pulumi-vault-kotlin/com.pulumi.vault.secrets.kotlin/SyncGcpDestination

SyncGcpDestination

class SyncGcpDestination : KotlinCustomResource

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as std from "@pulumi/std";
import * as vault from "@pulumi/vault";
const gcp = new vault.secrets.SyncGcpDestination("gcp", {
    name: "gcp-dest",
    projectId: "gcp-project-id",
    credentials: std.file({
        input: credentialsFile,
    }).then(invoke => invoke.result),
    secretNameTemplate: "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
    customTags: {
        foo: "bar",
    },
});
Content copied to clipboard
import pulumi
import pulumi_std as std
import pulumi_vault as vault
gcp = vault.secrets.SyncGcpDestination("gcp",
    name="gcp-dest",
    project_id="gcp-project-id",
    credentials=std.file(input=credentials_file).result,
    secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
    custom_tags={
        "foo": "bar",
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Std = Pulumi.Std;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var gcp = new Vault.Secrets.SyncGcpDestination("gcp", new()
    {
        Name = "gcp-dest",
        ProjectId = "gcp-project-id",
        Credentials = Std.File.Invoke(new()
        {
            Input = credentialsFile,
        }).Apply(invoke => invoke.Result),
        SecretNameTemplate = "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
        CustomTags =
        {
            { "foo", "bar" },
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-std/sdk/go/std"
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/secrets"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		invokeFile, err := std.File(ctx, &std.FileArgs{
			Input: credentialsFile,
		}, nil)
		if err != nil {
			return err
		}
		_, err = secrets.NewSyncGcpDestination(ctx, "gcp", &secrets.SyncGcpDestinationArgs{
			Name:               pulumi.String("gcp-dest"),
			ProjectId:          pulumi.String("gcp-project-id"),
			Credentials:        pulumi.String(invokeFile.Result),
			SecretNameTemplate: pulumi.String("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}"),
			CustomTags: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.secrets.SyncGcpDestination;
import com.pulumi.vault.secrets.SyncGcpDestinationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var gcp = new SyncGcpDestination("gcp", SyncGcpDestinationArgs.builder()
            .name("gcp-dest")
            .projectId("gcp-project-id")
            .credentials(StdFunctions.file(FileArgs.builder()
                .input(credentialsFile)
                .build()).result())
            .secretNameTemplate("vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
            .customTags(Map.of("foo", "bar"))
            .build());
    }
}
Content copied to clipboard
resources:
  gcp:
    type: vault:secrets:SyncGcpDestination
    properties:
      name: gcp-dest
      projectId: gcp-project-id
      credentials:
        fn::invoke:
          function: std:file
          arguments:
            input: ${credentialsFile}
          return: result
      secretNameTemplate: vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}
      customTags:
        foo: bar
Content copied to clipboard

Import

GCP Secrets sync destinations can be imported using the name, e.g.

$ pulumi import vault:secrets/syncGcpDestination:SyncGcpDestination gcp gcp-dest
Content copied to clipboard

Properties

Link copied to clipboard
val credentials: Output<String>?

JSON-encoded credentials to use to connect to GCP. Can be omitted and directly provided to Vault using the GOOGLE_APPLICATION_CREDENTIALS environment variable.

Link copied to clipboard
val customTags: Output<Map<String, String>>?

Custom tags to set on the secret managed at the destination.

Link copied to clipboard
val granularity: Output<String>?

Determines what level of information is synced as a distinct resource at the destination. Supports secret-path and secret-key.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val name: Output<String>

Unique name of the GCP destination.

Link copied to clipboard
val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace.

Link copied to clipboard
val projectId: Output<String>?

The target project to manage secrets in. If set, overrides the project ID derived from the service account JSON credentials or application default credentials. The service account must be authorized to perform Secret Manager actions in the target project.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val secretNameTemplate: Output<String>

Template describing how to generate external secret names. Supports a subset of the Go Template syntax.

Link copied to clipboard
val type: Output<String>

The type of the secrets destination (gcp-sm).

Link copied to clipboard
val urn: Output<String>