Endpoint
data class EndpointArgs(val dataJson: Output<String>? = null, val disableDelete: Output<Boolean>? = null, val disableRead: Output<Boolean>? = null, val ignoreAbsentFields: Output<Boolean>? = null, val namespace: Output<String>? = null, val path: Output<String>? = null, val writeFields: Output<List<String>>? = null) : ConvertibleToJava<EndpointArgs>
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const userpass = new vault.AuthBackend("userpass", {type: "userpass"});
const u1 = new vault.generic.Endpoint("u1", {
path: "auth/userpass/users/u1",
ignoreAbsentFields: true,
dataJson: `{
"policies": ["p1"],
"password": "changeme"
}
`,
}, {
dependsOn: [userpass],
});
const u1Token = new vault.generic.Endpoint("u1_token", {
path: "auth/userpass/login/u1",
disableRead: true,
disableDelete: true,
dataJson: `{
"password": "changeme"
}
`,
}, {
dependsOn: [u1],
});
const u1Entity = new vault.generic.Endpoint("u1_entity", {
disableRead: true,
disableDelete: true,
path: "identity/lookup/entity",
ignoreAbsentFields: true,
writeFields: ["id"],
dataJson: `{
"alias_name": "u1",
"alias_mount_accessor": vault_auth_backend.userpass.accessor
}
`,
}, {
dependsOn: [u1Token],
});
export const u1Id = u1Entity.writeData.id;Content copied to clipboard
import pulumi
import pulumi_vault as vault
userpass = vault.AuthBackend("userpass", type="userpass")
u1 = vault.generic.Endpoint("u1",
path="auth/userpass/users/u1",
ignore_absent_fields=True,
data_json="""{
"policies": ["p1"],
"password": "changeme"
}
""",
opts = pulumi.ResourceOptions(depends_on=[userpass]))
u1_token = vault.generic.Endpoint("u1_token",
path="auth/userpass/login/u1",
disable_read=True,
disable_delete=True,
data_json="""{
"password": "changeme"
}
""",
opts = pulumi.ResourceOptions(depends_on=[u1]))
u1_entity = vault.generic.Endpoint("u1_entity",
disable_read=True,
disable_delete=True,
path="identity/lookup/entity",
ignore_absent_fields=True,
write_fields=["id"],
data_json="""{
"alias_name": "u1",
"alias_mount_accessor": vault_auth_backend.userpass.accessor
}
""",
opts = pulumi.ResourceOptions(depends_on=[u1_token]))
pulumi.export("u1Id", u1_entity.write_data["id"])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var userpass = new Vault.AuthBackend("userpass", new()
{
Type = "userpass",
});
var u1 = new Vault.Generic.Endpoint("u1", new()
{
Path = "auth/userpass/users/u1",
IgnoreAbsentFields = true,
DataJson = @"{
""policies"": [""p1""],
""password"": ""changeme""
}
",
}, new CustomResourceOptions
{
DependsOn =
{
userpass,
},
});
var u1Token = new Vault.Generic.Endpoint("u1_token", new()
{
Path = "auth/userpass/login/u1",
DisableRead = true,
DisableDelete = true,
DataJson = @"{
""password"": ""changeme""
}
",
}, new CustomResourceOptions
{
DependsOn =
{
u1,
},
});
var u1Entity = new Vault.Generic.Endpoint("u1_entity", new()
{
DisableRead = true,
DisableDelete = true,
Path = "identity/lookup/entity",
IgnoreAbsentFields = true,
WriteFields = new[]
{
"id",
},
DataJson = @"{
""alias_name"": ""u1"",
""alias_mount_accessor"": vault_auth_backend.userpass.accessor
}
",
}, new CustomResourceOptions
{
DependsOn =
{
u1Token,
},
});
return new Dictionary<string, object?>
{
["u1Id"] = u1Entity.WriteData.Apply(writeData => writeData.Id),
};
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
userpass, err := vault.NewAuthBackend(ctx, "userpass", &vault.AuthBackendArgs{
Type: pulumi.String("userpass"),
})
if err != nil {
return err
}
u1, err := generic.NewEndpoint(ctx, "u1", &generic.EndpointArgs{
Path: pulumi.String("auth/userpass/users/u1"),
IgnoreAbsentFields: pulumi.Bool(true),
DataJson: pulumi.String("{\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n}\n"),
}, pulumi.DependsOn([]pulumi.Resource{
userpass,
}))
if err != nil {
return err
}
u1Token, err := generic.NewEndpoint(ctx, "u1_token", &generic.EndpointArgs{
Path: pulumi.String("auth/userpass/login/u1"),
DisableRead: pulumi.Bool(true),
DisableDelete: pulumi.Bool(true),
DataJson: pulumi.String("{\n \"password\": \"changeme\"\n}\n"),
}, pulumi.DependsOn([]pulumi.Resource{
u1,
}))
if err != nil {
return err
}
u1Entity, err := generic.NewEndpoint(ctx, "u1_entity", &generic.EndpointArgs{
DisableRead: pulumi.Bool(true),
DisableDelete: pulumi.Bool(true),
Path: pulumi.String("identity/lookup/entity"),
IgnoreAbsentFields: pulumi.Bool(true),
WriteFields: pulumi.StringArray{
pulumi.String("id"),
},
DataJson: pulumi.String("{\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n}\n"),
}, pulumi.DependsOn([]pulumi.Resource{
u1Token,
}))
if err != nil {
return err
}
ctx.Export("u1Id", u1Entity.WriteData.ApplyT(func(writeData map[string]string) (string, error) {
return writeData.Id, nil
}).(pulumi.StringOutput))
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.AuthBackend;
import com.pulumi.vault.AuthBackendArgs;
import com.pulumi.vault.generic.Endpoint;
import com.pulumi.vault.generic.EndpointArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var userpass = new AuthBackend("userpass", AuthBackendArgs.builder()
.type("userpass")
.build());
var u1 = new Endpoint("u1", EndpointArgs.builder()
.path("auth/userpass/users/u1")
.ignoreAbsentFields(true)
.dataJson("""
{
"policies": ["p1"],
"password": "changeme"
}
""")
.build(), CustomResourceOptions.builder()
.dependsOn(userpass)
.build());
var u1Token = new Endpoint("u1Token", EndpointArgs.builder()
.path("auth/userpass/login/u1")
.disableRead(true)
.disableDelete(true)
.dataJson("""
{
"password": "changeme"
}
""")
.build(), CustomResourceOptions.builder()
.dependsOn(u1)
.build());
var u1Entity = new Endpoint("u1Entity", EndpointArgs.builder()
.disableRead(true)
.disableDelete(true)
.path("identity/lookup/entity")
.ignoreAbsentFields(true)
.writeFields("id")
.dataJson("""
{
"alias_name": "u1",
"alias_mount_accessor": vault_auth_backend.userpass.accessor
}
""")
.build(), CustomResourceOptions.builder()
.dependsOn(u1Token)
.build());
ctx.export("u1Id", u1Entity.writeData().applyValue(writeData -> writeData.id()));
}
}Content copied to clipboard
resources:
userpass:
type: vault:AuthBackend
properties:
type: userpass
u1:
type: vault:generic:Endpoint
properties:
path: auth/userpass/users/u1
ignoreAbsentFields: true
dataJson: |
{
"policies": ["p1"],
"password": "changeme"
}
options:
dependsOn:
- ${userpass}
u1Token:
type: vault:generic:Endpoint
name: u1_token
properties:
path: auth/userpass/login/u1
disableRead: true
disableDelete: true
dataJson: |
{
"password": "changeme"
}
options:
dependsOn:
- ${u1}
u1Entity:
type: vault:generic:Endpoint
name: u1_entity
properties:
disableRead: true
disableDelete: true
path: identity/lookup/entity
ignoreAbsentFields: true
writeFields:
- id
dataJson: |
{
"alias_name": "u1",
"alias_mount_accessor": vault_auth_backend.userpass.accessor
}
options:
dependsOn:
- ${u1Token}
outputs:
u1Id: ${u1Entity.writeData.id}Content copied to clipboard
Required Vault Capabilities
Use of this resource requires the create or update capability (depending on whether the resource already exists) on the given path. If disable_delete is false, the delete capability is also required. If disable_read is false, the read capability is required.
Import
Import is not supported for this resource.
Properties
Link copied to clipboard
Link copied to clipboard
True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the GET method. Setting this to true will break drift detection. You should set this to true for endpoints that are write-only. Defaults to false.
Link copied to clipboard
Link copied to clipboard