com.pulumi.vault.azure.kotlin.BackendRole.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.azure.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import com.pulumi.vault.azure.kotlin.outputs.BackendRoleAzureGroup
import com.pulumi.vault.azure.kotlin.outputs.BackendRoleAzureRole
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import com.pulumi.vault.azure.kotlin.outputs.BackendRoleAzureGroup.Companion.toKotlin as backendRoleAzureGroupToKotlin
import com.pulumi.vault.azure.kotlin.outputs.BackendRoleAzureRole.Companion.toKotlin as backendRoleAzureRoleToKotlin
/**
* Builder for [BackendRole].
*/
@PulumiTagMarker
public class BackendRoleResourceBuilder internal constructor() {
public var name: String? = null
public var args: BackendRoleArgs = BackendRoleArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend BackendRoleArgsBuilder.() -> Unit) {
val builder = BackendRoleArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): BackendRole {
val builtJavaResource = com.pulumi.vault.azure.BackendRole(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return BackendRole(builtJavaResource)
}
}
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const azure = new vault.azure.Backend("azure", {
* subscriptionId: subscriptionId,
* tenantId: tenantId,
* clientSecret: clientSecret,
* clientId: clientId,
* });
* const generatedRole = new vault.azure.BackendRole("generated_role", {
* backend: azure.path,
* role: "generated_role",
* signInAudience: "AzureADMyOrg",
* tags: [
* "team:engineering",
* "environment:development",
* ],
* ttl: "300",
* maxTtl: "600",
* azureRoles: [{
* roleName: "Reader",
* scope: `/subscriptions/${subscriptionId}/resourceGroups/azure-vault-group`,
* }],
* });
* const existingObjectId = new vault.azure.BackendRole("existing_object_id", {
* backend: azure.path,
* role: "existing_object_id",
* applicationObjectId: "11111111-2222-3333-4444-44444444444",
* ttl: "300",
* maxTtl: "600",
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* azure = vault.azure.Backend("azure",
* subscription_id=subscription_id,
* tenant_id=tenant_id,
* client_secret=client_secret,
* client_id=client_id)
* generated_role = vault.azure.BackendRole("generated_role",
* backend=azure.path,
* role="generated_role",
* sign_in_audience="AzureADMyOrg",
* tags=[
* "team:engineering",
* "environment:development",
* ],
* ttl="300",
* max_ttl="600",
* azure_roles=[vault.azure.BackendRoleAzureRoleArgs(
* role_name="Reader",
* scope=f"/subscriptions/{subscription_id}/resourceGroups/azure-vault-group",
* )])
* existing_object_id = vault.azure.BackendRole("existing_object_id",
* backend=azure.path,
* role="existing_object_id",
* application_object_id="11111111-2222-3333-4444-44444444444",
* ttl="300",
* max_ttl="600")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var azure = new Vault.Azure.Backend("azure", new()
* {
* SubscriptionId = subscriptionId,
* TenantId = tenantId,
* ClientSecret = clientSecret,
* ClientId = clientId,
* });
* var generatedRole = new Vault.Azure.BackendRole("generated_role", new()
* {
* Backend = azure.Path,
* Role = "generated_role",
* SignInAudience = "AzureADMyOrg",
* Tags = new[]
* {
* "team:engineering",
* "environment:development",
* },
* Ttl = "300",
* MaxTtl = "600",
* AzureRoles = new[]
* {
* new Vault.Azure.Inputs.BackendRoleAzureRoleArgs
* {
* RoleName = "Reader",
* Scope = $"/subscriptions/{subscriptionId}/resourceGroups/azure-vault-group",
* },
* },
* });
* var existingObjectId = new Vault.Azure.BackendRole("existing_object_id", new()
* {
* Backend = azure.Path,
* Role = "existing_object_id",
* ApplicationObjectId = "11111111-2222-3333-4444-44444444444",
* Ttl = "300",
* MaxTtl = "600",
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* azure, err := azure.NewBackend(ctx, "azure", &azure.BackendArgs{
* SubscriptionId: pulumi.Any(subscriptionId),
* TenantId: pulumi.Any(tenantId),
* ClientSecret: pulumi.Any(clientSecret),
* ClientId: pulumi.Any(clientId),
* })
* if err != nil {
* return err
* }
* _, err = azure.NewBackendRole(ctx, "generated_role", &azure.BackendRoleArgs{
* Backend: azure.Path,
* Role: pulumi.String("generated_role"),
* SignInAudience: pulumi.String("AzureADMyOrg"),
* Tags: pulumi.StringArray{
* pulumi.String("team:engineering"),
* pulumi.String("environment:development"),
* },
* Ttl: pulumi.String("300"),
* MaxTtl: pulumi.String("600"),
* AzureRoles: azure.BackendRoleAzureRoleArray{
* &azure.BackendRoleAzureRoleArgs{
* RoleName: pulumi.String("Reader"),
* Scope: pulumi.String(fmt.Sprintf("/subscriptions/%v/resourceGroups/azure-vault-group", subscriptionId)),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = azure.NewBackendRole(ctx, "existing_object_id", &azure.BackendRoleArgs{
* Backend: azure.Path,
* Role: pulumi.String("existing_object_id"),
* ApplicationObjectId: pulumi.String("11111111-2222-3333-4444-44444444444"),
* Ttl: pulumi.String("300"),
* MaxTtl: pulumi.String("600"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.azure.Backend;
* import com.pulumi.vault.azure.BackendArgs;
* import com.pulumi.vault.azure.BackendRole;
* import com.pulumi.vault.azure.BackendRoleArgs;
* import com.pulumi.vault.azure.inputs.BackendRoleAzureRoleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var azure = new Backend("azure", BackendArgs.builder()
* .subscriptionId(subscriptionId)
* .tenantId(tenantId)
* .clientSecret(clientSecret)
* .clientId(clientId)
* .build());
* var generatedRole = new BackendRole("generatedRole", BackendRoleArgs.builder()
* .backend(azure.path())
* .role("generated_role")
* .signInAudience("AzureADMyOrg")
* .tags(
* "team:engineering",
* "environment:development")
* .ttl(300)
* .maxTtl(600)
* .azureRoles(BackendRoleAzureRoleArgs.builder()
* .roleName("Reader")
* .scope(String.format("/subscriptions/%s/resourceGroups/azure-vault-group", subscriptionId))
* .build())
* .build());
* var existingObjectId = new BackendRole("existingObjectId", BackendRoleArgs.builder()
* .backend(azure.path())
* .role("existing_object_id")
* .applicationObjectId("11111111-2222-3333-4444-44444444444")
* .ttl(300)
* .maxTtl(600)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* azure:
* type: vault:azure:Backend
* properties:
* subscriptionId: ${subscriptionId}
* tenantId: ${tenantId}
* clientSecret: ${clientSecret}
* clientId: ${clientId}
* generatedRole:
* type: vault:azure:BackendRole
* name: generated_role
* properties:
* backend: ${azure.path}
* role: generated_role
* signInAudience: AzureADMyOrg
* tags:
* - team:engineering
* - environment:development
* ttl: 300
* maxTtl: 600
* azureRoles:
* - roleName: Reader
* scope: /subscriptions/${subscriptionId}/resourceGroups/azure-vault-group
* existingObjectId:
* type: vault:azure:BackendRole
* name: existing_object_id
* properties:
* backend: ${azure.path}
* role: existing_object_id
* applicationObjectId: 11111111-2222-3333-4444-44444444444
* ttl: 300
* maxTtl: 600
* ```
*
*/
public class BackendRole internal constructor(
override val javaResource: com.pulumi.vault.azure.BackendRole,
) : KotlinCustomResource(javaResource, BackendRoleMapper) {
/**
* Application Object ID for an existing service principal that will
* be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
*/
public val applicationObjectId: Output?
get() = javaResource.applicationObjectId().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* List of Azure groups to be assigned to the generated service principal.
*/
public val azureGroups: Output>?
get() = javaResource.azureGroups().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> backendRoleAzureGroupToKotlin(args0) })
})
}).orElse(null)
})
/**
* List of Azure roles to be assigned to the generated service principal.
*/
public val azureRoles: Output>?
get() = javaResource.azureRoles().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> backendRoleAzureRoleToKotlin(args0) })
})
}).orElse(null)
})
/**
* Path to the mounted Azure auth backend
*/
public val backend: Output?
get() = javaResource.backend().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Human-friendly description of the mount for the backend.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Specifies the maximum TTL for service principals generated using this role. Accepts time
* suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
*/
public val maxTtl: Output?
get() = javaResource.maxTtl().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
public val namespace: Output?
get() = javaResource.namespace().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Indicates whether the applications and service principals created by Vault will be permanently
* deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
*/
public val permanentlyDelete: Output
get() = javaResource.permanentlyDelete().applyValue({ args0 -> args0 })
/**
* Name of the Azure role
*/
public val role: Output
get() = javaResource.role().applyValue({ args0 -> args0 })
/**
* Specifies the security principal types that are allowed to sign in to the application.
* Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
*/
public val signInAudience: Output?
get() = javaResource.signInAudience().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* A list of Azure tags to attach to an application. Requires Vault 1.16+.
*/
public val tags: Output>?
get() = javaResource.tags().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0
})
}).orElse(null)
})
/**
* Specifies the default TTL for service principals generated using this role.
* Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
*/
public val ttl: Output?
get() = javaResource.ttl().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
}
public object BackendRoleMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.vault.azure.BackendRole::class == javaResource::class
override fun map(javaResource: Resource): BackendRole = BackendRole(
javaResource as
com.pulumi.vault.azure.BackendRole,
)
}
/**
* @see [BackendRole].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [BackendRole].
*/
public suspend fun backendRole(name: String, block: suspend BackendRoleResourceBuilder.() -> Unit): BackendRole {
val builder = BackendRoleResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [BackendRole].
* @param name The _unique_ name of the resulting resource.
*/
public fun backendRole(name: String): BackendRole {
val builder = BackendRoleResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy