com.pulumi.vault.gcp.inputs.SecretBackendState Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of vault Show documentation
Show all versions of vault Show documentation
A Pulumi package for creating and managing HashiCorp Vault cloud resources.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.vault.gcp.inputs;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
public final class SecretBackendState extends com.pulumi.resources.ResourceArgs {
public static final SecretBackendState Empty = new SecretBackendState();
/**
* The accessor of the created GCP mount.
*
*/
@Import(name="accessor")
private @Nullable Output accessor;
/**
* @return The accessor of the created GCP mount.
*
*/
public Optional> accessor() {
return Optional.ofNullable(this.accessor);
}
/**
* JSON-encoded credentials to use to connect to GCP
*
*/
@Import(name="credentials")
private @Nullable Output credentials;
/**
* @return JSON-encoded credentials to use to connect to GCP
*
*/
public Optional> credentials() {
return Optional.ofNullable(this.credentials);
}
/**
* The default TTL for credentials
* issued by this backend. Defaults to '0'.
*
*/
@Import(name="defaultLeaseTtlSeconds")
private @Nullable Output defaultLeaseTtlSeconds;
/**
* @return The default TTL for credentials
* issued by this backend. Defaults to '0'.
*
*/
public Optional> defaultLeaseTtlSeconds() {
return Optional.ofNullable(this.defaultLeaseTtlSeconds);
}
/**
* A human-friendly description for this backend.
*
*/
@Import(name="description")
private @Nullable Output description;
/**
* @return A human-friendly description for this backend.
*
*/
public Optional> description() {
return Optional.ofNullable(this.description);
}
/**
* If set, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*
*/
@Import(name="disableRemount")
private @Nullable Output disableRemount;
/**
* @return If set, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*
*/
public Optional> disableRemount() {
return Optional.ofNullable(this.disableRemount);
}
/**
* The audience claim value for plugin identity
* tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
* Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
*/
@Import(name="identityTokenAudience")
private @Nullable Output identityTokenAudience;
/**
* @return The audience claim value for plugin identity
* tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
* Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
*/
public Optional> identityTokenAudience() {
return Optional.ofNullable(this.identityTokenAudience);
}
/**
* The key to use for signing plugin identity
* tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
*/
@Import(name="identityTokenKey")
private @Nullable Output identityTokenKey;
/**
* @return The key to use for signing plugin identity
* tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
*/
public Optional> identityTokenKey() {
return Optional.ofNullable(this.identityTokenKey);
}
/**
* The TTL of generated tokens.
*
*/
@Import(name="identityTokenTtl")
private @Nullable Output identityTokenTtl;
/**
* @return The TTL of generated tokens.
*
*/
public Optional> identityTokenTtl() {
return Optional.ofNullable(this.identityTokenTtl);
}
/**
* Boolean flag that can be explicitly set to true to enforce local mount in HA environment
*
*/
@Import(name="local")
private @Nullable Output local;
/**
* @return Boolean flag that can be explicitly set to true to enforce local mount in HA environment
*
*/
public Optional> local() {
return Optional.ofNullable(this.local);
}
/**
* The maximum TTL that can be requested
* for credentials issued by this backend. Defaults to '0'.
*
*/
@Import(name="maxLeaseTtlSeconds")
private @Nullable Output maxLeaseTtlSeconds;
/**
* @return The maximum TTL that can be requested
* for credentials issued by this backend. Defaults to '0'.
*
*/
public Optional> maxLeaseTtlSeconds() {
return Optional.ofNullable(this.maxLeaseTtlSeconds);
}
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*
*/
@Import(name="namespace")
private @Nullable Output namespace;
/**
* @return The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*
*/
public Optional> namespace() {
return Optional.ofNullable(this.namespace);
}
/**
* The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `gcp`.
*
*/
@Import(name="path")
private @Nullable Output path;
/**
* @return The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `gcp`.
*
*/
public Optional> path() {
return Optional.ofNullable(this.path);
}
/**
* Service Account to impersonate for plugin workload identity federation.
* Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
*/
@Import(name="serviceAccountEmail")
private @Nullable Output serviceAccountEmail;
/**
* @return Service Account to impersonate for plugin workload identity federation.
* Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
*/
public Optional> serviceAccountEmail() {
return Optional.ofNullable(this.serviceAccountEmail);
}
private SecretBackendState() {}
private SecretBackendState(SecretBackendState $) {
this.accessor = $.accessor;
this.credentials = $.credentials;
this.defaultLeaseTtlSeconds = $.defaultLeaseTtlSeconds;
this.description = $.description;
this.disableRemount = $.disableRemount;
this.identityTokenAudience = $.identityTokenAudience;
this.identityTokenKey = $.identityTokenKey;
this.identityTokenTtl = $.identityTokenTtl;
this.local = $.local;
this.maxLeaseTtlSeconds = $.maxLeaseTtlSeconds;
this.namespace = $.namespace;
this.path = $.path;
this.serviceAccountEmail = $.serviceAccountEmail;
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(SecretBackendState defaults) {
return new Builder(defaults);
}
public static final class Builder {
private SecretBackendState $;
public Builder() {
$ = new SecretBackendState();
}
public Builder(SecretBackendState defaults) {
$ = new SecretBackendState(Objects.requireNonNull(defaults));
}
/**
* @param accessor The accessor of the created GCP mount.
*
* @return builder
*
*/
public Builder accessor(@Nullable Output accessor) {
$.accessor = accessor;
return this;
}
/**
* @param accessor The accessor of the created GCP mount.
*
* @return builder
*
*/
public Builder accessor(String accessor) {
return accessor(Output.of(accessor));
}
/**
* @param credentials JSON-encoded credentials to use to connect to GCP
*
* @return builder
*
*/
public Builder credentials(@Nullable Output credentials) {
$.credentials = credentials;
return this;
}
/**
* @param credentials JSON-encoded credentials to use to connect to GCP
*
* @return builder
*
*/
public Builder credentials(String credentials) {
return credentials(Output.of(credentials));
}
/**
* @param defaultLeaseTtlSeconds The default TTL for credentials
* issued by this backend. Defaults to '0'.
*
* @return builder
*
*/
public Builder defaultLeaseTtlSeconds(@Nullable Output defaultLeaseTtlSeconds) {
$.defaultLeaseTtlSeconds = defaultLeaseTtlSeconds;
return this;
}
/**
* @param defaultLeaseTtlSeconds The default TTL for credentials
* issued by this backend. Defaults to '0'.
*
* @return builder
*
*/
public Builder defaultLeaseTtlSeconds(Integer defaultLeaseTtlSeconds) {
return defaultLeaseTtlSeconds(Output.of(defaultLeaseTtlSeconds));
}
/**
* @param description A human-friendly description for this backend.
*
* @return builder
*
*/
public Builder description(@Nullable Output description) {
$.description = description;
return this;
}
/**
* @param description A human-friendly description for this backend.
*
* @return builder
*
*/
public Builder description(String description) {
return description(Output.of(description));
}
/**
* @param disableRemount If set, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*
* @return builder
*
*/
public Builder disableRemount(@Nullable Output disableRemount) {
$.disableRemount = disableRemount;
return this;
}
/**
* @param disableRemount If set, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*
* @return builder
*
*/
public Builder disableRemount(Boolean disableRemount) {
return disableRemount(Output.of(disableRemount));
}
/**
* @param identityTokenAudience The audience claim value for plugin identity
* tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
* Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder identityTokenAudience(@Nullable Output identityTokenAudience) {
$.identityTokenAudience = identityTokenAudience;
return this;
}
/**
* @param identityTokenAudience The audience claim value for plugin identity
* tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
* Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder identityTokenAudience(String identityTokenAudience) {
return identityTokenAudience(Output.of(identityTokenAudience));
}
/**
* @param identityTokenKey The key to use for signing plugin identity
* tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder identityTokenKey(@Nullable Output identityTokenKey) {
$.identityTokenKey = identityTokenKey;
return this;
}
/**
* @param identityTokenKey The key to use for signing plugin identity
* tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder identityTokenKey(String identityTokenKey) {
return identityTokenKey(Output.of(identityTokenKey));
}
/**
* @param identityTokenTtl The TTL of generated tokens.
*
* @return builder
*
*/
public Builder identityTokenTtl(@Nullable Output identityTokenTtl) {
$.identityTokenTtl = identityTokenTtl;
return this;
}
/**
* @param identityTokenTtl The TTL of generated tokens.
*
* @return builder
*
*/
public Builder identityTokenTtl(Integer identityTokenTtl) {
return identityTokenTtl(Output.of(identityTokenTtl));
}
/**
* @param local Boolean flag that can be explicitly set to true to enforce local mount in HA environment
*
* @return builder
*
*/
public Builder local(@Nullable Output local) {
$.local = local;
return this;
}
/**
* @param local Boolean flag that can be explicitly set to true to enforce local mount in HA environment
*
* @return builder
*
*/
public Builder local(Boolean local) {
return local(Output.of(local));
}
/**
* @param maxLeaseTtlSeconds The maximum TTL that can be requested
* for credentials issued by this backend. Defaults to '0'.
*
* @return builder
*
*/
public Builder maxLeaseTtlSeconds(@Nullable Output maxLeaseTtlSeconds) {
$.maxLeaseTtlSeconds = maxLeaseTtlSeconds;
return this;
}
/**
* @param maxLeaseTtlSeconds The maximum TTL that can be requested
* for credentials issued by this backend. Defaults to '0'.
*
* @return builder
*
*/
public Builder maxLeaseTtlSeconds(Integer maxLeaseTtlSeconds) {
return maxLeaseTtlSeconds(Output.of(maxLeaseTtlSeconds));
}
/**
* @param namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder namespace(@Nullable Output namespace) {
$.namespace = namespace;
return this;
}
/**
* @param namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder namespace(String namespace) {
return namespace(Output.of(namespace));
}
/**
* @param path The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `gcp`.
*
* @return builder
*
*/
public Builder path(@Nullable Output path) {
$.path = path;
return this;
}
/**
* @param path The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `gcp`.
*
* @return builder
*
*/
public Builder path(String path) {
return path(Output.of(path));
}
/**
* @param serviceAccountEmail Service Account to impersonate for plugin workload identity federation.
* Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder serviceAccountEmail(@Nullable Output serviceAccountEmail) {
$.serviceAccountEmail = serviceAccountEmail;
return this;
}
/**
* @param serviceAccountEmail Service Account to impersonate for plugin workload identity federation.
* Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
*
* @return builder
*
*/
public Builder serviceAccountEmail(String serviceAccountEmail) {
return serviceAccountEmail(Output.of(serviceAccountEmail));
}
public SecretBackendState build() {
return $;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy