com.pulumi.vault.pkiSecret.kotlin.SecretBackendCrlConfigArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.pkiSecret.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.vault.pkiSecret.SecretBackendCrlConfigArgs.builder
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName
/**
* Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const pki = new vault.Mount("pki", {
* path: "%s",
* type: "pki",
* defaultLeaseTtlSeconds: 3600,
* maxLeaseTtlSeconds: 86400,
* });
* const crlConfig = new vault.pkisecret.SecretBackendCrlConfig("crl_config", {
* backend: pki.path,
* expiry: "72h",
* disable: false,
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* pki = vault.Mount("pki",
* path="%s",
* type="pki",
* default_lease_ttl_seconds=3600,
* max_lease_ttl_seconds=86400)
* crl_config = vault.pki_secret.SecretBackendCrlConfig("crl_config",
* backend=pki.path,
* expiry="72h",
* disable=False)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var pki = new Vault.Mount("pki", new()
* {
* Path = "%s",
* Type = "pki",
* DefaultLeaseTtlSeconds = 3600,
* MaxLeaseTtlSeconds = 86400,
* });
* var crlConfig = new Vault.PkiSecret.SecretBackendCrlConfig("crl_config", new()
* {
* Backend = pki.Path,
* Expiry = "72h",
* Disable = false,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
* Path: pulumi.String("%s"),
* Type: pulumi.String("pki"),
* DefaultLeaseTtlSeconds: pulumi.Int(3600),
* MaxLeaseTtlSeconds: pulumi.Int(86400),
* })
* if err != nil {
* return err
* }
* _, err = pkiSecret.NewSecretBackendCrlConfig(ctx, "crl_config", &pkiSecret.SecretBackendCrlConfigArgs{
* Backend: pki.Path,
* Expiry: pulumi.String("72h"),
* Disable: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.Mount;
* import com.pulumi.vault.MountArgs;
* import com.pulumi.vault.pkiSecret.SecretBackendCrlConfig;
* import com.pulumi.vault.pkiSecret.SecretBackendCrlConfigArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var pki = new Mount("pki", MountArgs.builder()
* .path("%s")
* .type("pki")
* .defaultLeaseTtlSeconds(3600)
* .maxLeaseTtlSeconds(86400)
* .build());
* var crlConfig = new SecretBackendCrlConfig("crlConfig", SecretBackendCrlConfigArgs.builder()
* .backend(pki.path())
* .expiry("72h")
* .disable(false)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* pki:
* type: vault:Mount
* properties:
* path: '%s'
* type: pki
* defaultLeaseTtlSeconds: 3600
* maxLeaseTtlSeconds: 86400
* crlConfig:
* type: vault:pkiSecret:SecretBackendCrlConfig
* name: crl_config
* properties:
* backend: ${pki.path}
* expiry: 72h
* disable: false
* ```
*
* @property autoRebuild Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
* @property autoRebuildGracePeriod Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
* @property backend The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
* @property crossClusterRevocation Enable cross-cluster revocation request queues. **Vault 1.13+**
* @property deltaRebuildInterval Interval to check for new revocations on, to regenerate the delta CRL.
* @property disable Disables or enables CRL building.
* @property enableDelta Enables building of delta CRLs with up-to-date revocation information,
* augmenting the last complete CRL. **Vault 1.12+**
* @property expiry Specifies the time until expiration.
* @property namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
* @property ocspDisable Disables the OCSP responder in Vault. **Vault 1.12+**
* @property ocspExpiry The amount of time an OCSP response can be cached for, useful for OCSP stapling
* refresh durations. **Vault 1.12+**
* @property unifiedCrl Enables unified CRL and OCSP building. **Vault 1.13+**
* @property unifiedCrlOnExistingPaths Enables serving the unified CRL and OCSP on the existing, previously
* cluster-local paths. **Vault 1.13+**
*/
public data class SecretBackendCrlConfigArgs(
public val autoRebuild: Output? = null,
public val autoRebuildGracePeriod: Output? = null,
public val backend: Output? = null,
public val crossClusterRevocation: Output? = null,
public val deltaRebuildInterval: Output? = null,
public val disable: Output? = null,
public val enableDelta: Output? = null,
public val expiry: Output? = null,
public val namespace: Output? = null,
public val ocspDisable: Output? = null,
public val ocspExpiry: Output? = null,
public val unifiedCrl: Output? = null,
public val unifiedCrlOnExistingPaths: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.vault.pkiSecret.SecretBackendCrlConfigArgs =
com.pulumi.vault.pkiSecret.SecretBackendCrlConfigArgs.builder()
.autoRebuild(autoRebuild?.applyValue({ args0 -> args0 }))
.autoRebuildGracePeriod(autoRebuildGracePeriod?.applyValue({ args0 -> args0 }))
.backend(backend?.applyValue({ args0 -> args0 }))
.crossClusterRevocation(crossClusterRevocation?.applyValue({ args0 -> args0 }))
.deltaRebuildInterval(deltaRebuildInterval?.applyValue({ args0 -> args0 }))
.disable(disable?.applyValue({ args0 -> args0 }))
.enableDelta(enableDelta?.applyValue({ args0 -> args0 }))
.expiry(expiry?.applyValue({ args0 -> args0 }))
.namespace(namespace?.applyValue({ args0 -> args0 }))
.ocspDisable(ocspDisable?.applyValue({ args0 -> args0 }))
.ocspExpiry(ocspExpiry?.applyValue({ args0 -> args0 }))
.unifiedCrl(unifiedCrl?.applyValue({ args0 -> args0 }))
.unifiedCrlOnExistingPaths(unifiedCrlOnExistingPaths?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [SecretBackendCrlConfigArgs].
*/
@PulumiTagMarker
public class SecretBackendCrlConfigArgsBuilder internal constructor() {
private var autoRebuild: Output? = null
private var autoRebuildGracePeriod: Output? = null
private var backend: Output? = null
private var crossClusterRevocation: Output? = null
private var deltaRebuildInterval: Output? = null
private var disable: Output? = null
private var enableDelta: Output? = null
private var expiry: Output? = null
private var namespace: Output? = null
private var ocspDisable: Output? = null
private var ocspExpiry: Output? = null
private var unifiedCrl: Output? = null
private var unifiedCrlOnExistingPaths: Output? = null
/**
* @param value Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
*/
@JvmName("fpnndobuagcpluqq")
public suspend fun autoRebuild(`value`: Output) {
this.autoRebuild = value
}
/**
* @param value Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
*/
@JvmName("qheckhghswvclthf")
public suspend fun autoRebuildGracePeriod(`value`: Output) {
this.autoRebuildGracePeriod = value
}
/**
* @param value The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
*/
@JvmName("luxccvdvvplnpcqp")
public suspend fun backend(`value`: Output) {
this.backend = value
}
/**
* @param value Enable cross-cluster revocation request queues. **Vault 1.13+**
*/
@JvmName("xlfxqxpmogvdjymf")
public suspend fun crossClusterRevocation(`value`: Output) {
this.crossClusterRevocation = value
}
/**
* @param value Interval to check for new revocations on, to regenerate the delta CRL.
*/
@JvmName("sdakgljalswhjilo")
public suspend fun deltaRebuildInterval(`value`: Output) {
this.deltaRebuildInterval = value
}
/**
* @param value Disables or enables CRL building.
*/
@JvmName("olvnhfdbnllaxyuq")
public suspend fun disable(`value`: Output) {
this.disable = value
}
/**
* @param value Enables building of delta CRLs with up-to-date revocation information,
* augmenting the last complete CRL. **Vault 1.12+**
*/
@JvmName("fybfokhaovydekbk")
public suspend fun enableDelta(`value`: Output) {
this.enableDelta = value
}
/**
* @param value Specifies the time until expiration.
*/
@JvmName("oxakgdbwfgunoaqw")
public suspend fun expiry(`value`: Output) {
this.expiry = value
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("pyttalkcysgeoscf")
public suspend fun namespace(`value`: Output) {
this.namespace = value
}
/**
* @param value Disables the OCSP responder in Vault. **Vault 1.12+**
*/
@JvmName("rgrlktxjkktbanyq")
public suspend fun ocspDisable(`value`: Output) {
this.ocspDisable = value
}
/**
* @param value The amount of time an OCSP response can be cached for, useful for OCSP stapling
* refresh durations. **Vault 1.12+**
*/
@JvmName("lkvyktypfkjhskvn")
public suspend fun ocspExpiry(`value`: Output) {
this.ocspExpiry = value
}
/**
* @param value Enables unified CRL and OCSP building. **Vault 1.13+**
*/
@JvmName("nybfoyrfdkucwjsb")
public suspend fun unifiedCrl(`value`: Output) {
this.unifiedCrl = value
}
/**
* @param value Enables serving the unified CRL and OCSP on the existing, previously
* cluster-local paths. **Vault 1.13+**
*/
@JvmName("bdssnjgyxvrexjqv")
public suspend fun unifiedCrlOnExistingPaths(`value`: Output) {
this.unifiedCrlOnExistingPaths = value
}
/**
* @param value Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
*/
@JvmName("jgujyshpjsiydqwa")
public suspend fun autoRebuild(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.autoRebuild = mapped
}
/**
* @param value Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
*/
@JvmName("qxueldykrbrsnawq")
public suspend fun autoRebuildGracePeriod(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.autoRebuildGracePeriod = mapped
}
/**
* @param value The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
*/
@JvmName("jbqwabaiomevwwae")
public suspend fun backend(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.backend = mapped
}
/**
* @param value Enable cross-cluster revocation request queues. **Vault 1.13+**
*/
@JvmName("sliibmdmuxqpmttv")
public suspend fun crossClusterRevocation(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.crossClusterRevocation = mapped
}
/**
* @param value Interval to check for new revocations on, to regenerate the delta CRL.
*/
@JvmName("enyuqrvndwmerovw")
public suspend fun deltaRebuildInterval(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.deltaRebuildInterval = mapped
}
/**
* @param value Disables or enables CRL building.
*/
@JvmName("snnmnhrabunwsfeu")
public suspend fun disable(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.disable = mapped
}
/**
* @param value Enables building of delta CRLs with up-to-date revocation information,
* augmenting the last complete CRL. **Vault 1.12+**
*/
@JvmName("fxvukrbbjrelcrie")
public suspend fun enableDelta(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.enableDelta = mapped
}
/**
* @param value Specifies the time until expiration.
*/
@JvmName("lwxnjdcsnruaswte")
public suspend fun expiry(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.expiry = mapped
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("gtthqdgaksfudvfm")
public suspend fun namespace(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.namespace = mapped
}
/**
* @param value Disables the OCSP responder in Vault. **Vault 1.12+**
*/
@JvmName("vubhyrhwcukbohif")
public suspend fun ocspDisable(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.ocspDisable = mapped
}
/**
* @param value The amount of time an OCSP response can be cached for, useful for OCSP stapling
* refresh durations. **Vault 1.12+**
*/
@JvmName("iamvhlyoegqmtvsn")
public suspend fun ocspExpiry(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.ocspExpiry = mapped
}
/**
* @param value Enables unified CRL and OCSP building. **Vault 1.13+**
*/
@JvmName("kcthchmeoycwwxqr")
public suspend fun unifiedCrl(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.unifiedCrl = mapped
}
/**
* @param value Enables serving the unified CRL and OCSP on the existing, previously
* cluster-local paths. **Vault 1.13+**
*/
@JvmName("jgxgipsxqynfplas")
public suspend fun unifiedCrlOnExistingPaths(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.unifiedCrlOnExistingPaths = mapped
}
internal fun build(): SecretBackendCrlConfigArgs = SecretBackendCrlConfigArgs(
autoRebuild = autoRebuild,
autoRebuildGracePeriod = autoRebuildGracePeriod,
backend = backend,
crossClusterRevocation = crossClusterRevocation,
deltaRebuildInterval = deltaRebuildInterval,
disable = disable,
enableDelta = enableDelta,
expiry = expiry,
namespace = namespace,
ocspDisable = ocspDisable,
ocspExpiry = ocspExpiry,
unifiedCrl = unifiedCrl,
unifiedCrlOnExistingPaths = unifiedCrlOnExistingPaths,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy