com.pulumi.vault.ldap.kotlin.SecretBackendArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.ldap.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.vault.ldap.SecretBackendArgs.builder
import kotlin.Any
import kotlin.Boolean
import kotlin.Int
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const config = new vault.ldap.SecretBackend("config", {
* path: "my-custom-ldap",
* binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
* bindpass: "SuperSecretPassw0rd",
* url: "ldaps://localhost",
* insecureTls: true,
* userdn: "CN=Users,DC=corp,DC=example,DC=net",
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* config = vault.ldap.SecretBackend("config",
* path="my-custom-ldap",
* binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
* bindpass="SuperSecretPassw0rd",
* url="ldaps://localhost",
* insecure_tls=True,
* userdn="CN=Users,DC=corp,DC=example,DC=net")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var config = new Vault.Ldap.SecretBackend("config", new()
* {
* Path = "my-custom-ldap",
* Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
* Bindpass = "SuperSecretPassw0rd",
* Url = "ldaps://localhost",
* InsecureTls = true,
* Userdn = "CN=Users,DC=corp,DC=example,DC=net",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ldap"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := ldap.NewSecretBackend(ctx, "config", &ldap.SecretBackendArgs{
* Path: pulumi.String("my-custom-ldap"),
* Binddn: pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
* Bindpass: pulumi.String("SuperSecretPassw0rd"),
* Url: pulumi.String("ldaps://localhost"),
* InsecureTls: pulumi.Bool(true),
* Userdn: pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.ldap.SecretBackend;
* import com.pulumi.vault.ldap.SecretBackendArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var config = new SecretBackend("config", SecretBackendArgs.builder()
* .path("my-custom-ldap")
* .binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
* .bindpass("SuperSecretPassw0rd")
* .url("ldaps://localhost")
* .insecureTls("true")
* .userdn("CN=Users,DC=corp,DC=example,DC=net")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* config:
* type: vault:ldap:SecretBackend
* properties:
* path: my-custom-ldap
* binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
* bindpass: SuperSecretPassw0rd
* url: ldaps://localhost
* insecureTls: 'true'
* userdn: CN=Users,DC=corp,DC=example,DC=net
* ```
*
* ## Import
* LDAP secret backend can be imported using the `${mount}/config`, e.g.
* ```sh
* $ pulumi import vault:ldap/secretBackend:SecretBackend config ldap/config
* ```
* @property allowedManagedKeys List of managed key registry entry names that the mount in question is allowed to access
* @property allowedResponseHeaders List of headers to allow and pass from the request to the plugin
* @property auditNonHmacRequestKeys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
* @property auditNonHmacResponseKeys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
* @property binddn Distinguished name of object to bind when performing user and group search.
* @property bindpass Password to use along with binddn when performing user search.
* @property certificate CA certificate to use when verifying LDAP server certificate, must be
* x509 PEM encoded.
* @property clientTlsCert Client certificate to provide to the LDAP server, must be x509 PEM encoded.
* @property clientTlsKey Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
* @property connectionTimeout Timeout, in seconds, when attempting to connect to the LDAP server before trying
* the next URL in the configuration.
* @property defaultLeaseTtlSeconds Default lease duration for secrets in seconds.
* @property delegatedAuthAccessors List of headers to allow and pass from the request to the plugin
* @property description Human-friendly description of the mount for the Active Directory backend.
* @property disableRemount If set, opts out of mount migration on path updates.
* @property externalEntropyAccess Enable the secrets engine to access Vault's external entropy source
* @property identityTokenKey The key to use for signing plugin workload identity tokens
* @property insecureTls Skip LDAP server SSL Certificate verification. This is not recommended for production.
* Defaults to `false`.
* @property listingVisibility Specifies whether to show this mount in the UI-specific listing endpoint
* @property local Mark the secrets engine as local-only. Local engines are not replicated or removed by
* replication.Tolerance duration to use when checking the last rotation time.
* @property maxLeaseTtlSeconds Maximum possible lease duration for secrets in seconds.
* @property namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
* @property options Specifies mount type specific options that are passed to the backend
* @property passthroughRequestHeaders List of headers to allow and pass from the request to the plugin
* @property passwordPolicy Name of the password policy to use to generate passwords.
* @property path The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `ldap`.
* @property pluginVersion Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
* @property requestTimeout Timeout, in seconds, for the connection when making requests against the server
* before returning back an error.
* @property schema The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
* @property sealWrap Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
* @property skipStaticRoleImportRotation If set to true, static roles will not be rotated during import.
* Defaults to false. Requires Vault 1.16 or above.
* @property starttls Issue a StartTLS command after establishing unencrypted connection.
* @property upndomain Enables userPrincipalDomain login with [username]@UPNDomain.
* @property url LDAP URL to connect to. Multiple URLs can be specified by concatenating
* them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
* @property userattr Attribute used when searching users. Defaults to `cn`.
* @property userdn LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
*/
public data class SecretBackendArgs(
public val allowedManagedKeys: Output>? = null,
public val allowedResponseHeaders: Output>? = null,
public val auditNonHmacRequestKeys: Output>? = null,
public val auditNonHmacResponseKeys: Output>? = null,
public val binddn: Output? = null,
public val bindpass: Output? = null,
public val certificate: Output? = null,
public val clientTlsCert: Output? = null,
public val clientTlsKey: Output? = null,
public val connectionTimeout: Output? = null,
public val defaultLeaseTtlSeconds: Output? = null,
public val delegatedAuthAccessors: Output>? = null,
public val description: Output? = null,
public val disableRemount: Output? = null,
public val externalEntropyAccess: Output? = null,
public val identityTokenKey: Output? = null,
public val insecureTls: Output? = null,
public val listingVisibility: Output? = null,
public val local: Output? = null,
public val maxLeaseTtlSeconds: Output? = null,
public val namespace: Output? = null,
public val options: Output>? = null,
public val passthroughRequestHeaders: Output>? = null,
public val passwordPolicy: Output? = null,
public val path: Output? = null,
public val pluginVersion: Output? = null,
public val requestTimeout: Output? = null,
public val schema: Output? = null,
public val sealWrap: Output? = null,
public val skipStaticRoleImportRotation: Output? = null,
public val starttls: Output? = null,
public val upndomain: Output? = null,
public val url: Output? = null,
public val userattr: Output? = null,
public val userdn: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.vault.ldap.SecretBackendArgs =
com.pulumi.vault.ldap.SecretBackendArgs.builder()
.allowedManagedKeys(allowedManagedKeys?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.allowedResponseHeaders(
allowedResponseHeaders?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
)
.auditNonHmacRequestKeys(
auditNonHmacRequestKeys?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
)
.auditNonHmacResponseKeys(
auditNonHmacResponseKeys?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
)
.binddn(binddn?.applyValue({ args0 -> args0 }))
.bindpass(bindpass?.applyValue({ args0 -> args0 }))
.certificate(certificate?.applyValue({ args0 -> args0 }))
.clientTlsCert(clientTlsCert?.applyValue({ args0 -> args0 }))
.clientTlsKey(clientTlsKey?.applyValue({ args0 -> args0 }))
.connectionTimeout(connectionTimeout?.applyValue({ args0 -> args0 }))
.defaultLeaseTtlSeconds(defaultLeaseTtlSeconds?.applyValue({ args0 -> args0 }))
.delegatedAuthAccessors(
delegatedAuthAccessors?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
)
.description(description?.applyValue({ args0 -> args0 }))
.disableRemount(disableRemount?.applyValue({ args0 -> args0 }))
.externalEntropyAccess(externalEntropyAccess?.applyValue({ args0 -> args0 }))
.identityTokenKey(identityTokenKey?.applyValue({ args0 -> args0 }))
.insecureTls(insecureTls?.applyValue({ args0 -> args0 }))
.listingVisibility(listingVisibility?.applyValue({ args0 -> args0 }))
.local(local?.applyValue({ args0 -> args0 }))
.maxLeaseTtlSeconds(maxLeaseTtlSeconds?.applyValue({ args0 -> args0 }))
.namespace(namespace?.applyValue({ args0 -> args0 }))
.options(options?.applyValue({ args0 -> args0.map({ args0 -> args0.key.to(args0.value) }).toMap() }))
.passthroughRequestHeaders(
passthroughRequestHeaders?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
)
.passwordPolicy(passwordPolicy?.applyValue({ args0 -> args0 }))
.path(path?.applyValue({ args0 -> args0 }))
.pluginVersion(pluginVersion?.applyValue({ args0 -> args0 }))
.requestTimeout(requestTimeout?.applyValue({ args0 -> args0 }))
.schema(schema?.applyValue({ args0 -> args0 }))
.sealWrap(sealWrap?.applyValue({ args0 -> args0 }))
.skipStaticRoleImportRotation(skipStaticRoleImportRotation?.applyValue({ args0 -> args0 }))
.starttls(starttls?.applyValue({ args0 -> args0 }))
.upndomain(upndomain?.applyValue({ args0 -> args0 }))
.url(url?.applyValue({ args0 -> args0 }))
.userattr(userattr?.applyValue({ args0 -> args0 }))
.userdn(userdn?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [SecretBackendArgs].
*/
@PulumiTagMarker
public class SecretBackendArgsBuilder internal constructor() {
private var allowedManagedKeys: Output>? = null
private var allowedResponseHeaders: Output>? = null
private var auditNonHmacRequestKeys: Output>? = null
private var auditNonHmacResponseKeys: Output>? = null
private var binddn: Output? = null
private var bindpass: Output? = null
private var certificate: Output? = null
private var clientTlsCert: Output? = null
private var clientTlsKey: Output? = null
private var connectionTimeout: Output? = null
private var defaultLeaseTtlSeconds: Output? = null
private var delegatedAuthAccessors: Output>? = null
private var description: Output? = null
private var disableRemount: Output? = null
private var externalEntropyAccess: Output? = null
private var identityTokenKey: Output? = null
private var insecureTls: Output? = null
private var listingVisibility: Output? = null
private var local: Output? = null
private var maxLeaseTtlSeconds: Output? = null
private var namespace: Output? = null
private var options: Output>? = null
private var passthroughRequestHeaders: Output>? = null
private var passwordPolicy: Output? = null
private var path: Output? = null
private var pluginVersion: Output? = null
private var requestTimeout: Output? = null
private var schema: Output? = null
private var sealWrap: Output? = null
private var skipStaticRoleImportRotation: Output? = null
private var starttls: Output? = null
private var upndomain: Output? = null
private var url: Output? = null
private var userattr: Output? = null
private var userdn: Output? = null
/**
* @param value List of managed key registry entry names that the mount in question is allowed to access
*/
@JvmName("xgmejjdfnycpeahm")
public suspend fun allowedManagedKeys(`value`: Output>) {
this.allowedManagedKeys = value
}
@JvmName("vbwbkmxbiudvrquw")
public suspend fun allowedManagedKeys(vararg values: Output) {
this.allowedManagedKeys = Output.all(values.asList())
}
/**
* @param values List of managed key registry entry names that the mount in question is allowed to access
*/
@JvmName("qiuextdevxqthgax")
public suspend fun allowedManagedKeys(values: List>) {
this.allowedManagedKeys = Output.all(values)
}
/**
* @param value List of headers to allow and pass from the request to the plugin
*/
@JvmName("dluobwakftalybgf")
public suspend fun allowedResponseHeaders(`value`: Output>) {
this.allowedResponseHeaders = value
}
@JvmName("ttxbspkdtupwgcaq")
public suspend fun allowedResponseHeaders(vararg values: Output) {
this.allowedResponseHeaders = Output.all(values.asList())
}
/**
* @param values List of headers to allow and pass from the request to the plugin
*/
@JvmName("gblmrvqihmecwaig")
public suspend fun allowedResponseHeaders(values: List>) {
this.allowedResponseHeaders = Output.all(values)
}
/**
* @param value Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
*/
@JvmName("xfcffueyjyjrfrjd")
public suspend fun auditNonHmacRequestKeys(`value`: Output>) {
this.auditNonHmacRequestKeys = value
}
@JvmName("fuuvrrtttkbntqxq")
public suspend fun auditNonHmacRequestKeys(vararg values: Output) {
this.auditNonHmacRequestKeys = Output.all(values.asList())
}
/**
* @param values Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
*/
@JvmName("gxmlfrerjedajgrp")
public suspend fun auditNonHmacRequestKeys(values: List>) {
this.auditNonHmacRequestKeys = Output.all(values)
}
/**
* @param value Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
*/
@JvmName("mblbguapxwyuymso")
public suspend fun auditNonHmacResponseKeys(`value`: Output>) {
this.auditNonHmacResponseKeys = value
}
@JvmName("sjeccbpbahyiqdrp")
public suspend fun auditNonHmacResponseKeys(vararg values: Output) {
this.auditNonHmacResponseKeys = Output.all(values.asList())
}
/**
* @param values Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
*/
@JvmName("isbutjfwvgopacvy")
public suspend fun auditNonHmacResponseKeys(values: List>) {
this.auditNonHmacResponseKeys = Output.all(values)
}
/**
* @param value Distinguished name of object to bind when performing user and group search.
*/
@JvmName("svggudbcfwbgwoio")
public suspend fun binddn(`value`: Output) {
this.binddn = value
}
/**
* @param value Password to use along with binddn when performing user search.
*/
@JvmName("bjfurqubbtbycolk")
public suspend fun bindpass(`value`: Output) {
this.bindpass = value
}
/**
* @param value CA certificate to use when verifying LDAP server certificate, must be
* x509 PEM encoded.
*/
@JvmName("febullsyvhcdhpve")
public suspend fun certificate(`value`: Output) {
this.certificate = value
}
/**
* @param value Client certificate to provide to the LDAP server, must be x509 PEM encoded.
*/
@JvmName("uvvddeelasqbfeip")
public suspend fun clientTlsCert(`value`: Output) {
this.clientTlsCert = value
}
/**
* @param value Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
*/
@JvmName("guyseybgqfogkrft")
public suspend fun clientTlsKey(`value`: Output) {
this.clientTlsKey = value
}
/**
* @param value Timeout, in seconds, when attempting to connect to the LDAP server before trying
* the next URL in the configuration.
*/
@JvmName("rsbprcakccmiqfad")
public suspend fun connectionTimeout(`value`: Output) {
this.connectionTimeout = value
}
/**
* @param value Default lease duration for secrets in seconds.
*/
@JvmName("lsmnwttmnudqfduo")
public suspend fun defaultLeaseTtlSeconds(`value`: Output) {
this.defaultLeaseTtlSeconds = value
}
/**
* @param value List of headers to allow and pass from the request to the plugin
*/
@JvmName("fpcykfasoxnvypfk")
public suspend fun delegatedAuthAccessors(`value`: Output>) {
this.delegatedAuthAccessors = value
}
@JvmName("moeakwbofjeagppj")
public suspend fun delegatedAuthAccessors(vararg values: Output) {
this.delegatedAuthAccessors = Output.all(values.asList())
}
/**
* @param values List of headers to allow and pass from the request to the plugin
*/
@JvmName("hcdidtuxlfpoyddr")
public suspend fun delegatedAuthAccessors(values: List>) {
this.delegatedAuthAccessors = Output.all(values)
}
/**
* @param value Human-friendly description of the mount for the Active Directory backend.
*/
@JvmName("aajlhhtspmwwuklo")
public suspend fun description(`value`: Output) {
this.description = value
}
/**
* @param value If set, opts out of mount migration on path updates.
*/
@JvmName("scvgdqpityweealr")
public suspend fun disableRemount(`value`: Output) {
this.disableRemount = value
}
/**
* @param value Enable the secrets engine to access Vault's external entropy source
*/
@JvmName("hfrdxjyihxvkgxcw")
public suspend fun externalEntropyAccess(`value`: Output) {
this.externalEntropyAccess = value
}
/**
* @param value The key to use for signing plugin workload identity tokens
*/
@JvmName("rxrclvvefaravwsc")
public suspend fun identityTokenKey(`value`: Output) {
this.identityTokenKey = value
}
/**
* @param value Skip LDAP server SSL Certificate verification. This is not recommended for production.
* Defaults to `false`.
*/
@JvmName("lmjfrgjcjytikwbk")
public suspend fun insecureTls(`value`: Output) {
this.insecureTls = value
}
/**
* @param value Specifies whether to show this mount in the UI-specific listing endpoint
*/
@JvmName("motaybnnserbhvub")
public suspend fun listingVisibility(`value`: Output) {
this.listingVisibility = value
}
/**
* @param value Mark the secrets engine as local-only. Local engines are not replicated or removed by
* replication.Tolerance duration to use when checking the last rotation time.
*/
@JvmName("qsaifrmyynsurhrv")
public suspend fun local(`value`: Output) {
this.local = value
}
/**
* @param value Maximum possible lease duration for secrets in seconds.
*/
@JvmName("qmfwwifqygsdclvl")
public suspend fun maxLeaseTtlSeconds(`value`: Output) {
this.maxLeaseTtlSeconds = value
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("jriphyvxhlkfckgj")
public suspend fun namespace(`value`: Output) {
this.namespace = value
}
/**
* @param value Specifies mount type specific options that are passed to the backend
*/
@JvmName("gydirwnkjxamdrir")
public suspend fun options(`value`: Output>) {
this.options = value
}
/**
* @param value List of headers to allow and pass from the request to the plugin
*/
@JvmName("euudtbqwtvgguoqt")
public suspend fun passthroughRequestHeaders(`value`: Output>) {
this.passthroughRequestHeaders = value
}
@JvmName("aeymcihesvxyfswa")
public suspend fun passthroughRequestHeaders(vararg values: Output) {
this.passthroughRequestHeaders = Output.all(values.asList())
}
/**
* @param values List of headers to allow and pass from the request to the plugin
*/
@JvmName("pfgateylucykfuik")
public suspend fun passthroughRequestHeaders(values: List>) {
this.passthroughRequestHeaders = Output.all(values)
}
/**
* @param value Name of the password policy to use to generate passwords.
*/
@JvmName("qmrnnprlievclsfp")
public suspend fun passwordPolicy(`value`: Output) {
this.passwordPolicy = value
}
/**
* @param value The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `ldap`.
*/
@JvmName("chxhyqpdndbhwmrr")
public suspend fun path(`value`: Output) {
this.path = value
}
/**
* @param value Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
*/
@JvmName("pysxkaqwyocmydvu")
public suspend fun pluginVersion(`value`: Output) {
this.pluginVersion = value
}
/**
* @param value Timeout, in seconds, for the connection when making requests against the server
* before returning back an error.
*/
@JvmName("pbupqtgqiecotavu")
public suspend fun requestTimeout(`value`: Output) {
this.requestTimeout = value
}
/**
* @param value The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
*/
@JvmName("evgojpdpnrsgurfw")
public suspend fun schema(`value`: Output) {
this.schema = value
}
/**
* @param value Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
*/
@JvmName("mpfbgfbwalwsjjku")
public suspend fun sealWrap(`value`: Output) {
this.sealWrap = value
}
/**
* @param value If set to true, static roles will not be rotated during import.
* Defaults to false. Requires Vault 1.16 or above.
*/
@JvmName("wwnlcmkkxeftlath")
public suspend fun skipStaticRoleImportRotation(`value`: Output) {
this.skipStaticRoleImportRotation = value
}
/**
* @param value Issue a StartTLS command after establishing unencrypted connection.
*/
@JvmName("mptycvlpesxajhkl")
public suspend fun starttls(`value`: Output) {
this.starttls = value
}
/**
* @param value Enables userPrincipalDomain login with [username]@UPNDomain.
*/
@JvmName("bwjmphomoauytduh")
public suspend fun upndomain(`value`: Output) {
this.upndomain = value
}
/**
* @param value LDAP URL to connect to. Multiple URLs can be specified by concatenating
* them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
*/
@JvmName("koxoqvijdgcbsdxr")
public suspend fun url(`value`: Output) {
this.url = value
}
/**
* @param value Attribute used when searching users. Defaults to `cn`.
*/
@JvmName("srjyelqpkskibnhg")
public suspend fun userattr(`value`: Output) {
this.userattr = value
}
/**
* @param value LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
*/
@JvmName("hnnsfwvbxwaxjhkk")
public suspend fun userdn(`value`: Output) {
this.userdn = value
}
/**
* @param value List of managed key registry entry names that the mount in question is allowed to access
*/
@JvmName("gpraivqdpomxytnm")
public suspend fun allowedManagedKeys(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedManagedKeys = mapped
}
/**
* @param values List of managed key registry entry names that the mount in question is allowed to access
*/
@JvmName("svvexfgtxgkonskb")
public suspend fun allowedManagedKeys(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.allowedManagedKeys = mapped
}
/**
* @param value List of headers to allow and pass from the request to the plugin
*/
@JvmName("dvdhtihwosvnrdyk")
public suspend fun allowedResponseHeaders(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedResponseHeaders = mapped
}
/**
* @param values List of headers to allow and pass from the request to the plugin
*/
@JvmName("gawhtauqxawjjmho")
public suspend fun allowedResponseHeaders(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.allowedResponseHeaders = mapped
}
/**
* @param value Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
*/
@JvmName("tyfttwvfnhinpsrf")
public suspend fun auditNonHmacRequestKeys(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.auditNonHmacRequestKeys = mapped
}
/**
* @param values Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
*/
@JvmName("pnjgmnyolocujugn")
public suspend fun auditNonHmacRequestKeys(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.auditNonHmacRequestKeys = mapped
}
/**
* @param value Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
*/
@JvmName("nonbjnhpgactqgsi")
public suspend fun auditNonHmacResponseKeys(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.auditNonHmacResponseKeys = mapped
}
/**
* @param values Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
*/
@JvmName("qtpnfwolmbqpgoaf")
public suspend fun auditNonHmacResponseKeys(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.auditNonHmacResponseKeys = mapped
}
/**
* @param value Distinguished name of object to bind when performing user and group search.
*/
@JvmName("ejoqrxkkewrcpntv")
public suspend fun binddn(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.binddn = mapped
}
/**
* @param value Password to use along with binddn when performing user search.
*/
@JvmName("tyqnbaapnbxtsrhp")
public suspend fun bindpass(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.bindpass = mapped
}
/**
* @param value CA certificate to use when verifying LDAP server certificate, must be
* x509 PEM encoded.
*/
@JvmName("uhaungoxbfgmehgj")
public suspend fun certificate(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.certificate = mapped
}
/**
* @param value Client certificate to provide to the LDAP server, must be x509 PEM encoded.
*/
@JvmName("jwpvmoudwchpjbxj")
public suspend fun clientTlsCert(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.clientTlsCert = mapped
}
/**
* @param value Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
*/
@JvmName("wttcqjtdqepbimcl")
public suspend fun clientTlsKey(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.clientTlsKey = mapped
}
/**
* @param value Timeout, in seconds, when attempting to connect to the LDAP server before trying
* the next URL in the configuration.
*/
@JvmName("nqgpwjboquyrwdws")
public suspend fun connectionTimeout(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.connectionTimeout = mapped
}
/**
* @param value Default lease duration for secrets in seconds.
*/
@JvmName("becnqcrcgjhjaewc")
public suspend fun defaultLeaseTtlSeconds(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.defaultLeaseTtlSeconds = mapped
}
/**
* @param value List of headers to allow and pass from the request to the plugin
*/
@JvmName("mqbdcghalswhkdwa")
public suspend fun delegatedAuthAccessors(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.delegatedAuthAccessors = mapped
}
/**
* @param values List of headers to allow and pass from the request to the plugin
*/
@JvmName("fbcachuminisqmtk")
public suspend fun delegatedAuthAccessors(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.delegatedAuthAccessors = mapped
}
/**
* @param value Human-friendly description of the mount for the Active Directory backend.
*/
@JvmName("hqtcubnfulgufjmu")
public suspend fun description(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.description = mapped
}
/**
* @param value If set, opts out of mount migration on path updates.
*/
@JvmName("udmeornwayqxqjsf")
public suspend fun disableRemount(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.disableRemount = mapped
}
/**
* @param value Enable the secrets engine to access Vault's external entropy source
*/
@JvmName("chotfbsjrskyphyu")
public suspend fun externalEntropyAccess(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.externalEntropyAccess = mapped
}
/**
* @param value The key to use for signing plugin workload identity tokens
*/
@JvmName("tptlchrtkowtljdi")
public suspend fun identityTokenKey(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.identityTokenKey = mapped
}
/**
* @param value Skip LDAP server SSL Certificate verification. This is not recommended for production.
* Defaults to `false`.
*/
@JvmName("ptosuwfggvwmvxgo")
public suspend fun insecureTls(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.insecureTls = mapped
}
/**
* @param value Specifies whether to show this mount in the UI-specific listing endpoint
*/
@JvmName("vwpbqieyanpfhajy")
public suspend fun listingVisibility(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.listingVisibility = mapped
}
/**
* @param value Mark the secrets engine as local-only. Local engines are not replicated or removed by
* replication.Tolerance duration to use when checking the last rotation time.
*/
@JvmName("pmovqynoeuftlusb")
public suspend fun local(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.local = mapped
}
/**
* @param value Maximum possible lease duration for secrets in seconds.
*/
@JvmName("vhartuvyidhqhqpw")
public suspend fun maxLeaseTtlSeconds(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.maxLeaseTtlSeconds = mapped
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("cxbeyyxobnghhibb")
public suspend fun namespace(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.namespace = mapped
}
/**
* @param value Specifies mount type specific options that are passed to the backend
*/
@JvmName("vkentaavhpipsifh")
public suspend fun options(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.options = mapped
}
/**
* @param values Specifies mount type specific options that are passed to the backend
*/
@JvmName("vvvnpbveyohltpcu")
public fun options(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.options = mapped
}
/**
* @param value List of headers to allow and pass from the request to the plugin
*/
@JvmName("scmeviojecowshgx")
public suspend fun passthroughRequestHeaders(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.passthroughRequestHeaders = mapped
}
/**
* @param values List of headers to allow and pass from the request to the plugin
*/
@JvmName("plbiydhrqwpdvdhv")
public suspend fun passthroughRequestHeaders(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.passthroughRequestHeaders = mapped
}
/**
* @param value Name of the password policy to use to generate passwords.
*/
@JvmName("bguyycldfskjjcji")
public suspend fun passwordPolicy(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.passwordPolicy = mapped
}
/**
* @param value The unique path this backend should be mounted at. Must
* not begin or end with a `/`. Defaults to `ldap`.
*/
@JvmName("dheoctqupedwtgpb")
public suspend fun path(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.path = mapped
}
/**
* @param value Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
*/
@JvmName("bixktklohlhdxsbn")
public suspend fun pluginVersion(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.pluginVersion = mapped
}
/**
* @param value Timeout, in seconds, for the connection when making requests against the server
* before returning back an error.
*/
@JvmName("jnqtkadafgkwxqls")
public suspend fun requestTimeout(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.requestTimeout = mapped
}
/**
* @param value The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
*/
@JvmName("qayqtapksvuclvca")
public suspend fun schema(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.schema = mapped
}
/**
* @param value Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
*/
@JvmName("rimwrgrarjjbevsw")
public suspend fun sealWrap(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.sealWrap = mapped
}
/**
* @param value If set to true, static roles will not be rotated during import.
* Defaults to false. Requires Vault 1.16 or above.
*/
@JvmName("ngtnscjxwnowvmer")
public suspend fun skipStaticRoleImportRotation(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.skipStaticRoleImportRotation = mapped
}
/**
* @param value Issue a StartTLS command after establishing unencrypted connection.
*/
@JvmName("jbunmmfewurlqyjc")
public suspend fun starttls(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.starttls = mapped
}
/**
* @param value Enables userPrincipalDomain login with [username]@UPNDomain.
*/
@JvmName("vukjplteryinbato")
public suspend fun upndomain(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.upndomain = mapped
}
/**
* @param value LDAP URL to connect to. Multiple URLs can be specified by concatenating
* them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
*/
@JvmName("ijahiwfaadtnihaq")
public suspend fun url(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.url = mapped
}
/**
* @param value Attribute used when searching users. Defaults to `cn`.
*/
@JvmName("kgtihmtdtvaafote")
public suspend fun userattr(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.userattr = mapped
}
/**
* @param value LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
*/
@JvmName("jcbiilskeaxvlyft")
public suspend fun userdn(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.userdn = mapped
}
internal fun build(): SecretBackendArgs = SecretBackendArgs(
allowedManagedKeys = allowedManagedKeys,
allowedResponseHeaders = allowedResponseHeaders,
auditNonHmacRequestKeys = auditNonHmacRequestKeys,
auditNonHmacResponseKeys = auditNonHmacResponseKeys,
binddn = binddn,
bindpass = bindpass,
certificate = certificate,
clientTlsCert = clientTlsCert,
clientTlsKey = clientTlsKey,
connectionTimeout = connectionTimeout,
defaultLeaseTtlSeconds = defaultLeaseTtlSeconds,
delegatedAuthAccessors = delegatedAuthAccessors,
description = description,
disableRemount = disableRemount,
externalEntropyAccess = externalEntropyAccess,
identityTokenKey = identityTokenKey,
insecureTls = insecureTls,
listingVisibility = listingVisibility,
local = local,
maxLeaseTtlSeconds = maxLeaseTtlSeconds,
namespace = namespace,
options = options,
passthroughRequestHeaders = passthroughRequestHeaders,
passwordPolicy = passwordPolicy,
path = path,
pluginVersion = pluginVersion,
requestTimeout = requestTimeout,
schema = schema,
sealWrap = sealWrap,
skipStaticRoleImportRotation = skipStaticRoleImportRotation,
starttls = starttls,
upndomain = upndomain,
url = url,
userattr = userattr,
userdn = userdn,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy