@pulumi/vault/azure/authBackendRole.js

A Pulumi package for creating and managing HashiCorp Vault cloud resources.

"use strict";
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.AuthBackendRole = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
 * Manages an Azure auth backend role in a Vault server. Roles constrain the
 * instances or principals that can perform the login operation against the
 * backend. See the [Vault
 * documentation](https://www.vaultproject.io/docs/auth/azure.html) for more
 * information.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as vault from "@pulumi/vault";
 *
 * const azure = new vault.AuthBackend("azure", {type: "azure"});
 * const example = new vault.azure.AuthBackendRole("example", {
 *     backend: azure.path,
 *     role: "test-role",
 *     boundSubscriptionIds: ["11111111-2222-3333-4444-555555555555"],
 *     boundResourceGroups: ["123456789012"],
 *     tokenTtl: 60,
 *     tokenMaxTtl: 120,
 *     tokenPolicies: [
 *         "default",
 *         "dev",
 *         "prod",
 *     ],
 * });
 * ```
 *
 * ## Import
 *
 * Azure auth backend roles can be imported using `auth/`, the `backend` path, `/role/`, and the `role` name e.g.
 *
 * ```sh
 * $ pulumi import vault:azure/authBackendRole:AuthBackendRole example auth/azure/role/test-role
 * ```
 */
class AuthBackendRole extends pulumi.CustomResource {
    /**
     * Get an existing AuthBackendRole resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new AuthBackendRole(name, state, { ...opts, id: id });
    }
    /**
     * Returns true if the given object is an instance of AuthBackendRole.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === AuthBackendRole.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["backend"] = state?.backend;
            resourceInputs["boundGroupIds"] = state?.boundGroupIds;
            resourceInputs["boundLocations"] = state?.boundLocations;
            resourceInputs["boundResourceGroups"] = state?.boundResourceGroups;
            resourceInputs["boundScaleSets"] = state?.boundScaleSets;
            resourceInputs["boundServicePrincipalIds"] = state?.boundServicePrincipalIds;
            resourceInputs["boundSubscriptionIds"] = state?.boundSubscriptionIds;
            resourceInputs["namespace"] = state?.namespace;
            resourceInputs["role"] = state?.role;
            resourceInputs["tokenBoundCidrs"] = state?.tokenBoundCidrs;
            resourceInputs["tokenExplicitMaxTtl"] = state?.tokenExplicitMaxTtl;
            resourceInputs["tokenMaxTtl"] = state?.tokenMaxTtl;
            resourceInputs["tokenNoDefaultPolicy"] = state?.tokenNoDefaultPolicy;
            resourceInputs["tokenNumUses"] = state?.tokenNumUses;
            resourceInputs["tokenPeriod"] = state?.tokenPeriod;
            resourceInputs["tokenPolicies"] = state?.tokenPolicies;
            resourceInputs["tokenTtl"] = state?.tokenTtl;
            resourceInputs["tokenType"] = state?.tokenType;
        }
        else {
            const args = argsOrState;
            if (args?.role === undefined && !opts.urn) {
                throw new Error("Missing required property 'role'");
            }
            resourceInputs["backend"] = args?.backend;
            resourceInputs["boundGroupIds"] = args?.boundGroupIds;
            resourceInputs["boundLocations"] = args?.boundLocations;
            resourceInputs["boundResourceGroups"] = args?.boundResourceGroups;
            resourceInputs["boundScaleSets"] = args?.boundScaleSets;
            resourceInputs["boundServicePrincipalIds"] = args?.boundServicePrincipalIds;
            resourceInputs["boundSubscriptionIds"] = args?.boundSubscriptionIds;
            resourceInputs["namespace"] = args?.namespace;
            resourceInputs["role"] = args?.role;
            resourceInputs["tokenBoundCidrs"] = args?.tokenBoundCidrs;
            resourceInputs["tokenExplicitMaxTtl"] = args?.tokenExplicitMaxTtl;
            resourceInputs["tokenMaxTtl"] = args?.tokenMaxTtl;
            resourceInputs["tokenNoDefaultPolicy"] = args?.tokenNoDefaultPolicy;
            resourceInputs["tokenNumUses"] = args?.tokenNumUses;
            resourceInputs["tokenPeriod"] = args?.tokenPeriod;
            resourceInputs["tokenPolicies"] = args?.tokenPolicies;
            resourceInputs["tokenTtl"] = args?.tokenTtl;
            resourceInputs["tokenType"] = args?.tokenType;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        super(AuthBackendRole.__pulumiType, name, resourceInputs, opts);
    }
}
exports.AuthBackendRole = AuthBackendRole;
/** @internal */
AuthBackendRole.__pulumiType = 'vault:azure/authBackendRole:AuthBackendRole';
//# sourceMappingURL=authBackendRole.js.map