Secret
data class SecretRoleArgs(val backend: Output<String>? = null, val namespace: Output<String>? = null, val role: Output<String>? = null, val serviceAccountName: Output<String>? = null, val ttl: Output<Int>? = null) : ConvertibleToJava<SecretRoleArgs>
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const config = new vault.ad.SecretBackend("config", {
backend: "ad",
binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
bindpass: "SuperSecretPassw0rd",
url: "ldaps://ad",
insecureTls: true,
userdn: "CN=Users,DC=corp,DC=example,DC=net",
});
const role = new vault.ad.SecretRole("role", {
backend: config.backend,
role: "bob",
serviceAccountName: "Bob",
ttl: 60,
});Content copied to clipboard
import pulumi
import pulumi_vault as vault
config = vault.ad.SecretBackend("config",
backend="ad",
binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
bindpass="SuperSecretPassw0rd",
url="ldaps://ad",
insecure_tls=True,
userdn="CN=Users,DC=corp,DC=example,DC=net")
role = vault.ad.SecretRole("role",
backend=config.backend,
role="bob",
service_account_name="Bob",
ttl=60)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var config = new Vault.AD.SecretBackend("config", new()
{
Backend = "ad",
Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
Bindpass = "SuperSecretPassw0rd",
Url = "ldaps://ad",
InsecureTls = true,
Userdn = "CN=Users,DC=corp,DC=example,DC=net",
});
var role = new Vault.AD.SecretRole("role", new()
{
Backend = config.Backend,
Role = "bob",
ServiceAccountName = "Bob",
Ttl = 60,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ad"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
config, err := ad.NewSecretBackend(ctx, "config", &ad.SecretBackendArgs{
Backend: pulumi.String("ad"),
Binddn: pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
Bindpass: pulumi.String("SuperSecretPassw0rd"),
Url: pulumi.String("ldaps://ad"),
InsecureTls: pulumi.Bool(true),
Userdn: pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
})
if err != nil {
return err
}
_, err = ad.NewSecretRole(ctx, "role", &ad.SecretRoleArgs{
Backend: config.Backend,
Role: pulumi.String("bob"),
ServiceAccountName: pulumi.String("Bob"),
Ttl: pulumi.Int(60),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.ad.SecretBackend;
import com.pulumi.vault.ad.SecretBackendArgs;
import com.pulumi.vault.ad.SecretRole;
import com.pulumi.vault.ad.SecretRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var config = new SecretBackend("config", SecretBackendArgs.builder()
.backend("ad")
.binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
.bindpass("SuperSecretPassw0rd")
.url("ldaps://ad")
.insecureTls(true)
.userdn("CN=Users,DC=corp,DC=example,DC=net")
.build());
var role = new SecretRole("role", SecretRoleArgs.builder()
.backend(config.backend())
.role("bob")
.serviceAccountName("Bob")
.ttl(60)
.build());
}
}Content copied to clipboard
resources:
config:
type: vault:ad:SecretBackend
properties:
backend: ad
binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
bindpass: SuperSecretPassw0rd
url: ldaps://ad
insecureTls: 'true'
userdn: CN=Users,DC=corp,DC=example,DC=net
role:
type: vault:ad:SecretRole
properties:
backend: ${config.backend}
role: bob
serviceAccountName: Bob
ttl: 60Content copied to clipboard
Import
AD secret backend roles can be imported using the path, e.g.
$ pulumi import vault:ad/secretRole:SecretRole role ad/roles/bobContent copied to clipboard