pulumi-vault-kotlin/com.pulumi.vault.kubernetes.kotlin.inputs/GetAuthBackendConfigPlainArgs

GetAuthBackendConfigPlainArgs

data class GetAuthBackendConfigPlainArgs(val backend: String? = null, val disableIssValidation: Boolean? = null, val disableLocalCaJwt: Boolean? = null, val issuer: String? = null, val kubernetesCaCert: String? = null, val kubernetesHost: String? = null, val namespace: String? = null, val pemKeys: List<String>? = null, val useAnnotationsAsAliasMetadata: Boolean? = null) : ConvertibleToJava<GetAuthBackendConfigPlainArgs>

A collection of arguments for invoking getAuthBackendConfig.

Constructors

Link copied to clipboard
constructor(backend: String? = null, disableIssValidation: Boolean? = null, disableLocalCaJwt: Boolean? = null, issuer: String? = null, kubernetesCaCert: String? = null, kubernetesHost: String? = null, namespace: String? = null, pemKeys: List<String>? = null, useAnnotationsAsAliasMetadata: Boolean? = null)

Properties

Link copied to clipboard
val backend: String? = null

The unique name for the Kubernetes backend the config to retrieve Role attributes for resides in. Defaults to "kubernetes".

Link copied to clipboard
val disableIssValidation: Boolean? = null

(Optional) Disable JWT issuer validation. Allows to skip ISS validation. Requires Vault v1.5.4+ or Vault auth kubernetes plugin v0.7.1+

Link copied to clipboard
val disableLocalCaJwt: Boolean? = null

(Optional) Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod. Requires Vault v1.5.4+ or Vault auth kubernetes plugin v0.7.1+

Link copied to clipboard
val issuer: String? = null

Optional JWT issuer. If no issuer is specified, kubernetes.io/serviceaccount will be used as the default issuer.

Link copied to clipboard
val kubernetesCaCert: String? = null

PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API.

Link copied to clipboard
val kubernetesHost: String? = null

Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.

Link copied to clipboard
val namespace: String? = null

The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

Link copied to clipboard
val pemKeys: List<String>? = null

Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.

Link copied to clipboard
val useAnnotationsAsAliasMetadata: Boolean? = null

(Optional) Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault v1.16+ or Vault auth kubernetes plugin v0.18.0+

Functions

Link copied to clipboard
open override fun toJava(): GetAuthBackendConfigPlainArgs