Docs Home
StrongDM v1.27.0 published on Sunday, Apr 20, 2025 by Piers Karsenbarg
sdm.getSecretEngine
Explore with Pulumi AI
A SecretEngine is managing secrets in SecretStores.
Using getSecretEngine
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecretEngine(args: GetSecretEngineArgs, opts?: InvokeOptions): Promise<GetSecretEngineResult>
function getSecretEngineOutput(args: GetSecretEngineOutputArgs, opts?: InvokeOptions): Output<GetSecretEngineResult>def get_secret_engine(binddn: Optional[str] = None,
bindpass: Optional[str] = None,
certificate: Optional[str] = None,
connection_timeout: Optional[int] = None,
do_not_validate_timestamps: Optional[bool] = None,
id: Optional[str] = None,
insecure_tls: Optional[bool] = None,
key_rotation_interval_days: Optional[int] = None,
name: Optional[str] = None,
request_timeout: Optional[int] = None,
secret_store_id: Optional[str] = None,
secret_store_root_path: Optional[str] = None,
start_tls: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
type: Optional[str] = None,
upndomain: Optional[str] = None,
url: Optional[str] = None,
userdn: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecretEngineResult
def get_secret_engine_output(binddn: Optional[pulumi.Input[str]] = None,
bindpass: Optional[pulumi.Input[str]] = None,
certificate: Optional[pulumi.Input[str]] = None,
connection_timeout: Optional[pulumi.Input[int]] = None,
do_not_validate_timestamps: Optional[pulumi.Input[bool]] = None,
id: Optional[pulumi.Input[str]] = None,
insecure_tls: Optional[pulumi.Input[bool]] = None,
key_rotation_interval_days: Optional[pulumi.Input[int]] = None,
name: Optional[pulumi.Input[str]] = None,
request_timeout: Optional[pulumi.Input[int]] = None,
secret_store_id: Optional[pulumi.Input[str]] = None,
secret_store_root_path: Optional[pulumi.Input[str]] = None,
start_tls: Optional[pulumi.Input[bool]] = None,
tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
type: Optional[pulumi.Input[str]] = None,
upndomain: Optional[pulumi.Input[str]] = None,
url: Optional[pulumi.Input[str]] = None,
userdn: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecretEngineResult]func LookupSecretEngine(ctx *Context, args *LookupSecretEngineArgs, opts ...InvokeOption) (*LookupSecretEngineResult, error)
func LookupSecretEngineOutput(ctx *Context, args *LookupSecretEngineOutputArgs, opts ...InvokeOption) LookupSecretEngineResultOutput> Note: This function is named LookupSecretEngine in the Go SDK.
public static class GetSecretEngine
{
public static Task<GetSecretEngineResult> InvokeAsync(GetSecretEngineArgs args, InvokeOptions? opts = null)
public static Output<GetSecretEngineResult> Invoke(GetSecretEngineInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecretEngineResult> getSecretEngine(GetSecretEngineArgs args, InvokeOptions options)
public static Output<GetSecretEngineResult> getSecretEngine(GetSecretEngineArgs args, InvokeOptions options)
fn::invoke:
function: sdm:index/getSecretEngine:getSecretEngine
arguments:
# arguments dictionaryThe following arguments are supported:
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Id string
- Unique identifier of the Secret Engine.
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Name string
- Unique human-readable name of the Secret Engine.
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Dictionary<string, string>
- Tags is a map of key, value pairs.
- Type string
- a filter to select all items of a certain subtype. See the filter documentation for more information.
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Url string
- The LDAP server to connect to.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Id string
- Unique identifier of the Secret Engine.
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Name string
- Unique human-readable name of the Secret Engine.
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- map[string]string
- Tags is a map of key, value pairs.
- Type string
- a filter to select all items of a certain subtype. See the filter documentation for more information.
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Url string
- The LDAP server to connect to.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Integer - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id String
- Unique identifier of the Secret Engine.
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation IntegerInterval Days - An interval of public/private key rotation for secret engine in days
- name String
- Unique human-readable name of the Secret Engine.
- request
Timeout Integer - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String,String>
- Tags is a map of key, value pairs.
- type String
- a filter to select all items of a certain subtype. See the filter documentation for more information.
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url String
- The LDAP server to connect to.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass string
- Password to use along with binddn when performing user search.
- certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not booleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id string
- Unique identifier of the Secret Engine.
- insecure
Tls boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation numberInterval Days - An interval of public/private key rotation for secret engine in days
- name string
- Unique human-readable name of the Secret Engine.
- request
Timeout number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store stringId - Backing secret store identifier
- secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- {[key: string]: string}
- Tags is a map of key, value pairs.
- type string
- a filter to select all items of a certain subtype. See the filter documentation for more information.
- upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url string
- The LDAP server to connect to.
- userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- binddn str
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass str
- Password to use along with binddn when performing user search.
- certificate str
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection_
timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do_
not_ boolvalidate_ timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id str
- Unique identifier of the Secret Engine.
- insecure_
tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key_
rotation_ intinterval_ days - An interval of public/private key rotation for secret engine in days
- name str
- Unique human-readable name of the Secret Engine.
- request_
timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret_
store_ strid - Backing secret store identifier
- secret_
store_ strroot_ path - Backing Secret Store root path where managed secrets are going to be stored
- start_
tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Mapping[str, str]
- Tags is a map of key, value pairs.
- type str
- a filter to select all items of a certain subtype. See the filter documentation for more information.
- upndomain str
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url str
- The LDAP server to connect to.
- userdn str
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id String
- Unique identifier of the Secret Engine.
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation NumberInterval Days - An interval of public/private key rotation for secret engine in days
- name String
- Unique human-readable name of the Secret Engine.
- request
Timeout Number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String>
- Tags is a map of key, value pairs.
- type String
- a filter to select all items of a certain subtype. See the filter documentation for more information.
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url String
- The LDAP server to connect to.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
getSecretEngine Result
The following output properties are available:
- Ids List<string>
- a list of strings of ids of data sources that match the given arguments.
- Secret
Engines List<PiersKarsenbarg. Sdm. Outputs. Get Secret Engine Secret Engine> - A single element list containing a map, where each key lists one of the following objects:
- active_directory:
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Id string
- Unique identifier of the Secret Engine.
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Name string
- Unique human-readable name of the Secret Engine.
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Dictionary<string, string>
- Tags is a map of key, value pairs.
- Type string
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Url string
- The LDAP server to connect to.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- Ids []string
- a list of strings of ids of data sources that match the given arguments.
- Secret
Engines []GetSecret Engine Secret Engine - A single element list containing a map, where each key lists one of the following objects:
- active_directory:
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Id string
- Unique identifier of the Secret Engine.
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Name string
- Unique human-readable name of the Secret Engine.
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- map[string]string
- Tags is a map of key, value pairs.
- Type string
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Url string
- The LDAP server to connect to.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- ids List<String>
- a list of strings of ids of data sources that match the given arguments.
- secret
Engines List<GetSecret Engine Secret Engine> - A single element list containing a map, where each key lists one of the following objects:
- active_directory:
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Integer - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id String
- Unique identifier of the Secret Engine.
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation IntegerInterval Days - An interval of public/private key rotation for secret engine in days
- name String
- Unique human-readable name of the Secret Engine.
- request
Timeout Integer - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String,String>
- Tags is a map of key, value pairs.
- type String
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url String
- The LDAP server to connect to.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- ids string[]
- a list of strings of ids of data sources that match the given arguments.
- secret
Engines GetSecret Engine Secret Engine[] - A single element list containing a map, where each key lists one of the following objects:
- active_directory:
- binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass string
- Password to use along with binddn when performing user search.
- certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not booleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id string
- Unique identifier of the Secret Engine.
- insecure
Tls boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation numberInterval Days - An interval of public/private key rotation for secret engine in days
- name string
- Unique human-readable name of the Secret Engine.
- request
Timeout number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store stringId - Backing secret store identifier
- secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- {[key: string]: string}
- Tags is a map of key, value pairs.
- type string
- upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url string
- The LDAP server to connect to.
- userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- ids Sequence[str]
- a list of strings of ids of data sources that match the given arguments.
- secret_
engines Sequence[GetSecret Engine Secret Engine] - A single element list containing a map, where each key lists one of the following objects:
- active_directory:
- binddn str
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass str
- Password to use along with binddn when performing user search.
- certificate str
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection_
timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do_
not_ boolvalidate_ timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id str
- Unique identifier of the Secret Engine.
- insecure_
tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key_
rotation_ intinterval_ days - An interval of public/private key rotation for secret engine in days
- name str
- Unique human-readable name of the Secret Engine.
- request_
timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret_
store_ strid - Backing secret store identifier
- secret_
store_ strroot_ path - Backing Secret Store root path where managed secrets are going to be stored
- start_
tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Mapping[str, str]
- Tags is a map of key, value pairs.
- type str
- upndomain str
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url str
- The LDAP server to connect to.
- userdn str
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- ids List<String>
- a list of strings of ids of data sources that match the given arguments.
- secret
Engines List<Property Map> - A single element list containing a map, where each key lists one of the following objects:
- active_directory:
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id String
- Unique identifier of the Secret Engine.
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation NumberInterval Days - An interval of public/private key rotation for secret engine in days
- name String
- Unique human-readable name of the Secret Engine.
- request
Timeout Number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String>
- Tags is a map of key, value pairs.
- type String
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url String
- The LDAP server to connect to.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
Supporting Types
GetSecretEngineSecretEngine
GetSecretEngineSecretEngineActiveDirectory
- Public
Key string - Public key linked with a secret engine
- After
Read stringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Id string
- Unique identifier of the Secret Engine.
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Max
Backoff stringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- Name string
- Unique human-readable name of the Secret Engine.
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Dictionary<string, string>
- Tags is a map of key, value pairs.
- Ttl string
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Url string
- The LDAP server to connect to.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- Public
Key string - Public key linked with a secret engine
- After
Read stringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Id string
- Unique identifier of the Secret Engine.
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Max
Backoff stringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- Name string
- Unique human-readable name of the Secret Engine.
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- map[string]string
- Tags is a map of key, value pairs.
- Ttl string
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Url string
- The LDAP server to connect to.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- public
Key String - Public key linked with a secret engine
- after
Read StringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Integer - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id String
- Unique identifier of the Secret Engine.
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation IntegerInterval Days - An interval of public/private key rotation for secret engine in days
- max
Backoff StringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- name String
- Unique human-readable name of the Secret Engine.
- request
Timeout Integer - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String,String>
- Tags is a map of key, value pairs.
- ttl String
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url String
- The LDAP server to connect to.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- public
Key string - Public key linked with a secret engine
- after
Read stringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass string
- Password to use along with binddn when performing user search.
- certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not booleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id string
- Unique identifier of the Secret Engine.
- insecure
Tls boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation numberInterval Days - An interval of public/private key rotation for secret engine in days
- max
Backoff stringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- name string
- Unique human-readable name of the Secret Engine.
- request
Timeout number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store stringId - Backing secret store identifier
- secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- {[key: string]: string}
- Tags is a map of key, value pairs.
- ttl string
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url string
- The LDAP server to connect to.
- userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- public_
key str - Public key linked with a secret engine
- after_
read_ strttl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- binddn str
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass str
- Password to use along with binddn when performing user search.
- certificate str
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection_
timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do_
not_ boolvalidate_ timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id str
- Unique identifier of the Secret Engine.
- insecure_
tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key_
rotation_ intinterval_ days - An interval of public/private key rotation for secret engine in days
- max_
backoff_ strduration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- name str
- Unique human-readable name of the Secret Engine.
- request_
timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret_
store_ strid - Backing secret store identifier
- secret_
store_ strroot_ path - Backing Secret Store root path where managed secrets are going to be stored
- start_
tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Mapping[str, str]
- Tags is a map of key, value pairs.
- ttl str
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain str
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url str
- The LDAP server to connect to.
- userdn str
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- public
Key String - Public key linked with a secret engine
- after
Read StringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- id String
- Unique identifier of the Secret Engine.
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation NumberInterval Days - An interval of public/private key rotation for secret engine in days
- max
Backoff StringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- name String
- Unique human-readable name of the Secret Engine.
- request
Timeout Number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String>
- Tags is a map of key, value pairs.
- ttl String
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- url String
- The LDAP server to connect to.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
GetSecretEngineSecretEngineKeyValue
- Public
Key string - Public key linked with a secret engine
- Id string
- Unique identifier of the Secret Engine.
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Name string
- Unique human-readable name of the Secret Engine.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Dictionary<string, string>
- Tags is a map of key, value pairs.
- Public
Key string - Public key linked with a secret engine
- Id string
- Unique identifier of the Secret Engine.
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Name string
- Unique human-readable name of the Secret Engine.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- map[string]string
- Tags is a map of key, value pairs.
- public
Key String - Public key linked with a secret engine
- id String
- Unique identifier of the Secret Engine.
- key
Rotation IntegerInterval Days - An interval of public/private key rotation for secret engine in days
- name String
- Unique human-readable name of the Secret Engine.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Map<String,String>
- Tags is a map of key, value pairs.
- public
Key string - Public key linked with a secret engine
- id string
- Unique identifier of the Secret Engine.
- key
Rotation numberInterval Days - An interval of public/private key rotation for secret engine in days
- name string
- Unique human-readable name of the Secret Engine.
- secret
Store stringId - Backing secret store identifier
- secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- {[key: string]: string}
- Tags is a map of key, value pairs.
- public_
key str - Public key linked with a secret engine
- id str
- Unique identifier of the Secret Engine.
- key_
rotation_ intinterval_ days - An interval of public/private key rotation for secret engine in days
- name str
- Unique human-readable name of the Secret Engine.
- secret_
store_ strid - Backing secret store identifier
- secret_
store_ strroot_ path - Backing Secret Store root path where managed secrets are going to be stored
- Mapping[str, str]
- Tags is a map of key, value pairs.
- public
Key String - Public key linked with a secret engine
- id String
- Unique identifier of the Secret Engine.
- key
Rotation NumberInterval Days - An interval of public/private key rotation for secret engine in days
- name String
- Unique human-readable name of the Secret Engine.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Map<String>
- Tags is a map of key, value pairs.
Package Details
- Repository
- sdm pierskarsenbarg/pulumi-sdm
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sdmTerraform Provider.