Docs Home
StrongDM v1.27.0 published on Sunday, Apr 20, 2025 by Piers Karsenbarg
sdm.SecretEngine
Explore with Pulumi AI
A SecretEngine is managing secrets in SecretStores. This resource can be imported using the import command.
Create SecretEngine Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecretEngine(name: string, args?: SecretEngineArgs, opts?: CustomResourceOptions);@overload
def SecretEngine(resource_name: str,
args: Optional[SecretEngineArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def SecretEngine(resource_name: str,
opts: Optional[ResourceOptions] = None,
active_directory: Optional[SecretEngineActiveDirectoryArgs] = None,
key_value: Optional[SecretEngineKeyValueArgs] = None)func NewSecretEngine(ctx *Context, name string, args *SecretEngineArgs, opts ...ResourceOption) (*SecretEngine, error)public SecretEngine(string name, SecretEngineArgs? args = null, CustomResourceOptions? opts = null)
public SecretEngine(String name, SecretEngineArgs args)
public SecretEngine(String name, SecretEngineArgs args, CustomResourceOptions options)
type: sdm:SecretEngine
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecretEngineArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecretEngineArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecretEngineArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecretEngineArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecretEngineArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var secretEngineResource = new Sdm.SecretEngine("secretEngineResource", new()
{
ActiveDirectory = new Sdm.Inputs.SecretEngineActiveDirectoryArgs
{
Name = "string",
Binddn = "string",
Bindpass = "string",
Url = "string",
SecretStoreRootPath = "string",
SecretStoreId = "string",
PublicKey = "string",
ConnectionTimeout = 0,
MaxBackoffDuration = "string",
InsecureTls = false,
AfterReadTtl = "string",
RequestTimeout = 0,
DoNotValidateTimestamps = false,
KeyRotationIntervalDays = 0,
StartTls = false,
Tags =
{
{ "string", "string" },
},
Ttl = "string",
Upndomain = "string",
Certificate = "string",
Userdn = "string",
},
KeyValue = new Sdm.Inputs.SecretEngineKeyValueArgs
{
Name = "string",
SecretStoreId = "string",
SecretStoreRootPath = "string",
KeyRotationIntervalDays = 0,
PublicKey = "string",
Tags =
{
{ "string", "string" },
},
},
});
example, err := sdm.NewSecretEngine(ctx, "secretEngineResource", &sdm.SecretEngineArgs{
ActiveDirectory: &sdm.SecretEngineActiveDirectoryArgs{
Name: pulumi.String("string"),
Binddn: pulumi.String("string"),
Bindpass: pulumi.String("string"),
Url: pulumi.String("string"),
SecretStoreRootPath: pulumi.String("string"),
SecretStoreId: pulumi.String("string"),
PublicKey: pulumi.String("string"),
ConnectionTimeout: pulumi.Int(0),
MaxBackoffDuration: pulumi.String("string"),
InsecureTls: pulumi.Bool(false),
AfterReadTtl: pulumi.String("string"),
RequestTimeout: pulumi.Int(0),
DoNotValidateTimestamps: pulumi.Bool(false),
KeyRotationIntervalDays: pulumi.Int(0),
StartTls: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Ttl: pulumi.String("string"),
Upndomain: pulumi.String("string"),
Certificate: pulumi.String("string"),
Userdn: pulumi.String("string"),
},
KeyValue: &sdm.SecretEngineKeyValueArgs{
Name: pulumi.String("string"),
SecretStoreId: pulumi.String("string"),
SecretStoreRootPath: pulumi.String("string"),
KeyRotationIntervalDays: pulumi.Int(0),
PublicKey: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
})
var secretEngineResource = new SecretEngine("secretEngineResource", SecretEngineArgs.builder()
.activeDirectory(SecretEngineActiveDirectoryArgs.builder()
.name("string")
.binddn("string")
.bindpass("string")
.url("string")
.secretStoreRootPath("string")
.secretStoreId("string")
.publicKey("string")
.connectionTimeout(0)
.maxBackoffDuration("string")
.insecureTls(false)
.afterReadTtl("string")
.requestTimeout(0)
.doNotValidateTimestamps(false)
.keyRotationIntervalDays(0)
.startTls(false)
.tags(Map.of("string", "string"))
.ttl("string")
.upndomain("string")
.certificate("string")
.userdn("string")
.build())
.keyValue(SecretEngineKeyValueArgs.builder()
.name("string")
.secretStoreId("string")
.secretStoreRootPath("string")
.keyRotationIntervalDays(0)
.publicKey("string")
.tags(Map.of("string", "string"))
.build())
.build());
secret_engine_resource = sdm.SecretEngine("secretEngineResource",
active_directory={
"name": "string",
"binddn": "string",
"bindpass": "string",
"url": "string",
"secret_store_root_path": "string",
"secret_store_id": "string",
"public_key": "string",
"connection_timeout": 0,
"max_backoff_duration": "string",
"insecure_tls": False,
"after_read_ttl": "string",
"request_timeout": 0,
"do_not_validate_timestamps": False,
"key_rotation_interval_days": 0,
"start_tls": False,
"tags": {
"string": "string",
},
"ttl": "string",
"upndomain": "string",
"certificate": "string",
"userdn": "string",
},
key_value={
"name": "string",
"secret_store_id": "string",
"secret_store_root_path": "string",
"key_rotation_interval_days": 0,
"public_key": "string",
"tags": {
"string": "string",
},
})
const secretEngineResource = new sdm.SecretEngine("secretEngineResource", {
activeDirectory: {
name: "string",
binddn: "string",
bindpass: "string",
url: "string",
secretStoreRootPath: "string",
secretStoreId: "string",
publicKey: "string",
connectionTimeout: 0,
maxBackoffDuration: "string",
insecureTls: false,
afterReadTtl: "string",
requestTimeout: 0,
doNotValidateTimestamps: false,
keyRotationIntervalDays: 0,
startTls: false,
tags: {
string: "string",
},
ttl: "string",
upndomain: "string",
certificate: "string",
userdn: "string",
},
keyValue: {
name: "string",
secretStoreId: "string",
secretStoreRootPath: "string",
keyRotationIntervalDays: 0,
publicKey: "string",
tags: {
string: "string",
},
},
});
type: sdm:SecretEngine
properties:
activeDirectory:
afterReadTtl: string
binddn: string
bindpass: string
certificate: string
connectionTimeout: 0
doNotValidateTimestamps: false
insecureTls: false
keyRotationIntervalDays: 0
maxBackoffDuration: string
name: string
publicKey: string
requestTimeout: 0
secretStoreId: string
secretStoreRootPath: string
startTls: false
tags:
string: string
ttl: string
upndomain: string
url: string
userdn: string
keyValue:
keyRotationIntervalDays: 0
name: string
publicKey: string
secretStoreId: string
secretStoreRootPath: string
tags:
string: string
SecretEngine Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecretEngine resource accepts the following input properties:
- Active
Directory PiersKarsenbarg. Sdm. Inputs. Secret Engine Active Directory - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- Key
Value PiersKarsenbarg. Sdm. Inputs. Secret Engine Key Value - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- Active
Directory SecretEngine Active Directory Args - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- Key
Value SecretEngine Key Value Args - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active
Directory SecretEngine Active Directory - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key
Value SecretEngine Key Value - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active
Directory SecretEngine Active Directory - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key
Value SecretEngine Key Value - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active_
directory SecretEngine Active Directory Args - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key_
value SecretEngine Key Value Args - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active
Directory Property Map - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key
Value Property Map - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecretEngine resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing SecretEngine Resource
Get an existing SecretEngine resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecretEngineState, opts?: CustomResourceOptions): SecretEngine@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
active_directory: Optional[SecretEngineActiveDirectoryArgs] = None,
key_value: Optional[SecretEngineKeyValueArgs] = None) -> SecretEnginefunc GetSecretEngine(ctx *Context, name string, id IDInput, state *SecretEngineState, opts ...ResourceOption) (*SecretEngine, error)public static SecretEngine Get(string name, Input<string> id, SecretEngineState? state, CustomResourceOptions? opts = null)public static SecretEngine get(String name, Output<String> id, SecretEngineState state, CustomResourceOptions options)resources: _: type: sdm:SecretEngine get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Active
Directory PiersKarsenbarg. Sdm. Inputs. Secret Engine Active Directory - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- Key
Value PiersKarsenbarg. Sdm. Inputs. Secret Engine Key Value - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- Active
Directory SecretEngine Active Directory Args - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- Key
Value SecretEngine Key Value Args - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active
Directory SecretEngine Active Directory - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key
Value SecretEngine Key Value - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active
Directory SecretEngine Active Directory - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key
Value SecretEngine Key Value - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active_
directory SecretEngine Active Directory Args - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key_
value SecretEngine Key Value Args - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- active
Directory Property Map - ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
- key
Value Property Map - KeyValueEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.
Supporting Types
SecretEngineActiveDirectory, SecretEngineActiveDirectoryArgs
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Name string
- Unique human-readable name of the Secret Engine.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Url string
- The LDAP server to connect to.
- After
Read stringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Max
Backoff stringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- Public
Key string - Public key linked with a secret engine
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Dictionary<string, string>
- Tags is a map of key, value pairs.
- Ttl string
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- Binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- Bindpass string
- Password to use along with binddn when performing user search.
- Name string
- Unique human-readable name of the Secret Engine.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Url string
- The LDAP server to connect to.
- After
Read stringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- Certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- Connection
Timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- Do
Not boolValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- Insecure
Tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Max
Backoff stringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- Public
Key string - Public key linked with a secret engine
- Request
Timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- Start
Tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- map[string]string
- Tags is a map of key, value pairs.
- Ttl string
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- Upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- Userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- name String
- Unique human-readable name of the Secret Engine.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- url String
- The LDAP server to connect to.
- after
Read StringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Integer - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation IntegerInterval Days - An interval of public/private key rotation for secret engine in days
- max
Backoff StringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- public
Key String - Public key linked with a secret engine
- request
Timeout Integer - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String,String>
- Tags is a map of key, value pairs.
- ttl String
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- binddn string
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass string
- Password to use along with binddn when performing user search.
- name string
- Unique human-readable name of the Secret Engine.
- secret
Store stringId - Backing secret store identifier
- secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- url string
- The LDAP server to connect to.
- after
Read stringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- certificate string
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not booleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- insecure
Tls boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation numberInterval Days - An interval of public/private key rotation for secret engine in days
- max
Backoff stringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- public
Key string - Public key linked with a secret engine
- request
Timeout number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- start
Tls boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- {[key: string]: string}
- Tags is a map of key, value pairs.
- ttl string
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain string
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- userdn string
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- binddn str
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass str
- Password to use along with binddn when performing user search.
- name str
- Unique human-readable name of the Secret Engine.
- secret_
store_ strid - Backing secret store identifier
- secret_
store_ strroot_ path - Backing Secret Store root path where managed secrets are going to be stored
- url str
- The LDAP server to connect to.
- after_
read_ strttl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- certificate str
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection_
timeout int - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do_
not_ boolvalidate_ timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- insecure_
tls bool - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key_
rotation_ intinterval_ days - An interval of public/private key rotation for secret engine in days
- max_
backoff_ strduration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- public_
key str - Public key linked with a secret engine
- request_
timeout int - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- start_
tls bool - If true, issues a StartTLS command after establishing an unencrypted connection.
- Mapping[str, str]
- Tags is a map of key, value pairs.
- ttl str
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain str
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- userdn str
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
- binddn String
- Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com
- bindpass String
- Password to use along with binddn when performing user search.
- name String
- Unique human-readable name of the Secret Engine.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- url String
- The LDAP server to connect to.
- after
Read StringTtl - The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.
- certificate String
- CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
- connection
Timeout Number - Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
- do
Not BooleanValidate Timestamps - If set to true this will prevent password change timestamp validation in Active Directory when validating credentials
- insecure
Tls Boolean - If true, skips LDAP server SSL certificate verification - insecure, use with caution!
- key
Rotation NumberInterval Days - An interval of public/private key rotation for secret engine in days
- max
Backoff StringDuration - The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration
- public
Key String - Public key linked with a secret engine
- request
Timeout Number - Timeout, in seconds, for the connection when making requests against the server before returning back an error.
- start
Tls Boolean - If true, issues a StartTLS command after establishing an unencrypted connection.
- Map<String>
- Tags is a map of key, value pairs.
- ttl String
- The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.
- upndomain String
- The domain (userPrincipalDomain) used to construct a UPN string for authentication.
- userdn String
- Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com
- key_value:
SecretEngineKeyValue, SecretEngineKeyValueArgs
- Name string
- Unique human-readable name of the Secret Engine.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Public
Key string - Public key linked with a secret engine
- Dictionary<string, string>
- Tags is a map of key, value pairs.
- Name string
- Unique human-readable name of the Secret Engine.
- Secret
Store stringId - Backing secret store identifier
- Secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- Key
Rotation intInterval Days - An interval of public/private key rotation for secret engine in days
- Public
Key string - Public key linked with a secret engine
- map[string]string
- Tags is a map of key, value pairs.
- name String
- Unique human-readable name of the Secret Engine.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- key
Rotation IntegerInterval Days - An interval of public/private key rotation for secret engine in days
- public
Key String - Public key linked with a secret engine
- Map<String,String>
- Tags is a map of key, value pairs.
- name string
- Unique human-readable name of the Secret Engine.
- secret
Store stringId - Backing secret store identifier
- secret
Store stringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- key
Rotation numberInterval Days - An interval of public/private key rotation for secret engine in days
- public
Key string - Public key linked with a secret engine
- {[key: string]: string}
- Tags is a map of key, value pairs.
- name str
- Unique human-readable name of the Secret Engine.
- secret_
store_ strid - Backing secret store identifier
- secret_
store_ strroot_ path - Backing Secret Store root path where managed secrets are going to be stored
- key_
rotation_ intinterval_ days - An interval of public/private key rotation for secret engine in days
- public_
key str - Public key linked with a secret engine
- Mapping[str, str]
- Tags is a map of key, value pairs.
- name String
- Unique human-readable name of the Secret Engine.
- secret
Store StringId - Backing secret store identifier
- secret
Store StringRoot Path - Backing Secret Store root path where managed secrets are going to be stored
- key
Rotation NumberInterval Days - An interval of public/private key rotation for secret engine in days
- public
Key String - Public key linked with a secret engine
- Map<String>
- Tags is a map of key, value pairs.
Import
A SecretEngine can be imported using the id, e.g.,
$ pulumi import sdm:index/secretEngine:SecretEngine example eng-12345678
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- sdm pierskarsenbarg/pulumi-sdm
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sdmTerraform Provider.