UNPKG

@pulumi/consul

Version:

A Pulumi package for creating and managing consul resources.

pulumi.io

pulumi/pulumi-consul

147 lines (146 loc) 5.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
import * as pulumi from "@pulumi/pulumi"; /** * > **Warning:** When using this is resource, the ACL Token secret ID will be * written to the Terraform state. It is strongly recommended to use the `pgpKey` * attribute and to make sure the remote state has strong access controls before * using this resource. * * The `consulAclTokenSecret` data source returns the secret ID associated to * the accessor ID. This can be useful to make systems that cannot use an auth * method to interface with Consul. * * If you want to get other attributes of the Consul ACL token, please use the * [`consul.AclToken` data source](https://www.terraform.io/docs/providers/consul/d/acl_token.html). * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const test = new consul.AclPolicy("test", { * name: "test", * rules: "node \"\" { policy = \"read\" }", * datacenters: ["dc1"], * }); * const testAclToken = new consul.AclToken("test", { * description: "test", * policies: [test.name], * local: true, * }); * const read = consul.getAclTokenSecretIdOutput({ * accessorId: testAclToken.id, * pgpKey: "keybase:my_username", * }); * export const consulAclTokenSecretId = read.apply(read => read.encryptedSecretId); * ``` */ export declare function getAclTokenSecretId(args: GetAclTokenSecretIdArgs, opts?: pulumi.InvokeOptions): Promise<GetAclTokenSecretIdResult>; /** * A collection of arguments for invoking getAclTokenSecretId. */ export interface GetAclTokenSecretIdArgs { /** * The accessor ID of the ACL token. */ accessorId: string; /** * The namespace to lookup the token. */ namespace?: string; /** * The partition to lookup the token. */ partition?: string; /** * Either a base-64 encoded PGP public key, or a keybase * username in the form `keybase:some_person_that_exists`. **If you do not set this * argument, the token secret ID will be written as plain text in the Terraform * state.** */ pgpKey?: string; } /** * A collection of values returned by getAclTokenSecretId. */ export interface GetAclTokenSecretIdResult { readonly accessorId: string; /** * The encrypted secret ID of the ACL token if `pgpKey` * has been set. You can decrypt the secret by using the command line, for example * with: `terraform output encryptedSecret | base64 --decode | keybase pgp decrypt`. */ readonly encryptedSecretId: string; /** * The provider-assigned unique ID for this managed resource. */ readonly id: string; readonly namespace?: string; readonly partition?: string; readonly pgpKey?: string; /** * The secret ID of the ACL token if `pgpKey` has not been set. */ readonly secretId: string; } /** * > **Warning:** When using this is resource, the ACL Token secret ID will be * written to the Terraform state. It is strongly recommended to use the `pgpKey` * attribute and to make sure the remote state has strong access controls before * using this resource. * * The `consulAclTokenSecret` data source returns the secret ID associated to * the accessor ID. This can be useful to make systems that cannot use an auth * method to interface with Consul. * * If you want to get other attributes of the Consul ACL token, please use the * [`consul.AclToken` data source](https://www.terraform.io/docs/providers/consul/d/acl_token.html). * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const test = new consul.AclPolicy("test", { * name: "test", * rules: "node \"\" { policy = \"read\" }", * datacenters: ["dc1"], * }); * const testAclToken = new consul.AclToken("test", { * description: "test", * policies: [test.name], * local: true, * }); * const read = consul.getAclTokenSecretIdOutput({ * accessorId: testAclToken.id, * pgpKey: "keybase:my_username", * }); * export const consulAclTokenSecretId = read.apply(read => read.encryptedSecretId); * ``` */ export declare function getAclTokenSecretIdOutput(args: GetAclTokenSecretIdOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetAclTokenSecretIdResult>; /** * A collection of arguments for invoking getAclTokenSecretId. */ export interface GetAclTokenSecretIdOutputArgs { /** * The accessor ID of the ACL token. */ accessorId: pulumi.Input<string>; /** * The namespace to lookup the token. */ namespace?: pulumi.Input<string>; /** * The partition to lookup the token. */ partition?: pulumi.Input<string>; /** * Either a base-64 encoded PGP public key, or a keybase * username in the form `keybase:some_person_that_exists`. **If you do not set this * argument, the token secret ID will be written as plain text in the Terraform * state.** */ pgpKey?: pulumi.Input<string>; }