com.pulumi.vault.ldap.kotlin.SecretBackend.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.ldap.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Any
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
/**
* Builder for [SecretBackend].
*/
@PulumiTagMarker
public class SecretBackendResourceBuilder internal constructor() {
public var name: String? = null
public var args: SecretBackendArgs = SecretBackendArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend SecretBackendArgsBuilder.() -> Unit) {
val builder = SecretBackendArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): SecretBackend {
val builtJavaResource = com.pulumi.vault.ldap.SecretBackend(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return SecretBackend(builtJavaResource)
}
}
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const config = new vault.ldap.SecretBackend("config", {
* path: "my-custom-ldap",
* binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
* bindpass: "SuperSecretPassw0rd",
* url: "ldaps://localhost",
* insecureTls: true,
* userdn: "CN=Users,DC=corp,DC=example,DC=net",
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* config = vault.ldap.SecretBackend("config",
* path="my-custom-ldap",
* binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
* bindpass="SuperSecretPassw0rd",
* url="ldaps://localhost",
* insecure_tls=True,
* userdn="CN=Users,DC=corp,DC=example,DC=net")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var config = new Vault.Ldap.SecretBackend("config", new()
* {
* Path = "my-custom-ldap",
* Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
* Bindpass = "SuperSecretPassw0rd",
* Url = "ldaps://localhost",
* InsecureTls = true,
* Userdn = "CN=Users,DC=corp,DC=example,DC=net",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ldap"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := ldap.NewSecretBackend(ctx, "config", &ldap.SecretBackendArgs{
* Path: pulumi.String("my-custom-ldap"),
* Binddn: pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
* Bindpass: pulumi.String("SuperSecretPassw0rd"),
* Url: pulumi.String("ldaps://localhost"),
* InsecureTls: pulumi.Bool(true),
* Userdn: pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.ldap.SecretBackend;
* import com.pulumi.vault.ldap.SecretBackendArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var config = new SecretBackend("config", SecretBackendArgs.builder()
* .path("my-custom-ldap")
* .binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
* .bindpass("SuperSecretPassw0rd")
* .url("ldaps://localhost")
* .insecureTls("true")
* .userdn("CN=Users,DC=corp,DC=example,DC=net")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* config:
* type: vault:ldap:SecretBackend
* properties:
* path: my-custom-ldap
* binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
* bindpass: SuperSecretPassw0rd
* url: ldaps://localhost
* insecureTls: 'true'
* userdn: CN=Users,DC=corp,DC=example,DC=net
* ```
*
* ## Import
* LDAP secret backend can be imported using the `${mount}/config`, e.g.
* ```sh
* $ pulumi import vault:ldap/secretBackend:SecretBackend config ldap/config
* ```
*/
public class SecretBackend internal constructor(
override val javaResource: com.pulumi.vault.ldap.SecretBackend,
) : KotlinCustomResource(javaResource, SecretBackendMapper) {
/**
* Accessor of the mount
*/
public val accessor: Output
get() = javaResource.accessor().applyValue({ args0 -> args0 })
/**
* List of managed key registry entry names that the mount in question is allowed to access
*/
public val allowedManagedKeys: Output>?
get() = javaResource.allowedManagedKeys().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* List of headers to allow and pass from the request to the plugin
*/
public val allowedResponseHeaders: Output>?
get() = javaResource.allowedResponseHeaders().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
*/
public val auditNonHmacRequestKeys: Output>
get() = javaResource.auditNonHmacRequestKeys().applyValue({ args0 ->
args0.map({ args0 ->
args0
})
})
/**
* Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
*/
public val auditNonHmacResponseKeys: Output>
get() = javaResource.auditNonHmacResponseKeys().applyValue({ args0 ->
args0.map({ args0 ->
args0
})
})
/**
* Distinguished name of object to bind when performing user and group search.
*/
public val binddn: Output
get() = javaResource.binddn().applyValue({ args0 -> args0 })
/**
* Password to use along with binddn when performing user search.
*/
public val bindpass: Output
get() = javaResource.bindpass().applyValue({ args0 -> args0 })
/**
* CA certificate to use when verifying LDAP server certificate, must be
* x509 PEM encoded.
*/
public val certificate: Output?
get() = javaResource.certificate().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Client certificate to provide to the LDAP server, must be x509 PEM encoded.
*/
public val clientTlsCert: Output?
get() = javaResource.clientTlsCert().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
*/
public val clientTlsKey: Output?
get() = javaResource.clientTlsKey().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Timeout, in seconds, when attempting to connect to the LDAP server before trying
* the next URL in the configuration.
*/
public val connectionTimeout: Output?
get() = javaResource.connectionTimeout().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Default lease duration for secrets in seconds.
*/
public val defaultLeaseTtlSeconds: Output
get() = javaResource.defaultLeaseTtlSeconds().applyValue({ args0 -> args0 })
/**
* List of headers to allow and pass from the request to the plugin
*/
public val delegatedAuthAccessors: Output>?
get() = javaResource.delegatedAuthAccessors().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* Human-friendly description of the mount for the Active Directory backend.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* If set, opts out of mount migration on path updates.
*/
public val disableRemount: Output?
get() = javaResource.disableRemount().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Enable the secrets engine to access Vault's external entropy source
*/
public val externalEntropyAccess: Output?
get() = javaResource.externalEntropyAccess().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The key to use for signing plugin workload identity tokens
*/
public val identityTokenKey: Output?
get() = javaResource.identityTokenKey().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Skip LDAP server SSL Certificate verification. This is not recommended for production.
* Defaults to `false`.
*/
public val insecureTls: Output?
get() = javaResource.insecureTls().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Specifies whether to show this mount in the UI-specific listing endpoint
*/
public val listingVisibility: Output?
get() = javaResource.listingVisibility().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Mark the secrets engine as local-only. Local engines are not replicated or removed by
* replication.Tolerance duration to use when checking the last rotation time.
*/
public val local: Output?
get() = javaResource.local().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Maximum possible lease duration for secrets in seconds.
*/
public val maxLeaseTtlSeconds: Output
get() = javaResource.maxLeaseTtlSeconds().applyValue({ args0 -> args0 })
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
public val namespace: Output?
get() = javaResource.namespace().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Specifies mount type specific options that are passed to the backend
*/
public val options: Output>?
get() = javaResource.options().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}).orElse(null)
})
/**
* List of headers to allow and pass from the request to the plugin
*/
public val passthroughRequestHeaders: Output>?
get() = javaResource.passthroughRequestHeaders().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* Name of the password policy to use to generate passwords.
*/
public val passwordPolicy: Output?
get() = javaResource.passwordPolicy().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `ldap`.
*/
public val path: Output?
get() = javaResource.path().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
*/
public val pluginVersion: Output?
get() = javaResource.pluginVersion().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Timeout, in seconds, for the connection when making requests against the server
* before returning back an error.
*/
public val requestTimeout: Output
get() = javaResource.requestTimeout().applyValue({ args0 -> args0 })
/**
* The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
*/
public val schema: Output
get() = javaResource.schema().applyValue({ args0 -> args0 })
/**
* Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
*/
public val sealWrap: Output
get() = javaResource.sealWrap().applyValue({ args0 -> args0 })
/**
* If set to true, static roles will not be rotated during import.
* Defaults to false. Requires Vault 1.16 or above.
*/
public val skipStaticRoleImportRotation: Output?
get() = javaResource.skipStaticRoleImportRotation().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Issue a StartTLS command after establishing unencrypted connection.
*/
public val starttls: Output
get() = javaResource.starttls().applyValue({ args0 -> args0 })
/**
* Enables userPrincipalDomain login with [username]@UPNDomain.
*/
public val upndomain: Output
get() = javaResource.upndomain().applyValue({ args0 -> args0 })
/**
* LDAP URL to connect to. Multiple URLs can be specified by concatenating
* them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
*/
public val url: Output
get() = javaResource.url().applyValue({ args0 -> args0 })
/**
* Attribute used when searching users. Defaults to `cn`.
*/
public val userattr: Output
get() = javaResource.userattr().applyValue({ args0 -> args0 })
/**
* LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
*/
public val userdn: Output?
get() = javaResource.userdn().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
}
public object SecretBackendMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.vault.ldap.SecretBackend::class == javaResource::class
override fun map(javaResource: Resource): SecretBackend = SecretBackend(
javaResource as
com.pulumi.vault.ldap.SecretBackend,
)
}
/**
* @see [SecretBackend].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [SecretBackend].
*/
public suspend fun secretBackend(
name: String,
block: suspend SecretBackendResourceBuilder.() -> Unit,
): SecretBackend {
val builder = SecretBackendResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [SecretBackend].
* @param name The _unique_ name of the resulting resource.
*/
public fun secretBackend(name: String): SecretBackend {
val builder = SecretBackendResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy