com.pulumi.vault.identity.kotlin.OidcKeyArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.identity.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.vault.identity.OidcKeyArgs.builder
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const key = new vault.identity.OidcKey("key", {
* name: "key",
* algorithm: "RS256",
* });
* const role = new vault.identity.OidcRole("role", {
* name: "role",
* key: key.name,
* });
* const roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID("role", {
* keyName: key.name,
* allowedClientId: role.clientId,
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* key = vault.identity.OidcKey("key",
* name="key",
* algorithm="RS256")
* role = vault.identity.OidcRole("role",
* name="role",
* key=key.name)
* role_oidc_key_allowed_client_id = vault.identity.OidcKeyAllowedClientID("role",
* key_name=key.name,
* allowed_client_id=role.client_id)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var key = new Vault.Identity.OidcKey("key", new()
* {
* Name = "key",
* Algorithm = "RS256",
* });
* var role = new Vault.Identity.OidcRole("role", new()
* {
* Name = "role",
* Key = key.Name,
* });
* var roleOidcKeyAllowedClientID = new Vault.Identity.OidcKeyAllowedClientID("role", new()
* {
* KeyName = key.Name,
* AllowedClientId = role.ClientId,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{
* Name: pulumi.String("key"),
* Algorithm: pulumi.String("RS256"),
* })
* if err != nil {
* return err
* }
* role, err := identity.NewOidcRole(ctx, "role", &identity.OidcRoleArgs{
* Name: pulumi.String("role"),
* Key: key.Name,
* })
* if err != nil {
* return err
* }
* _, err = identity.NewOidcKeyAllowedClientID(ctx, "role", &identity.OidcKeyAllowedClientIDArgs{
* KeyName: key.Name,
* AllowedClientId: role.ClientId,
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.identity.OidcKey;
* import com.pulumi.vault.identity.OidcKeyArgs;
* import com.pulumi.vault.identity.OidcRole;
* import com.pulumi.vault.identity.OidcRoleArgs;
* import com.pulumi.vault.identity.OidcKeyAllowedClientID;
* import com.pulumi.vault.identity.OidcKeyAllowedClientIDArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var key = new OidcKey("key", OidcKeyArgs.builder()
* .name("key")
* .algorithm("RS256")
* .build());
* var role = new OidcRole("role", OidcRoleArgs.builder()
* .name("role")
* .key(key.name())
* .build());
* var roleOidcKeyAllowedClientID = new OidcKeyAllowedClientID("roleOidcKeyAllowedClientID", OidcKeyAllowedClientIDArgs.builder()
* .keyName(key.name())
* .allowedClientId(role.clientId())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* key:
* type: vault:identity:OidcKey
* properties:
* name: key
* algorithm: RS256
* role:
* type: vault:identity:OidcRole
* properties:
* name: role
* key: ${key.name}
* roleOidcKeyAllowedClientID:
* type: vault:identity:OidcKeyAllowedClientID
* name: role
* properties:
* keyName: ${key.name}
* allowedClientId: ${role.clientId}
* ```
*
* ## Import
* The key can be imported with the key name, for example:
* ```sh
* $ pulumi import vault:identity/oidcKey:OidcKey key key
* ```
* @property algorithm Signing algorithm to use. Signing algorithm to use.
* Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.
* @property allowedClientIds Array of role client ID allowed to use this key for signing. If
* empty, no roles are allowed. If `["*"]`, all roles are allowed.
* @property name Name of the OIDC Key to create.
* @property namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
* @property rotationPeriod How often to generate a new signing key in number of seconds
* @property verificationTtl "Controls how long the public portion of a signing key will be
* available for verification after being rotated in seconds.
*/
public data class OidcKeyArgs(
public val algorithm: Output? = null,
public val allowedClientIds: Output>? = null,
public val name: Output? = null,
public val namespace: Output? = null,
public val rotationPeriod: Output? = null,
public val verificationTtl: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.vault.identity.OidcKeyArgs =
com.pulumi.vault.identity.OidcKeyArgs.builder()
.algorithm(algorithm?.applyValue({ args0 -> args0 }))
.allowedClientIds(allowedClientIds?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.name(name?.applyValue({ args0 -> args0 }))
.namespace(namespace?.applyValue({ args0 -> args0 }))
.rotationPeriod(rotationPeriod?.applyValue({ args0 -> args0 }))
.verificationTtl(verificationTtl?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [OidcKeyArgs].
*/
@PulumiTagMarker
public class OidcKeyArgsBuilder internal constructor() {
private var algorithm: Output? = null
private var allowedClientIds: Output>? = null
private var name: Output? = null
private var namespace: Output? = null
private var rotationPeriod: Output? = null
private var verificationTtl: Output? = null
/**
* @param value Signing algorithm to use. Signing algorithm to use.
* Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.
*/
@JvmName("xmqjplaoqaeobhup")
public suspend fun algorithm(`value`: Output) {
this.algorithm = value
}
/**
* @param value Array of role client ID allowed to use this key for signing. If
* empty, no roles are allowed. If `["*"]`, all roles are allowed.
*/
@JvmName("raiqdkfahnynqftg")
public suspend fun allowedClientIds(`value`: Output>) {
this.allowedClientIds = value
}
@JvmName("iktgfjuqbgommuvk")
public suspend fun allowedClientIds(vararg values: Output) {
this.allowedClientIds = Output.all(values.asList())
}
/**
* @param values Array of role client ID allowed to use this key for signing. If
* empty, no roles are allowed. If `["*"]`, all roles are allowed.
*/
@JvmName("plcgygphmaivhajd")
public suspend fun allowedClientIds(values: List>) {
this.allowedClientIds = Output.all(values)
}
/**
* @param value Name of the OIDC Key to create.
*/
@JvmName("rgkjgnhbgcoqvgme")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("mnclfbljytchqkrl")
public suspend fun namespace(`value`: Output) {
this.namespace = value
}
/**
* @param value How often to generate a new signing key in number of seconds
*/
@JvmName("oietqxaidynybtdb")
public suspend fun rotationPeriod(`value`: Output) {
this.rotationPeriod = value
}
/**
* @param value "Controls how long the public portion of a signing key will be
* available for verification after being rotated in seconds.
*/
@JvmName("iqqjtehkitxnerko")
public suspend fun verificationTtl(`value`: Output) {
this.verificationTtl = value
}
/**
* @param value Signing algorithm to use. Signing algorithm to use.
* Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.
*/
@JvmName("rrtsknhoxjpelxer")
public suspend fun algorithm(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.algorithm = mapped
}
/**
* @param value Array of role client ID allowed to use this key for signing. If
* empty, no roles are allowed. If `["*"]`, all roles are allowed.
*/
@JvmName("hoerbksolvbrtsbw")
public suspend fun allowedClientIds(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedClientIds = mapped
}
/**
* @param values Array of role client ID allowed to use this key for signing. If
* empty, no roles are allowed. If `["*"]`, all roles are allowed.
*/
@JvmName("nmibaakedhthajlm")
public suspend fun allowedClientIds(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.allowedClientIds = mapped
}
/**
* @param value Name of the OIDC Key to create.
*/
@JvmName("dncdmatrijyoafch")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("nsdxlxlwfhspfsxu")
public suspend fun namespace(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.namespace = mapped
}
/**
* @param value How often to generate a new signing key in number of seconds
*/
@JvmName("ufoxmymtsqhtmmmf")
public suspend fun rotationPeriod(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.rotationPeriod = mapped
}
/**
* @param value "Controls how long the public portion of a signing key will be
* available for verification after being rotated in seconds.
*/
@JvmName("vpkxepqaxlkacrsi")
public suspend fun verificationTtl(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.verificationTtl = mapped
}
internal fun build(): OidcKeyArgs = OidcKeyArgs(
algorithm = algorithm,
allowedClientIds = allowedClientIds,
name = name,
namespace = namespace,
rotationPeriod = rotationPeriod,
verificationTtl = verificationTtl,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy