Documentation
¶
Index ¶
- type AuthBackend
- type AuthBackendArgs
- type AuthBackendArray
- type AuthBackendArrayInput
- type AuthBackendArrayOutput
- func (AuthBackendArrayOutput) ElementType() reflect.Type
- func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput
- func (o AuthBackendArrayOutput) ToAuthBackendArrayOutput() AuthBackendArrayOutput
- func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput
- type AuthBackendInput
- type AuthBackendMap
- type AuthBackendMapInput
- type AuthBackendMapOutput
- func (AuthBackendMapOutput) ElementType() reflect.Type
- func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput
- func (o AuthBackendMapOutput) ToAuthBackendMapOutput() AuthBackendMapOutput
- func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput
- type AuthBackendOutput
- func (o AuthBackendOutput) Accessor() pulumi.StringOutput
- func (o AuthBackendOutput) BaseUrl() pulumi.StringPtrOutput
- func (o AuthBackendOutput) Description() pulumi.StringPtrOutput
- func (o AuthBackendOutput) DisableRemount() pulumi.BoolPtrOutput
- func (AuthBackendOutput) ElementType() reflect.Type
- func (o AuthBackendOutput) Namespace() pulumi.StringPtrOutput
- func (o AuthBackendOutput) Organization() pulumi.StringOutput
- func (o AuthBackendOutput) OrganizationId() pulumi.IntOutput
- func (o AuthBackendOutput) Path() pulumi.StringPtrOutput
- func (o AuthBackendOutput) ToAuthBackendOutput() AuthBackendOutput
- func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput
- func (o AuthBackendOutput) TokenBoundCidrs() pulumi.StringArrayOutput
- func (o AuthBackendOutput) TokenExplicitMaxTtl() pulumi.IntPtrOutput
- func (o AuthBackendOutput) TokenMaxTtl() pulumi.IntPtrOutput
- func (o AuthBackendOutput) TokenNoDefaultPolicy() pulumi.BoolPtrOutput
- func (o AuthBackendOutput) TokenNumUses() pulumi.IntPtrOutput
- func (o AuthBackendOutput) TokenPeriod() pulumi.IntPtrOutput
- func (o AuthBackendOutput) TokenPolicies() pulumi.StringArrayOutput
- func (o AuthBackendOutput) TokenTtl() pulumi.IntPtrOutput
- func (o AuthBackendOutput) TokenType() pulumi.StringPtrOutput
- func (o AuthBackendOutput) Tune() AuthBackendTuneOutput
- type AuthBackendState
- type AuthBackendTune
- type AuthBackendTuneArgs
- func (AuthBackendTuneArgs) ElementType() reflect.Type
- func (i AuthBackendTuneArgs) ToAuthBackendTuneOutput() AuthBackendTuneOutput
- func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
- func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
- func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
- type AuthBackendTuneInput
- type AuthBackendTuneOutput
- func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
- func (AuthBackendTuneOutput) ElementType() reflect.Type
- func (o AuthBackendTuneOutput) ListingVisibility() pulumi.StringPtrOutput
- func (o AuthBackendTuneOutput) MaxLeaseTtl() pulumi.StringPtrOutput
- func (o AuthBackendTuneOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTuneOutput() AuthBackendTuneOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
- func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
- func (o AuthBackendTuneOutput) TokenType() pulumi.StringPtrOutput
- type AuthBackendTunePtrInput
- type AuthBackendTunePtrOutput
- func (o AuthBackendTunePtrOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
- func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput
- func (AuthBackendTunePtrOutput) ElementType() reflect.Type
- func (o AuthBackendTunePtrOutput) ListingVisibility() pulumi.StringPtrOutput
- func (o AuthBackendTunePtrOutput) MaxLeaseTtl() pulumi.StringPtrOutput
- func (o AuthBackendTunePtrOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
- func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
- func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
- func (o AuthBackendTunePtrOutput) TokenType() pulumi.StringPtrOutput
- type Team
- type TeamArgs
- type TeamArray
- type TeamArrayInput
- type TeamArrayOutput
- type TeamInput
- type TeamMap
- type TeamMapInput
- type TeamMapOutput
- type TeamOutput
- func (o TeamOutput) Backend() pulumi.StringPtrOutput
- func (TeamOutput) ElementType() reflect.Type
- func (o TeamOutput) Namespace() pulumi.StringPtrOutput
- func (o TeamOutput) Policies() pulumi.StringArrayOutput
- func (o TeamOutput) Team() pulumi.StringOutput
- func (o TeamOutput) ToTeamOutput() TeamOutput
- func (o TeamOutput) ToTeamOutputWithContext(ctx context.Context) TeamOutput
- type TeamState
- type User
- type UserArgs
- type UserArray
- type UserArrayInput
- type UserArrayOutput
- type UserInput
- type UserMap
- type UserMapInput
- type UserMapOutput
- type UserOutput
- func (o UserOutput) Backend() pulumi.StringPtrOutput
- func (UserOutput) ElementType() reflect.Type
- func (o UserOutput) Namespace() pulumi.StringPtrOutput
- func (o UserOutput) Policies() pulumi.StringArrayOutput
- func (o UserOutput) ToUserOutput() UserOutput
- func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput
- func (o UserOutput) User() pulumi.StringOutput
- type UserState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthBackend ¶
type AuthBackend struct { pulumi.CustomResourceState // The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html). Accessor pulumi.StringOutput `pulumi:"accessor"` // The API endpoint to use. Useful if you // are running GitHub Enterprise or an API-compatible authentication server. BaseUrl pulumi.StringPtrOutput `pulumi:"baseUrl"` // Specifies the description of the mount. // This overrides the current stored value, if any. Description pulumi.StringPtrOutput `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrOutput `pulumi:"disableRemount"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // The organization configured users must be part of. Organization pulumi.StringOutput `pulumi:"organization"` // The ID of the organization users must be part of. // Vault will attempt to fetch and set this value if it is not provided. (Vault 1.10+) OrganizationId pulumi.IntOutput `pulumi:"organizationId"` // Path where the auth backend is mounted. Defaults to `auth/github` // if not specified. Path pulumi.StringPtrOutput `pulumi:"path"` // (Optional) List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"` // (Optional) If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"` // (Optional) The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"` // (Optional) If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"` // (Optional) The [maximum number](https://www.vaultproject.io/api-docs/github#token_num_uses) // of times a generated token may be used (within its lifetime); 0 means unlimited. TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"` // (Optional) If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"` // (Optional) List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"` // (Optional) The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` // Extra configuration block. Structure is documented below. // // The `tune` block is used to tune the auth backend: Tune AuthBackendTuneOutput `pulumi:"tune"` }
Manages a GitHub Auth mount in a Vault server. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/github" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{ Organization: pulumi.String("myorg"), }) if err != nil { return err } return nil }) }
```
## Import
GitHub authentication mounts can be imported using the `path`, e.g.
```sh $ pulumi import vault:github/authBackend:AuthBackend example github ```
func GetAuthBackend ¶
func GetAuthBackend(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AuthBackendState, opts ...pulumi.ResourceOption) (*AuthBackend, error)
GetAuthBackend gets an existing AuthBackend resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAuthBackend ¶
func NewAuthBackend(ctx *pulumi.Context, name string, args *AuthBackendArgs, opts ...pulumi.ResourceOption) (*AuthBackend, error)
NewAuthBackend registers a new resource with the given unique name, arguments, and options.
func (*AuthBackend) ElementType ¶
func (*AuthBackend) ElementType() reflect.Type
func (*AuthBackend) ToAuthBackendOutput ¶
func (i *AuthBackend) ToAuthBackendOutput() AuthBackendOutput
func (*AuthBackend) ToAuthBackendOutputWithContext ¶
func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput
type AuthBackendArgs ¶
type AuthBackendArgs struct { // The API endpoint to use. Useful if you // are running GitHub Enterprise or an API-compatible authentication server. BaseUrl pulumi.StringPtrInput // Specifies the description of the mount. // This overrides the current stored value, if any. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The organization configured users must be part of. Organization pulumi.StringInput // The ID of the organization users must be part of. // Vault will attempt to fetch and set this value if it is not provided. (Vault 1.10+) OrganizationId pulumi.IntPtrInput // Path where the auth backend is mounted. Defaults to `auth/github` // if not specified. Path pulumi.StringPtrInput // (Optional) List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // (Optional) If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // (Optional) The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // (Optional) If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // (Optional) The [maximum number](https://www.vaultproject.io/api-docs/github#token_num_uses) // of times a generated token may be used (within its lifetime); 0 means unlimited. TokenNumUses pulumi.IntPtrInput // (Optional) If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // (Optional) List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // (Optional) The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput // Extra configuration block. Structure is documented below. // // The `tune` block is used to tune the auth backend: Tune AuthBackendTunePtrInput }
The set of arguments for constructing a AuthBackend resource.
func (AuthBackendArgs) ElementType ¶
func (AuthBackendArgs) ElementType() reflect.Type
type AuthBackendArray ¶
type AuthBackendArray []AuthBackendInput
func (AuthBackendArray) ElementType ¶
func (AuthBackendArray) ElementType() reflect.Type
func (AuthBackendArray) ToAuthBackendArrayOutput ¶
func (i AuthBackendArray) ToAuthBackendArrayOutput() AuthBackendArrayOutput
func (AuthBackendArray) ToAuthBackendArrayOutputWithContext ¶
func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput
type AuthBackendArrayInput ¶
type AuthBackendArrayInput interface { pulumi.Input ToAuthBackendArrayOutput() AuthBackendArrayOutput ToAuthBackendArrayOutputWithContext(context.Context) AuthBackendArrayOutput }
AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. You can construct a concrete instance of `AuthBackendArrayInput` via:
AuthBackendArray{ AuthBackendArgs{...} }
type AuthBackendArrayOutput ¶
type AuthBackendArrayOutput struct{ *pulumi.OutputState }
func (AuthBackendArrayOutput) ElementType ¶
func (AuthBackendArrayOutput) ElementType() reflect.Type
func (AuthBackendArrayOutput) Index ¶
func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput
func (AuthBackendArrayOutput) ToAuthBackendArrayOutput ¶
func (o AuthBackendArrayOutput) ToAuthBackendArrayOutput() AuthBackendArrayOutput
func (AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext ¶
func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput
type AuthBackendInput ¶
type AuthBackendInput interface { pulumi.Input ToAuthBackendOutput() AuthBackendOutput ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput }
type AuthBackendMap ¶
type AuthBackendMap map[string]AuthBackendInput
func (AuthBackendMap) ElementType ¶
func (AuthBackendMap) ElementType() reflect.Type
func (AuthBackendMap) ToAuthBackendMapOutput ¶
func (i AuthBackendMap) ToAuthBackendMapOutput() AuthBackendMapOutput
func (AuthBackendMap) ToAuthBackendMapOutputWithContext ¶
func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput
type AuthBackendMapInput ¶
type AuthBackendMapInput interface { pulumi.Input ToAuthBackendMapOutput() AuthBackendMapOutput ToAuthBackendMapOutputWithContext(context.Context) AuthBackendMapOutput }
AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. You can construct a concrete instance of `AuthBackendMapInput` via:
AuthBackendMap{ "key": AuthBackendArgs{...} }
type AuthBackendMapOutput ¶
type AuthBackendMapOutput struct{ *pulumi.OutputState }
func (AuthBackendMapOutput) ElementType ¶
func (AuthBackendMapOutput) ElementType() reflect.Type
func (AuthBackendMapOutput) MapIndex ¶
func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput
func (AuthBackendMapOutput) ToAuthBackendMapOutput ¶
func (o AuthBackendMapOutput) ToAuthBackendMapOutput() AuthBackendMapOutput
func (AuthBackendMapOutput) ToAuthBackendMapOutputWithContext ¶
func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput
type AuthBackendOutput ¶
type AuthBackendOutput struct{ *pulumi.OutputState }
func (AuthBackendOutput) Accessor ¶
func (o AuthBackendOutput) Accessor() pulumi.StringOutput
The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
func (AuthBackendOutput) BaseUrl ¶
func (o AuthBackendOutput) BaseUrl() pulumi.StringPtrOutput
The API endpoint to use. Useful if you are running GitHub Enterprise or an API-compatible authentication server.
func (AuthBackendOutput) Description ¶
func (o AuthBackendOutput) Description() pulumi.StringPtrOutput
Specifies the description of the mount. This overrides the current stored value, if any.
func (AuthBackendOutput) DisableRemount ¶
func (o AuthBackendOutput) DisableRemount() pulumi.BoolPtrOutput
If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
func (AuthBackendOutput) ElementType ¶
func (AuthBackendOutput) ElementType() reflect.Type
func (AuthBackendOutput) Namespace ¶
func (o AuthBackendOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (AuthBackendOutput) Organization ¶
func (o AuthBackendOutput) Organization() pulumi.StringOutput
The organization configured users must be part of.
func (AuthBackendOutput) OrganizationId ¶
func (o AuthBackendOutput) OrganizationId() pulumi.IntOutput
The ID of the organization users must be part of. Vault will attempt to fetch and set this value if it is not provided. (Vault 1.10+)
func (AuthBackendOutput) Path ¶
func (o AuthBackendOutput) Path() pulumi.StringPtrOutput
Path where the auth backend is mounted. Defaults to `auth/github` if not specified.
func (AuthBackendOutput) ToAuthBackendOutput ¶
func (o AuthBackendOutput) ToAuthBackendOutput() AuthBackendOutput
func (AuthBackendOutput) ToAuthBackendOutputWithContext ¶
func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput
func (AuthBackendOutput) TokenBoundCidrs ¶
func (o AuthBackendOutput) TokenBoundCidrs() pulumi.StringArrayOutput
(Optional) List of CIDR blocks; if set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks as well.
func (AuthBackendOutput) TokenExplicitMaxTtl ¶
func (o AuthBackendOutput) TokenExplicitMaxTtl() pulumi.IntPtrOutput
(Optional) If set, will encode an [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) onto the token in number of seconds. This is a hard cap even if `tokenTtl` and `tokenMaxTtl` would otherwise allow a renewal.
func (AuthBackendOutput) TokenMaxTtl ¶
func (o AuthBackendOutput) TokenMaxTtl() pulumi.IntPtrOutput
(Optional) The maximum lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time.
func (AuthBackendOutput) TokenNoDefaultPolicy ¶
func (o AuthBackendOutput) TokenNoDefaultPolicy() pulumi.BoolPtrOutput
(Optional) If set, the default policy will not be set on generated tokens; otherwise it will be added to the policies set in token_policies.
func (AuthBackendOutput) TokenNumUses ¶
func (o AuthBackendOutput) TokenNumUses() pulumi.IntPtrOutput
(Optional) The [maximum number](https://www.vaultproject.io/api-docs/github#token_num_uses) of times a generated token may be used (within its lifetime); 0 means unlimited.
func (AuthBackendOutput) TokenPeriod ¶
func (o AuthBackendOutput) TokenPeriod() pulumi.IntPtrOutput
(Optional) If set, indicates that the token generated using this role should never expire. The token should be renewed within the duration specified by this value. At each renewal, the token's TTL will be set to the value of this field. Specified in seconds.
func (AuthBackendOutput) TokenPolicies ¶
func (o AuthBackendOutput) TokenPolicies() pulumi.StringArrayOutput
(Optional) List of policies to encode onto generated tokens. Depending on the auth method, this list may be supplemented by user/group/other values.
func (AuthBackendOutput) TokenTtl ¶
func (o AuthBackendOutput) TokenTtl() pulumi.IntPtrOutput
(Optional) The incremental lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time.
func (AuthBackendOutput) TokenType ¶
func (o AuthBackendOutput) TokenType() pulumi.StringPtrOutput
Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch".
func (AuthBackendOutput) Tune ¶
func (o AuthBackendOutput) Tune() AuthBackendTuneOutput
Extra configuration block. Structure is documented below.
The `tune` block is used to tune the auth backend:
type AuthBackendState ¶
type AuthBackendState struct { // The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html). Accessor pulumi.StringPtrInput // The API endpoint to use. Useful if you // are running GitHub Enterprise or an API-compatible authentication server. BaseUrl pulumi.StringPtrInput // Specifies the description of the mount. // This overrides the current stored value, if any. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The organization configured users must be part of. Organization pulumi.StringPtrInput // The ID of the organization users must be part of. // Vault will attempt to fetch and set this value if it is not provided. (Vault 1.10+) OrganizationId pulumi.IntPtrInput // Path where the auth backend is mounted. Defaults to `auth/github` // if not specified. Path pulumi.StringPtrInput // (Optional) List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks // as well. TokenBoundCidrs pulumi.StringArrayInput // (Optional) If set, will encode an // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and // `tokenMaxTtl` would otherwise allow a renewal. TokenExplicitMaxTtl pulumi.IntPtrInput // (Optional) The maximum lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenMaxTtl pulumi.IntPtrInput // (Optional) If set, the default policy will not be set on // generated tokens; otherwise it will be added to the policies set in token_policies. TokenNoDefaultPolicy pulumi.BoolPtrInput // (Optional) The [maximum number](https://www.vaultproject.io/api-docs/github#token_num_uses) // of times a generated token may be used (within its lifetime); 0 means unlimited. TokenNumUses pulumi.IntPtrInput // (Optional) If set, indicates that the // token generated using this role should never expire. The token should be renewed within the // duration specified by this value. At each renewal, the token's TTL will be set to the // value of this field. Specified in seconds. TokenPeriod pulumi.IntPtrInput // (Optional) List of policies to encode onto generated tokens. Depending // on the auth method, this list may be supplemented by user/group/other values. TokenPolicies pulumi.StringArrayInput // (Optional) The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput // Extra configuration block. Structure is documented below. // // The `tune` block is used to tune the auth backend: Tune AuthBackendTunePtrInput }
func (AuthBackendState) ElementType ¶
func (AuthBackendState) ElementType() reflect.Type
type AuthBackendTune ¶
type AuthBackendTune struct { // List of headers to whitelist and allowing // a plugin to include them in the response. AllowedResponseHeaders []string `pulumi:"allowedResponseHeaders"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys []string `pulumi:"auditNonHmacRequestKeys"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys []string `pulumi:"auditNonHmacResponseKeys"` // Specifies the default time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) DefaultLeaseTtl *string `pulumi:"defaultLeaseTtl"` // Specifies whether to show this mount in // the UI-specific listing endpoint. Valid values are "unauth" or "hidden". ListingVisibility *string `pulumi:"listingVisibility"` // Specifies the maximum time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) MaxLeaseTtl *string `pulumi:"maxLeaseTtl"` // List of headers to whitelist and // pass from the request to the backend. PassthroughRequestHeaders []string `pulumi:"passthroughRequestHeaders"` // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType *string `pulumi:"tokenType"` }
type AuthBackendTuneArgs ¶
type AuthBackendTuneArgs struct { // List of headers to whitelist and allowing // a plugin to include them in the response. AllowedResponseHeaders pulumi.StringArrayInput `pulumi:"allowedResponseHeaders"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys pulumi.StringArrayInput `pulumi:"auditNonHmacRequestKeys"` // Specifies the list of keys that will // not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys pulumi.StringArrayInput `pulumi:"auditNonHmacResponseKeys"` // Specifies the default time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) DefaultLeaseTtl pulumi.StringPtrInput `pulumi:"defaultLeaseTtl"` // Specifies whether to show this mount in // the UI-specific listing endpoint. Valid values are "unauth" or "hidden". ListingVisibility pulumi.StringPtrInput `pulumi:"listingVisibility"` // Specifies the maximum time-to-live. // If set, this overrides the global default. // Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration) MaxLeaseTtl pulumi.StringPtrInput `pulumi:"maxLeaseTtl"` // List of headers to whitelist and // pass from the request to the backend. PassthroughRequestHeaders pulumi.StringArrayInput `pulumi:"passthroughRequestHeaders"` // Specifies the type of tokens that should be returned by // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput `pulumi:"tokenType"` }
func (AuthBackendTuneArgs) ElementType ¶
func (AuthBackendTuneArgs) ElementType() reflect.Type
func (AuthBackendTuneArgs) ToAuthBackendTuneOutput ¶
func (i AuthBackendTuneArgs) ToAuthBackendTuneOutput() AuthBackendTuneOutput
func (AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext ¶
func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
func (AuthBackendTuneArgs) ToAuthBackendTunePtrOutput ¶
func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
func (AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext ¶
func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
type AuthBackendTuneInput ¶
type AuthBackendTuneInput interface { pulumi.Input ToAuthBackendTuneOutput() AuthBackendTuneOutput ToAuthBackendTuneOutputWithContext(context.Context) AuthBackendTuneOutput }
AuthBackendTuneInput is an input type that accepts AuthBackendTuneArgs and AuthBackendTuneOutput values. You can construct a concrete instance of `AuthBackendTuneInput` via:
AuthBackendTuneArgs{...}
type AuthBackendTuneOutput ¶
type AuthBackendTuneOutput struct{ *pulumi.OutputState }
func (AuthBackendTuneOutput) AllowedResponseHeaders ¶
func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
List of headers to whitelist and allowing a plugin to include them in the response.
func (AuthBackendTuneOutput) AuditNonHmacRequestKeys ¶
func (o AuthBackendTuneOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
func (AuthBackendTuneOutput) AuditNonHmacResponseKeys ¶
func (o AuthBackendTuneOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
func (AuthBackendTuneOutput) DefaultLeaseTtl ¶
func (o AuthBackendTuneOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
Specifies the default time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTuneOutput) ElementType ¶
func (AuthBackendTuneOutput) ElementType() reflect.Type
func (AuthBackendTuneOutput) ListingVisibility ¶
func (o AuthBackendTuneOutput) ListingVisibility() pulumi.StringPtrOutput
Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
func (AuthBackendTuneOutput) MaxLeaseTtl ¶
func (o AuthBackendTuneOutput) MaxLeaseTtl() pulumi.StringPtrOutput
Specifies the maximum time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTuneOutput) PassthroughRequestHeaders ¶
func (o AuthBackendTuneOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
List of headers to whitelist and pass from the request to the backend.
func (AuthBackendTuneOutput) ToAuthBackendTuneOutput ¶
func (o AuthBackendTuneOutput) ToAuthBackendTuneOutput() AuthBackendTuneOutput
func (AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext ¶
func (o AuthBackendTuneOutput) ToAuthBackendTuneOutputWithContext(ctx context.Context) AuthBackendTuneOutput
func (AuthBackendTuneOutput) ToAuthBackendTunePtrOutput ¶
func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
func (AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext ¶
func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
func (AuthBackendTuneOutput) TokenType ¶
func (o AuthBackendTuneOutput) TokenType() pulumi.StringPtrOutput
Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch".
type AuthBackendTunePtrInput ¶
type AuthBackendTunePtrInput interface { pulumi.Input ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput ToAuthBackendTunePtrOutputWithContext(context.Context) AuthBackendTunePtrOutput }
AuthBackendTunePtrInput is an input type that accepts AuthBackendTuneArgs, AuthBackendTunePtr and AuthBackendTunePtrOutput values. You can construct a concrete instance of `AuthBackendTunePtrInput` via:
AuthBackendTuneArgs{...} or: nil
func AuthBackendTunePtr ¶
func AuthBackendTunePtr(v *AuthBackendTuneArgs) AuthBackendTunePtrInput
type AuthBackendTunePtrOutput ¶
type AuthBackendTunePtrOutput struct{ *pulumi.OutputState }
func (AuthBackendTunePtrOutput) AllowedResponseHeaders ¶
func (o AuthBackendTunePtrOutput) AllowedResponseHeaders() pulumi.StringArrayOutput
List of headers to whitelist and allowing a plugin to include them in the response.
func (AuthBackendTunePtrOutput) AuditNonHmacRequestKeys ¶
func (o AuthBackendTunePtrOutput) AuditNonHmacRequestKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
func (AuthBackendTunePtrOutput) AuditNonHmacResponseKeys ¶
func (o AuthBackendTunePtrOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
func (AuthBackendTunePtrOutput) DefaultLeaseTtl ¶
func (o AuthBackendTunePtrOutput) DefaultLeaseTtl() pulumi.StringPtrOutput
Specifies the default time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTunePtrOutput) Elem ¶
func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput
func (AuthBackendTunePtrOutput) ElementType ¶
func (AuthBackendTunePtrOutput) ElementType() reflect.Type
func (AuthBackendTunePtrOutput) ListingVisibility ¶
func (o AuthBackendTunePtrOutput) ListingVisibility() pulumi.StringPtrOutput
Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
func (AuthBackendTunePtrOutput) MaxLeaseTtl ¶
func (o AuthBackendTunePtrOutput) MaxLeaseTtl() pulumi.StringPtrOutput
Specifies the maximum time-to-live. If set, this overrides the global default. Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
func (AuthBackendTunePtrOutput) PassthroughRequestHeaders ¶
func (o AuthBackendTunePtrOutput) PassthroughRequestHeaders() pulumi.StringArrayOutput
List of headers to whitelist and pass from the request to the backend.
func (AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput ¶
func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput
func (AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext ¶
func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx context.Context) AuthBackendTunePtrOutput
func (AuthBackendTunePtrOutput) TokenType ¶
func (o AuthBackendTunePtrOutput) TokenType() pulumi.StringPtrOutput
Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch".
type Team ¶
type Team struct { pulumi.CustomResourceState // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrOutput `pulumi:"backend"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // An array of strings specifying the policies to be set on tokens // issued using this role. Policies pulumi.StringArrayOutput `pulumi:"policies"` // GitHub team name in "slugified" format. Team pulumi.StringOutput `pulumi:"team"` }
Manages policy mappings for Github Teams authenticated via Github. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/github" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{ Organization: pulumi.String("myorg"), }) if err != nil { return err } _, err = github.NewTeam(ctx, "tf_devs", &github.TeamArgs{ Backend: example.ID(), Team: pulumi.String("terraform-developers"), Policies: pulumi.StringArray{ pulumi.String("developer"), pulumi.String("read-only"), }, }) if err != nil { return err } return nil }) }
```
## Import
Github team mappings can be imported using the `path`, e.g.
```sh $ pulumi import vault:github/team:Team tf_devs auth/github/map/teams/terraform-developers ```
func GetTeam ¶
func GetTeam(ctx *pulumi.Context, name string, id pulumi.IDInput, state *TeamState, opts ...pulumi.ResourceOption) (*Team, error)
GetTeam gets an existing Team resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewTeam ¶
func NewTeam(ctx *pulumi.Context, name string, args *TeamArgs, opts ...pulumi.ResourceOption) (*Team, error)
NewTeam registers a new resource with the given unique name, arguments, and options.
func (*Team) ElementType ¶
func (*Team) ToTeamOutput ¶
func (i *Team) ToTeamOutput() TeamOutput
func (*Team) ToTeamOutputWithContext ¶
func (i *Team) ToTeamOutputWithContext(ctx context.Context) TeamOutput
type TeamArgs ¶
type TeamArgs struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens // issued using this role. Policies pulumi.StringArrayInput // GitHub team name in "slugified" format. Team pulumi.StringInput }
The set of arguments for constructing a Team resource.
func (TeamArgs) ElementType ¶
type TeamArray ¶
type TeamArray []TeamInput
func (TeamArray) ElementType ¶
func (TeamArray) ToTeamArrayOutput ¶
func (i TeamArray) ToTeamArrayOutput() TeamArrayOutput
func (TeamArray) ToTeamArrayOutputWithContext ¶
func (i TeamArray) ToTeamArrayOutputWithContext(ctx context.Context) TeamArrayOutput
type TeamArrayInput ¶
type TeamArrayInput interface { pulumi.Input ToTeamArrayOutput() TeamArrayOutput ToTeamArrayOutputWithContext(context.Context) TeamArrayOutput }
TeamArrayInput is an input type that accepts TeamArray and TeamArrayOutput values. You can construct a concrete instance of `TeamArrayInput` via:
TeamArray{ TeamArgs{...} }
type TeamArrayOutput ¶
type TeamArrayOutput struct{ *pulumi.OutputState }
func (TeamArrayOutput) ElementType ¶
func (TeamArrayOutput) ElementType() reflect.Type
func (TeamArrayOutput) Index ¶
func (o TeamArrayOutput) Index(i pulumi.IntInput) TeamOutput
func (TeamArrayOutput) ToTeamArrayOutput ¶
func (o TeamArrayOutput) ToTeamArrayOutput() TeamArrayOutput
func (TeamArrayOutput) ToTeamArrayOutputWithContext ¶
func (o TeamArrayOutput) ToTeamArrayOutputWithContext(ctx context.Context) TeamArrayOutput
type TeamInput ¶
type TeamInput interface { pulumi.Input ToTeamOutput() TeamOutput ToTeamOutputWithContext(ctx context.Context) TeamOutput }
type TeamMap ¶
func (TeamMap) ElementType ¶
func (TeamMap) ToTeamMapOutput ¶
func (i TeamMap) ToTeamMapOutput() TeamMapOutput
func (TeamMap) ToTeamMapOutputWithContext ¶
func (i TeamMap) ToTeamMapOutputWithContext(ctx context.Context) TeamMapOutput
type TeamMapInput ¶
type TeamMapInput interface { pulumi.Input ToTeamMapOutput() TeamMapOutput ToTeamMapOutputWithContext(context.Context) TeamMapOutput }
TeamMapInput is an input type that accepts TeamMap and TeamMapOutput values. You can construct a concrete instance of `TeamMapInput` via:
TeamMap{ "key": TeamArgs{...} }
type TeamMapOutput ¶
type TeamMapOutput struct{ *pulumi.OutputState }
func (TeamMapOutput) ElementType ¶
func (TeamMapOutput) ElementType() reflect.Type
func (TeamMapOutput) MapIndex ¶
func (o TeamMapOutput) MapIndex(k pulumi.StringInput) TeamOutput
func (TeamMapOutput) ToTeamMapOutput ¶
func (o TeamMapOutput) ToTeamMapOutput() TeamMapOutput
func (TeamMapOutput) ToTeamMapOutputWithContext ¶
func (o TeamMapOutput) ToTeamMapOutputWithContext(ctx context.Context) TeamMapOutput
type TeamOutput ¶
type TeamOutput struct{ *pulumi.OutputState }
func (TeamOutput) Backend ¶
func (o TeamOutput) Backend() pulumi.StringPtrOutput
Path where the github auth backend is mounted. Defaults to `github` if not specified.
func (TeamOutput) ElementType ¶
func (TeamOutput) ElementType() reflect.Type
func (TeamOutput) Namespace ¶
func (o TeamOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (TeamOutput) Policies ¶
func (o TeamOutput) Policies() pulumi.StringArrayOutput
An array of strings specifying the policies to be set on tokens issued using this role.
func (TeamOutput) Team ¶
func (o TeamOutput) Team() pulumi.StringOutput
GitHub team name in "slugified" format.
func (TeamOutput) ToTeamOutput ¶
func (o TeamOutput) ToTeamOutput() TeamOutput
func (TeamOutput) ToTeamOutputWithContext ¶
func (o TeamOutput) ToTeamOutputWithContext(ctx context.Context) TeamOutput
type TeamState ¶
type TeamState struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens // issued using this role. Policies pulumi.StringArrayInput // GitHub team name in "slugified" format. Team pulumi.StringPtrInput }
func (TeamState) ElementType ¶
type User ¶
type User struct { pulumi.CustomResourceState // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrOutput `pulumi:"backend"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // An array of strings specifying the policies to be set on tokens issued // using this role. Policies pulumi.StringArrayOutput `pulumi:"policies"` // GitHub user name. User pulumi.StringOutput `pulumi:"user"` }
Manages policy mappings for Github Users authenticated via Github. See the [Vault documentation](https://www.vaultproject.io/docs/auth/github/) for more information.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/github" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := github.NewAuthBackend(ctx, "example", &github.AuthBackendArgs{ Organization: pulumi.String("myorg"), }) if err != nil { return err } _, err = github.NewUser(ctx, "tf_user", &github.UserArgs{ Backend: example.ID(), User: pulumi.String("john.doe"), Policies: pulumi.StringArray{ pulumi.String("developer"), pulumi.String("read-only"), }, }) if err != nil { return err } return nil }) }
```
## Import
Github user mappings can be imported using the `path`, e.g.
