vault.database.SecretsMount
Import
Database secret backend connections can be imported using the path e.g.
$ pulumi import vault:database/secretsMount:SecretsMount db db
Example Usage
using System.Collections.Generic;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var db = new Vault.Database.SecretsMount("db", new()
{
Path = "db",
Mssqls = new[]
{
new Vault.Database.Inputs.SecretsMountMssqlArgs
{
Name = "db1",
Username = "sa",
Password = "super_secret_1",
ConnectionUrl = "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
AllowedRoles = new[]
{
"dev1",
},
},
},
Postgresqls = new[]
{
new Vault.Database.Inputs.SecretsMountPostgresqlArgs
{
Name = "db2",
Username = "postgres",
Password = "super_secret_2",
ConnectionUrl = "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
VerifyConnection = true,
AllowedRoles = new[]
{
"dev2",
},
},
},
});
var dev1 = new Vault.Database.SecretBackendRole("dev1", new()
{
Backend = db.Path,
DbName = db.Mssqls.Apply(mssqls => mssqls[0]?.Name),
CreationStatements = new[]
{
"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
"CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];",
},
});
var dev2 = new Vault.Database.SecretBackendRole("dev2", new()
{
Backend = db.Path,
DbName = db.Postgresqls.Apply(postgresqls => postgresqls[0]?.Name),
CreationStatements = new[]
{
"CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";",
},
});
});
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
db, err := database.NewSecretsMount(ctx, "db", &database.SecretsMountArgs{
Path: pulumi.String("db"),
Mssqls: database.SecretsMountMssqlArray{
&database.SecretsMountMssqlArgs{
Name: pulumi.String("db1"),
Username: pulumi.String("sa"),
Password: pulumi.String("super_secret_1"),
ConnectionUrl: pulumi.String("sqlserver://{{username}}:{{password}}@127.0.0.1:1433"),
AllowedRoles: pulumi.StringArray{
pulumi.String("dev1"),
},
},
},
Postgresqls: database.SecretsMountPostgresqlArray{
&database.SecretsMountPostgresqlArgs{
Name: pulumi.String("db2"),
Username: pulumi.String("postgres"),
Password: pulumi.String("super_secret_2"),
ConnectionUrl: pulumi.String("postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres"),
VerifyConnection: pulumi.Bool(true),
AllowedRoles: pulumi.StringArray{
pulumi.String("dev2"),
},
},
},
})
if err != nil {
return err
}
_, err = database.NewSecretBackendRole(ctx, "dev1", &database.SecretBackendRoleArgs{
Backend: db.Path,
DbName: db.Mssqls.ApplyT(func(mssqls []database.SecretsMountMssql) (string, error) {
return mssqls[0].Name, nil
}).(pulumi.StringOutput),
CreationStatements: pulumi.StringArray{
pulumi.String("CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';"),
pulumi.String("CREATE USER [{{name}}] FOR LOGIN [{{name}}];"),
pulumi.String("GRANT SELECT ON SCHEMA::dbo TO [{{name}}];"),
},
})
if err != nil {
return err
}
_, err = database.NewSecretBackendRole(ctx, "dev2", &database.SecretBackendRoleArgs{
Backend: db.Path,
DbName: db.Postgresqls.ApplyT(func(postgresqls []database.SecretsMountPostgresql) (string, error) {
return postgresqls[0].Name, nil
}).(pulumi.StringOutput),
CreationStatements: pulumi.StringArray{
pulumi.String("CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';"),
pulumi.String("GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.database.SecretsMount;
import com.pulumi.vault.database.SecretsMountArgs;
import com.pulumi.vault.database.inputs.SecretsMountMssqlArgs;
import com.pulumi.vault.database.inputs.SecretsMountPostgresqlArgs;
import com.pulumi.vault.database.SecretBackendRole;
import com.pulumi.vault.database.SecretBackendRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var db = new SecretsMount("db", SecretsMountArgs.builder()
.path("db")
.mssqls(SecretsMountMssqlArgs.builder()
.name("db1")
.username("sa")
.password("super_secret_1")
.connectionUrl("sqlserver://{{username}}:{{password}}@127.0.0.1:1433")
.allowedRoles("dev1")
.build())
.postgresqls(SecretsMountPostgresqlArgs.builder()
.name("db2")
.username("postgres")
.password("super_secret_2")
.connectionUrl("postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres")
.verifyConnection(true)
.allowedRoles("dev2")
.build())
.build());
var dev1 = new SecretBackendRole("dev1", SecretBackendRoleArgs.builder()
.backend(db.path())
.dbName(db.mssqls().applyValue(mssqls -> mssqls[0].name()))
.creationStatements(
"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
"CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];")
.build());
var dev2 = new SecretBackendRole("dev2", SecretBackendRoleArgs.builder()
.backend(db.path())
.dbName(db.postgresqls().applyValue(postgresqls -> postgresqls[0].name()))
.creationStatements(
"CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";")
.build());
}
}
import pulumi
import pulumi_vault as vault
db = vault.database.SecretsMount("db",
path="db",
mssqls=[vault.database.SecretsMountMssqlArgs(
name="db1",
username="sa",
password="super_secret_1",
connection_url="sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
allowed_roles=["dev1"],
)],
postgresqls=[vault.database.SecretsMountPostgresqlArgs(
name="db2",
username="postgres",
password="super_secret_2",
connection_url="postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
verify_connection=True,
allowed_roles=["dev2"],
)])
dev1 = vault.database.SecretBackendRole("dev1",
backend=db.path,
db_name=db.mssqls[0].name,
creation_statements=[
"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
"CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];",
])
dev2 = vault.database.SecretBackendRole("dev2",
backend=db.path,
db_name=db.postgresqls[0].name,
creation_statements=[
"CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";",
])
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const db = new vault.database.SecretsMount("db", {
path: "db",
mssqls: [{
name: "db1",
username: "sa",
password: "super_secret_1",
connectionUrl: "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
allowedRoles: ["dev1"],
}],
postgresqls: [{
name: "db2",
username: "postgres",
password: "super_secret_2",
connectionUrl: "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
verifyConnection: true,
allowedRoles: ["dev2"],
}],
});
const dev1 = new vault.database.SecretBackendRole("dev1", {
backend: db.path,
dbName: db.mssqls.apply(mssqls => mssqls?[0]?.name),
creationStatements: [
"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
"CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];",
],
});
const dev2 = new vault.database.SecretBackendRole("dev2", {
backend: db.path,
dbName: db.postgresqls.apply(postgresqls => postgresqls?[0]?.name),
creationStatements: [
"CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";",
],
});
resources:
db:
type: vault:database:SecretsMount
properties:
path: db
mssqls:
- name: db1
username: sa
password: super_secret_1
connectionUrl: sqlserver://{{username}}:{{password}}@127.0.0.1:1433
allowedRoles:
- dev1
postgresqls:
- name: db2
username: postgres
password: super_secret_2
connectionUrl: postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres
verifyConnection: true
allowedRoles:
- dev2
dev1:
type: vault:database:SecretBackendRole
properties:
backend: ${db.path}
dbName: ${db.mssqls[0].name}
creationStatements:
- CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';
- CREATE USER [{{name}}] FOR LOGIN [{{name}}];
- GRANT SELECT ON SCHEMA::dbo TO [{{name}}];
dev2:
type: vault:database:SecretBackendRole
properties:
backend: ${db.path}
dbName: ${db.postgresqls[0].name}
creationStatements:
- CREATE ROLE "{{name}}" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';
- GRANT SELECT ON ALL TABLES IN SCHEMA public TO "{{name}}";
Create SecretsMount Resource
new SecretsMount(name: string, args: SecretsMountArgs, opts?: CustomResourceOptions);@overload
def SecretsMount(resource_name: str,
opts: Optional[ResourceOptions] = None,
allowed_managed_keys: Optional[Sequence[str]] = None,
audit_non_hmac_request_keys: Optional[Sequence[str]] = None,
audit_non_hmac_response_keys: Optional[Sequence[str]] = None,
cassandras: Optional[Sequence[SecretsMountCassandraArgs]] = None,
couchbases: Optional[Sequence[SecretsMountCouchbaseArgs]] = None,
default_lease_ttl_seconds: Optional[int] = None,
description: Optional[str] = None,
elasticsearches: Optional[Sequence[SecretsMountElasticsearchArgs]] = None,
external_entropy_access: Optional[bool] = None,
hanas: Optional[Sequence[SecretsMountHanaArgs]] = None,
influxdbs: Optional[Sequence[SecretsMountInfluxdbArgs]] = None,
local: Optional[bool] = None,
max_lease_ttl_seconds: Optional[int] = None,
mongodbatlas: Optional[Sequence[SecretsMountMongodbatlaArgs]] = None,
mongodbs: Optional[Sequence[SecretsMountMongodbArgs]] = None,
mssqls: Optional[Sequence[SecretsMountMssqlArgs]] = None,
mysql_auroras: Optional[Sequence[SecretsMountMysqlAuroraArgs]] = None,
mysql_legacies: Optional[Sequence[SecretsMountMysqlLegacyArgs]] = None,
mysql_rds: Optional[Sequence[SecretsMountMysqlRdArgs]] = None,
mysqls: Optional[Sequence[SecretsMountMysqlArgs]] = None,
namespace: Optional[str] = None,
options: Optional[Mapping[str, Any]] = None,
oracles: Optional[Sequence[SecretsMountOracleArgs]] = None,
path: Optional[str] = None,
postgresqls: Optional[Sequence[SecretsMountPostgresqlArgs]] = None,
redis: Optional[Sequence[SecretsMountRediArgs]] = None,
redis_elasticaches: Optional[Sequence[SecretsMountRedisElasticachArgs]] = None,
redshifts: Optional[Sequence[SecretsMountRedshiftArgs]] = None,
seal_wrap: Optional[bool] = None,
snowflakes: Optional[Sequence[SecretsMountSnowflakeArgs]] = None)
@overload
def SecretsMount(resource_name: str,
args: SecretsMountArgs,
opts: Optional[ResourceOptions] = None)func NewSecretsMount(ctx *Context, name string, args SecretsMountArgs, opts ...ResourceOption) (*SecretsMount, error)public SecretsMount(string name, SecretsMountArgs args, CustomResourceOptions? opts = null)
public SecretsMount(String name, SecretsMountArgs args)
public SecretsMount(String name, SecretsMountArgs args, CustomResourceOptions options)
type: vault:database:SecretsMount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecretsMountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecretsMountArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecretsMountArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecretsMountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecretsMountArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
SecretsMount Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The SecretsMount resource accepts the following input properties:
- Path string
Where the secret backend will be mounted
- Allowed
Managed List<string>Keys Set of managed key registry entry names that the mount in question is allowed to access
- Audit
Non List<string>Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- Audit
Non List<string>Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- Cassandras
List<Secrets
Mount Cassandra Args> A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- Couchbases
List<Secrets
Mount Couchbase Args> A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- Default
Lease intTtl Seconds Default lease duration for tokens and secrets in seconds
- Description string
Human-friendly description of the mount
- Elasticsearches
List<Secrets
Mount Elasticsearch Args> A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- External
Entropy boolAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- Hanas
List<Secrets
Mount Hana Args> A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- Influxdbs
List<Secrets
Mount Influxdb Args> A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- Local bool
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- Max
Lease intTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- Mongodbatlas
List<Secrets
Mount Mongodbatla Args> A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- Mongodbs
List<Secrets
Mount Mongodb Args> A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- Mssqls
List<Secrets
Mount Mssql Args> A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- Mysql
Auroras List<SecretsMount Mysql Aurora Args> A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- Mysql
Legacies List<SecretsMount Mysql Legacy Args> A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- Mysql
Rds List<SecretsMount Mysql Rd Args> A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- Mysqls
List<Secrets
Mount Mysql Args> A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- Namespace string
Target namespace. (requires Enterprise)
- Options Dictionary<string, object>
Specifies mount type specific options that are passed to the backend
- Oracles
List<Secrets
Mount Oracle Args> A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- Postgresqls
List<Secrets
Mount Postgresql Args> A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- Redis
List<Secrets
Mount Redi Args> A nested block containing configuration options for Redis connections.
See Configuration Options for more info- Redis
Elasticaches List<SecretsMount Redis Elasticach Args> A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- Redshifts
List<Secrets
Mount Redshift Args> A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- Seal
Wrap bool Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- Snowflakes
List<Secrets
Mount Snowflake Args> A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- Path string
Where the secret backend will be mounted
- Allowed
Managed []stringKeys Set of managed key registry entry names that the mount in question is allowed to access
- Audit
Non []stringHmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- Audit
Non []stringHmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- Cassandras
[]Secrets
Mount Cassandra Args A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- Couchbases
[]Secrets
Mount Couchbase Args A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- Default
Lease intTtl Seconds Default lease duration for tokens and secrets in seconds
- Description string
Human-friendly description of the mount
- Elasticsearches
[]Secrets
Mount Elasticsearch Args A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- External
Entropy boolAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- Hanas
[]Secrets
Mount Hana Args A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- Influxdbs
[]Secrets
Mount Influxdb Args A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- Local bool
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- Max
Lease intTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- Mongodbatlas
[]Secrets
Mount Mongodbatla Args A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- Mongodbs
[]Secrets
Mount Mongodb Args A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- Mssqls
[]Secrets
Mount Mssql Args A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- Mysql
Auroras []SecretsMount Mysql Aurora Args A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- Mysql
Legacies []SecretsMount Mysql Legacy Args A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- Mysql
Rds []SecretsMount Mysql Rd Args A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- Mysqls
[]Secrets
Mount Mysql Args A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- Namespace string
Target namespace. (requires Enterprise)
- Options map[string]interface{}
Specifies mount type specific options that are passed to the backend
- Oracles
[]Secrets
Mount Oracle Args A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- Postgresqls
[]Secrets
Mount Postgresql Args A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- Redis
[]Secrets
Mount Redi Args A nested block containing configuration options for Redis connections.
See Configuration Options for more info- Redis
Elasticaches []SecretsMount Redis Elasticach Args A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- Redshifts
[]Secrets
Mount Redshift Args A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- Seal
Wrap bool Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- Snowflakes
[]Secrets
Mount Snowflake Args A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- path String
Where the secret backend will be mounted
- allowed
Managed List<String>Keys Set of managed key registry entry names that the mount in question is allowed to access
- audit
Non List<String>Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit
Non List<String>Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras
List<Secrets
Mount Cassandra Args> A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases
List<Secrets
Mount Couchbase Args> A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default
Lease IntegerTtl Seconds Default lease duration for tokens and secrets in seconds
- description String
Human-friendly description of the mount
- elasticsearches
List<Secrets
Mount Elasticsearch Args> A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- external
Entropy BooleanAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas
List<Secrets
Mount Hana Args> A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs
List<Secrets
Mount Influxdb Args> A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local Boolean
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max
Lease IntegerTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas
List<Secrets
Mount Mongodbatla Args> A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs
List<Secrets
Mount Mongodb Args> A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls
List<Secrets
Mount Mssql Args> A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql
Auroras List<SecretsMount Mysql Aurora Args> A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql
Legacies List<SecretsMount Mysql Legacy Args> A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql
Rds List<SecretsMount Mysql Rd Args> A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls
List<Secrets
Mount Mysql Args> A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace String
Target namespace. (requires Enterprise)
- options Map<String,Object>
Specifies mount type specific options that are passed to the backend
- oracles
List<Secrets
Mount Oracle Args> A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- postgresqls
List<Secrets
Mount Postgresql Args> A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis
List<Secrets
Mount Redi Args> A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis
Elasticaches List<SecretsMount Redis Elasticach Args> A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts
List<Secrets
Mount Redshift Args> A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal
Wrap Boolean Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes
List<Secrets
Mount Snowflake Args> A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- path string
Where the secret backend will be mounted
- allowed
Managed string[]Keys Set of managed key registry entry names that the mount in question is allowed to access
- audit
Non string[]Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit
Non string[]Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras
Secrets
Mount Cassandra Args[] A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases
Secrets
Mount Couchbase Args[] A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default
Lease numberTtl Seconds Default lease duration for tokens and secrets in seconds
- description string
Human-friendly description of the mount
- elasticsearches
Secrets
Mount Elasticsearch Args[] A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- external
Entropy booleanAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas
Secrets
Mount Hana Args[] A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs
Secrets
Mount Influxdb Args[] A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local boolean
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max
Lease numberTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas
Secrets
Mount Mongodbatla Args[] A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs
Secrets
Mount Mongodb Args[] A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls
Secrets
Mount Mssql Args[] A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql
Auroras SecretsMount Mysql Aurora Args[] A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql
Legacies SecretsMount Mysql Legacy Args[] A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql
Rds SecretsMount Mysql Rd Args[] A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls
Secrets
Mount Mysql Args[] A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace string
Target namespace. (requires Enterprise)
- options {[key: string]: any}
Specifies mount type specific options that are passed to the backend
- oracles
Secrets
Mount Oracle Args[] A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- postgresqls
Secrets
Mount Postgresql Args[] A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis
Secrets
Mount Redi Args[] A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis
Elasticaches SecretsMount Redis Elasticach Args[] A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts
Secrets
Mount Redshift Args[] A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal
Wrap boolean Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes
Secrets
Mount Snowflake Args[] A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- path str
Where the secret backend will be mounted
- allowed_
managed_ Sequence[str]keys Set of managed key registry entry names that the mount in question is allowed to access
- audit_
non_ Sequence[str]hmac_ request_ keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit_
non_ Sequence[str]hmac_ response_ keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras
Sequence[Secrets
Mount Cassandra Args] A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases
Sequence[Secrets
Mount Couchbase Args] A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default_
lease_ intttl_ seconds Default lease duration for tokens and secrets in seconds
- description str
Human-friendly description of the mount
- elasticsearches
Sequence[Secrets
Mount Elasticsearch Args] A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- external_
entropy_ boolaccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas
Sequence[Secrets
Mount Hana Args] A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs
Sequence[Secrets
Mount Influxdb Args] A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local bool
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max_
lease_ intttl_ seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas
Sequence[Secrets
Mount Mongodbatla Args] A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs
Sequence[Secrets
Mount Mongodb Args] A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls
Sequence[Secrets
Mount Mssql Args] A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql_
auroras Sequence[SecretsMount Mysql Aurora Args] A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql_
legacies Sequence[SecretsMount Mysql Legacy Args] A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql_
rds Sequence[SecretsMount Mysql Rd Args] A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls
Sequence[Secrets
Mount Mysql Args] A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace str
Target namespace. (requires Enterprise)
- options Mapping[str, Any]
Specifies mount type specific options that are passed to the backend
- oracles
Sequence[Secrets
Mount Oracle Args] A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- postgresqls
Sequence[Secrets
Mount Postgresql Args] A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis
Sequence[Secrets
Mount Redi Args] A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis_
elasticaches Sequence[SecretsMount Redis Elasticach Args] A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts
Sequence[Secrets
Mount Redshift Args] A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal_
wrap bool Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes
Sequence[Secrets
Mount Snowflake Args] A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- path String
Where the secret backend will be mounted
- allowed
Managed List<String>Keys Set of managed key registry entry names that the mount in question is allowed to access
- audit
Non List<String>Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit
Non List<String>Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras List<Property Map>
A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases List<Property Map>
A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default
Lease NumberTtl Seconds Default lease duration for tokens and secrets in seconds
- description String
Human-friendly description of the mount
- elasticsearches List<Property Map>
A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- external
Entropy BooleanAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas List<Property Map>
A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs List<Property Map>
A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local Boolean
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max
Lease NumberTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas List<Property Map>
A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs List<Property Map>
A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls List<Property Map>
A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql
Auroras List<Property Map> A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql
Legacies List<Property Map> A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql
Rds List<Property Map> A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls List<Property Map>
A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace String
Target namespace. (requires Enterprise)
- options Map<Any>
Specifies mount type specific options that are passed to the backend
- oracles List<Property Map>
A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- postgresqls List<Property Map>
A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis List<Property Map>
A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis
Elasticaches List<Property Map> A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts List<Property Map>
A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal
Wrap Boolean Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes List<Property Map>
A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
Outputs
All input properties are implicitly available as output properties. Additionally, the SecretsMount resource produces the following output properties:
- Accessor string
Accessor of the mount
- Engine
Count int The total number of database secrets engines configured.
- Id string
The provider-assigned unique ID for this managed resource.
- Accessor string
Accessor of the mount
- Engine
Count int The total number of database secrets engines configured.
- Id string
The provider-assigned unique ID for this managed resource.
- accessor String
Accessor of the mount
- engine
Count Integer The total number of database secrets engines configured.
- id String
The provider-assigned unique ID for this managed resource.
- accessor string
Accessor of the mount
- engine
Count number The total number of database secrets engines configured.
- id string
The provider-assigned unique ID for this managed resource.
- accessor str
Accessor of the mount
- engine_
count int The total number of database secrets engines configured.
- id str
The provider-assigned unique ID for this managed resource.
- accessor String
Accessor of the mount
- engine
Count Number The total number of database secrets engines configured.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing SecretsMount Resource
Get an existing SecretsMount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecretsMountState, opts?: CustomResourceOptions): SecretsMount@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
accessor: Optional[str] = None,
allowed_managed_keys: Optional[Sequence[str]] = None,
audit_non_hmac_request_keys: Optional[Sequence[str]] = None,
audit_non_hmac_response_keys: Optional[Sequence[str]] = None,
cassandras: Optional[Sequence[SecretsMountCassandraArgs]] = None,
couchbases: Optional[Sequence[SecretsMountCouchbaseArgs]] = None,
default_lease_ttl_seconds: Optional[int] = None,
description: Optional[str] = None,
elasticsearches: Optional[Sequence[SecretsMountElasticsearchArgs]] = None,
engine_count: Optional[int] = None,
external_entropy_access: Optional[bool] = None,
hanas: Optional[Sequence[SecretsMountHanaArgs]] = None,
influxdbs: Optional[Sequence[SecretsMountInfluxdbArgs]] = None,
local: Optional[bool] = None,
max_lease_ttl_seconds: Optional[int] = None,
mongodbatlas: Optional[Sequence[SecretsMountMongodbatlaArgs]] = None,
mongodbs: Optional[Sequence[SecretsMountMongodbArgs]] = None,
mssqls: Optional[Sequence[SecretsMountMssqlArgs]] = None,
mysql_auroras: Optional[Sequence[SecretsMountMysqlAuroraArgs]] = None,
mysql_legacies: Optional[Sequence[SecretsMountMysqlLegacyArgs]] = None,
mysql_rds: Optional[Sequence[SecretsMountMysqlRdArgs]] = None,
mysqls: Optional[Sequence[SecretsMountMysqlArgs]] = None,
namespace: Optional[str] = None,
options: Optional[Mapping[str, Any]] = None,
oracles: Optional[Sequence[SecretsMountOracleArgs]] = None,
path: Optional[str] = None,
postgresqls: Optional[Sequence[SecretsMountPostgresqlArgs]] = None,
redis: Optional[Sequence[SecretsMountRediArgs]] = None,
redis_elasticaches: Optional[Sequence[SecretsMountRedisElasticachArgs]] = None,
redshifts: Optional[Sequence[SecretsMountRedshiftArgs]] = None,
seal_wrap: Optional[bool] = None,
snowflakes: Optional[Sequence[SecretsMountSnowflakeArgs]] = None) -> SecretsMountfunc GetSecretsMount(ctx *Context, name string, id IDInput, state *SecretsMountState, opts ...ResourceOption) (*SecretsMount, error)public static SecretsMount Get(string name, Input<string> id, SecretsMountState? state, CustomResourceOptions? opts = null)public static SecretsMount get(String name, Output<String> id, SecretsMountState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Accessor string
Accessor of the mount
- Allowed
Managed List<string>Keys Set of managed key registry entry names that the mount in question is allowed to access
- Audit
Non List<string>Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- Audit
Non List<string>Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- Cassandras
List<Secrets
Mount Cassandra Args> A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- Couchbases
List<Secrets
Mount Couchbase Args> A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- Default
Lease intTtl Seconds Default lease duration for tokens and secrets in seconds
- Description string
Human-friendly description of the mount
- Elasticsearches
List<Secrets
Mount Elasticsearch Args> A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- Engine
Count int The total number of database secrets engines configured.
- External
Entropy boolAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- Hanas
List<Secrets
Mount Hana Args> A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- Influxdbs
List<Secrets
Mount Influxdb Args> A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- Local bool
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- Max
Lease intTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- Mongodbatlas
List<Secrets
Mount Mongodbatla Args> A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- Mongodbs
List<Secrets
Mount Mongodb Args> A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- Mssqls
List<Secrets
Mount Mssql Args> A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- Mysql
Auroras List<SecretsMount Mysql Aurora Args> A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- Mysql
Legacies List<SecretsMount Mysql Legacy Args> A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- Mysql
Rds List<SecretsMount Mysql Rd Args> A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- Mysqls
List<Secrets
Mount Mysql Args> A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- Namespace string
Target namespace. (requires Enterprise)
- Options Dictionary<string, object>
Specifies mount type specific options that are passed to the backend
- Oracles
List<Secrets
Mount Oracle Args> A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- Path string
Where the secret backend will be mounted
- Postgresqls
List<Secrets
Mount Postgresql Args> A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- Redis
List<Secrets
Mount Redi Args> A nested block containing configuration options for Redis connections.
See Configuration Options for more info- Redis
Elasticaches List<SecretsMount Redis Elasticach Args> A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- Redshifts
List<Secrets
Mount Redshift Args> A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- Seal
Wrap bool Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- Snowflakes
List<Secrets
Mount Snowflake Args> A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- Accessor string
Accessor of the mount
- Allowed
Managed []stringKeys Set of managed key registry entry names that the mount in question is allowed to access
- Audit
Non []stringHmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- Audit
Non []stringHmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- Cassandras
[]Secrets
Mount Cassandra Args A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- Couchbases
[]Secrets
Mount Couchbase Args A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- Default
Lease intTtl Seconds Default lease duration for tokens and secrets in seconds
- Description string
Human-friendly description of the mount
- Elasticsearches
[]Secrets
Mount Elasticsearch Args A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- Engine
Count int The total number of database secrets engines configured.
- External
Entropy boolAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- Hanas
[]Secrets
Mount Hana Args A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- Influxdbs
[]Secrets
Mount Influxdb Args A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- Local bool
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- Max
Lease intTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- Mongodbatlas
[]Secrets
Mount Mongodbatla Args A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- Mongodbs
[]Secrets
Mount Mongodb Args A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- Mssqls
[]Secrets
Mount Mssql Args A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- Mysql
Auroras []SecretsMount Mysql Aurora Args A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- Mysql
Legacies []SecretsMount Mysql Legacy Args A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- Mysql
Rds []SecretsMount Mysql Rd Args A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- Mysqls
[]Secrets
Mount Mysql Args A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- Namespace string
Target namespace. (requires Enterprise)
- Options map[string]interface{}
Specifies mount type specific options that are passed to the backend
- Oracles
[]Secrets
Mount Oracle Args A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- Path string
Where the secret backend will be mounted
- Postgresqls
[]Secrets
Mount Postgresql Args A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- Redis
[]Secrets
Mount Redi Args A nested block containing configuration options for Redis connections.
See Configuration Options for more info- Redis
Elasticaches []SecretsMount Redis Elasticach Args A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- Redshifts
[]Secrets
Mount Redshift Args A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- Seal
Wrap bool Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- Snowflakes
[]Secrets
Mount Snowflake Args A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- accessor String
Accessor of the mount
- allowed
Managed List<String>Keys Set of managed key registry entry names that the mount in question is allowed to access
- audit
Non List<String>Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit
Non List<String>Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras
List<Secrets
Mount Cassandra Args> A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases
List<Secrets
Mount Couchbase Args> A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default
Lease IntegerTtl Seconds Default lease duration for tokens and secrets in seconds
- description String
Human-friendly description of the mount
- elasticsearches
List<Secrets
Mount Elasticsearch Args> A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- engine
Count Integer The total number of database secrets engines configured.
- external
Entropy BooleanAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas
List<Secrets
Mount Hana Args> A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs
List<Secrets
Mount Influxdb Args> A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local Boolean
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max
Lease IntegerTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas
List<Secrets
Mount Mongodbatla Args> A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs
List<Secrets
Mount Mongodb Args> A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls
List<Secrets
Mount Mssql Args> A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql
Auroras List<SecretsMount Mysql Aurora Args> A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql
Legacies List<SecretsMount Mysql Legacy Args> A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql
Rds List<SecretsMount Mysql Rd Args> A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls
List<Secrets
Mount Mysql Args> A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace String
Target namespace. (requires Enterprise)
- options Map<String,Object>
Specifies mount type specific options that are passed to the backend
- oracles
List<Secrets
Mount Oracle Args> A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- path String
Where the secret backend will be mounted
- postgresqls
List<Secrets
Mount Postgresql Args> A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis
List<Secrets
Mount Redi Args> A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis
Elasticaches List<SecretsMount Redis Elasticach Args> A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts
List<Secrets
Mount Redshift Args> A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal
Wrap Boolean Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes
List<Secrets
Mount Snowflake Args> A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- accessor string
Accessor of the mount
- allowed
Managed string[]Keys Set of managed key registry entry names that the mount in question is allowed to access
- audit
Non string[]Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit
Non string[]Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras
Secrets
Mount Cassandra Args[] A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases
Secrets
Mount Couchbase Args[] A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default
Lease numberTtl Seconds Default lease duration for tokens and secrets in seconds
- description string
Human-friendly description of the mount
- elasticsearches
Secrets
Mount Elasticsearch Args[] A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- engine
Count number The total number of database secrets engines configured.
- external
Entropy booleanAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas
Secrets
Mount Hana Args[] A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs
Secrets
Mount Influxdb Args[] A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local boolean
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max
Lease numberTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas
Secrets
Mount Mongodbatla Args[] A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs
Secrets
Mount Mongodb Args[] A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls
Secrets
Mount Mssql Args[] A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql
Auroras SecretsMount Mysql Aurora Args[] A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql
Legacies SecretsMount Mysql Legacy Args[] A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql
Rds SecretsMount Mysql Rd Args[] A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls
Secrets
Mount Mysql Args[] A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace string
Target namespace. (requires Enterprise)
- options {[key: string]: any}
Specifies mount type specific options that are passed to the backend
- oracles
Secrets
Mount Oracle Args[] A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- path string
Where the secret backend will be mounted
- postgresqls
Secrets
Mount Postgresql Args[] A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis
Secrets
Mount Redi Args[] A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis
Elasticaches SecretsMount Redis Elasticach Args[] A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts
Secrets
Mount Redshift Args[] A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal
Wrap boolean Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes
Secrets
Mount Snowflake Args[] A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- accessor str
Accessor of the mount
- allowed_
managed_ Sequence[str]keys Set of managed key registry entry names that the mount in question is allowed to access
- audit_
non_ Sequence[str]hmac_ request_ keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit_
non_ Sequence[str]hmac_ response_ keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras
Sequence[Secrets
Mount Cassandra Args] A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases
Sequence[Secrets
Mount Couchbase Args] A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default_
lease_ intttl_ seconds Default lease duration for tokens and secrets in seconds
- description str
Human-friendly description of the mount
- elasticsearches
Sequence[Secrets
Mount Elasticsearch Args] A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- engine_
count int The total number of database secrets engines configured.
- external_
entropy_ boolaccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas
Sequence[Secrets
Mount Hana Args] A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs
Sequence[Secrets
Mount Influxdb Args] A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local bool
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max_
lease_ intttl_ seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas
Sequence[Secrets
Mount Mongodbatla Args] A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs
Sequence[Secrets
Mount Mongodb Args] A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls
Sequence[Secrets
Mount Mssql Args] A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql_
auroras Sequence[SecretsMount Mysql Aurora Args] A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql_
legacies Sequence[SecretsMount Mysql Legacy Args] A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql_
rds Sequence[SecretsMount Mysql Rd Args] A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls
Sequence[Secrets
Mount Mysql Args] A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace str
Target namespace. (requires Enterprise)
- options Mapping[str, Any]
Specifies mount type specific options that are passed to the backend
- oracles
Sequence[Secrets
Mount Oracle Args] A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- path str
Where the secret backend will be mounted
- postgresqls
Sequence[Secrets
Mount Postgresql Args] A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis
Sequence[Secrets
Mount Redi Args] A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis_
elasticaches Sequence[SecretsMount Redis Elasticach Args] A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts
Sequence[Secrets
Mount Redshift Args] A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal_
wrap bool Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes
Sequence[Secrets
Mount Snowflake Args] A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
- accessor String
Accessor of the mount
- allowed
Managed List<String>Keys Set of managed key registry entry names that the mount in question is allowed to access
- audit
Non List<String>Hmac Request Keys Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
- audit
Non List<String>Hmac Response Keys Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
- cassandras List<Property Map>
A nested block containing configuration options for Cassandra connections.
See Configuration Options for more info- couchbases List<Property Map>
A nested block containing configuration options for Couchbase connections.
See Configuration Options for more info- default
Lease NumberTtl Seconds Default lease duration for tokens and secrets in seconds
- description String
Human-friendly description of the mount
- elasticsearches List<Property Map>
A nested block containing configuration options for Elasticsearch connections.
See Configuration Options for more info- engine
Count Number The total number of database secrets engines configured.
- external
Entropy BooleanAccess Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
- hanas List<Property Map>
A nested block containing configuration options for SAP HanaDB connections.
See Configuration Options for more info- influxdbs List<Property Map>
A nested block containing configuration options for InfluxDB connections.
See Configuration Options for more info- local Boolean
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
- max
Lease NumberTtl Seconds Maximum possible lease duration for tokens and secrets in seconds
- mongodbatlas List<Property Map>
A nested block containing configuration options for MongoDB Atlas connections.
See Configuration Options for more info- mongodbs List<Property Map>
A nested block containing configuration options for MongoDB connections.
See Configuration Options for more info- mssqls List<Property Map>
A nested block containing configuration options for MSSQL connections.
See Configuration Options for more info- mysql
Auroras List<Property Map> A nested block containing configuration options for Aurora MySQL connections.
See Configuration Options for more info- mysql
Legacies List<Property Map> A nested block containing configuration options for legacy MySQL connections.
See Configuration Options for more info- mysql
Rds List<Property Map> A nested block containing configuration options for RDS MySQL connections.
See Configuration Options for more info- mysqls List<Property Map>
A nested block containing configuration options for MySQL connections.
See Configuration Options for more info- namespace String
Target namespace. (requires Enterprise)
- options Map<Any>
Specifies mount type specific options that are passed to the backend
- oracles List<Property Map>
A nested block containing configuration options for Oracle connections.
See Configuration Options for more info- path String
Where the secret backend will be mounted
- postgresqls List<Property Map>
A nested block containing configuration options for PostgreSQL connections.
See Configuration Options for more info- redis List<Property Map>
A nested block containing configuration options for Redis connections.
See Configuration Options for more info- redis
Elasticaches List<Property Map> A nested block containing configuration options for Redis ElastiCache connections.
See Configuration Options for more info- redshifts List<Property Map>
A nested block containing configuration options for AWS Redshift connections.
See Configuration Options for more info- seal
Wrap Boolean Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
- snowflakes List<Property Map>
A nested block containing configuration options for Snowflake connections.
See Configuration Options for more info
Supporting Types
SecretsMountCassandra
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connect
Timeout int The number of seconds to use as a connection timeout.
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Hosts List<string>
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Password string
The password to be used in the connection.
- Pem
Bundle string Concatenated PEM blocks configuring the certificate chain.
- Pem
Json string A JSON structure configuring the certificate chain.
- Plugin
Name string Specifies the name of the plugin to use.
- Port int
The default port to connect to if no port is specified as part of the host.
- Protocol
Version int The CQL protocol version to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Username string
The username to be used in the connection (the account admin level).
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connect
Timeout int The number of seconds to use as a connection timeout.
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Hosts []string
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Password string
The password to be used in the connection.
- Pem
Bundle string Concatenated PEM blocks configuring the certificate chain.
- Pem
Json string A JSON structure configuring the certificate chain.
- Plugin
Name string Specifies the name of the plugin to use.
- Port int
The default port to connect to if no port is specified as part of the host.
- Protocol
Version int The CQL protocol version to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Username string
The username to be used in the connection (the account admin level).
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connect
Timeout Integer The number of seconds to use as a connection timeout.
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- hosts List<String>
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- password String
The password to be used in the connection.
- pem
Bundle String Concatenated PEM blocks configuring the certificate chain.
- pem
Json String A JSON structure configuring the certificate chain.
- plugin
Name String Specifies the name of the plugin to use.
- port Integer
The default port to connect to if no port is specified as part of the host.
- protocol
Version Integer The CQL protocol version to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- username String
The username to be used in the connection (the account admin level).
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connect
Timeout number The number of seconds to use as a connection timeout.
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- hosts string[]
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- insecure
Tls boolean Whether to skip verification of the server certificate when using TLS.
- password string
The password to be used in the connection.
- pem
Bundle string Concatenated PEM blocks configuring the certificate chain.
- pem
Json string A JSON structure configuring the certificate chain.
- plugin
Name string Specifies the name of the plugin to use.
- port number
The default port to connect to if no port is specified as part of the host.
- protocol
Version number The CQL protocol version to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- tls boolean
Whether to use TLS when connecting to Redis.
- username string
The username to be used in the connection (the account admin level).
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connect_
timeout int The number of seconds to use as a connection timeout.
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- hosts Sequence[str]
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- insecure_
tls bool Whether to skip verification of the server certificate when using TLS.
- password str
The password to be used in the connection.
- pem_
bundle str Concatenated PEM blocks configuring the certificate chain.
- pem_
json str A JSON structure configuring the certificate chain.
- plugin_
name str Specifies the name of the plugin to use.
- port int
The default port to connect to if no port is specified as part of the host.
- protocol_
version int The CQL protocol version to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- tls bool
Whether to use TLS when connecting to Redis.
- username str
The username to be used in the connection (the account admin level).
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connect
Timeout Number The number of seconds to use as a connection timeout.
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- hosts List<String>
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- password String
The password to be used in the connection.
- pem
Bundle String Concatenated PEM blocks configuring the certificate chain.
- pem
Json String A JSON structure configuring the certificate chain.
- plugin
Name String Specifies the name of the plugin to use.
- port Number
The default port to connect to if no port is specified as part of the host.
- protocol
Version Number The CQL protocol version to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- username String
The username to be used in the connection (the account admin level).
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountCouchbase
- Hosts List<string>
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- Name string
- Password string
The password to be used in the connection.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Base64Pem string
Required if
tlsistrue. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.- Bucket
Name string Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Hosts []string
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- Name string
- Password string
The password to be used in the connection.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Base64Pem string
Required if
tlsistrue. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.- Bucket
Name string Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- hosts List<String>
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- name String
- password String
The password to be used in the connection.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- base64Pem String
Required if
tlsistrue. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.- bucket
Name String Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- hosts string[]
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- name string
- password string
The password to be used in the connection.
- username string
The username to be used in the connection (the account admin level).
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- base64Pem string
Required if
tlsistrue. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.- bucket
Name string Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls boolean Whether to skip verification of the server certificate when using TLS.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- tls boolean
Whether to use TLS when connecting to Redis.
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- hosts Sequence[str]
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- name str
- password str
The password to be used in the connection.
- username str
The username to be used in the connection (the account admin level).
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- base64_
pem str Required if
tlsistrue. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.- bucket_
name str Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure_
tls bool Whether to skip verification of the server certificate when using TLS.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- tls bool
Whether to use TLS when connecting to Redis.
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- hosts List<String>
A set of Couchbase URIs to connect to. Must use
couchbases://scheme iftlsistrue.- name String
- password String
The password to be used in the connection.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- base64Pem String
Required if
tlsistrue. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.- bucket
Name String Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountElasticsearch
- Name string
- Password string
The password to be used in the connection.
- Url string
The configuration endpoint for the ElastiCache cluster to connect to.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Ca
Cert string The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- Ca
Path string The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
- Client
Cert string The path to the certificate for the Elasticsearch client to present for communication.
- Client
Key string The path to the key for the Elasticsearch client to use for communication.
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure bool
Whether to disable certificate verification.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Tls
Server stringName This, if set, is used to set the SNI host when connecting via TLS.
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Password string
The password to be used in the connection.
- Url string
The configuration endpoint for the ElastiCache cluster to connect to.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Ca
Cert string The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- Ca
Path string The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
- Client
Cert string The path to the certificate for the Elasticsearch client to present for communication.
- Client
Key string The path to the key for the Elasticsearch client to use for communication.
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure bool
Whether to disable certificate verification.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Tls
Server stringName This, if set, is used to set the SNI host when connecting via TLS.
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- password String
The password to be used in the connection.
- url String
The configuration endpoint for the ElastiCache cluster to connect to.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- ca
Cert String The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- ca
Path String The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
- client
Cert String The path to the certificate for the Elasticsearch client to present for communication.
- client
Key String The path to the key for the Elasticsearch client to use for communication.
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure Boolean
Whether to disable certificate verification.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls
Server StringName This, if set, is used to set the SNI host when connecting via TLS.
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- password string
The password to be used in the connection.
- url string
The configuration endpoint for the ElastiCache cluster to connect to.
- username string
The username to be used in the connection (the account admin level).
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- ca
Cert string The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- ca
Path string The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
- client
Cert string The path to the certificate for the Elasticsearch client to present for communication.
- client
Key string The path to the key for the Elasticsearch client to use for communication.
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure boolean
Whether to disable certificate verification.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- tls
Server stringName This, if set, is used to set the SNI host when connecting via TLS.
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- password str
The password to be used in the connection.
- url str
The configuration endpoint for the ElastiCache cluster to connect to.
- username str
The username to be used in the connection (the account admin level).
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- ca_
cert str The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- ca_
path str The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
- client_
cert str The path to the certificate for the Elasticsearch client to present for communication.
- client_
key str The path to the key for the Elasticsearch client to use for communication.
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure bool
Whether to disable certificate verification.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- tls_
server_ strname This, if set, is used to set the SNI host when connecting via TLS.
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- password String
The password to be used in the connection.
- url String
The configuration endpoint for the ElastiCache cluster to connect to.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- ca
Cert String The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- ca
Path String The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
- client
Cert String The path to the certificate for the Elasticsearch client to present for communication.
- client
Key String The path to the key for the Elasticsearch client to use for communication.
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure Boolean
Whether to disable certificate verification.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls
Server StringName This, if set, is used to set the SNI host when connecting via TLS.
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountHana
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping boolean Disable special character escaping in username and password.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable_
escaping bool Disable special character escaping in username and password.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountInfluxdb
- Host string
The host to connect to.
- Name string
- Password string
The password to be used in the connection.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connect
Timeout int The number of seconds to use as a connection timeout.
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Pem
Bundle string Concatenated PEM blocks configuring the certificate chain.
- Pem
Json string A JSON structure configuring the certificate chain.
- Plugin
Name string Specifies the name of the plugin to use.
- Port int
The default port to connect to if no port is specified as part of the host.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Host string
The host to connect to.
- Name string
- Password string
The password to be used in the connection.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connect
Timeout int The number of seconds to use as a connection timeout.
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Pem
Bundle string Concatenated PEM blocks configuring the certificate chain.
- Pem
Json string A JSON structure configuring the certificate chain.
- Plugin
Name string Specifies the name of the plugin to use.
- Port int
The default port to connect to if no port is specified as part of the host.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- host String
The host to connect to.
- name String
- password String
The password to be used in the connection.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connect
Timeout Integer The number of seconds to use as a connection timeout.
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- pem
Bundle String Concatenated PEM blocks configuring the certificate chain.
- pem
Json String A JSON structure configuring the certificate chain.
- plugin
Name String Specifies the name of the plugin to use.
- port Integer
The default port to connect to if no port is specified as part of the host.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- host string
The host to connect to.
- name string
- password string
The password to be used in the connection.
- username string
The username to be used in the connection (the account admin level).
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connect
Timeout number The number of seconds to use as a connection timeout.
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls boolean Whether to skip verification of the server certificate when using TLS.
- pem
Bundle string Concatenated PEM blocks configuring the certificate chain.
- pem
Json string A JSON structure configuring the certificate chain.
- plugin
Name string Specifies the name of the plugin to use.
- port number
The default port to connect to if no port is specified as part of the host.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- tls boolean
Whether to use TLS when connecting to Redis.
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- host str
The host to connect to.
- name str
- password str
The password to be used in the connection.
- username str
The username to be used in the connection (the account admin level).
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connect_
timeout int The number of seconds to use as a connection timeout.
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure_
tls bool Whether to skip verification of the server certificate when using TLS.
- pem_
bundle str Concatenated PEM blocks configuring the certificate chain.
- pem_
json str A JSON structure configuring the certificate chain.
- plugin_
name str Specifies the name of the plugin to use.
- port int
The default port to connect to if no port is specified as part of the host.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- tls bool
Whether to use TLS when connecting to Redis.
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- host String
The host to connect to.
- name String
- password String
The password to be used in the connection.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connect
Timeout Number The number of seconds to use as a connection timeout.
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- pem
Bundle String Concatenated PEM blocks configuring the certificate chain.
- pem
Json String A JSON structure configuring the certificate chain.
- plugin
Name String Specifies the name of the plugin to use.
- port Number
The default port to connect to if no port is specified as part of the host.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountMongodb
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountMongodbatla
- Name string
- Private
Key string The Private Programmatic API Key used to connect with MongoDB Atlas API.
- Project
Id string The Project ID the Database User should be created within.
- Public
Key string The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Private
Key string The Private Programmatic API Key used to connect with MongoDB Atlas API.
- Project
Id string The Project ID the Database User should be created within.
- Public
Key string The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- private
Key String The Private Programmatic API Key used to connect with MongoDB Atlas API.
- project
Id String The Project ID the Database User should be created within.
- public
Key String The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- private
Key string The Private Programmatic API Key used to connect with MongoDB Atlas API.
- project
Id string The Project ID the Database User should be created within.
- public
Key string The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- private_
key str The Private Programmatic API Key used to connect with MongoDB Atlas API.
- project_
id str The Project ID the Database User should be created within.
- public_
key str The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- private
Key String The Private Programmatic API Key used to connect with MongoDB Atlas API.
- project
Id String The Project ID the Database User should be created within.
- public
Key String The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountMssql
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Contained
Db bool For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See Vault docs
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Contained
Db bool For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See Vault docs
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- contained
Db Boolean For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See Vault docs
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- contained
Db boolean For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See Vault docs
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping boolean Disable special character escaping in username and password.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- contained_
db bool For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See Vault docs
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable_
escaping bool Disable special character escaping in username and password.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- contained
Db Boolean For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See Vault docs
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountMysql
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Tls
Ca string x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
- Tls
Certificate stringKey x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Tls
Ca string x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
- Tls
Certificate stringKey x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls
Ca String x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
- tls
Certificate StringKey x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- tls
Ca string x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
- tls
Certificate stringKey x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- tls_
ca str x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
- tls_
certificate_ strkey x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls
Ca String x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
- tls
Certificate StringKey x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountMysqlAurora
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountMysqlLegacy
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountMysqlRd
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountOracle
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountPostgresql
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping boolean Disable special character escaping in username and password.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable_
escaping bool Disable special character escaping in username and password.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountRedi
- Host string
The host to connect to.
- Name string
- Password string
The password to be used in the connection.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Ca
Cert string The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Plugin
Name string Specifies the name of the plugin to use.
- Port int
The default port to connect to if no port is specified as part of the host.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Host string
The host to connect to.
- Name string
- Password string
The password to be used in the connection.
- Username string
The username to be used in the connection (the account admin level).
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Ca
Cert string The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Insecure
Tls bool Whether to skip verification of the server certificate when using TLS.
- Plugin
Name string Specifies the name of the plugin to use.
- Port int
The default port to connect to if no port is specified as part of the host.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Tls bool
Whether to use TLS when connecting to Redis.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- host String
The host to connect to.
- name String
- password String
The password to be used in the connection.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- ca
Cert String The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- plugin
Name String Specifies the name of the plugin to use.
- port Integer
The default port to connect to if no port is specified as part of the host.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- host string
The host to connect to.
- name string
- password string
The password to be used in the connection.
- username string
The username to be used in the connection (the account admin level).
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- ca
Cert string The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls boolean Whether to skip verification of the server certificate when using TLS.
- plugin
Name string Specifies the name of the plugin to use.
- port number
The default port to connect to if no port is specified as part of the host.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- tls boolean
Whether to use TLS when connecting to Redis.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- host str
The host to connect to.
- name str
- password str
The password to be used in the connection.
- username str
The username to be used in the connection (the account admin level).
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- ca_
cert str The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure_
tls bool Whether to skip verification of the server certificate when using TLS.
- plugin_
name str Specifies the name of the plugin to use.
- port int
The default port to connect to if no port is specified as part of the host.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- tls bool
Whether to use TLS when connecting to Redis.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- host String
The host to connect to.
- name String
- password String
The password to be used in the connection.
- username String
The username to be used in the connection (the account admin level).
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- ca
Cert String The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- insecure
Tls Boolean Whether to skip verification of the server certificate when using TLS.
- plugin
Name String Specifies the name of the plugin to use.
- port Number
The default port to connect to if no port is specified as part of the host.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- tls Boolean
Whether to use TLS when connecting to Redis.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountRedisElasticach
- Name string
- Url string
The configuration endpoint for the ElastiCache cluster to connect to.
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Region string
The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Url string
The configuration endpoint for the ElastiCache cluster to connect to.
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Region string
The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- url String
The configuration endpoint for the ElastiCache cluster to connect to.
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- region String
The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- url string
The configuration endpoint for the ElastiCache cluster to connect to.
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- region string
The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- url str
The configuration endpoint for the ElastiCache cluster to connect to.
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- region str
The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- url String
The configuration endpoint for the ElastiCache cluster to connect to.
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- region String
The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountRedshift
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Disable
Escaping bool Disable special character escaping in username and password.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping boolean Disable special character escaping in username and password.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable_
escaping bool Disable special character escaping in username and password.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- disable
Escaping Boolean Disable special character escaping in username and password.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
SecretsMountSnowflake
- Name string
- Allowed
Roles List<string> A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data Dictionary<string, object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation List<string>Statements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- Name string
- Allowed
Roles []string A list of roles that are allowed to use this connection.
- Connection
Url string A URL containing connection information.
See Vault docs- Data map[string]interface{}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- Max
Connection intLifetime The maximum number of seconds to keep a connection alive for.
- Max
Idle intConnections The maximum number of idle connections to maintain.
- Max
Open intConnections The maximum number of open connections to use.
- Password string
The password to be used in the connection.
- Plugin
Name string Specifies the name of the plugin to use.
- Root
Rotation []stringStatements A list of database statements to be executed to rotate the root user's credentials.
- Username string
The username to be used in the connection (the account admin level).
- Username
Template string - Template describing how dynamic usernames are generated.
- Verify
Connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<String,Object>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection IntegerLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle IntegerConnections The maximum number of idle connections to maintain.
- max
Open IntegerConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
- name string
- allowed
Roles string[] A list of roles that are allowed to use this connection.
- connection
Url string A URL containing connection information.
See Vault docs- data {[key: string]: any}
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection numberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle numberConnections The maximum number of idle connections to maintain.
- max
Open numberConnections The maximum number of open connections to use.
- password string
The password to be used in the connection.
- plugin
Name string Specifies the name of the plugin to use.
- root
Rotation string[]Statements A list of database statements to be executed to rotate the root user's credentials.
- username string
The username to be used in the connection (the account admin level).
- username
Template string - Template describing how dynamic usernames are generated.
- verify
Connection boolean Whether the connection should be verified on initial configuration or not.
- name str
- allowed_
roles Sequence[str] A list of roles that are allowed to use this connection.
- connection_
url str A URL containing connection information.
See Vault docs- data Mapping[str, Any]
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max_
connection_ intlifetime The maximum number of seconds to keep a connection alive for.
- max_
idle_ intconnections The maximum number of idle connections to maintain.
- max_
open_ intconnections The maximum number of open connections to use.
- password str
The password to be used in the connection.
- plugin_
name str Specifies the name of the plugin to use.
- root_
rotation_ Sequence[str]statements A list of database statements to be executed to rotate the root user's credentials.
- username str
The username to be used in the connection (the account admin level).
- username_
template str - Template describing how dynamic usernames are generated.
- verify_
connection bool Whether the connection should be verified on initial configuration or not.
- name String
- allowed
Roles List<String> A list of roles that are allowed to use this connection.
- connection
Url String A URL containing connection information.
See Vault docs- data Map<Any>
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
- max
Connection NumberLifetime The maximum number of seconds to keep a connection alive for.
- max
Idle NumberConnections The maximum number of idle connections to maintain.
- max
Open NumberConnections The maximum number of open connections to use.
- password String
The password to be used in the connection.
- plugin
Name String Specifies the name of the plugin to use.
- root
Rotation List<String>Statements A list of database statements to be executed to rotate the root user's credentials.
- username String
The username to be used in the connection (the account admin level).
- username
Template String - Template describing how dynamic usernames are generated.
- verify
Connection Boolean Whether the connection should be verified on initial configuration or not.
Package Details
- Repository
- Vault pulumi/pulumi-vault
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
vaultTerraform Provider.