pulumi-vault-kotlin/com.pulumi.vault.database.kotlin/SecretBackendConnectionArgs

SecretBackendConnectionArgs

data class SecretBackendConnectionArgs(val allowedRoles: Output<List<String>>? = null, val backend: Output<String>? = null, val cassandra: Output<SecretBackendConnectionCassandraArgs>? = null, val couchbase: Output<SecretBackendConnectionCouchbaseArgs>? = null, val data: Output<Map<String, String>>? = null, val disableAutomatedRotation: Output<Boolean>? = null, val elasticsearch: Output<SecretBackendConnectionElasticsearchArgs>? = null, val hana: Output<SecretBackendConnectionHanaArgs>? = null, val influxdb: Output<SecretBackendConnectionInfluxdbArgs>? = null, val mongodb: Output<SecretBackendConnectionMongodbArgs>? = null, val mongodbatlas: Output<SecretBackendConnectionMongodbatlasArgs>? = null, val mssql: Output<SecretBackendConnectionMssqlArgs>? = null, val mysql: Output<SecretBackendConnectionMysqlArgs>? = null, val mysqlAurora: Output<SecretBackendConnectionMysqlAuroraArgs>? = null, val mysqlLegacy: Output<SecretBackendConnectionMysqlLegacyArgs>? = null, val mysqlRds: Output<SecretBackendConnectionMysqlRdsArgs>? = null, val name: Output<String>? = null, val namespace: Output<String>? = null, val oracle: Output<SecretBackendConnectionOracleArgs>? = null, val pluginName: Output<String>? = null, val postgresql: Output<SecretBackendConnectionPostgresqlArgs>? = null, val redis: Output<SecretBackendConnectionRedisArgs>? = null, val redisElasticache: Output<SecretBackendConnectionRedisElasticacheArgs>? = null, val redshift: Output<SecretBackendConnectionRedshiftArgs>? = null, val rootRotationStatements: Output<List<String>>? = null, val rotationPeriod: Output<Int>? = null, val rotationSchedule: Output<String>? = null, val rotationWindow: Output<Int>? = null, val snowflake: Output<SecretBackendConnectionSnowflakeArgs>? = null, val verifyConnection: Output<Boolean>? = null) : ConvertibleToJava<SecretBackendConnectionArgs>

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const db = new vault.Mount("db", {
    path: "postgres",
    type: "database",
});
const postgres = new vault.database.SecretBackendConnection("postgres", {
    backend: db.path,
    name: "postgres",
    allowedRoles: [
        "dev",
        "prod",
    ],
    rotationSchedule: "0 * * * SAT",
    rotationWindow: 3600,
    postgresql: {
        connectionUrl: "postgres://username:password@host:port/database",
    },
});
Content copied to clipboard
import pulumi
import pulumi_vault as vault
db = vault.Mount("db",
    path="postgres",
    type="database")
postgres = vault.database.SecretBackendConnection("postgres",
    backend=db.path,
    name="postgres",
    allowed_roles=[
        "dev",
        "prod",
    ],
    rotation_schedule="0 * * * SAT",
    rotation_window=3600,
    postgresql={
        "connection_url": "postgres://username:password@host:port/database",
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var db = new Vault.Mount("db", new()
    {
        Path = "postgres",
        Type = "database",
    });
    var postgres = new Vault.Database.SecretBackendConnection("postgres", new()
    {
        Backend = db.Path,
        Name = "postgres",
        AllowedRoles = new[]
        {
            "dev",
            "prod",
        },
        RotationSchedule = "0 * * * SAT",
        RotationWindow = 3600,
        Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs
        {
            ConnectionUrl = "postgres://username:password@host:port/database",
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/database"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		db, err := vault.NewMount(ctx, "db", &vault.MountArgs{
			Path: pulumi.String("postgres"),
			Type: pulumi.String("database"),
		})
		if err != nil {
			return err
		}
		_, err = database.NewSecretBackendConnection(ctx, "postgres", &database.SecretBackendConnectionArgs{
			Backend: db.Path,
			Name:    pulumi.String("postgres"),
			AllowedRoles: pulumi.StringArray{
				pulumi.String("dev"),
				pulumi.String("prod"),
			},
			RotationSchedule: pulumi.String("0 * * * SAT"),
			RotationWindow:   pulumi.Int(3600),
			Postgresql: &database.SecretBackendConnectionPostgresqlArgs{
				ConnectionUrl: pulumi.String("postgres://username:password@host:port/database"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.database.SecretBackendConnection;
import com.pulumi.vault.database.SecretBackendConnectionArgs;
import com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var db = new Mount("db", MountArgs.builder()
            .path("postgres")
            .type("database")
            .build());
        var postgres = new SecretBackendConnection("postgres", SecretBackendConnectionArgs.builder()
            .backend(db.path())
            .name("postgres")
            .allowedRoles(
                "dev",
                "prod")
            .rotationSchedule("0 * * * SAT")
            .rotationWindow(3600)
            .postgresql(SecretBackendConnectionPostgresqlArgs.builder()
                .connectionUrl("postgres://username:password@host:port/database")
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  db:
    type: vault:Mount
    properties:
      path: postgres
      type: database
  postgres:
    type: vault:database:SecretBackendConnection
    properties:
      backend: ${db.path}
      name: postgres
      allowedRoles:
        - dev
        - prod
      rotationSchedule: 0 * * * SAT
      rotationWindow: 3600
      postgresql:
        connectionUrl: postgres://username:password@host:port/database
Content copied to clipboard

