com.pulumi.vault.ssh.kotlin.SecretBackendRoleArgs.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.ssh.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import com.pulumi.vault.ssh.SecretBackendRoleArgs.builder
import com.pulumi.vault.ssh.kotlin.inputs.SecretBackendRoleAllowedUserKeyConfigArgs
import com.pulumi.vault.ssh.kotlin.inputs.SecretBackendRoleAllowedUserKeyConfigArgsBuilder
import kotlin.Any
import kotlin.Boolean
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* Provides a resource to manage roles in an SSH secret backend
* [SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const example = new vault.Mount("example", {type: "ssh"});
* const foo = new vault.ssh.SecretBackendRole("foo", {
* name: "my-role",
* backend: example.path,
* keyType: "ca",
* allowUserCertificates: true,
* });
* const bar = new vault.ssh.SecretBackendRole("bar", {
* name: "otp-role",
* backend: example.path,
* keyType: "otp",
* defaultUser: "default",
* allowedUsers: "default,baz",
* cidrList: "0.0.0.0/0",
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* example = vault.Mount("example", type="ssh")
* foo = vault.ssh.SecretBackendRole("foo",
* name="my-role",
* backend=example.path,
* key_type="ca",
* allow_user_certificates=True)
* bar = vault.ssh.SecretBackendRole("bar",
* name="otp-role",
* backend=example.path,
* key_type="otp",
* default_user="default",
* allowed_users="default,baz",
* cidr_list="0.0.0.0/0")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var example = new Vault.Mount("example", new()
* {
* Type = "ssh",
* });
* var foo = new Vault.Ssh.SecretBackendRole("foo", new()
* {
* Name = "my-role",
* Backend = example.Path,
* KeyType = "ca",
* AllowUserCertificates = true,
* });
* var bar = new Vault.Ssh.SecretBackendRole("bar", new()
* {
* Name = "otp-role",
* Backend = example.Path,
* KeyType = "otp",
* DefaultUser = "default",
* AllowedUsers = "default,baz",
* CidrList = "0.0.0.0/0",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ssh"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := vault.NewMount(ctx, "example", &vault.MountArgs{
* Type: pulumi.String("ssh"),
* })
* if err != nil {
* return err
* }
* _, err = ssh.NewSecretBackendRole(ctx, "foo", &ssh.SecretBackendRoleArgs{
* Name: pulumi.String("my-role"),
* Backend: example.Path,
* KeyType: pulumi.String("ca"),
* AllowUserCertificates: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* _, err = ssh.NewSecretBackendRole(ctx, "bar", &ssh.SecretBackendRoleArgs{
* Name: pulumi.String("otp-role"),
* Backend: example.Path,
* KeyType: pulumi.String("otp"),
* DefaultUser: pulumi.String("default"),
* AllowedUsers: pulumi.String("default,baz"),
* CidrList: pulumi.String("0.0.0.0/0"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.Mount;
* import com.pulumi.vault.MountArgs;
* import com.pulumi.vault.ssh.SecretBackendRole;
* import com.pulumi.vault.ssh.SecretBackendRoleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new Mount("example", MountArgs.builder()
* .type("ssh")
* .build());
* var foo = new SecretBackendRole("foo", SecretBackendRoleArgs.builder()
* .name("my-role")
* .backend(example.path())
* .keyType("ca")
* .allowUserCertificates(true)
* .build());
* var bar = new SecretBackendRole("bar", SecretBackendRoleArgs.builder()
* .name("otp-role")
* .backend(example.path())
* .keyType("otp")
* .defaultUser("default")
* .allowedUsers("default,baz")
* .cidrList("0.0.0.0/0")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: vault:Mount
* properties:
* type: ssh
* foo:
* type: vault:ssh:SecretBackendRole
* properties:
* name: my-role
* backend: ${example.path}
* keyType: ca
* allowUserCertificates: true
* bar:
* type: vault:ssh:SecretBackendRole
* properties:
* name: otp-role
* backend: ${example.path}
* keyType: otp
* defaultUser: default
* allowedUsers: default,baz
* cidrList: 0.0.0.0/0
* ```
*
* ## Import
* SSH secret backend roles can be imported using the `path`, e.g.
