Auth
Configures the periodic tidying operation of the whitelisted identity entries. For more information, see the Vault docs.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const example = new vault.AuthBackend("example", {type: "aws"});
const exampleAuthBackendIdentityWhitelist = new vault.aws.AuthBackendIdentityWhitelist("example", {
backend: example.path,
safetyBuffer: 3600,
});Content copied to clipboard
import pulumi
import pulumi_vault as vault
example = vault.AuthBackend("example", type="aws")
example_auth_backend_identity_whitelist = vault.aws.AuthBackendIdentityWhitelist("example",
backend=example.path,
safety_buffer=3600)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var example = new Vault.AuthBackend("example", new()
{
Type = "aws",
});
var exampleAuthBackendIdentityWhitelist = new Vault.Aws.AuthBackendIdentityWhitelist("example", new()
{
Backend = example.Path,
SafetyBuffer = 3600,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/aws"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := vault.NewAuthBackend(ctx, "example", &vault.AuthBackendArgs{
Type: pulumi.String("aws"),
})
if err != nil {
return err
}
_, err = aws.NewAuthBackendIdentityWhitelist(ctx, "example", &aws.AuthBackendIdentityWhitelistArgs{
Backend: example.Path,
SafetyBuffer: pulumi.Int(3600),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.AuthBackend;
import com.pulumi.vault.AuthBackendArgs;
import com.pulumi.vault.aws.AuthBackendIdentityWhitelist;
import com.pulumi.vault.aws.AuthBackendIdentityWhitelistArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AuthBackend("example", AuthBackendArgs.builder()
.type("aws")
.build());
var exampleAuthBackendIdentityWhitelist = new AuthBackendIdentityWhitelist("exampleAuthBackendIdentityWhitelist", AuthBackendIdentityWhitelistArgs.builder()
.backend(example.path())
.safetyBuffer(3600)
.build());
}
}Content copied to clipboard
resources:
example:
type: vault:AuthBackend
properties:
type: aws
exampleAuthBackendIdentityWhitelist:
type: vault:aws:AuthBackendIdentityWhitelist
name: example
properties:
backend: ${example.path}
safetyBuffer: 3600Content copied to clipboard
Import
AWS auth backend identity whitelists can be imported using auth/, the backend path, and /config/tidy/identity-whitelist e.g.
$ pulumi import vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist example auth/aws/config/tidy/identity-whitelistContent copied to clipboard
Properties
Link copied to clipboard
If set to true, disables the periodic tidying of the identity-whitelist entries.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The amount of extra time, in minutes, that must have passed beyond the roletag expiration, before it is removed from the backend storage.