@pulumi/vault/ldap/secretBackendStaticRole.d.ts

A Pulumi package for creating and managing HashiCorp Vault cloud resources.

import * as pulumi from "@pulumi/pulumi";
/**
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as vault from "@pulumi/vault";
 *
 * const config = new vault.ldap.SecretBackend("config", {
 *     path: "my-custom-ldap",
 *     binddn: "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
 *     bindpass: "SuperSecretPassw0rd",
 *     url: "ldaps://localhost",
 *     insecureTls: true,
 *     userdn: "CN=Users,DC=corp,DC=example,DC=net",
 * });
 * const role = new vault.ldap.SecretBackendStaticRole("role", {
 *     mount: config.path,
 *     username: "alice",
 *     dn: "cn=alice,ou=Users,DC=corp,DC=example,DC=net",
 *     roleName: "alice",
 *     rotationPeriod: 60,
 * });
 * ```
 *
 * ## Import
 *
 * LDAP secret backend static role can be imported using the full path to the role
 * of the form: `<mount_path>/static-role/<role_name>` e.g.
 *
 * ```sh
 * $ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role
 * ```
 */
export declare class SecretBackendStaticRole extends pulumi.CustomResource {
    /**
     * Get an existing SecretBackendStaticRole resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecretBackendStaticRoleState, opts?: pulumi.CustomResourceOptions): SecretBackendStaticRole;
    /**
     * Returns true if the given object is an instance of SecretBackendStaticRole.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is SecretBackendStaticRole;
    /**
     * Distinguished name (DN) of the existing LDAP entry to manage
     * password rotation for. If given, it will take precedence over `username` for the LDAP
     * search performed during password rotation. Cannot be modified after creation.
     */
    readonly dn: pulumi.Output<string | undefined>;
    /**
     * The unique path this backend should be mounted at. Must
     * not begin or end with a `/`. Defaults to `ldap`.
     */
    readonly mount: pulumi.Output<string | undefined>;
    /**
     * The namespace to provision the resource in.
     * The value should not contain leading or trailing forward slashes.
     * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
     * *Available only for Vault Enterprise*.
     */
    readonly namespace: pulumi.Output<string | undefined>;
    /**
     * Name of the role.
     */
    readonly roleName: pulumi.Output<string>;
    /**
     * How often Vault should rotate the password of the user entry.
     */
    readonly rotationPeriod: pulumi.Output<number>;
    /**
     * Causes vault to skip the initial secret rotation on import. Not applicable to updates.
     * Requires Vault 1.16 or above.
     */
    readonly skipImportRotation: pulumi.Output<boolean | undefined>;
    /**
     * The username of the existing LDAP entry to manage password rotation for.
     */
    readonly username: pulumi.Output<string>;
    /**
     * Create a SecretBackendStaticRole resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: SecretBackendStaticRoleArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering SecretBackendStaticRole resources.
 */
export interface SecretBackendStaticRoleState {
    /**
     * Distinguished name (DN) of the existing LDAP entry to manage
     * password rotation for. If given, it will take precedence over `username` for the LDAP
     * search performed during password rotation. Cannot be modified after creation.
     */
    dn?: pulumi.Input<string>;
    /**
     * The unique path this backend should be mounted at. Must
     * not begin or end with a `/`. Defaults to `ldap`.
     */
    mount?: pulumi.Input<string>;
    /**
     * The namespace to provision the resource in.
     * The value should not contain leading or trailing forward slashes.
     * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
     * *Available only for Vault Enterprise*.
     */
    namespace?: pulumi.Input<string>;
    /**
     * Name of the role.
     */
    roleName?: pulumi.Input<string>;
    /**
     * How often Vault should rotate the password of the user entry.
     */
    rotationPeriod?: pulumi.Input<number>;
    /**
     * Causes vault to skip the initial secret rotation on import. Not applicable to updates.
     * Requires Vault 1.16 or above.
     */
    skipImportRotation?: pulumi.Input<boolean>;
    /**
     * The username of the existing LDAP entry to manage password rotation for.
     */
    username?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a SecretBackendStaticRole resource.
 */
export interface SecretBackendStaticRoleArgs {
    /**
     * Distinguished name (DN) of the existing LDAP entry to manage
     * password rotation for. If given, it will take precedence over `username` for the LDAP
     * search performed during password rotation. Cannot be modified after creation.
     */
    dn?: pulumi.Input<string>;
    /**
     * The unique path this backend should be mounted at. Must
     * not begin or end with a `/`. Defaults to `ldap`.
     */
    mount?: pulumi.Input<string>;
    /**
     * The namespace to provision the resource in.
     * The value should not contain leading or trailing forward slashes.
     * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
     * *Available only for Vault Enterprise*.
     */
    namespace?: pulumi.Input<string>;
    /**
     * Name of the role.
     */
    roleName: pulumi.Input<string>;
    /**
     * How often Vault should rotate the password of the user entry.
     */
    rotationPeriod: pulumi.Input<number>;
    /**
     * Causes vault to skip the initial secret rotation on import. Not applicable to updates.
     * Requires Vault 1.16 or above.
     */
    skipImportRotation?: pulumi.Input<boolean>;
    /**
     * The username of the existing LDAP entry to manage password rotation for.
     */
    username: pulumi.Input<string>;
}