Secret
data class SecretBackendV2Args(val casRequired: Output<Boolean>? = null, val deleteVersionAfter: Output<Int>? = null, val maxVersions: Output<Int>? = null, val mount: Output<String>? = null, val namespace: Output<String>? = null) : ConvertibleToJava<SecretBackendV2Args>
Configures KV-V2 backend level settings that are applied to every key in the key-value store. For more information on Vault's KV-V2 secret backend see here.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const kvv2 = new vault.Mount("kvv2", {
path: "kvv2",
type: "kv",
options: {
version: "2",
},
description: "KV Version 2 secret engine mount",
});
const example = new vault.kv.SecretBackendV2("example", {
mount: kvv2.path,
maxVersions: 5,
deleteVersionAfter: 12600,
casRequired: true,
});Content copied to clipboard
import pulumi
import pulumi_vault as vault
kvv2 = vault.Mount("kvv2",
path="kvv2",
type="kv",
options={
"version": "2",
},
description="KV Version 2 secret engine mount")
example = vault.kv.SecretBackendV2("example",
mount=kvv2.path,
max_versions=5,
delete_version_after=12600,
cas_required=True)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var kvv2 = new Vault.Mount("kvv2", new()
{
Path = "kvv2",
Type = "kv",
Options =
{
{ "version", "2" },
},
Description = "KV Version 2 secret engine mount",
});
var example = new Vault.Kv.SecretBackendV2("example", new()
{
Mount = kvv2.Path,
MaxVersions = 5,
DeleteVersionAfter = 12600,
CasRequired = true,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/kv"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
kvv2, err := vault.NewMount(ctx, "kvv2", &vault.MountArgs{
Path: pulumi.String("kvv2"),
Type: pulumi.String("kv"),
Options: pulumi.StringMap{
"version": pulumi.String("2"),
},
Description: pulumi.String("KV Version 2 secret engine mount"),
})
if err != nil {
return err
}
_, err = kv.NewSecretBackendV2(ctx, "example", &kv.SecretBackendV2Args{
Mount: kvv2.Path,
MaxVersions: pulumi.Int(5),
DeleteVersionAfter: pulumi.Int(12600),
CasRequired: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.kv.SecretBackendV2;
import com.pulumi.vault.kv.SecretBackendV2Args;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var kvv2 = new Mount("kvv2", MountArgs.builder()
.path("kvv2")
.type("kv")
.options(Map.of("version", "2"))
.description("KV Version 2 secret engine mount")
.build());
var example = new SecretBackendV2("example", SecretBackendV2Args.builder()
.mount(kvv2.path())
.maxVersions(5)
.deleteVersionAfter(12600)
.casRequired(true)
.build());
}
}Content copied to clipboard
resources:
kvv2:
type: vault:Mount
properties:
path: kvv2
type: kv
options:
version: '2'
description: KV Version 2 secret engine mount
example:
type: vault:kv:SecretBackendV2
properties:
mount: ${kvv2.path}
maxVersions: 5
deleteVersionAfter: 12600
casRequired: trueContent copied to clipboard
Required Vault Capabilities
Use of this resource requires the create or update capability (depending on whether the resource already exists) on the given path, the delete capability if the resource is removed from configuration, and the read capability for drift detection (by default).
Import
The KV-V2 secret backend can be imported using its unique ID, the ${mount}/config, e.g.
$ pulumi import vault:kv/secretBackendV2:SecretBackendV2 example kvv2/configContent copied to clipboard