaDuoOutput) Namespace() pulumi.StringPtrOutput

Target namespace. (requires Enterprise)

func (MfaDuoOutput) NamespaceId 

func (o MfaDuoOutput) NamespaceId() pulumi.StringOutput

Method's namespace ID.

func (MfaDuoOutput) NamespacePath 

func (o MfaDuoOutput) NamespacePath() pulumi.StringOutput

Method's namespace path.

func (MfaDuoOutput) PushInfo 

func (o MfaDuoOutput) PushInfo() pulumi.StringPtrOutput

Push information for Duo.

func (MfaDuoOutput) SecretKey 

func (o MfaDuoOutput) SecretKey() pulumi.StringOutput

Secret key for Duo

func (MfaDuoOutput) ToMfaDuoOutput 

func (o MfaDuoOutput) ToMfaDuoOutput() MfaDuoOutput

func (MfaDuoOutput) ToMfaDuoOutputWithContext 

func (o MfaDuoOutput) ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput

func (MfaDuoOutput) Type 

func (o MfaDuoOutput) Type() pulumi.StringOutput

MFA type.

func (MfaDuoOutput) UsePasscode 

func (o MfaDuoOutput) UsePasscode() pulumi.BoolPtrOutput

Require passcode upon MFA validation.

func (MfaDuoOutput) UsernameFormat 

func (o MfaDuoOutput) UsernameFormat() pulumi.StringPtrOutput

A template string for mapping Identity names to MFA methods.

func (MfaDuoOutput) Uuid 

func (o MfaDuoOutput) Uuid() pulumi.StringOutput

Resource UUID.

type MfaDuoState 

type MfaDuoState struct {
	// API hostname for Duo
	ApiHostname pulumi.StringPtrInput
	// Integration key for Duo
	IntegrationKey pulumi.StringPtrInput
	// Method ID.
	MethodId pulumi.StringPtrInput
	// Mount accessor.
	MountAccessor pulumi.StringPtrInput
	// Method name.
	Name pulumi.StringPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// Method's namespace ID.
	NamespaceId pulumi.StringPtrInput
	// Method's namespace path.
	NamespacePath pulumi.StringPtrInput
	// Push information for Duo.
	PushInfo pulumi.StringPtrInput
	// Secret key for Duo
	SecretKey pulumi.StringPtrInput
	// MFA type.
	Type pulumi.StringPtrInput
	// Require passcode upon MFA validation.
	UsePasscode pulumi.BoolPtrInput
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrInput
	// Resource UUID.
	Uuid pulumi.StringPtrInput
}

func (MfaDuoState) ElementType 

func (MfaDuoState) ElementType() reflect.Type

type MfaLoginEnforcement 

type MfaLoginEnforcement struct {
	pulumi.CustomResourceState

	// Set of auth method accessor IDs.
	AuthMethodAccessors pulumi.StringArrayOutput `pulumi:"authMethodAccessors"`
	// Set of auth method types.
	AuthMethodTypes pulumi.StringArrayOutput `pulumi:"authMethodTypes"`
	// Set of identity entity IDs.
	IdentityEntityIds pulumi.StringArrayOutput `pulumi:"identityEntityIds"`
	// Set of identity group IDs.
	IdentityGroupIds pulumi.StringArrayOutput `pulumi:"identityGroupIds"`
	// Set of MFA method UUIDs.
	MfaMethodIds pulumi.StringArrayOutput `pulumi:"mfaMethodIds"`
	// Login enforcement name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Method's namespace ID.
	NamespaceId pulumi.StringOutput `pulumi:"namespaceId"`
	// Method's namespace path.
	NamespacePath pulumi.StringOutput `pulumi:"namespacePath"`
	// Resource UUID.
	Uuid pulumi.StringOutput `pulumi:"uuid"`
}

Resource for configuring MFA login-enforcement

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleMfaDuo, err := identity.NewMfaDuo(ctx, "exampleMfaDuo", &identity.MfaDuoArgs{
			SecretKey:      pulumi.String("secret-key"),
			IntegrationKey: pulumi.String("int-key"),
			ApiHostname:    pulumi.String("foo.baz"),
			PushInfo:       pulumi.String("push-info"),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewMfaLoginEnforcement(ctx, "exampleMfaLoginEnforcement", &identity.MfaLoginEnforcementArgs{
			MfaMethodIds: pulumi.StringArray{
				exampleMfaDuo.MethodId,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Resource can be imported using its `name` field, e.g.

```sh $ pulumi import vault:identity/mfaLoginEnforcement:MfaLoginEnforcement example default ```

func GetMfaLoginEnforcement 

func GetMfaLoginEnforcement(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MfaLoginEnforcementState, opts ...pulumi.ResourceOption) (*MfaLoginEnforcement, error)

GetMfaLoginEnforcement gets an existing MfaLoginEnforcement resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMfaLoginEnforcement 

func NewMfaLoginEnforcement(ctx *pulumi.Context,
	name string, args *MfaLoginEnforcementArgs, opts ...pulumi.ResourceOption) (*MfaLoginEnforcement, error)

NewMfaLoginEnforcement registers a new resource with the given unique name, arguments, and options.

func (*MfaLoginEnforcement) ElementType 

func (*MfaLoginEnforcement) ElementType() reflect.Type

func (*MfaLoginEnforcement) ToMfaLoginEnforcementOutput 

func (i *MfaLoginEnforcement) ToMfaLoginEnforcementOutput() MfaLoginEnforcementOutput

func (*MfaLoginEnforcement) ToMfaLoginEnforcementOutputWithContext 

func (i *MfaLoginEnforcement) ToMfaLoginEnforcementOutputWithContext(ctx context.Context) MfaLoginEnforcementOutput

type MfaLoginEnforcementArgs 

type MfaLoginEnforcementArgs struct {
	// Set of auth method accessor IDs.
	AuthMethodAccessors pulumi.StringArrayInput
	// Set of auth method types.
	AuthMethodTypes pulumi.StringArrayInput
	// Set of identity entity IDs.
	IdentityEntityIds pulumi.StringArrayInput
	// Set of identity group IDs.
	IdentityGroupIds pulumi.StringArrayInput
	// Set of MFA method UUIDs.
	MfaMethodIds pulumi.StringArrayInput
	// Login enforcement name.
	Name pulumi.StringPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a MfaLoginEnforcement resource.

func (MfaLoginEnforcementArgs) ElementType 

func (MfaLoginEnforcementArgs) ElementType() reflect.Type

type MfaLoginEnforcementArray 

type MfaLoginEnforcementArray []MfaLoginEnforcementInput

func (MfaLoginEnforcementArray) ElementType 

func (MfaLoginEnforcementArray) ElementType() reflect.Type

func (MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutput 

func (i MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutput() MfaLoginEnforcementArrayOutput

func (MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutputWithContext 

func (i MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutputWithContext(ctx context.Context) MfaLoginEnforcementArrayOutput

type MfaLoginEnforcementArrayInput 

type MfaLoginEnforcementArrayInput interface {
	pulumi.Input

	ToMfaLoginEnforcementArrayOutput() MfaLoginEnforcementArrayOutput
	ToMfaLoginEnforcementArrayOutputWithContext(context.Context) MfaLoginEnforcementArrayOutput
}

MfaLoginEnforcementArrayInput is an input type that accepts MfaLoginEnforcementArray and MfaLoginEnforcementArrayOutput values. You can construct a concrete instance of `MfaLoginEnforcementArrayInput` via: 

MfaLoginEnforcementArray{ MfaLoginEnforcementArgs{...} }

type MfaLoginEnforcementArrayOutput 

type MfaLoginEnforcementArrayOutput struct{ *pulumi.OutputState }

func (MfaLoginEnforcementArrayOutput) ElementType 

func (MfaLoginEnforcementArrayOutput) ElementType() reflect.Type

func (MfaLoginEnforcementArrayOutput) Index 

func (o MfaLoginEnforcementArrayOutput) Index(i pulumi.IntInput) MfaLoginEnforcementOutput

func (MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutput 

func (o MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutput() MfaLoginEnforcementArrayOutput

func (MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutputWithContext 

func (o MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutputWithContext(ctx context.Context) MfaLoginEnforcementArrayOutput

type MfaLoginEnforcementInput 

type MfaLoginEnforcementInput interface {
	pulumi.Input

	ToMfaLoginEnforcementOutput() MfaLoginEnforcementOutput
	ToMfaLoginEnforcementOutputWithContext(ctx context.Context) MfaLoginEnforcementOutput
}

type MfaLoginEnforcementMap 

type MfaLoginEnforcementMap map[string]MfaLoginEnforcementInput

func (MfaLoginEnforcementMap) ElementType 

func (MfaLoginEnforcementMap) ElementType() reflect.Type

func (MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutput 

func (i MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutput() MfaLoginEnforcementMapOutput

func (MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutputWithContext 

func (i MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutputWithContext(ctx context.Context) MfaLoginEnforcementMapOutput

type MfaLoginEnforcementMapInput 

type MfaLoginEnforcementMapInput interface {
	pulumi.Input

	ToMfaLoginEnforcementMapOutput() MfaLoginEnforcementMapOutput
	ToMfaLoginEnforcementMapOutputWithContext(context.Context) MfaLoginEnforcementMapOutput
}

MfaLoginEnforcementMapInput is an input type that accepts MfaLoginEnforcementMap and MfaLoginEnforcementMapOutput values. You can construct a concrete instance of `MfaLoginEnforcementMapInput` via: 

MfaLoginEnforcementMap{ "key": MfaLoginEnforcementArgs{...} }

type MfaLoginEnforcementMapOutput 

type MfaLoginEnforcementMapOutput struct{ *pulumi.OutputState }

func (MfaLoginEnforcementMapOutput) ElementType 

func (MfaLoginEnforcementMapOutput) ElementType() reflect.Type

func (MfaLoginEnforcementMapOutput) MapIndex 

func (o MfaLoginEnforcementMapOutput) MapIndex(k pulumi.StringInput) MfaLoginEnforcementOutput

func (MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutput 

func (o MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutput() MfaLoginEnforcementMapOutput

func (MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutputWithContext 

func (o MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutputWithContext(ctx context.Context) MfaLoginEnforcementMapOutput

type MfaLoginEnforcementOutput 

type MfaLoginEnforcementOutput struct{ *pulumi.OutputState }

func (MfaLoginEnforcementOutput) AuthMethodAccessors 

func (o MfaLoginEnforcementOutput) AuthMethodAccessors() pulumi.StringArrayOutput

Set of auth method accessor IDs.

func (MfaLoginEnforcementOutput) AuthMethodTypes 

func (o MfaLoginEnforcementOutput) AuthMethodTypes() pulumi.StringArrayOutput

Set of auth method types.

func (MfaLoginEnforcementOutput) ElementType 

func (MfaLoginEnforcementOutput) ElementType() reflect.Type

func (MfaLoginEnforcementOutput) IdentityEntityIds 

func (o MfaLoginEnforcementOutput) IdentityEntityIds() pulumi.StringArrayOutput

Set of identity entity IDs.

func (MfaLoginEnforcementOutput) IdentityGroupIds 

func (o MfaLoginEnforcementOutput) IdentityGroupIds() pulumi.StringArrayOutput

Set of identity group IDs.

func (MfaLoginEnforcementOutput) MfaMethodIds 

func (o MfaLoginEnforcementOutput) MfaMethodIds() pulumi.StringArrayOutput

Set of MFA method UUIDs.

func (MfaLoginEnforcementOutput) Name 

func (o MfaLoginEnforcementOutput) Name() pulumi.StringOutput

Login enforcement name.

func (MfaLoginEnforcementOutput) Namespace 

func (o MfaLoginEnforcementOutput) Namespace() pulumi.StringPtrOutput

Target namespace. (requires Enterprise)

func (MfaLoginEnforcementOutput) NamespaceId 

func (o MfaLoginEnforcementOutput) NamespaceId() pulumi.StringOutput

Method's namespace ID.

func (MfaLoginEnforcementOutput) NamespacePath 

func (o MfaLoginEnforcementOutput) NamespacePath() pulumi.StringOutput

Method's namespace path.

func (MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutput 

func (o MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutput() MfaLoginEnforcementOutput

func (MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutputWithContext 

func (o MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutputWithContext(ctx context.Context) MfaLoginEnforcementOutput

func (MfaLoginEnforcementOutput) Uuid 

func (o MfaLoginEnforcementOutput) Uuid() pulumi.StringOutput

Resource UUID.

type MfaLoginEnforcementState 

type MfaLoginEnforcementState struct {
	// Set of auth method accessor IDs.
	AuthMethodAccessors pulumi.StringArrayInput
	// Set of auth method types.
	AuthMethodTypes pulumi.StringArrayInput
	// Set of identity entity IDs.
	IdentityEntityIds pulumi.StringArrayInput
	// Set of identity group IDs.
	IdentityGroupIds pulumi.StringArrayInput
	// Set of MFA method UUIDs.
	MfaMethodIds pulumi.StringArrayInput
	// Login enforcement name.
	Name pulumi.StringPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// Method's namespace ID.
	NamespaceId pulumi.StringPtrInput
	// Method's namespace path.
	NamespacePath pulumi.StringPtrInput
	// Resource UUID.
	Uuid pulumi.StringPtrInput
}

func (MfaLoginEnforcementState) ElementType 

func (MfaLoginEnforcementState) ElementType() reflect.Type

type MfaOkta 

type MfaOkta struct {
	pulumi.CustomResourceState

	// Okta API token.
	ApiToken pulumi.StringOutput `pulumi:"apiToken"`
	// The base domain to use for API requests.
	BaseUrl pulumi.StringPtrOutput `pulumi:"baseUrl"`
	// Method ID.
	MethodId pulumi.StringOutput `pulumi:"methodId"`
	// Mount accessor.
	MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"`
	// Method name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Method's namespace ID.
	NamespaceId pulumi.StringOutput `pulumi:"namespaceId"`
	// Method's namespace path.
	NamespacePath pulumi.StringOutput `pulumi:"namespacePath"`
	// Name of the organization to be used in the Okta API.
	OrgName pulumi.StringOutput `pulumi:"orgName"`
	// Only match the primary email for the account.
	PrimaryEmail pulumi.BoolPtrOutput `pulumi:"primaryEmail"`
	// MFA type.
	Type pulumi.StringOutput `pulumi:"type"`
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrOutput `pulumi:"usernameFormat"`
	// Resource UUID.
	Uuid pulumi.StringOutput `pulumi:"uuid"`
}

Resource for configuring the okta MFA method.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewMfaOkta(ctx, "example", &identity.MfaOktaArgs{
			ApiToken: pulumi.String("token1"),
			BaseUrl:  pulumi.String("qux.baz.com"),
			OrgName:  pulumi.String("org1"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Resource can be imported using its `uuid` field, e.g.

```sh $ pulumi import vault:identity/mfaOkta:MfaOkta example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```

func GetMfaOkta 

func GetMfaOkta(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MfaOktaState, opts ...pulumi.ResourceOption) (*MfaOkta, error)

GetMfaOkta gets an existing MfaOkta resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMfaOkta 

func NewMfaOkta(ctx *pulumi.Context,
	name string, args *MfaOktaArgs, opts ...pulumi.ResourceOption) (*MfaOkta, error)

NewMfaOkta registers a new resource with the given unique name, arguments, and options.

func (*MfaOkta) ElementType 

func (*MfaOkta) ElementType() reflect.Type

func (*MfaOkta) ToMfaOktaOutput 

func (i *MfaOkta) ToMfaOktaOutput() MfaOktaOutput

func (*MfaOkta) ToMfaOktaOutputWithContext 

func (i *MfaOkta) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput

type MfaOktaArgs 

type MfaOktaArgs struct {
	// Okta API token.
	ApiToken pulumi.StringInput
	// The base domain to use for API requests.
	BaseUrl pulumi.StringPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// Name of the organization to be used in the Okta API.
	OrgName pulumi.StringInput
	// Only match the primary email for the account.
	PrimaryEmail pulumi.BoolPtrInput
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrInput
}

The set of arguments for constructing a MfaOkta resource.

func (MfaOktaArgs) ElementType 

func (MfaOktaArgs) ElementType() reflect.Type

type MfaOktaArray 

type MfaOktaArray []MfaOktaInput

func (MfaOktaArray) ElementType 

func (MfaOktaArray) ElementType() reflect.Type

func (MfaOktaArray) ToMfaOktaArrayOutput 

func (i MfaOktaArray) ToMfaOktaArrayOutput() MfaOktaArrayOutput

func (MfaOktaArray) ToMfaOktaArrayOutputWithContext 

func (i MfaOktaArray) ToMfaOktaArrayOutputWithContext(ctx context.Context) MfaOktaArrayOutput

type MfaOktaArrayInput 

type MfaOktaArrayInput interface {
	pulumi.Input

	ToMfaOktaArrayOutput() MfaOktaArrayOutput
	ToMfaOktaArrayOutputWithContext(context.Context) MfaOktaArrayOutput
}

MfaOktaArrayInput is an input type that accepts MfaOktaArray and MfaOktaArrayOutput values. You can construct a concrete instance of `MfaOktaArrayInput` via: 

MfaOktaArray{ MfaOktaArgs{...} }

type MfaOktaArrayOutput 

type MfaOktaArrayOutput struct{ *pulumi.OutputState }

func (MfaOktaArrayOutput) ElementType 

func (MfaOktaArrayOutput) ElementType() reflect.Type

func (MfaOktaArrayOutput) Index 

func (o MfaOktaArrayOutput) Index(i pulumi.IntInput) MfaOktaOutput

func (MfaOktaArrayOutput) ToMfaOktaArrayOutput 

func (o MfaOktaArrayOutput) ToMfaOktaArrayOutput() MfaOktaArrayOutput

func (MfaOktaArrayOutput) ToMfaOktaArrayOutputWithContext 

func (o MfaOktaArrayOutput) ToMfaOktaArrayOutputWithContext(ctx context.Context) MfaOktaArrayOutput

type MfaOktaInput 

type MfaOktaInput interface {
	pulumi.Input

	ToMfaOktaOutput() MfaOktaOutput
	ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput
}

type MfaOktaMap 

type MfaOktaMap map[string]MfaOktaInput

func (MfaOktaMap) ElementType 

func (MfaOktaMap) ElementType() reflect.Type

func (MfaOktaMap) ToMfaOktaMapOutput 

func (i MfaOktaMap) ToMfaOktaMapOutput() MfaOktaMapOutput

func (MfaOktaMap) ToMfaOktaMapOutputWithContext 

func (i MfaOktaMap) ToMfaOktaMapOutputWithContext(ctx context.Context) MfaOktaMapOutput

type MfaOktaMapInput 

type MfaOktaMapInput interface {
	pulumi.Input

	ToMfaOktaMapOutput() MfaOktaMapOutput
	ToMfaOktaMapOutputWithContext(context.Context) MfaOktaMapOutput
}

MfaOktaMapInput is an input type that accepts MfaOktaMap and MfaOktaMapOutput values. You can construct a concrete instance of `MfaOktaMapInput` via: 

MfaOktaMap{ "key": MfaOktaArgs{...} }

type MfaOktaMapOutput 

type MfaOktaMapOutput struct{ *pulumi.OutputState }

func (MfaOktaMapOutput) ElementType 

func (MfaOktaMapOutput) ElementType() reflect.Type

func (MfaOktaMapOutput) MapIndex 

func (o MfaOktaMapOutput) MapIndex(k pulumi.StringInput) MfaOktaOutput

func (MfaOktaMapOutput) ToMfaOktaMapOutput 

func (o MfaOktaMapOutput) ToMfaOktaMapOutput() MfaOktaMapOutput

func (MfaOktaMapOutput) ToMfaOktaMapOutputWithContext 

func (o MfaOktaMapOutput) ToMfaOktaMapOutputWithContext(ctx context.Context) MfaOktaMapOutput

type MfaOktaOutput 

type MfaOktaOutput struct{ *pulumi.OutputState }

func (MfaOktaOutput) ApiToken 

func (o MfaOktaOutput) ApiToken() pulumi.StringOutput

Okta API token.

func (MfaOktaOutput) BaseUrl 

func (o MfaOktaOutput) BaseUrl() pulumi.StringPtrOutput

The base domain to use for API requests.

func (MfaOktaOutput) ElementType 

func (MfaOktaOutput) ElementType() reflect.Type

func (MfaOktaOutput) MethodId 

func (o MfaOktaOutput) MethodId() pulumi.StringOutput

Method ID.

func (MfaOktaOutput) MountAccessor 

func (o MfaOktaOutput) MountAccessor() pulumi.StringOutput

Mount accessor.

func (MfaOktaOutput) Name 

func (o MfaOktaOutput) Name() pulumi.StringOutput

Method name.

func (MfaOktaOutput) Namespace 

func (o MfaOktaOutput) Namespace() pulumi.StringPtrOutput

Target namespace. (requires Enterprise)

func (MfaOktaOutput) NamespaceId 

func (o MfaOktaOutput) NamespaceId() pulumi.StringOutput

Method's namespace ID.

func (MfaOktaOutput) NamespacePath 

func (o MfaOktaOutput) NamespacePath() pulumi.StringOutput

Method's namespace path.

func (MfaOktaOutput) OrgName 

func (o MfaOktaOutput) OrgName() pulumi.StringOutput

Name of the organization to be used in the Okta API.

func (MfaOktaOutput) PrimaryEmail 

func (o MfaOktaOutput) PrimaryEmail() pulumi.BoolPtrOutput

Only match the primary email for the account.

func (MfaOktaOutput) ToMfaOktaOutput 

func (o MfaOktaOutput) ToMfaOktaOutput() MfaOktaOutput

func (MfaOktaOutput) ToMfaOktaOutputWithContext 

func (o MfaOktaOutput) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput

func (MfaOktaOutput) Type 

func (o MfaOktaOutput) Type() pulumi.StringOutput

MFA type.

func (MfaOktaOutput) UsernameFormat 

func (o MfaOktaOutput) UsernameFormat() pulumi.StringPtrOutput

A template string for mapping Identity names to MFA methods.

func (MfaOktaOutput) Uuid 

func (o MfaOktaOutput) Uuid() pulumi.StringOutput

Resource UUID.

type MfaOktaState 

type MfaOktaState struct {
	// Okta API token.
	ApiToken pulumi.StringPtrInput
	// The base domain to use for API requests.
	BaseUrl pulumi.StringPtrInput
	// Method ID.
	MethodId pulumi.StringPtrInput
	// Mount accessor.
	MountAccessor pulumi.StringPtrInput
	// Method name.
	Name pulumi.StringPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// Method's namespace ID.
	NamespaceId pulumi.StringPtrInput
	// Method's namespace path.
	NamespacePath pulumi.StringPtrInput
	// Name of the organization to be used in the Okta API.
	OrgName pulumi.StringPtrInput
	// Only match the primary email for the account.
	PrimaryEmail pulumi.BoolPtrInput
	// MFA type.
	Type pulumi.StringPtrInput
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrInput
	// Resource UUID.
	Uuid pulumi.StringPtrInput
}

func (MfaOktaState) ElementType 

func (MfaOktaState) ElementType() reflect.Type

type MfaPingid 

type MfaPingid struct {
	pulumi.CustomResourceState

	// The admin URL, derived from "settingsFileBase64"
	AdminUrl pulumi.StringOutput `pulumi:"adminUrl"`
	// A unique identifier of the organization, derived from "settingsFileBase64"
	AuthenticatorUrl pulumi.StringOutput `pulumi:"authenticatorUrl"`
	// The IDP URL, derived from "settingsFileBase64"
	IdpUrl pulumi.StringOutput `pulumi:"idpUrl"`
	// Method ID.
	MethodId pulumi.StringOutput `pulumi:"methodId"`
	// Mount accessor.
	MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"`
	// Method name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Method's namespace ID.
	NamespaceId pulumi.StringOutput `pulumi:"namespaceId"`
	// Method's namespace path.
	NamespacePath pulumi.StringOutput `pulumi:"namespacePath"`
	// The name of the PingID client organization, derived from "settingsFileBase64"
	OrgAlias pulumi.StringOutput `pulumi:"orgAlias"`
	// A base64-encoded third-party settings contents as retrieved from PingID's configuration page.
	SettingsFileBase64 pulumi.StringOutput `pulumi:"settingsFileBase64"`
	// MFA type.
	Type pulumi.StringOutput `pulumi:"type"`
	// Use signature value, derived from "settingsFileBase64"
	UseSignature pulumi.BoolOutput `pulumi:"useSignature"`
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrOutput `pulumi:"usernameFormat"`
	// Resource UUID.
	Uuid pulumi.StringOutput `pulumi:"uuid"`
}

Resource for configuring the pingid MFA method.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewMfaPingid(ctx, "example", &identity.MfaPingidArgs{
			SettingsFileBase64: pulumi.String("CnVzZV9iYXNlNjR[...]HBtCg=="),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Resource can be imported using its `uuid` field, e.g.

```sh $ pulumi import vault:identity/mfaPingid:MfaPingid example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```

func GetMfaPingid 

func GetMfaPingid(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MfaPingidState, opts ...pulumi.ResourceOption) (*MfaPingid, error)

GetMfaPingid gets an existing MfaPingid resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMfaPingid 

func NewMfaPingid(ctx *pulumi.Context,
	name string, args *MfaPingidArgs, opts ...pulumi.ResourceOption) (*MfaPingid, error)

NewMfaPingid registers a new resource with the given unique name, arguments, and options.

func (*MfaPingid) ElementType 

func (*MfaPingid) ElementType() reflect.Type

func (*MfaPingid) ToMfaPingidOutput 

func (i *MfaPingid) ToMfaPingidOutput() MfaPingidOutput

func (*MfaPingid) ToMfaPingidOutputWithContext 

func (i *MfaPingid) ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidOutput

type MfaPingidArgs 

type MfaPingidArgs struct {
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// A base64-encoded third-party settings contents as retrieved from PingID's configuration page.
	SettingsFileBase64 pulumi.StringInput
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrInput
}

The set of arguments for constructing a MfaPingid resource.

func (MfaPingidArgs) ElementType 

func (MfaPingidArgs) ElementType() reflect.Type

type MfaPingidArray 

type MfaPingidArray []MfaPingidInput

func (MfaPingidArray) ElementType 

func (MfaPingidArray) ElementType() reflect.Type

func (MfaPingidArray) ToMfaPingidArrayOutput 

func (i MfaPingidArray) ToMfaPingidArrayOutput() MfaPingidArrayOutput

func (MfaPingidArray) ToMfaPingidArrayOutputWithContext 

func (i MfaPingidArray) ToMfaPingidArrayOutputWithContext(ctx context.Context) MfaPingidArrayOutput

type MfaPingidArrayInput 

type MfaPingidArrayInput interface {
	pulumi.Input

	ToMfaPingidArrayOutput() MfaPingidArrayOutput
	ToMfaPingidArrayOutputWithContext(context.Context) MfaPingidArrayOutput
}

MfaPingidArrayInput is an input type that accepts MfaPingidArray and MfaPingidArrayOutput values. You can construct a concrete instance of `MfaPingidArrayInput` via: 

MfaPingidArray{ MfaPingidArgs{...} }

type MfaPingidArrayOutput 

type MfaPingidArrayOutput struct{ *pulumi.OutputState }

func (MfaPingidArrayOutput) ElementType 

func (MfaPingidArrayOutput) ElementType() reflect.Type

func (MfaPingidArrayOutput) Index 

func (o MfaPingidArrayOutput) Index(i pulumi.IntInput) MfaPingidOutput

func (MfaPingidArrayOutput) ToMfaPingidArrayOutput 

func (o MfaPingidArrayOutput) ToMfaPingidArrayOutput() MfaPingidArrayOutput

func (MfaPingidArrayOutput) ToMfaPingidArrayOutputWithContext 

func (o MfaPingidArrayOutput) ToMfaPingidArrayOutputWithContext(ctx context.Context) MfaPingidArrayOutput

type MfaPingidInput 

type MfaPingidInput interface {
	pulumi.Input

	ToMfaPingidOutput() MfaPingidOutput
	ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidOutput
}

type MfaPingidMap 

type MfaPingidMap map[string]MfaPingidInput

func (MfaPingidMap) ElementType 

func (MfaPingidMap) ElementType() reflect.Type

func (MfaPingidMap) ToMfaPingidMapOutput 

func (i MfaPingidMap) ToMfaPingidMapOutput() MfaPingidMapOutput

func (MfaPingidMap) ToMfaPingidMapOutputWithContext 

func (i MfaPingidMap) ToMfaPingidMapOutputWithContext(ctx context.Context) MfaPingidMapOutput

type MfaPingidMapInput 

type MfaPingidMapInput interface {
	pulumi.Input

	ToMfaPingidMapOutput() MfaPingidMapOutput
	ToMfaPingidMapOutputWithContext(context.Context) MfaPingidMapOutput
}

MfaPingidMapInput is an input type that accepts MfaPingidMap and MfaPingidMapOutput values. You can construct a concrete instance of `MfaPingidMapInput` via: 

MfaPingidMap{ "key": MfaPingidArgs{...} }

type MfaPingidMapOutput 

type MfaPingidMapOutput struct{ *pulumi.OutputState }

func (MfaPingidMapOutput) ElementType 

func (MfaPingidMapOutput) ElementType() reflect.Type

func (MfaPingidMapOutput) MapIndex 

func (o MfaPingidMapOutput) MapIndex(k pulumi.StringInput) MfaPingidOutput

func (MfaPingidMapOutput) ToMfaPingidMapOutput 

func (o MfaPingidMapOutput) ToMfaPingidMapOutput() MfaPingidMapOutput

func (MfaPingidMapOutput) ToMfaPingidMapOutputWithContext 

func (o MfaPingidMapOutput) ToMfaPingidMapOutputWithContext(ctx context.Context) MfaPingidMapOutput

type MfaPingidOutput 

type MfaPingidOutput struct{ *pulumi.OutputState }

func (MfaPingidOutput) AdminUrl 

func (o MfaPingidOutput) AdminUrl() pulumi.StringOutput

The admin URL, derived from "settingsFileBase64"

func (MfaPingidOutput) AuthenticatorUrl 

func (o MfaPingidOutput) AuthenticatorUrl() pulumi.StringOutput

A unique identifier of the organization, derived from "settingsFileBase64"

func (MfaPingidOutput) ElementType 

func (MfaPingidOutput) ElementType() reflect.Type

func (MfaPingidOutput) IdpUrl 

func (o MfaPingidOutput) IdpUrl() pulumi.StringOutput

The IDP URL, derived from "settingsFileBase64"

func (MfaPingidOutput) MethodId 

func (o MfaPingidOutput) MethodId() pulumi.StringOutput

Method ID.

func (MfaPingidOutput) MountAccessor 

func (o MfaPingidOutput) MountAccessor() pulumi.StringOutput

Mount accessor.

func (MfaPingidOutput) Name 

func (o MfaPingidOutput) Name() pulumi.StringOutput

Method name.

func (MfaPingidOutput) Namespace 

func (o MfaPingidOutput) Namespace() pulumi.StringPtrOutput

Target namespace. (requires Enterprise)

func (MfaPingidOutput) NamespaceId 

func (o MfaPingidOutput) NamespaceId() pulumi.StringOutput

Method's namespace ID.

func (MfaPingidOutput) NamespacePath 

func (o MfaPingidOutput) NamespacePath() pulumi.StringOutput

Method's namespace path.

func (MfaPingidOutput) OrgAlias 

func (o MfaPingidOutput) OrgAlias() pulumi.StringOutput

The name of the PingID client organization, derived from "settingsFileBase64"

func (MfaPingidOutput) SettingsFileBase64 

func (o MfaPingidOutput) SettingsFileBase64() pulumi.StringOutput

A base64-encoded third-party settings contents as retrieved from PingID's configuration page.

func (MfaPingidOutput) ToMfaPingidOutput 

func (o MfaPingidOutput) ToMfaPingidOutput() MfaPingidOutput

func (MfaPingidOutput) ToMfaPingidOutputWithContext 

func (o MfaPingidOutput) ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidOutput

func (MfaPingidOutput) Type 

func (o MfaPingidOutput) Type() pulumi.StringOutput

MFA type.

func (MfaPingidOutput) UseSignature 

func (o MfaPingidOutput) UseSignature() pulumi.BoolOutput

Use signature value, derived from "settingsFileBase64"

func (MfaPingidOutput) UsernameFormat 

func (o MfaPingidOutput) UsernameFormat() pulumi.StringPtrOutput

A template string for mapping Identity names to MFA methods.

func (MfaPingidOutput) Uuid 

func (o MfaPingidOutput) Uuid() pulumi.StringOutput

Resource UUID.

type MfaPingidState 

type MfaPingidState struct {
	// The admin URL, derived from "settingsFileBase64"
	AdminUrl pulumi.StringPtrInput
	// A unique identifier of the organization, derived from "settingsFileBase64"
	AuthenticatorUrl pulumi.StringPtrInput
	// The IDP URL, derived from "settingsFileBase64"
	IdpUrl pulumi.StringPtrInput
	// Method ID.
	MethodId pulumi.StringPtrInput
	// Mount accessor.
	MountAccessor pulumi.StringPtrInput
	// Method name.
	Name pulumi.StringPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// Method's namespace ID.
	NamespaceId pulumi.StringPtrInput
	// Method's namespace path.
	NamespacePath pulumi.StringPtrInput
	// The name of the PingID client organization, derived from "settingsFileBase64"
	OrgAlias pulumi.StringPtrInput
	// A base64-encoded third-party settings contents as retrieved from PingID's configuration page.
	SettingsFileBase64 pulumi.StringPtrInput
	// MFA type.
	Type pulumi.StringPtrInput
	// Use signature value, derived from "settingsFileBase64"
	UseSignature pulumi.BoolPtrInput
	// A template string for mapping Identity names to MFA methods.
	UsernameFormat pulumi.StringPtrInput
	// Resource UUID.
	Uuid pulumi.StringPtrInput
}

func (MfaPingidState) ElementType 

func (MfaPingidState) ElementType() reflect.Type

type MfaTotp 

type MfaTotp struct {
	pulumi.CustomResourceState

	// Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512.
	Algorithm pulumi.StringPtrOutput `pulumi:"algorithm"`
	// The number of digits in the generated TOTP token. This value can either be 6 or 8
	Digits pulumi.IntPtrOutput `pulumi:"digits"`
	// The name of the key's issuing organization.
	Issuer pulumi.StringOutput `pulumi:"issuer"`
	// Specifies the size in bytes of the generated key.
	KeySize pulumi.IntPtrOutput `pulumi:"keySize"`
	// The maximum number of consecutive failed validation attempts allowed.
	MaxValidationAttempts pulumi.IntPtrOutput `pulumi:"maxValidationAttempts"`
	// Method ID.
	MethodId pulumi.StringOutput `pulumi:"methodId"`
	// Mount accessor.
	MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"`
	// Method name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Method's namespace ID.
	NamespaceId pulumi.StringOutput `pulumi:"namespaceId"`
	// Method's namespace path.
	NamespacePath pulumi.StringOutput `pulumi:"namespacePath"`
	// The length of time in seconds used to generate a counter for the TOTP token calculation.
	Period pulumi.IntPtrOutput `pulumi:"period"`
	// The pixel size of the generated square QR code.
	QrSize pulumi.IntOutput `pulumi:"qrSize"`
	// The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1.
	Skew pulumi.IntPtrOutput `pulumi:"skew"`
	// MFA type.
	Type pulumi.StringOutput `pulumi:"type"`
	// Resource UUID.
	Uuid pulumi.StringOutput `pulumi:"uuid"`
}

Resource for configuring the totp MFA method.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewMfaTotp(ctx, "example", &identity.MfaTotpArgs{
			Issuer: pulumi.String("issuer1"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Resource can be imported using its `uuid` field, e.g.

```sh $ pulumi import vault:identity/mfaTotp:MfaTotp example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```

func GetMfaTotp 

func GetMfaTotp(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MfaTotpState, opts ...pulumi.ResourceOption) (*MfaTotp, error)

GetMfaTotp gets an existing MfaTotp resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMfaTotp 

func NewMfaTotp(ctx *pulumi.Context,
	name string, args *MfaTotpArgs, opts ...pulumi.ResourceOption) (*MfaTotp, error)

NewMfaTotp registers a new resource with the given unique name, arguments, and options.

func (*MfaTotp) ElementType 

func (*MfaTotp) ElementType() reflect.Type

func (*MfaTotp) ToMfaTotpOutput 

func (i *MfaTotp) ToMfaTotpOutput() MfaTotpOutput

func (*MfaTotp) ToMfaTotpOutputWithContext 

func (i *MfaTotp) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput

type MfaTotpArgs 

type MfaTotpArgs struct {
	// Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512.
	Algorithm pulumi.StringPtrInput
	// The number of digits in the generated TOTP token. This value can either be 6 or 8
	Digits pulumi.IntPtrInput
	// The name of the key's issuing organization.
	Issuer pulumi.StringInput
	// Specifies the size in bytes of the generated key.
	KeySize pulumi.IntPtrInput
	// The maximum number of consecutive failed validation attempts allowed.
	MaxValidationAttempts pulumi.IntPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// The length of time in seconds used to generate a counter for the TOTP token calculation.
	Period pulumi.IntPtrInput
	// The pixel size of the generated square QR code.
	QrSize pulumi.IntPtrInput
	// The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1.
	Skew pulumi.IntPtrInput
}

The set of arguments for constructing a MfaTotp resource.

func (MfaTotpArgs) ElementType 

func (MfaTotpArgs) ElementType() reflect.Type

type MfaTotpArray 

type MfaTotpArray []MfaTotpInput

func (MfaTotpArray) ElementType 

func (MfaTotpArray) ElementType() reflect.Type

func (MfaTotpArray) ToMfaTotpArrayOutput 

func (i MfaTotpArray) ToMfaTotpArrayOutput() MfaTotpArrayOutput

func (MfaTotpArray) ToMfaTotpArrayOutputWithContext 

func (i MfaTotpArray) ToMfaTotpArrayOutputWithContext(ctx context.Context) MfaTotpArrayOutput

type MfaTotpArrayInput 

type MfaTotpArrayInput interface {
	pulumi.Input

	ToMfaTotpArrayOutput() MfaTotpArrayOutput
	ToMfaTotpArrayOutputWithContext(context.Context) MfaTotpArrayOutput
}

MfaTotpArrayInput is an input type that accepts MfaTotpArray and MfaTotpArrayOutput values. You can construct a concrete instance of `MfaTotpArrayInput` via: 

MfaTotpArray{ MfaTotpArgs{...} }

type MfaTotpArrayOutput 

type MfaTotpArrayOutput struct{ *pulumi.OutputState }

func (MfaTotpArrayOutput) ElementType 

func (MfaTotpArrayOutput) ElementType() reflect.Type

func (MfaTotpArrayOutput) Index 

func (o MfaTotpArrayOutput) Index(i pulumi.IntInput) MfaTotpOutput

func (MfaTotpArrayOutput) ToMfaTotpArrayOutput 

func (o MfaTotpArrayOutput) ToMfaTotpArrayOutput() MfaTotpArrayOutput

func (MfaTotpArrayOutput) ToMfaTotpArrayOutputWithContext 

func (o MfaTotpArrayOutput) ToMfaTotpArrayOutputWithContext(ctx context.Context) MfaTotpArrayOutput

type MfaTotpInput 

type MfaTotpInput interface {
	pulumi.Input

	ToMfaTotpOutput() MfaTotpOutput
	ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput
}

type MfaTotpMap 

type MfaTotpMap map[string]MfaTotpInput

func (MfaTotpMap) ElementType 

func (MfaTotpMap) ElementType() reflect.Type

func (MfaTotpMap) ToMfaTotpMapOutput 

func (i MfaTotpMap) ToMfaTotpMapOutput() MfaTotpMapOutput

func (MfaTotpMap) ToMfaTotpMapOutputWithContext 

func (i MfaTotpMap) ToMfaTotpMapOutputWithContext(ctx context.Context) MfaTotpMapOutput

type MfaTotpMapInput 

type MfaTotpMapInput interface {
	pulumi.Input

	ToMfaTotpMapOutput() MfaTotpMapOutput
	ToMfaTotpMapOutputWithContext(context.Context) MfaTotpMapOutput
}

MfaTotpMapInput is an input type that accepts MfaTotpMap and MfaTotpMapOutput values. You can construct a concrete instance of `MfaTotpMapInput` via: 

MfaTotpMap{ "key": MfaTotpArgs{...} }

type MfaTotpMapOutput 

type MfaTotpMapOutput struct{ *pulumi.OutputState }

func (MfaTotpMapOutput) ElementType 

func (MfaTotpMapOutput) ElementType() reflect.Type

func (MfaTotpMapOutput) MapIndex 

func (o MfaTotpMapOutput) MapIndex(k pulumi.StringInput) MfaTotpOutput

func (MfaTotpMapOutput) ToMfaTotpMapOutput 

func (o MfaTotpMapOutput) ToMfaTotpMapOutput() MfaTotpMapOutput

func (MfaTotpMapOutput) ToMfaTotpMapOutputWithContext 

func (o MfaTotpMapOutput) ToMfaTotpMapOutputWithContext(ctx context.Context) MfaTotpMapOutput

type MfaTotpOutput 

type MfaTotpOutput struct{ *pulumi.OutputState }

func (MfaTotpOutput) Algorithm 

func (o MfaTotpOutput) Algorithm() pulumi.StringPtrOutput

Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512.

func (MfaTotpOutput) Digits 

func (o MfaTotpOutput) Digits() pulumi.IntPtrOutput

The number of digits in the generated TOTP token. This value can either be 6 or 8

func (MfaTotpOutput) ElementType 

func (MfaTotpOutput) ElementType() reflect.Type

func (MfaTotpOutput) Issuer 

func (o MfaTotpOutput) Issuer() pulumi.StringOutput

The name of the key's issuing organization.

func (MfaTotpOutput) KeySize 

func (o MfaTotpOutput) KeySize() pulumi.IntPtrOutput

Specifies the size in bytes of the generated key.

func (MfaTotpOutput) MaxValidationAttempts 

func (o MfaTotpOutput) MaxValidationAttempts() pulumi.IntPtrOutput

The maximum number of consecutive failed validation attempts allowed.

func (MfaTotpOutput) MethodId 

func (o MfaTotpOutput) MethodId() pulumi.StringOutput

Method ID.

func (MfaTotpOutput) MountAccessor 

func (o MfaTotpOutput) MountAccessor() pulumi.StringOutput

Mount accessor.

func (MfaTotpOutput) Name 

func (o MfaTotpOutput) Name() pulumi.StringOutput

Method name.

func (MfaTotpOutput) Namespace 

func (o MfaTotpOutput) Namespace() pulumi.StringPtrOutput

Target namespace. (requires Enterprise)

func (MfaTotpOutput) NamespaceId 

func (o MfaTotpOutput) NamespaceId() pulumi.StringOutput

Method's namespace ID.

func (MfaTotpOutput) NamespacePath 

func (o MfaTotpOutput) NamespacePath() pulumi.StringOutput

Method's namespace path.

func (MfaTotpOutput) Period 

func (o MfaTotpOutput) Period() pulumi.IntPtrOutput

The length of time in seconds used to generate a counter for the TOTP token calculation.

func (MfaTotpOutput) QrSize 

func (o MfaTotpOutput) QrSize() pulumi.IntOutput

The pixel size of the generated square QR code.

func (MfaTotpOutput) Skew 

func (o MfaTotpOutput) Skew() pulumi.IntPtrOutput

The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1.

func (MfaTotpOutput) ToMfaTotpOutput 

func (o MfaTotpOutput) ToMfaTotpOutput() MfaTotpOutput

func (MfaTotpOutput) ToMfaTotpOutputWithContext 

func (o MfaTotpOutput) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput

func (MfaTotpOutput) Type 

func (o MfaTotpOutput) Type() pulumi.StringOutput

MFA type.

func (MfaTotpOutput) Uuid 

func (o MfaTotpOutput) Uuid() pulumi.StringOutput

Resource UUID.

type MfaTotpState 

type MfaTotpState struct {
	// Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512.
	Algorithm pulumi.StringPtrInput
	// The number of digits in the generated TOTP token. This value can either be 6 or 8
	Digits pulumi.IntPtrInput
	// The name of the key's issuing organization.
	Issuer pulumi.StringPtrInput
	// Specifies the size in bytes of the generated key.
	KeySize pulumi.IntPtrInput
	// The maximum number of consecutive failed validation attempts allowed.
	MaxValidationAttempts pulumi.IntPtrInput
	// Method ID.
	MethodId pulumi.StringPtrInput
	// Mount accessor.
	MountAccessor pulumi.StringPtrInput
	// Method name.
	Name pulumi.StringPtrInput
	// Target namespace. (requires Enterprise)
	Namespace pulumi.StringPtrInput
	// Method's namespace ID.
	NamespaceId pulumi.StringPtrInput
	// Method's namespace path.
	NamespacePath pulumi.StringPtrInput
	// The length of time in seconds used to generate a counter for the TOTP token calculation.
	Period pulumi.IntPtrInput
	// The pixel size of the generated square QR code.
	QrSize pulumi.IntPtrInput
	// The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1.
	Skew pulumi.IntPtrInput
	// MFA type.
	Type pulumi.StringPtrInput
	// Resource UUID.
	Uuid pulumi.StringPtrInput
}

func (MfaTotpState) ElementType 

func (MfaTotpState) ElementType() reflect.Type

type Oidc 

type Oidc struct {
	pulumi.CustomResourceState

	// Issuer URL to be used in the iss claim of the token. If not set, Vault's
	// `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains
	// scheme, host, and optionally, port number and path components, but no query or fragment
	// components.
	Issuer pulumi.StringOutput `pulumi:"issuer"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Configure the [Identity Tokens Backend](https://www.vaultproject.io/docs/secrets/identity/index.html#identity-tokens).

The Identity secrets engine is the identity management solution for Vault. It internally maintains the clients who are recognized by Vault.

> **NOTE:** Each Vault server may only have one Identity Tokens Backend configuration. Multiple configurations of the resource against the same Vault server will cause a perpetual difference.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewOidc(ctx, "server", &identity.OidcArgs{
			Issuer: pulumi.String("https://www.acme.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetOidc 

func GetOidc(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcState, opts ...pulumi.ResourceOption) (*Oidc, error)

GetOidc gets an existing Oidc resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidc 

func NewOidc(ctx *pulumi.Context,
	name string, args *OidcArgs, opts ...pulumi.ResourceOption) (*Oidc, error)

NewOidc registers a new resource with the given unique name, arguments, and options.

func (*Oidc) ElementType 

func (*Oidc) ElementType() reflect.Type

func (*Oidc) ToOidcOutput 

func (i *Oidc) ToOidcOutput() OidcOutput

func (*Oidc) ToOidcOutputWithContext 

func (i *Oidc) ToOidcOutputWithContext(ctx context.Context) OidcOutput

type OidcArgs 

type OidcArgs struct {
	// Issuer URL to be used in the iss claim of the token. If not set, Vault's
	// `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains
	// scheme, host, and optionally, port number and path components, but no query or fragment
	// components.
	Issuer pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a Oidc resource.

func (OidcArgs) ElementType 

func (OidcArgs) ElementType() reflect.Type

type OidcArray 

type OidcArray []OidcInput

func (OidcArray) ElementType 

func (OidcArray) ElementType() reflect.Type

func (OidcArray) ToOidcArrayOutput 

func (i OidcArray) ToOidcArrayOutput() OidcArrayOutput

func (OidcArray) ToOidcArrayOutputWithContext 

func (i OidcArray) ToOidcArrayOutputWithContext(ctx context.Context) OidcArrayOutput

type OidcArrayInput 

type OidcArrayInput interface {
	pulumi.Input

	ToOidcArrayOutput() OidcArrayOutput
	ToOidcArrayOutputWithContext(context.Context) OidcArrayOutput
}

OidcArrayInput is an input type that accepts OidcArray and OidcArrayOutput values. You can construct a concrete instance of `OidcArrayInput` via: 

OidcArray{ OidcArgs{...} }

type OidcArrayOutput 

type OidcArrayOutput struct{ *pulumi.OutputState }

func (OidcArrayOutput) ElementType 

func (OidcArrayOutput) ElementType() reflect.Type

func (OidcArrayOutput) Index 

func (o OidcArrayOutput) Index(i pulumi.IntInput) OidcOutput

func (OidcArrayOutput) ToOidcArrayOutput 

func (o OidcArrayOutput) ToOidcArrayOutput() OidcArrayOutput

func (OidcArrayOutput) ToOidcArrayOutputWithContext 

func (o OidcArrayOutput) ToOidcArrayOutputWithContext(ctx context.Context) OidcArrayOutput

type OidcAssignment 

type OidcAssignment struct {
	pulumi.CustomResourceState

	// A set of Vault entity IDs.
	EntityIds pulumi.StringArrayOutput `pulumi:"entityIds"`
	// A set of Vault group IDs.
	GroupIds pulumi.StringArrayOutput `pulumi:"groupIds"`
	// The name of the assignment.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

Manages OIDC Assignments in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) for more information.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type: pulumi.String("internal"),
			Policies: pulumi.StringArray{
				pulumi.String("dev"),
				pulumi.String("test"),
			},
		})
		if err != nil {
			return err
		}
		test, err := identity.NewEntity(ctx, "test", &identity.EntityArgs{
			Policies: pulumi.StringArray{
				pulumi.String("test"),
			},
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcAssignment(ctx, "default", &identity.OidcAssignmentArgs{
			EntityIds: pulumi.StringArray{
				test.ID(),
			},
			GroupIds: pulumi.StringArray{
				internal.ID(),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

OIDC Assignments can be imported using the `name`, e.g.

```sh $ pulumi import vault:identity/oidcAssignment:OidcAssignment default assignment ```

func GetOidcAssignment 

func GetOidcAssignment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcAssignmentState, opts ...pulumi.ResourceOption) (*OidcAssignment, error)

GetOidcAssignment gets an existing OidcAssignment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidcAssignment 

func NewOidcAssignment(ctx *pulumi.Context,
	name string, args *OidcAssignmentArgs, opts ...pulumi.ResourceOption) (*OidcAssignment, error)

NewOidcAssignment registers a new resource with the given unique name, arguments, and options.

func (*OidcAssignment) ElementType 

func (*OidcAssignment) ElementType() reflect.Type

func (*OidcAssignment) ToOidcAssignmentOutput 

func (i *OidcAssignment) ToOidcAssignmentOutput() OidcAssignmentOutput

func (*OidcAssignment) ToOidcAssignmentOutputWithContext 

func (i *OidcAssignment) ToOidcAssignmentOutputWithContext(ctx context.Context) OidcAssignmentOutput

type OidcAssignmentArgs 

type OidcAssignmentArgs struct {
	// A set of Vault entity IDs.
	EntityIds pulumi.StringArrayInput
	// A set of Vault group IDs.
	GroupIds pulumi.StringArrayInput
	// The name of the assignment.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a OidcAssignment resource.

func (OidcAssignmentArgs) ElementType 

func (OidcAssignmentArgs) ElementType() reflect.Type

type OidcAssignmentArray 

type OidcAssignmentArray []OidcAssignmentInput

func (OidcAssignmentArray) ElementType 

func (OidcAssignmentArray) ElementType() reflect.Type

func (OidcAssignmentArray) ToOidcAssignmentArrayOutput 

func (i OidcAssignmentArray) ToOidcAssignmentArrayOutput() OidcAssignmentArrayOutput

func (OidcAssignmentArray) ToOidcAssignmentArrayOutputWithContext 

func (i OidcAssignmentArray) ToOidcAssignmentArrayOutputWithContext(ctx context.Context) OidcAssignmentArrayOutput

type OidcAssignmentArrayInput 

type OidcAssignmentArrayInput interface {
	pulumi.Input

	ToOidcAssignmentArrayOutput() OidcAssignmentArrayOutput
	ToOidcAssignmentArrayOutputWithContext(context.Context) OidcAssignmentArrayOutput
}

OidcAssignmentArrayInput is an input type that accepts OidcAssignmentArray and OidcAssignmentArrayOutput values. You can construct a concrete instance of `OidcAssignmentArrayInput` via: 

OidcAssignmentArray{ OidcAssignmentArgs{...} }

type OidcAssignmentArrayOutput 

type OidcAssignmentArrayOutput struct{ *pulumi.OutputState }

func (OidcAssignmentArrayOutput) ElementType 

func (OidcAssignmentArrayOutput) ElementType() reflect.Type

func (OidcAssignmentArrayOutput) Index 

func (o OidcAssignmentArrayOutput) Index(i pulumi.IntInput) OidcAssignmentOutput

func (OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutput 

func (o OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutput() OidcAssignmentArrayOutput

func (OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutputWithContext 

func (o OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutputWithContext(ctx context.Context) OidcAssignmentArrayOutput

type OidcAssignmentInput 

type OidcAssignmentInput interface {
	pulumi.Input

	ToOidcAssignmentOutput() OidcAssignmentOutput
	ToOidcAssignmentOutputWithContext(ctx context.Context) OidcAssignmentOutput
}

type OidcAssignmentMap 

type OidcAssignmentMap map[string]OidcAssignmentInput

func (OidcAssignmentMap) ElementType 

func (OidcAssignmentMap) ElementType() reflect.Type

func (OidcAssignmentMap) ToOidcAssignmentMapOutput 

func (i OidcAssignmentMap) ToOidcAssignmentMapOutput() OidcAssignmentMapOutput

func (OidcAssignmentMap) ToOidcAssignmentMapOutputWithContext 

func (i OidcAssignmentMap) ToOidcAssignmentMapOutputWithContext(ctx context.Context) OidcAssignmentMapOutput

type OidcAssignmentMapInput 

type OidcAssignmentMapInput interface {
	pulumi.Input

	ToOidcAssignmentMapOutput() OidcAssignmentMapOutput
	ToOidcAssignmentMapOutputWithContext(context.Context) OidcAssignmentMapOutput
}

OidcAssignmentMapInput is an input type that accepts OidcAssignmentMap and OidcAssignmentMapOutput values. You can construct a concrete instance of `OidcAssignmentMapInput` via: 

OidcAssignmentMap{ "key": OidcAssignmentArgs{...} }

type OidcAssignmentMapOutput 

type OidcAssignmentMapOutput struct{ *pulumi.OutputState }

func (OidcAssignmentMapOutput) ElementType 

func (OidcAssignmentMapOutput) ElementType() reflect.Type

func (OidcAssignmentMapOutput) MapIndex 

func (o OidcAssignmentMapOutput) MapIndex(k pulumi.StringInput) OidcAssignmentOutput

func (OidcAssignmentMapOutput) ToOidcAssignmentMapOutput 

func (o OidcAssignmentMapOutput) ToOidcAssignmentMapOutput() OidcAssignmentMapOutput

func (OidcAssignmentMapOutput) ToOidcAssignmentMapOutputWithContext 

func (o OidcAssignmentMapOutput) ToOidcAssignmentMapOutputWithContext(ctx context.Context) OidcAssignmentMapOutput

type OidcAssignmentOutput 

type OidcAssignmentOutput struct{ *pulumi.OutputState }

func (OidcAssignmentOutput) ElementType 

func (OidcAssignmentOutput) ElementType() reflect.Type

func (OidcAssignmentOutput) EntityIds 

func (o OidcAssignmentOutput) EntityIds() pulumi.StringArrayOutput

A set of Vault entity IDs.

func (OidcAssignmentOutput) GroupIds 

func (o OidcAssignmentOutput) GroupIds() pulumi.StringArrayOutput

A set of Vault group IDs.

func (OidcAssignmentOutput) Name 

func (o OidcAssignmentOutput) Name() pulumi.StringOutput

The name of the assignment.

func (OidcAssignmentOutput) Namespace 

func (o OidcAssignmentOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcAssignmentOutput) ToOidcAssignmentOutput 

func (o OidcAssignmentOutput) ToOidcAssignmentOutput() OidcAssignmentOutput

func (OidcAssignmentOutput) ToOidcAssignmentOutputWithContext 

func (o OidcAssignmentOutput) ToOidcAssignmentOutputWithContext(ctx context.Context) OidcAssignmentOutput

type OidcAssignmentState 

type OidcAssignmentState struct {
	// A set of Vault entity IDs.
	EntityIds pulumi.StringArrayInput
	// A set of Vault group IDs.
	GroupIds pulumi.StringArrayInput
	// The name of the assignment.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (OidcAssignmentState) ElementType 

func (OidcAssignmentState) ElementType() reflect.Type

type OidcClient 

type OidcClient struct {
	pulumi.CustomResourceState

	// The time-to-live for access tokens obtained by the client.
	AccessTokenTtl pulumi.IntOutput `pulumi:"accessTokenTtl"`
	// A list of assignment resources associated with the client.
	Assignments pulumi.StringArrayOutput `pulumi:"assignments"`
	// The Client ID returned by Vault.
	ClientId pulumi.StringOutput `pulumi:"clientId"`
	// The Client Secret Key returned by Vault.
	// For public OpenID Clients `clientSecret` is set to an empty string `""`
	ClientSecret pulumi.StringOutput `pulumi:"clientSecret"`
	// The client type based on its ability to maintain confidentiality of credentials.
	// The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
	ClientType pulumi.StringOutput `pulumi:"clientType"`
	// The time-to-live for ID tokens obtained by the client.
	// The value should be less than the `verificationTtl` on the key.
	IdTokenTtl pulumi.IntOutput `pulumi:"idTokenTtl"`
	// A reference to a named key resource in Vault.
	// This cannot be modified after creation. If not provided, the `default`
	// key is used.
	Key pulumi.StringOutput `pulumi:"key"`
	// The name of the client.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Redirection URI values used by the client.
	// One of these values must exactly match the `redirectUri` parameter value
	// used in each authentication request.
	RedirectUris pulumi.StringArrayOutput `pulumi:"redirectUris"`
}

Manages OIDC Clients in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) for more information.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testOidcAssignment, err := identity.NewOidcAssignment(ctx, "testOidcAssignment", &identity.OidcAssignmentArgs{
			EntityIds: pulumi.StringArray{
				pulumi.String("ascbascas-2231a-sdfaa"),
			},
			GroupIds: pulumi.StringArray{
				pulumi.String("sajkdsad-32414-sfsada"),
			},
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcClient(ctx, "testOidcClient", &identity.OidcClientArgs{
			RedirectUris: pulumi.StringArray{
				pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"),
				pulumi.String("http://127.0.0.1:8251/callback"),
				pulumi.String("http://127.0.0.1:8080/callback"),
			},
			Assignments: pulumi.StringArray{
				testOidcAssignment.Name,
			},
			IdTokenTtl:     pulumi.Int(2400),
			AccessTokenTtl: pulumi.Int(7200),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

OIDC Clients can be imported using the `name`, e.g.

