pulumi-vault-kotlin/com.pulumi.vault.ldap.kotlin/SecretBackendLibrarySetArgs

SecretBackendLibrarySetArgs

data class SecretBackendLibrarySetArgs(val disableCheckInEnforcement: Output<Boolean>? = null, val maxTtl: Output<Int>? = null, val mount: Output<String>? = null, val name: Output<String>? = null, val namespace: Output<String>? = null, val serviceAccountNames: Output<List<String>>? = null, val ttl: Output<Int>? = null) : ConvertibleToJava<SecretBackendLibrarySetArgs>

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const config = new vault.ldap.SecretBackend("config", {
    path: "ldap",
    binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass: "SuperSecretPassw0rd",
    url: "ldaps://localhost",
    insecureTls: true,
    userdn: "CN=Users,DC=corp,DC=example,DC=net",
});
const qa = new vault.ldap.SecretBackendLibrarySet("qa", {
    mount: config.path,
    name: "qa",
    serviceAccountNames: [
        "Bob",
        "Mary",
    ],
    ttl: 60,
    disableCheckInEnforcement: true,
    maxTtl: 120,
});

import pulumi
import pulumi_vault as vault
config = vault.ldap.SecretBackend("config",
    path="ldap",
    binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass="SuperSecretPassw0rd",
    url="ldaps://localhost",
    insecure_tls=True,
    userdn="CN=Users,DC=corp,DC=example,DC=net")
qa = vault.ldap.SecretBackendLibrarySet("qa",
    mount=config.path,
    name="qa",
    service_account_names=[
        "Bob",
        "Mary",
    ],
    ttl=60,
    disable_check_in_enforcement=True,
    max_ttl=120)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var config = new Vault.Ldap.SecretBackend("config", new()
    {
        Path = "ldap",
        Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
        Bindpass = "SuperSecretPassw0rd",
        Url = "ldaps://localhost",
        InsecureTls = true,
        Userdn = "CN=Users,DC=corp,DC=example,DC=net",
    });
    var qa = new Vault.Ldap.SecretBackendLibrarySet("qa", new()
    {
        Mount = config.Path,
        Name = "qa",
        ServiceAccountNames = new[]
        {
            "Bob",
            "Mary",
        },
        Ttl = 60,
        DisableCheckInEnforcement = true,
        MaxTtl = 120,
    });
});

package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ldap"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		config, err := ldap.NewSecretBackend(ctx, "config", &ldap.SecretBackendArgs{
			Path:        pulumi.String("ldap"),
			Binddn:      pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
			Bindpass:    pulumi.String("SuperSecretPassw0rd"),
			Url:         pulumi.String("ldaps://localhost"),
			InsecureTls: pulumi.Bool(true),
			Userdn:      pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewSecretBackendLibrarySet(ctx, "qa", &ldap.SecretBackendLibrarySetArgs{
			Mount: config.Path,
			Name:  pulumi.String("qa"),
			ServiceAccountNames: pulumi.StringArray{
				pulumi.String("Bob"),
				pulumi.String("Mary"),
			},
			Ttl:                       pulumi.Int(60),
			DisableCheckInEnforcement: pulumi.Bool(true),
			MaxTtl:                    pulumi.Int(120),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.ldap.SecretBackend;
import com.pulumi.vault.ldap.SecretBackendArgs;
import com.pulumi.vault.ldap.SecretBackendLibrarySet;
import com.pulumi.vault.ldap.SecretBackendLibrarySetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var config = new SecretBackend("config", SecretBackendArgs.builder()
            .path("ldap")
            .binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
            .bindpass("SuperSecretPassw0rd")
            .url("ldaps://localhost")
            .insecureTls("true")
            .userdn("CN=Users,DC=corp,DC=example,DC=net")
            .build());
        var qa = new SecretBackendLibrarySet("qa", SecretBackendLibrarySetArgs.builder()
            .mount(config.path())
            .name("qa")
            .serviceAccountNames(
                "Bob",
                "Mary")
            .ttl(60)
            .disableCheckInEnforcement(true)
            .maxTtl(120)
            .build());
    }
}

resources:
  config:
    type: vault:ldap:SecretBackend
    properties:
      path: ldap
      binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
      bindpass: SuperSecretPassw0rd
      url: ldaps://localhost
      insecureTls: 'true'
      userdn: CN=Users,DC=corp,DC=example,DC=net
  qa:
    type: vault:ldap:SecretBackendLibrarySet
    properties:
      mount: ${config.path}
      name: qa
      serviceAccountNames:
        - Bob
        - Mary
      ttl: 60
      disableCheckInEnforcement: true
      maxTtl: 120

Import

LDAP secret backend libraries can be imported using the path, e.g.

$ pulumi import vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet qa ldap/library/bob

Constructors

SecretBackendLibrarySetArgs

constructor(disableCheckInEnforcement: Output<Boolean>? = null, maxTtl: Output<Int>? = null, mount: Output<String>? = null, name: Output<String>? = null, namespace: Output<String>? = null, serviceAccountNames: Output<List<String>>? = null, ttl: Output<Int>? = null)

Properties

disableCheckInEnforcement

val disableCheckInEnforcement: Output<Boolean>? = null

Disable enforcing that service accounts must be checked in by the entity or client token that checked them out. Defaults to false.

maxTtl

val maxTtl: Output<Int>? = null

The maximum password time-to-live in seconds. Defaults to the configuration max_ttl if not provided.

mount

val mount: Output<String>? = null

The path where the LDAP secrets backend is mounted.

name

val name: Output<String>? = null

The name to identify this set of service accounts. Must be unique within the backend.

namespace

val namespace: Output<String>? = null

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

serviceAccountNames

val serviceAccountNames: Output<List<String>>? = null

Specifies the slice of service accounts mapped to this set.

ttl

val ttl: Output<Int>? = null

The password time-to-live in seconds. Defaults to the configuration ttl if not provided.

Functions

toJava

open override fun toJava(): SecretBackendLibrarySetArgs