SecretBackend

Import

AWS secret backends can be imported using the path, e.g.

 $ pulumi import vault:aws/secretBackend:SecretBackend aws aws

Create a SecretBackend Resource

new SecretBackend(name: string, args?: SecretBackendArgs, opts?: CustomResourceOptions);
@overload
def SecretBackend(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  access_key: Optional[str] = None,
                  default_lease_ttl_seconds: Optional[int] = None,
                  description: Optional[str] = None,
                  iam_endpoint: Optional[str] = None,
                  max_lease_ttl_seconds: Optional[int] = None,
                  path: Optional[str] = None,
                  region: Optional[str] = None,
                  secret_key: Optional[str] = None,
                  sts_endpoint: Optional[str] = None)
@overload
def SecretBackend(resource_name: str,
                  args: Optional[SecretBackendArgs] = None,
                  opts: Optional[ResourceOptions] = None)
func NewSecretBackend(ctx *Context, name string, args *SecretBackendArgs, opts ...ResourceOption) (*SecretBackend, error)
public SecretBackend(string name, SecretBackendArgs? args = null, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args SecretBackendArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args SecretBackendArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args SecretBackendArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args SecretBackendArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

SecretBackend Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The SecretBackend resource accepts the following input properties:

AccessKey string
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
DefaultLeaseTtlSeconds int
The default TTL for credentials issued by this backend.
Description string
A human-friendly description for this backend.
IamEndpoint string
Specifies a custom HTTP IAM endpoint to use.
MaxLeaseTtlSeconds int
The maximum TTL that can be requested for credentials issued by this backend.
Path string
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
Region string
The AWS region for API calls. Defaults to us-east-1.
SecretKey string
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
StsEndpoint string
Specifies a custom HTTP STS endpoint to use.
AccessKey string
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
DefaultLeaseTtlSeconds int
The default TTL for credentials issued by this backend.
Description string
A human-friendly description for this backend.
IamEndpoint string
Specifies a custom HTTP IAM endpoint to use.
MaxLeaseTtlSeconds int
The maximum TTL that can be requested for credentials issued by this backend.
Path string
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
Region string
The AWS region for API calls. Defaults to us-east-1.
SecretKey string
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
StsEndpoint string
Specifies a custom HTTP STS endpoint to use.
accessKey string
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
defaultLeaseTtlSeconds number
The default TTL for credentials issued by this backend.
description string
A human-friendly description for this backend.
iamEndpoint string
Specifies a custom HTTP IAM endpoint to use.
maxLeaseTtlSeconds number
The maximum TTL that can be requested for credentials issued by this backend.
path string
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
region string
The AWS region for API calls. Defaults to us-east-1.
secretKey string
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
stsEndpoint string
Specifies a custom HTTP STS endpoint to use.
access_key str
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
default_lease_ttl_seconds int
The default TTL for credentials issued by this backend.
description str
A human-friendly description for this backend.
iam_endpoint str
Specifies a custom HTTP IAM endpoint to use.
max_lease_ttl_seconds int
The maximum TTL that can be requested for credentials issued by this backend.
path str
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
region str
The AWS region for API calls. Defaults to us-east-1.
secret_key str
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
sts_endpoint str
Specifies a custom HTTP STS endpoint to use.

Outputs

All input properties are implicitly available as output properties. Additionally, the SecretBackend resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing SecretBackend Resource

Get an existing SecretBackend resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SecretBackendState, opts?: CustomResourceOptions): SecretBackend
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_key: Optional[str] = None,
        default_lease_ttl_seconds: Optional[int] = None,
        description: Optional[str] = None,
        iam_endpoint: Optional[str] = None,
        max_lease_ttl_seconds: Optional[int] = None,
        path: Optional[str] = None,
        region: Optional[str] = None,
        secret_key: Optional[str] = None,
        sts_endpoint: Optional[str] = None) -> SecretBackend
func GetSecretBackend(ctx *Context, name string, id IDInput, state *SecretBackendState, opts ...ResourceOption) (*SecretBackend, error)
public static SecretBackend Get(string name, Input<string> id, SecretBackendState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessKey string
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
DefaultLeaseTtlSeconds int
The default TTL for credentials issued by this backend.
Description string
A human-friendly description for this backend.
IamEndpoint string
Specifies a custom HTTP IAM endpoint to use.
MaxLeaseTtlSeconds int
The maximum TTL that can be requested for credentials issued by this backend.
Path string
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
Region string
The AWS region for API calls. Defaults to us-east-1.
SecretKey string
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
StsEndpoint string
Specifies a custom HTTP STS endpoint to use.
AccessKey string
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
DefaultLeaseTtlSeconds int
The default TTL for credentials issued by this backend.
Description string
A human-friendly description for this backend.
IamEndpoint string
Specifies a custom HTTP IAM endpoint to use.
MaxLeaseTtlSeconds int
The maximum TTL that can be requested for credentials issued by this backend.
Path string
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
Region string
The AWS region for API calls. Defaults to us-east-1.
SecretKey string
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
StsEndpoint string
Specifies a custom HTTP STS endpoint to use.
accessKey string
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
defaultLeaseTtlSeconds number
The default TTL for credentials issued by this backend.
description string
A human-friendly description for this backend.
iamEndpoint string
Specifies a custom HTTP IAM endpoint to use.
maxLeaseTtlSeconds number
The maximum TTL that can be requested for credentials issued by this backend.
path string
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
region string
The AWS region for API calls. Defaults to us-east-1.
secretKey string
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
stsEndpoint string
Specifies a custom HTTP STS endpoint to use.
access_key str
The AWS Access Key ID this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
default_lease_ttl_seconds int
The default TTL for credentials issued by this backend.
description str
A human-friendly description for this backend.
iam_endpoint str
Specifies a custom HTTP IAM endpoint to use.
max_lease_ttl_seconds int
The maximum TTL that can be requested for credentials issued by this backend.
path str
The unique path this backend should be mounted at. Must not begin or end with a /. Defaults to aws.
region str
The AWS region for API calls. Defaults to us-east-1.
secret_key str
The AWS Secret Key this backend should use to issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
sts_endpoint str
Specifies a custom HTTP STS endpoint to use.

Package Details

Repository
https://github.com/pulumi/pulumi-vault
License
Apache-2.0
Notes
This Pulumi package is based on the vault Terraform Provider.