get
Example Usage
resources:
aws:
type: vault:aws:SecretBackend
properties:
accessKey: AKIA.....
secretKey: SECRETKEYFROMAWS
role:
type: vault:aws:SecretBackendRole
properties:
backend: ${aws.path}
name: test
policy: |
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:*",
"Resource": "*"
}
]
}
variables:
# generally, these blocks would be in a different module
creds:
fn::invoke:
function: vault:aws:getAccessCredentials
arguments:
backend: ${aws.path}
role: ${role.name}Return
A collection of values returned by getAccessCredentials.
Parameters
A collection of arguments for invoking getAccessCredentials.
Return
A collection of values returned by getAccessCredentials.
Parameters
The path to the AWS secret backend to read credentials from, with no leading or trailing /s.
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
The region the read credentials belong to.
The name of the AWS secret backend role to read credentials from, with no leading or trailing /s.
The specific AWS ARN to use from the configured role. If the role does not have multiple ARNs, this does not need to be specified.
Specifies the TTL for the use of the STS token. This is specified as a string with a duration suffix. Valid only when credential_type of the connected vault.aws.SecretBackendRole resource is assumed_role or federation_token
The type of credentials to read. Defaults to "creds", which just returns an AWS Access Key ID and Secret Key. Can also be set to "sts", which will return a security token in addition to the keys.
See also
Return
A collection of values returned by getAccessCredentials.
Parameters
Builder for com.pulumi.vault.aws.kotlin.inputs.GetAccessCredentialsPlainArgs.