* ```sh
* $ pulumi import vault:ssh/secretBackendRole:SecretBackendRole foo ssh/roles/my-role
* ```
* @property algorithmSigner When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
* @property allowBareDomains Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
* @property allowHostCertificates Specifies if certificates are allowed to be signed for use as a 'host'.
* @property allowSubdomains Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
* @property allowUserCertificates Specifies if certificates are allowed to be signed for use as a 'user'.
* @property allowUserKeyIds Specifies if users can override the key ID for a signed certificate with the `key_id` field.
* @property allowedCriticalOptions Specifies a comma-separated list of critical options that certificates can have when signed.
* @property allowedDomains The list of domains for which a client can request a host certificate.
* @property allowedDomainsTemplate Specifies if `allowed_domains` can be declared using
* identity template policies. Non-templated domains are also permitted.
* @property allowedExtensions Specifies a comma-separated list of extensions that certificates can have when signed.
* @property allowedUserKeyConfigs Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
* @property allowedUsers Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
* @property allowedUsersTemplate Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
* @property backend The path where the SSH secret backend is mounted.
* @property cidrList The comma-separated string of CIDR blocks for which this role is applicable.
* @property defaultCriticalOptions Specifies a map of critical options that certificates have when signed.
* @property defaultExtensions Specifies a map of extensions that certificates have when signed.
* @property defaultUser Specifies the default username for which a credential will be generated.
* @property defaultUserTemplate If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
* @property keyIdFormat Specifies a custom format for the key id of a signed certificate.
* @property keyType Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
* @property maxTtl Specifies the maximum Time To Live value.
* @property name Specifies the name of the role to create.
* @property namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
* @property notBeforeDuration Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
* @property ttl Specifies the Time To Live value.
*/
public data class SecretBackendRoleArgs(
public val algorithmSigner: Output? = null,
public val allowBareDomains: Output? = null,
public val allowHostCertificates: Output? = null,
public val allowSubdomains: Output? = null,
public val allowUserCertificates: Output? = null,
public val allowUserKeyIds: Output? = null,
public val allowedCriticalOptions: Output? = null,
public val allowedDomains: Output? = null,
public val allowedDomainsTemplate: Output? = null,
public val allowedExtensions: Output? = null,
public val allowedUserKeyConfigs: Output>? = null,
public val allowedUsers: Output? = null,
public val allowedUsersTemplate: Output? = null,
public val backend: Output? = null,
public val cidrList: Output? = null,
public val defaultCriticalOptions: Output>? = null,
public val defaultExtensions: Output>? = null,
public val defaultUser: Output? = null,
public val defaultUserTemplate: Output? = null,
public val keyIdFormat: Output? = null,
public val keyType: Output? = null,
public val maxTtl: Output? = null,
public val name: Output? = null,
public val namespace: Output? = null,
public val notBeforeDuration: Output? = null,
public val ttl: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.vault.ssh.SecretBackendRoleArgs =
com.pulumi.vault.ssh.SecretBackendRoleArgs.builder()
.algorithmSigner(algorithmSigner?.applyValue({ args0 -> args0 }))
.allowBareDomains(allowBareDomains?.applyValue({ args0 -> args0 }))
.allowHostCertificates(allowHostCertificates?.applyValue({ args0 -> args0 }))
.allowSubdomains(allowSubdomains?.applyValue({ args0 -> args0 }))
.allowUserCertificates(allowUserCertificates?.applyValue({ args0 -> args0 }))
.allowUserKeyIds(allowUserKeyIds?.applyValue({ args0 -> args0 }))
.allowedCriticalOptions(allowedCriticalOptions?.applyValue({ args0 -> args0 }))
.allowedDomains(allowedDomains?.applyValue({ args0 -> args0 }))
.allowedDomainsTemplate(allowedDomainsTemplate?.applyValue({ args0 -> args0 }))
.allowedExtensions(allowedExtensions?.applyValue({ args0 -> args0 }))
.allowedUserKeyConfigs(
allowedUserKeyConfigs?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> args0.toJava() })
})
}),
)
.allowedUsers(allowedUsers?.applyValue({ args0 -> args0 }))
.allowedUsersTemplate(allowedUsersTemplate?.applyValue({ args0 -> args0 }))
.backend(backend?.applyValue({ args0 -> args0 }))
.cidrList(cidrList?.applyValue({ args0 -> args0 }))
.defaultCriticalOptions(
defaultCriticalOptions?.applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}),
)
.defaultExtensions(
defaultExtensions?.applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}),
)
.defaultUser(defaultUser?.applyValue({ args0 -> args0 }))
.defaultUserTemplate(defaultUserTemplate?.applyValue({ args0 -> args0 }))
.keyIdFormat(keyIdFormat?.applyValue({ args0 -> args0 }))
.keyType(keyType?.applyValue({ args0 -> args0 }))
.maxTtl(maxTtl?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.namespace(namespace?.applyValue({ args0 -> args0 }))
.notBeforeDuration(notBeforeDuration?.applyValue({ args0 -> args0 }))
.ttl(ttl?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [SecretBackendRoleArgs].
*/
@PulumiTagMarker
public class SecretBackendRoleArgsBuilder internal constructor() {
private var algorithmSigner: Output? = null
private var allowBareDomains: Output? = null
private var allowHostCertificates: Output? = null
private var allowSubdomains: Output? = null
private var allowUserCertificates: Output? = null
private var allowUserKeyIds: Output? = null
private var allowedCriticalOptions: Output? = null
private var allowedDomains: Output? = null
private var allowedDomainsTemplate: Output? = null
private var allowedExtensions: Output? = null
private var allowedUserKeyConfigs: Output>? = null
private var allowedUsers: Output? = null
private var allowedUsersTemplate: Output? = null
private var backend: Output? = null
private var cidrList: Output? = null
private var defaultCriticalOptions: Output>? = null
private var defaultExtensions: Output>? = null
private var defaultUser: Output? = null
private var defaultUserTemplate: Output? = null
private var keyIdFormat: Output? = null
private var keyType: Output? = null
private var maxTtl: Output? = null
private var name: Output? = null
private var namespace: Output? = null
private var notBeforeDuration: Output? = null
private var ttl: Output? = null
/**
* @param value When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
*/
@JvmName("cufmnbsxpgyrsfex")
public suspend fun algorithmSigner(`value`: Output) {
this.algorithmSigner = value
}
/**
* @param value Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
*/
@JvmName("baymjjujddakogmg")
public suspend fun allowBareDomains(`value`: Output) {
this.allowBareDomains = value
}
/**
* @param value Specifies if certificates are allowed to be signed for use as a 'host'.
*/
@JvmName("bmhlsmsvwsvnmbqk")
public suspend fun allowHostCertificates(`value`: Output) {
this.allowHostCertificates = value
}
/**
* @param value Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
*/
@JvmName("wnnaiwruioouwipk")
public suspend fun allowSubdomains(`value`: Output) {
this.allowSubdomains = value
}
/**
* @param value Specifies if certificates are allowed to be signed for use as a 'user'.
*/
@JvmName("eldkrxuugibryhdo")
public suspend fun allowUserCertificates(`value`: Output) {
this.allowUserCertificates = value
}
/**
* @param value Specifies if users can override the key ID for a signed certificate with the `key_id` field.
*/
@JvmName("cgdicnvklvqadtvf")
public suspend fun allowUserKeyIds(`value`: Output) {
this.allowUserKeyIds = value
}
/**
* @param value Specifies a comma-separated list of critical options that certificates can have when signed.
*/
@JvmName("ndcxtgeglbsumrum")
public suspend fun allowedCriticalOptions(`value`: Output) {
this.allowedCriticalOptions = value
}
/**
* @param value The list of domains for which a client can request a host certificate.
*/
@JvmName("ttjgeaiqwnjnvfca")
public suspend fun allowedDomains(`value`: Output) {
this.allowedDomains = value
}
/**
* @param value Specifies if `allowed_domains` can be declared using
* identity template policies. Non-templated domains are also permitted.
*/
@JvmName("nxxvcgnrrshclvad")
public suspend fun allowedDomainsTemplate(`value`: Output) {
this.allowedDomainsTemplate = value
}
/**
* @param value Specifies a comma-separated list of extensions that certificates can have when signed.
*/
@JvmName("ajtxoynlrcfgqojr")
public suspend fun allowedExtensions(`value`: Output) {
this.allowedExtensions = value
}
/**
* @param value Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
*/
@JvmName("jvcbugbpcxtfxjdw")
public suspend fun allowedUserKeyConfigs(`value`: Output>) {
this.allowedUserKeyConfigs = value
}
@JvmName("jerecprdspefetnj")
public suspend fun allowedUserKeyConfigs(vararg values: Output) {
this.allowedUserKeyConfigs = Output.all(values.asList())
}
/**
* @param values Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
*/
@JvmName("kwdvwjvhhlxhajxp")
public suspend fun allowedUserKeyConfigs(values: List>) {
this.allowedUserKeyConfigs = Output.all(values)
}
/**
* @param value Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
*/
@JvmName("cltaklvmtnjmradm")
public suspend fun allowedUsers(`value`: Output) {
this.allowedUsers = value
}
/**
* @param value Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
*/
@JvmName("phuxkeqqwtmnbklw")
public suspend fun allowedUsersTemplate(`value`: Output) {
this.allowedUsersTemplate = value
}
/**
* @param value The path where the SSH secret backend is mounted.
*/
@JvmName("finljnssukxnrwhk")
public suspend fun backend(`value`: Output) {
this.backend = value
}
/**
* @param value The comma-separated string of CIDR blocks for which this role is applicable.
*/
@JvmName("wiftwgywefdrbwdx")
public suspend fun cidrList(`value`: Output) {
this.cidrList = value
}
/**
* @param value Specifies a map of critical options that certificates have when signed.
*/
@JvmName("ouynfdqcaiwlwhid")
public suspend fun defaultCriticalOptions(`value`: Output>) {
this.defaultCriticalOptions = value
}
/**
* @param value Specifies a map of extensions that certificates have when signed.
*/
@JvmName("gpjjpltplcjdxmge")
public suspend fun defaultExtensions(`value`: Output>) {
this.defaultExtensions = value
}
/**
* @param value Specifies the default username for which a credential will be generated.
*/
@JvmName("sjpelbeqvcftalnl")
public suspend fun defaultUser(`value`: Output) {
this.defaultUser = value
}
/**
* @param value If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
*/
@JvmName("mgqkplexytgaskyk")
public suspend fun defaultUserTemplate(`value`: Output) {
this.defaultUserTemplate = value
}
/**
* @param value Specifies a custom format for the key id of a signed certificate.
*/
@JvmName("caunptgiicpqntop")
public suspend fun keyIdFormat(`value`: Output) {
this.keyIdFormat = value
}
/**
* @param value Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
*/
@JvmName("xwlrmffhweibhsut")
public suspend fun keyType(`value`: Output) {
this.keyType = value
}
/**
* @param value Specifies the maximum Time To Live value.
*/
@JvmName("rbataurhykkgxknk")
public suspend fun maxTtl(`value`: Output) {
this.maxTtl = value
}
/**
* @param value Specifies the name of the role to create.
*/
@JvmName("tekkhqrjeyqlxrpf")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("yuccdbafhjhdbert")
public suspend fun namespace(`value`: Output) {
this.namespace = value
}
/**
* @param value Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
*/
@JvmName("yibxkvbqjdrufspb")
public suspend fun notBeforeDuration(`value`: Output) {
this.notBeforeDuration = value
}
/**
* @param value Specifies the Time To Live value.
*/
@JvmName("wkflvepbfocwiedg")
public suspend fun ttl(`value`: Output) {
this.ttl = value
}
/**
* @param value When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
*/
@JvmName("mkjbapyrigukdufk")
public suspend fun algorithmSigner(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.algorithmSigner = mapped
}
/**
* @param value Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
*/
@JvmName("eqdsnpbmjwqoepjy")
public suspend fun allowBareDomains(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowBareDomains = mapped
}
/**
* @param value Specifies if certificates are allowed to be signed for use as a 'host'.
*/
@JvmName("rkrwemnnrsjtmmne")
public suspend fun allowHostCertificates(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowHostCertificates = mapped
}
/**
* @param value Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
*/
@JvmName("rppjjyvxycrwjntr")
public suspend fun allowSubdomains(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowSubdomains = mapped
}
/**
* @param value Specifies if certificates are allowed to be signed for use as a 'user'.
*/
@JvmName("buhbdynvaxnpludb")
public suspend fun allowUserCertificates(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowUserCertificates = mapped
}
/**
* @param value Specifies if users can override the key ID for a signed certificate with the `key_id` field.
*/
@JvmName("iwqxxvbydpovcran")
public suspend fun allowUserKeyIds(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowUserKeyIds = mapped
}
/**
* @param value Specifies a comma-separated list of critical options that certificates can have when signed.
*/
@JvmName("omgtwkamottpqtua")
public suspend fun allowedCriticalOptions(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedCriticalOptions = mapped
}
/**
* @param value The list of domains for which a client can request a host certificate.
*/
@JvmName("wqcmabbgnnvfctky")
public suspend fun allowedDomains(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedDomains = mapped
}
/**
* @param value Specifies if `allowed_domains` can be declared using
* identity template policies. Non-templated domains are also permitted.
*/
@JvmName("fxvxfdjolnyqngsm")
public suspend fun allowedDomainsTemplate(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedDomainsTemplate = mapped
}
/**
* @param value Specifies a comma-separated list of extensions that certificates can have when signed.
*/
@JvmName("cffvrrsodopcdyje")
public suspend fun allowedExtensions(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedExtensions = mapped
}
/**
* @param value Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
*/
@JvmName("rweqxqveadttleig")
public suspend fun allowedUserKeyConfigs(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedUserKeyConfigs = mapped
}
/**
* @param argument Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
*/
@JvmName("yyeyqhawmovnigur")
public suspend fun allowedUserKeyConfigs(argument: List Unit>) {
val toBeMapped = argument.toList().map {
SecretBackendRoleAllowedUserKeyConfigArgsBuilder().applySuspend { it() }.build()
}
val mapped = of(toBeMapped)
this.allowedUserKeyConfigs = mapped
}
/**
* @param argument Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
*/
@JvmName("pqcpcncwkfxqrlcr")
public suspend fun allowedUserKeyConfigs(vararg argument: suspend SecretBackendRoleAllowedUserKeyConfigArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
SecretBackendRoleAllowedUserKeyConfigArgsBuilder().applySuspend { it() }.build()
}
val mapped = of(toBeMapped)
this.allowedUserKeyConfigs = mapped
}
/**
* @param argument Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
*/
@JvmName("ddjyfhxrrtyadkou")
public suspend fun allowedUserKeyConfigs(argument: suspend SecretBackendRoleAllowedUserKeyConfigArgsBuilder.() -> Unit) {
val toBeMapped = listOf(
SecretBackendRoleAllowedUserKeyConfigArgsBuilder().applySuspend {
argument()
}.build(),
)
val mapped = of(toBeMapped)
this.allowedUserKeyConfigs = mapped
}
/**
* @param values Set of configuration blocks to define allowed
* user key configuration, like key type and their lengths. Can be specified multiple times.
* *See Configuration-Options for more info*
*/
@JvmName("qurxdnbqfwxoyfij")
public suspend fun allowedUserKeyConfigs(vararg values: SecretBackendRoleAllowedUserKeyConfigArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.allowedUserKeyConfigs = mapped
}
/**
* @param value Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
*/
@JvmName("fygsbfiwshlsmoxj")
public suspend fun allowedUsers(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedUsers = mapped
}
/**
* @param value Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
*/
@JvmName("fctfhylcjxxbkirq")
public suspend fun allowedUsersTemplate(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowedUsersTemplate = mapped
}
/**
* @param value The path where the SSH secret backend is mounted.
*/
@JvmName("gbsaxqipsvxuhmgv")
public suspend fun backend(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.backend = mapped
}
/**
* @param value The comma-separated string of CIDR blocks for which this role is applicable.
*/
@JvmName("goxyonvkqtruakwt")
public suspend fun cidrList(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.cidrList = mapped
}
/**
* @param value Specifies a map of critical options that certificates have when signed.
*/
@JvmName("umbhrlspajaeyodg")
public suspend fun defaultCriticalOptions(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.defaultCriticalOptions = mapped
}
/**
* @param values Specifies a map of critical options that certificates have when signed.
*/
@JvmName("iubejuvbvpoabywm")
public fun defaultCriticalOptions(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.defaultCriticalOptions = mapped
}
/**
* @param value Specifies a map of extensions that certificates have when signed.
*/
@JvmName("urjdwbvtqjqevitp")
public suspend fun defaultExtensions(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.defaultExtensions = mapped
}
/**
* @param values Specifies a map of extensions that certificates have when signed.
*/
@JvmName("htptnccjjadowuef")
public fun defaultExtensions(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.defaultExtensions = mapped
}
/**
* @param value Specifies the default username for which a credential will be generated.
*/
@JvmName("cjlusfrkvtcvphvm")
public suspend fun defaultUser(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.defaultUser = mapped
}
/**
* @param value If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
*/
@JvmName("wwdfokbeilyvquko")
public suspend fun defaultUserTemplate(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.defaultUserTemplate = mapped
}
/**
* @param value Specifies a custom format for the key id of a signed certificate.
*/
@JvmName("thdsujcdmpqvansw")
public suspend fun keyIdFormat(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.keyIdFormat = mapped
}
/**
* @param value Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
*/
@JvmName("lfkymekcvwathihq")
public suspend fun keyType(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.keyType = mapped
}
/**
* @param value Specifies the maximum Time To Live value.
*/
@JvmName("qwotolitwyrgppnr")
public suspend fun maxTtl(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.maxTtl = mapped
}
/**
* @param value Specifies the name of the role to create.
*/
@JvmName("yktyiokllxncskxx")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("srqnostslyevaagj")
public suspend fun namespace(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.namespace = mapped
}
/**
* @param value Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
*/
@JvmName("iouklekcxsjstmln")
public suspend fun notBeforeDuration(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.notBeforeDuration = mapped
}
/**
* @param value Specifies the Time To Live value.
*/
@JvmName("hxejjvfngooukgmi")
public suspend fun ttl(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.ttl = mapped
}
internal fun build(): SecretBackendRoleArgs = SecretBackendRoleArgs(
algorithmSigner = algorithmSigner,
allowBareDomains = allowBareDomains,
allowHostCertificates = allowHostCertificates,
allowSubdomains = allowSubdomains,
allowUserCertificates = allowUserCertificates,
allowUserKeyIds = allowUserKeyIds,
allowedCriticalOptions = allowedCriticalOptions,
allowedDomains = allowedDomains,
allowedDomainsTemplate = allowedDomainsTemplate,
allowedExtensions = allowedExtensions,
allowedUserKeyConfigs = allowedUserKeyConfigs,
allowedUsers = allowedUsers,
allowedUsersTemplate = allowedUsersTemplate,
backend = backend,
cidrList = cidrList,
defaultCriticalOptions = defaultCriticalOptions,
defaultExtensions = defaultExtensions,
defaultUser = defaultUser,
defaultUserTemplate = defaultUserTemplate,
keyIdFormat = keyIdFormat,
keyType = keyType,
maxTtl = maxTtl,
name = name,
namespace = namespace,
notBeforeDuration = notBeforeDuration,
ttl = ttl,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy