pulumi-vault-kotlin/com.pulumi.vault.gcp.kotlin

Package-level declarations

Types

Link copied to clipboard
class AuthBackend : KotlinCustomResource

Provides a resource to configure the GCP auth backend within Vault.

Link copied to clipboard
data class AuthBackendArgs(val clientEmail: Output<String>? = null, val clientId: Output<String>? = null, val credentials: Output<String>? = null, val customEndpoint: Output<AuthBackendCustomEndpointArgs>? = null, val description: Output<String>? = null, val disableAutomatedRotation: Output<Boolean>? = null, val disableRemount: Output<Boolean>? = null, val identityTokenAudience: Output<String>? = null, val identityTokenKey: Output<String>? = null, val identityTokenTtl: Output<Int>? = null, val local: Output<Boolean>? = null, val namespace: Output<String>? = null, val path: Output<String>? = null, val privateKeyId: Output<String>? = null, val projectId: Output<String>? = null, val rotationPeriod: Output<Int>? = null, val rotationSchedule: Output<String>? = null, val rotationWindow: Output<Int>? = null, val serviceAccountEmail: Output<String>? = null, val tune: Output<AuthBackendTuneArgs>? = null) : ConvertibleToJava<AuthBackendArgs>

Provides a resource to configure the GCP auth backend within Vault.

Link copied to clipboard
Link copied to clipboard
object AuthBackendMapper : ResourceMapper<AuthBackend>
Link copied to clipboard
Link copied to clipboard
class AuthBackendRole : KotlinCustomResource

Provides a resource to create a role in an GCP auth backend within Vault.

Link copied to clipboard
data class AuthBackendRoleArgs(val addGroupAliases: Output<Boolean>? = null, val allowGceInference: Output<Boolean>? = null, val backend: Output<String>? = null, val boundInstanceGroups: Output<List<String>>? = null, val boundLabels: Output<List<String>>? = null, val boundProjects: Output<List<String>>? = null, val boundRegions: Output<List<String>>? = null, val boundServiceAccounts: Output<List<String>>? = null, val boundZones: Output<List<String>>? = null, val maxJwtExp: Output<String>? = null, val namespace: Output<String>? = null, val role: Output<String>? = null, val tokenBoundCidrs: Output<List<String>>? = null, val tokenExplicitMaxTtl: Output<Int>? = null, val tokenMaxTtl: Output<Int>? = null, val tokenNoDefaultPolicy: Output<Boolean>? = null, val tokenNumUses: Output<Int>? = null, val tokenPeriod: Output<Int>? = null, val tokenPolicies: Output<List<String>>? = null, val tokenTtl: Output<Int>? = null, val tokenType: Output<String>? = null, val type: Output<String>? = null) : ConvertibleToJava<AuthBackendRoleArgs>

Provides a resource to create a role in an GCP auth backend within Vault.

Link copied to clipboard
Link copied to clipboard
object AuthBackendRoleMapper : ResourceMapper<AuthBackendRole>
Link copied to clipboard
Link copied to clipboard
object GcpFunctions
Link copied to clipboard
class SecretBackend : KotlinCustomResource

You can setup the GCP secret backend with Workload Identity Federation (WIF) for a secret-less configuration:

Link copied to clipboard
data class SecretBackendArgs(val credentials: Output<String>? = null, val defaultLeaseTtlSeconds: Output<Int>? = null, val description: Output<String>? = null, val disableAutomatedRotation: Output<Boolean>? = null, val disableRemount: Output<Boolean>? = null, val identityTokenAudience: Output<String>? = null, val identityTokenKey: Output<String>? = null, val identityTokenTtl: Output<Int>? = null, val local: Output<Boolean>? = null, val maxLeaseTtlSeconds: Output<Int>? = null, val namespace: Output<String>? = null, val path: Output<String>? = null, val rotationPeriod: Output<Int>? = null, val rotationSchedule: Output<String>? = null, val rotationWindow: Output<Int>? = null, val serviceAccountEmail: Output<String>? = null) : ConvertibleToJava<SecretBackendArgs>

You can setup the GCP secret backend with Workload Identity Federation (WIF) for a secret-less configuration:

Link copied to clipboard
Link copied to clipboard
object SecretBackendMapper : ResourceMapper<SecretBackend>
Link copied to clipboard
Link copied to clipboard
class SecretImpersonatedAccount : KotlinCustomResource

Creates a Impersonated Account in the GCP Secrets Engine for Vault. Each impersonated account is tied to a separately managed Service Account.

Link copied to clipboard
data class SecretImpersonatedAccountArgs(val backend: Output<String>? = null, val impersonatedAccount: Output<String>? = null, val namespace: Output<String>? = null, val serviceAccountEmail: Output<String>? = null, val tokenScopes: Output<List<String>>? = null, val ttl: Output<String>? = null) : ConvertibleToJava<SecretImpersonatedAccountArgs>

Creates a Impersonated Account in the GCP Secrets Engine for Vault. Each impersonated account is tied to a separately managed Service Account.

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
class SecretRoleset : KotlinCustomResource

Creates a Roleset in the GCP Secrets Engine for Vault. Each Roleset is tied to a Service Account, and can have one or more bindings associated with it.

Link copied to clipboard
data class SecretRolesetArgs(val backend: Output<String>? = null, val bindings: Output<List<SecretRolesetBindingArgs>>? = null, val namespace: Output<String>? = null, val project: Output<String>? = null, val roleset: Output<String>? = null, val secretType: Output<String>? = null, val tokenScopes: Output<List<String>>? = null) : ConvertibleToJava<SecretRolesetArgs>

Creates a Roleset in the GCP Secrets Engine for Vault. Each Roleset is tied to a Service Account, and can have one or more bindings associated with it.

Link copied to clipboard
Link copied to clipboard
object SecretRolesetMapper : ResourceMapper<SecretRoleset>
Link copied to clipboard
Link copied to clipboard
class SecretStaticAccount : KotlinCustomResource

Creates a Static Account in the GCP Secrets Engine for Vault. Each static account is tied to a separately managed Service Account, and can have one or more bindings associated with it.

Link copied to clipboard
data class SecretStaticAccountArgs(val backend: Output<String>? = null, val bindings: Output<List<SecretStaticAccountBindingArgs>>? = null, val namespace: Output<String>? = null, val secretType: Output<String>? = null, val serviceAccountEmail: Output<String>? = null, val staticAccount: Output<String>? = null, val tokenScopes: Output<List<String>>? = null) : ConvertibleToJava<SecretStaticAccountArgs>

Creates a Static Account in the GCP Secrets Engine for Vault. Each static account is tied to a separately managed Service Account, and can have one or more bindings associated with it.

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard

Functions

Link copied to clipboard
fun authBackend(name: String): AuthBackend
suspend fun authBackend(name: String, block: suspend AuthBackendResourceBuilder.() -> Unit): AuthBackend
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard