@pulumi/vault/gcp/authBackend.js

A Pulumi package for creating and managing HashiCorp Vault cloud resources.

"use strict";
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.AuthBackend = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
 * Provides a resource to configure the [GCP auth backend within Vault](https://www.vaultproject.io/docs/auth/gcp.html).
 *
 * ## Example Usage
 *
 * You can setup the GCP auth backend with Workload Identity Federation (WIF) for a secret-less configuration:
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as vault from "@pulumi/vault";
 *
 * const gcp = new vault.gcp.AuthBackend("gcp", {
 *     identityTokenKey: "example-key",
 *     identityTokenTtl: 1800,
 *     identityTokenAudience: "<TOKEN_AUDIENCE>",
 *     serviceAccountEmail: "<SERVICE_ACCOUNT_EMAIL>",
 *     rotationSchedule: "0 * * * SAT",
 *     rotationWindow: 3600,
 * });
 * ```
 *
 * ## Import
 *
 * GCP authentication backends can be imported using the backend name, e.g.
 *
 * ```sh
 * $ pulumi import vault:gcp/authBackend:AuthBackend gcp gcp
 * ```
 */
class AuthBackend extends pulumi.CustomResource {
    /**
     * Get an existing AuthBackend resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new AuthBackend(name, state, { ...opts, id: id });
    }
    /**
     * Returns true if the given object is an instance of AuthBackend.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === AuthBackend.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["accessor"] = state?.accessor;
            resourceInputs["clientEmail"] = state?.clientEmail;
            resourceInputs["clientId"] = state?.clientId;
            resourceInputs["credentials"] = state?.credentials;
            resourceInputs["customEndpoint"] = state?.customEndpoint;
            resourceInputs["description"] = state?.description;
            resourceInputs["disableAutomatedRotation"] = state?.disableAutomatedRotation;
            resourceInputs["disableRemount"] = state?.disableRemount;
            resourceInputs["identityTokenAudience"] = state?.identityTokenAudience;
            resourceInputs["identityTokenKey"] = state?.identityTokenKey;
            resourceInputs["identityTokenTtl"] = state?.identityTokenTtl;
            resourceInputs["local"] = state?.local;
            resourceInputs["namespace"] = state?.namespace;
            resourceInputs["path"] = state?.path;
            resourceInputs["privateKeyId"] = state?.privateKeyId;
            resourceInputs["projectId"] = state?.projectId;
            resourceInputs["rotationPeriod"] = state?.rotationPeriod;
            resourceInputs["rotationSchedule"] = state?.rotationSchedule;
            resourceInputs["rotationWindow"] = state?.rotationWindow;
            resourceInputs["serviceAccountEmail"] = state?.serviceAccountEmail;
            resourceInputs["tune"] = state?.tune;
        }
        else {
            const args = argsOrState;
            resourceInputs["clientEmail"] = args?.clientEmail;
            resourceInputs["clientId"] = args?.clientId;
            resourceInputs["credentials"] = args?.credentials ? pulumi.secret(args.credentials) : undefined;
            resourceInputs["customEndpoint"] = args?.customEndpoint;
            resourceInputs["description"] = args?.description;
            resourceInputs["disableAutomatedRotation"] = args?.disableAutomatedRotation;
            resourceInputs["disableRemount"] = args?.disableRemount;
            resourceInputs["identityTokenAudience"] = args?.identityTokenAudience;
            resourceInputs["identityTokenKey"] = args?.identityTokenKey;
            resourceInputs["identityTokenTtl"] = args?.identityTokenTtl;
            resourceInputs["local"] = args?.local;
            resourceInputs["namespace"] = args?.namespace;
            resourceInputs["path"] = args?.path;
            resourceInputs["privateKeyId"] = args?.privateKeyId;
            resourceInputs["projectId"] = args?.projectId;
            resourceInputs["rotationPeriod"] = args?.rotationPeriod;
            resourceInputs["rotationSchedule"] = args?.rotationSchedule;
            resourceInputs["rotationWindow"] = args?.rotationWindow;
            resourceInputs["serviceAccountEmail"] = args?.serviceAccountEmail;
            resourceInputs["tune"] = args?.tune;
            resourceInputs["accessor"] = undefined /*out*/;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        const secretOpts = { additionalSecretOutputs: ["credentials"] };
        opts = pulumi.mergeOptions(opts, secretOpts);
        super(AuthBackend.__pulumiType, name, resourceInputs, opts);
    }
}
exports.AuthBackend = AuthBackend;
/** @internal */
AuthBackend.__pulumiType = 'vault:gcp/authBackend:AuthBackend';
//# sourceMappingURL=authBackend.js.map