pulumi-vault-kotlin/com.pulumi.vault.ldap.kotlin/SecretBackendStaticRole

SecretBackendStaticRole

class SecretBackendStaticRole : KotlinCustomResource

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const config = new vault.ldap.SecretBackend("config", {
    path: "my-custom-ldap",
    binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass: "SuperSecretPassw0rd",
    url: "ldaps://localhost",
    insecureTls: true,
    userdn: "CN=Users,DC=corp,DC=example,DC=net",
});
const role = new vault.ldap.SecretBackendStaticRole("role", {
    mount: config.path,
    username: "alice",
    dn: "cn=alice,ou=Users,DC=corp,DC=example,DC=net",
    roleName: "alice",
    rotationPeriod: 60,
});

import pulumi
import pulumi_vault as vault
config = vault.ldap.SecretBackend("config",
    path="my-custom-ldap",
    binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass="SuperSecretPassw0rd",
    url="ldaps://localhost",
    insecure_tls=True,
    userdn="CN=Users,DC=corp,DC=example,DC=net")
role = vault.ldap.SecretBackendStaticRole("role",
    mount=config.path,
    username="alice",
    dn="cn=alice,ou=Users,DC=corp,DC=example,DC=net",
    role_name="alice",
    rotation_period=60)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var config = new Vault.Ldap.SecretBackend("config", new()
    {
        Path = "my-custom-ldap",
        Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
        Bindpass = "SuperSecretPassw0rd",
        Url = "ldaps://localhost",
        InsecureTls = true,
        Userdn = "CN=Users,DC=corp,DC=example,DC=net",
    });
    var role = new Vault.Ldap.SecretBackendStaticRole("role", new()
    {
        Mount = config.Path,
        Username = "alice",
        Dn = "cn=alice,ou=Users,DC=corp,DC=example,DC=net",
        RoleName = "alice",
        RotationPeriod = 60,
    });
});

package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ldap"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		config, err := ldap.NewSecretBackend(ctx, "config", &ldap.SecretBackendArgs{
			Path:        pulumi.String("my-custom-ldap"),
			Binddn:      pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
			Bindpass:    pulumi.String("SuperSecretPassw0rd"),
			Url:         pulumi.String("ldaps://localhost"),
			InsecureTls: pulumi.Bool(true),
			Userdn:      pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewSecretBackendStaticRole(ctx, "role", &ldap.SecretBackendStaticRoleArgs{
			Mount:          config.Path,
			Username:       pulumi.String("alice"),
			Dn:             pulumi.String("cn=alice,ou=Users,DC=corp,DC=example,DC=net"),
			RoleName:       pulumi.String("alice"),
			RotationPeriod: pulumi.Int(60),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.ldap.SecretBackend;
import com.pulumi.vault.ldap.SecretBackendArgs;
import com.pulumi.vault.ldap.SecretBackendStaticRole;
import com.pulumi.vault.ldap.SecretBackendStaticRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var config = new SecretBackend("config", SecretBackendArgs.builder()
            .path("my-custom-ldap")
            .binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
            .bindpass("SuperSecretPassw0rd")
            .url("ldaps://localhost")
            .insecureTls("true")
            .userdn("CN=Users,DC=corp,DC=example,DC=net")
            .build());
        var role = new SecretBackendStaticRole("role", SecretBackendStaticRoleArgs.builder()
            .mount(config.path())
            .username("alice")
            .dn("cn=alice,ou=Users,DC=corp,DC=example,DC=net")
            .roleName("alice")
            .rotationPeriod(60)
            .build());
    }
}

resources:
  config:
    type: vault:ldap:SecretBackend
    properties:
      path: my-custom-ldap
      binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
      bindpass: SuperSecretPassw0rd
      url: ldaps://localhost
      insecureTls: 'true'
      userdn: CN=Users,DC=corp,DC=example,DC=net
  role:
    type: vault:ldap:SecretBackendStaticRole
    properties:
      mount: ${config.path}
      username: alice
      dn: cn=alice,ou=Users,DC=corp,DC=example,DC=net
      roleName: alice
      rotationPeriod: 60

Import

LDAP secret backend static role can be imported using the full path to the role of the form: <mount_path>/static-role/<role_name> e.g.

$ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role

Properties

val dn: Output<String>?

Distinguished name (DN) of the existing LDAP entry to manage password rotation for. If given, it will take precedence over username for the LDAP search performed during password rotation. Cannot be modified after creation.

val id: Output<String>

mount

val mount: Output<String>?

The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to ldap.

namespace

val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

roleName

val roleName: Output<String>

Name of the role.

rotationPeriod

val rotationPeriod: Output<Int>

How often Vault should rotate the password of the user entry.