UNPKG

@pulumi/consul

Version:

A Pulumi package for creating and managing consul resources.

pulumi.io

pulumi/pulumi-consul

125 lines (124 loc) 4.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
import * as pulumi from "@pulumi/pulumi"; /** * > **NOTE:** This feature requires Consul Enterprise. * * The `consul.NamespaceRoleAttachment` resource links a Consul Namespace and an ACL * role. The link is implemented through an update to the Consul Namespace. * * > **NOTE:** This resource is only useful to attach roles to a namespace * that has been created outside the current Terraform configuration, like the * `default` namespace. If the namespace you need to attach a role to has * been created in the current Terraform configuration and will only be used in it, * you should use the `roleDefaults` attribute of [`consul.Namespace`](https://www.terraform.io/docs/providers/consul/r/namespace.html). * * ## Example Usage * * ### Attach a role to the default namespace * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const agent = new consul.AclRole("agent", {name: "agent"}); * const attachment = new consul.NamespaceRoleAttachment("attachment", { * namespace: "default", * role: agent.name, * }); * ``` * * ### Attach a role to a namespace created in another Terraform configuration * * ### In `first_configuration/main.tf` * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const qa = new consul.Namespace("qa", {name: "qa"}); * ``` * * ### In `second_configuration/main.tf` * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const agent = new consul.AclRole("agent", {name: "agent"}); * const attachment = new consul.NamespaceRoleAttachment("attachment", { * namespace: "qa", * role: agent.name, * }); * ``` * **NOTE**: consulAclNamespace would attempt to enforce an empty set of default * roles, because its `roleDefaults` attribute is empty. For this reason it * is necessary to add the lifecycle clause to prevent Terraform from attempting to * empty the set of policies associated to the namespace. * * ## Import * * `consul.NamespaceRoleAttachment` can be imported. This is especially useful * to manage the policies attached to the `default` namespace: * * ```sh * $ pulumi import consul:index/namespaceRoleAttachment:NamespaceRoleAttachment default default:role_name * ``` */ export declare class NamespaceRoleAttachment extends pulumi.CustomResource { /** * Get an existing NamespaceRoleAttachment resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NamespaceRoleAttachmentState, opts?: pulumi.CustomResourceOptions): NamespaceRoleAttachment; /** * Returns true if the given object is an instance of NamespaceRoleAttachment. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is NamespaceRoleAttachment; /** * The namespace to attach the role to. */ readonly namespace: pulumi.Output<string>; /** * The name of the role attached to the namespace. */ readonly role: pulumi.Output<string>; /** * Create a NamespaceRoleAttachment resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: NamespaceRoleAttachmentArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering NamespaceRoleAttachment resources. */ export interface NamespaceRoleAttachmentState { /** * The namespace to attach the role to. */ namespace?: pulumi.Input<string>; /** * The name of the role attached to the namespace. */ role?: pulumi.Input<string>; } /** * The set of arguments for constructing a NamespaceRoleAttachment resource. */ export interface NamespaceRoleAttachmentArgs { /** * The namespace to attach the role to. */ namespace: pulumi.Input<string>; /** * The name of the role attached to the namespace. */ role: pulumi.Input<string>; }