Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
LDAP dynamic secret resource
Create DynamicSecretLdap Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DynamicSecretLdap(name: string, args?: DynamicSecretLdapArgs, opts?: CustomResourceOptions);@overload
def DynamicSecretLdap(resource_name: str,
args: Optional[DynamicSecretLdapArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def DynamicSecretLdap(resource_name: str,
opts: Optional[ResourceOptions] = None,
bind_dn: Optional[str] = None,
bind_dn_password: Optional[str] = None,
custom_username_template: Optional[str] = None,
delete_protection: Optional[str] = None,
dynamic_secret_ldap_id: Optional[str] = None,
external_username: Optional[str] = None,
fixed_user_claim_keyname: Optional[str] = None,
group_dn: Optional[str] = None,
host_provider: Optional[str] = None,
item_custom_fields: Optional[Mapping[str, str]] = None,
ldap_ca_cert: Optional[str] = None,
ldap_url: Optional[str] = None,
name: Optional[str] = None,
password_length: Optional[str] = None,
producer_encryption_key_name: Optional[str] = None,
provider_type: Optional[str] = None,
secure_access_certificate_issuer: Optional[str] = None,
secure_access_delay: Optional[float] = None,
secure_access_enable: Optional[str] = None,
secure_access_hosts: Optional[Sequence[str]] = None,
secure_access_rd_gateway_server: Optional[str] = None,
secure_access_rdp_domain: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
target_name: Optional[str] = None,
targets: Optional[Sequence[str]] = None,
token_expiration: Optional[str] = None,
user_attribute: Optional[str] = None,
user_dn: Optional[str] = None,
user_ttl: Optional[str] = None)func NewDynamicSecretLdap(ctx *Context, name string, args *DynamicSecretLdapArgs, opts ...ResourceOption) (*DynamicSecretLdap, error)public DynamicSecretLdap(string name, DynamicSecretLdapArgs? args = null, CustomResourceOptions? opts = null)
public DynamicSecretLdap(String name, DynamicSecretLdapArgs args)
public DynamicSecretLdap(String name, DynamicSecretLdapArgs args, CustomResourceOptions options)
type: akeyless:DynamicSecretLdap
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "akeyless_dynamicsecretldap" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args DynamicSecretLdapArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DynamicSecretLdapArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DynamicSecretLdapArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DynamicSecretLdapArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DynamicSecretLdapArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var dynamicSecretLdapResource = new Akeyless.DynamicSecretLdap("dynamicSecretLdapResource", new()
{
BindDn = "string",
BindDnPassword = "string",
CustomUsernameTemplate = "string",
DeleteProtection = "string",
DynamicSecretLdapId = "string",
ExternalUsername = "string",
FixedUserClaimKeyname = "string",
GroupDn = "string",
HostProvider = "string",
ItemCustomFields =
{
{ "string", "string" },
},
LdapCaCert = "string",
LdapUrl = "string",
Name = "string",
PasswordLength = "string",
ProducerEncryptionKeyName = "string",
ProviderType = "string",
SecureAccessCertificateIssuer = "string",
SecureAccessDelay = 0,
SecureAccessEnable = "string",
SecureAccessHosts = new[]
{
"string",
},
SecureAccessRdGatewayServer = "string",
SecureAccessRdpDomain = "string",
Tags = new[]
{
"string",
},
TargetName = "string",
Targets = new[]
{
"string",
},
TokenExpiration = "string",
UserAttribute = "string",
UserDn = "string",
UserTtl = "string",
});
example, err := akeyless.NewDynamicSecretLdap(ctx, "dynamicSecretLdapResource", &akeyless.DynamicSecretLdapArgs{
BindDn: pulumi.String("string"),
BindDnPassword: pulumi.String("string"),
CustomUsernameTemplate: pulumi.String("string"),
DeleteProtection: pulumi.String("string"),
DynamicSecretLdapId: pulumi.String("string"),
ExternalUsername: pulumi.String("string"),
FixedUserClaimKeyname: pulumi.String("string"),
GroupDn: pulumi.String("string"),
HostProvider: pulumi.String("string"),
ItemCustomFields: pulumi.StringMap{
"string": pulumi.String("string"),
},
LdapCaCert: pulumi.String("string"),
LdapUrl: pulumi.String("string"),
Name: pulumi.String("string"),
PasswordLength: pulumi.String("string"),
ProducerEncryptionKeyName: pulumi.String("string"),
ProviderType: pulumi.String("string"),
SecureAccessCertificateIssuer: pulumi.String("string"),
SecureAccessDelay: pulumi.Float64(0),
SecureAccessEnable: pulumi.String("string"),
SecureAccessHosts: pulumi.StringArray{
pulumi.String("string"),
},
SecureAccessRdGatewayServer: pulumi.String("string"),
SecureAccessRdpDomain: pulumi.String("string"),
Tags: pulumi.StringArray{
pulumi.String("string"),
},
TargetName: pulumi.String("string"),
Targets: pulumi.StringArray{
pulumi.String("string"),
},
TokenExpiration: pulumi.String("string"),
UserAttribute: pulumi.String("string"),
UserDn: pulumi.String("string"),
UserTtl: pulumi.String("string"),
})
resource "akeyless_dynamicsecretldap" "dynamicSecretLdapResource" {
bind_dn = "string"
bind_dn_password = "string"
custom_username_template = "string"
delete_protection = "string"
dynamic_secret_ldap_id = "string"
external_username = "string"
fixed_user_claim_keyname = "string"
group_dn = "string"
host_provider = "string"
item_custom_fields = {
"string" = "string"
}
ldap_ca_cert = "string"
ldap_url = "string"
name = "string"
password_length = "string"
producer_encryption_key_name = "string"
provider_type = "string"
secure_access_certificate_issuer = "string"
secure_access_delay = 0
secure_access_enable = "string"
secure_access_hosts = ["string"]
secure_access_rd_gateway_server = "string"
secure_access_rdp_domain = "string"
tags = ["string"]
target_name = "string"
targets = ["string"]
token_expiration = "string"
user_attribute = "string"
user_dn = "string"
user_ttl = "string"
}
var dynamicSecretLdapResource = new DynamicSecretLdap("dynamicSecretLdapResource", DynamicSecretLdapArgs.builder()
.bindDn("string")
.bindDnPassword("string")
.customUsernameTemplate("string")
.deleteProtection("string")
.dynamicSecretLdapId("string")
.externalUsername("string")
.fixedUserClaimKeyname("string")
.groupDn("string")
.hostProvider("string")
.itemCustomFields(Map.of("string", "string"))
.ldapCaCert("string")
.ldapUrl("string")
.name("string")
.passwordLength("string")
.producerEncryptionKeyName("string")
.providerType("string")
.secureAccessCertificateIssuer("string")
.secureAccessDelay(0.0)
.secureAccessEnable("string")
.secureAccessHosts("string")
.secureAccessRdGatewayServer("string")
.secureAccessRdpDomain("string")
.tags("string")
.targetName("string")
.targets("string")
.tokenExpiration("string")
.userAttribute("string")
.userDn("string")
.userTtl("string")
.build());
dynamic_secret_ldap_resource = akeyless.DynamicSecretLdap("dynamicSecretLdapResource",
bind_dn="string",
bind_dn_password="string",
custom_username_template="string",
delete_protection="string",
dynamic_secret_ldap_id="string",
external_username="string",
fixed_user_claim_keyname="string",
group_dn="string",
host_provider="string",
item_custom_fields={
"string": "string",
},
ldap_ca_cert="string",
ldap_url="string",
name="string",
password_length="string",
producer_encryption_key_name="string",
provider_type="string",
secure_access_certificate_issuer="string",
secure_access_delay=float(0),
secure_access_enable="string",
secure_access_hosts=["string"],
secure_access_rd_gateway_server="string",
secure_access_rdp_domain="string",
tags=["string"],
target_name="string",
targets=["string"],
token_expiration="string",
user_attribute="string",
user_dn="string",
user_ttl="string")
const dynamicSecretLdapResource = new akeyless.DynamicSecretLdap("dynamicSecretLdapResource", {
bindDn: "string",
bindDnPassword: "string",
customUsernameTemplate: "string",
deleteProtection: "string",
dynamicSecretLdapId: "string",
externalUsername: "string",
fixedUserClaimKeyname: "string",
groupDn: "string",
hostProvider: "string",
itemCustomFields: {
string: "string",
},
ldapCaCert: "string",
ldapUrl: "string",
name: "string",
passwordLength: "string",
producerEncryptionKeyName: "string",
providerType: "string",
secureAccessCertificateIssuer: "string",
secureAccessDelay: 0,
secureAccessEnable: "string",
secureAccessHosts: ["string"],
secureAccessRdGatewayServer: "string",
secureAccessRdpDomain: "string",
tags: ["string"],
targetName: "string",
targets: ["string"],
tokenExpiration: "string",
userAttribute: "string",
userDn: "string",
userTtl: "string",
});
type: akeyless:DynamicSecretLdap
properties:
