All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.vault.kubernetes.inputs.GetAuthBackendConfigArgs Maven / Gradle / Ivy

Go to download

A Pulumi package for creating and managing HashiCorp Vault cloud resources.

There is a newer version: 6.5.0-alpha.1732775348
Show newest version
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***

package com.pulumi.vault.kubernetes.inputs;

import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import java.lang.Boolean;
import java.lang.String;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;


public final class GetAuthBackendConfigArgs extends com.pulumi.resources.InvokeArgs {

    public static final GetAuthBackendConfigArgs Empty = new GetAuthBackendConfigArgs();

    /**
     * The unique name for the Kubernetes backend the config to
     * retrieve Role attributes for resides in. Defaults to "kubernetes".
     * 
     */
    @Import(name="backend")
    private @Nullable Output backend;

    /**
     * @return The unique name for the Kubernetes backend the config to
     * retrieve Role attributes for resides in. Defaults to "kubernetes".
     * 
     */
    public Optional> backend() {
        return Optional.ofNullable(this.backend);
    }

    /**
     * (Optional) Disable JWT issuer validation. Allows to skip ISS validation. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
     * 
     */
    @Import(name="disableIssValidation")
    private @Nullable Output disableIssValidation;

    /**
     * @return (Optional) Disable JWT issuer validation. Allows to skip ISS validation. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
     * 
     */
    public Optional> disableIssValidation() {
        return Optional.ofNullable(this.disableIssValidation);
    }

    /**
     * (Optional) Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
     * 
     */
    @Import(name="disableLocalCaJwt")
    private @Nullable Output disableLocalCaJwt;

    /**
     * @return (Optional) Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
     * 
     */
    public Optional> disableLocalCaJwt() {
        return Optional.ofNullable(this.disableLocalCaJwt);
    }

    /**
     * Optional JWT issuer. If no issuer is specified, `kubernetes.io/serviceaccount` will be used as the default issuer.
     * 
     */
    @Import(name="issuer")
    private @Nullable Output issuer;

    /**
     * @return Optional JWT issuer. If no issuer is specified, `kubernetes.io/serviceaccount` will be used as the default issuer.
     * 
     */
    public Optional> issuer() {
        return Optional.ofNullable(this.issuer);
    }

    /**
     * PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API.
     * 
     */
    @Import(name="kubernetesCaCert")
    private @Nullable Output kubernetesCaCert;

    /**
     * @return PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API.
     * 
     */
    public Optional> kubernetesCaCert() {
        return Optional.ofNullable(this.kubernetesCaCert);
    }

    /**
     * Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.
     * 
     */
    @Import(name="kubernetesHost")
    private @Nullable Output kubernetesHost;

    /**
     * @return Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.
     * 
     */
    public Optional> kubernetesHost() {
        return Optional.ofNullable(this.kubernetesHost);
    }

    /**
     * The namespace of the target resource.
     * The value should not contain leading or trailing forward slashes.
     * The `namespace` is always relative to the provider's configured namespace.
     * *Available only for Vault Enterprise*.
     * 
     */
    @Import(name="namespace")
    private @Nullable Output namespace;

    /**
     * @return The namespace of the target resource.
     * The value should not contain leading or trailing forward slashes.
     * The `namespace` is always relative to the provider's configured namespace.
     * *Available only for Vault Enterprise*.
     * 
     */
    public Optional> namespace() {
        return Optional.ofNullable(this.namespace);
    }

    /**
     * Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
     * 
     */
    @Import(name="pemKeys")
    private @Nullable Output> pemKeys;

    /**
     * @return Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
     * 
     */
    public Optional>> pemKeys() {
        return Optional.ofNullable(this.pemKeys);
    }

    /**
     * (Optional) Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
     * 
     */
    @Import(name="useAnnotationsAsAliasMetadata")
    private @Nullable Output useAnnotationsAsAliasMetadata;

    /**
     * @return (Optional) Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
     * 
     */
    public Optional> useAnnotationsAsAliasMetadata() {
        return Optional.ofNullable(this.useAnnotationsAsAliasMetadata);
    }

    private GetAuthBackendConfigArgs() {}

    private GetAuthBackendConfigArgs(GetAuthBackendConfigArgs $) {
        this.backend = $.backend;
        this.disableIssValidation = $.disableIssValidation;
        this.disableLocalCaJwt = $.disableLocalCaJwt;
        this.issuer = $.issuer;
        this.kubernetesCaCert = $.kubernetesCaCert;
        this.kubernetesHost = $.kubernetesHost;
        this.namespace = $.namespace;
        this.pemKeys = $.pemKeys;
        this.useAnnotationsAsAliasMetadata = $.useAnnotationsAsAliasMetadata;
    }

    public static Builder builder() {
        return new Builder();
    }
    public static Builder builder(GetAuthBackendConfigArgs defaults) {
        return new Builder(defaults);
    }

    public static final class Builder {
        private GetAuthBackendConfigArgs $;

        public Builder() {
            $ = new GetAuthBackendConfigArgs();
        }

        public Builder(GetAuthBackendConfigArgs defaults) {
            $ = new GetAuthBackendConfigArgs(Objects.requireNonNull(defaults));
        }

