@pulumi/vault/gcp/secretStaticAccount.js

A Pulumi package for creating and managing HashiCorp Vault cloud resources.

"use strict";
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecretStaticAccount = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
 * Creates a Static Account in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault.
 *
 * Each [static account](https://www.vaultproject.io/docs/secrets/gcp/index.html#static-accounts) is tied to a separately managed
 * Service Account, and can have one or more [bindings](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings) associated with it.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as google from "@pulumi/google";
 * import * as std from "@pulumi/std";
 * import * as vault from "@pulumi/vault";
 *
 * const _this = new google.index.ServiceAccount("this", {accountId: "my-awesome-account"});
 * const gcp = new vault.gcp.SecretBackend("gcp", {
 *     path: "gcp",
 *     credentials: std.file({
 *         input: "credentials.json",
 *     }).then(invoke => invoke.result),
 * });
 * const staticAccount = new vault.gcp.SecretStaticAccount("static_account", {
 *     backend: gcp.path,
 *     staticAccount: "project_viewer",
 *     secretType: "access_token",
 *     tokenScopes: ["https://www.googleapis.com/auth/cloud-platform"],
 *     serviceAccountEmail: _this.email,
 *     bindings: [{
 *         resource: `//cloudresourcemanager.googleapis.com/projects/${_this.project}`,
 *         roles: ["roles/viewer"],
 *     }],
 * });
 * ```
 *
 * ## Import
 *
 * A static account can be imported using its Vault Path. For example, referencing the example above,
 *
 * ```sh
 * $ pulumi import vault:gcp/secretStaticAccount:SecretStaticAccount static_account gcp/static-account/project_viewer
 * ```
 */
class SecretStaticAccount extends pulumi.CustomResource {
    /**
     * Get an existing SecretStaticAccount resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new SecretStaticAccount(name, state, { ...opts, id: id });
    }
    /**
     * Returns true if the given object is an instance of SecretStaticAccount.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === SecretStaticAccount.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["backend"] = state?.backend;
            resourceInputs["bindings"] = state?.bindings;
            resourceInputs["namespace"] = state?.namespace;
            resourceInputs["secretType"] = state?.secretType;
            resourceInputs["serviceAccountEmail"] = state?.serviceAccountEmail;
            resourceInputs["serviceAccountProject"] = state?.serviceAccountProject;
            resourceInputs["staticAccount"] = state?.staticAccount;
            resourceInputs["tokenScopes"] = state?.tokenScopes;
        }
        else {
            const args = argsOrState;
            if (args?.backend === undefined && !opts.urn) {
                throw new Error("Missing required property 'backend'");
            }
            if (args?.serviceAccountEmail === undefined && !opts.urn) {
                throw new Error("Missing required property 'serviceAccountEmail'");
            }
            if (args?.staticAccount === undefined && !opts.urn) {
                throw new Error("Missing required property 'staticAccount'");
            }
            resourceInputs["backend"] = args?.backend;
            resourceInputs["bindings"] = args?.bindings;
            resourceInputs["namespace"] = args?.namespace;
            resourceInputs["secretType"] = args?.secretType;
            resourceInputs["serviceAccountEmail"] = args?.serviceAccountEmail;
            resourceInputs["staticAccount"] = args?.staticAccount;
            resourceInputs["tokenScopes"] = args?.tokenScopes;
            resourceInputs["serviceAccountProject"] = undefined /*out*/;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        super(SecretStaticAccount.__pulumiType, name, resourceInputs, opts);
    }
}
exports.SecretStaticAccount = SecretStaticAccount;
/** @internal */
SecretStaticAccount.__pulumiType = 'vault:gcp/secretStaticAccount:SecretStaticAccount';
//# sourceMappingURL=secretStaticAccount.js.map