pulumi-vault-kotlin/com.pulumi.vault.secrets.kotlin/SyncAssociation

SyncAssociation

class SyncAssociation : KotlinCustomResource

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const kvv2 = new vault.Mount("kvv2", {
    path: "kvv2",
    type: "kv",
    options: {
        version: "2",
    },
    description: "KV Version 2 secret engine mount",
});
const token = new vault.kv.SecretV2("token", {
    mount: kvv2.path,
    name: "token",
    dataJson: JSON.stringify({
        dev: "B!gS3cr3t",
        prod: "S3cureP4$$",
    }),
});
const gh = new vault.secrets.SyncGhDestination("gh", {
    name: "gh-dest",
    accessToken: accessToken,
    repositoryOwner: repoOwner,
    repositoryName: "repo-name-example",
    secretNameTemplate: "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
});
const ghToken = new vault.secrets.SyncAssociation("gh_token", {
    name: gh.name,
    type: gh.type,
    mount: kvv2.path,
    secretName: token.name,
});
Content copied to clipboard
import pulumi
import json
import pulumi_vault as vault
kvv2 = vault.Mount("kvv2",
    path="kvv2",
    type="kv",
    options={
        "version": "2",
    },
    description="KV Version 2 secret engine mount")
token = vault.kv.SecretV2("token",
    mount=kvv2.path,
    name="token",
    data_json=json.dumps({
        "dev": "B!gS3cr3t",
        "prod": "S3cureP4$$",
    }))
gh = vault.secrets.SyncGhDestination("gh",
    name="gh-dest",
    access_token=access_token,
    repository_owner=repo_owner,
    repository_name="repo-name-example",
    secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
gh_token = vault.secrets.SyncAssociation("gh_token",
    name=gh.name,
    type=gh.type,
    mount=kvv2.path,
    secret_name=token.name)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var kvv2 = new Vault.Mount("kvv2", new()
    {
        Path = "kvv2",
        Type = "kv",
        Options =
        {
            { "version", "2" },
        },
        Description = "KV Version 2 secret engine mount",
    });
    var token = new Vault.Kv.SecretV2("token", new()
    {
        Mount = kvv2.Path,
        Name = "token",
        DataJson = JsonSerializer.Serialize(new Dictionary<string, object?>
        {
            ["dev"] = "B!gS3cr3t",
            ["prod"] = "S3cureP4$$",
        }),
    });
    var gh = new Vault.Secrets.SyncGhDestination("gh", new()
    {
        Name = "gh-dest",
        AccessToken = accessToken,
        RepositoryOwner = repoOwner,
        RepositoryName = "repo-name-example",
        SecretNameTemplate = "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
    });
    var ghToken = new Vault.Secrets.SyncAssociation("gh_token", new()
    {
        Name = gh.Name,
        Type = gh.Type,
        Mount = kvv2.Path,
        SecretName = token.Name,
    });
});
Content copied to clipboard
package main
import (
	"encoding/json"
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/kv"
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/secrets"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		kvv2, err := vault.NewMount(ctx, "kvv2", &vault.MountArgs{
			Path: pulumi.String("kvv2"),
			Type: pulumi.String("kv"),
			Options: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
			Description: pulumi.String("KV Version 2 secret engine mount"),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"dev":  "B!gS3cr3t",
			"prod": "S3cureP4$$",
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		token, err := kv.NewSecretV2(ctx, "token", &kv.SecretV2Args{
			Mount:    kvv2.Path,
			Name:     pulumi.String("token"),
			DataJson: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		gh, err := secrets.NewSyncGhDestination(ctx, "gh", &secrets.SyncGhDestinationArgs{
			Name:               pulumi.String("gh-dest"),
			AccessToken:        pulumi.Any(accessToken),
			RepositoryOwner:    pulumi.Any(repoOwner),
			RepositoryName:     pulumi.String("repo-name-example"),
			SecretNameTemplate: pulumi.String("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}"),
		})
		if err != nil {
			return err
		}
		_, err = secrets.NewSyncAssociation(ctx, "gh_token", &secrets.SyncAssociationArgs{
			Name:       gh.Name,
			Type:       gh.Type,
			Mount:      kvv2.Path,
			SecretName: token.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.kv.SecretV2;
import com.pulumi.vault.kv.SecretV2Args;
import com.pulumi.vault.secrets.SyncGhDestination;
import com.pulumi.vault.secrets.SyncGhDestinationArgs;
import com.pulumi.vault.secrets.SyncAssociation;
import com.pulumi.vault.secrets.SyncAssociationArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var kvv2 = new Mount("kvv2", MountArgs.builder()
            .path("kvv2")
            .type("kv")
            .options(Map.of("version", "2"))
            .description("KV Version 2 secret engine mount")
            .build());
        var token = new SecretV2("token", SecretV2Args.builder()
            .mount(kvv2.path())
            .name("token")
            .dataJson(serializeJson(
                jsonObject(
                    jsonProperty("dev", "B!gS3cr3t"),
                    jsonProperty("prod", "S3cureP4$$")
                )))
            .build());
        var gh = new SyncGhDestination("gh", SyncGhDestinationArgs.builder()
            .name("gh-dest")
            .accessToken(accessToken)
            .repositoryOwner(repoOwner)
            .repositoryName("repo-name-example")
            .secretNameTemplate("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
            .build());
        var ghToken = new SyncAssociation("ghToken", SyncAssociationArgs.builder()
            .name(gh.name())
            .type(gh.type())
            .mount(kvv2.path())
            .secretName(token.name())
            .build());
    }
}
Content copied to clipboard
resources:
  kvv2:
    type: vault:Mount
    properties:
      path: kvv2
      type: kv
      options:
        version: '2'
      description: KV Version 2 secret engine mount
  token:
    type: vault:kv:SecretV2
    properties:
      mount: ${kvv2.path}
      name: token
      dataJson:
        fn::toJSON:
          dev: B!gS3cr3t
          prod: S3cureP4$$
  gh:
    type: vault:secrets:SyncGhDestination
    properties:
      name: gh-dest
      accessToken: ${accessToken}
      repositoryOwner: ${repoOwner}
      repositoryName: repo-name-example
      secretNameTemplate: vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}
  ghToken:
    type: vault:secrets:SyncAssociation
    name: gh_token
    properties:
      name: ${gh.name}
      type: ${gh.type}
      mount: ${kvv2.path}
      secretName: ${token.name}
Content copied to clipboard

Properties

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val metadatas: Output<List<SyncAssociationMetadata>>

Metadata for each subkey of the associated secret.

Link copied to clipboard
val mount: Output<String>

Specifies the mount where the secret is located.

Link copied to clipboard
val name: Output<String>

Specifies the name of the destination.

Link copied to clipboard
val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val secretName: Output<String>

Specifies the name of the secret to synchronize.

Link copied to clipboard
val type: Output<String>

Specifies the destination type.

Link copied to clipboard
val urn: Output<String>