generic

package
v6.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 16, 2025 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Endpoint 

type Endpoint struct {
	pulumi.CustomResourceState

	// String containing a JSON-encoded object that will be
	// written to the given path as the secret data.
	DataJson pulumi.StringOutput `pulumi:"dataJson"`
	// - (Optional) True/false. Set this to true if your
	//   vault authentication is not able to delete the data or if the endpoint
	//   does not support the `DELETE` method. Defaults to false.
	DisableDelete pulumi.BoolPtrOutput `pulumi:"disableDelete"`
	// True/false. Set this to true if your vault
	// authentication is not able to read the data or if the endpoint does
	// not support the `GET` method. Setting this to `true` will break drift
	// detection. You should set this to `true` for endpoints that are
	// write-only. Defaults to false.
	DisableRead pulumi.BoolPtrOutput `pulumi:"disableRead"`
	// - (Optional) True/false. If set to true,
	//   ignore any fields present when the endpoint is read but that were not
	//   in `dataJson`. Also, if a field that was written is not returned when
	//   the endpoint is read, treat that field as being up to date. You should
	//   set this to `true` when writing to endpoint that, when read, returns a
	//   different set of fields from the ones you wrote, as is common with
	//   many configuration endpoints. Defaults to false.
	IgnoreAbsentFields pulumi.BoolPtrOutput `pulumi:"ignoreAbsentFields"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The full logical path at which to write the given
	// data. Consult each backend's documentation to see which endpoints
	// support the `PUT` methods and to determine whether they also support
	// `DELETE` and `GET`.
	Path pulumi.StringOutput `pulumi:"path"`
	// - A map whose keys are the top-level data keys
	//   returned from Vault by the write operation and whose values are the
	//   corresponding values. This map can only represent string data, so
	//   any non-string values returned from Vault are serialized as JSON.
	//   Only fields set in `writeFields` are present in the JSON data.
	WriteData pulumi.StringMapOutput `pulumi:"writeData"`
	// - The JSON data returned by the write operation.
	//   Only fields set in `writeFields` are present in the JSON data.
	WriteDataJson pulumi.StringOutput `pulumi:"writeDataJson"`
	// - (Optional). A list of fields that should be returned
	//   in `writeDataJson` and `writeData`. If omitted, data returned by
	//   the write operation is not available to the resource or included in
	//   state. This helps to avoid accidental storage of sensitive values in
	//   state. Some endpoints, such as many dynamic secrets endpoints, return
	//   data from writing to an endpoint rather than reading it. You should
	//   use `writeFields` if you need information returned in this way.
	WriteFields pulumi.StringArrayOutput `pulumi:"writeFields"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		userpass, err := vault.NewAuthBackend(ctx, "userpass", &vault.AuthBackendArgs{
			Type: pulumi.String("userpass"),
		})
		if err != nil {
			return err
		}
		u1, err := generic.NewEndpoint(ctx, "u1", &generic.EndpointArgs{
			Path:               pulumi.String("auth/userpass/users/u1"),
			IgnoreAbsentFields: pulumi.Bool(true),
			DataJson:           pulumi.String("{\n  \"policies\": [\"p1\"],\n  \"password\": \"changeme\"\n}\n"),
		}, pulumi.DependsOn([]pulumi.Resource{
			userpass,
		}))
		if err != nil {
			return err
		}
		u1Token, err := generic.NewEndpoint(ctx, "u1_token", &generic.EndpointArgs{
			Path:          pulumi.String("auth/userpass/login/u1"),
			DisableRead:   pulumi.Bool(true),
			DisableDelete: pulumi.Bool(true),
			DataJson:      pulumi.String("{\n  \"password\": \"changeme\"\n}\n"),
		}, pulumi.DependsOn([]pulumi.Resource{
			u1,
		}))
		if err != nil {
			return err
		}
		u1Entity, err := generic.NewEndpoint(ctx, "u1_entity", &generic.EndpointArgs{
			DisableRead:        pulumi.Bool(true),
			DisableDelete:      pulumi.Bool(true),
			Path:               pulumi.String("identity/lookup/entity"),
			IgnoreAbsentFields: pulumi.Bool(true),
			WriteFields: pulumi.StringArray{
				pulumi.String("id"),
			},
			DataJson: pulumi.String("{\n  \"alias_name\": \"u1\",\n  \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n}\n"),
		}, pulumi.DependsOn([]pulumi.Resource{
			u1Token,
		}))
		if err != nil {
			return err
		}
		ctx.Export("u1Id", u1Entity.WriteData.ApplyT(func(writeData map[string]string) (string, error) {
			return writeData.Id, nil
		}).(pulumi.StringOutput))
		return nil
	})
}

```

## Required Vault Capabilities

Use of this resource requires the `create` or `update` capability (depending on whether the resource already exists) on the given path. If `disableDelete` is false, the `delete` capability is also required. If `disableRead` is false, the `read` capability is required.

## Import

Import is not supported for this resource.

func GetEndpoint 

func GetEndpoint(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EndpointState, opts ...pulumi.ResourceOption) (*Endpoint, error)

GetEndpoint gets an existing Endpoint resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEndpoint 

func NewEndpoint(ctx *pulumi.Context,
	name string, args *EndpointArgs, opts ...pulumi.ResourceOption) (*Endpoint, error)

NewEndpoint registers a new resource with the given unique name, arguments, and options.

func (*Endpoint) ElementType 

func (*Endpoint) ElementType() reflect.Type

func (*Endpoint) ToEndpointOutput 

func (i *Endpoint) ToEndpointOutput() EndpointOutput

func (*Endpoint) ToEndpointOutputWithContext 

func (i *Endpoint) ToEndpointOutputWithContext(ctx context.Context) EndpointOutput

type EndpointArgs 

type EndpointArgs struct {
	// String containing a JSON-encoded object that will be
	// written to the given path as the secret data.
	DataJson pulumi.StringInput
	// - (Optional) True/false. Set this to true if your
	//   vault authentication is not able to delete the data or if the endpoint
	//   does not support the `DELETE` method. Defaults to false.
	DisableDelete pulumi.BoolPtrInput
	// True/false. Set this to true if your vault
	// authentication is not able to read the data or if the endpoint does
	// not support the `GET` method. Setting this to `true` will break drift
	// detection. You should set this to `true` for endpoints that are
	// write-only. Defaults to false.
	DisableRead pulumi.BoolPtrInput
	// - (Optional) True/false. If set to true,
	//   ignore any fields present when the endpoint is read but that were not
	//   in `dataJson`. Also, if a field that was written is not returned when
	//   the endpoint is read, treat that field as being up to date. You should
	//   set this to `true` when writing to endpoint that, when read, returns a
	//   different set of fields from the ones you wrote, as is common with
	//   many configuration endpoints. Defaults to false.
	IgnoreAbsentFields pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The full logical path at which to write the given
	// data. Consult each backend's documentation to see which endpoints
	// support the `PUT` methods and to determine whether they also support
	// `DELETE` and `GET`.
	Path pulumi.StringInput
	// - (Optional). A list of fields that should be returned
	//   in `writeDataJson` and `writeData`. If omitted, data returned by
	//   the write operation is not available to the resource or included in
	//   state. This helps to avoid accidental storage of sensitive values in
	//   state. Some endpoints, such as many dynamic secrets endpoints, return
	//   data from writing to an endpoint rather than reading it. You should
	//   use `writeFields` if you need information returned in this way.
	WriteFields pulumi.StringArrayInput
}

The set of arguments for constructing a Endpoint resource.

func (EndpointArgs) ElementType 

func (EndpointArgs) ElementType() reflect.Type

type EndpointArray 

type EndpointArray []EndpointInput

func (EndpointArray) ElementType 

func (EndpointArray) ElementType() reflect.Type

func (EndpointArray) ToEndpointArrayOutput 

func (i EndpointArray) ToEndpointArrayOutput() EndpointArrayOutput

func (EndpointArray) ToEndpointArrayOutputWithContext 

func (i EndpointArray) ToEndpointArrayOutputWithContext(ctx context.Context) EndpointArrayOutput

type EndpointArrayInput 

type EndpointArrayInput interface {
	pulumi.Input

	ToEndpointArrayOutput() EndpointArrayOutput
	ToEndpointArrayOutputWithContext(context.Context) EndpointArrayOutput
}

EndpointArrayInput is an input type that accepts EndpointArray and EndpointArrayOutput values. You can construct a concrete instance of `EndpointArrayInput` via: 

EndpointArray{ EndpointArgs{...} }

type EndpointArrayOutput 

type EndpointArrayOutput struct{ *pulumi.OutputState }

func (EndpointArrayOutput) ElementType 

func (EndpointArrayOutput) ElementType() reflect.Type

func (EndpointArrayOutput) Index 

func (o EndpointArrayOutput) Index(i pulumi.IntInput) EndpointOutput

func (EndpointArrayOutput) ToEndpointArrayOutput 

func (o EndpointArrayOutput) ToEndpointArrayOutput() EndpointArrayOutput

func (EndpointArrayOutput) ToEndpointArrayOutputWithContext 

func (o EndpointArrayOutput) ToEndpointArrayOutputWithContext(ctx context.Context) EndpointArrayOutput

type EndpointInput 

type EndpointInput interface {
	pulumi.Input

	ToEndpointOutput() EndpointOutput
	ToEndpointOutputWithContext(ctx context.Context) EndpointOutput
}

type EndpointMap 

type EndpointMap map[string]EndpointInput

func (EndpointMap) ElementType 

func (EndpointMap) ElementType() reflect.Type

func (EndpointMap) ToEndpointMapOutput 

func (i EndpointMap) ToEndpointMapOutput() EndpointMapOutput

func (EndpointMap) ToEndpointMapOutputWithContext 

func (i EndpointMap) ToEndpointMapOutputWithContext(ctx context.Context) EndpointMapOutput

type EndpointMapInput 

type EndpointMapInput interface {
	pulumi.Input

	ToEndpointMapOutput() EndpointMapOutput
	ToEndpointMapOutputWithContext(context.Context) EndpointMapOutput
}

EndpointMapInput is an input type that accepts EndpointMap and EndpointMapOutput values. You can construct a concrete instance of `EndpointMapInput` via: 

EndpointMap{ "key": EndpointArgs{...} }

type EndpointMapOutput 

type EndpointMapOutput struct{ *pulumi.OutputState }

func (EndpointMapOutput) ElementType 

func (EndpointMapOutput) ElementType() reflect.Type

func (EndpointMapOutput) MapIndex 

func (o EndpointMapOutput) MapIndex(k pulumi.StringInput) EndpointOutput

func (EndpointMapOutput) ToEndpointMapOutput 

func (o EndpointMapOutput) ToEndpointMapOutput() EndpointMapOutput

func (EndpointMapOutput) ToEndpointMapOutputWithContext 

func (o EndpointMapOutput) ToEndpointMapOutputWithContext(ctx context.Context) EndpointMapOutput

type EndpointOutput 

type EndpointOutput struct{ *pulumi.OutputState }

func (EndpointOutput) DataJson 

func (o EndpointOutput) DataJson() pulumi.StringOutput

String containing a JSON-encoded object that will be written to the given path as the secret data.

func (EndpointOutput) DisableDelete 

func (o EndpointOutput) DisableDelete() pulumi.BoolPtrOutput
  • (Optional) True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false.

func (EndpointOutput) DisableRead 

func (o EndpointOutput) DisableRead() pulumi.BoolPtrOutput

True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false.

func (EndpointOutput) ElementType 

func (EndpointOutput) ElementType() reflect.Type

func (EndpointOutput) IgnoreAbsentFields 

func (o EndpointOutput) IgnoreAbsentFields() pulumi.BoolPtrOutput
  • (Optional) True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `dataJson`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should set this to `true` when writing to endpoint that, when read, returns a different set of fields from the ones you wrote, as is common with many configuration endpoints. Defaults to false.

func (EndpointOutput) Namespace 

func (o EndpointOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (EndpointOutput) Path 

func (o EndpointOutput) Path() pulumi.StringOutput

The full logical path at which to write the given data. Consult each backend's documentation to see which endpoints support the `PUT` methods and to determine whether they also support `DELETE` and `GET`.

func (EndpointOutput) ToEndpointOutput 

func (o EndpointOutput) ToEndpointOutput() EndpointOutput

func (EndpointOutput) ToEndpointOutputWithContext 

func (o EndpointOutput) ToEndpointOutputWithContext(ctx context.Context) EndpointOutput

func (EndpointOutput) WriteData 

func (o EndpointOutput) WriteData() pulumi.StringMapOutput
  • A map whose keys are the top-level data keys returned from Vault by the write operation and whose values are the corresponding values. This map can only represent string data, so any non-string values returned from Vault are serialized as JSON. Only fields set in `writeFields` are present in the JSON data.

func (EndpointOutput) WriteDataJson 

func (o EndpointOutput) WriteDataJson() pulumi.StringOutput
  • The JSON data returned by the write operation. Only fields set in `writeFields` are present in the JSON data.

func (EndpointOutput) WriteFields 

func (o EndpointOutput) WriteFields() pulumi.StringArrayOutput
  • (Optional). A list of fields that should be returned in `writeDataJson` and `writeData`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in state. Some endpoints, such as many dynamic secrets endpoints, return data from writing to an endpoint rather than reading it. You should use `writeFields` if you need information returned in this way.

type EndpointState 

type EndpointState struct {
	// String containing a JSON-encoded object that will be
	// written to the given path as the secret data.
	DataJson pulumi.StringPtrInput
	// - (Optional) True/false. Set this to true if your
	//   vault authentication is not able to delete the data or if the endpoint
	//   does not support the `DELETE` method. Defaults to false.
	DisableDelete pulumi.BoolPtrInput
	// True/false. Set this to true if your vault
	// authentication is not able to read the data or if the endpoint does
	// not support the `GET` method. Setting this to `true` will break drift
	// detection. You should set this to `true` for endpoints that are
	// write-only. Defaults to false.
	DisableRead pulumi.BoolPtrInput
	// - (Optional) True/false. If set to true,
	//   ignore any fields present when the endpoint is read but that were not
	//   in `dataJson`. Also, if a field that was written is not returned when
	//   the endpoint is read, treat that field as being up to date. You should
	//   set this to `true` when writing to endpoint that, when read, returns a
	//   different set of fields from the ones you wrote, as is common with
	//   many configuration endpoints. Defaults to false.
	IgnoreAbsentFields pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The full logical path at which to write the given
	// data. Consult each backend's documentation to see which endpoints
	// support the `PUT` methods and to determine whether they also support
	// `DELETE` and `GET`.
	Path pulumi.StringPtrInput
	// - A map whose keys are the top-level data keys
	//   returned from Vault by the write operation and whose values are the
	//   corresponding values. This map can only represent string data, so
	//   any non-string values returned from Vault are serialized as JSON.
	//   Only fields set in `writeFields` are present in the JSON data.
	WriteData pulumi.StringMapInput
	// - The JSON data returned by the write operation.
	//   Only fields set in `writeFields` are present in the JSON data.
	WriteDataJson pulumi.StringPtrInput
	// - (Optional). A list of fields that should be returned
	//   in `writeDataJson` and `writeData`. If omitted, data returned by
	//   the write operation is not available to the resource or included in
	//   state. This helps to avoid accidental storage of sensitive values in
	//   state. Some endpoints, such as many dynamic secrets endpoints, return
	//   data from writing to an endpoint rather than reading it. You should
	//   use `writeFields` if you need information returned in this way.
	WriteFields pulumi.StringArrayInput
}

func (EndpointState) ElementType 

func (EndpointState) ElementType() reflect.Type

type LookupSecretArgs 

type LookupSecretArgs struct {
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
	// The full logical path from which to request data.
	// To read data from the "generic" secret backend mounted in Vault by
	// default, this should be prefixed with `secret/`. Reading from other backends
	// with this data source is possible; consult each backend's documentation
	// to see which endpoints support the `GET` method.
	Path string `pulumi:"path"`
	// The version of the secret to read. This is used by the
	// Vault KV secrets engine - version 2 to indicate which version of the secret
	// to read.
	Version *int `pulumi:"version"`
	// If set to true, stores `leaseStartTime` in the TF state.
	// Note that storing the `leaseStartTime` in the TF state will cause a persistent drift
	// on every `pulumi preview` and will require a `pulumi up`.
	WithLeaseStartTime *bool `pulumi:"withLeaseStartTime"`
}

A collection of arguments for invoking getSecret.

type LookupSecretOutputArgs 

type LookupSecretOutputArgs struct {
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
	// The full logical path from which to request data.
	// To read data from the "generic" secret backend mounted in Vault by
	// default, this should be prefixed with `secret/`. Reading from other backends
	// with this data source is possible; consult each backend's documentation
	// to see which endpoints support the `GET` method.
	Path pulumi.StringInput `pulumi:"path"`
	// The version of the secret to read. This is used by the
	// Vault KV secrets engine - version 2 to indicate which version of the secret
	// to read.
	Version pulumi.IntPtrInput `pulumi:"version"`
	// If set to true, stores `leaseStartTime` in the TF state.
	// Note that storing the `leaseStartTime` in the TF state will cause a persistent drift
	// on every `pulumi preview` and will require a `pulumi up`.
	WithLeaseStartTime pulumi.BoolPtrInput `pulumi:"withLeaseStartTime"`
}

A collection of arguments for invoking getSecret.

func (LookupSecretOutputArgs) ElementType 

func (LookupSecretOutputArgs) ElementType() reflect.Type

type LookupSecretResult 

type LookupSecretResult struct {
	// A mapping whose keys are the top-level data keys returned from
	// Vault and whose values are the corresponding values. This map can only
	// represent string data, so any non-string values returned from Vault are
	// serialized as JSON.
	Data map[string]string `pulumi:"data"`
	// A string containing the full data payload retrieved from
	// Vault, serialized in JSON format.
	DataJson string `pulumi:"dataJson"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The duration of the secret lease, in seconds relative
	// to the time the data was requested. Once this time has passed any plan
	// generated with this data may fail to apply.
	LeaseDuration int `pulumi:"leaseDuration"`
	// The lease identifier assigned by Vault, if any.
	LeaseId            string  `pulumi:"leaseId"`
	LeaseRenewable     bool    `pulumi:"leaseRenewable"`
	LeaseStartTime     string  `pulumi:"leaseStartTime"`
	Namespace          *string `pulumi:"namespace"`
	Path               string  `pulumi:"path"`
	Version            *int    `pulumi:"version"`
	WithLeaseStartTime *bool   `pulumi:"withLeaseStartTime"`
}

A collection of values returned by getSecret.

func LookupSecret 

func LookupSecret(ctx *pulumi.Context, args *LookupSecretArgs, opts ...pulumi.InvokeOption) (*LookupSecretResult, error)

## Example Usage

### Generic secret

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := generic.LookupSecret(ctx, &generic.LookupSecretArgs{
			Path: "secret/rundeck_auth",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

### KV

For this example, consider `example` as a path for a KV engine.

```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func notImplemented(message string) pulumi.AnyOutput {
	panic(message)
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := generic.LookupSecret(ctx, &generic.LookupSecretArgs{
			Path: "example/creds",
		}, nil)
		if err != nil {
			return err
		}
		_ = notImplemented("The template_file data resource is not yet supported.")
		return nil
	})
}

```

## Required Vault Capabilities

Use of this resource requires the `read` capability on the given path.

type LookupSecretResultOutput 

type LookupSecretResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecret.

func LookupSecretOutput 

func LookupSecretOutput(ctx *pulumi.Context, args LookupSecretOutputArgs, opts ...pulumi.InvokeOption) LookupSecretResultOutput

func (LookupSecretResultOutput) Data 

func (o LookupSecretResultOutput) Data() pulumi.StringMapOutput

A mapping whose keys are the top-level data keys returned from Vault and whose values are the corresponding values. This map can only represent string data, so any non-string values returned from Vault are serialized as JSON.

func (LookupSecretResultOutput) DataJson 

func (o LookupSecretResultOutput) DataJson() pulumi.StringOutput

A string containing the full data payload retrieved from Vault, serialized in JSON format.

func (LookupSecretResultOutput) ElementType 

func (LookupSecretResultOutput) ElementType() reflect.Type

func (LookupSecretResultOutput) Id 

func (o LookupSecretResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupSecretResultOutput) LeaseDuration 

func (o LookupSecretResultOutput) LeaseDuration() pulumi.IntOutput

The duration of the secret lease, in seconds relative to the time the data was requested. Once this time has passed any plan generated with this data may fail to apply.

func (LookupSecretResultOutput) LeaseId 

func (o LookupSecretResultOutput) LeaseId() pulumi.StringOutput

The lease identifier assigned by Vault, if any.

func (LookupSecretResultOutput) LeaseRenewable 

func (o LookupSecretResultOutput) LeaseRenewable() pulumi.BoolOutput

func (LookupSecretResultOutput) LeaseStartTime 

func (o LookupSecretResultOutput) LeaseStartTime() pulumi.StringOutput

func (LookupSecretResultOutput) Namespace 

func (o LookupSecretResultOutput) Namespace() pulumi.StringPtrOutput

func (LookupSecretResultOutput) Path 

func (o LookupSecretResultOutput) Path() pulumi.StringOutput

func (LookupSecretResultOutput) ToLookupSecretResultOutput 

func (o LookupSecretResultOutput) ToLookupSecretResultOutput() LookupSecretResultOutput

func (LookupSecretResultOutput) ToLookupSecretResultOutputWithContext 

func (o LookupSecretResultOutput) ToLookupSecretResultOutputWithContext(ctx context.Context) LookupSecretResultOutput

func (LookupSecretResultOutput) Version 

func (o LookupSecretResultOutput) Version() pulumi.IntPtrOutput

func (LookupSecretResultOutput) WithLeaseStartTime 

func (o LookupSecretResultOutput) WithLeaseStartTime() pulumi.BoolPtrOutput

type Secret 

type Secret struct {
	pulumi.CustomResourceState

	// A mapping whose keys are the top-level data keys returned from
	// Vault and whose values are the corresponding values. This map can only
	// represent string data, so any non-string values returned from Vault are
	// serialized as JSON.
	Data pulumi.StringMapOutput `pulumi:"data"`
	// String containing a JSON-encoded object that will be
	// written as the secret data at the given path.
	DataJson pulumi.StringOutput `pulumi:"dataJson"`
	// true/false.  Only applicable for kv-v2 stores.
	// If set to `true`, permanently deletes all versions for
	// the specified key. The default behavior is to only delete the latest version of the
	// secret.
	DeleteAllVersions pulumi.BoolPtrOutput `pulumi:"deleteAllVersions"`
	// true/false. Set this to true if your vault
	// authentication is not able to read the data. Setting this to `true` will
	// break drift detection. Defaults to false.
	DisableRead pulumi.BoolPtrOutput `pulumi:"disableRead"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The full logical path at which to write the given data.
	// To write data into the "generic" secret backend mounted in Vault by default,
	// this should be prefixed with `secret/`. Writing to other backends with this
	// resource is possible; consult each backend's documentation to see which
	// endpoints support the `PUT` and `DELETE` methods.
	Path pulumi.StringOutput `pulumi:"path"`
}

## Import

Generic secrets can be imported using the `path`, e.g.

```sh $ pulumi import vault:generic/secret:Secret example secret/foo ```

func GetSecret 

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretState, opts ...pulumi.ResourceOption) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret 

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOption) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

func (*Secret) ElementType 

func (*Secret) ElementType() reflect.Type

func (*Secret) ToSecretOutput 

func (i *Secret) ToSecretOutput() SecretOutput

func (*Secret) ToSecretOutputWithContext 

func (i *Secret) ToSecretOutputWithContext(ctx context.Context) SecretOutput

type SecretArgs 

type SecretArgs struct {
	// String containing a JSON-encoded object that will be
	// written as the secret data at the given path.
	DataJson pulumi.StringInput
	// true/false.  Only applicable for kv-v2 stores.
	// If set to `true`, permanently deletes all versions for
	// the specified key. The default behavior is to only delete the latest version of the
	// secret.
	DeleteAllVersions pulumi.BoolPtrInput
	// true/false. Set this to true if your vault
	// authentication is not able to read the data. Setting this to `true` will
	// break drift detection. Defaults to false.
	DisableRead pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The full logical path at which to write the given data.
	// To write data into the "generic" secret backend mounted in Vault by default,
	// this should be prefixed with `secret/`. Writing to other backends with this
	// resource is possible; consult each backend's documentation to see which
	// endpoints support the `PUT` and `DELETE` methods.
	Path pulumi.StringInput
}

The set of arguments for constructing a Secret resource.

func (SecretArgs) ElementType 

func (SecretArgs) ElementType() reflect.Type

type SecretArray 

type SecretArray []SecretInput

func (SecretArray) ElementType 

func (SecretArray) ElementType() reflect.Type

func (SecretArray) ToSecretArrayOutput 

func (i SecretArray) ToSecretArrayOutput() SecretArrayOutput

func (SecretArray) ToSecretArrayOutputWithContext 

func (i SecretArray) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretArrayInput 

type SecretArrayInput interface {
	pulumi.Input

	ToSecretArrayOutput() SecretArrayOutput
	ToSecretArrayOutputWithContext(context.Context) SecretArrayOutput
}

SecretArrayInput is an input type that accepts SecretArray and SecretArrayOutput values. You can construct a concrete instance of `SecretArrayInput` via: 

SecretArray{ SecretArgs{...} }

type SecretArrayOutput 

type SecretArrayOutput struct{ *pulumi.OutputState }

func (SecretArrayOutput) ElementType 

func (SecretArrayOutput) ElementType() reflect.Type

func (SecretArrayOutput) Index 

func (o SecretArrayOutput) Index(i pulumi.IntInput) SecretOutput

func (SecretArrayOutput) ToSecretArrayOutput 

func (o SecretArrayOutput) ToSecretArrayOutput() SecretArrayOutput

func (SecretArrayOutput) ToSecretArrayOutputWithContext 

func (o SecretArrayOutput) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretInput 

type SecretInput interface {
	pulumi.Input

	ToSecretOutput() SecretOutput
	ToSecretOutputWithContext(ctx context.Context) SecretOutput
}

type SecretMap 

type SecretMap map[string]SecretInput

func (SecretMap) ElementType 

func (SecretMap) ElementType() reflect.Type

func (SecretMap) ToSecretMapOutput 

func (i SecretMap) ToSecretMapOutput() SecretMapOutput

func (SecretMap) ToSecretMapOutputWithContext 

func (i SecretMap) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretMapInput 

type SecretMapInput interface {
	pulumi.Input

	ToSecretMapOutput() SecretMapOutput
	ToSecretMapOutputWithContext(context.Context) SecretMapOutput
}

SecretMapInput is an input type that accepts SecretMap and SecretMapOutput values. You can construct a concrete instance of `SecretMapInput` via: 

SecretMap{ "key": SecretArgs{...} }

type SecretMapOutput 

type SecretMapOutput struct{ *pulumi.OutputState }

func (SecretMapOutput) ElementType 

func (SecretMapOutput) ElementType() reflect.Type

func (SecretMapOutput) MapIndex 

func (o SecretMapOutput) MapIndex(k pulumi.StringInput) SecretOutput

func (SecretMapOutput) ToSecretMapOutput 

func (o SecretMapOutput) ToSecretMapOutput() SecretMapOutput

func (SecretMapOutput) ToSecretMapOutputWithContext 

func (o SecretMapOutput) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretOutput 

type SecretOutput struct{ *pulumi.OutputState }

func (SecretOutput) Data 

func (o SecretOutput) Data() pulumi.StringMapOutput

A mapping whose keys are the top-level data keys returned from Vault and whose values are the corresponding values. This map can only represent string data, so any non-string values returned from Vault are serialized as JSON.

func (SecretOutput) DataJson 

func (o SecretOutput) DataJson() pulumi.StringOutput

String containing a JSON-encoded object that will be written as the secret data at the given path.

func (SecretOutput) DeleteAllVersions 

func (o SecretOutput) DeleteAllVersions() pulumi.BoolPtrOutput

true/false. Only applicable for kv-v2 stores. If set to `true`, permanently deletes all versions for the specified key. The default behavior is to only delete the latest version of the secret.

func (SecretOutput) DisableRead 

func (o SecretOutput) DisableRead() pulumi.BoolPtrOutput

true/false. Set this to true if your vault authentication is not able to read the data. Setting this to `true` will break drift detection. Defaults to false.

func (SecretOutput) ElementType 

func (SecretOutput) ElementType() reflect.Type

func (SecretOutput) Namespace 

func (o SecretOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretOutput) Path 

func (o SecretOutput) Path() pulumi.StringOutput

The full logical path at which to write the given data. To write data into the "generic" secret backend mounted in Vault by default, this should be prefixed with `secret/`. Writing to other backends with this resource is possible; consult each backend's documentation to see which endpoints support the `PUT` and `DELETE` methods.

func (SecretOutput) ToSecretOutput 

func (o SecretOutput) ToSecretOutput() SecretOutput

func (SecretOutput) ToSecretOutputWithContext 

func (o SecretOutput) ToSecretOutputWithContext(ctx context.Context) SecretOutput

type SecretState 

type SecretState struct {
	// A mapping whose keys are the top-level data keys returned from
	// Vault and whose values are the corresponding values. This map can only
	// represent string data, so any non-string values returned from Vault are
	// serialized as JSON.
	Data pulumi.StringMapInput
	// String containing a JSON-encoded object that will be
	// written as the secret data at the given path.
	DataJson pulumi.StringPtrInput
	// true/false.  Only applicable for kv-v2 stores.
	// If set to `true`, permanently deletes all versions for
	// the specified key. The default behavior is to only delete the latest version of the
	// secret.
	DeleteAllVersions pulumi.BoolPtrInput
	// true/false. Set this to true if your vault
	// authentication is not able to read the data. Setting this to `true` will
	// break drift detection. Defaults to false.
	DisableRead pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The full logical path at which to write the given data.
	// To write data into the "generic" secret backend mounted in Vault by default,
	// this should be prefixed with `secret/`. Writing to other backends with this
	// resource is possible; consult each backend's documentation to see which
	// endpoints support the `PUT` and `DELETE` methods.
	Path pulumi.StringPtrInput
}

func (SecretState) ElementType 

func (SecretState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.