```sh $ pulumi import vault:github/user:User tf_user auth/github/map/users/john.doe ```
func GetUser ¶
func GetUser(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserState, opts ...pulumi.ResourceOption) (*User, error)
GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUser ¶
func NewUser(ctx *pulumi.Context, name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error)
NewUser registers a new resource with the given unique name, arguments, and options.
func (*User) ElementType ¶
func (*User) ToUserOutput ¶
func (i *User) ToUserOutput() UserOutput
func (*User) ToUserOutputWithContext ¶
func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput
type UserArgs ¶
type UserArgs struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens issued // using this role. Policies pulumi.StringArrayInput // GitHub user name. User pulumi.StringInput }
The set of arguments for constructing a User resource.
func (UserArgs) ElementType ¶
type UserArray ¶
type UserArray []UserInput
func (UserArray) ElementType ¶
func (UserArray) ToUserArrayOutput ¶
func (i UserArray) ToUserArrayOutput() UserArrayOutput
func (UserArray) ToUserArrayOutputWithContext ¶
func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput
type UserArrayInput ¶
type UserArrayInput interface { pulumi.Input ToUserArrayOutput() UserArrayOutput ToUserArrayOutputWithContext(context.Context) UserArrayOutput }
UserArrayInput is an input type that accepts UserArray and UserArrayOutput values. You can construct a concrete instance of `UserArrayInput` via:
UserArray{ UserArgs{...} }
type UserArrayOutput ¶
type UserArrayOutput struct{ *pulumi.OutputState }
func (UserArrayOutput) ElementType ¶
func (UserArrayOutput) ElementType() reflect.Type
func (UserArrayOutput) Index ¶
func (o UserArrayOutput) Index(i pulumi.IntInput) UserOutput
func (UserArrayOutput) ToUserArrayOutput ¶
func (o UserArrayOutput) ToUserArrayOutput() UserArrayOutput
func (UserArrayOutput) ToUserArrayOutputWithContext ¶
func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput
type UserInput ¶
type UserInput interface { pulumi.Input ToUserOutput() UserOutput ToUserOutputWithContext(ctx context.Context) UserOutput }
type UserMap ¶
func (UserMap) ElementType ¶
func (UserMap) ToUserMapOutput ¶
func (i UserMap) ToUserMapOutput() UserMapOutput
func (UserMap) ToUserMapOutputWithContext ¶
func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput
type UserMapInput ¶
type UserMapInput interface { pulumi.Input ToUserMapOutput() UserMapOutput ToUserMapOutputWithContext(context.Context) UserMapOutput }
UserMapInput is an input type that accepts UserMap and UserMapOutput values. You can construct a concrete instance of `UserMapInput` via:
UserMap{ "key": UserArgs{...} }
type UserMapOutput ¶
type UserMapOutput struct{ *pulumi.OutputState }
func (UserMapOutput) ElementType ¶
func (UserMapOutput) ElementType() reflect.Type
func (UserMapOutput) MapIndex ¶
func (o UserMapOutput) MapIndex(k pulumi.StringInput) UserOutput
func (UserMapOutput) ToUserMapOutput ¶
func (o UserMapOutput) ToUserMapOutput() UserMapOutput
func (UserMapOutput) ToUserMapOutputWithContext ¶
func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput
type UserOutput ¶
type UserOutput struct{ *pulumi.OutputState }
func (UserOutput) Backend ¶
func (o UserOutput) Backend() pulumi.StringPtrOutput
Path where the github auth backend is mounted. Defaults to `github` if not specified.
func (UserOutput) ElementType ¶
func (UserOutput) ElementType() reflect.Type
func (UserOutput) Namespace ¶
func (o UserOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (UserOutput) Policies ¶
func (o UserOutput) Policies() pulumi.StringArrayOutput
An array of strings specifying the policies to be set on tokens issued using this role.
func (UserOutput) ToUserOutput ¶
func (o UserOutput) ToUserOutput() UserOutput
func (UserOutput) ToUserOutputWithContext ¶
func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput
type UserState ¶
type UserState struct { // Path where the github auth backend is mounted. Defaults to `github` // if not specified. Backend pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // An array of strings specifying the policies to be set on tokens issued // using this role. Policies pulumi.StringArrayInput // GitHub user name. User pulumi.StringPtrInput }