pulumi-vault-kotlin/com.pulumi.vault.secrets.kotlin/SyncAzureDestination

SyncAzureDestination

class SyncAzureDestination : KotlinCustomResource

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const az = new vault.secrets.SyncAzureDestination("az", {
    name: "az-dest",
    keyVaultUri: keyVaultUri,
    clientId: clientId,
    clientSecret: clientSecret,
    tenantId: tenantId,
    secretNameTemplate: "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
    customTags: {
        foo: "bar",
    },
});

import pulumi
import pulumi_vault as vault
az = vault.secrets.SyncAzureDestination("az",
    name="az-dest",
    key_vault_uri=key_vault_uri,
    client_id=client_id,
    client_secret=client_secret,
    tenant_id=tenant_id,
    secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
    custom_tags={
        "foo": "bar",
    })

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var az = new Vault.Secrets.SyncAzureDestination("az", new()
    {
        Name = "az-dest",
        KeyVaultUri = keyVaultUri,
        ClientId = clientId,
        ClientSecret = clientSecret,
        TenantId = tenantId,
        SecretNameTemplate = "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
        CustomTags =
        {
            { "foo", "bar" },
        },
    });
});

package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/secrets"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secrets.NewSyncAzureDestination(ctx, "az", &secrets.SyncAzureDestinationArgs{
			Name:               pulumi.String("az-dest"),
			KeyVaultUri:        pulumi.Any(keyVaultUri),
			ClientId:           pulumi.Any(clientId),
			ClientSecret:       pulumi.Any(clientSecret),
			TenantId:           pulumi.Any(tenantId),
			SecretNameTemplate: pulumi.String("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}"),
			CustomTags: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.secrets.SyncAzureDestination;
import com.pulumi.vault.secrets.SyncAzureDestinationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var az = new SyncAzureDestination("az", SyncAzureDestinationArgs.builder()
            .name("az-dest")
            .keyVaultUri(keyVaultUri)
            .clientId(clientId)
            .clientSecret(clientSecret)
            .tenantId(tenantId)
            .secretNameTemplate("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
            .customTags(Map.of("foo", "bar"))
            .build());
    }
}

resources:
  az:
    type: vault:secrets:SyncAzureDestination
    properties:
      name: az-dest
      keyVaultUri: ${keyVaultUri}
      clientId: ${clientId}
      clientSecret: ${clientSecret}
      tenantId: ${tenantId}
      secretNameTemplate: vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}
      customTags:
        foo: bar

Import

Azure Secrets sync destinations can be imported using the name, e.g.

$ pulumi import vault:secrets/syncAzureDestination:SyncAzureDestination az az-dest

Properties

clientId

val clientId: Output<String>?

Client ID of an Azure app registration. Can be omitted and directly provided to Vault using the AZURE_CLIENT_ID environment variable.

clientSecret

val clientSecret: Output<String>?

Client Secret of an Azure app registration. Can be omitted and directly provided to Vault using the AZURE_CLIENT_SECRET environment variable.

cloud

val cloud: Output<String>?

Specifies a cloud for the client. The default is Azure Public Cloud.

customTags

val customTags: Output<Map<String, String>>?

Custom tags to set on the secret managed at the destination.

granularity

val granularity: Output<String>?

Determines what level of information is synced as a distinct resource at the destination. Supports secret-path and secret-key.

val id: Output<String>

keyVaultUri

val keyVaultUri: Output<String>?

URI of an existing Azure Key Vault instance. Can be omitted and directly provided to Vault using the KEY_VAULT_URI environment variable.

name

val name: Output<String>

Unique name of the Azure destination.

namespace

val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

secretNameTemplate

val secretNameTemplate: Output<String>

Template describing how to generate external secret names. Supports a subset of the Go Template syntax.

tenantId

val tenantId: Output<String>?

ID of the target Azure tenant. Can be omitted and directly provided to Vault using the AZURE_TENANT_ID environment variable.

type

val type: Output<String>

The type of the secrets destination (azure-kv).

urn

val urn: Output<String>