pulumi-vault-kotlin/com.pulumi.vault.gcp.kotlin/AuthBackendArgs

AuthBackendArgs

data class AuthBackendArgs(val clientEmail: Output<String>? = null, val clientId: Output<String>? = null, val credentials: Output<String>? = null, val customEndpoint: Output<AuthBackendCustomEndpointArgs>? = null, val description: Output<String>? = null, val disableRemount: Output<Boolean>? = null, val local: Output<Boolean>? = null, val namespace: Output<String>? = null, val path: Output<String>? = null, val privateKeyId: Output<String>? = null, val projectId: Output<String>? = null, val tune: Output<AuthBackendTuneArgs>? = null) : ConvertibleToJava<AuthBackendArgs>

Provides a resource to configure the GCP auth backend within Vault.

Import

GCP authentication backends can be imported using the backend name, e.g.

$ pulumi import vault:gcp/authBackend:AuthBackend gcp gcp
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(clientEmail: Output<String>? = null, clientId: Output<String>? = null, credentials: Output<String>? = null, customEndpoint: Output<AuthBackendCustomEndpointArgs>? = null, description: Output<String>? = null, disableRemount: Output<Boolean>? = null, local: Output<Boolean>? = null, namespace: Output<String>? = null, path: Output<String>? = null, privateKeyId: Output<String>? = null, projectId: Output<String>? = null, tune: Output<AuthBackendTuneArgs>? = null)

Properties

Link copied to clipboard
val clientEmail: Output<String>? = null

The clients email associated with the credentials

Link copied to clipboard
val clientId: Output<String>? = null

The Client ID of the credentials

Link copied to clipboard
val credentials: Output<String>? = null

A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.

Link copied to clipboard
val customEndpoint: Output<AuthBackendCustomEndpointArgs>? = null

Specifies overrides to service endpoints used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in Private Google Access environments. Requires Vault 1.11+. Overrides are set at the subdomain level using the following keys:

Link copied to clipboard
val description: Output<String>? = null

A description of the auth method.

Link copied to clipboard
val disableRemount: Output<Boolean>? = null

If set, opts out of mount migration on path updates. See here for more info on Mount Migration

Link copied to clipboard
val local: Output<Boolean>? = null

Specifies if the auth method is local only.

Link copied to clipboard
val namespace: Output<String>? = null

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

Link copied to clipboard
val path: Output<String>? = null

The path to mount the auth method — this defaults to 'gcp'.

Link copied to clipboard
val privateKeyId: Output<String>? = null

The ID of the private key from the credentials

Link copied to clipboard
val projectId: Output<String>? = null

The GCP Project ID

Link copied to clipboard
val tune: Output<AuthBackendTuneArgs>? = null

Extra configuration block. Structure is documented below. The tune block is used to tune the auth backend:

Functions

Link copied to clipboard
open override fun toJava(): AuthBackendArgs