OpenStack

v3.9.0 published on Thursday, Aug 4, 2022 by Pulumi

ApplicationCredential

Import

Application Credentials can be imported using the id, e.g.

 $ pulumi import openstack:identity/applicationCredential:ApplicationCredential application_credential_1 c17304b7-0953-4738-abb0-67005882b0a0

Example Usage

Predefined secret

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
    public MyStack()
    {
        var swift = new OpenStack.Identity.ApplicationCredential("swift", new OpenStack.Identity.ApplicationCredentialArgs
        {
            Description = "Swift technical application credential",
            ExpiresAt = "2019-02-13T12:12:12Z",
            Roles = 
            {
                "swiftoperator",
            },
            Secret = "supersecret",
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v3/go/openstack/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewApplicationCredential(ctx, "swift", &identity.ApplicationCredentialArgs{
			Description: pulumi.String("Swift technical application credential"),
			ExpiresAt:   pulumi.String("2019-02-13T12:12:12Z"),
			Roles: pulumi.StringArray{
				pulumi.String("swiftoperator"),
			},
			Secret: pulumi.String("supersecret"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.identity.ApplicationCredential;
import com.pulumi.openstack.identity.ApplicationCredentialArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var swift = new ApplicationCredential("swift", ApplicationCredentialArgs.builder()        
            .description("Swift technical application credential")
            .expiresAt("2019-02-13T12:12:12Z")
            .roles("swiftoperator")
            .secret("supersecret")
            .build());

    }
}
import pulumi
import pulumi_openstack as openstack

swift = openstack.identity.ApplicationCredential("swift",
    description="Swift technical application credential",
    expires_at="2019-02-13T12:12:12Z",
    roles=["swiftoperator"],
    secret="supersecret")
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const swift = new openstack.identity.ApplicationCredential("swift", {
    description: "Swift technical application credential",
    expiresAt: "2019-02-13T12:12:12Z",
    roles: ["swiftoperator"],
    secret: "supersecret",
});
resources:
  swift:
    type: openstack:identity:ApplicationCredential
    properties:
      description: Swift technical application credential
      expiresAt: 2019-02-13T12:12:12Z
      roles:
        - swiftoperator
      secret: supersecret

Unrestricted with autogenerated secret and unlimited TTL

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
    public MyStack()
    {
        var unrestricted = new OpenStack.Identity.ApplicationCredential("unrestricted", new OpenStack.Identity.ApplicationCredentialArgs
        {
            Description = "Unrestricted application credential",
            Unrestricted = true,
        });
        this.ApplicationCredentialSecret = unrestricted.Secret;
    }

    [Output("applicationCredentialSecret")]
    public Output<string> ApplicationCredentialSecret { get; set; }
}
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v3/go/openstack/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		unrestricted, err := identity.NewApplicationCredential(ctx, "unrestricted", &identity.ApplicationCredentialArgs{
			Description:  pulumi.String("Unrestricted application credential"),
			Unrestricted: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ctx.Export("applicationCredentialSecret", unrestricted.Secret)
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.identity.ApplicationCredential;
import com.pulumi.openstack.identity.ApplicationCredentialArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var unrestricted = new ApplicationCredential("unrestricted", ApplicationCredentialArgs.builder()        
            .description("Unrestricted application credential")
            .unrestricted(true)
            .build());

        ctx.export("applicationCredentialSecret", unrestricted.secret());
    }
}
import pulumi
import pulumi_openstack as openstack

unrestricted = openstack.identity.ApplicationCredential("unrestricted",
    description="Unrestricted application credential",
    unrestricted=True)
pulumi.export("applicationCredentialSecret", unrestricted.secret)
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const unrestricted = new openstack.identity.ApplicationCredential("unrestricted", {
    description: "Unrestricted application credential",
    unrestricted: true,
});

export const applicationCredentialSecret = unrestricted.secret;
resources:
  unrestricted:
    type: openstack:identity:ApplicationCredential
    properties:
      description: Unrestricted application credential
      unrestricted: true
outputs:
  applicationCredentialSecret: ${unrestricted.secret}

Application credential with access rules

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
    public MyStack()
    {
        var monitoring = new OpenStack.Identity.ApplicationCredential("monitoring", new OpenStack.Identity.ApplicationCredentialArgs
        {
            AccessRules = 
            {
                new OpenStack.Identity.Inputs.ApplicationCredentialAccessRuleArgs
                {
                    Method = "GET",
                    Path = "/v2.0/metrics",
                    Service = "monitoring",
                },
                new OpenStack.Identity.Inputs.ApplicationCredentialAccessRuleArgs
                {
                    Method = "PUT",
                    Path = "/v2.0/metrics",
                    Service = "monitoring",
                },
            },
            ExpiresAt = "2019-02-13T12:12:12Z",
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v3/go/openstack/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.NewApplicationCredential(ctx, "monitoring", &identity.ApplicationCredentialArgs{
			AccessRules: identity.ApplicationCredentialAccessRuleArray{
				&identity.ApplicationCredentialAccessRuleArgs{
					Method:  pulumi.String("GET"),
					Path:    pulumi.String("/v2.0/metrics"),
					Service: pulumi.String("monitoring"),
				},
				&identity.ApplicationCredentialAccessRuleArgs{
					Method:  pulumi.String("PUT"),
					Path:    pulumi.String("/v2.0/metrics"),
					Service: pulumi.String("monitoring"),
				},
			},
			ExpiresAt: pulumi.String("2019-02-13T12:12:12Z"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.identity.ApplicationCredential;
import com.pulumi.openstack.identity.ApplicationCredentialArgs;
import com.pulumi.openstack.identity.inputs.ApplicationCredentialAccessRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var monitoring = new ApplicationCredential("monitoring", ApplicationCredentialArgs.builder()        
            .accessRules(            
                ApplicationCredentialAccessRuleArgs.builder()
                    .method("GET")
                    .path("/v2.0/metrics")
                    .service("monitoring")
                    .build(),
                ApplicationCredentialAccessRuleArgs.builder()
                    .method("PUT")
                    .path("/v2.0/metrics")
                    .service("monitoring")
                    .build())
            .expiresAt("2019-02-13T12:12:12Z")
            .build());

    }
}
import pulumi
import pulumi_openstack as openstack

monitoring = openstack.identity.ApplicationCredential("monitoring",
    access_rules=[
        openstack.identity.ApplicationCredentialAccessRuleArgs(
            method="GET",
            path="/v2.0/metrics",
            service="monitoring",
        ),
        openstack.identity.ApplicationCredentialAccessRuleArgs(
            method="PUT",
            path="/v2.0/metrics",
            service="monitoring",
        ),
    ],
    expires_at="2019-02-13T12:12:12Z")
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const monitoring = new openstack.identity.ApplicationCredential("monitoring", {
    accessRules: [
        {
            method: "GET",
            path: "/v2.0/metrics",
            service: "monitoring",
        },
        {
            method: "PUT",
            path: "/v2.0/metrics",
            service: "monitoring",
        },
    ],
    expiresAt: "2019-02-13T12:12:12Z",
});
resources:
  monitoring:
    type: openstack:identity:ApplicationCredential
    properties:
      accessRules:
        - method: GET
          path: /v2.0/metrics
          service: monitoring
        - method: PUT
          path: /v2.0/metrics
          service: monitoring
      expiresAt: 2019-02-13T12:12:12Z

Create a ApplicationCredential Resource

new ApplicationCredential(name: string, args?: ApplicationCredentialArgs, opts?: CustomResourceOptions);
@overload
def ApplicationCredential(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          access_rules: Optional[Sequence[ApplicationCredentialAccessRuleArgs]] = None,
                          description: Optional[str] = None,
                          expires_at: Optional[str] = None,
                          name: Optional[str] = None,
                          region: Optional[str] = None,
                          roles: Optional[Sequence[str]] = None,
                          secret: Optional[str] = None,
                          unrestricted: Optional[bool] = None)
@overload
def ApplicationCredential(resource_name: str,
                          args: Optional[ApplicationCredentialArgs] = None,
                          opts: Optional[ResourceOptions] = None)
func NewApplicationCredential(ctx *Context, name string, args *ApplicationCredentialArgs, opts ...ResourceOption) (*ApplicationCredential, error)
public ApplicationCredential(string name, ApplicationCredentialArgs? args = null, CustomResourceOptions? opts = null)
public ApplicationCredential(String name, ApplicationCredentialArgs args)
public ApplicationCredential(String name, ApplicationCredentialArgs args, CustomResourceOptions options)
type: openstack:identity:ApplicationCredential
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ApplicationCredentialArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ApplicationCredentialArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ApplicationCredentialArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ApplicationCredentialArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ApplicationCredentialArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ApplicationCredential Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ApplicationCredential resource accepts the following input properties:

AccessRules List<Pulumi.OpenStack.Identity.Inputs.ApplicationCredentialAccessRuleArgs>

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

Description string

A description of the application credential. Changing this creates a new application credential.

ExpiresAt string

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

Name string

A name of the application credential. Changing this creates a new application credential.

Region string

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

Roles List<string>

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

Secret string

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

Unrestricted bool

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

AccessRules []ApplicationCredentialAccessRuleArgs

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

Description string

A description of the application credential. Changing this creates a new application credential.

ExpiresAt string

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

Name string

A name of the application credential. Changing this creates a new application credential.

Region string

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

Roles []string

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

Secret string

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

Unrestricted bool

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

accessRules List<ApplicationCredentialAccessRuleArgs>

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description String

A description of the application credential. Changing this creates a new application credential.

expiresAt String

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name String

A name of the application credential. Changing this creates a new application credential.

region String

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles List<String>

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret String

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted Boolean

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

accessRules ApplicationCredentialAccessRuleArgs[]

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description string

A description of the application credential. Changing this creates a new application credential.

expiresAt string

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name string

A name of the application credential. Changing this creates a new application credential.

region string

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles string[]

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret string

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted boolean

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

access_rules Sequence[ApplicationCredentialAccessRuleArgs]

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description str

A description of the application credential. Changing this creates a new application credential.

expires_at str

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name str

A name of the application credential. Changing this creates a new application credential.

region str

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles Sequence[str]

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret str

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted bool

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

accessRules List<Property Map>

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description String

A description of the application credential. Changing this creates a new application credential.

expiresAt String

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name String

A name of the application credential. Changing this creates a new application credential.

region String

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles List<String>

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret String

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted Boolean

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

Outputs

All input properties are implicitly available as output properties. Additionally, the ApplicationCredential resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

ProjectId string

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

Id string

The provider-assigned unique ID for this managed resource.

ProjectId string

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

id String

The provider-assigned unique ID for this managed resource.

projectId String

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

id string

The provider-assigned unique ID for this managed resource.

projectId string

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

id str

The provider-assigned unique ID for this managed resource.

project_id str

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

id String

The provider-assigned unique ID for this managed resource.

projectId String

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

Look up an Existing ApplicationCredential Resource

Get an existing ApplicationCredential resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ApplicationCredentialState, opts?: CustomResourceOptions): ApplicationCredential
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_rules: Optional[Sequence[ApplicationCredentialAccessRuleArgs]] = None,
        description: Optional[str] = None,
        expires_at: Optional[str] = None,
        name: Optional[str] = None,
        project_id: Optional[str] = None,
        region: Optional[str] = None,
        roles: Optional[Sequence[str]] = None,
        secret: Optional[str] = None,
        unrestricted: Optional[bool] = None) -> ApplicationCredential
func GetApplicationCredential(ctx *Context, name string, id IDInput, state *ApplicationCredentialState, opts ...ResourceOption) (*ApplicationCredential, error)
public static ApplicationCredential Get(string name, Input<string> id, ApplicationCredentialState? state, CustomResourceOptions? opts = null)
public static ApplicationCredential get(String name, Output<String> id, ApplicationCredentialState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessRules List<Pulumi.OpenStack.Identity.Inputs.ApplicationCredentialAccessRuleArgs>

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

Description string

A description of the application credential. Changing this creates a new application credential.

ExpiresAt string

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

Name string

A name of the application credential. Changing this creates a new application credential.

ProjectId string

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

Region string

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

Roles List<string>

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

Secret string

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

Unrestricted bool

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

AccessRules []ApplicationCredentialAccessRuleArgs

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

Description string

A description of the application credential. Changing this creates a new application credential.

ExpiresAt string

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

Name string

A name of the application credential. Changing this creates a new application credential.

ProjectId string

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

Region string

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

Roles []string

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

Secret string

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

Unrestricted bool

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

accessRules List<ApplicationCredentialAccessRuleArgs>

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description String

A description of the application credential. Changing this creates a new application credential.

expiresAt String

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name String

A name of the application credential. Changing this creates a new application credential.

projectId String

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

region String

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles List<String>

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret String

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted Boolean

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

accessRules ApplicationCredentialAccessRuleArgs[]

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description string

A description of the application credential. Changing this creates a new application credential.

expiresAt string

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name string

A name of the application credential. Changing this creates a new application credential.

projectId string

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

region string

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles string[]

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret string

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted boolean

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

access_rules Sequence[ApplicationCredentialAccessRuleArgs]

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description str

A description of the application credential. Changing this creates a new application credential.

expires_at str

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name str

A name of the application credential. Changing this creates a new application credential.

project_id str

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

region str

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles Sequence[str]

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret str

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted bool

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

accessRules List<Property Map>

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

description String

A description of the application credential. Changing this creates a new application credential.

expiresAt String

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

name String

A name of the application credential. Changing this creates a new application credential.

projectId String

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

region String

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

roles List<String>

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

secret String

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

unrestricted Boolean

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

Supporting Types

ApplicationCredentialAccessRule

Method string

The request method that the application credential is permitted to use for a given API endpoint. Allowed values: POST, GET, HEAD, PATCH, PUT and DELETE.

Path string

The API path that the application credential is permitted to access. May use named wildcards such as {tag} or the unnamed wildcard * to match against any string in the path up to a /, or the recursive wildcard ** to include / in the matched path.

Service string

The service type identifier for the service that the application credential is granted to access. Must be a service type that is listed in the service catalog and not a code name for a service. E.g. identity, compute, volumev3, image, network, object-store, sharev2, dns, key-manager, monitoring, etc.

Id string

The ID of the existing access rule. The access rule ID of another application credential can be provided.

Method string

The request method that the application credential is permitted to use for a given API endpoint. Allowed values: POST, GET, HEAD, PATCH, PUT and DELETE.

Path string

The API path that the application credential is permitted to access. May use named wildcards such as {tag} or the unnamed wildcard * to match against any string in the path up to a /, or the recursive wildcard ** to include / in the matched path.

Service string

The service type identifier for the service that the application credential is granted to access. Must be a service type that is listed in the service catalog and not a code name for a service. E.g. identity, compute, volumev3, image, network, object-store, sharev2, dns, key-manager, monitoring, etc.

Id string

The ID of the existing access rule. The access rule ID of another application credential can be provided.

method String

The request method that the application credential is permitted to use for a given API endpoint. Allowed values: POST, GET, HEAD, PATCH, PUT and DELETE.

path String

The API path that the application credential is permitted to access. May use named wildcards such as {tag} or the unnamed wildcard * to match against any string in the path up to a /, or the recursive wildcard ** to include / in the matched path.

service String

The service type identifier for the service that the application credential is granted to access. Must be a service type that is listed in the service catalog and not a code name for a service. E.g. identity, compute, volumev3, image, network, object-store, sharev2, dns, key-manager, monitoring, etc.

id String

The ID of the existing access rule. The access rule ID of another application credential can be provided.

method string

The request method that the application credential is permitted to use for a given API endpoint. Allowed values: POST, GET, HEAD, PATCH, PUT and DELETE.

path string

The API path that the application credential is permitted to access. May use named wildcards such as {tag} or the unnamed wildcard * to match against any string in the path up to a /, or the recursive wildcard ** to include / in the matched path.

service string

The service type identifier for the service that the application credential is granted to access. Must be a service type that is listed in the service catalog and not a code name for a service. E.g. identity, compute, volumev3, image, network, object-store, sharev2, dns, key-manager, monitoring, etc.

id string

The ID of the existing access rule. The access rule ID of another application credential can be provided.

method str

The request method that the application credential is permitted to use for a given API endpoint. Allowed values: POST, GET, HEAD, PATCH, PUT and DELETE.

path str

The API path that the application credential is permitted to access. May use named wildcards such as {tag} or the unnamed wildcard * to match against any string in the path up to a /, or the recursive wildcard ** to include / in the matched path.

service str

The service type identifier for the service that the application credential is granted to access. Must be a service type that is listed in the service catalog and not a code name for a service. E.g. identity, compute, volumev3, image, network, object-store, sharev2, dns, key-manager, monitoring, etc.

id str

The ID of the existing access rule. The access rule ID of another application credential can be provided.

method String

The request method that the application credential is permitted to use for a given API endpoint. Allowed values: POST, GET, HEAD, PATCH, PUT and DELETE.

path String

The API path that the application credential is permitted to access. May use named wildcards such as {tag} or the unnamed wildcard * to match against any string in the path up to a /, or the recursive wildcard ** to include / in the matched path.

service String

The service type identifier for the service that the application credential is granted to access. Must be a service type that is listed in the service catalog and not a code name for a service. E.g. identity, compute, volumev3, image, network, object-store, sharev2, dns, key-manager, monitoring, etc.

id String

The ID of the existing access rule. The access rule ID of another application credential can be provided.

Package Details

Repository
https://github.com/pulumi/pulumi-openstack
License
Apache-2.0
Notes

This Pulumi package is based on the openstack Terraform Provider.