```sh $ pulumi import vault:identity/oidcClient:OidcClient test my-app ```

func GetOidcClient 

func GetOidcClient(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcClientState, opts ...pulumi.ResourceOption) (*OidcClient, error)

GetOidcClient gets an existing OidcClient resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidcClient 

func NewOidcClient(ctx *pulumi.Context,
	name string, args *OidcClientArgs, opts ...pulumi.ResourceOption) (*OidcClient, error)

NewOidcClient registers a new resource with the given unique name, arguments, and options.

func (*OidcClient) ElementType 

func (*OidcClient) ElementType() reflect.Type

func (*OidcClient) ToOidcClientOutput 

func (i *OidcClient) ToOidcClientOutput() OidcClientOutput

func (*OidcClient) ToOidcClientOutputWithContext 

func (i *OidcClient) ToOidcClientOutputWithContext(ctx context.Context) OidcClientOutput

type OidcClientArgs 

type OidcClientArgs struct {
	// The time-to-live for access tokens obtained by the client.
	AccessTokenTtl pulumi.IntPtrInput
	// A list of assignment resources associated with the client.
	Assignments pulumi.StringArrayInput
	// The client type based on its ability to maintain confidentiality of credentials.
	// The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
	ClientType pulumi.StringPtrInput
	// The time-to-live for ID tokens obtained by the client.
	// The value should be less than the `verificationTtl` on the key.
	IdTokenTtl pulumi.IntPtrInput
	// A reference to a named key resource in Vault.
	// This cannot be modified after creation. If not provided, the `default`
	// key is used.
	Key pulumi.StringPtrInput
	// The name of the client.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Redirection URI values used by the client.
	// One of these values must exactly match the `redirectUri` parameter value
	// used in each authentication request.
	RedirectUris pulumi.StringArrayInput
}

The set of arguments for constructing a OidcClient resource.

func (OidcClientArgs) ElementType 

func (OidcClientArgs) ElementType() reflect.Type

type OidcClientArray 

type OidcClientArray []OidcClientInput

func (OidcClientArray) ElementType 

func (OidcClientArray) ElementType() reflect.Type

func (OidcClientArray) ToOidcClientArrayOutput 

func (i OidcClientArray) ToOidcClientArrayOutput() OidcClientArrayOutput

func (OidcClientArray) ToOidcClientArrayOutputWithContext 

func (i OidcClientArray) ToOidcClientArrayOutputWithContext(ctx context.Context) OidcClientArrayOutput

type OidcClientArrayInput 

type OidcClientArrayInput interface {
	pulumi.Input

	ToOidcClientArrayOutput() OidcClientArrayOutput
	ToOidcClientArrayOutputWithContext(context.Context) OidcClientArrayOutput
}

OidcClientArrayInput is an input type that accepts OidcClientArray and OidcClientArrayOutput values. You can construct a concrete instance of `OidcClientArrayInput` via: 

OidcClientArray{ OidcClientArgs{...} }

type OidcClientArrayOutput 

type OidcClientArrayOutput struct{ *pulumi.OutputState }

func (OidcClientArrayOutput) ElementType 

func (OidcClientArrayOutput) ElementType() reflect.Type

func (OidcClientArrayOutput) Index 

func (o OidcClientArrayOutput) Index(i pulumi.IntInput) OidcClientOutput

func (OidcClientArrayOutput) ToOidcClientArrayOutput 

func (o OidcClientArrayOutput) ToOidcClientArrayOutput() OidcClientArrayOutput

func (OidcClientArrayOutput) ToOidcClientArrayOutputWithContext 

func (o OidcClientArrayOutput) ToOidcClientArrayOutputWithContext(ctx context.Context) OidcClientArrayOutput

type OidcClientInput 

type OidcClientInput interface {
	pulumi.Input

	ToOidcClientOutput() OidcClientOutput
	ToOidcClientOutputWithContext(ctx context.Context) OidcClientOutput
}

type OidcClientMap 

type OidcClientMap map[string]OidcClientInput

func (OidcClientMap) ElementType 

func (OidcClientMap) ElementType() reflect.Type

func (OidcClientMap) ToOidcClientMapOutput 

func (i OidcClientMap) ToOidcClientMapOutput() OidcClientMapOutput

func (OidcClientMap) ToOidcClientMapOutputWithContext 

func (i OidcClientMap) ToOidcClientMapOutputWithContext(ctx context.Context) OidcClientMapOutput

type OidcClientMapInput 

type OidcClientMapInput interface {
	pulumi.Input

	ToOidcClientMapOutput() OidcClientMapOutput
	ToOidcClientMapOutputWithContext(context.Context) OidcClientMapOutput
}

OidcClientMapInput is an input type that accepts OidcClientMap and OidcClientMapOutput values. You can construct a concrete instance of `OidcClientMapInput` via: 

OidcClientMap{ "key": OidcClientArgs{...} }

type OidcClientMapOutput 

type OidcClientMapOutput struct{ *pulumi.OutputState }

func (OidcClientMapOutput) ElementType 

func (OidcClientMapOutput) ElementType() reflect.Type

func (OidcClientMapOutput) MapIndex 

func (o OidcClientMapOutput) MapIndex(k pulumi.StringInput) OidcClientOutput

func (OidcClientMapOutput) ToOidcClientMapOutput 

func (o OidcClientMapOutput) ToOidcClientMapOutput() OidcClientMapOutput

func (OidcClientMapOutput) ToOidcClientMapOutputWithContext 

func (o OidcClientMapOutput) ToOidcClientMapOutputWithContext(ctx context.Context) OidcClientMapOutput

type OidcClientOutput 

type OidcClientOutput struct{ *pulumi.OutputState }

func (OidcClientOutput) AccessTokenTtl 

func (o OidcClientOutput) AccessTokenTtl() pulumi.IntOutput

The time-to-live for access tokens obtained by the client.

func (OidcClientOutput) Assignments 

func (o OidcClientOutput) Assignments() pulumi.StringArrayOutput

A list of assignment resources associated with the client.

func (OidcClientOutput) ClientId 

func (o OidcClientOutput) ClientId() pulumi.StringOutput

The Client ID returned by Vault.

func (OidcClientOutput) ClientSecret 

func (o OidcClientOutput) ClientSecret() pulumi.StringOutput

The Client Secret Key returned by Vault. For public OpenID Clients `clientSecret` is set to an empty string `""`

func (OidcClientOutput) ClientType 

func (o OidcClientOutput) ClientType() pulumi.StringOutput

The client type based on its ability to maintain confidentiality of credentials. The following client types are supported: `confidential`, `public`. Defaults to `confidential`.

func (OidcClientOutput) ElementType 

func (OidcClientOutput) ElementType() reflect.Type

func (OidcClientOutput) IdTokenTtl 

func (o OidcClientOutput) IdTokenTtl() pulumi.IntOutput

The time-to-live for ID tokens obtained by the client. The value should be less than the `verificationTtl` on the key.

func (OidcClientOutput) Key 

func (o OidcClientOutput) Key() pulumi.StringOutput

A reference to a named key resource in Vault. This cannot be modified after creation. If not provided, the `default` key is used.

func (OidcClientOutput) Name 

func (o OidcClientOutput) Name() pulumi.StringOutput

The name of the client.

func (OidcClientOutput) Namespace 

func (o OidcClientOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcClientOutput) RedirectUris 

func (o OidcClientOutput) RedirectUris() pulumi.StringArrayOutput

Redirection URI values used by the client. One of these values must exactly match the `redirectUri` parameter value used in each authentication request.

func (OidcClientOutput) ToOidcClientOutput 

func (o OidcClientOutput) ToOidcClientOutput() OidcClientOutput

func (OidcClientOutput) ToOidcClientOutputWithContext 

func (o OidcClientOutput) ToOidcClientOutputWithContext(ctx context.Context) OidcClientOutput

type OidcClientState 

type OidcClientState struct {
	// The time-to-live for access tokens obtained by the client.
	AccessTokenTtl pulumi.IntPtrInput
	// A list of assignment resources associated with the client.
	Assignments pulumi.StringArrayInput
	// The Client ID returned by Vault.
	ClientId pulumi.StringPtrInput
	// The Client Secret Key returned by Vault.
	// For public OpenID Clients `clientSecret` is set to an empty string `""`
	ClientSecret pulumi.StringPtrInput
	// The client type based on its ability to maintain confidentiality of credentials.
	// The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
	ClientType pulumi.StringPtrInput
	// The time-to-live for ID tokens obtained by the client.
	// The value should be less than the `verificationTtl` on the key.
	IdTokenTtl pulumi.IntPtrInput
	// A reference to a named key resource in Vault.
	// This cannot be modified after creation. If not provided, the `default`
	// key is used.
	Key pulumi.StringPtrInput
	// The name of the client.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Redirection URI values used by the client.
	// One of these values must exactly match the `redirectUri` parameter value
	// used in each authentication request.
	RedirectUris pulumi.StringArrayInput
}

func (OidcClientState) ElementType 

func (OidcClientState) ElementType() reflect.Type

type OidcInput 

type OidcInput interface {
	pulumi.Input

	ToOidcOutput() OidcOutput
	ToOidcOutputWithContext(ctx context.Context) OidcOutput
}

type OidcKey 

type OidcKey struct {
	pulumi.CustomResourceState

	// Signing algorithm to use. Signing algorithm to use.
	// Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.
	Algorithm pulumi.StringPtrOutput `pulumi:"algorithm"`
	// Array of role client ID allowed to use this key for signing. If
	// empty, no roles are allowed. If `["*"]`, all roles are allowed.
	AllowedClientIds pulumi.StringArrayOutput `pulumi:"allowedClientIds"`
	// Name of the OIDC Key to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// How often to generate a new signing key in number of seconds
	RotationPeriod pulumi.IntPtrOutput `pulumi:"rotationPeriod"`
	// "Controls how long the public portion of a signing key will be
	// available for verification after being rotated in seconds.
	VerificationTtl pulumi.IntPtrOutput `pulumi:"verificationTtl"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{
			Algorithm: pulumi.String("RS256"),
		})
		if err != nil {
			return err
		}
		roleOidcRole, err := identity.NewOidcRole(ctx, "roleOidcRole", &identity.OidcRoleArgs{
			Key: key.Name,
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcKeyAllowedClientID(ctx, "roleOidcKeyAllowedClientID", &identity.OidcKeyAllowedClientIDArgs{
			KeyName:         key.Name,
			AllowedClientId: roleOidcRole.ClientId,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

The key can be imported with the key name, for example:

```sh $ pulumi import vault:identity/oidcKey:OidcKey key key ```

func GetOidcKey 

func GetOidcKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcKeyState, opts ...pulumi.ResourceOption) (*OidcKey, error)

GetOidcKey gets an existing OidcKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidcKey 

func NewOidcKey(ctx *pulumi.Context,
	name string, args *OidcKeyArgs, opts ...pulumi.ResourceOption) (*OidcKey, error)

NewOidcKey registers a new resource with the given unique name, arguments, and options.

func (*OidcKey) ElementType 

func (*OidcKey) ElementType() reflect.Type

func (*OidcKey) ToOidcKeyOutput 

func (i *OidcKey) ToOidcKeyOutput() OidcKeyOutput

func (*OidcKey) ToOidcKeyOutputWithContext 

func (i *OidcKey) ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput

type OidcKeyAllowedClientID 

type OidcKeyAllowedClientID struct {
	pulumi.CustomResourceState

	// Client ID to allow usage with the OIDC named key
	AllowedClientId pulumi.StringOutput `pulumi:"allowedClientId"`
	// Name of the OIDC Key allow the Client ID.
	KeyName pulumi.StringOutput `pulumi:"keyName"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{
			Algorithm: pulumi.String("RS256"),
		})
		if err != nil {
			return err
		}
		roleOidcRole, err := identity.NewOidcRole(ctx, "roleOidcRole", &identity.OidcRoleArgs{
			Key: key.Name,
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcKeyAllowedClientID(ctx, "roleOidcKeyAllowedClientID", &identity.OidcKeyAllowedClientIDArgs{
			KeyName:         key.Name,
			AllowedClientId: roleOidcRole.ClientId,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetOidcKeyAllowedClientID 

func GetOidcKeyAllowedClientID(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcKeyAllowedClientIDState, opts ...pulumi.ResourceOption) (*OidcKeyAllowedClientID, error)

GetOidcKeyAllowedClientID gets an existing OidcKeyAllowedClientID resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidcKeyAllowedClientID 

func NewOidcKeyAllowedClientID(ctx *pulumi.Context,
	name string, args *OidcKeyAllowedClientIDArgs, opts ...pulumi.ResourceOption) (*OidcKeyAllowedClientID, error)

NewOidcKeyAllowedClientID registers a new resource with the given unique name, arguments, and options.

func (*OidcKeyAllowedClientID) ElementType 

func (*OidcKeyAllowedClientID) ElementType() reflect.Type

func (*OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutput 

func (i *OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutput() OidcKeyAllowedClientIDOutput

func (*OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutputWithContext 

func (i *OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDOutput

type OidcKeyAllowedClientIDArgs 

type OidcKeyAllowedClientIDArgs struct {
	// Client ID to allow usage with the OIDC named key
	AllowedClientId pulumi.StringInput
	// Name of the OIDC Key allow the Client ID.
	KeyName pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a OidcKeyAllowedClientID resource.

func (OidcKeyAllowedClientIDArgs) ElementType 

func (OidcKeyAllowedClientIDArgs) ElementType() reflect.Type

type OidcKeyAllowedClientIDArray 

type OidcKeyAllowedClientIDArray []OidcKeyAllowedClientIDInput

func (OidcKeyAllowedClientIDArray) ElementType 

func (OidcKeyAllowedClientIDArray) ElementType() reflect.Type

func (OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutput 

func (i OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput

func (OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutputWithContext 

func (i OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDArrayOutput

type OidcKeyAllowedClientIDArrayInput 

type OidcKeyAllowedClientIDArrayInput interface {
	pulumi.Input

	ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput
	ToOidcKeyAllowedClientIDArrayOutputWithContext(context.Context) OidcKeyAllowedClientIDArrayOutput
}

OidcKeyAllowedClientIDArrayInput is an input type that accepts OidcKeyAllowedClientIDArray and OidcKeyAllowedClientIDArrayOutput values. You can construct a concrete instance of `OidcKeyAllowedClientIDArrayInput` via: 

OidcKeyAllowedClientIDArray{ OidcKeyAllowedClientIDArgs{...} }

type OidcKeyAllowedClientIDArrayOutput 

type OidcKeyAllowedClientIDArrayOutput struct{ *pulumi.OutputState }

func (OidcKeyAllowedClientIDArrayOutput) ElementType 

func (OidcKeyAllowedClientIDArrayOutput) ElementType() reflect.Type

func (OidcKeyAllowedClientIDArrayOutput) Index 

func (o OidcKeyAllowedClientIDArrayOutput) Index(i pulumi.IntInput) OidcKeyAllowedClientIDOutput

func (OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutput 

func (o OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput

func (OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutputWithContext 

func (o OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDArrayOutput

type OidcKeyAllowedClientIDInput 

type OidcKeyAllowedClientIDInput interface {
	pulumi.Input

	ToOidcKeyAllowedClientIDOutput() OidcKeyAllowedClientIDOutput
	ToOidcKeyAllowedClientIDOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDOutput
}

type OidcKeyAllowedClientIDMap 

type OidcKeyAllowedClientIDMap map[string]OidcKeyAllowedClientIDInput

func (OidcKeyAllowedClientIDMap) ElementType 

func (OidcKeyAllowedClientIDMap) ElementType() reflect.Type

func (OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutput 

func (i OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutput() OidcKeyAllowedClientIDMapOutput

func (OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutputWithContext 

func (i OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDMapOutput

type OidcKeyAllowedClientIDMapInput 

type OidcKeyAllowedClientIDMapInput interface {
	pulumi.Input

	ToOidcKeyAllowedClientIDMapOutput() OidcKeyAllowedClientIDMapOutput
	ToOidcKeyAllowedClientIDMapOutputWithContext(context.Context) OidcKeyAllowedClientIDMapOutput
}

OidcKeyAllowedClientIDMapInput is an input type that accepts OidcKeyAllowedClientIDMap and OidcKeyAllowedClientIDMapOutput values. You can construct a concrete instance of `OidcKeyAllowedClientIDMapInput` via: 

OidcKeyAllowedClientIDMap{ "key": OidcKeyAllowedClientIDArgs{...} }

type OidcKeyAllowedClientIDMapOutput 

type OidcKeyAllowedClientIDMapOutput struct{ *pulumi.OutputState }

func (OidcKeyAllowedClientIDMapOutput) ElementType 

func (OidcKeyAllowedClientIDMapOutput) ElementType() reflect.Type

func (OidcKeyAllowedClientIDMapOutput) MapIndex 

func (o OidcKeyAllowedClientIDMapOutput) MapIndex(k pulumi.StringInput) OidcKeyAllowedClientIDOutput

func (OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutput 

func (o OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutput() OidcKeyAllowedClientIDMapOutput

func (OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutputWithContext 

func (o OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDMapOutput

type OidcKeyAllowedClientIDOutput 

type OidcKeyAllowedClientIDOutput struct{ *pulumi.OutputState }

func (OidcKeyAllowedClientIDOutput) AllowedClientId 

func (o OidcKeyAllowedClientIDOutput) AllowedClientId() pulumi.StringOutput

Client ID to allow usage with the OIDC named key

func (OidcKeyAllowedClientIDOutput) ElementType 

func (OidcKeyAllowedClientIDOutput) ElementType() reflect.Type

func (OidcKeyAllowedClientIDOutput) KeyName 

func (o OidcKeyAllowedClientIDOutput) KeyName() pulumi.StringOutput

Name of the OIDC Key allow the Client ID.

func (OidcKeyAllowedClientIDOutput) Namespace 

func (o OidcKeyAllowedClientIDOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutput 

func (o OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutput() OidcKeyAllowedClientIDOutput

func (OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutputWithContext 

func (o OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDOutput

type OidcKeyAllowedClientIDState 

type OidcKeyAllowedClientIDState struct {
	// Client ID to allow usage with the OIDC named key
	AllowedClientId pulumi.StringPtrInput
	// Name of the OIDC Key allow the Client ID.
	KeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (OidcKeyAllowedClientIDState) ElementType 

func (OidcKeyAllowedClientIDState) ElementType() reflect.Type

type OidcKeyArgs 

type OidcKeyArgs struct {
	// Signing algorithm to use. Signing algorithm to use.
	// Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.
	Algorithm pulumi.StringPtrInput
	// Array of role client ID allowed to use this key for signing. If
	// empty, no roles are allowed. If `["*"]`, all roles are allowed.
	AllowedClientIds pulumi.StringArrayInput
	// Name of the OIDC Key to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// How often to generate a new signing key in number of seconds
	RotationPeriod pulumi.IntPtrInput
	// "Controls how long the public portion of a signing key will be
	// available for verification after being rotated in seconds.
	VerificationTtl pulumi.IntPtrInput
}

The set of arguments for constructing a OidcKey resource.

func (OidcKeyArgs) ElementType 

func (OidcKeyArgs) ElementType() reflect.Type

type OidcKeyArray 

type OidcKeyArray []OidcKeyInput

func (OidcKeyArray) ElementType 

func (OidcKeyArray) ElementType() reflect.Type

func (OidcKeyArray) ToOidcKeyArrayOutput 

func (i OidcKeyArray) ToOidcKeyArrayOutput() OidcKeyArrayOutput

func (OidcKeyArray) ToOidcKeyArrayOutputWithContext 

func (i OidcKeyArray) ToOidcKeyArrayOutputWithContext(ctx context.Context) OidcKeyArrayOutput

type OidcKeyArrayInput 

type OidcKeyArrayInput interface {
	pulumi.Input

	ToOidcKeyArrayOutput() OidcKeyArrayOutput
	ToOidcKeyArrayOutputWithContext(context.Context) OidcKeyArrayOutput
}

OidcKeyArrayInput is an input type that accepts OidcKeyArray and OidcKeyArrayOutput values. You can construct a concrete instance of `OidcKeyArrayInput` via: 

OidcKeyArray{ OidcKeyArgs{...} }

type OidcKeyArrayOutput 

type OidcKeyArrayOutput struct{ *pulumi.OutputState }

func (OidcKeyArrayOutput) ElementType 

func (OidcKeyArrayOutput) ElementType() reflect.Type

func (OidcKeyArrayOutput) Index 

func (o OidcKeyArrayOutput) Index(i pulumi.IntInput) OidcKeyOutput

func (OidcKeyArrayOutput) ToOidcKeyArrayOutput 

func (o OidcKeyArrayOutput) ToOidcKeyArrayOutput() OidcKeyArrayOutput

func (OidcKeyArrayOutput) ToOidcKeyArrayOutputWithContext 

func (o OidcKeyArrayOutput) ToOidcKeyArrayOutputWithContext(ctx context.Context) OidcKeyArrayOutput

type OidcKeyInput 

type OidcKeyInput interface {
	pulumi.Input

	ToOidcKeyOutput() OidcKeyOutput
	ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput
}

type OidcKeyMap 

type OidcKeyMap map[string]OidcKeyInput

func (OidcKeyMap) ElementType 

func (OidcKeyMap) ElementType() reflect.Type

func (OidcKeyMap) ToOidcKeyMapOutput 

func (i OidcKeyMap) ToOidcKeyMapOutput() OidcKeyMapOutput

func (OidcKeyMap) ToOidcKeyMapOutputWithContext 

func (i OidcKeyMap) ToOidcKeyMapOutputWithContext(ctx context.Context) OidcKeyMapOutput

type OidcKeyMapInput 

type OidcKeyMapInput interface {
	pulumi.Input

	ToOidcKeyMapOutput() OidcKeyMapOutput
	ToOidcKeyMapOutputWithContext(context.Context) OidcKeyMapOutput
}

OidcKeyMapInput is an input type that accepts OidcKeyMap and OidcKeyMapOutput values. You can construct a concrete instance of `OidcKeyMapInput` via: 

OidcKeyMap{ "key": OidcKeyArgs{...} }

type OidcKeyMapOutput 

type OidcKeyMapOutput struct{ *pulumi.OutputState }

func (OidcKeyMapOutput) ElementType 

func (OidcKeyMapOutput) ElementType() reflect.Type

func (OidcKeyMapOutput) MapIndex 

func (o OidcKeyMapOutput) MapIndex(k pulumi.StringInput) OidcKeyOutput

func (OidcKeyMapOutput) ToOidcKeyMapOutput 

func (o OidcKeyMapOutput) ToOidcKeyMapOutput() OidcKeyMapOutput

func (OidcKeyMapOutput) ToOidcKeyMapOutputWithContext 

func (o OidcKeyMapOutput) ToOidcKeyMapOutputWithContext(ctx context.Context) OidcKeyMapOutput

type OidcKeyOutput 

type OidcKeyOutput struct{ *pulumi.OutputState }

func (OidcKeyOutput) Algorithm 

func (o OidcKeyOutput) Algorithm() pulumi.StringPtrOutput

Signing algorithm to use. Signing algorithm to use. Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.

func (OidcKeyOutput) AllowedClientIds 

func (o OidcKeyOutput) AllowedClientIds() pulumi.StringArrayOutput

Array of role client ID allowed to use this key for signing. If empty, no roles are allowed. If `["*"]`, all roles are allowed.

func (OidcKeyOutput) ElementType 

func (OidcKeyOutput) ElementType() reflect.Type

func (OidcKeyOutput) Name 

func (o OidcKeyOutput) Name() pulumi.StringOutput

Name of the OIDC Key to create.

func (OidcKeyOutput) Namespace 

func (o OidcKeyOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcKeyOutput) RotationPeriod 

func (o OidcKeyOutput) RotationPeriod() pulumi.IntPtrOutput

How often to generate a new signing key in number of seconds

func (OidcKeyOutput) ToOidcKeyOutput 

func (o OidcKeyOutput) ToOidcKeyOutput() OidcKeyOutput

func (OidcKeyOutput) ToOidcKeyOutputWithContext 

func (o OidcKeyOutput) ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput

func (OidcKeyOutput) VerificationTtl 

func (o OidcKeyOutput) VerificationTtl() pulumi.IntPtrOutput

"Controls how long the public portion of a signing key will be available for verification after being rotated in seconds.

type OidcKeyState 

type OidcKeyState struct {
	// Signing algorithm to use. Signing algorithm to use.
	// Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.
	Algorithm pulumi.StringPtrInput
	// Array of role client ID allowed to use this key for signing. If
	// empty, no roles are allowed. If `["*"]`, all roles are allowed.
	AllowedClientIds pulumi.StringArrayInput
	// Name of the OIDC Key to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// How often to generate a new signing key in number of seconds
	RotationPeriod pulumi.IntPtrInput
	// "Controls how long the public portion of a signing key will be
	// available for verification after being rotated in seconds.
	VerificationTtl pulumi.IntPtrInput
}

func (OidcKeyState) ElementType 

func (OidcKeyState) ElementType() reflect.Type

type OidcMap 

type OidcMap map[string]OidcInput

func (OidcMap) ElementType 

func (OidcMap) ElementType() reflect.Type

func (OidcMap) ToOidcMapOutput 

func (i OidcMap) ToOidcMapOutput() OidcMapOutput

func (OidcMap) ToOidcMapOutputWithContext 

func (i OidcMap) ToOidcMapOutputWithContext(ctx context.Context) OidcMapOutput

type OidcMapInput 

type OidcMapInput interface {
	pulumi.Input

	ToOidcMapOutput() OidcMapOutput
	ToOidcMapOutputWithContext(context.Context) OidcMapOutput
}

OidcMapInput is an input type that accepts OidcMap and OidcMapOutput values. You can construct a concrete instance of `OidcMapInput` via: 

OidcMap{ "key": OidcArgs{...} }

type OidcMapOutput 

type OidcMapOutput struct{ *pulumi.OutputState }

func (OidcMapOutput) ElementType 

func (OidcMapOutput) ElementType() reflect.Type

func (OidcMapOutput) MapIndex 

func (o OidcMapOutput) MapIndex(k pulumi.StringInput) OidcOutput

func (OidcMapOutput) ToOidcMapOutput 

func (o OidcMapOutput) ToOidcMapOutput() OidcMapOutput

func (OidcMapOutput) ToOidcMapOutputWithContext 

func (o OidcMapOutput) ToOidcMapOutputWithContext(ctx context.Context) OidcMapOutput

type OidcOutput 

type OidcOutput struct{ *pulumi.OutputState }

func (OidcOutput) ElementType 

func (OidcOutput) ElementType() reflect.Type

func (OidcOutput) Issuer 

func (o OidcOutput) Issuer() pulumi.StringOutput

Issuer URL to be used in the iss claim of the token. If not set, Vault's `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components, but no query or fragment components.

func (OidcOutput) Namespace 

func (o OidcOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcOutput) ToOidcOutput 

func (o OidcOutput) ToOidcOutput() OidcOutput

func (OidcOutput) ToOidcOutputWithContext 

func (o OidcOutput) ToOidcOutputWithContext(ctx context.Context) OidcOutput

type OidcProvider 

type OidcProvider struct {
	pulumi.CustomResourceState

	// The client IDs that are permitted to use the provider.
	// If empty, no clients are allowed. If `*`, all clients are allowed.
	AllowedClientIds pulumi.StringArrayOutput `pulumi:"allowedClientIds"`
	// Set to true if the issuer endpoint uses HTTPS.
	HttpsEnabled pulumi.BoolPtrOutput `pulumi:"httpsEnabled"`
	// Specifies what will be used as the `scheme://host:port`
	// component for the `iss` claim of ID tokens. This value is computed using the
	// `issuerHost` and `httpsEnabled` fields.
	Issuer pulumi.StringOutput `pulumi:"issuer"`
	// The host for the issuer. Can be either host or host:port.
	IssuerHost pulumi.StringPtrOutput `pulumi:"issuerHost"`
	// The name of the provider.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The scopes available for requesting on the provider.
	ScopesSupporteds pulumi.StringArrayOutput `pulumi:"scopesSupporteds"`
}

Manages OIDC Providers in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) for more information.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"encoding/json"

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testOidcKey, err := identity.NewOidcKey(ctx, "testOidcKey", &identity.OidcKeyArgs{
			AllowedClientIds: pulumi.StringArray{
				pulumi.String("*"),
			},
			RotationPeriod:  pulumi.Int(3600),
			VerificationTtl: pulumi.Int(3600),
		})
		if err != nil {
			return err
		}
		testOidcAssignment, err := identity.NewOidcAssignment(ctx, "testOidcAssignment", &identity.OidcAssignmentArgs{
			EntityIds: pulumi.StringArray{
				pulumi.String("fake-ascbascas-2231a-sdfaa"),
			},
			GroupIds: pulumi.StringArray{
				pulumi.String("fake-sajkdsad-32414-sfsada"),
			},
		})
		if err != nil {
			return err
		}
		testOidcClient, err := identity.NewOidcClient(ctx, "testOidcClient", &identity.OidcClientArgs{
			Key: testOidcKey.Name,
			RedirectUris: pulumi.StringArray{
				pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"),
				pulumi.String("http://127.0.0.1:8251/callback"),
				pulumi.String("http://127.0.0.1:8080/callback"),
			},
			Assignments: pulumi.StringArray{
				testOidcAssignment.Name,
			},
			IdTokenTtl:     pulumi.Int(2400),
			AccessTokenTtl: pulumi.Int(7200),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"groups": "{{identity.entity.groups.names}}",
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		testOidcScope, err := identity.NewOidcScope(ctx, "testOidcScope", &identity.OidcScopeArgs{
			Template:    pulumi.String(json0),
			Description: pulumi.String("Groups scope."),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcProvider(ctx, "testOidcProvider", &identity.OidcProviderArgs{
			HttpsEnabled: pulumi.Bool(false),
			IssuerHost:   pulumi.String("127.0.0.1:8200"),
			AllowedClientIds: pulumi.StringArray{
				testOidcClient.ClientId,
			},
			ScopesSupporteds: pulumi.StringArray{
				testOidcScope.Name,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

OIDC Providers can be imported using the `name`, e.g.

```sh $ pulumi import vault:identity/oidcProvider:OidcProvider test my-provider ```

func GetOidcProvider 

func GetOidcProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcProviderState, opts ...pulumi.ResourceOption) (*OidcProvider, error)

GetOidcProvider gets an existing OidcProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidcProvider 

func NewOidcProvider(ctx *pulumi.Context,
	name string, args *OidcProviderArgs, opts ...pulumi.ResourceOption) (*OidcProvider, error)

NewOidcProvider registers a new resource with the given unique name, arguments, and options.

func (*OidcProvider) ElementType 

func (*OidcProvider) ElementType() reflect.Type

func (*OidcProvider) ToOidcProviderOutput 

func (i *OidcProvider) ToOidcProviderOutput() OidcProviderOutput

func (*OidcProvider) ToOidcProviderOutputWithContext 

func (i *OidcProvider) ToOidcProviderOutputWithContext(ctx context.Context) OidcProviderOutput

type OidcProviderArgs 

type OidcProviderArgs struct {
	// The client IDs that are permitted to use the provider.
	// If empty, no clients are allowed. If `*`, all clients are allowed.
	AllowedClientIds pulumi.StringArrayInput
	// Set to true if the issuer endpoint uses HTTPS.
	HttpsEnabled pulumi.BoolPtrInput
	// The host for the issuer. Can be either host or host:port.
	IssuerHost pulumi.StringPtrInput
	// The name of the provider.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The scopes available for requesting on the provider.
	ScopesSupporteds pulumi.StringArrayInput
}

The set of arguments for constructing a OidcProvider resource.

func (OidcProviderArgs) ElementType 

func (OidcProviderArgs) ElementType() reflect.Type

type OidcProviderArray 

type OidcProviderArray []OidcProviderInput

func (OidcProviderArray) ElementType 

func (OidcProviderArray) ElementType() reflect.Type

func (OidcProviderArray) ToOidcProviderArrayOutput 

func (i OidcProviderArray) ToOidcProviderArrayOutput() OidcProviderArrayOutput

func (OidcProviderArray) ToOidcProviderArrayOutputWithContext 

func (i OidcProviderArray) ToOidcProviderArrayOutputWithContext(ctx context.Context) OidcProviderArrayOutput

type OidcProviderArrayInput 

type OidcProviderArrayInput interface {
	pulumi.Input

	ToOidcProviderArrayOutput() OidcProviderArrayOutput
	ToOidcProviderArrayOutputWithContext(context.Context) OidcProviderArrayOutput
}

OidcProviderArrayInput is an input type that accepts OidcProviderArray and OidcProviderArrayOutput values. You can construct a concrete instance of `OidcProviderArrayInput` via: 

OidcProviderArray{ OidcProviderArgs{...} }

type OidcProviderArrayOutput 

type OidcProviderArrayOutput struct{ *pulumi.OutputState }

func (OidcProviderArrayOutput) ElementType 

func (OidcProviderArrayOutput) ElementType() reflect.Type

func (OidcProviderArrayOutput) Index 

func (o OidcProviderArrayOutput) Index(i pulumi.IntInput) OidcProviderOutput

func (OidcProviderArrayOutput) ToOidcProviderArrayOutput 

func (o OidcProviderArrayOutput) ToOidcProviderArrayOutput() OidcProviderArrayOutput

func (OidcProviderArrayOutput) ToOidcProviderArrayOutputWithContext 

func (o OidcProviderArrayOutput) ToOidcProviderArrayOutputWithContext(ctx context.Context) OidcProviderArrayOutput

type OidcProviderInput 

type OidcProviderInput interface {
	pulumi.Input

	ToOidcProviderOutput() OidcProviderOutput
	ToOidcProviderOutputWithContext(ctx context.Context) OidcProviderOutput
}

type OidcProviderMap 

type OidcProviderMap map[string]OidcProviderInput

func (OidcProviderMap) ElementType 

func (OidcProviderMap) ElementType() reflect.Type

func (OidcProviderMap) ToOidcProviderMapOutput 

func (i OidcProviderMap) ToOidcProviderMapOutput() OidcProviderMapOutput

func (OidcProviderMap) ToOidcProviderMapOutputWithContext 

func (i OidcProviderMap) ToOidcProviderMapOutputWithContext(ctx context.Context) OidcProviderMapOutput

type OidcProviderMapInput 

type OidcProviderMapInput interface {
	pulumi.Input

	ToOidcProviderMapOutput() OidcProviderMapOutput
	ToOidcProviderMapOutputWithContext(context.Context) OidcProviderMapOutput
}

OidcProviderMapInput is an input type that accepts OidcProviderMap and OidcProviderMapOutput values. You can construct a concrete instance of `OidcProviderMapInput` via: 

OidcProviderMap{ "key": OidcProviderArgs{...} }

type OidcProviderMapOutput 

type OidcProviderMapOutput struct{ *pulumi.OutputState }

func (OidcProviderMapOutput) ElementType 

func (OidcProviderMapOutput) ElementType() reflect.Type

func (OidcProviderMapOutput) MapIndex 

func (o OidcProviderMapOutput) MapIndex(k pulumi.StringInput) OidcProviderOutput

func (OidcProviderMapOutput) ToOidcProviderMapOutput 

func (o OidcProviderMapOutput) ToOidcProviderMapOutput() OidcProviderMapOutput

func (OidcProviderMapOutput) ToOidcProviderMapOutputWithContext 

func (o OidcProviderMapOutput) ToOidcProviderMapOutputWithContext(ctx context.Context) OidcProviderMapOutput

type OidcProviderOutput 

type OidcProviderOutput struct{ *pulumi.OutputState }

func (OidcProviderOutput) AllowedClientIds 

func (o OidcProviderOutput) AllowedClientIds() pulumi.StringArrayOutput

The client IDs that are permitted to use the provider. If empty, no clients are allowed. If `*`, all clients are allowed.

func (OidcProviderOutput) ElementType 

func (OidcProviderOutput) ElementType() reflect.Type

func (OidcProviderOutput) HttpsEnabled 

func (o OidcProviderOutput) HttpsEnabled() pulumi.BoolPtrOutput

Set to true if the issuer endpoint uses HTTPS.

func (OidcProviderOutput) Issuer 

func (o OidcProviderOutput) Issuer() pulumi.StringOutput

Specifies what will be used as the `scheme://host:port` component for the `iss` claim of ID tokens. This value is computed using the `issuerHost` and `httpsEnabled` fields.

func (OidcProviderOutput) IssuerHost 

func (o OidcProviderOutput) IssuerHost() pulumi.StringPtrOutput

The host for the issuer. Can be either host or host:port.

func (OidcProviderOutput) Name 

func (o OidcProviderOutput) Name() pulumi.StringOutput

The name of the provider.

func (OidcProviderOutput) Namespace 

func (o OidcProviderOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcProviderOutput) ScopesSupporteds 

func (o OidcProviderOutput) ScopesSupporteds() pulumi.StringArrayOutput

The scopes available for requesting on the provider.

func (OidcProviderOutput) ToOidcProviderOutput 

func (o OidcProviderOutput) ToOidcProviderOutput() OidcProviderOutput

func (OidcProviderOutput) ToOidcProviderOutputWithContext 

func (o OidcProviderOutput) ToOidcProviderOutputWithContext(ctx context.Context) OidcProviderOutput

type OidcProviderState 

type OidcProviderState struct {
	// The client IDs that are permitted to use the provider.
	// If empty, no clients are allowed. If `*`, all clients are allowed.
	AllowedClientIds pulumi.StringArrayInput
	// Set to true if the issuer endpoint uses HTTPS.
	HttpsEnabled pulumi.BoolPtrInput
	// Specifies what will be used as the `scheme://host:port`
	// component for the `iss` claim of ID tokens. This value is computed using the
	// `issuerHost` and `httpsEnabled` fields.
	Issuer pulumi.StringPtrInput
	// The host for the issuer. Can be either host or host:port.
	IssuerHost pulumi.StringPtrInput
	// The name of the provider.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The scopes available for requesting on the provider.
	ScopesSupporteds pulumi.StringArrayInput
}

func (OidcProviderState) ElementType 

func (OidcProviderState) ElementType() reflect.Type

type OidcRole 

type OidcRole struct {
	pulumi.CustomResourceState

	// The value that will be included in the `aud` field of all the OIDC identity
	// tokens issued by this role
	ClientId pulumi.StringOutput `pulumi:"clientId"`
	// A configured named key, the key must already exist
	// before tokens can be issued.
	Key pulumi.StringOutput `pulumi:"key"`
	// Name of the OIDC Role to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The template string to use for generating tokens. This may be in
	// string-ified JSON or base64 format. See the
	// [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates)
	// for the template format.
	Template pulumi.StringPtrOutput `pulumi:"template"`
	// TTL of the tokens generated against the role in number of seconds.
	Ttl pulumi.IntPtrOutput `pulumi:"ttl"`
}

## Example Usage

You need to create a role with a named key. At creation time, the key can be created independently of the role. However, the key must exist before the role can be used to issue tokens. You must also configure the key with the role's Client ID to allow the role to use the key.

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		key := "key"
		if param := cfg.Get("key"); param != "" {
			key = param
		}
		role, err := identity.NewOidcRole(ctx, "role", &identity.OidcRoleArgs{
			Key: pulumi.String(key),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcKey(ctx, "keyOidcKey", &identity.OidcKeyArgs{
			Algorithm: pulumi.String("RS256"),
			AllowedClientIds: pulumi.StringArray{
				role.ClientId,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

If you want to create the key first before creating the role, you can use a separate resource to configure the allowed Client ID on the key.

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{
			Algorithm: pulumi.String("RS256"),
		})
		if err != nil {
			return err
		}
		roleOidcRole, err := identity.NewOidcRole(ctx, "roleOidcRole", &identity.OidcRoleArgs{
			Key: key.Name,
		})
		if err != nil {
			return err
		}
		_, err = identity.NewOidcKeyAllowedClientID(ctx, "roleOidcKeyAllowedClientID", &identity.OidcKeyAllowedClientIDArgs{
			KeyName:         key.Name,
			AllowedClientId: roleOidcRole.ClientId,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

The key can be imported with the role name, for example:

```sh $ pulumi import vault:identity/oidcRole:OidcRole role role ```

func GetOidcRole 

func GetOidcRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcRoleState, opts ...pulumi.ResourceOption) (*OidcRole, error)

GetOidcRole gets an existing OidcRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidcRole 

func NewOidcRole(ctx *pulumi.Context,
	name string, args *OidcRoleArgs, opts ...pulumi.ResourceOption) (*OidcRole, error)

NewOidcRole registers a new resource with the given unique name, arguments, and options.

func (*OidcRole) ElementType 

func (*OidcRole) ElementType() reflect.Type

func (*OidcRole) ToOidcRoleOutput 

func (i *OidcRole) ToOidcRoleOutput() OidcRoleOutput

func (*OidcRole) ToOidcRoleOutputWithContext 

func (i *OidcRole) ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutput

type OidcRoleArgs 

type OidcRoleArgs struct {
	// The value that will be included in the `aud` field of all the OIDC identity
	// tokens issued by this role
	ClientId pulumi.StringPtrInput
	// A configured named key, the key must already exist
	// before tokens can be issued.
	Key pulumi.StringInput
	// Name of the OIDC Role to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The template string to use for generating tokens. This may be in
	// string-ified JSON or base64 format. See the
	// [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates)
	// for the template format.
	Template pulumi.StringPtrInput
	// TTL of the tokens generated against the role in number of seconds.
	Ttl pulumi.IntPtrInput
}

The set of arguments for constructing a OidcRole resource.

func (OidcRoleArgs) ElementType 

func (OidcRoleArgs) ElementType() reflect.Type

type OidcRoleArray 

type OidcRoleArray []OidcRoleInput

func (OidcRoleArray) ElementType 

func (OidcRoleArray) ElementType() reflect.Type

func (OidcRoleArray) ToOidcRoleArrayOutput 

func (i OidcRoleArray) ToOidcRoleArrayOutput() OidcRoleArrayOutput

func (OidcRoleArray) ToOidcRoleArrayOutputWithContext 

func (i OidcRoleArray) ToOidcRoleArrayOutputWithContext(ctx context.Context) OidcRoleArrayOutput

type OidcRoleArrayInput 

type OidcRoleArrayInput interface {
	pulumi.Input

	ToOidcRoleArrayOutput() OidcRoleArrayOutput
	ToOidcRoleArrayOutputWithContext(context.Context) OidcRoleArrayOutput
}

OidcRoleArrayInput is an input type that accepts OidcRoleArray and OidcRoleArrayOutput values. You can construct a concrete instance of `OidcRoleArrayInput` via: 

OidcRoleArray{ OidcRoleArgs{...} }

type OidcRoleArrayOutput 

type OidcRoleArrayOutput struct{ *pulumi.OutputState }

func (OidcRoleArrayOutput) ElementType 

func (OidcRoleArrayOutput) ElementType() reflect.Type

func (OidcRoleArrayOutput) Index 

func (o OidcRoleArrayOutput) Index(i pulumi.IntInput) OidcRoleOutput

func (OidcRoleArrayOutput) ToOidcRoleArrayOutput 

func (o OidcRoleArrayOutput) ToOidcRoleArrayOutput() OidcRoleArrayOutput

func (OidcRoleArrayOutput) ToOidcRoleArrayOutputWithContext 

func (o OidcRoleArrayOutput) ToOidcRoleArrayOutputWithContext(ctx context.Context) OidcRoleArrayOutput

type OidcRoleInput 

type OidcRoleInput interface {
	pulumi.Input

	ToOidcRoleOutput() OidcRoleOutput
	ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutput
}

type OidcRoleMap 

type OidcRoleMap map[string]OidcRoleInput

func (OidcRoleMap) ElementType 

func (OidcRoleMap) ElementType() reflect.Type

func (OidcRoleMap) ToOidcRoleMapOutput 

func (i OidcRoleMap) ToOidcRoleMapOutput() OidcRoleMapOutput

func (OidcRoleMap) ToOidcRoleMapOutputWithContext 

func (i OidcRoleMap) ToOidcRoleMapOutputWithContext(ctx context.Context) OidcRoleMapOutput

type OidcRoleMapInput 

type OidcRoleMapInput interface {
	pulumi.Input

	ToOidcRoleMapOutput() OidcRoleMapOutput
	ToOidcRoleMapOutputWithContext(context.Context) OidcRoleMapOutput
}

OidcRoleMapInput is an input type that accepts OidcRoleMap and OidcRoleMapOutput values. You can construct a concrete instance of `OidcRoleMapInput` via: 

OidcRoleMap{ "key": OidcRoleArgs{...} }

type OidcRoleMapOutput 

type OidcRoleMapOutput struct{ *pulumi.OutputState }

func (OidcRoleMapOutput) ElementType 

func (OidcRoleMapOutput) ElementType() reflect.Type

func (OidcRoleMapOutput) MapIndex 

func (o OidcRoleMapOutput) MapIndex(k pulumi.StringInput) OidcRoleOutput

func (OidcRoleMapOutput) ToOidcRoleMapOutput 

func (o OidcRoleMapOutput) ToOidcRoleMapOutput() OidcRoleMapOutput

func (OidcRoleMapOutput) ToOidcRoleMapOutputWithContext 

func (o OidcRoleMapOutput) ToOidcRoleMapOutputWithContext(ctx context.Context) OidcRoleMapOutput

type OidcRoleOutput 

type OidcRoleOutput struct{ *pulumi.OutputState }

func (OidcRoleOutput) ClientId 

func (o OidcRoleOutput) ClientId() pulumi.StringOutput

The value that will be included in the `aud` field of all the OIDC identity tokens issued by this role

func (OidcRoleOutput) ElementType 

func (OidcRoleOutput) ElementType() reflect.Type

func (OidcRoleOutput) Key 

func (o OidcRoleOutput) Key() pulumi.StringOutput

A configured named key, the key must already exist before tokens can be issued.

func (OidcRoleOutput) Name 

func (o OidcRoleOutput) Name() pulumi.StringOutput

Name of the OIDC Role to create.

func (OidcRoleOutput) Namespace 

func (o OidcRoleOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcRoleOutput) Template 

func (o OidcRoleOutput) Template() pulumi.StringPtrOutput

The template string to use for generating tokens. This may be in string-ified JSON or base64 format. See the [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates) for the template format.

func (OidcRoleOutput) ToOidcRoleOutput 

func (o OidcRoleOutput) ToOidcRoleOutput() OidcRoleOutput

func (OidcRoleOutput) ToOidcRoleOutputWithContext 

func (o OidcRoleOutput) ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutput

func (OidcRoleOutput) Ttl 

func (o OidcRoleOutput) Ttl() pulumi.IntPtrOutput

TTL of the tokens generated against the role in number of seconds.

type OidcRoleState 

type OidcRoleState struct {
	// The value that will be included in the `aud` field of all the OIDC identity
	// tokens issued by this role
	ClientId pulumi.StringPtrInput
	// A configured named key, the key must already exist
	// before tokens can be issued.
	Key pulumi.StringPtrInput
	// Name of the OIDC Role to create.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The template string to use for generating tokens. This may be in
	// string-ified JSON or base64 format. See the
	// [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates)
	// for the template format.
	Template pulumi.StringPtrInput
	// TTL of the tokens generated against the role in number of seconds.
	Ttl pulumi.IntPtrInput
}

func (OidcRoleState) ElementType 

func (OidcRoleState) ElementType() reflect.Type

type OidcScope 

type OidcScope struct {
	pulumi.CustomResourceState

	// A description of the scope.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the scope. The `openid` scope name is reserved.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON.
	Template pulumi.StringPtrOutput `pulumi:"template"`
}

Manages OIDC Scopes in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-a-scope) for more information.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewOidcScope(ctx, "groups", &identity.OidcScopeArgs{
			Description: pulumi.String("Vault OIDC Groups Scope"),
			Template:    pulumi.String("{\"groups\":{{identity.entity.groups.names}}}"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

OIDC Scopes can be imported using the `name`, e.g.

```sh $ pulumi import vault:identity/oidcScope:OidcScope groups groups ```

func GetOidcScope 

func GetOidcScope(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OidcScopeState, opts ...pulumi.ResourceOption) (*OidcScope, error)

GetOidcScope gets an existing OidcScope resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOidcScope 

func NewOidcScope(ctx *pulumi.Context,
	name string, args *OidcScopeArgs, opts ...pulumi.ResourceOption) (*OidcScope, error)

NewOidcScope registers a new resource with the given unique name, arguments, and options.

func (*OidcScope) ElementType 

func (*OidcScope) ElementType() reflect.Type

func (*OidcScope) ToOidcScopeOutput 

func (i *OidcScope) ToOidcScopeOutput() OidcScopeOutput

func (*OidcScope) ToOidcScopeOutputWithContext 

func (i *OidcScope) ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeOutput

type OidcScopeArgs 

type OidcScopeArgs struct {
	// A description of the scope.
	Description pulumi.StringPtrInput
	// The name of the scope. The `openid` scope name is reserved.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON.
	Template pulumi.StringPtrInput
}

The set of arguments for constructing a OidcScope resource.

func (OidcScopeArgs) ElementType 

func (OidcScopeArgs) ElementType() reflect.Type

type OidcScopeArray 

type OidcScopeArray []OidcScopeInput

func (OidcScopeArray) ElementType 

func (OidcScopeArray) ElementType() reflect.Type

func (OidcScopeArray) ToOidcScopeArrayOutput 

func (i OidcScopeArray) ToOidcScopeArrayOutput() OidcScopeArrayOutput

func (OidcScopeArray) ToOidcScopeArrayOutputWithContext 

func (i OidcScopeArray) ToOidcScopeArrayOutputWithContext(ctx context.Context) OidcScopeArrayOutput

type OidcScopeArrayInput 

type OidcScopeArrayInput interface {
	pulumi.Input

	ToOidcScopeArrayOutput() OidcScopeArrayOutput
	ToOidcScopeArrayOutputWithContext(context.Context) OidcScopeArrayOutput
}

OidcScopeArrayInput is an input type that accepts OidcScopeArray and OidcScopeArrayOutput values. You can construct a concrete instance of `OidcScopeArrayInput` via: 

OidcScopeArray{ OidcScopeArgs{...} }

type OidcScopeArrayOutput 

type OidcScopeArrayOutput struct{ *pulumi.OutputState }

func (OidcScopeArrayOutput) ElementType 

func (OidcScopeArrayOutput) ElementType() reflect.Type

func (OidcScopeArrayOutput) Index 

func (o OidcScopeArrayOutput) Index(i pulumi.IntInput) OidcScopeOutput

func (OidcScopeArrayOutput) ToOidcScopeArrayOutput 

func (o OidcScopeArrayOutput) ToOidcScopeArrayOutput() OidcScopeArrayOutput

func (OidcScopeArrayOutput) ToOidcScopeArrayOutputWithContext 

func (o OidcScopeArrayOutput) ToOidcScopeArrayOutputWithContext(ctx context.Context) OidcScopeArrayOutput

type OidcScopeInput 

type OidcScopeInput interface {
	pulumi.Input

	ToOidcScopeOutput() OidcScopeOutput
	ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeOutput
}

type OidcScopeMap 

type OidcScopeMap map[string]OidcScopeInput

func (OidcScopeMap) ElementType 

func (OidcScopeMap) ElementType() reflect.Type

func (OidcScopeMap) ToOidcScopeMapOutput 

func (i OidcScopeMap) ToOidcScopeMapOutput() OidcScopeMapOutput

func (OidcScopeMap) ToOidcScopeMapOutputWithContext 

func (i OidcScopeMap) ToOidcScopeMapOutputWithContext(ctx context.Context) OidcScopeMapOutput

type OidcScopeMapInput 

type OidcScopeMapInput interface {
	pulumi.Input

	ToOidcScopeMapOutput() OidcScopeMapOutput
	ToOidcScopeMapOutputWithContext(context.Context) OidcScopeMapOutput
}

OidcScopeMapInput is an input type that accepts OidcScopeMap and OidcScopeMapOutput values. You can construct a concrete instance of `OidcScopeMapInput` via: 

OidcScopeMap{ "key": OidcScopeArgs{...} }

type OidcScopeMapOutput 

type OidcScopeMapOutput struct{ *pulumi.OutputState }

func (OidcScopeMapOutput) ElementType 

func (OidcScopeMapOutput) ElementType() reflect.Type

func (OidcScopeMapOutput) MapIndex 

func (o OidcScopeMapOutput) MapIndex(k pulumi.StringInput) OidcScopeOutput

func (OidcScopeMapOutput) ToOidcScopeMapOutput 

func (o OidcScopeMapOutput) ToOidcScopeMapOutput() OidcScopeMapOutput

func (OidcScopeMapOutput) ToOidcScopeMapOutputWithContext 

func (o OidcScopeMapOutput) ToOidcScopeMapOutputWithContext(ctx context.Context) OidcScopeMapOutput

type OidcScopeOutput 

type OidcScopeOutput struct{ *pulumi.OutputState }

func (OidcScopeOutput) Description 

func (o OidcScopeOutput) Description() pulumi.StringPtrOutput

A description of the scope.

func (OidcScopeOutput) ElementType 

func (OidcScopeOutput) ElementType() reflect.Type

func (OidcScopeOutput) Name 

func (o OidcScopeOutput) Name() pulumi.StringOutput

The name of the scope. The `openid` scope name is reserved.

func (OidcScopeOutput) Namespace 

func (o OidcScopeOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (OidcScopeOutput) Template 

func (o OidcScopeOutput) Template() pulumi.StringPtrOutput

The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON.

func (OidcScopeOutput) ToOidcScopeOutput 

func (o OidcScopeOutput) ToOidcScopeOutput() OidcScopeOutput

func (OidcScopeOutput) ToOidcScopeOutputWithContext 

func (o OidcScopeOutput) ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeOutput

type OidcScopeState 

type OidcScopeState struct {
	// A description of the scope.
	Description pulumi.StringPtrInput
	// The name of the scope. The `openid` scope name is reserved.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON.
	Template pulumi.StringPtrInput
}

func (OidcScopeState) ElementType 

func (OidcScopeState) ElementType() reflect.Type

type OidcState 

type OidcState struct {
	// Issuer URL to be used in the iss claim of the token. If not set, Vault's
	// `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains
	// scheme, host, and optionally, port number and path components, but no query or fragment
	// components.
	Issuer pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (OidcState) ElementType 

func (OidcState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.