Viewing docs for HashiCorp Vault v7.8.0
published on Tuesday, Mar 31, 2026 by Pulumi
published on Tuesday, Mar 31, 2026 by Pulumi
Viewing docs for HashiCorp Vault v7.8.0
published on Tuesday, Mar 31, 2026 by Pulumi
published on Tuesday, Mar 31, 2026 by Pulumi
Lookup an Identity Group for Vault. The Identity secrets engine is the identity management solution for Vault. It internally maintains the clients who are recognized by Vault.
Important All data provided in the resource configuration will be written in cleartext to state and plan files generated by Terraform, and will appear in the console output when Terraform runs. Protect these artifacts accordingly. See the main provider documentation for more details.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const group = vault.identity.getGroup({
groupName: "user",
});
import pulumi
import pulumi_vault as vault
group = vault.identity.get_group(group_name="user")
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v7/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := identity.LookupGroup(ctx, &identity.LookupGroupArgs{
GroupName: pulumi.StringRef("user"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var @group = Vault.Identity.GetGroup.Invoke(new()
{
GroupName = "user",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.identity.IdentityFunctions;
import com.pulumi.vault.identity.inputs.GetGroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var group = IdentityFunctions.getGroup(GetGroupArgs.builder()
.groupName("user")
.build());
}
}
variables:
group:
fn::invoke:
function: vault:identity:getGroup
arguments:
groupName: user
Example coming soon!
Required Vault Capabilities
Use of this resource requires the create capability on /identity/lookup/group.
Using getGroup
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getGroup(args: GetGroupArgs, opts?: InvokeOptions): Promise<GetGroupResult>
function getGroupOutput(args: GetGroupOutputArgs, opts?: InvokeOptions): Output<GetGroupResult>def get_group(alias_id: Optional[str] = None,
alias_mount_accessor: Optional[str] = None,
alias_name: Optional[str] = None,
group_id: Optional[str] = None,
group_name: Optional[str] = None,
namespace: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetGroupResult
def get_group_output(alias_id: pulumi.Input[Optional[str]] = None,
alias_mount_accessor: pulumi.Input[Optional[str]] = None,
alias_name: pulumi.Input[Optional[str]] = None,
group_id: pulumi.Input[Optional[str]] = None,
group_name: pulumi.Input[Optional[str]] = None,
namespace: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetGroupResult]func LookupGroup(ctx *Context, args *LookupGroupArgs, opts ...InvokeOption) (*LookupGroupResult, error)
func LookupGroupOutput(ctx *Context, args *LookupGroupOutputArgs, opts ...InvokeOption) LookupGroupResultOutput> Note: This function is named LookupGroup in the Go SDK.
public static class GetGroup
{
public static Task<GetGroupResult> InvokeAsync(GetGroupArgs args, InvokeOptions? opts = null)
public static Output<GetGroupResult> Invoke(GetGroupInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetGroupResult> getGroup(GetGroupArgs args, InvokeOptions options)
public static Output<GetGroupResult> getGroup(GetGroupArgs args, InvokeOptions options)
fn::invoke:
function: vault:identity/getGroup:getGroup
arguments:
# arguments dictionarydata "vault_identity_getgroup" "name" {
# arguments
}The following arguments are supported:
- Alias
Id string - ID of the alias.
- Alias
Mount stringAccessor Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with
aliasName.The lookup criteria can be
groupName,groupId,aliasId, or a combination ofaliasNameandaliasMountAccessor.- Alias
Name string - Name of the alias. This should be supplied in conjunction with
aliasMountAccessor. - Group
Id string - ID of the group.
- Group
Name string - Name of the group.
- Namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespaceis always relative to the provider's configured namespace. Available only for Vault Enterprise.
- Alias
Id string - ID of the alias.
- Alias
Mount stringAccessor Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with
aliasName.The lookup criteria can be
groupName,groupId,aliasId, or a combination ofaliasNameandaliasMountAccessor.- Alias
Name string - Name of the alias. This should be supplied in conjunction with
aliasMountAccessor. - Group
Id string - ID of the group.
- Group
Name string - Name of the group.
- Namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespaceis always relative to the provider's configured namespace. Available only for Vault Enterprise.
- alias_
id string - ID of the alias.
- alias_
mount_ stringaccessor Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with
aliasName.The lookup criteria can be
groupName,groupId,aliasId, or a combination ofaliasNameandaliasMountAccessor.- alias_
name string - Name of the alias. This should be supplied in conjunction with
aliasMountAccessor. - group_
id string - ID of the group.
- group_
name string - Name of the group.
- namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespaceis always relative to the provider's configured namespace. Available only for Vault Enterprise.
- alias
Id String - ID of the alias.
- alias
Mount StringAccessor Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with
aliasName.The lookup criteria can be
groupName,groupId,aliasId, or a combination ofaliasNameandaliasMountAccessor.- alias
Name String - Name of the alias. This should be supplied in conjunction with
aliasMountAccessor. - group
Id String - ID of the group.
- group
Name String - Name of the group.
- namespace String
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespaceis always relative to the provider's configured namespace. Available only for Vault Enterprise.
- alias
Id string - ID of the alias.
- alias
Mount stringAccessor Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with
aliasName.The lookup criteria can be
groupName,groupId,aliasId, or a combination ofaliasNameandaliasMountAccessor.- alias
Name string - Name of the alias. This should be supplied in conjunction with
aliasMountAccessor. - group
Id string - ID of the group.
- group
Name string - Name of the group.
- namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespaceis always relative to the provider's configured namespace. Available only for Vault Enterprise.
- alias_
id str - ID of the alias.
- alias_
mount_ straccessor Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with
aliasName.The lookup criteria can be
groupName,groupId,aliasId, or a combination ofaliasNameandaliasMountAccessor.- alias_
name str - Name of the alias. This should be supplied in conjunction with
aliasMountAccessor. - group_
id str - ID of the group.
- group_
name str - Name of the group.
- namespace str
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespaceis always relative to the provider's configured namespace. Available only for Vault Enterprise.
- alias
Id String - ID of the alias.
- alias
Mount StringAccessor Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with
aliasName.The lookup criteria can be
groupName,groupId,aliasId, or a combination ofaliasNameandaliasMountAccessor.- alias
Name String - Name of the alias. This should be supplied in conjunction with
aliasMountAccessor. - group
Id String - ID of the group.
- group
Name String - Name of the group.
- namespace String
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespaceis always relative to the provider's configured namespace. Available only for Vault Enterprise.
getGroup Result
The following output properties are available:
- Alias
Canonical stringId - Canonical ID of the Alias
- Alias
Creation stringTime - Creation time of the Alias
- Alias
Id string - Alias
Last stringUpdate Time - Last update time of the alias
- Alias
Merged List<string>From Canonical Ids - List of canonical IDs merged with this alias
- Alias
Metadata Dictionary<string, string> - Arbitrary metadata
- Alias
Mount stringAccessor - Alias
Mount stringPath - Authentication mount path which this alias belongs to
- Alias
Mount stringType - Authentication mount type which this alias belongs to
- Alias
Name string - Creation
Time string - Creation timestamp of the group
- Data
Json string - A string containing the full data payload retrieved from Vault, serialized in JSON format.
- Group
Id string - Group
Name string - Id string
- The provider-assigned unique ID for this managed resource.
- Last
Update stringTime - Last updated time of the group
- Member
Entity List<string>Ids - List of Entity IDs which are members of this group
- Member
Group List<string>Ids - List of Group IDs which are members of this group
- Metadata Dictionary<string, string>
- Arbitrary metadata
- Modify
Index int - Modify index of the group
- Namespace
Id string - Namespace of which the group is part of
- Parent
Group List<string>Ids - List of Group IDs which are parents of this group.
- Policies List<string>
- List of policies attached to the group
- Type string
- Type of group
- Namespace string
- Alias
Canonical stringId - Canonical ID of the Alias
- Alias
Creation stringTime - Creation time of the Alias
- Alias
Id string - Alias
Last stringUpdate Time - Last update time of the alias
- Alias
Merged []stringFrom Canonical Ids - List of canonical IDs merged with this alias
- Alias
Metadata map[string]string - Arbitrary metadata
- Alias
Mount stringAccessor - Alias
Mount stringPath - Authentication mount path which this alias belongs to
- Alias
Mount stringType - Authentication mount type which this alias belongs to
- Alias
Name string - Creation
Time string - Creation timestamp of the group
- Data
Json string - A string containing the full data payload retrieved from Vault, serialized in JSON format.
- Group
Id string - Group
Name string - Id string
- The provider-assigned unique ID for this managed resource.
- Last
Update stringTime - Last updated time of the group
- Member
Entity []stringIds - List of Entity IDs which are members of this group
- Member
Group []stringIds - List of Group IDs which are members of this group
- Metadata map[string]string
- Arbitrary metadata
- Modify
Index int - Modify index of the group
- Namespace
Id string - Namespace of which the group is part of
- Parent
Group []stringIds - List of Group IDs which are parents of this group.
- Policies []string
- List of policies attached to the group
- Type string
- Type of group
- Namespace string
- alias_
canonical_ stringid - Canonical ID of the Alias
- alias_
creation_ stringtime - Creation time of the Alias
- alias_
id string - alias_
last_ stringupdate_ time - Last update time of the alias
- alias_
merged_ list(string)from_ canonical_ ids - List of canonical IDs merged with this alias
- alias_
metadata map(string) - Arbitrary metadata
- alias_
mount_ stringaccessor - alias_
mount_ stringpath - Authentication mount path which this alias belongs to
- alias_
mount_ stringtype - Authentication mount type which this alias belongs to
- alias_
name string - creation_
time string - Creation timestamp of the group
- data_
json string - A string containing the full data payload retrieved from Vault, serialized in JSON format.
- group_
id string - group_
name string - id string
- The provider-assigned unique ID for this managed resource.
- last_
update_ stringtime - Last updated time of the group
- member_
entity_ list(string)ids - List of Entity IDs which are members of this group
- member_
group_ list(string)ids - List of Group IDs which are members of this group
- metadata map(string)
- Arbitrary metadata
- modify_
index number - Modify index of the group
- namespace_
id string - Namespace of which the group is part of
- parent_
group_ list(string)ids - List of Group IDs which are parents of this group.
- policies list(string)
- List of policies attached to the group
- type string
- Type of group
- namespace string
- alias
Canonical StringId - Canonical ID of the Alias
- alias
Creation StringTime - Creation time of the Alias
- alias
Id String - alias
Last StringUpdate Time - Last update time of the alias
- alias
Merged List<String>From Canonical Ids - List of canonical IDs merged with this alias
- alias
Metadata Map<String,String> - Arbitrary metadata
- alias
Mount StringAccessor - alias
Mount StringPath - Authentication mount path which this alias belongs to
- alias
Mount StringType - Authentication mount type which this alias belongs to
- alias
Name String - creation
Time String - Creation timestamp of the group
- data
Json String - A string containing the full data payload retrieved from Vault, serialized in JSON format.
- group
Id String - group
Name String - id String
- The provider-assigned unique ID for this managed resource.
- last
Update StringTime - Last updated time of the group
- member
Entity List<String>Ids - List of Entity IDs which are members of this group
- member
Group List<String>Ids - List of Group IDs which are members of this group
- metadata Map<String,String>
- Arbitrary metadata
- modify
Index Integer - Modify index of the group
- namespace
Id String - Namespace of which the group is part of
- parent
Group List<String>Ids - List of Group IDs which are parents of this group.
- policies List<String>
- List of policies attached to the group
- type String
- Type of group
- namespace String
- alias
Canonical stringId - Canonical ID of the Alias
- alias
Creation stringTime - Creation time of the Alias
- alias
Id string - alias
Last stringUpdate Time - Last update time of the alias
- alias
Merged string[]From Canonical Ids - List of canonical IDs merged with this alias
- alias
Metadata {[key: string]: string} - Arbitrary metadata
- alias
Mount stringAccessor - alias
Mount stringPath - Authentication mount path which this alias belongs to
- alias
Mount stringType - Authentication mount type which this alias belongs to
- alias
Name string - creation
Time string - Creation timestamp of the group
- data
Json string - A string containing the full data payload retrieved from Vault, serialized in JSON format.
- group
Id string - group
Name string - id string
- The provider-assigned unique ID for this managed resource.
- last
Update stringTime - Last updated time of the group
- member
Entity string[]Ids - List of Entity IDs which are members of this group
- member
Group string[]Ids - List of Group IDs which are members of this group
- metadata {[key: string]: string}
- Arbitrary metadata
- modify
Index number - Modify index of the group
- namespace
Id string - Namespace of which the group is part of
- parent
Group string[]Ids - List of Group IDs which are parents of this group.
- policies string[]
- List of policies attached to the group
- type string
- Type of group
- namespace string
- alias_
canonical_ strid - Canonical ID of the Alias
- alias_
creation_ strtime - Creation time of the Alias
- alias_
id str - alias_
last_ strupdate_ time - Last update time of the alias
- alias_
merged_ Sequence[str]from_ canonical_ ids - List of canonical IDs merged with this alias
- alias_
metadata Mapping[str, str] - Arbitrary metadata
- alias_
mount_ straccessor - alias_
mount_ strpath - Authentication mount path which this alias belongs to
- alias_
mount_ strtype - Authentication mount type which this alias belongs to
- alias_
name str - creation_
time str - Creation timestamp of the group
- data_
json str - A string containing the full data payload retrieved from Vault, serialized in JSON format.
- group_
id str - group_
name str - id str
- The provider-assigned unique ID for this managed resource.
- last_
update_ strtime - Last updated time of the group
- member_
entity_ Sequence[str]ids - List of Entity IDs which are members of this group
- member_
group_ Sequence[str]ids - List of Group IDs which are members of this group
- metadata Mapping[str, str]
- Arbitrary metadata
- modify_
index int - Modify index of the group
- namespace_
id str - Namespace of which the group is part of
- parent_
group_ Sequence[str]ids - List of Group IDs which are parents of this group.
- policies Sequence[str]
- List of policies attached to the group
- type str
- Type of group
- namespace str
- alias
Canonical StringId - Canonical ID of the Alias
- alias
Creation StringTime - Creation time of the Alias
- alias
Id String - alias
Last StringUpdate Time - Last update time of the alias
- alias
Merged List<String>From Canonical Ids - List of canonical IDs merged with this alias
- alias
Metadata Map<String> - Arbitrary metadata
- alias
Mount StringAccessor - alias
Mount StringPath - Authentication mount path which this alias belongs to
- alias
Mount StringType - Authentication mount type which this alias belongs to
- alias
Name String - creation
Time String - Creation timestamp of the group
- data
Json String - A string containing the full data payload retrieved from Vault, serialized in JSON format.
- group
Id String - group
Name String - id String
- The provider-assigned unique ID for this managed resource.
- last
Update StringTime - Last updated time of the group
- member
Entity List<String>Ids - List of Entity IDs which are members of this group
- member
Group List<String>Ids - List of Group IDs which are members of this group
- metadata Map<String>
- Arbitrary metadata
- modify
Index Number - Modify index of the group
- namespace
Id String - Namespace of which the group is part of
- parent
Group List<String>Ids - List of Group IDs which are parents of this group.
- policies List<String>
- List of policies attached to the group
- type String
- Type of group
- namespace String
Package Details
- Repository
- Vault pulumi/pulumi-vault
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
vaultTerraform Provider.
Viewing docs for HashiCorp Vault v7.8.0
published on Tuesday, Mar 31, 2026 by Pulumi
published on Tuesday, Mar 31, 2026 by Pulumi
