Secret
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const config = new vault.ad.SecretBackend("config", {
backend: "ad",
binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
bindpass: "SuperSecretPassw0rd",
url: "ldaps://ad",
insecureTls: true,
userdn: "CN=Users,DC=corp,DC=example,DC=net",
});
const qa = new vault.ad.SecretLibrary("qa", {
backend: config.backend,
name: "qa",
serviceAccountNames: [
"Bob",
"Mary",
],
ttl: 60,
disableCheckInEnforcement: true,
maxTtl: 120,
});Content copied to clipboard
import pulumi
import pulumi_vault as vault
config = vault.ad.SecretBackend("config",
backend="ad",
binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
bindpass="SuperSecretPassw0rd",
url="ldaps://ad",
insecure_tls=True,
userdn="CN=Users,DC=corp,DC=example,DC=net")
qa = vault.ad.SecretLibrary("qa",
backend=config.backend,
name="qa",
service_account_names=[
"Bob",
"Mary",
],
ttl=60,
disable_check_in_enforcement=True,
max_ttl=120)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var config = new Vault.AD.SecretBackend("config", new()
{
Backend = "ad",
Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
Bindpass = "SuperSecretPassw0rd",
Url = "ldaps://ad",
InsecureTls = true,
Userdn = "CN=Users,DC=corp,DC=example,DC=net",
});
var qa = new Vault.AD.SecretLibrary("qa", new()
{
Backend = config.Backend,
Name = "qa",
ServiceAccountNames = new[]
{
"Bob",
"Mary",
},
Ttl = 60,
DisableCheckInEnforcement = true,
MaxTtl = 120,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ad"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
config, err := ad.NewSecretBackend(ctx, "config", &ad.SecretBackendArgs{
Backend: pulumi.String("ad"),
Binddn: pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
Bindpass: pulumi.String("SuperSecretPassw0rd"),
Url: pulumi.String("ldaps://ad"),
InsecureTls: pulumi.Bool(true),
Userdn: pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
})
if err != nil {
return err
}
_, err = ad.NewSecretLibrary(ctx, "qa", &ad.SecretLibraryArgs{
Backend: config.Backend,
Name: pulumi.String("qa"),
ServiceAccountNames: pulumi.StringArray{
pulumi.String("Bob"),
pulumi.String("Mary"),
},
Ttl: pulumi.Int(60),
DisableCheckInEnforcement: pulumi.Bool(true),
MaxTtl: pulumi.Int(120),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.ad.SecretBackend;
import com.pulumi.vault.ad.SecretBackendArgs;
import com.pulumi.vault.ad.SecretLibrary;
import com.pulumi.vault.ad.SecretLibraryArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var config = new SecretBackend("config", SecretBackendArgs.builder()
.backend("ad")
.binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
.bindpass("SuperSecretPassw0rd")
.url("ldaps://ad")
.insecureTls("true")
.userdn("CN=Users,DC=corp,DC=example,DC=net")
.build());
var qa = new SecretLibrary("qa", SecretLibraryArgs.builder()
.backend(config.backend())
.name("qa")
.serviceAccountNames(
"Bob",
"Mary")
.ttl(60)
.disableCheckInEnforcement(true)
.maxTtl(120)
.build());
}
}Content copied to clipboard
resources:
config:
type: vault:ad:SecretBackend
properties:
backend: ad
binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
bindpass: SuperSecretPassw0rd
url: ldaps://ad
insecureTls: 'true'
userdn: CN=Users,DC=corp,DC=example,DC=net
qa:
type: vault:ad:SecretLibrary
properties:
backend: ${config.backend}
name: qa
serviceAccountNames:
- Bob
- Mary
ttl: 60
disableCheckInEnforcement: true
maxTtl: 120Content copied to clipboard
Import
AD secret backend libraries can be imported using the path, e.g.
$ pulumi import vault:ad/secretLibrary:SecretLibrary role ad/library/bobContent copied to clipboard