github

package
v3.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 9, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthBackend 

type AuthBackend struct {
	pulumi.CustomResourceState

	// The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
	Accessor pulumi.StringOutput `pulumi:"accessor"`
	// The API endpoint to use. Useful if you
	// are running GitHub Enterprise or an API-compatible authentication server.
	BaseUrl pulumi.StringPtrOutput `pulumi:"baseUrl"`
	// Specifies the description of the mount.
	// This overrides the current stored value, if any.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// (Optional; Deprecated, use `tokenMaxTtl` instead if you are running Vault >= 1.2) The maximum allowed lifetime of tokens
	// issued using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration).
	//
	// Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2
	MaxTtl pulumi.StringPtrOutput `pulumi:"maxTtl"`
	// The organization configured users must be part of.
	Organization pulumi.StringOutput `pulumi:"organization"`
	// Path where the auth backend is mounted. Defaults to `auth/github`
	// if not specified.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// (Optional) List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"`
	// (Optional) If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"`
	// (Optional) The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"`
	// (Optional) If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"`
	// (Optional) The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"`
	// (Optional) If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"`
	// (Optional) List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"`
	// (Optional) The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"`
	// Specifies the type of tokens that should be returned by
	// the mount. Valid values are "default-service", "default-batch", "service", "batch".
	TokenType pulumi.StringPtrOutput `pulumi:"tokenType"`
	// (Optional; Deprecated, use `tokenTtl` instead if you are running Vault >= 1.2) The TTL period of tokens issued
	// using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration).
	//
	// Deprecated: use `token_ttl` instead if you are running Vault >= 1.2
	Ttl  pulumi.StringPtrOutput `pulumi:"ttl"`
	Tune AuthBackendTuneOutput  `pulumi:"tune"`
}

Manages a Github Auth mount in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/github"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{
			Organization: pulumi.String("myorg"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetAuthBackend 

func GetAuthBackend(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthBackendState, opts ...pulumi.ResourceOption) (*AuthBackend, error)

GetAuthBackend gets an existing AuthBackend resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthBackend 

func NewAuthBackend(ctx *pulumi.Context,
	name string, args *AuthBackendArgs, opts ...pulumi.ResourceOption) (*AuthBackend, error)

NewAuthBackend registers a new resource with the given unique name, arguments, and options.

type AuthBackendArgs 

type AuthBackendArgs struct {
	// The API endpoint to use. Useful if you
	// are running GitHub Enterprise or an API-compatible authentication server.
	BaseUrl pulumi.StringPtrInput
	// Specifies the description of the mount.
	// This overrides the current stored value, if any.
	Description pulumi.StringPtrInput
	// (Optional; Deprecated, use `tokenMaxTtl` instead if you are running Vault >= 1.2) The maximum allowed lifetime of tokens
	// issued using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration).
	//
	// Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2
	MaxTtl pulumi.StringPtrInput
	// The organization configured users must be part of.
	Organization pulumi.StringInput
	// Path where the auth backend is mounted. Defaults to `auth/github`
	// if not specified.
	Path pulumi.StringPtrInput
	// (Optional) List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayInput
	// (Optional) If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// (Optional) The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrInput
	// (Optional) If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// (Optional) The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrInput
	// (Optional) If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrInput
	// (Optional) List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayInput
	// (Optional) The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrInput
	// Specifies the type of tokens that should be returned by
	// the mount. Valid values are "default-service", "default-batch", "service", "batch".
	TokenType pulumi.StringPtrInput
	// (Optional; Deprecated, use `tokenTtl` instead if you are running Vault >= 1.2) The TTL period of tokens issued
	// using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration).
	//
	// Deprecated: use `token_ttl` instead if you are running Vault >= 1.2
	Ttl  pulumi.StringPtrInput
	Tune AuthBackendTunePtrInput
}

The set of arguments for constructing a AuthBackend resource.

func (AuthBackendArgs) ElementType 

func (AuthBackendArgs) ElementType() reflect.Type

type AuthBackendState 

type AuthBackendState struct {
	// The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
	Accessor pulumi.StringPtrInput
	// The API endpoint to use. Useful if you
	// are running GitHub Enterprise or an API-compatible authentication server.
	BaseUrl pulumi.StringPtrInput
	// Specifies the description of the mount.
	// This overrides the current stored value, if any.
	Description pulumi.StringPtrInput
	// (Optional; Deprecated, use `tokenMaxTtl` instead if you are running Vault >= 1.2) The maximum allowed lifetime of tokens
	// issued using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration).
	//
	// Deprecated: use `token_max_ttl` instead if you are running Vault >= 1.2
	MaxTtl pulumi.StringPtrInput
	// The organization configured users must be part of.
	Organization pulumi.StringPtrInput
	// Path where the auth backend is mounted. Defaults to `auth/github`
	// if not specified.
	Path pulumi.StringPtrInput
	// (Optional) List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	TokenBoundCidrs pulumi.StringArrayInput
	// (Optional) If set, will encode an
	// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
	// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
	// `tokenMaxTtl` would otherwise allow a renewal.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// (Optional) The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenMaxTtl pulumi.IntPtrInput
	// (Optional) If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// (Optional) The
	// [period](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls),
	// if any, in number of seconds to set on the token.
	TokenNumUses pulumi.IntPtrInput
	// (Optional) If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	TokenPeriod pulumi.IntPtrInput
	// (Optional) List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	TokenPolicies pulumi.StringArrayInput
	// (Optional) The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	TokenTtl pulumi.IntPtrInput
	// Specifies the type of tokens that should be returned by
	// the mount. Valid values are "default-service", "default-batch", "service", "batch".
	TokenType pulumi.StringPtrInput
	// (Optional; Deprecated, use `tokenTtl` instead if you are running Vault >= 1.2) The TTL period of tokens issued
	// using this role. This must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration).
	//
	// Deprecated: use `token_ttl` instead if you are running Vault >= 1.2
	Ttl  pulumi.StringPtrInput
	Tune AuthBackendTunePtrInput
}

func (AuthBackendState) ElementType 

func (AuthBackendState) ElementType() reflect.Type

type AuthBackendTune 

type AuthBackendTune struct {
	// List of headers to whitelist and allowing
	// a plugin to include them in the response.
	AllowedResponseHeaders []string `pulumi:"allowedResponseHeaders"`
	// Specifies the list of keys that will
	// not be HMAC'd by audit devices in the request data object.
	AuditNonHmacRequestKeys []string `pulumi:"auditNonHmacRequestKeys"`
	// Specifies the list of keys that will
	// not be HMAC'd by audit devices in the response data object.
	AuditNonHmacResponseKeys []string `pulumi:"auditNonHmacResponseKeys"`
	// Specifies the default time-to-live.
	// If set, this overrides the global default.
	// Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
	DefaultLeaseTtl *string `pulumi:"defaultLeaseTtl"`
	// Specifies whether to show this mount in
	// the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
	ListingVisibility *string `pulumi:"listingVisibility"`
	// Specifies the maximum time-to-live.
	// If set, this overrides the global default.
	// Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
	MaxLeaseTtl *string `pulumi:"maxLeaseTtl"`
	// List of headers to whitelist and
	// pass from the request to the backend.
	PassthroughRequestHeaders []string `pulumi:"passthroughRequestHeaders"`
	// Specifies the type of tokens that should be returned by
	// the mount. Valid values are "default-service", "default-batch", "service", "batch".
	TokenType *string `pulumi:"tokenType"`
}

type AuthBackendTuneArgs 

type AuthBackendTuneArgs struct {
	// List of headers to whitelist and allowing
	// a plugin to include them in the response.
	AllowedResponseHeaders pulumi.StringArrayInput `pulumi:"allowedResponseHeaders"`
	// Specifies the list of keys that will
	// not be HMAC'd by audit devices in the request data object.
	AuditNonHmacRequestKeys pulumi.StringArrayInput `pulumi:"auditNonHmacRequestKeys"`
	// Specifies the list of keys that will
	// not be HMAC'd by audit devices in the response data object.
	AuditNonHmacResponseKeys pulumi.StringArrayInput `pulumi:"auditNonHmacResponseKeys"`
	// Specifies the default time-to-live.
	// If set, this overrides the global default.
	// Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
	DefaultLeaseTtl pulumi.StringPtrInput `pulumi:"defaultLeaseTtl"`
	// Specifies whether to show this mount in
	// the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
	ListingVisibility pulumi.StringPtrInput `pulumi:"listingVisibility"`
	// Specifies the maximum time-to-live.
	// If set, this overrides the global default.
	// Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
	MaxLeaseTtl pulumi.StringPtrInput `pulumi:"maxLeaseTtl"`
	// List of headers to whitelist and
	// pass from the request to the backend.
	PassthroughRequestHeaders pulumi.StringArrayInput `pulumi:"passthroughRequestHeaders"`
	// Specifies the type of tokens that should be returned by
	// the mount. Valid values are "default-service", "default-batch", "service", "batch".
	TokenType pulumi.StringPtrInput `pulumi:"tokenType"`
}

func (AuthBackendTuneArgs) ElementType 

func (AuthBackendTuneArgs) ElementType() reflect.Type

func (AuthBackendTuneArgs) ToAuthBackendTuneOutput 

func (i AuthBackendTuneArgs) ToAuthBackendTuneOutput() AuthBackendTuneOutput

func (AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext 

func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput

func (AuthBackendTuneArgs) ToAuthBackendTunePtrOutput 

func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput

func (AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext 

func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput

type AuthBackendTuneInput 

type AuthBackendTuneInput interface {
	pulumi.Input

	ToAuthBackendTuneOutput() AuthBackendTuneOutput
	ToAuthBackendTuneOutputWithContext(context.Context) AuthBackendTuneOutput
}

AuthBackendTuneInput is an input type that accepts AuthBackendTuneArgs and AuthBackendTuneOutput values. You can construct a concrete instance of `AuthBackendTuneInput` via: 

AuthBackendTuneArgs{...}

type AuthBackendTuneOutput 

type AuthBackendTuneOutput struct{ *pulumi.OutputState }

func (AuthBackendTuneOutput) AllowedResponseHeaders 

func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput

List of headers to whitelist and allowing a plugin to include them in the response.

func (AuthBackendTuneOutput) AuditNonHmacRequestKeys 

func (o AuthBackendTuneOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput

Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.

func (AuthBackendTuneOutput) AuditNonHmacResponseKeys 

func (o AuthBackendTuneOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput

Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.

func (AuthBackendTuneOutput) DefaultLeaseTtl 

func (o AuthBackendTuneOutput) DefaultLeaseTtl() pulumi.StringPtrOutput

Specifies the default time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)

func (AuthBackendTuneOutput) ElementType 

func (AuthBackendTuneOutput) ElementType() reflect.Type

func (AuthBackendTuneOutput) ListingVisibility 

func (o AuthBackendTuneOutput) ListingVisibility() pulumi.StringPtrOutput

Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are "unauth" or "hidden".

func (AuthBackendTuneOutput) MaxLeaseTtl 

func (o AuthBackendTuneOutput) MaxLeaseTtl() pulumi.StringPtrOutput

Specifies the maximum time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)

func (AuthBackendTuneOutput) PassthroughRequestHeaders 

func (o AuthBackendTuneOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput

List of headers to whitelist and pass from the request to the backend.

func (AuthBackendTuneOutput) ToAuthBackendTuneOutput 

func (o AuthBackendTuneOutput) ToAuthBackendTuneOutput() AuthBackendTuneOutput

func (AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext 

func (o AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput

func (AuthBackendTuneOutput) ToAuthBackendTunePtrOutput 

func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput

func (AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext 

func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput

func (AuthBackendTuneOutput) TokenType 

func (o AuthBackendTuneOutput) TokenType() pulumi.StringPtrOutput

Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch".

type AuthBackendTunePtrInput 

type AuthBackendTunePtrInput interface {
	pulumi.Input

	ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
	ToAuthBackendTunePtrOutputWithContext(context.Context) AuthBackendTunePtrOutput
}

AuthBackendTunePtrInput is an input type that accepts AuthBackendTuneArgs, AuthBackendTunePtr and AuthBackendTunePtrOutput values. You can construct a concrete instance of `AuthBackendTunePtrInput` via: 

        AuthBackendTuneArgs{...}

or:

        nil

func AuthBackendTunePtr 

func AuthBackendTunePtr(v *AuthBackendTuneArgs) AuthBackendTunePtrInput

type AuthBackendTunePtrOutput 

type AuthBackendTunePtrOutput struct{ *pulumi.OutputState }

func (AuthBackendTunePtrOutput) AllowedResponseHeaders 

func (o AuthBackendTunePtrOutput) AllowedResponseHeaders() pulumi.StringArrayOutput

List of headers to whitelist and allowing a plugin to include them in the response.

func (AuthBackendTunePtrOutput) AuditNonHmacRequestKeys 

func (o AuthBackendTunePtrOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput

Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.

func (AuthBackendTunePtrOutput) AuditNonHmacResponseKeys 

func (o AuthBackendTunePtrOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput

Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.

func (AuthBackendTunePtrOutput) DefaultLeaseTtl 

func (o AuthBackendTunePtrOutput) DefaultLeaseTtl() pulumi.StringPtrOutput

Specifies the default time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)

func (AuthBackendTunePtrOutput) Elem 

func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput

func (AuthBackendTunePtrOutput) ElementType 

func (AuthBackendTunePtrOutput) ElementType() reflect.Type

func (AuthBackendTunePtrOutput) ListingVisibility 

func (o AuthBackendTunePtrOutput) ListingVisibility() pulumi.StringPtrOutput

Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are "unauth" or "hidden".

func (AuthBackendTunePtrOutput) MaxLeaseTtl 

func (o AuthBackendTunePtrOutput) MaxLeaseTtl() pulumi.StringPtrOutput

Specifies the maximum time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)

func (AuthBackendTunePtrOutput) PassthroughRequestHeaders 

func (o AuthBackendTunePtrOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput

List of headers to whitelist and pass from the request to the backend.

func (AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput 

func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput

func (AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext 

func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput

func (AuthBackendTunePtrOutput) TokenType 

func (o AuthBackendTunePtrOutput) TokenType() pulumi.StringPtrOutput

Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch".

type Team 

type Team struct {
	pulumi.CustomResourceState

	// Path where the github auth backend is mounted. Defaults to `github`
	// if not specified.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// An array of strings specifying the policies to be set on tokens
	// issued using this role.
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// GitHub team name in "slugified" format.
	Team pulumi.StringOutput `pulumi:"team"`
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"`
	// Generated Token's Explicit Maximum TTL in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"`
	// The maximum lifetime of the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"`
	// If true, the 'default' policy will not automatically be added to generated tokens
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"`
	// The maximum number of times a token may be used, a value of zero means unlimited
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"`
	// Generated Token's Period
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"`
	// Generated Token's Policies
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"`
	// The initial ttl of the token to generate in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"`
	// The type of token to generate, service or batch
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenType pulumi.StringPtrOutput `pulumi:"tokenType"`
}

Manages policy mappings for Github Teams authenticated via Github. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/github"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{
			Organization: pulumi.String("myorg"),
		})
		if err != nil {
			return err
		}
		_, err = github.NewTeam(ctx, "tfDevs", &github.TeamArgs{
			Backend: example.ID(),
			Team:    pulumi.String("terraform-developers"),
			Policies: pulumi.StringArray{
				pulumi.String("developer"),
				pulumi.String("read-only"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetTeam 

func GetTeam(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *TeamState, opts ...pulumi.ResourceOption) (*Team, error)

GetTeam gets an existing Team resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewTeam 

func NewTeam(ctx *pulumi.Context,
	name string, args *TeamArgs, opts ...pulumi.ResourceOption) (*Team, error)

NewTeam registers a new resource with the given unique name, arguments, and options.

type TeamArgs 

type TeamArgs struct {
	// Path where the github auth backend is mounted. Defaults to `github`
	// if not specified.
	Backend pulumi.StringPtrInput
	// An array of strings specifying the policies to be set on tokens
	// issued using this role.
	Policies pulumi.StringArrayInput
	// GitHub team name in "slugified" format.
	Team pulumi.StringInput
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenBoundCidrs pulumi.StringArrayInput
	// Generated Token's Explicit Maximum TTL in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime of the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenMaxTtl pulumi.IntPtrInput
	// If true, the 'default' policy will not automatically be added to generated tokens
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The maximum number of times a token may be used, a value of zero means unlimited
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNumUses pulumi.IntPtrInput
	// Generated Token's Period
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPeriod pulumi.IntPtrInput
	// Generated Token's Policies
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPolicies pulumi.StringArrayInput
	// The initial ttl of the token to generate in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenTtl pulumi.IntPtrInput
	// The type of token to generate, service or batch
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenType pulumi.StringPtrInput
}

The set of arguments for constructing a Team resource.

func (TeamArgs) ElementType 

func (TeamArgs) ElementType() reflect.Type

type TeamState 

type TeamState struct {
	// Path where the github auth backend is mounted. Defaults to `github`
	// if not specified.
	Backend pulumi.StringPtrInput
	// An array of strings specifying the policies to be set on tokens
	// issued using this role.
	Policies pulumi.StringArrayInput
	// GitHub team name in "slugified" format.
	Team pulumi.StringPtrInput
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenBoundCidrs pulumi.StringArrayInput
	// Generated Token's Explicit Maximum TTL in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime of the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenMaxTtl pulumi.IntPtrInput
	// If true, the 'default' policy will not automatically be added to generated tokens
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The maximum number of times a token may be used, a value of zero means unlimited
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNumUses pulumi.IntPtrInput
	// Generated Token's Period
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPeriod pulumi.IntPtrInput
	// Generated Token's Policies
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPolicies pulumi.StringArrayInput
	// The initial ttl of the token to generate in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenTtl pulumi.IntPtrInput
	// The type of token to generate, service or batch
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenType pulumi.StringPtrInput
}

