com.pulumi.vault.aws.kotlin.SecretBackend.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.aws.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
/**
* Builder for [SecretBackend].
*/
@PulumiTagMarker
public class SecretBackendResourceBuilder internal constructor() {
public var name: String? = null
public var args: SecretBackendArgs = SecretBackendArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend SecretBackendArgsBuilder.() -> Unit) {
val builder = SecretBackendArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): SecretBackend {
val builtJavaResource = com.pulumi.vault.aws.SecretBackend(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return SecretBackend(builtJavaResource)
}
}
/**
*
* ## Import
* AWS secret backends can be imported using the `path`, e.g.
* ```sh
* $ pulumi import vault:aws/secretBackend:SecretBackend aws aws
* ```
*/
public class SecretBackend internal constructor(
override val javaResource: com.pulumi.vault.aws.SecretBackend,
) : KotlinCustomResource(javaResource, SecretBackendMapper) {
/**
* The AWS Access Key ID this backend should use to
* issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
*/
public val accessKey: Output?
get() = javaResource.accessKey().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The default TTL for credentials
* issued by this backend.
*/
public val defaultLeaseTtlSeconds: Output
get() = javaResource.defaultLeaseTtlSeconds().applyValue({ args0 -> args0 })
/**
* A human-friendly description for this backend.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* If set, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*/
public val disableRemount: Output?
get() = javaResource.disableRemount().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Specifies a custom HTTP IAM endpoint to use.
*/
public val iamEndpoint: Output?
get() = javaResource.iamEndpoint().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The audience claim value. Requires Vault 1.16+.
*/
public val identityTokenAudience: Output?
get() = javaResource.identityTokenAudience().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The key to use for signing identity tokens. Requires Vault 1.16+.
*/
public val identityTokenKey: Output?
get() = javaResource.identityTokenKey().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
*/
public val identityTokenTtl: Output
get() = javaResource.identityTokenTtl().applyValue({ args0 -> args0 })
/**
* Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
*/
public val local: Output?
get() = javaResource.local().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The maximum TTL that can be requested
* for credentials issued by this backend.
*/
public val maxLeaseTtlSeconds: Output
get() = javaResource.maxLeaseTtlSeconds().applyValue({ args0 -> args0 })
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
public val namespace: Output?
get() = javaResource.namespace().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `aws`.
*/
public val path: Output?
get() = javaResource.path().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The AWS region to make API calls against. Defaults to us-east-1.
*/
public val region: Output
get() = javaResource.region().applyValue({ args0 -> args0 })
/**
* Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
* ```
* {{ if (eq .Type "STS") }}
* {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
* {{ else }}
* {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
* {{ end }}
* ```
*/
public val roleArn: Output?
get() = javaResource.roleArn().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The AWS Secret Access Key to use when generating new credentials.
*/
public val secretKey: Output?
get() = javaResource.secretKey().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Specifies a custom HTTP STS endpoint to use.
*/
public val stsEndpoint: Output?
get() = javaResource.stsEndpoint().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
*/
public val usernameTemplate: Output
get() = javaResource.usernameTemplate().applyValue({ args0 -> args0 })
}
public object SecretBackendMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.vault.aws.SecretBackend::class == javaResource::class
override fun map(javaResource: Resource): SecretBackend = SecretBackend(
javaResource as
com.pulumi.vault.aws.SecretBackend,
)
}
/**
* @see [SecretBackend].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [SecretBackend].
*/
public suspend fun secretBackend(
name: String,
block: suspend SecretBackendResourceBuilder.() -> Unit,
): SecretBackend {
val builder = SecretBackendResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [SecretBackend].
* @param name The _unique_ name of the resulting resource.
*/
public fun secretBackend(name: String): SecretBackend {
val builder = SecretBackendResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy