1. Packages
  2. HashiCorp Vault
  3. API Docs
  4. azure
  5. Backend
HashiCorp Vault v6.2.0 published on Friday, Jun 21, 2024 by Pulumi

vault.azure.Backend

Explore with Pulumi AI

vault logo
HashiCorp Vault v6.2.0 published on Friday, Jun 21, 2024 by Pulumi

    Example Usage

    Vault-1.9 And Above

    You can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration:

    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const azure = new vault.azure.Backend("azure", {
        subscriptionId: "11111111-2222-3333-4444-111111111111",
        tenantId: "11111111-2222-3333-4444-222222222222",
        clientId: "11111111-2222-3333-4444-333333333333",
        identityTokenAudience: "<TOKEN_AUDIENCE>",
        identityTokenTtl: "<TOKEN_TTL>",
    });
    
    import pulumi
    import pulumi_vault as vault
    
    azure = vault.azure.Backend("azure",
        subscription_id="11111111-2222-3333-4444-111111111111",
        tenant_id="11111111-2222-3333-4444-222222222222",
        client_id="11111111-2222-3333-4444-333333333333",
        identity_token_audience="<TOKEN_AUDIENCE>",
        identity_token_ttl="<TOKEN_TTL>")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azure.NewBackend(ctx, "azure", &azure.BackendArgs{
    			SubscriptionId:        pulumi.String("11111111-2222-3333-4444-111111111111"),
    			TenantId:              pulumi.String("11111111-2222-3333-4444-222222222222"),
    			ClientId:              pulumi.String("11111111-2222-3333-4444-333333333333"),
    			IdentityTokenAudience: pulumi.String("<TOKEN_AUDIENCE>"),
    			IdentityTokenTtl:      pulumi.Int("<TOKEN_TTL>"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var azure = new Vault.Azure.Backend("azure", new()
        {
            SubscriptionId = "11111111-2222-3333-4444-111111111111",
            TenantId = "11111111-2222-3333-4444-222222222222",
            ClientId = "11111111-2222-3333-4444-333333333333",
            IdentityTokenAudience = "<TOKEN_AUDIENCE>",
            IdentityTokenTtl = "<TOKEN_TTL>",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.azure.Backend;
    import com.pulumi.vault.azure.BackendArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var azure = new Backend("azure", BackendArgs.builder()
                .subscriptionId("11111111-2222-3333-4444-111111111111")
                .tenantId("11111111-2222-3333-4444-222222222222")
                .clientId("11111111-2222-3333-4444-333333333333")
                .identityTokenAudience("<TOKEN_AUDIENCE>")
                .identityTokenTtl("<TOKEN_TTL>")
                .build());
    
        }
    }
    
    resources:
      azure:
        type: vault:azure:Backend
        properties:
          subscriptionId: 11111111-2222-3333-4444-111111111111
          tenantId: 11111111-2222-3333-4444-222222222222
          clientId: 11111111-2222-3333-4444-333333333333
          identityTokenAudience: <TOKEN_AUDIENCE>
          identityTokenTtl: <TOKEN_TTL>
    
    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const azure = new vault.azure.Backend("azure", {
        useMicrosoftGraphApi: true,
        subscriptionId: "11111111-2222-3333-4444-111111111111",
        tenantId: "11111111-2222-3333-4444-222222222222",
        clientId: "11111111-2222-3333-4444-333333333333",
        clientSecret: "12345678901234567890",
        environment: "AzurePublicCloud",
    });
    
    import pulumi
    import pulumi_vault as vault
    
    azure = vault.azure.Backend("azure",
        use_microsoft_graph_api=True,
        subscription_id="11111111-2222-3333-4444-111111111111",
        tenant_id="11111111-2222-3333-4444-222222222222",
        client_id="11111111-2222-3333-4444-333333333333",
        client_secret="12345678901234567890",
        environment="AzurePublicCloud")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azure.NewBackend(ctx, "azure", &azure.BackendArgs{
    			UseMicrosoftGraphApi: pulumi.Bool(true),
    			SubscriptionId:       pulumi.String("11111111-2222-3333-4444-111111111111"),
    			TenantId:             pulumi.String("11111111-2222-3333-4444-222222222222"),
    			ClientId:             pulumi.String("11111111-2222-3333-4444-333333333333"),
    			ClientSecret:         pulumi.String("12345678901234567890"),
    			Environment:          pulumi.String("AzurePublicCloud"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var azure = new Vault.Azure.Backend("azure", new()
        {
            UseMicrosoftGraphApi = true,
            SubscriptionId = "11111111-2222-3333-4444-111111111111",
            TenantId = "11111111-2222-3333-4444-222222222222",
            ClientId = "11111111-2222-3333-4444-333333333333",
            ClientSecret = "12345678901234567890",
            Environment = "AzurePublicCloud",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.azure.Backend;
    import com.pulumi.vault.azure.BackendArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var azure = new Backend("azure", BackendArgs.builder()
                .useMicrosoftGraphApi(true)
                .subscriptionId("11111111-2222-3333-4444-111111111111")
                .tenantId("11111111-2222-3333-4444-222222222222")
                .clientId("11111111-2222-3333-4444-333333333333")
                .clientSecret("12345678901234567890")
                .environment("AzurePublicCloud")
                .build());
    
        }
    }
    
    resources:
      azure:
        type: vault:azure:Backend
        properties:
          useMicrosoftGraphApi: true
          subscriptionId: 11111111-2222-3333-4444-111111111111
          tenantId: 11111111-2222-3333-4444-222222222222
          clientId: 11111111-2222-3333-4444-333333333333
          clientSecret: '12345678901234567890'
          environment: AzurePublicCloud
    

    Vault-1.8 And Below

    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const azure = new vault.azure.Backend("azure", {
        useMicrosoftGraphApi: false,
        subscriptionId: "11111111-2222-3333-4444-111111111111",
        tenantId: "11111111-2222-3333-4444-222222222222",
        clientId: "11111111-2222-3333-4444-333333333333",
        clientSecret: "12345678901234567890",
        environment: "AzurePublicCloud",
    });
    
    import pulumi
    import pulumi_vault as vault
    
    azure = vault.azure.Backend("azure",
        use_microsoft_graph_api=False,
        subscription_id="11111111-2222-3333-4444-111111111111",
        tenant_id="11111111-2222-3333-4444-222222222222",
        client_id="11111111-2222-3333-4444-333333333333",
        client_secret="12345678901234567890",
        environment="AzurePublicCloud")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azure.NewBackend(ctx, "azure", &azure.BackendArgs{
    			UseMicrosoftGraphApi: pulumi.Bool(false),
    			SubscriptionId:       pulumi.String("11111111-2222-3333-4444-111111111111"),
    			TenantId:             pulumi.String("11111111-2222-3333-4444-222222222222"),
    			ClientId:             pulumi.String("11111111-2222-3333-4444-333333333333"),
    			ClientSecret:         pulumi.String("12345678901234567890"),
    			Environment:          pulumi.String("AzurePublicCloud"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var azure = new Vault.Azure.Backend("azure", new()
        {
            UseMicrosoftGraphApi = false,
            SubscriptionId = "11111111-2222-3333-4444-111111111111",
            TenantId = "11111111-2222-3333-4444-222222222222",
            ClientId = "11111111-2222-3333-4444-333333333333",
            ClientSecret = "12345678901234567890",
            Environment = "AzurePublicCloud",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.azure.Backend;
    import com.pulumi.vault.azure.BackendArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var azure = new Backend("azure", BackendArgs.builder()
                .useMicrosoftGraphApi(false)
                .subscriptionId("11111111-2222-3333-4444-111111111111")
                .tenantId("11111111-2222-3333-4444-222222222222")
                .clientId("11111111-2222-3333-4444-333333333333")
                .clientSecret("12345678901234567890")
                .environment("AzurePublicCloud")
                .build());
    
        }
    }
    
    resources:
      azure:
        type: vault:azure:Backend
        properties:
          useMicrosoftGraphApi: false
          subscriptionId: 11111111-2222-3333-4444-111111111111
          tenantId: 11111111-2222-3333-4444-222222222222
          clientId: 11111111-2222-3333-4444-333333333333
          clientSecret: '12345678901234567890'
          environment: AzurePublicCloud
    

    Create Backend Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Backend(name: string, args: BackendArgs, opts?: CustomResourceOptions);
    @overload
    def Backend(resource_name: str,
                args: BackendArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Backend(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                subscription_id: Optional[str] = None,
                tenant_id: Optional[str] = None,
                identity_token_key: Optional[str] = None,
                disable_remount: Optional[bool] = None,
                environment: Optional[str] = None,
                identity_token_audience: Optional[str] = None,
                client_id: Optional[str] = None,
                identity_token_ttl: Optional[int] = None,
                namespace: Optional[str] = None,
                path: Optional[str] = None,
                description: Optional[str] = None,
                client_secret: Optional[str] = None,
                use_microsoft_graph_api: Optional[bool] = None)
    func NewBackend(ctx *Context, name string, args BackendArgs, opts ...ResourceOption) (*Backend, error)
    public Backend(string name, BackendArgs args, CustomResourceOptions? opts = null)
    public Backend(String name, BackendArgs args)
    public Backend(String name, BackendArgs args, CustomResourceOptions options)
    
    type: vault:azure:Backend
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args BackendArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args BackendArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args BackendArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args BackendArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args BackendArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var backendResource = new Vault.Azure.Backend("backendResource", new()
    {
        SubscriptionId = "string",
        TenantId = "string",
        IdentityTokenKey = "string",
        DisableRemount = false,
        Environment = "string",
        IdentityTokenAudience = "string",
        ClientId = "string",
        IdentityTokenTtl = 0,
        Namespace = "string",
        Path = "string",
        Description = "string",
        ClientSecret = "string",
    });
    
    example, err := azure.NewBackend(ctx, "backendResource", &azure.BackendArgs{
    	SubscriptionId:        pulumi.String("string"),
    	TenantId:              pulumi.String("string"),
    	IdentityTokenKey:      pulumi.String("string"),
    	DisableRemount:        pulumi.Bool(false),
    	Environment:           pulumi.String("string"),
    	IdentityTokenAudience: pulumi.String("string"),
    	ClientId:              pulumi.String("string"),
    	IdentityTokenTtl:      pulumi.Int(0),
    	Namespace:             pulumi.String("string"),
    	Path:                  pulumi.String("string"),
    	Description:           pulumi.String("string"),
    	ClientSecret:          pulumi.String("string"),
    })
    
    var backendResource = new Backend("backendResource", BackendArgs.builder()
        .subscriptionId("string")
        .tenantId("string")
        .identityTokenKey("string")
        .disableRemount(false)
        .environment("string")
        .identityTokenAudience("string")
        .clientId("string")
        .identityTokenTtl(0)
        .namespace("string")
        .path("string")
        .description("string")
        .clientSecret("string")
        .build());
    
    backend_resource = vault.azure.Backend("backendResource",
        subscription_id="string",
        tenant_id="string",
        identity_token_key="string",
        disable_remount=False,
        environment="string",
        identity_token_audience="string",
        client_id="string",
        identity_token_ttl=0,
        namespace="string",
        path="string",
        description="string",
        client_secret="string")
    
    const backendResource = new vault.azure.Backend("backendResource", {
        subscriptionId: "string",
        tenantId: "string",
        identityTokenKey: "string",
        disableRemount: false,
        environment: "string",
        identityTokenAudience: "string",
        clientId: "string",
        identityTokenTtl: 0,
        namespace: "string",
        path: "string",
        description: "string",
        clientSecret: "string",
    });
    
    type: vault:azure:Backend
    properties:
        clientId: string
        clientSecret: string
        description: string
        disableRemount: false
        environment: string
        identityTokenAudience: string
        identityTokenKey: string
        identityTokenTtl: 0
        namespace: string
        path: string
        subscriptionId: string
        tenantId: string
    

    Backend Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Backend resource accepts the following input properties:

    SubscriptionId string
    The subscription id for the Azure Active Directory.
    TenantId string
    The tenant id for the Azure Active Directory.
    ClientId string
    The OAuth2 client id to connect to Azure.
    ClientSecret string
    The OAuth2 client secret to connect to Azure.
    Description string
    Human-friendly description of the mount for the backend.
    DisableRemount bool
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    Environment string
    The Azure environment.
    IdentityTokenAudience string
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenKey string
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenTtl int
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Path string
    The unique path this backend should be mounted at. Defaults to azure.
    UseMicrosoftGraphApi bool
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    SubscriptionId string
    The subscription id for the Azure Active Directory.
    TenantId string
    The tenant id for the Azure Active Directory.
    ClientId string
    The OAuth2 client id to connect to Azure.
    ClientSecret string
    The OAuth2 client secret to connect to Azure.
    Description string
    Human-friendly description of the mount for the backend.
    DisableRemount bool
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    Environment string
    The Azure environment.
    IdentityTokenAudience string
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenKey string
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenTtl int
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Path string
    The unique path this backend should be mounted at. Defaults to azure.
    UseMicrosoftGraphApi bool
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    subscriptionId String
    The subscription id for the Azure Active Directory.
    tenantId String
    The tenant id for the Azure Active Directory.
    clientId String
    The OAuth2 client id to connect to Azure.
    clientSecret String
    The OAuth2 client secret to connect to Azure.
    description String
    Human-friendly description of the mount for the backend.
    disableRemount Boolean
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment String
    The Azure environment.
    identityTokenAudience String
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenKey String
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenTtl Integer
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path String
    The unique path this backend should be mounted at. Defaults to azure.
    useMicrosoftGraphApi Boolean
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    subscriptionId string
    The subscription id for the Azure Active Directory.
    tenantId string
    The tenant id for the Azure Active Directory.
    clientId string
    The OAuth2 client id to connect to Azure.
    clientSecret string
    The OAuth2 client secret to connect to Azure.
    description string
    Human-friendly description of the mount for the backend.
    disableRemount boolean
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment string
    The Azure environment.
    identityTokenAudience string
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenKey string
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenTtl number
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path string
    The unique path this backend should be mounted at. Defaults to azure.
    useMicrosoftGraphApi boolean
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    subscription_id str
    The subscription id for the Azure Active Directory.
    tenant_id str
    The tenant id for the Azure Active Directory.
    client_id str
    The OAuth2 client id to connect to Azure.
    client_secret str
    The OAuth2 client secret to connect to Azure.
    description str
    Human-friendly description of the mount for the backend.
    disable_remount bool
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment str
    The Azure environment.
    identity_token_audience str
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identity_token_key str
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identity_token_ttl int
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace str
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path str
    The unique path this backend should be mounted at. Defaults to azure.
    use_microsoft_graph_api bool
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    subscriptionId String
    The subscription id for the Azure Active Directory.
    tenantId String
    The tenant id for the Azure Active Directory.
    clientId String
    The OAuth2 client id to connect to Azure.
    clientSecret String
    The OAuth2 client secret to connect to Azure.
    description String
    Human-friendly description of the mount for the backend.
    disableRemount Boolean
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment String
    The Azure environment.
    identityTokenAudience String
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenKey String
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenTtl Number
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path String
    The unique path this backend should be mounted at. Defaults to azure.
    useMicrosoftGraphApi Boolean
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Backend resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Backend Resource

    Get an existing Backend resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: BackendState, opts?: CustomResourceOptions): Backend
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            client_id: Optional[str] = None,
            client_secret: Optional[str] = None,
            description: Optional[str] = None,
            disable_remount: Optional[bool] = None,
            environment: Optional[str] = None,
            identity_token_audience: Optional[str] = None,
            identity_token_key: Optional[str] = None,
            identity_token_ttl: Optional[int] = None,
            namespace: Optional[str] = None,
            path: Optional[str] = None,
            subscription_id: Optional[str] = None,
            tenant_id: Optional[str] = None,
            use_microsoft_graph_api: Optional[bool] = None) -> Backend
    func GetBackend(ctx *Context, name string, id IDInput, state *BackendState, opts ...ResourceOption) (*Backend, error)
    public static Backend Get(string name, Input<string> id, BackendState? state, CustomResourceOptions? opts = null)
    public static Backend get(String name, Output<String> id, BackendState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ClientId string
    The OAuth2 client id to connect to Azure.
    ClientSecret string
    The OAuth2 client secret to connect to Azure.
    Description string
    Human-friendly description of the mount for the backend.
    DisableRemount bool
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    Environment string
    The Azure environment.
    IdentityTokenAudience string
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenKey string
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenTtl int
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Path string
    The unique path this backend should be mounted at. Defaults to azure.
    SubscriptionId string
    The subscription id for the Azure Active Directory.
    TenantId string
    The tenant id for the Azure Active Directory.
    UseMicrosoftGraphApi bool
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    ClientId string
    The OAuth2 client id to connect to Azure.
    ClientSecret string
    The OAuth2 client secret to connect to Azure.
    Description string
    Human-friendly description of the mount for the backend.
    DisableRemount bool
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    Environment string
    The Azure environment.
    IdentityTokenAudience string
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenKey string
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    IdentityTokenTtl int
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    Namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Path string
    The unique path this backend should be mounted at. Defaults to azure.
    SubscriptionId string
    The subscription id for the Azure Active Directory.
    TenantId string
    The tenant id for the Azure Active Directory.
    UseMicrosoftGraphApi bool
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    clientId String
    The OAuth2 client id to connect to Azure.
    clientSecret String
    The OAuth2 client secret to connect to Azure.
    description String
    Human-friendly description of the mount for the backend.
    disableRemount Boolean
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment String
    The Azure environment.
    identityTokenAudience String
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenKey String
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenTtl Integer
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path String
    The unique path this backend should be mounted at. Defaults to azure.
    subscriptionId String
    The subscription id for the Azure Active Directory.
    tenantId String
    The tenant id for the Azure Active Directory.
    useMicrosoftGraphApi Boolean
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    clientId string
    The OAuth2 client id to connect to Azure.
    clientSecret string
    The OAuth2 client secret to connect to Azure.
    description string
    Human-friendly description of the mount for the backend.
    disableRemount boolean
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment string
    The Azure environment.
    identityTokenAudience string
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenKey string
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenTtl number
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace string
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path string
    The unique path this backend should be mounted at. Defaults to azure.
    subscriptionId string
    The subscription id for the Azure Active Directory.
    tenantId string
    The tenant id for the Azure Active Directory.
    useMicrosoftGraphApi boolean
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    client_id str
    The OAuth2 client id to connect to Azure.
    client_secret str
    The OAuth2 client secret to connect to Azure.
    description str
    Human-friendly description of the mount for the backend.
    disable_remount bool
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment str
    The Azure environment.
    identity_token_audience str
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identity_token_key str
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identity_token_ttl int
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace str
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path str
    The unique path this backend should be mounted at. Defaults to azure.
    subscription_id str
    The subscription id for the Azure Active Directory.
    tenant_id str
    The tenant id for the Azure Active Directory.
    use_microsoft_graph_api bool
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    clientId String
    The OAuth2 client id to connect to Azure.
    clientSecret String
    The OAuth2 client secret to connect to Azure.
    description String
    Human-friendly description of the mount for the backend.
    disableRemount Boolean
    If set, opts out of mount migration on path updates. See here for more info on Mount Migration
    environment String
    The Azure environment.
    identityTokenAudience String
    The audience claim value. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenKey String
    The key to use for signing identity tokens. Requires Vault 1.17+. Available only for Vault Enterprise
    identityTokenTtl Number
    The TTL of generated identity tokens in seconds. Requires Vault 1.17+. Available only for Vault Enterprise
    namespace String
    The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    path String
    The unique path this backend should be mounted at. Defaults to azure.
    subscriptionId String
    The subscription id for the Azure Active Directory.
    tenantId String
    The tenant id for the Azure Active Directory.
    useMicrosoftGraphApi Boolean
    Use the Microsoft Graph API. Should be set to true on vault-1.10+

    Deprecated: This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.

    Package Details

    Repository
    Vault pulumi/pulumi-vault
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the vault Terraform Provider.
    vault logo
    HashiCorp Vault v6.2.0 published on Friday, Jun 21, 2024 by Pulumi