pulumi-vault-kotlin/com.pulumi.vault.azure.kotlin/AzureFunctions/getAccessCredentials

getAccessCredentials

suspend fun getAccessCredentials(argument: GetAccessCredentialsPlainArgs): GetAccessCredentialsResult

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const creds = vault.azure.getAccessCredentials({
    role: "my-role",
    validateCreds: true,
    numSequentialSuccesses: 8,
    numSecondsBetweenTests: 1,
    maxCredValidationSeconds: 300,
});
Content copied to clipboard
import pulumi
import pulumi_vault as vault
creds = vault.azure.get_access_credentials(role="my-role",
    validate_creds=True,
    num_sequential_successes=8,
    num_seconds_between_tests=1,
    max_cred_validation_seconds=300)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var creds = Vault.Azure.GetAccessCredentials.Invoke(new()
    {
        Role = "my-role",
        ValidateCreds = true,
        NumSequentialSuccesses = 8,
        NumSecondsBetweenTests = 1,
        MaxCredValidationSeconds = 300,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := azure.GetAccessCredentials(ctx, &azure.GetAccessCredentialsArgs{
			Role:                     "my-role",
			ValidateCreds:            pulumi.BoolRef(true),
			NumSequentialSuccesses:   pulumi.IntRef(8),
			NumSecondsBetweenTests:   pulumi.IntRef(1),
			MaxCredValidationSeconds: pulumi.IntRef(300),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.azure.AzureFunctions;
import com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var creds = AzureFunctions.getAccessCredentials(GetAccessCredentialsArgs.builder()
            .role("my-role")
            .validateCreds(true)
            .numSequentialSuccesses(8)
            .numSecondsBetweenTests(1)
            .maxCredValidationSeconds(300)
            .build());
    }
}
Content copied to clipboard
variables:
  creds:
    fn::invoke:
      function: vault:azure:getAccessCredentials
      arguments:
        role: my-role
        validateCreds: true
        numSequentialSuccesses: 8
        numSecondsBetweenTests: 1
        maxCredValidationSeconds: 300
Content copied to clipboard

Caveats

The validate_creds option requires read-access to the backend config endpoint. If the effective Vault role does not have the required permissions then valid values are required to be set for: subscription_id, tenant_id, environment.

Return

A collection of values returned by getAccessCredentials.

Parameters

argument

A collection of arguments for invoking getAccessCredentials.

suspend fun getAccessCredentials(backend: String, environment: String? = null, maxCredValidationSeconds: Int? = null, namespace: String? = null, numSecondsBetweenTests: Int? = null, numSequentialSuccesses: Int? = null, role: String, subscriptionId: String? = null, tenantId: String? = null, validateCreds: Boolean? = null): GetAccessCredentialsResult

Return

A collection of values returned by getAccessCredentials.

Parameters

backend

The path to the Azure secret backend to read credentials from, with no leading or trailing /s.

environment

The Azure environment to use during credential validation. Defaults to the environment configured in the Vault backend. Some possible values: AzurePublicCloud, AzureGovernmentCloud See the caveats section for more information on this field.

maxCredValidationSeconds

If 'validate_creds' is true, the number of seconds after which to give up validating credentials. Defaults to 300.

namespace

The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

numSecondsBetweenTests

If 'validate_creds' is true, the number of seconds to wait between each test of generated credentials. Defaults to 1.

numSequentialSuccesses

If 'validate_creds' is true, the number of sequential successes required to validate generated credentials. Defaults to 8.

role

The name of the Azure secret backend role to read credentials from, with no leading or trailing /s.

subscriptionId

The subscription ID to use during credential validation. Defaults to the subscription ID configured in the Vault backend. See the caveats section for more information on this field.

tenantId

The tenant ID to use during credential validation. Defaults to the tenant ID configured in the Vault backend. See the caveats section for more information on this field.

validateCreds

Whether generated credentials should be validated before being returned. Defaults to false, which returns credentials without checking whether they have fully propagated throughout Azure Active Directory. Designating true activates testing.

See also

.

suspend fun getAccessCredentials(argument: suspend GetAccessCredentialsPlainArgsBuilder.() -> Unit): GetAccessCredentialsResult

Return

A collection of values returned by getAccessCredentials.

Parameters

argument

Builder for com.pulumi.vault.azure.kotlin.inputs.GetAccessCredentialsPlainArgs.

See also

.