@pierskarsenbarg/sdm
Version:
A Pulumi package for creating and managing StrongDM cloud resources.
255 lines (254 loc) • 8.43 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as outputs from "./types/output";
/**
* A SecretEngine is managing secrets in SecretStores.
*/
export declare function getSecretEngine(args?: GetSecretEngineArgs, opts?: pulumi.InvokeOptions): Promise<GetSecretEngineResult>;
/**
* A collection of arguments for invoking getSecretEngine.
*/
export interface GetSecretEngineArgs {
/**
* Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
*/
binddn?: string;
/**
* Password to use along with binddn when performing user search.
*/
bindpass?: string;
/**
* CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
*/
certificate?: string;
/**
* Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
*/
connectionTimeout?: number;
/**
* If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
*/
doNotValidateTimestamps?: boolean;
/**
* Unique identifier of the Secret Engine.
*/
id?: string;
/**
* If true, skips LDAP server SSL certificate verification - insecure, use with caution!
*/
insecureTls?: boolean;
/**
* An interval of public/private key rotation for secret engine in days
*/
keyRotationIntervalDays?: number;
/**
* Unique human-readable name of the Secret Engine.
*/
name?: string;
/**
* Timeout, in seconds, for the connection when making requests against the server before returning back an error.
*/
requestTimeout?: number;
/**
* Backing secret store identifier
*/
secretStoreId?: string;
/**
* Backing Secret Store root path where managed secrets are going to be stored
*/
secretStoreRootPath?: string;
/**
* If true, issues a StartTLS command after establishing an unencrypted connection.
*/
startTls?: boolean;
/**
* Tags is a map of key, value pairs.
*/
tags?: {
[key: string]: string;
};
/**
* a filter to select all items of a certain subtype. See the [filter documentation](https://www.strongdm.com/docs/cli/filters/) for more information.
*/
type?: string;
/**
* The domain (userPrincipalDomain) used to construct a UPN string for authentication.
*/
upndomain?: string;
/**
* The LDAP server to connect to.
*/
url?: string;
/**
* Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
*/
userdn?: string;
}
/**
* A collection of values returned by getSecretEngine.
*/
export interface GetSecretEngineResult {
/**
* Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
*/
readonly binddn?: string;
/**
* Password to use along with binddn when performing user search.
*/
readonly bindpass?: string;
/**
* CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
*/
readonly certificate?: string;
/**
* Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
*/
readonly connectionTimeout?: number;
/**
* If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
*/
readonly doNotValidateTimestamps?: boolean;
/**
* Unique identifier of the Secret Engine.
*/
readonly id?: string;
/**
* a list of strings of ids of data sources that match the given arguments.
*/
readonly ids: string[];
/**
* If true, skips LDAP server SSL certificate verification - insecure, use with caution!
*/
readonly insecureTls?: boolean;
/**
* An interval of public/private key rotation for secret engine in days
*/
readonly keyRotationIntervalDays?: number;
/**
* Unique human-readable name of the Secret Engine.
*/
readonly name?: string;
/**
* Timeout, in seconds, for the connection when making requests against the server before returning back an error.
*/
readonly requestTimeout?: number;
/**
* A single element list containing a map, where each key lists one of the following objects:
* * active_directory:
*/
readonly secretEngines: outputs.GetSecretEngineSecretEngine[];
/**
* Backing secret store identifier
*/
readonly secretStoreId?: string;
/**
* Backing Secret Store root path where managed secrets are going to be stored
*/
readonly secretStoreRootPath?: string;
/**
* If true, issues a StartTLS command after establishing an unencrypted connection.
*/
readonly startTls?: boolean;
/**
* Tags is a map of key, value pairs.
*/
readonly tags?: {
[key: string]: string;
};
readonly type?: string;
/**
* The domain (userPrincipalDomain) used to construct a UPN string for authentication.
*/
readonly upndomain?: string;
/**
* The LDAP server to connect to.
*/
readonly url?: string;
/**
* Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
* * key_value:
*/
readonly userdn?: string;
}
/**
* A SecretEngine is managing secrets in SecretStores.
*/
export declare function getSecretEngineOutput(args?: GetSecretEngineOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetSecretEngineResult>;
/**
* A collection of arguments for invoking getSecretEngine.
*/
export interface GetSecretEngineOutputArgs {
/**
* Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
*/
binddn?: pulumi.Input<string>;
/**
* Password to use along with binddn when performing user search.
*/
bindpass?: pulumi.Input<string>;
/**
* CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
*/
certificate?: pulumi.Input<string>;
/**
* Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
*/
connectionTimeout?: pulumi.Input<number>;
/**
* If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
*/
doNotValidateTimestamps?: pulumi.Input<boolean>;
/**
* Unique identifier of the Secret Engine.
*/
id?: pulumi.Input<string>;
/**
* If true, skips LDAP server SSL certificate verification - insecure, use with caution!
*/
insecureTls?: pulumi.Input<boolean>;
/**
* An interval of public/private key rotation for secret engine in days
*/
keyRotationIntervalDays?: pulumi.Input<number>;
/**
* Unique human-readable name of the Secret Engine.
*/
name?: pulumi.Input<string>;
/**
* Timeout, in seconds, for the connection when making requests against the server before returning back an error.
*/
requestTimeout?: pulumi.Input<number>;
/**
* Backing secret store identifier
*/
secretStoreId?: pulumi.Input<string>;
/**
* Backing Secret Store root path where managed secrets are going to be stored
*/
secretStoreRootPath?: pulumi.Input<string>;
/**
* If true, issues a StartTLS command after establishing an unencrypted connection.
*/
startTls?: pulumi.Input<boolean>;
/**
* Tags is a map of key, value pairs.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* a filter to select all items of a certain subtype. See the [filter documentation](https://www.strongdm.com/docs/cli/filters/) for more information.
*/
type?: pulumi.Input<string>;
/**
* The domain (userPrincipalDomain) used to construct a UPN string for authentication.
*/
upndomain?: pulumi.Input<string>;
/**
* The LDAP server to connect to.
*/
url?: pulumi.Input<string>;
/**
* Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
*/
userdn?: pulumi.Input<string>;
}