Resource for creating a WinRM credential secret.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as harness from "@pulumi/harness";
// ============================================================================
// ACCOUNT LEVEL TESTS (3 scenarios)
// ============================================================================
// 1. Account-level NTLM
const accountNtlmPassword = new harness.platform.SecretText("account_ntlm_password", {
identifier: "account_ntlm_password_v3",
name: "account_ntlm_password_v3",
description: "Password for account-level NTLM",
secretManagerIdentifier: "harnessSecretManager",
valueType: "Inline",
value: "account_ntlm_pass",
});
const accountNtlm = new harness.platform.SecretWinrm("account_ntlm", {
identifier: "account_ntlm_v3",
name: "Account NTLM v3",
description: "Account-level WinRM with NTLM",
tags: [
"scope:account",
"auth:ntlm",
],
port: 5986,
ntlm: {
domain: "example.com",
username: "admin",
passwordRef: pulumi.interpolate`account.${accountNtlmPassword.id}`,
useSsl: true,
skipCertCheck: false,
useNoProfile: true,
},
});
// 2. Account-level Kerberos with KeyTab
const accountKerberosKeytab = new harness.platform.SecretWinrm("account_kerberos_keytab", {
identifier: "account_kerberos_keytab_v3",
name: "Account Kerberos KeyTab v3",
description: "Account-level WinRM with Kerberos KeyTab",
tags: [
"scope:account",
"auth:kerberos-keytab",
],
port: 5986,
kerberos: {
principal: "service@EXAMPLE.COM",
realm: "EXAMPLE.COM",
tgtGenerationMethod: "KeyTabFilePath",
useSsl: true,
skipCertCheck: true,
useNoProfile: true,
tgtKeyTabFilePathSpec: {
keyPath: "/etc/krb5.keytab",
},
},
});
// 3. Account-level Kerberos with Password
const accountKerberosPassword1 = new harness.platform.SecretText("account_kerberos_password_1", {
identifier: "account_kerb_pass_20251111",
name: "account_kerb_pass_20251111",
description: "Password for account-level Kerberos",
secretManagerIdentifier: "harnessSecretManager",
valueType: "Inline",
value: "account_kerberos_pass",
});
const accountKerberosPassword1SecretWinrm = new harness.platform.SecretWinrm("account_kerberos_password_1", {
identifier: "account_kerb_winrm_20251111",
name: "Account Kerberos WinRM 20251111",
description: "Account-level WinRM with Kerberos Password",
tags: [
"scope:account",
"auth:kerberos-password",
],
port: 5986,
kerberos: {
principal: "user@EXAMPLE.COM",
realm: "EXAMPLE.COM",
tgtGenerationMethod: "Password",
useSsl: true,
skipCertCheck: false,
useNoProfile: true,
tgtPasswordSpec: {
passwordRef: pulumi.interpolate`account.${accountKerberosPassword1.id}`,
},
},
});
// ============================================================================
// ORGANIZATION LEVEL TESTS (3 scenarios)
// ============================================================================
// 4. Org-level NTLM
const orgNtlmPassword = new harness.platform.SecretText("org_ntlm_password", {
identifier: "org_ntlm_password_v3",
name: "org_ntlm_password_v3",
description: "Password for org-level NTLM",
orgId: "default",
secretManagerIdentifier: "harnessSecretManager",
valueType: "Inline",
value: "org_ntlm_pass",
});
const orgNtlm = new harness.platform.SecretWinrm("org_ntlm", {
identifier: "org_ntlm_v3",
name: "Org NTLM v3",
description: "Org-level WinRM with NTLM",
orgId: "default",
tags: [
"scope:org",
"auth:ntlm",
],
port: 5985,
ntlm: {
domain: "org.example.com",
username: "orgadmin",
passwordRef: pulumi.interpolate`org.${orgNtlmPassword.id}`,
useSsl: false,
skipCertCheck: false,
useNoProfile: true,
},
});
// 5. Org-level Kerberos with KeyTab
const orgKerberosKeytab = new harness.platform.SecretWinrm("org_kerberos_keytab", {
identifier: "org_kerberos_keytab_v3",
name: "Org Kerberos KeyTab v3",
description: "Org-level WinRM with Kerberos KeyTab",
orgId: "default",
tags: [
"scope:org",
"auth:kerberos-keytab",
],
port: 5986,
kerberos: {
principal: "orgservice@EXAMPLE.COM",
realm: "EXAMPLE.COM",
tgtGenerationMethod: "KeyTabFilePath",
useSsl: true,
skipCertCheck: true,
useNoProfile: true,
tgtKeyTabFilePathSpec: {
keyPath: "/etc/org.keytab",
},
},
});
// 6. Org-level Kerberos with Password
const orgKerberosPassword = new harness.platform.SecretText("org_kerberos_password", {
identifier: "org_kerb_pass_v3",
name: "org_kerb_pass_v3",
description: "Password for org-level Kerberos",
orgId: "default",
secretManagerIdentifier: "harnessSecretManager",
valueType: "Inline",
value: "org_kerberos_pass",
});
const orgKerberosPasswordSecretWinrm = new harness.platform.SecretWinrm("org_kerberos_password", {
identifier: "org_kerb_winrm_v3",
name: "Org Kerberos WinRM v3",
description: "Org-level WinRM with Kerberos Password",
orgId: "default",
tags: [
"scope:org",
"auth:kerberos-password",
],
port: 5986,
kerberos: {
principal: "orguser@EXAMPLE.COM",
realm: "EXAMPLE.COM",
tgtGenerationMethod: "Password",
useSsl: true,
skipCertCheck: false,
useNoProfile: true,
tgtPasswordSpec: {
passwordRef: pulumi.interpolate`org.${orgKerberosPassword.id}`,
},
},
});
// ============================================================================
// PROJECT LEVEL TESTS (3 scenarios)
// ============================================================================
// 7. Project-level NTLM
const projectNtlmPassword = new harness.platform.SecretText("project_ntlm_password", {
identifier: "proj_ntlm_pass_v3",
name: "proj_ntlm_pass_v3",
description: "Password for project-level NTLM",
orgId: "default",
projectId: "winrm_support_terraform",
secretManagerIdentifier: "harnessSecretManager",
valueType: "Inline",
value: "project_ntlm_pass",
});
const projectNtlm = new harness.platform.SecretWinrm("project_ntlm", {
identifier: "proj_ntlm_winrm_v3",
name: "Project NTLM WinRM v3",
description: "Project-level WinRM with NTLM",
orgId: "default",
projectId: "winrm_support_terraform",
tags: [
"scope:project",
"auth:ntlm",
],
port: 5986,
ntlm: {
domain: "project.example.com",
username: "projectadmin",
passwordRef: projectNtlmPassword.id,
useSsl: true,
skipCertCheck: false,
useNoProfile: false,
},
});
// 8. Project-level Kerberos with KeyTab
const projectKerberosKeytab = new harness.platform.SecretWinrm("project_kerberos_keytab", {
identifier: "proj_kerb_keytab_v3",
name: "Project Kerberos KeyTab v3",
description: "Project-level WinRM with Kerberos KeyTab",
orgId: "default",
projectId: "winrm_support_terraform",
tags: [
"scope:project",
"auth:kerberos-keytab",
],
port: 5986,
kerberos: {
principal: "projectservice@EXAMPLE.COM",
realm: "EXAMPLE.COM",
tgtGenerationMethod: "KeyTabFilePath",
useSsl: false,
skipCertCheck: false,
useNoProfile: false,
tgtKeyTabFilePathSpec: {
keyPath: "/etc/project.keytab",
},
},
});
// 9. Project-level Kerberos with Password
const projectKerberosPassword = new harness.platform.SecretText("project_kerberos_password", {
identifier: "proj_kerb_pass_v3",
name: "proj_kerb_pass_v3",
description: "Password for project-level Kerberos",
orgId: "default",
projectId: "winrm_support_terraform",
secretManagerIdentifier: "harnessSecretManager",
valueType: "Inline",
value: "project_kerberos_pass",
});
const projectKerberosPasswordSecretWinrm = new harness.platform.SecretWinrm("project_kerberos_password", {
identifier: "proj_kerb_winrm_v3",
name: "Project Kerberos WinRM v3",
description: "Project-level WinRM with Kerberos Password",
orgId: "default",
projectId: "winrm_support_terraform",
tags: [
"scope:project",
"auth:kerberos-password",
],
port: 5986,
kerberos: {
principal: "projectuser@EXAMPLE.COM",
realm: "EXAMPLE.COM",
tgtGenerationMethod: "Password",
useSsl: false,
skipCertCheck: true,
useNoProfile: true,
tgtPasswordSpec: {
passwordRef: projectKerberosPassword.id,
},
},
});
import pulumi
import pulumi_harness as harness
# ============================================================================
# ACCOUNT LEVEL TESTS (3 scenarios)
# ============================================================================
# 1. Account-level NTLM
account_ntlm_password = harness.platform.SecretText("account_ntlm_password",
identifier="account_ntlm_password_v3",
name="account_ntlm_password_v3",
description="Password for account-level NTLM",
secret_manager_identifier="harnessSecretManager",
value_type="Inline",
value="account_ntlm_pass")
account_ntlm = harness.platform.SecretWinrm("account_ntlm",
identifier="account_ntlm_v3",
name="Account NTLM v3",
description="Account-level WinRM with NTLM",
tags=[
"scope:account",
"auth:ntlm",
],
port=5986,
ntlm={
"domain": "example.com",
"username": "admin",
"password_ref": account_ntlm_password.id.apply(lambda id: f"account.{id}"),
"use_ssl": True,
"skip_cert_check": False,
"use_no_profile": True,
})
# 2. Account-level Kerberos with KeyTab
account_kerberos_keytab = harness.platform.SecretWinrm("account_kerberos_keytab",
identifier="account_kerberos_keytab_v3",
name="Account Kerberos KeyTab v3",
description="Account-level WinRM with Kerberos KeyTab",
tags=[
"scope:account",
"auth:kerberos-keytab",
],
port=5986,
kerberos={
"principal": "service@EXAMPLE.COM",
"realm": "EXAMPLE.COM",
"tgt_generation_method": "KeyTabFilePath",
"use_ssl": True,
"skip_cert_check": True,
"use_no_profile": True,
"tgt_key_tab_file_path_spec": {
"key_path": "/etc/krb5.keytab",
},
})
# 3. Account-level Kerberos with Password
account_kerberos_password1 = harness.platform.SecretText("account_kerberos_password_1",
identifier="account_kerb_pass_20251111",
name="account_kerb_pass_20251111",
description="Password for account-level Kerberos",
secret_manager_identifier="harnessSecretManager",
value_type="Inline",
value="account_kerberos_pass")
account_kerberos_password1_secret_winrm = harness.platform.SecretWinrm("account_kerberos_password_1",
identifier="account_kerb_winrm_20251111",
name="Account Kerberos WinRM 20251111",
description="Account-level WinRM with Kerberos Password",
tags=[
"scope:account",
"auth:kerberos-password",
],
port=5986,
kerberos={
"principal": "user@EXAMPLE.COM",
"realm": "EXAMPLE.COM",
"tgt_generation_method": "Password",
"use_ssl": True,
"skip_cert_check": False,
"use_no_profile": True,
"tgt_password_spec": {
"password_ref": account_kerberos_password1.id.apply(lambda id: f"account.{id}"),
},
})
# ============================================================================
# ORGANIZATION LEVEL TESTS (3 scenarios)
# ============================================================================
# 4. Org-level NTLM
org_ntlm_password = harness.platform.SecretText("org_ntlm_password",
identifier="org_ntlm_password_v3",
name="org_ntlm_password_v3",
description="Password for org-level NTLM",
org_id="default",
secret_manager_identifier="harnessSecretManager",
value_type="Inline",
value="org_ntlm_pass")
org_ntlm = harness.platform.SecretWinrm("org_ntlm",
identifier="org_ntlm_v3",
name="Org NTLM v3",
description="Org-level WinRM with NTLM",
org_id="default",
tags=[
"scope:org",
"auth:ntlm",
],
port=5985,
ntlm={
"domain": "org.example.com",
"username": "orgadmin",
"password_ref": org_ntlm_password.id.apply(lambda id: f"org.{id}"),
"use_ssl": False,
"skip_cert_check": False,
"use_no_profile": True,
})
# 5. Org-level Kerberos with KeyTab
org_kerberos_keytab = harness.platform.SecretWinrm("org_kerberos_keytab",
identifier="org_kerberos_keytab_v3",
name="Org Kerberos KeyTab v3",
description="Org-level WinRM with Kerberos KeyTab",
org_id="default",
tags=[
"scope:org",
"auth:kerberos-keytab",
],
port=5986,
kerberos={
"principal": "orgservice@EXAMPLE.COM",
"realm": "EXAMPLE.COM",
"tgt_generation_method": "KeyTabFilePath",
"use_ssl": True,
"skip_cert_check": True,
"use_no_profile": True,
"tgt_key_tab_file_path_spec": {
"key_path": "/etc/org.keytab",
},
})
# 6. Org-level Kerberos with Password
org_kerberos_password = harness.platform.SecretText("org_kerberos_password",
identifier="org_kerb_pass_v3",
name="org_kerb_pass_v3",
description="Password for org-level Kerberos",
org_id="default",
secret_manager_identifier="harnessSecretManager",
value_type="Inline",
value="org_kerberos_pass")
org_kerberos_password_secret_winrm = harness.platform.SecretWinrm("org_kerberos_password",
identifier="org_kerb_winrm_v3",
name="Org Kerberos WinRM v3",
description="Org-level WinRM with Kerberos Password",
org_id="default",
tags=[
"scope:org",
"auth:kerberos-password",
],
port=5986,
kerberos={
"principal": "orguser@EXAMPLE.COM",
"realm": "EXAMPLE.COM",
"tgt_generation_method": "Password",
"use_ssl": True,
"skip_cert_check": False,
"use_no_profile": True,
"tgt_password_spec": {
"password_ref": org_kerberos_password.id.apply(lambda id: f"org.{id}"),
},
})
# ============================================================================
# PROJECT LEVEL TESTS (3 scenarios)
# ============================================================================
# 7. Project-level NTLM
project_ntlm_password = harness.platform.SecretText("project_ntlm_password",
identifier="proj_ntlm_pass_v3",
name="proj_ntlm_pass_v3",
description="Password for project-level NTLM",
org_id="default",
project_id="winrm_support_terraform",
secret_manager_identifier="harnessSecretManager",
value_type="Inline",
value="project_ntlm_pass")
project_ntlm = harness.platform.SecretWinrm("project_ntlm",
identifier="proj_ntlm_winrm_v3",
name="Project NTLM WinRM v3",
description="Project-level WinRM with NTLM",
org_id="default",
project_id="winrm_support_terraform",
tags=[
"scope:project",
"auth:ntlm",
],
port=5986,
ntlm={
"domain": "project.example.com",
"username": "projectadmin",
"password_ref": project_ntlm_password.id,
"use_ssl": True,
"skip_cert_check": False,
"use_no_profile": False,
})
# 8. Project-level Kerberos with KeyTab
project_kerberos_keytab = harness.platform.SecretWinrm("project_kerberos_keytab",
identifier="proj_kerb_keytab_v3",
name="Project Kerberos KeyTab v3",
description="Project-level WinRM with Kerberos KeyTab",
org_id="default",
project_id="winrm_support_terraform",
tags=[
"scope:project",
"auth:kerberos-keytab",
],
port=5986,
kerberos={
"principal": "projectservice@EXAMPLE.COM",
"realm": "EXAMPLE.COM",
"tgt_generation_method": "KeyTabFilePath",
"use_ssl": False,
"skip_cert_check": False,
"use_no_profile": False,
"tgt_key_tab_file_path_spec": {
"key_path": "/etc/project.keytab",
},
})
# 9. Project-level Kerberos with Password
project_kerberos_password = harness.platform.SecretText("project_kerberos_password",
identifier="proj_kerb_pass_v3",
name="proj_kerb_pass_v3",
description="Password for project-level Kerberos",
org_id="default",
project_id="winrm_support_terraform",
secret_manager_identifier="harnessSecretManager",
value_type="Inline",
value="project_kerberos_pass")
project_kerberos_password_secret_winrm = harness.platform.SecretWinrm("project_kerberos_password",
identifier="proj_kerb_winrm_v3",
name="Project Kerberos WinRM v3",
description="Project-level WinRM with Kerberos Password",
org_id="default",
project_id="winrm_support_terraform",
tags=[
"scope:project",
"auth:kerberos-password",
],
port=5986,
kerberos={
"principal": "projectuser@EXAMPLE.COM",
"realm": "EXAMPLE.COM",
"tgt_generation_method": "Password",
"use_ssl": False,
"skip_cert_check": True,
"use_no_profile": True,
"tgt_password_spec": {
"password_ref": project_kerberos_password.id,
},
})
package main
import (
"fmt"
"github.com/pulumi/pulumi-harness/sdk/go/harness/platform"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// ============================================================================
// ACCOUNT LEVEL TESTS (3 scenarios)
// ============================================================================
// 1. Account-level NTLM
accountNtlmPassword, err := platform.NewSecretText(ctx, "account_ntlm_password", &platform.SecretTextArgs{
Identifier: pulumi.String("account_ntlm_password_v3"),
Name: pulumi.String("account_ntlm_password_v3"),
Description: pulumi.String("Password for account-level NTLM"),
SecretManagerIdentifier: pulumi.String("harnessSecretManager"),
ValueType: pulumi.String("Inline"),
Value: pulumi.String("account_ntlm_pass"),
})
if err != nil {
return err
}
_, err = platform.NewSecretWinrm(ctx, "account_ntlm", &platform.SecretWinrmArgs{
Identifier: pulumi.String("account_ntlm_v3"),
Name: pulumi.String("Account NTLM v3"),
Description: pulumi.String("Account-level WinRM with NTLM"),
Tags: pulumi.StringArray{
pulumi.String("scope:account"),
pulumi.String("auth:ntlm"),
},
Port: pulumi.Int(5986),
Ntlm: &platform.SecretWinrmNtlmArgs{
Domain: pulumi.String("example.com"),
Username: pulumi.String("admin"),
PasswordRef: accountNtlmPassword.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("account.%v", id), nil
}).(pulumi.StringOutput),
UseSsl: pulumi.Bool(true),
SkipCertCheck: pulumi.Bool(false),
UseNoProfile: pulumi.Bool(true),
},
})
if err != nil {
return err
}
// 2. Account-level Kerberos with KeyTab
_, err = platform.NewSecretWinrm(ctx, "account_kerberos_keytab", &platform.SecretWinrmArgs{
Identifier: pulumi.String("account_kerberos_keytab_v3"),
Name: pulumi.String("Account Kerberos KeyTab v3"),
Description: pulumi.String("Account-level WinRM with Kerberos KeyTab"),
Tags: pulumi.StringArray{
pulumi.String("scope:account"),
pulumi.String("auth:kerberos-keytab"),
},
Port: pulumi.Int(5986),
Kerberos: &platform.SecretWinrmKerberosArgs{
Principal: pulumi.String("service@EXAMPLE.COM"),
Realm: pulumi.String("EXAMPLE.COM"),
TgtGenerationMethod: pulumi.String("KeyTabFilePath"),
UseSsl: pulumi.Bool(true),
SkipCertCheck: pulumi.Bool(true),
UseNoProfile: pulumi.Bool(true),
TgtKeyTabFilePathSpec: &platform.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs{
KeyPath: pulumi.String("/etc/krb5.keytab"),
},
},
})
if err != nil {
return err
}
// 3. Account-level Kerberos with Password
accountKerberosPassword1, err := platform.NewSecretText(ctx, "account_kerberos_password_1", &platform.SecretTextArgs{
Identifier: pulumi.String("account_kerb_pass_20251111"),
Name: pulumi.String("account_kerb_pass_20251111"),
Description: pulumi.String("Password for account-level Kerberos"),
SecretManagerIdentifier: pulumi.String("harnessSecretManager"),
ValueType: pulumi.String("Inline"),
Value: pulumi.String("account_kerberos_pass"),
})
if err != nil {
return err
}
_, err = platform.NewSecretWinrm(ctx, "account_kerberos_password_1", &platform.SecretWinrmArgs{
Identifier: pulumi.String("account_kerb_winrm_20251111"),
Name: pulumi.String("Account Kerberos WinRM 20251111"),
Description: pulumi.String("Account-level WinRM with Kerberos Password"),
Tags: pulumi.StringArray{
pulumi.String("scope:account"),
pulumi.String("auth:kerberos-password"),
},
Port: pulumi.Int(5986),
Kerberos: &platform.SecretWinrmKerberosArgs{
Principal: pulumi.String("user@EXAMPLE.COM"),
Realm: pulumi.String("EXAMPLE.COM"),
TgtGenerationMethod: pulumi.String("Password"),
UseSsl: pulumi.Bool(true),
SkipCertCheck: pulumi.Bool(false),
UseNoProfile: pulumi.Bool(true),
TgtPasswordSpec: &platform.SecretWinrmKerberosTgtPasswordSpecArgs{
PasswordRef: accountKerberosPassword1.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("account.%v", id), nil
}).(pulumi.StringOutput),
},
},
})
if err != nil {
return err
}
// 4. Org-level NTLM
orgNtlmPassword, err := platform.NewSecretText(ctx, "org_ntlm_password", &platform.SecretTextArgs{
Identifier: pulumi.String("org_ntlm_password_v3"),
Name: pulumi.String("org_ntlm_password_v3"),
Description: pulumi.String("Password for org-level NTLM"),
OrgId: pulumi.String("default"),
SecretManagerIdentifier: pulumi.String("harnessSecretManager"),
ValueType: pulumi.String("Inline"),
Value: pulumi.String("org_ntlm_pass"),
})
if err != nil {
return err
}
_, err = platform.NewSecretWinrm(ctx, "org_ntlm", &platform.SecretWinrmArgs{
Identifier: pulumi.String("org_ntlm_v3"),
Name: pulumi.String("Org NTLM v3"),
Description: pulumi.String("Org-level WinRM with NTLM"),
OrgId: pulumi.String("default"),
Tags: pulumi.StringArray{
pulumi.String("scope:org"),
pulumi.String("auth:ntlm"),
},
Port: pulumi.Int(5985),
Ntlm: &platform.SecretWinrmNtlmArgs{
Domain: pulumi.String("org.example.com"),
Username: pulumi.String("orgadmin"),
PasswordRef: orgNtlmPassword.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("org.%v", id), nil
}).(pulumi.StringOutput),
UseSsl: pulumi.Bool(false),
SkipCertCheck: pulumi.Bool(false),
UseNoProfile: pulumi.Bool(true),
},
})
if err != nil {
return err
}
// 5. Org-level Kerberos with KeyTab
_, err = platform.NewSecretWinrm(ctx, "org_kerberos_keytab", &platform.SecretWinrmArgs{
Identifier: pulumi.String("org_kerberos_keytab_v3"),
Name: pulumi.String("Org Kerberos KeyTab v3"),
Description: pulumi.String("Org-level WinRM with Kerberos KeyTab"),
OrgId: pulumi.String("default"),
Tags: pulumi.StringArray{
pulumi.String("scope:org"),
pulumi.String("auth:kerberos-keytab"),
},
Port: pulumi.Int(5986),
Kerberos: &platform.SecretWinrmKerberosArgs{
Principal: pulumi.String("orgservice@EXAMPLE.COM"),
Realm: pulumi.String("EXAMPLE.COM"),
TgtGenerationMethod: pulumi.String("KeyTabFilePath"),
UseSsl: pulumi.Bool(true),
SkipCertCheck: pulumi.Bool(true),
UseNoProfile: pulumi.Bool(true),
TgtKeyTabFilePathSpec: &platform.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs{
KeyPath: pulumi.String("/etc/org.keytab"),
},
},
})
if err != nil {
return err
}
// 6. Org-level Kerberos with Password
orgKerberosPassword, err := platform.NewSecretText(ctx, "org_kerberos_password", &platform.SecretTextArgs{
Identifier: pulumi.String("org_kerb_pass_v3"),
Name: pulumi.String("org_kerb_pass_v3"),
Description: pulumi.String("Password for org-level Kerberos"),
OrgId: pulumi.String("default"),
SecretManagerIdentifier: pulumi.String("harnessSecretManager"),
ValueType: pulumi.String("Inline"),
Value: pulumi.String("org_kerberos_pass"),
})
if err != nil {
return err
}
_, err = platform.NewSecretWinrm(ctx, "org_kerberos_password", &platform.SecretWinrmArgs{
Identifier: pulumi.String("org_kerb_winrm_v3"),
Name: pulumi.String("Org Kerberos WinRM v3"),
Description: pulumi.String("Org-level WinRM with Kerberos Password"),
OrgId: pulumi.String("default"),
Tags: pulumi.StringArray{
pulumi.String("scope:org"),
pulumi.String("auth:kerberos-password"),
},
Port: pulumi.Int(5986),
Kerberos: &platform.SecretWinrmKerberosArgs{
Principal: pulumi.String("orguser@EXAMPLE.COM"),
Realm: pulumi.String("EXAMPLE.COM"),
TgtGenerationMethod: pulumi.String("Password"),
UseSsl: pulumi.Bool(true),
SkipCertCheck: pulumi.Bool(false),
UseNoProfile: pulumi.Bool(true),
TgtPasswordSpec: &platform.SecretWinrmKerberosTgtPasswordSpecArgs{
PasswordRef: orgKerberosPassword.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("org.%v", id), nil
}).(pulumi.StringOutput),
},
},
})
if err != nil {
return err
}
// 7. Project-level NTLM
projectNtlmPassword, err := platform.NewSecretText(ctx, "project_ntlm_password", &platform.SecretTextArgs{
Identifier: pulumi.String("proj_ntlm_pass_v3"),
Name: pulumi.String("proj_ntlm_pass_v3"),
Description: pulumi.String("Password for project-level NTLM"),
OrgId: pulumi.String("default"),
ProjectId: pulumi.String("winrm_support_terraform"),
SecretManagerIdentifier: pulumi.String("harnessSecretManager"),
ValueType: pulumi.String("Inline"),
Value: pulumi.String("project_ntlm_pass"),
})
if err != nil {
return err
}
_, err = platform.NewSecretWinrm(ctx, "project_ntlm", &platform.SecretWinrmArgs{
Identifier: pulumi.String("proj_ntlm_winrm_v3"),
Name: pulumi.String("Project NTLM WinRM v3"),
Description: pulumi.String("Project-level WinRM with NTLM"),
OrgId: pulumi.String("default"),
ProjectId: pulumi.String("winrm_support_terraform"),
Tags: pulumi.StringArray{
pulumi.String("scope:project"),
pulumi.String("auth:ntlm"),
},
Port: pulumi.Int(5986),
Ntlm: &platform.SecretWinrmNtlmArgs{
Domain: pulumi.String("project.example.com"),
Username: pulumi.String("projectadmin"),
PasswordRef: projectNtlmPassword.ID(),
UseSsl: pulumi.Bool(true),
SkipCertCheck: pulumi.Bool(false),
UseNoProfile: pulumi.Bool(false),
},
})
if err != nil {
return err
}
// 8. Project-level Kerberos with KeyTab
_, err = platform.NewSecretWinrm(ctx, "project_kerberos_keytab", &platform.SecretWinrmArgs{
Identifier: pulumi.String("proj_kerb_keytab_v3"),
Name: pulumi.String("Project Kerberos KeyTab v3"),
Description: pulumi.String("Project-level WinRM with Kerberos KeyTab"),
OrgId: pulumi.String("default"),
ProjectId: pulumi.String("winrm_support_terraform"),
Tags: pulumi.StringArray{
pulumi.String("scope:project"),
pulumi.String("auth:kerberos-keytab"),
},
Port: pulumi.Int(5986),
Kerberos: &platform.SecretWinrmKerberosArgs{
Principal: pulumi.String("projectservice@EXAMPLE.COM"),
Realm: pulumi.String("EXAMPLE.COM"),
TgtGenerationMethod: pulumi.String("KeyTabFilePath"),
UseSsl: pulumi.Bool(false),
SkipCertCheck: pulumi.Bool(false),
UseNoProfile: pulumi.Bool(false),
TgtKeyTabFilePathSpec: &platform.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs{
KeyPath: pulumi.String("/etc/project.keytab"),
},
},
})
if err != nil {
return err
}
// 9. Project-level Kerberos with Password
projectKerberosPassword, err := platform.NewSecretText(ctx, "project_kerberos_password", &platform.SecretTextArgs{
Identifier: pulumi.String("proj_kerb_pass_v3"),
Name: pulumi.String("proj_kerb_pass_v3"),
Description: pulumi.String("Password for project-level Kerberos"),
OrgId: pulumi.String("default"),
ProjectId: pulumi.String("winrm_support_terraform"),
SecretManagerIdentifier: pulumi.String("harnessSecretManager"),
ValueType: pulumi.String("Inline"),
Value: pulumi.String("project_kerberos_pass"),
})
if err != nil {
return err
}
_, err = platform.NewSecretWinrm(ctx, "project_kerberos_password", &platform.SecretWinrmArgs{
Identifier: pulumi.String("proj_kerb_winrm_v3"),
Name: pulumi.String("Project Kerberos WinRM v3"),
Description: pulumi.String("Project-level WinRM with Kerberos Password"),
OrgId: pulumi.String("default"),
ProjectId: pulumi.String("winrm_support_terraform"),
Tags: pulumi.StringArray{
pulumi.String("scope:project"),
pulumi.String("auth:kerberos-password"),
},
Port: pulumi.Int(5986),
Kerberos: &platform.SecretWinrmKerberosArgs{
Principal: pulumi.String("projectuser@EXAMPLE.COM"),
Realm: pulumi.String("EXAMPLE.COM"),
TgtGenerationMethod: pulumi.String("Password"),
UseSsl: pulumi.Bool(false),
SkipCertCheck: pulumi.Bool(true),
UseNoProfile: pulumi.Bool(true),
TgtPasswordSpec: &platform.SecretWinrmKerberosTgtPasswordSpecArgs{
PasswordRef: projectKerberosPassword.ID(),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Harness = Pulumi.Harness;
return await Deployment.RunAsync(() =>
{
// ============================================================================
// ACCOUNT LEVEL TESTS (3 scenarios)
// ============================================================================
// 1. Account-level NTLM
var accountNtlmPassword = new Harness.Platform.SecretText("account_ntlm_password", new()
{
Identifier = "account_ntlm_password_v3",
Name = "account_ntlm_password_v3",
Description = "Password for account-level NTLM",
SecretManagerIdentifier = "harnessSecretManager",
ValueType = "Inline",
Value = "account_ntlm_pass",
});
var accountNtlm = new Harness.Platform.SecretWinrm("account_ntlm", new()
{
Identifier = "account_ntlm_v3",
Name = "Account NTLM v3",
Description = "Account-level WinRM with NTLM",
Tags = new[]
{
"scope:account",
"auth:ntlm",
},
Port = 5986,
Ntlm = new Harness.Platform.Inputs.SecretWinrmNtlmArgs
{
Domain = "example.com",
Username = "admin",
PasswordRef = accountNtlmPassword.Id.Apply(id => $"account.{id}"),
UseSsl = true,
SkipCertCheck = false,
UseNoProfile = true,
},
});
// 2. Account-level Kerberos with KeyTab
var accountKerberosKeytab = new Harness.Platform.SecretWinrm("account_kerberos_keytab", new()
{
Identifier = "account_kerberos_keytab_v3",
Name = "Account Kerberos KeyTab v3",
Description = "Account-level WinRM with Kerberos KeyTab",
Tags = new[]
{
"scope:account",
"auth:kerberos-keytab",
},
Port = 5986,
Kerberos = new Harness.Platform.Inputs.SecretWinrmKerberosArgs
{
Principal = "service@EXAMPLE.COM",
Realm = "EXAMPLE.COM",
TgtGenerationMethod = "KeyTabFilePath",
UseSsl = true,
SkipCertCheck = true,
UseNoProfile = true,
TgtKeyTabFilePathSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs
{
KeyPath = "/etc/krb5.keytab",
},
},
});
// 3. Account-level Kerberos with Password
var accountKerberosPassword1 = new Harness.Platform.SecretText("account_kerberos_password_1", new()
{
Identifier = "account_kerb_pass_20251111",
Name = "account_kerb_pass_20251111",
Description = "Password for account-level Kerberos",
SecretManagerIdentifier = "harnessSecretManager",
ValueType = "Inline",
Value = "account_kerberos_pass",
});
var accountKerberosPassword1SecretWinrm = new Harness.Platform.SecretWinrm("account_kerberos_password_1", new()
{
Identifier = "account_kerb_winrm_20251111",
Name = "Account Kerberos WinRM 20251111",
Description = "Account-level WinRM with Kerberos Password",
Tags = new[]
{
"scope:account",
"auth:kerberos-password",
},
Port = 5986,
Kerberos = new Harness.Platform.Inputs.SecretWinrmKerberosArgs
{
Principal = "user@EXAMPLE.COM",
Realm = "EXAMPLE.COM",
TgtGenerationMethod = "Password",
UseSsl = true,
SkipCertCheck = false,
UseNoProfile = true,
TgtPasswordSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtPasswordSpecArgs
{
PasswordRef = accountKerberosPassword1.Id.Apply(id => $"account.{id}"),
},
},
});
// ============================================================================
// ORGANIZATION LEVEL TESTS (3 scenarios)
// ============================================================================
// 4. Org-level NTLM
var orgNtlmPassword = new Harness.Platform.SecretText("org_ntlm_password", new()
{
Identifier = "org_ntlm_password_v3",
Name = "org_ntlm_password_v3",
Description = "Password for org-level NTLM",
OrgId = "default",
SecretManagerIdentifier = "harnessSecretManager",
ValueType = "Inline",
Value = "org_ntlm_pass",
});
var orgNtlm = new Harness.Platform.SecretWinrm("org_ntlm", new()
{
Identifier = "org_ntlm_v3",
Name = "Org NTLM v3",
Description = "Org-level WinRM with NTLM",
OrgId = "default",
Tags = new[]
{
"scope:org",
"auth:ntlm",
},
Port = 5985,
Ntlm = new Harness.Platform.Inputs.SecretWinrmNtlmArgs
{
Domain = "org.example.com",
Username = "orgadmin",
PasswordRef = orgNtlmPassword.Id.Apply(id => $"org.{id}"),
UseSsl = false,
SkipCertCheck = false,
UseNoProfile = true,
},
});
// 5. Org-level Kerberos with KeyTab
var orgKerberosKeytab = new Harness.Platform.SecretWinrm("org_kerberos_keytab", new()
{
Identifier = "org_kerberos_keytab_v3",
Name = "Org Kerberos KeyTab v3",
Description = "Org-level WinRM with Kerberos KeyTab",
OrgId = "default",
Tags = new[]
{
"scope:org",
"auth:kerberos-keytab",
},
Port = 5986,
Kerberos = new Harness.Platform.Inputs.SecretWinrmKerberosArgs
{
Principal = "orgservice@EXAMPLE.COM",
Realm = "EXAMPLE.COM",
TgtGenerationMethod = "KeyTabFilePath",
UseSsl = true,
SkipCertCheck = true,
UseNoProfile = true,
TgtKeyTabFilePathSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs
{
KeyPath = "/etc/org.keytab",
},
},
});
// 6. Org-level Kerberos with Password
var orgKerberosPassword = new Harness.Platform.SecretText("org_kerberos_password", new()
{
Identifier = "org_kerb_pass_v3",
Name = "org_kerb_pass_v3",
Description = "Password for org-level Kerberos",
OrgId = "default",
SecretManagerIdentifier = "harnessSecretManager",
ValueType = "Inline",
Value = "org_kerberos_pass",
});
var orgKerberosPasswordSecretWinrm = new Harness.Platform.SecretWinrm("org_kerberos_password", new()
{
Identifier = "org_kerb_winrm_v3",
Name = "Org Kerberos WinRM v3",
Description = "Org-level WinRM with Kerberos Password",
OrgId = "default",
Tags = new[]
{
"scope:org",
"auth:kerberos-password",
},
Port = 5986,
Kerberos = new Harness.Platform.Inputs.SecretWinrmKerberosArgs
{
Principal = "orguser@EXAMPLE.COM",
Realm = "EXAMPLE.COM",
TgtGenerationMethod = "Password",
UseSsl = true,
SkipCertCheck = false,
UseNoProfile = true,
TgtPasswordSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtPasswordSpecArgs
{
PasswordRef = orgKerberosPassword.Id.Apply(id => $"org.{id}"),
},
},
});
// ============================================================================
// PROJECT LEVEL TESTS (3 scenarios)
// ============================================================================
// 7. Project-level NTLM
var projectNtlmPassword = new Harness.Platform.SecretText("project_ntlm_password", new()
{
Identifier = "proj_ntlm_pass_v3",
Name = "proj_ntlm_pass_v3",
Description = "Password for project-level NTLM",
OrgId = "default",
ProjectId = "winrm_support_terraform",
SecretManagerIdentifier = "harnessSecretManager",
ValueType = "Inline",
Value = "project_ntlm_pass",
});
var projectNtlm = new Harness.Platform.SecretWinrm("project_ntlm", new()
{
Identifier = "proj_ntlm_winrm_v3",
Name = "Project NTLM WinRM v3",
Description = "Project-level WinRM with NTLM",
OrgId = "default",
ProjectId = "winrm_support_terraform",
Tags = new[]
{
"scope:project",
"auth:ntlm",
},
Port = 5986,
Ntlm = new Harness.Platform.Inputs.SecretWinrmNtlmArgs
{
Domain = "project.example.com",
Username = "projectadmin",
PasswordRef = projectNtlmPassword.Id,
UseSsl = true,
SkipCertCheck = false,
UseNoProfile = false,
},
});
// 8. Project-level Kerberos with KeyTab
var projectKerberosKeytab = new Harness.Platform.SecretWinrm("project_kerberos_keytab", new()
{
Identifier = "proj_kerb_keytab_v3",
Name = "Project Kerberos KeyTab v3",
Description = "Project-level WinRM with Kerberos KeyTab",
OrgId = "default",
ProjectId = "winrm_support_terraform",
Tags = new[]
{
"scope:project",
"auth:kerberos-keytab",
},
Port = 5986,
Kerberos = new Harness.Platform.Inputs.SecretWinrmKerberosArgs
{
Principal = "projectservice@EXAMPLE.COM",
Realm = "EXAMPLE.COM",
TgtGenerationMethod = "KeyTabFilePath",
UseSsl = false,
SkipCertCheck = false,
UseNoProfile = false,
TgtKeyTabFilePathSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs
{
KeyPath = "/etc/project.keytab",
},
},
});
// 9. Project-level Kerberos with Password
var projectKerberosPassword = new Harness.Platform.SecretText("project_kerberos_password", new()
{
Identifier = "proj_kerb_pass_v3",
Name = "proj_kerb_pass_v3",
Description = "Password for project-level Kerberos",
OrgId = "default",
ProjectId = "winrm_support_terraform",
SecretManagerIdentifier = "harnessSecretManager",
ValueType = "Inline",
Value = "project_kerberos_pass",
});
var projectKerberosPasswordSecretWinrm = new Harness.Platform.SecretWinrm("project_kerberos_password", new()
{
Identifier = "proj_kerb_winrm_v3",
Name = "Project Kerberos WinRM v3",
Description = "Project-level WinRM with Kerberos Password",
OrgId = "default",
ProjectId = "winrm_support_terraform",
Tags = new[]
{
"scope:project",
"auth:kerberos-password",
},
Port = 5986,
Kerberos = new Harness.Platform.Inputs.SecretWinrmKerberosArgs
{
Principal = "projectuser@EXAMPLE.COM",
Realm = "EXAMPLE.COM",
TgtGenerationMethod = "Password",
UseSsl = false,
SkipCertCheck = true,
UseNoProfile = true,
TgtPasswordSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtPasswordSpecArgs
{
PasswordRef = projectKerberosPassword.Id,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.harness.platform.SecretText;
import com.pulumi.harness.platform.SecretTextArgs;
import com.pulumi.harness.platform.SecretWinrm;
import com.pulumi.harness.platform.SecretWinrmArgs;
import com.pulumi.harness.platform.inputs.SecretWinrmNtlmArgs;
import com.pulumi.harness.platform.inputs.SecretWinrmKerberosArgs;
import com.pulumi.harness.platform.inputs.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs;
import com.pulumi.harness.platform.inputs.SecretWinrmKerberosTgtPasswordSpecArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// ============================================================================
// ACCOUNT LEVEL TESTS (3 scenarios)
// ============================================================================
// 1. Account-level NTLM
var accountNtlmPassword = new SecretText("accountNtlmPassword", SecretTextArgs.builder()
.identifier("account_ntlm_password_v3")
.name("account_ntlm_password_v3")
.description("Password for account-level NTLM")
.secretManagerIdentifier("harnessSecretManager")
.valueType("Inline")
.value("account_ntlm_pass")
.build());
var accountNtlm = new SecretWinrm("accountNtlm", SecretWinrmArgs.builder()
.identifier("account_ntlm_v3")
.name("Account NTLM v3")
.description("Account-level WinRM with NTLM")
.tags(
"scope:account",
"auth:ntlm")
.port(5986)
.ntlm(SecretWinrmNtlmArgs.builder()
.domain("example.com")
.username("admin")
.passwordRef(accountNtlmPassword.id().applyValue(_id -> String.format("account.%s", _id)))
.useSsl(true)
.skipCertCheck(false)
.useNoProfile(true)
.build())
.build());
// 2. Account-level Kerberos with KeyTab
var accountKerberosKeytab = new SecretWinrm("accountKerberosKeytab", SecretWinrmArgs.builder()
.identifier("account_kerberos_keytab_v3")
.name("Account Kerberos KeyTab v3")
.description("Account-level WinRM with Kerberos KeyTab")
.tags(
"scope:account",
"auth:kerberos-keytab")
.port(5986)
.kerberos(SecretWinrmKerberosArgs.builder()
.principal("service@EXAMPLE.COM")
.realm("EXAMPLE.COM")
.tgtGenerationMethod("KeyTabFilePath")
.useSsl(true)
.skipCertCheck(true)
.useNoProfile(true)
.tgtKeyTabFilePathSpec(SecretWinrmKerberosTgtKeyTabFilePathSpecArgs.builder()
.keyPath("/etc/krb5.keytab")
.build())
.build())
.build());
// 3. Account-level Kerberos with Password
var accountKerberosPassword1 = new SecretText("accountKerberosPassword1", SecretTextArgs.builder()
.identifier("account_kerb_pass_20251111")
.name("account_kerb_pass_20251111")
.description("Password for account-level Kerberos")
.secretManagerIdentifier("harnessSecretManager")
.valueType("Inline")
.value("account_kerberos_pass")
.build());
var accountKerberosPassword1SecretWinrm = new SecretWinrm("accountKerberosPassword1SecretWinrm", SecretWinrmArgs.builder()
.identifier("account_kerb_winrm_20251111")
.name("Account Kerberos WinRM 20251111")
.description("Account-level WinRM with Kerberos Password")
.tags(
"scope:account",
"auth:kerberos-password")
.port(5986)
.kerberos(SecretWinrmKerberosArgs.builder()
.principal("user@EXAMPLE.COM")
.realm("EXAMPLE.COM")
.tgtGenerationMethod("Password")
.useSsl(true)
.skipCertCheck(false)
.useNoProfile(true)
.tgtPasswordSpec(SecretWinrmKerberosTgtPasswordSpecArgs.builder()
.passwordRef(accountKerberosPassword1.id().applyValue(_id -> String.format("account.%s", _id)))
.build())
.build())
.build());
// ============================================================================
// ORGANIZATION LEVEL TESTS (3 scenarios)
// ============================================================================
// 4. Org-level NTLM
var orgNtlmPassword = new SecretText("orgNtlmPassword", SecretTextArgs.builder()
.identifier("org_ntlm_password_v3")
.name("org_ntlm_password_v3")
.description("Password for org-level NTLM")
.orgId("default")
.secretManagerIdentifier("harnessSecretManager")
.valueType("Inline")
.value("org_ntlm_pass")
.build());
var orgNtlm = new SecretWinrm("orgNtlm", SecretWinrmArgs.builder()
.identifier("org_ntlm_v3")
.name("Org NTLM v3")
.description("Org-level WinRM with NTLM")
.orgId("default")
.tags(
"scope:org",
"auth:ntlm")
.port(5985)
.ntlm(SecretWinrmNtlmArgs.builder()
.domain("org.example.com")
.username("orgadmin")
.passwordRef(orgNtlmPassword.id().applyValue(_id -> String.format("org.%s", _id)))
.useSsl(false)
.skipCertCheck(false)
.useNoProfile(true)
.build())
.build());
// 5. Org-level Kerberos with KeyTab
var orgKerberosKeytab = new SecretWinrm("orgKerberosKeytab", SecretWinrmArgs.builder()
.identifier("org_kerberos_keytab_v3")
.name("Org Kerberos KeyTab v3")
.description("Org-level WinRM with Kerberos KeyTab")
.orgId("default")
.tags(
"scope:org",
"auth:kerberos-keytab")
.port(5986)
.kerberos(SecretWinrmKerberosArgs.builder()
.principal("orgservice@EXAMPLE.COM")
.realm("EXAMPLE.COM")
.tgtGenerationMethod("KeyTabFilePath")
.useSsl(true)
.skipCertCheck(true)
.useNoProfile(true)
.tgtKeyTabFilePathSpec(SecretWinrmKerberosTgtKeyTabFilePathSpecArgs.builder()
.keyPath("/etc/org.keytab")
.build())
.build())
.build());
// 6. Org-level Kerberos with Password
var orgKerberosPassword = new SecretText("orgKerberosPassword", SecretTextArgs.builder()
.identifier("org_kerb_pass_v3")
.name("org_kerb_pass_v3")
.description("Password for org-level Kerberos")
.orgId("default")
.secretManagerIdentifier("harnessSecretManager")
.valueType("Inline")
.value("org_kerberos_pass")
.build());
var orgKerberosPasswordSecretWinrm = new SecretWinrm("orgKerberosPasswordSecretWinrm", SecretWinrmArgs.builder()
.identifier("org_kerb_winrm_v3")
.name("Org Kerberos WinRM v3")
.description("Org-level WinRM with Kerberos Password")
.orgId("default")
.tags(
"scope:org",
"auth:kerberos-password")
.port(5986)
.kerberos(SecretWinrmKerberosArgs.builder()
.principal("orguser@EXAMPLE.COM")
.realm("EXAMPLE.COM")
.tgtGenerationMethod("Password")
.useSsl(true)
.skipCertCheck(false)
.useNoProfile(true)
.tgtPasswordSpec(SecretWinrmKerberosTgtPasswordSpecArgs.builder()
.passwordRef(orgKerberosPassword.id().applyValue(_id -> String.format("org.%s", _id)))
.build())
.build())
.build());
// ============================================================================
// PROJECT LEVEL TESTS (3 scenarios)
// ============================================================================
// 7. Project-level NTLM
var projectNtlmPassword = new SecretText("projectNtlmPassword", SecretTextArgs.builder()
.identifier("proj_ntlm_pass_v3")
.name("proj_ntlm_pass_v3")
.description("Password for project-level NTLM")
.orgId("default")
.projectId("winrm_support_terraform")
.secretManagerIdentifier("harnessSecretManager")
.valueType("Inline")
.value("project_ntlm_pass")
.build());
var projectNtlm = new SecretWinrm("projectNtlm", SecretWinrmArgs.builder()
.identifier("proj_ntlm_winrm_v3")
.name("Project NTLM WinRM v3")
.description("Project-level WinRM with NTLM")
.orgId("default")
.projectId("winrm_support_terraform")
.tags(
"scope:project",
"auth:ntlm")
.port(5986)
.ntlm(SecretWinrmNtlmArgs.builder()
.domain("project.example.com")
.username("projectadmin")
.passwordRef(projectNtlmPassword.id())
.useSsl(true)
.skipCertCheck(false)
.useNoProfile(false)
.build())
.build());
// 8. Project-level Kerberos with KeyTab
var projectKerberosKeytab = new SecretWinrm("projectKerberosKeytab", SecretWinrmArgs.builder()
.identifier("proj_kerb_keytab_v3")
.name("Project Kerberos KeyTab v3")
.description("Project-level WinRM with Kerberos KeyTab")
.orgId("default")
.projectId("winrm_support_terraform")
.tags(
"scope:project",
"auth:kerberos-keytab")
.port(5986)
.kerberos(SecretWinrmKerberosArgs.builder()
.principal("projectservice@EXAMPLE.COM")
.realm("EXAMPLE.COM")
.tgtGenerationMethod("KeyTabFilePath")
.useSsl(false)
.skipCertCheck(false)
.useNoProfile(false)
.tgtKeyTabFilePathSpec(SecretWinrmKerberosTgtKeyTabFilePathSpecArgs.builder()
.keyPath("/etc/project.keytab")
.build())
.build())
.build());
// 9. Project-level Kerberos with Password
var projectKerberosPassword = new SecretText("projectKerberosPassword", SecretTextArgs.builder()
.identifier("proj_kerb_pass_v3")
.name("proj_kerb_pass_v3")
.description("Password for project-level Kerberos")
.orgId("default")
.projectId("winrm_support_terraform")
.secretManagerIdentifier("harnessSecretManager")
.valueType("Inline")
.value("project_kerberos_pass")
.build());
var projectKerberosPasswordSecretWinrm = new SecretWinrm("projectKerberosPasswordSecretWinrm", SecretWinrmArgs.builder()
.identifier("proj_kerb_winrm_v3")
.name("Project Kerberos WinRM v3")
.description("Project-level WinRM with Kerberos Password")
.orgId("default")
.projectId("winrm_support_terraform")
.tags(
"scope:project",
"auth:kerberos-password")
.port(5986)
.kerberos(SecretWinrmKerberosArgs.builder()
.principal("projectuser@EXAMPLE.COM")
.realm("EXAMPLE.COM")
.tgtGenerationMethod("Password")
.useSsl(false)
.skipCertCheck(true)
.useNoProfile(true)
.tgtPasswordSpec(SecretWinrmKerberosTgtPasswordSpecArgs.builder()
.passwordRef(projectKerberosPassword.id())
.build())
.build())
.build());
}
}
resources:
# ============================================================================
# ACCOUNT LEVEL TESTS (3 scenarios)
# ============================================================================
# 1. Account-level NTLM
accountNtlmPassword:
type: harness:platform:SecretText
name: account_ntlm_password
properties:
identifier: account_ntlm_password_v3
name: account_ntlm_password_v3
description: Password for account-level NTLM
secretManagerIdentifier: harnessSecretManager
valueType: Inline
value: account_ntlm_pass
accountNtlm:
type: harness:platform:SecretWinrm
name: account_ntlm
properties:
identifier: account_ntlm_v3
name: Account NTLM v3
description: Account-level WinRM with NTLM
tags:
- scope:account
- auth:ntlm
port: 5986
ntlm:
domain: example.com
username: admin
passwordRef: account.${accountNtlmPassword.id}
useSsl: true
skipCertCheck: false
useNoProfile: true
# 2. Account-level Kerberos with KeyTab
accountKerberosKeytab:
type: harness:platform:SecretWinrm
name: account_kerberos_keytab
properties:
identifier: account_kerberos_keytab_v3
name: Account Kerberos KeyTab v3
description: Account-level WinRM with Kerberos KeyTab
tags:
- scope:account
- auth:kerberos-keytab
port: 5986
kerberos:
principal: service@EXAMPLE.COM
realm: EXAMPLE.COM
tgtGenerationMethod: KeyTabFilePath
useSsl: true
skipCertCheck: true
useNoProfile: true
tgtKeyTabFilePathSpec:
keyPath: /etc/krb5.keytab
# 3. Account-level Kerberos with Password
accountKerberosPassword1:
type: harness:platform:SecretText
name: account_kerberos_password_1
properties:
identifier: account_kerb_pass_20251111
name: account_kerb_pass_20251111
description: Password for account-level Kerberos
secretManagerIdentifier: harnessSecretManager
valueType: Inline
value: account_kerberos_pass
accountKerberosPassword1SecretWinrm: # ============================================================================
# ORGANIZATION LEVEL TESTS (3 scenarios)
# ============================================================================
type: harness:platform:SecretWinrm
name: account_kerberos_password_1
properties:
identifier: account_kerb_winrm_20251111
name: Account Kerberos WinRM 20251111
description: Account-level WinRM with Kerberos Password
tags:
- scope:account
- auth:kerberos-password
port: 5986
kerberos:
principal: user@EXAMPLE.COM
realm: EXAMPLE.COM
tgtGenerationMethod: Password
useSsl: true
skipCertCheck: false
useNoProfile: true
tgtPasswordSpec:
passwordRef: account.${accountKerberosPassword1.id}
# 4. Org-level NTLM
orgNtlmPassword:
type: harness:platform:SecretText
name: org_ntlm_password
properties:
identifier: org_ntlm_password_v3
name: org_ntlm_password_v3
description: Password for org-level NTLM
orgId: default
secretManagerIdentifier: harnessSecretManager
valueType: Inline
value: org_ntlm_pass
orgNtlm:
type: harness:platform:SecretWinrm
name: org_ntlm
properties:
identifier: org_ntlm_v3
name: Org NTLM v3
description: Org-level WinRM with NTLM
orgId: default
tags:
- scope:org
- auth:ntlm
port: 5985
ntlm:
domain: org.example.com
username: orgadmin
passwordRef: org.${orgNtlmPassword.id}
useSsl: false
skipCertCheck: false
useNoProfile: true
# 5. Org-level Kerberos with KeyTab
orgKerberosKeytab:
type: harness:platform:SecretWinrm
name: org_kerberos_keytab
properties:
identifier: org_kerberos_keytab_v3
name: Org Kerberos KeyTab v3
description: Org-level WinRM with Kerberos KeyTab
orgId: default
tags:
- scope:org
- auth:kerberos-keytab
port: 5986
kerberos:
principal: orgservice@EXAMPLE.COM
realm: EXAMPLE.COM
tgtGenerationMethod: KeyTabFilePath
useSsl: true
skipCertCheck: true
useNoProfile: true
tgtKeyTabFilePathSpec:
keyPath: /etc/org.keytab
# 6. Org-level Kerberos with Password
orgKerberosPassword:
type: harness:platform:SecretText
name: org_kerberos_password
properties:
identifier: org_kerb_pass_v3
name: org_kerb_pass_v3
description: Password for org-level Kerberos
orgId: default
secretManagerIdentifier: harnessSecretManager
valueType: Inline
value: org_kerberos_pass
orgKerberosPasswordSecretWinrm: # ============================================================================
# PROJECT LEVEL TESTS (3 scenarios)
# ============================================================================
type: harness:platform:SecretWinrm
name: org_kerberos_password
properties:
identifier: org_kerb_winrm_v3
name: Org Kerberos WinRM v3
description: Org-level WinRM with Kerberos Password
orgId: default
tags:
- scope:org
- auth:kerberos-password
port: 5986
kerberos:
principal: orguser@EXAMPLE.COM
realm: EXAMPLE.COM
tgtGenerationMethod: Password
useSsl: true
skipCertCheck: false
useNoProfile: true
tgtPasswordSpec:
passwordRef: org.${orgKerberosPassword.id}
# 7. Project-level NTLM
projectNtlmPassword:
type: harness:platform:SecretText
name: project_ntlm_password
properties:
identifier: proj_ntlm_pass_v3
name: proj_ntlm_pass_v3
description: Password for project-level NTLM
orgId: default
projectId: winrm_support_terraform
secretManagerIdentifier: harnessSecretManager
valueType: Inline
value: project_ntlm_pass
projectNtlm:
type: harness:platform:SecretWinrm
name: project_ntlm
properties:
identifier: proj_ntlm_winrm_v3
name: Project NTLM WinRM v3
description: Project-level WinRM with NTLM
orgId: default
projectId: winrm_support_terraform
tags:
- scope:project
- auth:ntlm
port: 5986
ntlm:
domain: project.example.com
username: projectadmin
passwordRef: ${projectNtlmPassword.id}
useSsl: true
skipCertCheck: false
useNoProfile: false
# 8. Project-level Kerberos with KeyTab
projectKerberosKeytab:
type: harness:platform:SecretWinrm
name: project_kerberos_keytab
properties:
identifier: proj_kerb_keytab_v3
name: Project Kerberos KeyTab v3
description: Project-level WinRM with Kerberos KeyTab
orgId: default
projectId: winrm_support_terraform
tags:
- scope:project
- auth:kerberos-keytab
port: 5986
kerberos:
principal: projectservice@EXAMPLE.COM
realm: EXAMPLE.COM
tgtGenerationMethod: KeyTabFilePath
useSsl: false
skipCertCheck: false
useNoProfile: false
tgtKeyTabFilePathSpec:
keyPath: /etc/project.keytab
# 9. Project-level Kerberos with Password
projectKerberosPassword:
type: harness:platform:SecretText
name: project_kerberos_password
properties:
identifier: proj_kerb_pass_v3
name: proj_kerb_pass_v3
description: Password for project-level Kerberos
orgId: default
projectId: winrm_support_terraform
secretManagerIdentifier: harnessSecretManager
valueType: Inline
value: project_kerberos_pass
projectKerberosPasswordSecretWinrm:
type: harness:platform:SecretWinrm
name: project_kerberos_password
properties:
identifier: proj_kerb_winrm_v3
name: Project Kerberos WinRM v3
description: Project-level WinRM with Kerberos Password
orgId: default
projectId: winrm_support_terraform
tags:
- scope:project
- auth:kerberos-password
port: 5986
kerberos:
principal: projectuser@EXAMPLE.COM
realm: EXAMPLE.COM
tgtGenerationMethod: Password
useSsl: false
skipCertCheck: true
useNoProfile: true
tgtPasswordSpec:
passwordRef: ${projectKerberosPassword.id}
Create SecretWinrm Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecretWinrm(name: string, args: SecretWinrmArgs, opts?: CustomResourceOptions);@overload
def SecretWinrm(resource_name: str,
args: SecretWinrmArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecretWinrm(resource_name: str,
opts: Optional[ResourceOptions] = None,
identifier: Optional[str] = None,
description: Optional[str] = None,
kerberos: Optional[SecretWinrmKerberosArgs] = None,
name: Optional[str] = None,
ntlm: Optional[SecretWinrmNtlmArgs] = None,
org_id: Optional[str] = None,
port: Optional[int] = None,
project_id: Optional[str] = None,
tags: Optional[Sequence[str]] = None)func NewSecretWinrm(ctx *Context, name string, args SecretWinrmArgs, opts ...ResourceOption) (*SecretWinrm, error)public SecretWinrm(string name, SecretWinrmArgs args, CustomResourceOptions? opts = null)
public SecretWinrm(String name, SecretWinrmArgs args)
public SecretWinrm(String name, SecretWinrmArgs args, CustomResourceOptions options)
type: harness:platform:SecretWinrm
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecretWinrmArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecretWinrmArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecretWinrmArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecretWinrmArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecretWinrmArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var secretWinrmResource = new Harness.Platform.SecretWinrm("secretWinrmResource", new()
{
Identifier = "string",
Description = "string",
Kerberos = new Harness.Platform.Inputs.SecretWinrmKerberosArgs
{
Principal = "string",
Realm = "string",
SkipCertCheck = false,
TgtGenerationMethod = "string",
TgtKeyTabFilePathSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs
{
KeyPath = "string",
},
TgtPasswordSpec = new Harness.Platform.Inputs.SecretWinrmKerberosTgtPasswordSpecArgs
{
PasswordRef = "string",
},
UseNoProfile = false,
UseSsl = false,
},
Name = "string",
Ntlm = new Harness.Platform.Inputs.SecretWinrmNtlmArgs
{
PasswordRef = "string",
Username = "string",
Domain = "string",
SkipCertCheck = false,
UseNoProfile = false,
UseSsl = false,
},
OrgId = "string",
Port = 0,
ProjectId = "string",
Tags = new[]
{
"string",
},
});
example, err := platform.NewSecretWinrm(ctx, "secretWinrmResource", &platform.SecretWinrmArgs{
Identifier: pulumi.String("string"),
Description: pulumi.String("string"),
Kerberos: &platform.SecretWinrmKerberosArgs{
Principal: pulumi.String("string"),
Realm: pulumi.String("string"),
SkipCertCheck: pulumi.Bool(false),
TgtGenerationMethod: pulumi.String("string"),
TgtKeyTabFilePathSpec: &platform.SecretWinrmKerberosTgtKeyTabFilePathSpecArgs{
KeyPath: pulumi.String("string"),
},
TgtPasswordSpec: &platform.SecretWinrmKerberosTgtPasswordSpecArgs{
PasswordRef: pulumi.String("string"),
},
UseNoProfile: pulumi.Bool(false),
UseSsl: pulumi.Bool(false),
},
Name: pulumi.String("string"),
Ntlm: &platform.SecretWinrmNtlmArgs{
PasswordRef: pulumi.String("string"),
Username: pulumi.String("string"),
Domain: pulumi.String("string"),
SkipCertCheck: pulumi.Bool(false),
UseNoProfile: pulumi.Bool(false),
UseSsl: pulumi.Bool(false),
},
OrgId: pulumi.String("string"),
Port: pulumi.Int(0),
ProjectId: pulumi.String("string"),
Tags: pulumi.StringArray{
pulumi.String("string"),
},
})
var secretWinrmResource = new SecretWinrm("secretWinrmResource", SecretWinrmArgs.builder()
.identifier("string")
.description("string")
.kerberos(SecretWinrmKerberosArgs.builder()
.principal("string")
.realm("string")
.skipCertCheck(false)
.tgtGenerationMethod("string")
.tgtKeyTabFilePathSpec(SecretWinrmKerberosTgtKeyTabFilePathSpecArgs.builder()
.keyPath("string")
.build())
.tgtPasswordSpec(SecretWinrmKerberosTgtPasswordSpecArgs.builder()
.passwordRef("string")
.build())
.useNoProfile(false)
.useSsl(false)
.build())
.name("string")
.ntlm(SecretWinrmNtlmArgs.builder()
.passwordRef("string")
.username("string")
.domain("string")
.skipCertCheck(false)
.useNoProfile(false)
.useSsl(false)
.build())
.orgId("string")
.port(0)
.projectId("string")
.tags("string")
.build());
secret_winrm_resource = harness.platform.SecretWinrm("secretWinrmResource",
identifier="string",
description="string",
kerberos={
"principal": "string",
"realm": "string",
"skip_cert_check": False,
"tgt_generation_method": "string",
"tgt_key_tab_file_path_spec": {
"key_path": "string",
},
"tgt_password_spec": {
"password_ref": "string",
},
"use_no_profile": False,
"use_ssl": False,
},
name="string",
ntlm={
"password_ref": "string",
"username": "string",
"domain": "string",
"skip_cert_check": False,
"use_no_profile": False,
"use_ssl": False,
},
org_id="string",
port=0,
project_id="string",
tags=["string"])
const secretWinrmResource = new harness.platform.SecretWinrm("secretWinrmResource", {
identifier: "string",
description: "string",
kerberos: {
principal: "string",
realm: "string",
skipCertCheck: false,
tgtGenerationMethod: "string",
tgtKeyTabFilePathSpec: {
keyPath: "string",
},
tgtPasswordSpec: {
passwordRef: "string",
},
useNoProfile: false,
useSsl: false,
},
name: "string",
ntlm: {
passwordRef: "string",
username: "string",
domain: "string",
skipCertCheck: false,
useNoProfile: false,
useSsl: false,
},
orgId: "string",
port: 0,
projectId: "string",
tags: ["string"],
});
type: harness:platform:SecretWinrm
properties:
description: string
identifier: string
kerberos:
principal: string
realm: string
skipCertCheck: false
tgtGenerationMethod: string
tgtKeyTabFilePathSpec:
keyPath: string
tgtPasswordSpec:
passwordRef: string
useNoProfile: false
useSsl: false
name: string
ntlm:
domain: string
passwordRef: string
skipCertCheck: false
useNoProfile: false
useSsl: false
username: string
orgId: string
port: 0
projectId: string
tags:
- string
SecretWinrm Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecretWinrm resource accepts the following input properties:
- Identifier string
- Unique identifier of the resource.
- Description string
- Description of the resource.
- Kerberos
Secret
Winrm Kerberos - Kerberos authentication scheme
- Name string
- Name of the resource.
- Ntlm
Secret
Winrm Ntlm - NTLM authentication scheme
- Org
Id string - Unique identifier of the organization.
- Port int
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- Project
Id string - Unique identifier of the project.
- List<string>
- Tags to associate with the resource.
- Identifier string
- Unique identifier of the resource.
- Description string
- Description of the resource.
- Kerberos
Secret
Winrm Kerberos Args - Kerberos authentication scheme
- Name string
- Name of the resource.
- Ntlm
Secret
Winrm Ntlm Args - NTLM authentication scheme
- Org
Id string - Unique identifier of the organization.
- Port int
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- Project
Id string - Unique identifier of the project.
- []string
- Tags to associate with the resource.
- identifier String
- Unique identifier of the resource.
- description String
- Description of the resource.
- kerberos
Secret
Winrm Kerberos - Kerberos authentication scheme
- name String
- Name of the resource.
- ntlm
Secret
Winrm Ntlm - NTLM authentication scheme
- org
Id String - Unique identifier of the organization.
- port Integer
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project
Id String - Unique identifier of the project.
- List<String>
- Tags to associate with the resource.
- identifier string
- Unique identifier of the resource.
- description string
- Description of the resource.
- kerberos
Secret
Winrm Kerberos - Kerberos authentication scheme
- name string
- Name of the resource.
- ntlm
Secret
Winrm Ntlm - NTLM authentication scheme
- org
Id string - Unique identifier of the organization.
- port number
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project
Id string - Unique identifier of the project.
- string[]
- Tags to associate with the resource.
- identifier str
- Unique identifier of the resource.
- description str
- Description of the resource.
- kerberos
Secret
Winrm Kerberos Args - Kerberos authentication scheme
- name str
- Name of the resource.
- ntlm
Secret
Winrm Ntlm Args - NTLM authentication scheme
- org_
id str - Unique identifier of the organization.
- port int
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project_
id str - Unique identifier of the project.
- Sequence[str]
- Tags to associate with the resource.
- identifier String
- Unique identifier of the resource.
- description String
- Description of the resource.
- kerberos Property Map
- Kerberos authentication scheme
- name String
- Name of the resource.
- ntlm Property Map
- NTLM authentication scheme
- org
Id String - Unique identifier of the organization.
- port Number
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project
Id String - Unique identifier of the project.
- List<String>
- Tags to associate with the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecretWinrm resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing SecretWinrm Resource
Get an existing SecretWinrm resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecretWinrmState, opts?: CustomResourceOptions): SecretWinrm@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
identifier: Optional[str] = None,
kerberos: Optional[SecretWinrmKerberosArgs] = None,
name: Optional[str] = None,
ntlm: Optional[SecretWinrmNtlmArgs] = None,
org_id: Optional[str] = None,
port: Optional[int] = None,
project_id: Optional[str] = None,
tags: Optional[Sequence[str]] = None) -> SecretWinrmfunc GetSecretWinrm(ctx *Context, name string, id IDInput, state *SecretWinrmState, opts ...ResourceOption) (*SecretWinrm, error)public static SecretWinrm Get(string name, Input<string> id, SecretWinrmState? state, CustomResourceOptions? opts = null)public static SecretWinrm get(String name, Output<String> id, SecretWinrmState state, CustomResourceOptions options)resources: _: type: harness:platform:SecretWinrm get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- Description of the resource.
- Identifier string
- Unique identifier of the resource.
- Kerberos
Secret
Winrm Kerberos - Kerberos authentication scheme
- Name string
- Name of the resource.
- Ntlm
Secret
Winrm Ntlm - NTLM authentication scheme
- Org
Id string - Unique identifier of the organization.
- Port int
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- Project
Id string - Unique identifier of the project.
- List<string>
- Tags to associate with the resource.
- Description string
- Description of the resource.
- Identifier string
- Unique identifier of the resource.
- Kerberos
Secret
Winrm Kerberos Args - Kerberos authentication scheme
- Name string
- Name of the resource.
- Ntlm
Secret
Winrm Ntlm Args - NTLM authentication scheme
- Org
Id string - Unique identifier of the organization.
- Port int
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- Project
Id string - Unique identifier of the project.
- []string
- Tags to associate with the resource.
- description String
- Description of the resource.
- identifier String
- Unique identifier of the resource.
- kerberos
Secret
Winrm Kerberos - Kerberos authentication scheme
- name String
- Name of the resource.
- ntlm
Secret
Winrm Ntlm - NTLM authentication scheme
- org
Id String - Unique identifier of the organization.
- port Integer
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project
Id String - Unique identifier of the project.
- List<String>
- Tags to associate with the resource.
- description string
- Description of the resource.
- identifier string
- Unique identifier of the resource.
- kerberos
Secret
Winrm Kerberos - Kerberos authentication scheme
- name string
- Name of the resource.
- ntlm
Secret
Winrm Ntlm - NTLM authentication scheme
- org
Id string - Unique identifier of the organization.
- port number
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project
Id string - Unique identifier of the project.
- string[]
- Tags to associate with the resource.
- description str
- Description of the resource.
- identifier str
- Unique identifier of the resource.
- kerberos
Secret
Winrm Kerberos Args - Kerberos authentication scheme
- name str
- Name of the resource.
- ntlm
Secret
Winrm Ntlm Args - NTLM authentication scheme
- org_
id str - Unique identifier of the organization.
- port int
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project_
id str - Unique identifier of the project.
- Sequence[str]
- Tags to associate with the resource.
- description String
- Description of the resource.
- identifier String
- Unique identifier of the resource.
- kerberos Property Map
- Kerberos authentication scheme
- name String
- Name of the resource.
- ntlm Property Map
- NTLM authentication scheme
- org
Id String - Unique identifier of the organization.
- port Number
- WinRM port. Default is 5986 for HTTPS, 5985 for HTTP.
- project
Id String - Unique identifier of the project.
- List<String>
- Tags to associate with the resource.
Supporting Types
SecretWinrmKerberos, SecretWinrmKerberosArgs
- Principal string
- Kerberos principal.
- Realm string
- Kerberos realm.
- Skip
Cert boolCheck - Skip certificate verification.
- Tgt
Generation stringMethod - Method to generate TGT (Ticket Granting Ticket).
- Tgt
Key SecretTab File Path Spec Winrm Kerberos Tgt Key Tab File Path Spec - TGT generation using key tab file.
- Tgt
Password SecretSpec Winrm Kerberos Tgt Password Spec - TGT generation using password.
- Use
No boolProfile - Use no profile.
- Use
Ssl bool - Use SSL/TLS for WinRM communication.
- Principal string
- Kerberos principal.
- Realm string
- Kerberos realm.
- Skip
Cert boolCheck - Skip certificate verification.
- Tgt
Generation stringMethod - Method to generate TGT (Ticket Granting Ticket).
- Tgt
Key SecretTab File Path Spec Winrm Kerberos Tgt Key Tab File Path Spec - TGT generation using key tab file.
- Tgt
Password SecretSpec Winrm Kerberos Tgt Password Spec - TGT generation using password.
- Use
No boolProfile - Use no profile.
- Use
Ssl bool - Use SSL/TLS for WinRM communication.
- principal String
- Kerberos principal.
- realm String
- Kerberos realm.
- skip
Cert BooleanCheck - Skip certificate verification.
- tgt
Generation StringMethod - Method to generate TGT (Ticket Granting Ticket).
- tgt
Key SecretTab File Path Spec Winrm Kerberos Tgt Key Tab File Path Spec - TGT generation using key tab file.
- tgt
Password SecretSpec Winrm Kerberos Tgt Password Spec - TGT generation using password.
- use
No BooleanProfile - Use no profile.
- use
Ssl Boolean - Use SSL/TLS for WinRM communication.
- principal string
- Kerberos principal.
- realm string
- Kerberos realm.
- skip
Cert booleanCheck - Skip certificate verification.
- tgt
Generation stringMethod - Method to generate TGT (Ticket Granting Ticket).
- tgt
Key SecretTab File Path Spec Winrm Kerberos Tgt Key Tab File Path Spec - TGT generation using key tab file.
- tgt
Password SecretSpec Winrm Kerberos Tgt Password Spec - TGT generation using password.
- use
No booleanProfile - Use no profile.
- use
Ssl boolean - Use SSL/TLS for WinRM communication.
- principal str
- Kerberos principal.
- realm str
- Kerberos realm.
- skip_
cert_ boolcheck - Skip certificate verification.
- tgt_
generation_ strmethod - Method to generate TGT (Ticket Granting Ticket).
- tgt_
key_ Secrettab_ file_ path_ spec Winrm Kerberos Tgt Key Tab File Path Spec - TGT generation using key tab file.
- tgt_
password_ Secretspec Winrm Kerberos Tgt Password Spec - TGT generation using password.
- use_
no_ boolprofile - Use no profile.
- use_
ssl bool - Use SSL/TLS for WinRM communication.
- principal String
- Kerberos principal.
- realm String
- Kerberos realm.
- skip
Cert BooleanCheck - Skip certificate verification.
- tgt
Generation StringMethod - Method to generate TGT (Ticket Granting Ticket).
- tgt
Key Property MapTab File Path Spec - TGT generation using key tab file.
- tgt
Password Property MapSpec - TGT generation using password.
- use
No BooleanProfile - Use no profile.
- use
Ssl Boolean - Use SSL/TLS for WinRM communication.
SecretWinrmKerberosTgtKeyTabFilePathSpec, SecretWinrmKerberosTgtKeyTabFilePathSpecArgs
- Key
Path string - Path to the key tab file.
- Key
Path string - Path to the key tab file.
- key
Path String - Path to the key tab file.
- key
Path string - Path to the key tab file.
- key_
path str - Path to the key tab file.
- key
Path String - Path to the key tab file.
SecretWinrmKerberosTgtPasswordSpec, SecretWinrmKerberosTgtPasswordSpecArgs
- Password
Ref string - Reference to a secret containing the password. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- Password
Ref string - Reference to a secret containing the password. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- password
Ref String - Reference to a secret containing the password. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- password
Ref string - Reference to a secret containing the password. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- password_
ref str - Reference to a secret containing the password. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- password
Ref String - Reference to a secret containing the password. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
SecretWinrmNtlm, SecretWinrmNtlmArgs
- Password
Ref string - Reference to a secret containing the password to use for authentication. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- Username string
- Username to use for authentication.
- Domain string
- Domain name for NTLM authentication.
- Skip
Cert boolCheck - Skip certificate verification.
- Use
No boolProfile - Use no profile.
- Use
Ssl bool - Use SSL/TLS for WinRM communication.
- Password
Ref string - Reference to a secret containing the password to use for authentication. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- Username string
- Username to use for authentication.
- Domain string
- Domain name for NTLM authentication.
- Skip
Cert boolCheck - Skip certificate verification.
- Use
No boolProfile - Use no profile.
- Use
Ssl bool - Use SSL/TLS for WinRM communication.
- password
Ref String - Reference to a secret containing the password to use for authentication. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- username String
- Username to use for authentication.
- domain String
- Domain name for NTLM authentication.
- skip
Cert BooleanCheck - Skip certificate verification.
- use
No BooleanProfile - Use no profile.
- use
Ssl Boolean - Use SSL/TLS for WinRM communication.
- password
Ref string - Reference to a secret containing the password to use for authentication. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- username string
- Username to use for authentication.
- domain string
- Domain name for NTLM authentication.
- skip
Cert booleanCheck - Skip certificate verification.
- use
No booleanProfile - Use no profile.
- use
Ssl boolean - Use SSL/TLS for WinRM communication.
- password_
ref str - Reference to a secret containing the password to use for authentication. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- username str
- Username to use for authentication.
- domain str
- Domain name for NTLM authentication.
- skip_
cert_ boolcheck - Skip certificate verification.
- use_
no_ boolprofile - Use no profile.
- use_
ssl bool - Use SSL/TLS for WinRM communication.
- password
Ref String - Reference to a secret containing the password to use for authentication. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account' to the expression: account.{identifier}.
- username String
- Username to use for authentication.
- domain String
- Domain name for NTLM authentication.
- skip
Cert BooleanCheck - Skip certificate verification.
- use
No BooleanProfile - Use no profile.
- use
Ssl Boolean - Use SSL/TLS for WinRM communication.
Import
The pulumi import command can be used, for example:
Import account level WinRM credential
$ pulumi import harness:platform/secretWinrm:SecretWinrm example <winrm_credential_id>
Import organization level WinRM credential
$ pulumi import harness:platform/secretWinrm:SecretWinrm example <org_id>/<winrm_credential_id>
Import project level WinRM credential
$ pulumi import harness:platform/secretWinrm:SecretWinrm example <org_id>/<project_id>/<winrm_credential_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- harness pulumi/pulumi-harness
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
harnessTerraform Provider.
