pulumi-vault-kotlin/com.pulumi.vault.kubernetes.kotlin.outputs/GetAuthBackendConfigResult

GetAuthBackendConfigResult

data class GetAuthBackendConfigResult(val backend: String? = null, val disableIssValidation: Boolean, val disableLocalCaJwt: Boolean, val id: String, val issuer: String, val kubernetesCaCert: String, val kubernetesHost: String, val namespace: String? = null, val pemKeys: List<String>, val useAnnotationsAsAliasMetadata: Boolean)

A collection of values returned by getAuthBackendConfig.

Constructors

Link copied to clipboard
constructor(backend: String? = null, disableIssValidation: Boolean, disableLocalCaJwt: Boolean, id: String, issuer: String, kubernetesCaCert: String, kubernetesHost: String, namespace: String? = null, pemKeys: List<String>, useAnnotationsAsAliasMetadata: Boolean)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val backend: String? = null
Link copied to clipboard
val disableIssValidation: Boolean

(Optional) Disable JWT issuer validation. Allows to skip ISS validation. Requires Vault v1.5.4+ or Vault auth kubernetes plugin v0.7.1+

Link copied to clipboard
val disableLocalCaJwt: Boolean

(Optional) Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod. Requires Vault v1.5.4+ or Vault auth kubernetes plugin v0.7.1+

Link copied to clipboard
val id: String

The provider-assigned unique ID for this managed resource.

Link copied to clipboard
val issuer: String

Optional JWT issuer. If no issuer is specified, kubernetes.io/serviceaccount will be used as the default issuer.

Link copied to clipboard
val kubernetesCaCert: String

PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API.

Link copied to clipboard
val kubernetesHost: String

Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.

Link copied to clipboard
val namespace: String? = null
Link copied to clipboard
val pemKeys: List<String>

Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.

Link copied to clipboard
val useAnnotationsAsAliasMetadata: Boolean

(Optional) Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault v1.16+ or Vault auth kubernetes plugin v0.18.0+