@pulumi/vault
Version:
A Pulumi package for creating and managing HashiCorp Vault cloud resources.
240 lines (239 loc) • 8.5 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
*
* const scep = new vault.AuthBackend("scep", {
* path: "scep",
* type: "scep",
* });
* const scepScepAuthBackendRole = new vault.ScepAuthBackendRole("scep", {
* backend: scep.path,
* name: "scep_challenge",
* authType: "static-challenge",
* challenge: "well known secret",
* tokenType: "batch",
* tokenTtl: 300,
* tokenMaxTtl: 600,
* tokenPolicies: ["scep-clients"],
* });
* ```
*/
export declare class ScepAuthBackendRole extends pulumi.CustomResource {
/**
* Get an existing ScepAuthBackendRole resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ScepAuthBackendRoleState, opts?: pulumi.CustomResourceOptions): ScepAuthBackendRole;
/**
* Returns true if the given object is an instance of ScepAuthBackendRole. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is ScepAuthBackendRole;
/**
* The authentication type to use. This can be either "static-challenge" or "intune".
*/
readonly authType: pulumi.Output<string>;
/**
* Path to the mounted SCEP auth backend.
*/
readonly backend: pulumi.Output<string | undefined>;
/**
* The static challenge to use if authType is "static-challenge", not used for other auth types.
*/
readonly challenge: pulumi.Output<string | undefined>;
readonly displayName: pulumi.Output<string>;
/**
* Name of the role.
*/
readonly name: pulumi.Output<string>;
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
readonly namespace: pulumi.Output<string | undefined>;
/**
* Specifies the blocks of IP addresses which are allowed to use the generated token
*/
readonly tokenBoundCidrs: pulumi.Output<string[] | undefined>;
/**
* Generated Token's Explicit Maximum TTL in seconds
*/
readonly tokenExplicitMaxTtl: pulumi.Output<number | undefined>;
/**
* The maximum lifetime of the generated token
*/
readonly tokenMaxTtl: pulumi.Output<number | undefined>;
/**
* If true, the 'default' policy will not automatically be added to generated tokens
*/
readonly tokenNoDefaultPolicy: pulumi.Output<boolean | undefined>;
/**
* The maximum number of times a token may be used, a value of zero means unlimited
*/
readonly tokenNumUses: pulumi.Output<number | undefined>;
/**
* Generated Token's Period
*/
readonly tokenPeriod: pulumi.Output<number | undefined>;
/**
* Generated Token's Policies
*/
readonly tokenPolicies: pulumi.Output<string[] | undefined>;
/**
* The initial ttl of the token to generate in seconds
*/
readonly tokenTtl: pulumi.Output<number | undefined>;
/**
* The type of token to generate, service or batch
*/
readonly tokenType: pulumi.Output<string | undefined>;
/**
* Create a ScepAuthBackendRole resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ScepAuthBackendRoleArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering ScepAuthBackendRole resources.
*/
export interface ScepAuthBackendRoleState {
/**
* The authentication type to use. This can be either "static-challenge" or "intune".
*/
authType?: pulumi.Input<string>;
/**
* Path to the mounted SCEP auth backend.
*/
backend?: pulumi.Input<string>;
/**
* The static challenge to use if authType is "static-challenge", not used for other auth types.
*/
challenge?: pulumi.Input<string>;
displayName?: pulumi.Input<string>;
/**
* Name of the role.
*/
name?: pulumi.Input<string>;
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
namespace?: pulumi.Input<string>;
/**
* Specifies the blocks of IP addresses which are allowed to use the generated token
*/
tokenBoundCidrs?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Generated Token's Explicit Maximum TTL in seconds
*/
tokenExplicitMaxTtl?: pulumi.Input<number>;
/**
* The maximum lifetime of the generated token
*/
tokenMaxTtl?: pulumi.Input<number>;
/**
* If true, the 'default' policy will not automatically be added to generated tokens
*/
tokenNoDefaultPolicy?: pulumi.Input<boolean>;
/**
* The maximum number of times a token may be used, a value of zero means unlimited
*/
tokenNumUses?: pulumi.Input<number>;
/**
* Generated Token's Period
*/
tokenPeriod?: pulumi.Input<number>;
/**
* Generated Token's Policies
*/
tokenPolicies?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The initial ttl of the token to generate in seconds
*/
tokenTtl?: pulumi.Input<number>;
/**
* The type of token to generate, service or batch
*/
tokenType?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a ScepAuthBackendRole resource.
*/
export interface ScepAuthBackendRoleArgs {
/**
* The authentication type to use. This can be either "static-challenge" or "intune".
*/
authType: pulumi.Input<string>;
/**
* Path to the mounted SCEP auth backend.
*/
backend?: pulumi.Input<string>;
/**
* The static challenge to use if authType is "static-challenge", not used for other auth types.
*/
challenge?: pulumi.Input<string>;
displayName?: pulumi.Input<string>;
/**
* Name of the role.
*/
name?: pulumi.Input<string>;
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
namespace?: pulumi.Input<string>;
/**
* Specifies the blocks of IP addresses which are allowed to use the generated token
*/
tokenBoundCidrs?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Generated Token's Explicit Maximum TTL in seconds
*/
tokenExplicitMaxTtl?: pulumi.Input<number>;
/**
* The maximum lifetime of the generated token
*/
tokenMaxTtl?: pulumi.Input<number>;
/**
* If true, the 'default' policy will not automatically be added to generated tokens
*/
tokenNoDefaultPolicy?: pulumi.Input<boolean>;
/**
* The maximum number of times a token may be used, a value of zero means unlimited
*/
tokenNumUses?: pulumi.Input<number>;
/**
* Generated Token's Period
*/
tokenPeriod?: pulumi.Input<number>;
/**
* Generated Token's Policies
*/
tokenPolicies?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The initial ttl of the token to generate in seconds
*/
tokenTtl?: pulumi.Input<number>;
/**
* The type of token to generate, service or batch
*/
tokenType?: pulumi.Input<string>;
}