@pierskarsenbarg/sdm
Version:
A Pulumi package for creating and managing StrongDM cloud resources.
351 lines • 11.5 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as outputs from "./types/output";
/**
* A SecretEngine is managing secrets in SecretStores.
*/
export declare function getSecretEngine(args?: GetSecretEngineArgs, opts?: pulumi.InvokeOptions): Promise<GetSecretEngineResult>;
/**
* A collection of arguments for invoking getSecretEngine.
*/
export interface GetSecretEngineArgs {
/**
* Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
*/
binddn?: string;
/**
* Password to use along with binddn when performing user search.
*/
bindpass?: string;
/**
* CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
*/
certificate?: string;
/**
* Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
*/
connectionTimeout?: number;
/**
* Database is the database to verify credential against.
*/
database?: string;
/**
* If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
*/
doNotValidateTimestamps?: boolean;
/**
* Hostname is the hostname or IP address of the SQL Server.
*/
hostname?: string;
/**
* Unique identifier of the Secret Engine.
*/
id?: string;
/**
* If true, skips LDAP server SSL certificate verification - insecure, use with caution!
*/
insecureTls?: boolean;
/**
* An interval of public/private key rotation for secret engine in days
*/
keyRotationIntervalDays?: number;
/**
* Unique human-readable name of the Secret Engine.
*/
name?: string;
/**
* node selector is used to narrow down the nodes used to communicate with with secret engine
*/
nodeSelector?: string;
/**
* Password is the password to connect to the SQL Server server.
*/
password?: string;
/**
* Port is the port number of the SQL Server server.
*/
port?: number;
/**
* Timeout, in seconds, for the connection when making requests against the server before returning back an error.
*/
requestTimeout?: number;
/**
* Backing secret store identifier
*/
secretStoreId?: string;
/**
* Backing Secret Store root path where managed secrets are going to be stored
*/
secretStoreRootPath?: string;
/**
* If true, issues a StartTLS command after establishing an unencrypted connection.
*/
startTls?: boolean;
/**
* Tags is a map of key, value pairs.
*/
tags?: {
[key: string]: string;
};
/**
* TLS enables TLS/SSL when connecting to the SQL Server server.
*/
tls?: boolean;
/**
* TLS disable certificate verification
*/
tlsSkipVerify?: boolean;
/**
* a filter to select all items of a certain subtype. See the [filter documentation](https://docs.strongdm.com/references/cli/filters/) for more information.
*/
type?: string;
/**
* The domain (userPrincipalDomain) used to construct a UPN string for authentication.
*/
upndomain?: string;
/**
* The LDAP server to connect to.
*/
url?: string;
/**
* Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
*/
userdn?: string;
/**
* Username is the username to connect to the SQL Server.
*/
username?: string;
}
/**
* A collection of values returned by getSecretEngine.
*/
export interface GetSecretEngineResult {
/**
* Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
*/
readonly binddn?: string;
/**
* Password to use along with binddn when performing user search.
*/
readonly bindpass?: string;
/**
* CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
*/
readonly certificate?: string;
/**
* Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
*/
readonly connectionTimeout?: number;
/**
* Database is the database to verify credential against.
*/
readonly database?: string;
/**
* If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
*/
readonly doNotValidateTimestamps?: boolean;
/**
* Hostname is the hostname or IP address of the SQL Server.
*/
readonly hostname?: string;
/**
* Unique identifier of the Secret Engine.
*/
readonly id?: string;
/**
* a list of strings of ids of data sources that match the given arguments.
*/
readonly ids: string[];
/**
* If true, skips LDAP server SSL certificate verification - insecure, use with caution!
*/
readonly insecureTls?: boolean;
/**
* An interval of public/private key rotation for secret engine in days
*/
readonly keyRotationIntervalDays?: number;
/**
* Unique human-readable name of the Secret Engine.
*/
readonly name?: string;
/**
* node selector is used to narrow down the nodes used to communicate with with secret engine
*/
readonly nodeSelector?: string;
/**
* Password is the password to connect to the SQL Server server.
*/
readonly password?: string;
/**
* Port is the port number of the SQL Server server.
*/
readonly port?: number;
/**
* Timeout, in seconds, for the connection when making requests against the server before returning back an error.
*/
readonly requestTimeout?: number;
/**
* A single element list containing a map, where each key lists one of the following objects:
* * active_directory:
*/
readonly secretEngines: outputs.GetSecretEngineSecretEngine[];
/**
* Backing secret store identifier
*/
readonly secretStoreId?: string;
/**
* Backing Secret Store root path where managed secrets are going to be stored
*/
readonly secretStoreRootPath?: string;
/**
* If true, issues a StartTLS command after establishing an unencrypted connection.
*/
readonly startTls?: boolean;
/**
* Tags is a map of key, value pairs.
*/
readonly tags?: {
[key: string]: string;
};
/**
* TLS enables TLS/SSL when connecting to the SQL Server server.
*/
readonly tls?: boolean;
/**
* TLS disable certificate verification
*/
readonly tlsSkipVerify?: boolean;
readonly type?: string;
/**
* The domain (userPrincipalDomain) used to construct a UPN string for authentication.
*/
readonly upndomain?: string;
/**
* The LDAP server to connect to.
*/
readonly url?: string;
/**
* Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
* * key_value:
*/
readonly userdn?: string;
/**
* Username is the username to connect to the SQL Server.
*/
readonly username?: string;
}
/**
* A SecretEngine is managing secrets in SecretStores.
*/
export declare function getSecretEngineOutput(args?: GetSecretEngineOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetSecretEngineResult>;
/**
* A collection of arguments for invoking getSecretEngine.
*/
export interface GetSecretEngineOutputArgs {
/**
* Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
*/
binddn?: pulumi.Input<string | undefined>;
/**
* Password to use along with binddn when performing user search.
*/
bindpass?: pulumi.Input<string | undefined>;
/**
* CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
*/
certificate?: pulumi.Input<string | undefined>;
/**
* Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
*/
connectionTimeout?: pulumi.Input<number | undefined>;
/**
* Database is the database to verify credential against.
*/
database?: pulumi.Input<string | undefined>;
/**
* If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
*/
doNotValidateTimestamps?: pulumi.Input<boolean | undefined>;
/**
* Hostname is the hostname or IP address of the SQL Server.
*/
hostname?: pulumi.Input<string | undefined>;
/**
* Unique identifier of the Secret Engine.
*/
id?: pulumi.Input<string | undefined>;
/**
* If true, skips LDAP server SSL certificate verification - insecure, use with caution!
*/
insecureTls?: pulumi.Input<boolean | undefined>;
/**
* An interval of public/private key rotation for secret engine in days
*/
keyRotationIntervalDays?: pulumi.Input<number | undefined>;
/**
* Unique human-readable name of the Secret Engine.
*/
name?: pulumi.Input<string | undefined>;
/**
* node selector is used to narrow down the nodes used to communicate with with secret engine
*/
nodeSelector?: pulumi.Input<string | undefined>;
/**
* Password is the password to connect to the SQL Server server.
*/
password?: pulumi.Input<string | undefined>;
/**
* Port is the port number of the SQL Server server.
*/
port?: pulumi.Input<number | undefined>;
/**
* Timeout, in seconds, for the connection when making requests against the server before returning back an error.
*/
requestTimeout?: pulumi.Input<number | undefined>;
/**
* Backing secret store identifier
*/
secretStoreId?: pulumi.Input<string | undefined>;
/**
* Backing Secret Store root path where managed secrets are going to be stored
*/
secretStoreRootPath?: pulumi.Input<string | undefined>;
/**
* If true, issues a StartTLS command after establishing an unencrypted connection.
*/
startTls?: pulumi.Input<boolean | undefined>;
/**
* Tags is a map of key, value pairs.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
} | undefined>;
/**
* TLS enables TLS/SSL when connecting to the SQL Server server.
*/
tls?: pulumi.Input<boolean | undefined>;
/**
* TLS disable certificate verification
*/
tlsSkipVerify?: pulumi.Input<boolean | undefined>;
/**
* a filter to select all items of a certain subtype. See the [filter documentation](https://docs.strongdm.com/references/cli/filters/) for more information.
*/
type?: pulumi.Input<string | undefined>;
/**
* The domain (userPrincipalDomain) used to construct a UPN string for authentication.
*/
upndomain?: pulumi.Input<string | undefined>;
/**
* The LDAP server to connect to.
*/
url?: pulumi.Input<string | undefined>;
/**
* Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
*/
userdn?: pulumi.Input<string | undefined>;
/**
* Username is the username to connect to the SQL Server.
*/
username?: pulumi.Input<string | undefined>;
}
//# sourceMappingURL=getSecretEngine.d.ts.map