func (TeamState) ElementType 

func (TeamState) ElementType() reflect.Type

type User 

type User struct {
	pulumi.CustomResourceState

	// Path where the github auth backend is mounted. Defaults to `github`
	// if not specified.
	Backend pulumi.StringPtrOutput `pulumi:"backend"`
	// An array of strings specifying the policies to be set on tokens issued
	// using this role.
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"`
	// Generated Token's Explicit Maximum TTL in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"`
	// The maximum lifetime of the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"`
	// If true, the 'default' policy will not automatically be added to generated tokens
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"`
	// The maximum number of times a token may be used, a value of zero means unlimited
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"`
	// Generated Token's Period
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"`
	// Generated Token's Policies
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"`
	// The initial ttl of the token to generate in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"`
	// The type of token to generate, service or batch
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenType pulumi.StringPtrOutput `pulumi:"tokenType"`
	// GitHub user name.
	User pulumi.StringOutput `pulumi:"user"`
}

Manages policy mappings for Github Users authenticated via Github. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v3/go/vault/github"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{
			Organization: pulumi.String("myorg"),
		})
		if err != nil {
			return err
		}
		_, err = github.NewUser(ctx, "tfUser", &github.UserArgs{
			Backend: example.ID(),
			User:    pulumi.String("john.doe"),
			Policies: pulumi.StringArray{
				pulumi.String("developer"),
				pulumi.String("read-only"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetUser 

func GetUser(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserState, opts ...pulumi.ResourceOption) (*User, error)

GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUser 

func NewUser(ctx *pulumi.Context,
	name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error)

NewUser registers a new resource with the given unique name, arguments, and options.

type UserArgs 

type UserArgs struct {
	// Path where the github auth backend is mounted. Defaults to `github`
	// if not specified.
	Backend pulumi.StringPtrInput
	// An array of strings specifying the policies to be set on tokens issued
	// using this role.
	Policies pulumi.StringArrayInput
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenBoundCidrs pulumi.StringArrayInput
	// Generated Token's Explicit Maximum TTL in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime of the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenMaxTtl pulumi.IntPtrInput
	// If true, the 'default' policy will not automatically be added to generated tokens
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The maximum number of times a token may be used, a value of zero means unlimited
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNumUses pulumi.IntPtrInput
	// Generated Token's Period
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPeriod pulumi.IntPtrInput
	// Generated Token's Policies
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPolicies pulumi.StringArrayInput
	// The initial ttl of the token to generate in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenTtl pulumi.IntPtrInput
	// The type of token to generate, service or batch
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenType pulumi.StringPtrInput
	// GitHub user name.
	User pulumi.StringInput
}

The set of arguments for constructing a User resource.

func (UserArgs) ElementType 

func (UserArgs) ElementType() reflect.Type

type UserState 

type UserState struct {
	// Path where the github auth backend is mounted. Defaults to `github`
	// if not specified.
	Backend pulumi.StringPtrInput
	// An array of strings specifying the policies to be set on tokens issued
	// using this role.
	Policies pulumi.StringArrayInput
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenBoundCidrs pulumi.StringArrayInput
	// Generated Token's Explicit Maximum TTL in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenExplicitMaxTtl pulumi.IntPtrInput
	// The maximum lifetime of the generated token
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenMaxTtl pulumi.IntPtrInput
	// If true, the 'default' policy will not automatically be added to generated tokens
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNoDefaultPolicy pulumi.BoolPtrInput
	// The maximum number of times a token may be used, a value of zero means unlimited
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenNumUses pulumi.IntPtrInput
	// Generated Token's Period
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPeriod pulumi.IntPtrInput
	// Generated Token's Policies
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenPolicies pulumi.StringArrayInput
	// The initial ttl of the token to generate in seconds
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenTtl pulumi.IntPtrInput
	// The type of token to generate, service or batch
	//
	// Deprecated: This parameter should be moved to the Github Auth backend config block. It does nothing in a user/team block.
	TokenType pulumi.StringPtrInput
	// GitHub user name.
	User pulumi.StringPtrInput
}

func (UserState) ElementType 

func (UserState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.