pulumi-vault-kotlin/com.pulumi.vault.secrets.kotlin/SyncGcpDestinationArgs

SyncGcpDestinationArgs

data class SyncGcpDestinationArgs(val credentials: Output<String>? = null, val customTags: Output<Map<String, String>>? = null, val granularity: Output<String>? = null, val name: Output<String>? = null, val namespace: Output<String>? = null, val projectId: Output<String>? = null, val secretNameTemplate: Output<String>? = null) : ConvertibleToJava<SyncGcpDestinationArgs>

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as std from "@pulumi/std";
import * as vault from "@pulumi/vault";
const gcp = new vault.secrets.SyncGcpDestination("gcp", {
    name: "gcp-dest",
    projectId: "gcp-project-id",
    credentials: std.file({
        input: credentialsFile,
    }).then(invoke => invoke.result),
    secretNameTemplate: "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
    customTags: {
        foo: "bar",
    },
});

import pulumi
import pulumi_std as std
import pulumi_vault as vault
gcp = vault.secrets.SyncGcpDestination("gcp",
    name="gcp-dest",
    project_id="gcp-project-id",
    credentials=std.file(input=credentials_file).result,
    secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
    custom_tags={
        "foo": "bar",
    })

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Std = Pulumi.Std;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var gcp = new Vault.Secrets.SyncGcpDestination("gcp", new()
    {
        Name = "gcp-dest",
        ProjectId = "gcp-project-id",
        Credentials = Std.File.Invoke(new()
        {
            Input = credentialsFile,
        }).Apply(invoke => invoke.Result),
        SecretNameTemplate = "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
        CustomTags =
        {
            { "foo", "bar" },
        },
    });
});

package main
import (
	"github.com/pulumi/pulumi-std/sdk/go/std"
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/secrets"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		invokeFile, err := std.File(ctx, &std.FileArgs{
			Input: credentialsFile,
		}, nil)
		if err != nil {
			return err
		}
		_, err = secrets.NewSyncGcpDestination(ctx, "gcp", &secrets.SyncGcpDestinationArgs{
			Name:               pulumi.String("gcp-dest"),
			ProjectId:          pulumi.String("gcp-project-id"),
			Credentials:        pulumi.String(invokeFile.Result),
			SecretNameTemplate: pulumi.String("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}"),
			CustomTags: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.secrets.SyncGcpDestination;
import com.pulumi.vault.secrets.SyncGcpDestinationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var gcp = new SyncGcpDestination("gcp", SyncGcpDestinationArgs.builder()
            .name("gcp-dest")
            .projectId("gcp-project-id")
            .credentials(StdFunctions.file(FileArgs.builder()
                .input(credentialsFile)
                .build()).result())
            .secretNameTemplate("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
            .customTags(Map.of("foo", "bar"))
            .build());
    }
}

resources:
  gcp:
    type: vault:secrets:SyncGcpDestination
    properties:
      name: gcp-dest
      projectId: gcp-project-id
      credentials:
        fn::invoke:
          function: std:file
          arguments:
            input: ${credentialsFile}
          return: result
      secretNameTemplate: vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}
      customTags:
        foo: bar

Import

GCP Secrets sync destinations can be imported using the name, e.g.

$ pulumi import vault:secrets/syncGcpDestination:SyncGcpDestination gcp gcp-dest

Constructors

SyncGcpDestinationArgs

constructor(credentials: Output<String>? = null, customTags: Output<Map<String, String>>? = null, granularity: Output<String>? = null, name: Output<String>? = null, namespace: Output<String>? = null, projectId: Output<String>? = null, secretNameTemplate: Output<String>? = null)

Properties

credentials

val credentials: Output<String>? = null

JSON-encoded credentials to use to connect to GCP. Can be omitted and directly provided to Vault using the GOOGLE_APPLICATION_CREDENTIALS environment variable.

customTags

val customTags: Output<Map<String, String>>? = null

Custom tags to set on the secret managed at the destination.

granularity

val granularity: Output<String>? = null

Determines what level of information is synced as a distinct resource at the destination. Supports secret-path and secret-key.

name

val name: Output<String>? = null

Unique name of the GCP destination.

namespace

val namespace: Output<String>? = null

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace.

projectId

val projectId: Output<String>? = null

The target project to manage secrets in. If set, overrides the project ID derived from the service account JSON credentials or application default credentials. The service account must be authorized to perform Secret Manager actions in the target project.

secretNameTemplate

val secretNameTemplate: Output<String>? = null

Template describing how to generate external secret names. Supports a subset of the Go Template syntax.

Functions

toJava

open override fun toJava(): SyncGcpDestinationArgs