GroupMemberEntityIds

Manages member entities for an Identity Group for Vault. The Identity secrets engine is the identity management solution for Vault.

Example Usage

Exclusive Member Entities

using Pulumi;
using Vault = Pulumi.Vault;

class MyStack : Stack
{
    public MyStack()
    {
        var @internal = new Vault.Identity.Group("internal", new Vault.Identity.GroupArgs
        {
            Type = "internal",
            ExternalMemberEntityIds = true,
            Metadata = 
            {
                { "version", "2" },
            },
        });
        var user = new Vault.Identity.Entity("user", new Vault.Identity.EntityArgs
        {
        });
        var members = new Vault.Identity.GroupMemberEntityIds("members", new Vault.Identity.GroupMemberEntityIdsArgs
        {
            Exclusive = true,
            MemberEntityIds = 
            {
                user.Id,
            },
            GroupId = @internal.Id,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:                    pulumi.String("internal"),
			ExternalMemberEntityIds: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		user, err := identity.NewEntity(ctx, "user", nil)
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberEntityIds(ctx, "members", &identity.GroupMemberEntityIdsArgs{
			Exclusive: pulumi.Bool(true),
			MemberEntityIds: pulumi.StringArray{
				user.ID(),
			},
			GroupId: internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_vault as vault

internal = vault.identity.Group("internal",
    type="internal",
    external_member_entity_ids=True,
    metadata={
        "version": "2",
    })
user = vault.identity.Entity("user")
members = vault.identity.GroupMemberEntityIds("members",
    exclusive=True,
    member_entity_ids=[user.id],
    group_id=internal.id)
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const internal = new vault.identity.Group("internal", {
    type: "internal",
    externalMemberEntityIds: true,
    metadata: {
        version: "2",
    },
});
const user = new vault.identity.Entity("user", {});
const members = new vault.identity.GroupMemberEntityIds("members", {
    exclusive: true,
    memberEntityIds: [user.id],
    groupId: internal.id,
});

Non-exclusive Member Entities

using Pulumi;
using Vault = Pulumi.Vault;

class MyStack : Stack
{
    public MyStack()
    {
        var @internal = new Vault.Identity.Group("internal", new Vault.Identity.GroupArgs
        {
            Type = "internal",
            ExternalMemberEntityIds = true,
            Metadata = 
            {
                { "version", "2" },
            },
        });
        var testUser = new Vault.Identity.Entity("testUser", new Vault.Identity.EntityArgs
        {
        });
        var secondTestUser = new Vault.Identity.Entity("secondTestUser", new Vault.Identity.EntityArgs
        {
        });
        var devUser = new Vault.Identity.Entity("devUser", new Vault.Identity.EntityArgs
        {
        });
        var test = new Vault.Identity.GroupMemberEntityIds("test", new Vault.Identity.GroupMemberEntityIdsArgs
        {
            MemberEntityIds = 
            {
                testUser.Id,
                secondTestUser.Id,
            },
            Exclusive = false,
            GroupId = @internal.Id,
        });
        var others = new Vault.Identity.GroupMemberEntityIds("others", new Vault.Identity.GroupMemberEntityIdsArgs
        {
            MemberEntityIds = 
            {
                devUser.Id,
            },
            Exclusive = false,
            GroupId = @internal.Id,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-vault/sdk/v4/go/vault/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{
			Type:                    pulumi.String("internal"),
			ExternalMemberEntityIds: pulumi.Bool(true),
			Metadata: pulumi.StringMap{
				"version": pulumi.String("2"),
			},
		})
		if err != nil {
			return err
		}
		testUser, err := identity.NewEntity(ctx, "testUser", nil)
		if err != nil {
			return err
		}
		secondTestUser, err := identity.NewEntity(ctx, "secondTestUser", nil)
		if err != nil {
			return err
		}
		devUser, err := identity.NewEntity(ctx, "devUser", nil)
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberEntityIds(ctx, "test", &identity.GroupMemberEntityIdsArgs{
			MemberEntityIds: pulumi.StringArray{
				testUser.ID(),
				secondTestUser.ID(),
			},
			Exclusive: pulumi.Bool(false),
			GroupId:   internal.ID(),
		})
		if err != nil {
			return err
		}
		_, err = identity.NewGroupMemberEntityIds(ctx, "others", &identity.GroupMemberEntityIdsArgs{
			MemberEntityIds: pulumi.StringArray{
				devUser.ID(),
			},
			Exclusive: pulumi.Bool(false),
			GroupId:   internal.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_vault as vault

internal = vault.identity.Group("internal",
    type="internal",
    external_member_entity_ids=True,
    metadata={
        "version": "2",
    })
test_user = vault.identity.Entity("testUser")
second_test_user = vault.identity.Entity("secondTestUser")
dev_user = vault.identity.Entity("devUser")
test = vault.identity.GroupMemberEntityIds("test",
    member_entity_ids=[
        test_user.id,
        second_test_user.id,
    ],
    exclusive=False,
    group_id=internal.id)
others = vault.identity.GroupMemberEntityIds("others",
    member_entity_ids=[dev_user.id],
    exclusive=False,
    group_id=internal.id)
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const internal = new vault.identity.Group("internal", {
    type: "internal",
    externalMemberEntityIds: true,
    metadata: {
        version: "2",
    },
});
const testUser = new vault.identity.Entity("testUser", {});
const secondTestUser = new vault.identity.Entity("secondTestUser", {});
const devUser = new vault.identity.Entity("devUser", {});
const test = new vault.identity.GroupMemberEntityIds("test", {
    memberEntityIds: [
        testUser.id,
        secondTestUser.id,
    ],
    exclusive: false,
    groupId: internal.id,
});
const others = new vault.identity.GroupMemberEntityIds("others", {
    memberEntityIds: [devUser.id],
    exclusive: false,
    groupId: internal.id,
});

Create a GroupMemberEntityIds Resource

new GroupMemberEntityIds(name: string, args: GroupMemberEntityIdsArgs, opts?: CustomResourceOptions);
@overload
def GroupMemberEntityIds(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         exclusive: Optional[bool] = None,
                         group_id: Optional[str] = None,
                         member_entity_ids: Optional[Sequence[str]] = None)
@overload
def GroupMemberEntityIds(resource_name: str,
                         args: GroupMemberEntityIdsArgs,
                         opts: Optional[ResourceOptions] = None)
func NewGroupMemberEntityIds(ctx *Context, name string, args GroupMemberEntityIdsArgs, opts ...ResourceOption) (*GroupMemberEntityIds, error)
public GroupMemberEntityIds(string name, GroupMemberEntityIdsArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args GroupMemberEntityIdsArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args GroupMemberEntityIdsArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args GroupMemberEntityIdsArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args GroupMemberEntityIdsArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

GroupMemberEntityIds Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The GroupMemberEntityIds resource accepts the following input properties:

GroupId string
Group ID to assign member entities to.
Exclusive bool
Defaults to true.
MemberEntityIds List<string>
List of member entities that belong to the group
GroupId string
Group ID to assign member entities to.
Exclusive bool
Defaults to true.
MemberEntityIds []string
List of member entities that belong to the group
groupId string
Group ID to assign member entities to.
exclusive boolean
Defaults to true.
memberEntityIds string[]
List of member entities that belong to the group
group_id str
Group ID to assign member entities to.
exclusive bool
Defaults to true.
member_entity_ids Sequence[str]
List of member entities that belong to the group

Outputs

All input properties are implicitly available as output properties. Additionally, the GroupMemberEntityIds resource produces the following output properties:

GroupName string
The name of the group that are assigned the member entities.
Id string
The provider-assigned unique ID for this managed resource.
GroupName string
The name of the group that are assigned the member entities.
Id string
The provider-assigned unique ID for this managed resource.
groupName string
The name of the group that are assigned the member entities.
id string
The provider-assigned unique ID for this managed resource.
group_name str
The name of the group that are assigned the member entities.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing GroupMemberEntityIds Resource

Get an existing GroupMemberEntityIds resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: GroupMemberEntityIdsState, opts?: CustomResourceOptions): GroupMemberEntityIds
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        exclusive: Optional[bool] = None,
        group_id: Optional[str] = None,
        group_name: Optional[str] = None,
        member_entity_ids: Optional[Sequence[str]] = None) -> GroupMemberEntityIds
func GetGroupMemberEntityIds(ctx *Context, name string, id IDInput, state *GroupMemberEntityIdsState, opts ...ResourceOption) (*GroupMemberEntityIds, error)
public static GroupMemberEntityIds Get(string name, Input<string> id, GroupMemberEntityIdsState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Exclusive bool
Defaults to true.
GroupId string
Group ID to assign member entities to.
GroupName string
The name of the group that are assigned the member entities.
MemberEntityIds List<string>
List of member entities that belong to the group
Exclusive bool
Defaults to true.
GroupId string
Group ID to assign member entities to.
GroupName string
The name of the group that are assigned the member entities.
MemberEntityIds []string
List of member entities that belong to the group
exclusive boolean
Defaults to true.
groupId string
Group ID to assign member entities to.
groupName string
The name of the group that are assigned the member entities.
memberEntityIds string[]
List of member entities that belong to the group
exclusive bool
Defaults to true.
group_id str
Group ID to assign member entities to.
group_name str
The name of the group that are assigned the member entities.
member_entity_ids Sequence[str]
List of member entities that belong to the group

Package Details

Repository
https://github.com/pulumi/pulumi-vault
License
Apache-2.0
Notes
This Pulumi package is based on the vault Terraform Provider.