com.pulumi.vault.database.kotlin.SecretBackendRole.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.database.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Any
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
/**
* Builder for [SecretBackendRole].
*/
@PulumiTagMarker
public class SecretBackendRoleResourceBuilder internal constructor() {
public var name: String? = null
public var args: SecretBackendRoleArgs = SecretBackendRoleArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend SecretBackendRoleArgsBuilder.() -> Unit) {
val builder = SecretBackendRoleArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): SecretBackendRole {
val builtJavaResource = com.pulumi.vault.database.SecretBackendRole(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return SecretBackendRole(builtJavaResource)
}
}
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const db = new vault.Mount("db", {
* path: "postgres",
* type: "database",
* });
* const postgres = new vault.database.SecretBackendConnection("postgres", {
* backend: db.path,
* name: "postgres",
* allowedRoles: [
* "dev",
* "prod",
* ],
* postgresql: {
* connectionUrl: "postgres://username:password@host:port/database",
* },
* });
* const role = new vault.database.SecretBackendRole("role", {
* backend: db.path,
* name: "dev",
* dbName: postgres.name,
* creationStatements: ["CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';"],
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* db = vault.Mount("db",
* path="postgres",
* type="database")
* postgres = vault.database.SecretBackendConnection("postgres",
* backend=db.path,
* name="postgres",
* allowed_roles=[
* "dev",
* "prod",
* ],
* postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(
* connection_url="postgres://username:password@host:port/database",
* ))
* role = vault.database.SecretBackendRole("role",
* backend=db.path,
* name="dev",
* db_name=postgres.name,
* creation_statements=["CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';"])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var db = new Vault.Mount("db", new()
* {
* Path = "postgres",
* Type = "database",
* });
* var postgres = new Vault.Database.SecretBackendConnection("postgres", new()
* {
* Backend = db.Path,
* Name = "postgres",
* AllowedRoles = new[]
* {
* "dev",
* "prod",
* },
* Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs
* {
* ConnectionUrl = "postgres://username:password@host:port/database",
* },
* });
* var role = new Vault.Database.SecretBackendRole("role", new()
* {
* Backend = db.Path,
* Name = "dev",
* DbName = postgres.Name,
* CreationStatements = new[]
* {
* "CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/database"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* db, err := vault.NewMount(ctx, "db", &vault.MountArgs{
* Path: pulumi.String("postgres"),
* Type: pulumi.String("database"),
* })
* if err != nil {
* return err
* }
* postgres, err := database.NewSecretBackendConnection(ctx, "postgres", &database.SecretBackendConnectionArgs{
* Backend: db.Path,
* Name: pulumi.String("postgres"),
* AllowedRoles: pulumi.StringArray{
* pulumi.String("dev"),
* pulumi.String("prod"),
* },
* Postgresql: &database.SecretBackendConnectionPostgresqlArgs{
* ConnectionUrl: pulumi.String("postgres://username:password@host:port/database"),
* },
* })
* if err != nil {
* return err
* }
* _, err = database.NewSecretBackendRole(ctx, "role", &database.SecretBackendRoleArgs{
* Backend: db.Path,
* Name: pulumi.String("dev"),
* DbName: postgres.Name,
* CreationStatements: pulumi.StringArray{
* pulumi.String("CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.Mount;
* import com.pulumi.vault.MountArgs;
* import com.pulumi.vault.database.SecretBackendConnection;
* import com.pulumi.vault.database.SecretBackendConnectionArgs;
* import com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;
* import com.pulumi.vault.database.SecretBackendRole;
* import com.pulumi.vault.database.SecretBackendRoleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var db = new Mount("db", MountArgs.builder()
* .path("postgres")
* .type("database")
* .build());
* var postgres = new SecretBackendConnection("postgres", SecretBackendConnectionArgs.builder()
* .backend(db.path())
* .name("postgres")
* .allowedRoles(
* "dev",
* "prod")
* .postgresql(SecretBackendConnectionPostgresqlArgs.builder()
* .connectionUrl("postgres://username:password@host:port/database")
* .build())
* .build());
* var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder()
* .backend(db.path())
* .name("dev")
* .dbName(postgres.name())
* .creationStatements("CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* db:
* type: vault:Mount
* properties:
* path: postgres
* type: database
* postgres:
* type: vault:database:SecretBackendConnection
* properties:
* backend: ${db.path}
* name: postgres
* allowedRoles:
* - dev
* - prod
* postgresql:
* connectionUrl: postgres://username:password@host:port/database
* role:
* type: vault:database:SecretBackendRole
* properties:
* backend: ${db.path}
* name: dev
* dbName: ${postgres.name}
* creationStatements:
* - CREATE ROLE "{{name}}" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';
* ```
*
* ## Import
* Database secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.
* ```sh
* $ pulumi import vault:database/secretBackendRole:SecretBackendRole example postgres/roles/my-role
* ```
*/
public class SecretBackendRole internal constructor(
override val javaResource: com.pulumi.vault.database.SecretBackendRole,
) : KotlinCustomResource(javaResource, SecretBackendRoleMapper) {
/**
* The unique name of the Vault mount to configure.
*/
public val backend: Output
get() = javaResource.backend().applyValue({ args0 -> args0 })
/**
* The database statements to execute when
* creating a user.
*/
public val creationStatements: Output>
get() = javaResource.creationStatements().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
/**
* Specifies the configuration
* for the given `credential_type`.
* The following options are available for each `credential_type` value:
*/
public val credentialConfig: Output>?
get() = javaResource.credentialConfig().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0.key.to(args0.value) }).toMap()
}).orElse(null)
})
/**
* Specifies the type of credential that
* will be generated for the role. Options include: `password`, `rsa_private_key`, `client_certificate`.
* See the plugin's API page for credential types supported by individual databases.
*/
public val credentialType: Output
get() = javaResource.credentialType().applyValue({ args0 -> args0 })
/**
* The unique name of the database connection to use for
* the role.
*/
public val dbName: Output
get() = javaResource.dbName().applyValue({ args0 -> args0 })
/**
* The default number of seconds for leases for this
* role.
*/
public val defaultTtl: Output?
get() = javaResource.defaultTtl().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The maximum number of seconds for leases for this
* role.
*/
public val maxTtl: Output?
get() = javaResource.maxTtl().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* A unique name to give the role.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured namespace.
* *Available only for Vault Enterprise*.
*/
public val namespace: Output?
get() = javaResource.namespace().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The database statements to execute when
* renewing a user.
*/
public val renewStatements: Output>?
get() = javaResource.renewStatements().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* The database statements to execute when
* revoking a user.
*/
public val revocationStatements: Output>?
get() = javaResource.revocationStatements().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* The database statements to execute when
* rolling back creation due to an error.
*/
public val rollbackStatements: Output>?
get() = javaResource.rollbackStatements().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
}
public object SecretBackendRoleMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.vault.database.SecretBackendRole::class == javaResource::class
override fun map(javaResource: Resource): SecretBackendRole = SecretBackendRole(
javaResource as
com.pulumi.vault.database.SecretBackendRole,
)
}
/**
* @see [SecretBackendRole].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [SecretBackendRole].
*/
public suspend fun secretBackendRole(
name: String,
block: suspend SecretBackendRoleResourceBuilder.() -> Unit,
): SecretBackendRole {
val builder = SecretBackendRoleResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [SecretBackendRole].
* @param name The _unique_ name of the resulting resource.
*/
public fun secretBackendRole(name: String): SecretBackendRole {
val builder = SecretBackendRoleResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy