@pulumi/vault
Version:
A Pulumi package for creating and managing HashiCorp Vault cloud resources.
193 lines • 9.44 kB
JavaScript
;
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecretsMount = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
*
* const db = new vault.database.SecretsMount("db", {
* path: "db",
* mssqls: [{
* name: "db1",
* username: "sa",
* password: "super_secret_1",
* connectionUrl: "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
* allowedRoles: ["dev1"],
* rotationSchedule: "0 * * * SAT",
* rotationWindow: 3600,
* }],
* postgresqls: [{
* name: "db2",
* username: "postgres",
* password: "super_secret_2",
* connectionUrl: "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
* verifyConnection: true,
* allowedRoles: ["dev2"],
* rotationSchedule: "0 * * * SAT",
* rotationWindow: 3600,
* }],
* });
* const dev1 = new vault.database.SecretBackendRole("dev1", {
* name: "dev1",
* backend: db.path,
* dbName: db.mssqls.apply(mssqls => mssqls?.[0]?.name),
* creationStatements: [
* "CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
* "CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
* "GRANT SELECT ON SCHEMA::dbo TO [{{name}}];",
* ],
* });
* const dev2 = new vault.database.SecretBackendRole("dev2", {
* name: "dev2",
* backend: db.path,
* dbName: db.postgresqls.apply(postgresqls => postgresqls?.[0]?.name),
* creationStatements: [
* "CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
* "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";",
* ],
* });
* ```
*
* ## Ephemeral Attributes Reference
*
* The following write-only attributes are supported for all DBs that support username/password:
*
* * `passwordWo` - (Optional) The password for the user. Can be updated.
* **Note**: This property is write-only and will not be read from the API.
*
* ## Import
*
* Database secret backend connections can be imported using the `path` e.g.
*
* ```sh
* $ pulumi import vault:database/secretsMount:SecretsMount db db
* ```
*/
class SecretsMount extends pulumi.CustomResource {
/**
* Get an existing SecretsMount resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new SecretsMount(name, state, { ...opts, id: id });
}
/**
* Returns true if the given object is an instance of SecretsMount. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === SecretsMount.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["accessor"] = state?.accessor;
resourceInputs["allowedManagedKeys"] = state?.allowedManagedKeys;
resourceInputs["allowedResponseHeaders"] = state?.allowedResponseHeaders;
resourceInputs["auditNonHmacRequestKeys"] = state?.auditNonHmacRequestKeys;
resourceInputs["auditNonHmacResponseKeys"] = state?.auditNonHmacResponseKeys;
resourceInputs["cassandras"] = state?.cassandras;
resourceInputs["couchbases"] = state?.couchbases;
resourceInputs["defaultLeaseTtlSeconds"] = state?.defaultLeaseTtlSeconds;
resourceInputs["delegatedAuthAccessors"] = state?.delegatedAuthAccessors;
resourceInputs["description"] = state?.description;
resourceInputs["elasticsearches"] = state?.elasticsearches;
resourceInputs["engineCount"] = state?.engineCount;
resourceInputs["externalEntropyAccess"] = state?.externalEntropyAccess;
resourceInputs["forceNoCache"] = state?.forceNoCache;
resourceInputs["hanas"] = state?.hanas;
resourceInputs["identityTokenKey"] = state?.identityTokenKey;
resourceInputs["influxdbs"] = state?.influxdbs;
resourceInputs["listingVisibility"] = state?.listingVisibility;
resourceInputs["local"] = state?.local;
resourceInputs["maxLeaseTtlSeconds"] = state?.maxLeaseTtlSeconds;
resourceInputs["mongodbatlas"] = state?.mongodbatlas;
resourceInputs["mongodbs"] = state?.mongodbs;
resourceInputs["mssqls"] = state?.mssqls;
resourceInputs["mysqlAuroras"] = state?.mysqlAuroras;
resourceInputs["mysqlLegacies"] = state?.mysqlLegacies;
resourceInputs["mysqlRds"] = state?.mysqlRds;
resourceInputs["mysqls"] = state?.mysqls;
resourceInputs["namespace"] = state?.namespace;
resourceInputs["options"] = state?.options;
resourceInputs["oracles"] = state?.oracles;
resourceInputs["passthroughRequestHeaders"] = state?.passthroughRequestHeaders;
resourceInputs["path"] = state?.path;
resourceInputs["pluginVersion"] = state?.pluginVersion;
resourceInputs["postgresqls"] = state?.postgresqls;
resourceInputs["redis"] = state?.redis;
resourceInputs["redisElasticaches"] = state?.redisElasticaches;
resourceInputs["redshifts"] = state?.redshifts;
resourceInputs["sealWrap"] = state?.sealWrap;
resourceInputs["snowflakes"] = state?.snowflakes;
}
else {
const args = argsOrState;
if (args?.path === undefined && !opts.urn) {
throw new Error("Missing required property 'path'");
}
resourceInputs["allowedManagedKeys"] = args?.allowedManagedKeys;
resourceInputs["allowedResponseHeaders"] = args?.allowedResponseHeaders;
resourceInputs["auditNonHmacRequestKeys"] = args?.auditNonHmacRequestKeys;
resourceInputs["auditNonHmacResponseKeys"] = args?.auditNonHmacResponseKeys;
resourceInputs["cassandras"] = args?.cassandras;
resourceInputs["couchbases"] = args?.couchbases;
resourceInputs["defaultLeaseTtlSeconds"] = args?.defaultLeaseTtlSeconds;
resourceInputs["delegatedAuthAccessors"] = args?.delegatedAuthAccessors;
resourceInputs["description"] = args?.description;
resourceInputs["elasticsearches"] = args?.elasticsearches;
resourceInputs["externalEntropyAccess"] = args?.externalEntropyAccess;
resourceInputs["forceNoCache"] = args?.forceNoCache;
resourceInputs["hanas"] = args?.hanas;
resourceInputs["identityTokenKey"] = args?.identityTokenKey;
resourceInputs["influxdbs"] = args?.influxdbs;
resourceInputs["listingVisibility"] = args?.listingVisibility;
resourceInputs["local"] = args?.local;
resourceInputs["maxLeaseTtlSeconds"] = args?.maxLeaseTtlSeconds;
resourceInputs["mongodbatlas"] = args?.mongodbatlas;
resourceInputs["mongodbs"] = args?.mongodbs;
resourceInputs["mssqls"] = args?.mssqls;
resourceInputs["mysqlAuroras"] = args?.mysqlAuroras;
resourceInputs["mysqlLegacies"] = args?.mysqlLegacies;
resourceInputs["mysqlRds"] = args?.mysqlRds;
resourceInputs["mysqls"] = args?.mysqls;
resourceInputs["namespace"] = args?.namespace;
resourceInputs["options"] = args?.options;
resourceInputs["oracles"] = args?.oracles;
resourceInputs["passthroughRequestHeaders"] = args?.passthroughRequestHeaders;
resourceInputs["path"] = args?.path;
resourceInputs["pluginVersion"] = args?.pluginVersion;
resourceInputs["postgresqls"] = args?.postgresqls;
resourceInputs["redis"] = args?.redis;
resourceInputs["redisElasticaches"] = args?.redisElasticaches;
resourceInputs["redshifts"] = args?.redshifts;
resourceInputs["sealWrap"] = args?.sealWrap;
resourceInputs["snowflakes"] = args?.snowflakes;
resourceInputs["accessor"] = undefined /*out*/;
resourceInputs["engineCount"] = undefined /*out*/;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(SecretsMount.__pulumiType, name, resourceInputs, opts);
}
}
exports.SecretsMount = SecretsMount;
/** @internal */
SecretsMount.__pulumiType = 'vault:database/secretsMount:SecretsMount';
//# sourceMappingURL=secretsMount.js.map