pulumi-vault-kotlin/com.pulumi.vault.kotlin/RgpPolicyArgs

RgpPolicyArgs

data class RgpPolicyArgs(val enforcementLevel: Output<String>? = null, val name: Output<String>? = null, val namespace: Output<String>? = null, val policy: Output<String>? = null) : ConvertibleToJava<RgpPolicyArgs>

Provides a resource to manage Role Governing Policy (RGP) via Sentinel. Note this feature is available only with Vault Enterprise.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const allow_all = new vault.RgpPolicy("allow-all", {
    name: "allow-all",
    enforcementLevel: "soft-mandatory",
    policy: `main = rule {
  true
}
`,
});
Content copied to clipboard
import pulumi
import pulumi_vault as vault
allow_all = vault.RgpPolicy("allow-all",
    name="allow-all",
    enforcement_level="soft-mandatory",
    policy="""main = rule {
  true
}
""")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var allow_all = new Vault.RgpPolicy("allow-all", new()
    {
        Name = "allow-all",
        EnforcementLevel = "soft-mandatory",
        Policy = @"main = rule {
  true
}
",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := vault.NewRgpPolicy(ctx, "allow-all", &vault.RgpPolicyArgs{
			Name:             pulumi.String("allow-all"),
			EnforcementLevel: pulumi.String("soft-mandatory"),
			Policy:           pulumi.String("main = rule {\n  true\n}\n"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.RgpPolicy;
import com.pulumi.vault.RgpPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var allow_all = new RgpPolicy("allow-all", RgpPolicyArgs.builder()
            .name("allow-all")
            .enforcementLevel("soft-mandatory")
            .policy("""
main = rule {
  true
}
            """)
            .build());
    }
}
Content copied to clipboard
resources:
  allow-all:
    type: vault:RgpPolicy
    properties:
      name: allow-all
      enforcementLevel: soft-mandatory
      policy: |
        main = rule {
          true
        }
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(enforcementLevel: Output<String>? = null, name: Output<String>? = null, namespace: Output<String>? = null, policy: Output<String>? = null)

Properties

Link copied to clipboard
val enforcementLevel: Output<String>? = null

Enforcement level of Sentinel policy. Can be either advisory or soft-mandatory or hard-mandatory

Link copied to clipboard
val name: Output<String>? = null

The name of the policy

Link copied to clipboard
val namespace: Output<String>? = null

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

Link copied to clipboard
val policy: Output<String>? = null

String containing a Sentinel policy

Functions

Link copied to clipboard
open override fun toJava(): RgpPolicyArgs