HashiCorp Vault v5.17.0, Nov 9 23

HashiCorp Vault v5.17.0 published on Thursday, Nov 9, 2023 by Pulumi

vault.consul.SecretBackendRole

Explore with Pulumi AI

HashiCorp Vault v5.17.0 published on Thursday, Nov 9, 2023 by Pulumi

Note About Required Arguments

At least one of the four arguments consul_policies, consul_roles, service_identities, or node_identities is required for a token. If desired, any combination of the four arguments up-to and including all four, is valid.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;

return await Deployment.RunAsync(() => 
{
    var test = new Vault.Consul.SecretBackend("test", new()
    {
        Path = "consul",
        Description = "Manages the Consul backend",
        Address = "127.0.0.1:8500",
        Token = "4240861b-ce3d-8530-115a-521ff070dd29",
    });

    var example = new Vault.Consul.SecretBackendRole("example", new()
    {
        Backend = test.Path,
        ConsulPolicies = new[]
        {
            "example-policy",
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		test, err := consul.NewSecretBackend(ctx, "test", &consul.SecretBackendArgs{
			Path:        pulumi.String("consul"),
			Description: pulumi.String("Manages the Consul backend"),
			Address:     pulumi.String("127.0.0.1:8500"),
			Token:       pulumi.String("4240861b-ce3d-8530-115a-521ff070dd29"),
		})
		if err != nil {
			return err
		}
		_, err = consul.NewSecretBackendRole(ctx, "example", &consul.SecretBackendRoleArgs{
			Backend: test.Path,
			ConsulPolicies: pulumi.StringArray{
				pulumi.String("example-policy"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.consul.SecretBackend;
import com.pulumi.vault.consul.SecretBackendArgs;
import com.pulumi.vault.consul.SecretBackendRole;
import com.pulumi.vault.consul.SecretBackendRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new SecretBackend("test", SecretBackendArgs.builder()        
            .path("consul")
            .description("Manages the Consul backend")
            .address("127.0.0.1:8500")
            .token("4240861b-ce3d-8530-115a-521ff070dd29")
            .build());

        var example = new SecretBackendRole("example", SecretBackendRoleArgs.builder()        
            .backend(test.path())
            .consulPolicies("example-policy")
            .build());

    }
}

import pulumi
import pulumi_vault as vault

test = vault.consul.SecretBackend("test",
    path="consul",
    description="Manages the Consul backend",
    address="127.0.0.1:8500",
    token="4240861b-ce3d-8530-115a-521ff070dd29")
example = vault.consul.SecretBackendRole("example",
    backend=test.path,
    consul_policies=["example-policy"])

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const test = new vault.consul.SecretBackend("test", {
    path: "consul",
    description: "Manages the Consul backend",
    address: "127.0.0.1:8500",
    token: "4240861b-ce3d-8530-115a-521ff070dd29",
});
const example = new vault.consul.SecretBackendRole("example", {
    backend: test.path,
    consulPolicies: ["example-policy"],
});

resources:
  test:
    type: vault:consul:SecretBackend
    properties:
      path: consul
      description: Manages the Consul backend
      address: 127.0.0.1:8500
      token: 4240861b-ce3d-8530-115a-521ff070dd29
  example:
    type: vault:consul:SecretBackendRole
    properties:
      backend: ${test.path}
      consulPolicies:
        - example-policy

Create SecretBackendRole Resource

new SecretBackendRole(name: string, args?: SecretBackendRoleArgs, opts?: CustomResourceOptions);

@overload
def SecretBackendRole(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      backend: Optional[str] = None,
                      consul_namespace: Optional[str] = None,
                      consul_policies: Optional[Sequence[str]] = None,
                      consul_roles: Optional[Sequence[str]] = None,
                      local: Optional[bool] = None,
                      max_ttl: Optional[int] = None,
                      name: Optional[str] = None,
                      namespace: Optional[str] = None,
                      node_identities: Optional[Sequence[str]] = None,
                      partition: Optional[str] = None,
                      policies: Optional[Sequence[str]] = None,
                      service_identities: Optional[Sequence[str]] = None,
                      token_type: Optional[str] = None,
                      ttl: Optional[int] = None)
@overload
def SecretBackendRole(resource_name: str,
                      args: Optional[SecretBackendRoleArgs] = None,
                      opts: Optional[ResourceOptions] = None)

func NewSecretBackendRole(ctx *Context, name string, args *SecretBackendRoleArgs, opts ...ResourceOption) (*SecretBackendRole, error)

public SecretBackendRole(string name, SecretBackendRoleArgs? args = null, CustomResourceOptions? opts = null)

public SecretBackendRole(String name, SecretBackendRoleArgs args)
public SecretBackendRole(String name, SecretBackendRoleArgs args, CustomResourceOptions options)

type: vault:consul:SecretBackendRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecretBackendRoleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecretBackendRoleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecretBackendRoleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecretBackendRoleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecretBackendRoleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

SecretBackendRole Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The SecretBackendRole resource accepts the following input properties:

Backend string

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

ConsulNamespace string

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

ConsulPolicies List<string>

SEE NOTE The list of Consul ACL policies to associate with these roles.

ConsulRoles List<string>

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

Local bool

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

MaxTtl int

Maximum TTL for leases associated with this role, in seconds.

Name string

The name of the Consul secrets engine role to create.

Namespace string

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

NodeIdentities List<string>

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

Partition string

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

Policies List<string>

The list of Consul ACL policies to associate with these roles. NOTE: The new parameter consul_policies should be used in favor of this. This parameter, policies, remains supported for legacy users, but Vault has deprecated this field.

ServiceIdentities List<string>

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

TokenType string

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

Ttl int

Specifies the TTL for this role.

Backend string

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

ConsulNamespace string

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

ConsulPolicies []string

SEE NOTE The list of Consul ACL policies to associate with these roles.

ConsulRoles []string

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

Local bool

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

MaxTtl int

Maximum TTL for leases associated with this role, in seconds.

Name string

The name of the Consul secrets engine role to create.

Namespace string

NodeIdentities []string

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

Partition string

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

Policies []string

ServiceIdentities []string

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

TokenType string

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

Ttl int

Specifies the TTL for this role.

backend String

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consulNamespace String

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consulPolicies List<String>

SEE NOTE The list of Consul ACL policies to associate with these roles.

consulRoles List<String>

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local Boolean

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

maxTtl Integer

Maximum TTL for leases associated with this role, in seconds.

name String

The name of the Consul secrets engine role to create.

namespace String

nodeIdentities List<String>

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition String

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies List<String>

serviceIdentities List<String>

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

tokenType String

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl Integer

Specifies the TTL for this role.

backend string

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consulNamespace string

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consulPolicies string[]

SEE NOTE The list of Consul ACL policies to associate with these roles.

consulRoles string[]

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local boolean

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

maxTtl number

Maximum TTL for leases associated with this role, in seconds.

name string

The name of the Consul secrets engine role to create.

namespace string

nodeIdentities string[]

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition string

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies string[]

serviceIdentities string[]

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

tokenType string

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl number

Specifies the TTL for this role.

backend str

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consul_namespace str

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consul_policies Sequence[str]

SEE NOTE The list of Consul ACL policies to associate with these roles.

consul_roles Sequence[str]

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local bool

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

max_ttl int

Maximum TTL for leases associated with this role, in seconds.

name str

The name of the Consul secrets engine role to create.

namespace str

node_identities Sequence[str]

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition str

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies Sequence[str]

service_identities Sequence[str]

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

token_type str

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl int

Specifies the TTL for this role.

backend String

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consulNamespace String

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consulPolicies List<String>

SEE NOTE The list of Consul ACL policies to associate with these roles.

consulRoles List<String>

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local Boolean

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

maxTtl Number

Maximum TTL for leases associated with this role, in seconds.

name String

The name of the Consul secrets engine role to create.

namespace String

nodeIdentities List<String>

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition String

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies List<String>

serviceIdentities List<String>

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

tokenType String

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl Number

Specifies the TTL for this role.

Outputs

All input properties are implicitly available as output properties. Additionally, the SecretBackendRole resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing SecretBackendRole Resource

Get an existing SecretBackendRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SecretBackendRoleState, opts?: CustomResourceOptions): SecretBackendRole

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        backend: Optional[str] = None,
        consul_namespace: Optional[str] = None,
        consul_policies: Optional[Sequence[str]] = None,
        consul_roles: Optional[Sequence[str]] = None,
        local: Optional[bool] = None,
        max_ttl: Optional[int] = None,
        name: Optional[str] = None,
        namespace: Optional[str] = None,
        node_identities: Optional[Sequence[str]] = None,
        partition: Optional[str] = None,
        policies: Optional[Sequence[str]] = None,
        service_identities: Optional[Sequence[str]] = None,
        token_type: Optional[str] = None,
        ttl: Optional[int] = None) -> SecretBackendRole

func GetSecretBackendRole(ctx *Context, name string, id IDInput, state *SecretBackendRoleState, opts ...ResourceOption) (*SecretBackendRole, error)

public static SecretBackendRole Get(string name, Input<string> id, SecretBackendRoleState? state, CustomResourceOptions? opts = null)

public static SecretBackendRole get(String name, Output<String> id, SecretBackendRoleState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Backend string

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

ConsulNamespace string

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

ConsulPolicies List<string>

SEE NOTE The list of Consul ACL policies to associate with these roles.

ConsulRoles List<string>

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

Local bool

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

MaxTtl int

Maximum TTL for leases associated with this role, in seconds.

Name string

The name of the Consul secrets engine role to create.

Namespace string

NodeIdentities List<string>

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

Partition string

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

Policies List<string>

ServiceIdentities List<string>

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

TokenType string

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

Ttl int

Specifies the TTL for this role.

Backend string

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

ConsulNamespace string

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

ConsulPolicies []string

SEE NOTE The list of Consul ACL policies to associate with these roles.

ConsulRoles []string

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

Local bool

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

MaxTtl int

Maximum TTL for leases associated with this role, in seconds.

Name string

The name of the Consul secrets engine role to create.

Namespace string

NodeIdentities []string

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

Partition string

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

Policies []string

ServiceIdentities []string

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

TokenType string

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

Ttl int

Specifies the TTL for this role.

backend String

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consulNamespace String

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consulPolicies List<String>

SEE NOTE The list of Consul ACL policies to associate with these roles.

consulRoles List<String>

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local Boolean

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

maxTtl Integer

Maximum TTL for leases associated with this role, in seconds.

name String

The name of the Consul secrets engine role to create.

namespace String

nodeIdentities List<String>

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition String

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies List<String>

serviceIdentities List<String>

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

tokenType String

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl Integer

Specifies the TTL for this role.

backend string

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consulNamespace string

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consulPolicies string[]

SEE NOTE The list of Consul ACL policies to associate with these roles.

consulRoles string[]

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local boolean

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

maxTtl number

Maximum TTL for leases associated with this role, in seconds.

name string

The name of the Consul secrets engine role to create.

namespace string

nodeIdentities string[]

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition string

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies string[]

serviceIdentities string[]

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

tokenType string

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl number

Specifies the TTL for this role.

backend str

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consul_namespace str

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consul_policies Sequence[str]

SEE NOTE The list of Consul ACL policies to associate with these roles.

consul_roles Sequence[str]

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local bool

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

max_ttl int

Maximum TTL for leases associated with this role, in seconds.

name str

The name of the Consul secrets engine role to create.

namespace str

node_identities Sequence[str]

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition str

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies Sequence[str]

service_identities Sequence[str]

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

token_type str

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl int

Specifies the TTL for this role.

backend String

The unique name of an existing Consul secrets backend mount. Must not begin or end with a /. One of path or backend is required.

consulNamespace String

The Consul namespace that the token will be created in. Applicable for Vault 1.10+ and Consul 1.7+".

consulPolicies List<String>

SEE NOTE The list of Consul ACL policies to associate with these roles.

consulRoles List<String>

SEE NOTE Set of Consul roles to attach to the token. Applicable for Vault 1.10+ with Consul 1.5+.

local Boolean

Indicates that the token should not be replicated globally and instead be local to the current datacenter.

maxTtl Number

Maximum TTL for leases associated with this role, in seconds.

name String

The name of the Consul secrets engine role to create.

namespace String

nodeIdentities List<String>

SEE NOTE Set of Consul node identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.

partition String

The admin partition that the token will be created in. Applicable for Vault 1.10+ and Consul 1.11+".

policies List<String>

serviceIdentities List<String>

SEE NOTE Set of Consul service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.

tokenType String

Specifies the type of token to create when using this role. Valid values are "client" or "management". Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.

Deprecated:

Consul 1.11 and later removed the legacy ACL system which supported this field.

ttl Number

Specifies the TTL for this role.

Import

Consul secret backend roles can be imported using the backend, /roles/, and the name e.g.

 $ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role

Package Details

Repository: Vault pulumi/pulumi-vault
License: Apache-2.0
Notes: This Pulumi package is based on the vault Terraform Provider.

HashiCorp Vault v5.17.0 published on Thursday, Nov 9, 2023 by Pulumi

pulumi/pulumi-vault

vault.consul.SecretBackendRole

On this page

On this page

Note About Required Arguments

Example Usage

Create SecretBackendRole Resource

SecretBackendRole Resource Properties

Inputs

Outputs

Look up Existing SecretBackendRole Resource

Import

Package Details

On this page

On this page