pulumi-vault-kotlin/com.pulumi.vault.ad.kotlin/SecretRole

SecretRole

class SecretRole : KotlinCustomResource

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const config = new vault.ad.SecretBackend("config", {
    backend: "ad",
    binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass: "SuperSecretPassw0rd",
    url: "ldaps://ad",
    insecureTls: true,
    userdn: "CN=Users,DC=corp,DC=example,DC=net",
});
const role = new vault.ad.SecretRole("role", {
    backend: config.backend,
    role: "bob",
    serviceAccountName: "Bob",
    ttl: 60,
});

import pulumi
import pulumi_vault as vault
config = vault.ad.SecretBackend("config",
    backend="ad",
    binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass="SuperSecretPassw0rd",
    url="ldaps://ad",
    insecure_tls=True,
    userdn="CN=Users,DC=corp,DC=example,DC=net")
role = vault.ad.SecretRole("role",
    backend=config.backend,
    role="bob",
    service_account_name="Bob",
    ttl=60)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var config = new Vault.AD.SecretBackend("config", new()
    {
        Backend = "ad",
        Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
        Bindpass = "SuperSecretPassw0rd",
        Url = "ldaps://ad",
        InsecureTls = true,
        Userdn = "CN=Users,DC=corp,DC=example,DC=net",
    });
    var role = new Vault.AD.SecretRole("role", new()
    {
        Backend = config.Backend,
        Role = "bob",
        ServiceAccountName = "Bob",
        Ttl = 60,
    });
});

package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ad"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		config, err := ad.NewSecretBackend(ctx, "config", &ad.SecretBackendArgs{
			Backend:     pulumi.String("ad"),
			Binddn:      pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
			Bindpass:    pulumi.String("SuperSecretPassw0rd"),
			Url:         pulumi.String("ldaps://ad"),
			InsecureTls: pulumi.Bool(true),
			Userdn:      pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
		})
		if err != nil {
			return err
		}
		_, err = ad.NewSecretRole(ctx, "role", &ad.SecretRoleArgs{
			Backend:            config.Backend,
			Role:               pulumi.String("bob"),
			ServiceAccountName: pulumi.String("Bob"),
			Ttl:                pulumi.Int(60),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.ad.SecretBackend;
import com.pulumi.vault.ad.SecretBackendArgs;
import com.pulumi.vault.ad.SecretRole;
import com.pulumi.vault.ad.SecretRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var config = new SecretBackend("config", SecretBackendArgs.builder()
            .backend("ad")
            .binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
            .bindpass("SuperSecretPassw0rd")
            .url("ldaps://ad")
            .insecureTls("true")
            .userdn("CN=Users,DC=corp,DC=example,DC=net")
            .build());
        var role = new SecretRole("role", SecretRoleArgs.builder()
            .backend(config.backend())
            .role("bob")
            .serviceAccountName("Bob")
            .ttl(60)
            .build());
    }
}

resources:
  config:
    type: vault:ad:SecretBackend
    properties:
      backend: ad
      binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
      bindpass: SuperSecretPassw0rd
      url: ldaps://ad
      insecureTls: 'true'
      userdn: CN=Users,DC=corp,DC=example,DC=net
  role:
    type: vault:ad:SecretRole
    properties:
      backend: ${config.backend}
      role: bob
      serviceAccountName: Bob
      ttl: 60

Import

AD secret backend roles can be imported using the path, e.g.

$ pulumi import vault:ad/secretRole:SecretRole role ad/roles/bob

Properties

backend

val backend: Output<String>

The path the AD secret backend is mounted at, with no leading or trailing /s.

val id: Output<String>

lastVaultRotation

val lastVaultRotation: Output<String>

Timestamp of the last password rotation by Vault.

namespace

val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

passwordLastSet

val passwordLastSet: Output<String>

Timestamp of the last password set by Vault.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

role

val role: Output<String>

The name to identify this role within the backend. Must be unique within the backend.