bindDn: string
bindDnPassword: string
customUsernameTemplate: string
deleteProtection: string
dynamicSecretLdapId: string
externalUsername: string
fixedUserClaimKeyname: string
groupDn: string
hostProvider: string
itemCustomFields:
string: string
ldapCaCert: string
ldapUrl: string
name: string
passwordLength: string
producerEncryptionKeyName: string
providerType: string
secureAccessCertificateIssuer: string
secureAccessDelay: 0
secureAccessEnable: string
secureAccessHosts:
- string
secureAccessRdGatewayServer: string
secureAccessRdpDomain: string
tags:
- string
targetName: string
targets:
- string
tokenExpiration: string
userAttribute: string
userDn: string
userTtl: string
DynamicSecretLdap Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DynamicSecretLdap resource accepts the following input properties:
- Bind
Dn string - Bind DN
- Bind
Dn stringPassword - Bind DN Password
- Custom
Username stringTemplate - Customize how temporary usernames are generated using go template
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Dynamic
Secret stringLdap Id - The ID of this resource.
- External
Username string - Externally provided username [true/false]
- Fixed
User stringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- Group
Dn string - Group DN which the temporary user should be added
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom Dictionary<string, string>Fields - Additional custom fields to associate with the item
- Ldap
Ca stringCert - CA Certificate File Content
- Ldap
Url string - LDAP Server URL
- Name string
- Dynamic secret name
- Password
Length string - The length of the password to be generated
- Producer
Encryption stringKey Name - Dynamic producer encryption key
- Provider
Type string - Provider type
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access doubleDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access List<string>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRd Gateway Server - RD Gateway server
- Secure
Access stringRdp Domain - Required when the Dynamic Secret is used for a domain user
- List<string>
- Add tags attached to this object
- Target
Name string - Target name
- Targets List<string>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- Token
Expiration string - Token expiration
- User
Attribute string - User Attribute
- User
Dn string - User DN
- User
Ttl string - User TTL
- Bind
Dn string - Bind DN
- Bind
Dn stringPassword - Bind DN Password
- Custom
Username stringTemplate - Customize how temporary usernames are generated using go template
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Dynamic
Secret stringLdap Id - The ID of this resource.
- External
Username string - Externally provided username [true/false]
- Fixed
User stringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- Group
Dn string - Group DN which the temporary user should be added
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom map[string]stringFields - Additional custom fields to associate with the item
- Ldap
Ca stringCert - CA Certificate File Content
- Ldap
Url string - LDAP Server URL
- Name string
- Dynamic secret name
- Password
Length string - The length of the password to be generated
- Producer
Encryption stringKey Name - Dynamic producer encryption key
- Provider
Type string - Provider type
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access float64Delay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access []stringHosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRd Gateway Server - RD Gateway server
- Secure
Access stringRdp Domain - Required when the Dynamic Secret is used for a domain user
- []string
- Add tags attached to this object
- Target
Name string - Target name
- Targets []string
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- Token
Expiration string - Token expiration
- User
Attribute string - User Attribute
- User
Dn string - User DN
- User
Ttl string - User TTL
- bind_
dn string - Bind DN
- bind_
dn_ stringpassword - Bind DN Password
- custom_
username_ stringtemplate - Customize how temporary usernames are generated using go template
- delete_
protection string - Protection from accidental deletion of this object [true/false]
- dynamic_
secret_ stringldap_ id - The ID of this resource.
- external_
username string - Externally provided username [true/false]
- fixed_
user_ stringclaim_ keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group_
dn string - Group DN which the temporary user should be added
- host_
provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item_
custom_ map(string)fields - Additional custom fields to associate with the item
- ldap_
ca_ stringcert - CA Certificate File Content
- ldap_
url string - LDAP Server URL
- name string
- Dynamic secret name
- password_
length string - The length of the password to be generated
- producer_
encryption_ stringkey_ name - Dynamic producer encryption key
- provider_
type string - Provider type
- secure_
access_ stringcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ numberdelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure_
access_ stringenable - Enable/Disable secure remote access [true/false]
- secure_
access_ list(string)hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ stringrd_ gateway_ server - RD Gateway server
- secure_
access_ stringrdp_ domain - Required when the Dynamic Secret is used for a domain user
- list(string)
- Add tags attached to this object
- target_
name string - Target name
- targets list(string)
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token_
expiration string - Token expiration
- user_
attribute string - User Attribute
- user_
dn string - User DN
- user_
ttl string - User TTL
- bind
Dn String - Bind DN
- bind
Dn StringPassword - Bind DN Password
- custom
Username StringTemplate - Customize how temporary usernames are generated using go template
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- dynamic
Secret StringLdap Id - The ID of this resource.
- external
Username String - Externally provided username [true/false]
- fixed
User StringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group
Dn String - Group DN which the temporary user should be added
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String,String>Fields - Additional custom fields to associate with the item
- ldap
Ca StringCert - CA Certificate File Content
- ldap
Url String - LDAP Server URL
- name String
- Dynamic secret name
- password
Length String - The length of the password to be generated
- producer
Encryption StringKey Name - Dynamic producer encryption key
- provider
Type String - Provider type
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access DoubleDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRd Gateway Server - RD Gateway server
- secure
Access StringRdp Domain - Required when the Dynamic Secret is used for a domain user
- List<String>
- Add tags attached to this object
- target
Name String - Target name
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token
Expiration String - Token expiration
- user
Attribute String - User Attribute
- user
Dn String - User DN
- user
Ttl String - User TTL
- bind
Dn string - Bind DN
- bind
Dn stringPassword - Bind DN Password
- custom
Username stringTemplate - Customize how temporary usernames are generated using go template
- delete
Protection string - Protection from accidental deletion of this object [true/false]
- dynamic
Secret stringLdap Id - The ID of this resource.
- external
Username string - Externally provided username [true/false]
- fixed
User stringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group
Dn string - Group DN which the temporary user should be added
- host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom {[key: string]: string}Fields - Additional custom fields to associate with the item
- ldap
Ca stringCert - CA Certificate File Content
- ldap
Url string - LDAP Server URL
- name string
- Dynamic secret name
- password
Length string - The length of the password to be generated
- producer
Encryption stringKey Name - Dynamic producer encryption key
- provider
Type string - Provider type
- secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access numberDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- secure
Access string[]Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access stringRd Gateway Server - RD Gateway server
- secure
Access stringRdp Domain - Required when the Dynamic Secret is used for a domain user
- string[]
- Add tags attached to this object
- target
Name string - Target name
- targets string[]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token
Expiration string - Token expiration
- user
Attribute string - User Attribute
- user
Dn string - User DN
- user
Ttl string - User TTL
- bind_
dn str - Bind DN
- bind_
dn_ strpassword - Bind DN Password
- custom_
username_ strtemplate - Customize how temporary usernames are generated using go template
- delete_
protection str - Protection from accidental deletion of this object [true/false]
- dynamic_
secret_ strldap_ id - The ID of this resource.
- external_
username str - Externally provided username [true/false]
- fixed_
user_ strclaim_ keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group_
dn str - Group DN which the temporary user should be added
- host_
provider str - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item_
custom_ Mapping[str, str]fields - Additional custom fields to associate with the item
- ldap_
ca_ strcert - CA Certificate File Content
- ldap_
url str - LDAP Server URL
- name str
- Dynamic secret name
- password_
length str - The length of the password to be generated
- producer_
encryption_ strkey_ name - Dynamic producer encryption key
- provider_
type str - Provider type
- secure_
access_ strcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ floatdelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure_
access_ strenable - Enable/Disable secure remote access [true/false]
- secure_
access_ Sequence[str]hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ strrd_ gateway_ server - RD Gateway server
- secure_
access_ strrdp_ domain - Required when the Dynamic Secret is used for a domain user
- Sequence[str]
- Add tags attached to this object
- target_
name str - Target name
- targets Sequence[str]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token_
expiration str - Token expiration
- user_
attribute str - User Attribute
- user_
dn str - User DN
- user_
ttl str - User TTL
- bind
Dn String - Bind DN
- bind
Dn StringPassword - Bind DN Password
- custom
Username StringTemplate - Customize how temporary usernames are generated using go template
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- dynamic
Secret StringLdap Id - The ID of this resource.
- external
Username String - Externally provided username [true/false]
- fixed
User StringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group
Dn String - Group DN which the temporary user should be added
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String>Fields - Additional custom fields to associate with the item
- ldap
Ca StringCert - CA Certificate File Content
- ldap
Url String - LDAP Server URL
- name String
- Dynamic secret name
- password
Length String - The length of the password to be generated
- producer
Encryption StringKey Name - Dynamic producer encryption key
- provider
Type String - Provider type
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access NumberDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRd Gateway Server - RD Gateway server
- secure
Access StringRdp Domain - Required when the Dynamic Secret is used for a domain user
- List<String>
- Add tags attached to this object
- target
Name String - Target name
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token
Expiration String - Token expiration
- user
Attribute String - User Attribute
- user
Dn String - User DN
- user
Ttl String - User TTL
Outputs
All input properties are implicitly available as output properties. Additionally, the DynamicSecretLdap resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing DynamicSecretLdap Resource
Get an existing DynamicSecretLdap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DynamicSecretLdapState, opts?: CustomResourceOptions): DynamicSecretLdap@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
bind_dn: Optional[str] = None,
bind_dn_password: Optional[str] = None,
custom_username_template: Optional[str] = None,
delete_protection: Optional[str] = None,
dynamic_secret_ldap_id: Optional[str] = None,
external_username: Optional[str] = None,
fixed_user_claim_keyname: Optional[str] = None,
group_dn: Optional[str] = None,
host_provider: Optional[str] = None,
item_custom_fields: Optional[Mapping[str, str]] = None,
ldap_ca_cert: Optional[str] = None,
ldap_url: Optional[str] = None,
name: Optional[str] = None,
password_length: Optional[str] = None,
producer_encryption_key_name: Optional[str] = None,
provider_type: Optional[str] = None,
secure_access_certificate_issuer: Optional[str] = None,
secure_access_delay: Optional[float] = None,
secure_access_enable: Optional[str] = None,
secure_access_hosts: Optional[Sequence[str]] = None,
secure_access_rd_gateway_server: Optional[str] = None,
secure_access_rdp_domain: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
target_name: Optional[str] = None,
targets: Optional[Sequence[str]] = None,
token_expiration: Optional[str] = None,
user_attribute: Optional[str] = None,
user_dn: Optional[str] = None,
user_ttl: Optional[str] = None) -> DynamicSecretLdapfunc GetDynamicSecretLdap(ctx *Context, name string, id IDInput, state *DynamicSecretLdapState, opts ...ResourceOption) (*DynamicSecretLdap, error)public static DynamicSecretLdap Get(string name, Input<string> id, DynamicSecretLdapState? state, CustomResourceOptions? opts = null)public static DynamicSecretLdap get(String name, Output<String> id, DynamicSecretLdapState state, CustomResourceOptions options)resources: _: type: akeyless:DynamicSecretLdap get: id: ${id}import {
to = akeyless_dynamicsecretldap.example
id = "${id}"
}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Bind
Dn string - Bind DN
- Bind
Dn stringPassword - Bind DN Password
- Custom
Username stringTemplate - Customize how temporary usernames are generated using go template
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Dynamic
Secret stringLdap Id - The ID of this resource.
- External
Username string - Externally provided username [true/false]
- Fixed
User stringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- Group
Dn string - Group DN which the temporary user should be added
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom Dictionary<string, string>Fields - Additional custom fields to associate with the item
- Ldap
Ca stringCert - CA Certificate File Content
- Ldap
Url string - LDAP Server URL
- Name string
- Dynamic secret name
- Password
Length string - The length of the password to be generated
- Producer
Encryption stringKey Name - Dynamic producer encryption key
- Provider
Type string - Provider type
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access doubleDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access List<string>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRd Gateway Server - RD Gateway server
- Secure
Access stringRdp Domain - Required when the Dynamic Secret is used for a domain user
- List<string>
- Add tags attached to this object
- Target
Name string - Target name
- Targets List<string>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- Token
Expiration string - Token expiration
- User
Attribute string - User Attribute
- User
Dn string - User DN
- User
Ttl string - User TTL
- Bind
Dn string - Bind DN
- Bind
Dn stringPassword - Bind DN Password
- Custom
Username stringTemplate - Customize how temporary usernames are generated using go template
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Dynamic
Secret stringLdap Id - The ID of this resource.
- External
Username string - Externally provided username [true/false]
- Fixed
User stringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- Group
Dn string - Group DN which the temporary user should be added
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom map[string]stringFields - Additional custom fields to associate with the item
- Ldap
Ca stringCert - CA Certificate File Content
- Ldap
Url string - LDAP Server URL
- Name string
- Dynamic secret name
- Password
Length string - The length of the password to be generated
- Producer
Encryption stringKey Name - Dynamic producer encryption key
- Provider
Type string - Provider type
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access float64Delay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access []stringHosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRd Gateway Server - RD Gateway server
- Secure
Access stringRdp Domain - Required when the Dynamic Secret is used for a domain user
- []string
- Add tags attached to this object
- Target
Name string - Target name
- Targets []string
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- Token
Expiration string - Token expiration
- User
Attribute string - User Attribute
- User
Dn string - User DN
- User
Ttl string - User TTL
- bind_
dn string - Bind DN
- bind_
dn_ stringpassword - Bind DN Password
- custom_
username_ stringtemplate - Customize how temporary usernames are generated using go template
- delete_
protection string - Protection from accidental deletion of this object [true/false]
- dynamic_
secret_ stringldap_ id - The ID of this resource.
- external_
username string - Externally provided username [true/false]
- fixed_
user_ stringclaim_ keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group_
dn string - Group DN which the temporary user should be added
- host_
provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item_
custom_ map(string)fields - Additional custom fields to associate with the item
- ldap_
ca_ stringcert - CA Certificate File Content
- ldap_
url string - LDAP Server URL
- name string
- Dynamic secret name
- password_
length string - The length of the password to be generated
- producer_
encryption_ stringkey_ name - Dynamic producer encryption key
- provider_
type string - Provider type
- secure_
access_ stringcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ numberdelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure_
access_ stringenable - Enable/Disable secure remote access [true/false]
- secure_
access_ list(string)hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ stringrd_ gateway_ server - RD Gateway server
- secure_
access_ stringrdp_ domain - Required when the Dynamic Secret is used for a domain user
- list(string)
- Add tags attached to this object
- target_
name string - Target name
- targets list(string)
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token_
expiration string - Token expiration
- user_
attribute string - User Attribute
- user_
dn string - User DN
- user_
ttl string - User TTL
- bind
Dn String - Bind DN
- bind
Dn StringPassword - Bind DN Password
- custom
Username StringTemplate - Customize how temporary usernames are generated using go template
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- dynamic
Secret StringLdap Id - The ID of this resource.
- external
Username String - Externally provided username [true/false]
- fixed
User StringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group
Dn String - Group DN which the temporary user should be added
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String,String>Fields - Additional custom fields to associate with the item
- ldap
Ca StringCert - CA Certificate File Content
- ldap
Url String - LDAP Server URL
- name String
- Dynamic secret name
- password
Length String - The length of the password to be generated
- producer
Encryption StringKey Name - Dynamic producer encryption key
- provider
Type String - Provider type
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access DoubleDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRd Gateway Server - RD Gateway server
- secure
Access StringRdp Domain - Required when the Dynamic Secret is used for a domain user
- List<String>
- Add tags attached to this object
- target
Name String - Target name
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token
Expiration String - Token expiration
- user
Attribute String - User Attribute
- user
Dn String - User DN
- user
Ttl String - User TTL
- bind
Dn string - Bind DN
- bind
Dn stringPassword - Bind DN Password
- custom
Username stringTemplate - Customize how temporary usernames are generated using go template
- delete
Protection string - Protection from accidental deletion of this object [true/false]
- dynamic
Secret stringLdap Id - The ID of this resource.
- external
Username string - Externally provided username [true/false]
- fixed
User stringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group
Dn string - Group DN which the temporary user should be added
- host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom {[key: string]: string}Fields - Additional custom fields to associate with the item
- ldap
Ca stringCert - CA Certificate File Content
- ldap
Url string - LDAP Server URL
- name string
- Dynamic secret name
- password
Length string - The length of the password to be generated
- producer
Encryption stringKey Name - Dynamic producer encryption key
- provider
Type string - Provider type
- secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access numberDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- secure
Access string[]Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access stringRd Gateway Server - RD Gateway server
- secure
Access stringRdp Domain - Required when the Dynamic Secret is used for a domain user
- string[]
- Add tags attached to this object
- target
Name string - Target name
- targets string[]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token
Expiration string - Token expiration
- user
Attribute string - User Attribute
- user
Dn string - User DN
- user
Ttl string - User TTL
- bind_
dn str - Bind DN
- bind_
dn_ strpassword - Bind DN Password
- custom_
username_ strtemplate - Customize how temporary usernames are generated using go template
- delete_
protection str - Protection from accidental deletion of this object [true/false]
- dynamic_
secret_ strldap_ id - The ID of this resource.
- external_
username str - Externally provided username [true/false]
- fixed_
user_ strclaim_ keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group_
dn str - Group DN which the temporary user should be added
- host_
provider str - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item_
custom_ Mapping[str, str]fields - Additional custom fields to associate with the item
- ldap_
ca_ strcert - CA Certificate File Content
- ldap_
url str - LDAP Server URL
- name str
- Dynamic secret name
- password_
length str - The length of the password to be generated
- producer_
encryption_ strkey_ name - Dynamic producer encryption key
- provider_
type str - Provider type
- secure_
access_ strcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ floatdelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure_
access_ strenable - Enable/Disable secure remote access [true/false]
- secure_
access_ Sequence[str]hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ strrd_ gateway_ server - RD Gateway server
- secure_
access_ strrdp_ domain - Required when the Dynamic Secret is used for a domain user
- Sequence[str]
- Add tags attached to this object
- target_
name str - Target name
- targets Sequence[str]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token_
expiration str - Token expiration
- user_
attribute str - User Attribute
- user_
dn str - User DN
- user_
ttl str - User TTL
- bind
Dn String - Bind DN
- bind
Dn StringPassword - Bind DN Password
- custom
Username StringTemplate - Customize how temporary usernames are generated using go template
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- dynamic
Secret StringLdap Id - The ID of this resource.
- external
Username String - Externally provided username [true/false]
- fixed
User StringClaim Keyname - For externally provided users, denotes the key-name of IdP claim to extract the username from (relevant only for external-username=true)
- group
Dn String - Group DN which the temporary user should be added
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String>Fields - Additional custom fields to associate with the item
- ldap
Ca StringCert - CA Certificate File Content
- ldap
Url String - LDAP Server URL
- name String
- Dynamic secret name
- password
Length String - The length of the password to be generated
- producer
Encryption StringKey Name - Dynamic producer encryption key
- provider
Type String - Provider type
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access NumberDelay - The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRd Gateway Server - RD Gateway server
- secure
Access StringRdp Domain - Required when the Dynamic Secret is used for a domain user
- List<String>
- Add tags attached to this object
- target
Name String - Target name
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- token
Expiration String - Token expiration
- user
Attribute String - User Attribute
- user
Dn String - User DN
- user
Ttl String - User TTL
Package Details
- Repository
- akeyless akeyless-community/terraform-provider-akeyless
- License
- Notes
- This Pulumi package is based on the
akeylessTerraform Provider.
Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