Import

Database secret backend connections can be imported using the backend, /config/, and the name e.g.

$ pulumi import vault:database/secretBackendConnection:SecretBackendConnection example postgres/config/postgres
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(allowedRoles: Output<List<String>>? = null, backend: Output<String>? = null, cassandra: Output<SecretBackendConnectionCassandraArgs>? = null, couchbase: Output<SecretBackendConnectionCouchbaseArgs>? = null, data: Output<Map<String, String>>? = null, disableAutomatedRotation: Output<Boolean>? = null, elasticsearch: Output<SecretBackendConnectionElasticsearchArgs>? = null, hana: Output<SecretBackendConnectionHanaArgs>? = null, influxdb: Output<SecretBackendConnectionInfluxdbArgs>? = null, mongodb: Output<SecretBackendConnectionMongodbArgs>? = null, mongodbatlas: Output<SecretBackendConnectionMongodbatlasArgs>? = null, mssql: Output<SecretBackendConnectionMssqlArgs>? = null, mysql: Output<SecretBackendConnectionMysqlArgs>? = null, mysqlAurora: Output<SecretBackendConnectionMysqlAuroraArgs>? = null, mysqlLegacy: Output<SecretBackendConnectionMysqlLegacyArgs>? = null, mysqlRds: Output<SecretBackendConnectionMysqlRdsArgs>? = null, name: Output<String>? = null, namespace: Output<String>? = null, oracle: Output<SecretBackendConnectionOracleArgs>? = null, pluginName: Output<String>? = null, postgresql: Output<SecretBackendConnectionPostgresqlArgs>? = null, redis: Output<SecretBackendConnectionRedisArgs>? = null, redisElasticache: Output<SecretBackendConnectionRedisElasticacheArgs>? = null, redshift: Output<SecretBackendConnectionRedshiftArgs>? = null, rootRotationStatements: Output<List<String>>? = null, rotationPeriod: Output<Int>? = null, rotationSchedule: Output<String>? = null, rotationWindow: Output<Int>? = null, snowflake: Output<SecretBackendConnectionSnowflakeArgs>? = null, verifyConnection: Output<Boolean>? = null)

Properties

Link copied to clipboard
val allowedRoles: Output<List<String>>? = null

A list of roles that are allowed to use this connection.

Link copied to clipboard
val backend: Output<String>? = null

The unique name of the Vault mount to configure.

Link copied to clipboard
val cassandra: Output<SecretBackendConnectionCassandraArgs>? = null

A nested block containing configuration options for Cassandra connections.

Link copied to clipboard
val couchbase: Output<SecretBackendConnectionCouchbaseArgs>? = null

A nested block containing configuration options for Couchbase connections.

Link copied to clipboard
val data: Output<Map<String, String>>? = null

A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

Link copied to clipboard
val disableAutomatedRotation: Output<Boolean>? = null

Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.

Link copied to clipboard
val elasticsearch: Output<SecretBackendConnectionElasticsearchArgs>? = null

A nested block containing configuration options for Elasticsearch connections.

Link copied to clipboard
val hana: Output<SecretBackendConnectionHanaArgs>? = null

A nested block containing configuration options for SAP HanaDB connections.

Link copied to clipboard
val influxdb: Output<SecretBackendConnectionInfluxdbArgs>? = null

A nested block containing configuration options for InfluxDB connections.

Link copied to clipboard
val mongodb: Output<SecretBackendConnectionMongodbArgs>? = null

A nested block containing configuration options for MongoDB connections.

Link copied to clipboard
val mongodbatlas: Output<SecretBackendConnectionMongodbatlasArgs>? = null

A nested block containing configuration options for MongoDB Atlas connections.

Link copied to clipboard
val mssql: Output<SecretBackendConnectionMssqlArgs>? = null

A nested block containing configuration options for MSSQL connections.

Link copied to clipboard
val mysql: Output<SecretBackendConnectionMysqlArgs>? = null

A nested block containing configuration options for MySQL connections.

Link copied to clipboard
val mysqlAurora: Output<SecretBackendConnectionMysqlAuroraArgs>? = null

A nested block containing configuration options for Aurora MySQL connections.

Link copied to clipboard
val mysqlLegacy: Output<SecretBackendConnectionMysqlLegacyArgs>? = null

A nested block containing configuration options for legacy MySQL connections.

Link copied to clipboard
val mysqlRds: Output<SecretBackendConnectionMysqlRdsArgs>? = null

A nested block containing configuration options for RDS MySQL connections.

Link copied to clipboard
val name: Output<String>? = null

A unique name to give the database connection.

Link copied to clipboard
val namespace: Output<String>? = null

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

Link copied to clipboard
val oracle: Output<SecretBackendConnectionOracleArgs>? = null

A nested block containing configuration options for Oracle connections.

Link copied to clipboard
val pluginName: Output<String>? = null

Specifies the name of the plugin to use.

Link copied to clipboard
val postgresql: Output<SecretBackendConnectionPostgresqlArgs>? = null

A nested block containing configuration options for PostgreSQL connections.

Link copied to clipboard
val redis: Output<SecretBackendConnectionRedisArgs>? = null

A nested block containing configuration options for Redis connections.

Link copied to clipboard
val redisElasticache: Output<SecretBackendConnectionRedisElasticacheArgs>? = null

A nested block containing configuration options for Redis ElastiCache connections. Exactly one of the nested blocks of configuration options must be supplied.

Link copied to clipboard
val redshift: Output<SecretBackendConnectionRedshiftArgs>? = null

Connection parameters for the redshift-database-plugin plugin.

Link copied to clipboard
val rootRotationStatements: Output<List<String>>? = null

A list of database statements to be executed to rotate the root user's credentials.

Link copied to clipboard
val rotationPeriod: Output<Int>? = null

The amount of time in seconds Vault should wait before rotating the root credential. A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.

Link copied to clipboard
val rotationSchedule: Output<String>? = null

The schedule, in cron-style time format, defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.

Link copied to clipboard
val rotationWindow: Output<Int>? = null

The maximum amount of time in seconds allowed to complete a rotation when a scheduled token rotation occurs. The default rotation window is unbound and the minimum allowable window is 3600. Requires Vault Enterprise 1.19+.

Link copied to clipboard
val snowflake: Output<SecretBackendConnectionSnowflakeArgs>? = null

A nested block containing configuration options for Snowflake connections.

Link copied to clipboard
val verifyConnection: Output<Boolean>? = null

Whether the connection should be verified on initial configuration or not.

Functions

Link copied to clipboard
open override fun toJava(): SecretBackendConnectionArgs