pulumi-vault-kotlin/com.pulumi.vault.ldap.kotlin/SecretBackendLibrarySet

SecretBackendLibrarySet

class SecretBackendLibrarySet : KotlinCustomResource

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const config = new vault.ldap.SecretBackend("config", {
    path: "ldap",
    binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass: "SuperSecretPassw0rd",
    url: "ldaps://localhost",
    insecureTls: true,
    userdn: "CN=Users,DC=corp,DC=example,DC=net",
});
const qa = new vault.ldap.SecretBackendLibrarySet("qa", {
    mount: config.path,
    name: "qa",
    serviceAccountNames: [
        "Bob",
        "Mary",
    ],
    ttl: 60,
    disableCheckInEnforcement: true,
    maxTtl: 120,
});
Content copied to clipboard
import pulumi
import pulumi_vault as vault
config = vault.ldap.SecretBackend("config",
    path="ldap",
    binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass="SuperSecretPassw0rd",
    url="ldaps://localhost",
    insecure_tls=True,
    userdn="CN=Users,DC=corp,DC=example,DC=net")
qa = vault.ldap.SecretBackendLibrarySet("qa",
    mount=config.path,
    name="qa",
    service_account_names=[
        "Bob",
        "Mary",
    ],
    ttl=60,
    disable_check_in_enforcement=True,
    max_ttl=120)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var config = new Vault.Ldap.SecretBackend("config", new()
    {
        Path = "ldap",
        Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
        Bindpass = "SuperSecretPassw0rd",
        Url = "ldaps://localhost",
        InsecureTls = true,
        Userdn = "CN=Users,DC=corp,DC=example,DC=net",
    });
    var qa = new Vault.Ldap.SecretBackendLibrarySet("qa", new()
    {
        Mount = config.Path,
        Name = "qa",
        ServiceAccountNames = new[]
        {
            "Bob",
            "Mary",
        },
        Ttl = 60,
        DisableCheckInEnforcement = true,
        MaxTtl = 120,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ldap"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		config, err := ldap.NewSecretBackend(ctx, "config", &ldap.SecretBackendArgs{
			Path:        pulumi.String("ldap"),
			Binddn:      pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
			Bindpass:    pulumi.String("SuperSecretPassw0rd"),
			Url:         pulumi.String("ldaps://localhost"),
			InsecureTls: pulumi.Bool(true),
			Userdn:      pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewSecretBackendLibrarySet(ctx, "qa", &ldap.SecretBackendLibrarySetArgs{
			Mount: config.Path,
			Name:  pulumi.String("qa"),
			ServiceAccountNames: pulumi.StringArray{
				pulumi.String("Bob"),
				pulumi.String("Mary"),
			},
			Ttl:                       pulumi.Int(60),
			DisableCheckInEnforcement: pulumi.Bool(true),
			MaxTtl:                    pulumi.Int(120),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.ldap.SecretBackend;
import com.pulumi.vault.ldap.SecretBackendArgs;
import com.pulumi.vault.ldap.SecretBackendLibrarySet;
import com.pulumi.vault.ldap.SecretBackendLibrarySetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var config = new SecretBackend("config", SecretBackendArgs.builder()
            .path("ldap")
            .binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
            .bindpass("SuperSecretPassw0rd")
            .url("ldaps://localhost")
            .insecureTls("true")
            .userdn("CN=Users,DC=corp,DC=example,DC=net")
            .build());
        var qa = new SecretBackendLibrarySet("qa", SecretBackendLibrarySetArgs.builder()
            .mount(config.path())
            .name("qa")
            .serviceAccountNames(
                "Bob",
                "Mary")
            .ttl(60)
            .disableCheckInEnforcement(true)
            .maxTtl(120)
            .build());
    }
}
Content copied to clipboard
resources:
  config:
    type: vault:ldap:SecretBackend
    properties:
      path: ldap
      binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
      bindpass: SuperSecretPassw0rd
      url: ldaps://localhost
      insecureTls: 'true'
      userdn: CN=Users,DC=corp,DC=example,DC=net
  qa:
    type: vault:ldap:SecretBackendLibrarySet
    properties:
      mount: ${config.path}
      name: qa
      serviceAccountNames:
        - Bob
        - Mary
      ttl: 60
      disableCheckInEnforcement: true
      maxTtl: 120
Content copied to clipboard

Import

LDAP secret backend libraries can be imported using the path, e.g.

$ pulumi import vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet qa ldap/library/bob
Content copied to clipboard

Properties

Link copied to clipboard
val disableCheckInEnforcement: Output<Boolean>?

Disable enforcing that service accounts must be checked in by the entity or client token that checked them out. Defaults to false.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val maxTtl: Output<Int>

The maximum password time-to-live in seconds. Defaults to the configuration max_ttl if not provided.

Link copied to clipboard
val mount: Output<String>?

The path where the LDAP secrets backend is mounted.

Link copied to clipboard
val name: Output<String>

The name to identify this set of service accounts. Must be unique within the backend.

Link copied to clipboard
val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val serviceAccountNames: Output<List<String>>

Specifies the slice of service accounts mapped to this set.

Link copied to clipboard
val ttl: Output<Int>

The password time-to-live in seconds. Defaults to the configuration ttl if not provided.

Link copied to clipboard
val urn: Output<String>