        /**
         * @param backend The unique name for the Kubernetes backend the config to
         * retrieve Role attributes for resides in. Defaults to "kubernetes".
         * 
         * @return builder
         * 
         */
        public Builder backend(@Nullable Output backend) {
            $.backend = backend;
            return this;
        }

        /**
         * @param backend The unique name for the Kubernetes backend the config to
         * retrieve Role attributes for resides in. Defaults to "kubernetes".
         * 
         * @return builder
         * 
         */
        public Builder backend(String backend) {
            return backend(Output.of(backend));
        }

        /**
         * @param disableIssValidation (Optional) Disable JWT issuer validation. Allows to skip ISS validation. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
         * 
         * @return builder
         * 
         */
        public Builder disableIssValidation(@Nullable Output disableIssValidation) {
            $.disableIssValidation = disableIssValidation;
            return this;
        }

        /**
         * @param disableIssValidation (Optional) Disable JWT issuer validation. Allows to skip ISS validation. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
         * 
         * @return builder
         * 
         */
        public Builder disableIssValidation(Boolean disableIssValidation) {
            return disableIssValidation(Output.of(disableIssValidation));
        }

        /**
         * @param disableLocalCaJwt (Optional) Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
         * 
         * @return builder
         * 
         */
        public Builder disableLocalCaJwt(@Nullable Output disableLocalCaJwt) {
            $.disableLocalCaJwt = disableLocalCaJwt;
            return this;
        }

        /**
         * @param disableLocalCaJwt (Optional) Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod. Requires Vault `v1.5.4+` or Vault auth kubernetes plugin `v0.7.1+`
         * 
         * @return builder
         * 
         */
        public Builder disableLocalCaJwt(Boolean disableLocalCaJwt) {
            return disableLocalCaJwt(Output.of(disableLocalCaJwt));
        }

        /**
         * @param issuer Optional JWT issuer. If no issuer is specified, `kubernetes.io/serviceaccount` will be used as the default issuer.
         * 
         * @return builder
         * 
         */
        public Builder issuer(@Nullable Output issuer) {
            $.issuer = issuer;
            return this;
        }

        /**
         * @param issuer Optional JWT issuer. If no issuer is specified, `kubernetes.io/serviceaccount` will be used as the default issuer.
         * 
         * @return builder
         * 
         */
        public Builder issuer(String issuer) {
            return issuer(Output.of(issuer));
        }

        /**
         * @param kubernetesCaCert PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API.
         * 
         * @return builder
         * 
         */
        public Builder kubernetesCaCert(@Nullable Output kubernetesCaCert) {
            $.kubernetesCaCert = kubernetesCaCert;
            return this;
        }

        /**
         * @param kubernetesCaCert PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API.
         * 
         * @return builder
         * 
         */
        public Builder kubernetesCaCert(String kubernetesCaCert) {
            return kubernetesCaCert(Output.of(kubernetesCaCert));
        }

        /**
         * @param kubernetesHost Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.
         * 
         * @return builder
         * 
         */
        public Builder kubernetesHost(@Nullable Output kubernetesHost) {
            $.kubernetesHost = kubernetesHost;
            return this;
        }

        /**
         * @param kubernetesHost Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.
         * 
         * @return builder
         * 
         */
        public Builder kubernetesHost(String kubernetesHost) {
            return kubernetesHost(Output.of(kubernetesHost));
        }

        /**
         * @param namespace The namespace of the target resource.
         * The value should not contain leading or trailing forward slashes.
         * The `namespace` is always relative to the provider's configured namespace.
         * *Available only for Vault Enterprise*.
         * 
         * @return builder
         * 
         */
        public Builder namespace(@Nullable Output namespace) {
            $.namespace = namespace;
            return this;
        }

        /**
         * @param namespace The namespace of the target resource.
         * The value should not contain leading or trailing forward slashes.
         * The `namespace` is always relative to the provider's configured namespace.
         * *Available only for Vault Enterprise*.
         * 
         * @return builder
         * 
         */
        public Builder namespace(String namespace) {
            return namespace(Output.of(namespace));
        }

        /**
         * @param pemKeys Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
         * 
         * @return builder
         * 
         */
        public Builder pemKeys(@Nullable Output> pemKeys) {
            $.pemKeys = pemKeys;
            return this;
        }

        /**
         * @param pemKeys Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
         * 
         * @return builder
         * 
         */
        public Builder pemKeys(List pemKeys) {
            return pemKeys(Output.of(pemKeys));
        }

        /**
         * @param pemKeys Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
         * 
         * @return builder
         * 
         */
        public Builder pemKeys(String... pemKeys) {
            return pemKeys(List.of(pemKeys));
        }

        /**
         * @param useAnnotationsAsAliasMetadata (Optional) Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
         * 
         * @return builder
         * 
         */
        public Builder useAnnotationsAsAliasMetadata(@Nullable Output useAnnotationsAsAliasMetadata) {
            $.useAnnotationsAsAliasMetadata = useAnnotationsAsAliasMetadata;
            return this;
        }

        /**
         * @param useAnnotationsAsAliasMetadata (Optional) Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
         * 
         * @return builder
         * 
         */
        public Builder useAnnotationsAsAliasMetadata(Boolean useAnnotationsAsAliasMetadata) {
            return useAnnotationsAsAliasMetadata(Output.of(useAnnotationsAsAliasMetadata));
        }

        public GetAuthBackendConfigArgs build() {
            return $;
        }
    }

}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy