pulumi-vault-kotlin/com.pulumi.vault.ldap.kotlin/SecretBackendStaticRoleArgs

SecretBackendStaticRoleArgs

data class SecretBackendStaticRoleArgs(val dn: Output<String>? = null, val mount: Output<String>? = null, val namespace: Output<String>? = null, val roleName: Output<String>? = null, val rotationPeriod: Output<Int>? = null, val skipImportRotation: Output<Boolean>? = null, val username: Output<String>? = null) : ConvertibleToJava<SecretBackendStaticRoleArgs>

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const config = new vault.ldap.SecretBackend("config", {
    path: "my-custom-ldap",
    binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass: "SuperSecretPassw0rd",
    url: "ldaps://localhost",
    insecureTls: true,
    userdn: "CN=Users,DC=corp,DC=example,DC=net",
});
const role = new vault.ldap.SecretBackendStaticRole("role", {
    mount: config.path,
    username: "alice",
    dn: "cn=alice,ou=Users,DC=corp,DC=example,DC=net",
    roleName: "alice",
    rotationPeriod: 60,
});
Content copied to clipboard
import pulumi
import pulumi_vault as vault
config = vault.ldap.SecretBackend("config",
    path="my-custom-ldap",
    binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
    bindpass="SuperSecretPassw0rd",
    url="ldaps://localhost",
    insecure_tls=True,
    userdn="CN=Users,DC=corp,DC=example,DC=net")
role = vault.ldap.SecretBackendStaticRole("role",
    mount=config.path,
    username="alice",
    dn="cn=alice,ou=Users,DC=corp,DC=example,DC=net",
    role_name="alice",
    rotation_period=60)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var config = new Vault.Ldap.SecretBackend("config", new()
    {
        Path = "my-custom-ldap",
        Binddn = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
        Bindpass = "SuperSecretPassw0rd",
        Url = "ldaps://localhost",
        InsecureTls = true,
        Userdn = "CN=Users,DC=corp,DC=example,DC=net",
    });
    var role = new Vault.Ldap.SecretBackendStaticRole("role", new()
    {
        Mount = config.Path,
        Username = "alice",
        Dn = "cn=alice,ou=Users,DC=corp,DC=example,DC=net",
        RoleName = "alice",
        RotationPeriod = 60,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ldap"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		config, err := ldap.NewSecretBackend(ctx, "config", &ldap.SecretBackendArgs{
			Path:        pulumi.String("my-custom-ldap"),
			Binddn:      pulumi.String("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"),
			Bindpass:    pulumi.String("SuperSecretPassw0rd"),
			Url:         pulumi.String("ldaps://localhost"),
			InsecureTls: pulumi.Bool(true),
			Userdn:      pulumi.String("CN=Users,DC=corp,DC=example,DC=net"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewSecretBackendStaticRole(ctx, "role", &ldap.SecretBackendStaticRoleArgs{
			Mount:          config.Path,
			Username:       pulumi.String("alice"),
			Dn:             pulumi.String("cn=alice,ou=Users,DC=corp,DC=example,DC=net"),
			RoleName:       pulumi.String("alice"),
			RotationPeriod: pulumi.Int(60),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.ldap.SecretBackend;
import com.pulumi.vault.ldap.SecretBackendArgs;
import com.pulumi.vault.ldap.SecretBackendStaticRole;
import com.pulumi.vault.ldap.SecretBackendStaticRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var config = new SecretBackend("config", SecretBackendArgs.builder()
            .path("my-custom-ldap")
            .binddn("CN=Administrator,CN=Users,DC=corp,DC=example,DC=net")
            .bindpass("SuperSecretPassw0rd")
            .url("ldaps://localhost")
            .insecureTls(true)
            .userdn("CN=Users,DC=corp,DC=example,DC=net")
            .build());
        var role = new SecretBackendStaticRole("role", SecretBackendStaticRoleArgs.builder()
            .mount(config.path())
            .username("alice")
            .dn("cn=alice,ou=Users,DC=corp,DC=example,DC=net")
            .roleName("alice")
            .rotationPeriod(60)
            .build());
    }
}
Content copied to clipboard
resources:
  config:
    type: vault:ldap:SecretBackend
    properties:
      path: my-custom-ldap
      binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net
      bindpass: SuperSecretPassw0rd
      url: ldaps://localhost
      insecureTls: 'true'
      userdn: CN=Users,DC=corp,DC=example,DC=net
  role:
    type: vault:ldap:SecretBackendStaticRole
    properties:
      mount: ${config.path}
      username: alice
      dn: cn=alice,ou=Users,DC=corp,DC=example,DC=net
      roleName: alice
      rotationPeriod: 60
Content copied to clipboard

Import

LDAP secret backend static role can be imported using the full path to the role of the form: <mount_path>/static-role/<role_name> e.g.

$ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(dn: Output<String>? = null, mount: Output<String>? = null, namespace: Output<String>? = null, roleName: Output<String>? = null, rotationPeriod: Output<Int>? = null, skipImportRotation: Output<Boolean>? = null, username: Output<String>? = null)

Properties

Link copied to clipboard
val dn: Output<String>? = null

Distinguished name (DN) of the existing LDAP entry to manage password rotation for. If given, it will take precedence over username for the LDAP search performed during password rotation. Cannot be modified after creation.

Link copied to clipboard
val mount: Output<String>? = null

The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to ldap.

Link copied to clipboard
val namespace: Output<String>? = null

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

Link copied to clipboard
val roleName: Output<String>? = null

Name of the role.

Link copied to clipboard
val rotationPeriod: Output<Int>? = null

How often Vault should rotate the password of the user entry.

Link copied to clipboard
val skipImportRotation: Output<Boolean>? = null

Causes vault to skip the initial secret rotation on import. Not applicable to updates. Requires Vault 1.16 or above.

Link copied to clipboard
val username: Output<String>? = null

The username of the existing LDAP entry to manage password rotation for.

Functions

Link copied to clipboard
open override fun toJava(): SecretBackendStaticRoleArgs