1. Packages
  2. HashiCorp Vault Provider
  3. API Docs
  4. pkiSecret
  5. BackendAcmeEab
HashiCorp Vault v6.5.0 published on Thursday, Jan 16, 2025 by Pulumi

vault.pkiSecret.BackendAcmeEab

Explore with Pulumi AI

vault logo
HashiCorp Vault v6.5.0 published on Thursday, Jan 16, 2025 by Pulumi

    Allows creating ACME EAB (External Account Binding) tokens and deleting unused ones.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const test = new vault.Mount("test", {
        path: "pki",
        type: "pki",
        description: "PKI secret engine mount",
    });
    const testBackendAcmeEab = new vault.pkisecret.BackendAcmeEab("test", {backend: test.path});
    
    import pulumi
    import pulumi_vault as vault
    
    test = vault.Mount("test",
        path="pki",
        type="pki",
        description="PKI secret engine mount")
    test_backend_acme_eab = vault.pki_secret.BackendAcmeEab("test", backend=test.path)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
    	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		test, err := vault.NewMount(ctx, "test", &vault.MountArgs{
    			Path:        pulumi.String("pki"),
    			Type:        pulumi.String("pki"),
    			Description: pulumi.String("PKI secret engine mount"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = pkisecret.NewBackendAcmeEab(ctx, "test", &pkisecret.BackendAcmeEabArgs{
    			Backend: test.Path,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Vault.Mount("test", new()
        {
            Path = "pki",
            Type = "pki",
            Description = "PKI secret engine mount",
        });
    
        var testBackendAcmeEab = new Vault.PkiSecret.BackendAcmeEab("test", new()
        {
            Backend = test.Path,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.Mount;
    import com.pulumi.vault.MountArgs;
    import com.pulumi.vault.pkiSecret.BackendAcmeEab;
    import com.pulumi.vault.pkiSecret.BackendAcmeEabArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new Mount("test", MountArgs.builder()
                .path("pki")
                .type("pki")
                .description("PKI secret engine mount")
                .build());
    
            var testBackendAcmeEab = new BackendAcmeEab("testBackendAcmeEab", BackendAcmeEabArgs.builder()
                .backend(test.path())
                .build());
    
        }
    }
    
    resources:
      test:
        type: vault:Mount
        properties:
          path: pki
          type: pki
          description: PKI secret engine mount
      testBackendAcmeEab:
        type: vault:pkiSecret:BackendAcmeEab
        name: test
        properties:
          backend: ${test.path}
    

    Create BackendAcmeEab Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new BackendAcmeEab(name: string, args: BackendAcmeEabArgs, opts?: CustomResourceOptions);
    @overload
    def BackendAcmeEab(resource_name: str,
                       args: BackendAcmeEabArgs,
                       opts: Optional[ResourceOptions] = None)
    
    @overload
    def BackendAcmeEab(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       backend: Optional[str] = None,
                       issuer: Optional[str] = None,
                       namespace: Optional[str] = None,
                       role: Optional[str] = None)
    func NewBackendAcmeEab(ctx *Context, name string, args BackendAcmeEabArgs, opts ...ResourceOption) (*BackendAcmeEab, error)
    public BackendAcmeEab(string name, BackendAcmeEabArgs args, CustomResourceOptions? opts = null)
    public BackendAcmeEab(String name, BackendAcmeEabArgs args)
    public BackendAcmeEab(String name, BackendAcmeEabArgs args, CustomResourceOptions options)
    
    type: vault:pkiSecret:BackendAcmeEab
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args BackendAcmeEabArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args BackendAcmeEabArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args BackendAcmeEabArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args BackendAcmeEabArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args BackendAcmeEabArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var backendAcmeEabResource = new Vault.PkiSecret.BackendAcmeEab("backendAcmeEabResource", new()
    {
        Backend = "string",
        Issuer = "string",
        Namespace = "string",
        Role = "string",
    });
    
    example, err := pkiSecret.NewBackendAcmeEab(ctx, "backendAcmeEabResource", &pkiSecret.BackendAcmeEabArgs{
    	Backend:   pulumi.String("string"),
    	Issuer:    pulumi.String("string"),
    	Namespace: pulumi.String("string"),
    	Role:      pulumi.String("string"),
    })
    
    var backendAcmeEabResource = new BackendAcmeEab("backendAcmeEabResource", BackendAcmeEabArgs.builder()
        .backend("string")
        .issuer("string")
        .namespace("string")
        .role("string")
        .build());
    
    backend_acme_eab_resource = vault.pki_secret.BackendAcmeEab("backendAcmeEabResource",
        backend="string",
        issuer="string",
        namespace="string",
        role="string")
    
    const backendAcmeEabResource = new vault.pkisecret.BackendAcmeEab("backendAcmeEabResource", {
        backend: "string",
        issuer: "string",
        namespace: "string",
        role: "string",
    });
    
    type: vault:pkiSecret:BackendAcmeEab
    properties:
        backend: string
        issuer: string
        namespace: string
        role: string
    

    BackendAcmeEab Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The BackendAcmeEab resource accepts the following input properties:

    Backend string
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    Issuer string
    Create an EAB token that is specific to an issuer's ACME directory.
    Namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Role string

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    Backend string
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    Issuer string
    Create an EAB token that is specific to an issuer's ACME directory.
    Namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Role string

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    backend String
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    issuer String
    Create an EAB token that is specific to an issuer's ACME directory.
    namespace String
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role String

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    backend string
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    issuer string
    Create an EAB token that is specific to an issuer's ACME directory.
    namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role string

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    backend str
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    issuer str
    Create an EAB token that is specific to an issuer's ACME directory.
    namespace str
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role str

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    backend String
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    issuer String
    Create an EAB token that is specific to an issuer's ACME directory.
    namespace String
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role String

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters

    Outputs

    All input properties are implicitly available as output properties. Additionally, the BackendAcmeEab resource produces the following output properties:

    AcmeDirectory string
    The ACME directory to which the key belongs
    CreatedOn string
    An RFC3339 formatted date time when the EAB token was created
    EabId string
    The identifier of a specific ACME EAB token
    Id string
    The provider-assigned unique ID for this managed resource.
    Key string
    The EAB token
    KeyType string
    The key type of the EAB key
    AcmeDirectory string
    The ACME directory to which the key belongs
    CreatedOn string
    An RFC3339 formatted date time when the EAB token was created
    EabId string
    The identifier of a specific ACME EAB token
    Id string
    The provider-assigned unique ID for this managed resource.
    Key string
    The EAB token
    KeyType string
    The key type of the EAB key
    acmeDirectory String
    The ACME directory to which the key belongs
    createdOn String
    An RFC3339 formatted date time when the EAB token was created
    eabId String
    The identifier of a specific ACME EAB token
    id String
    The provider-assigned unique ID for this managed resource.
    key String
    The EAB token
    keyType String
    The key type of the EAB key
    acmeDirectory string
    The ACME directory to which the key belongs
    createdOn string
    An RFC3339 formatted date time when the EAB token was created
    eabId string
    The identifier of a specific ACME EAB token
    id string
    The provider-assigned unique ID for this managed resource.
    key string
    The EAB token
    keyType string
    The key type of the EAB key
    acme_directory str
    The ACME directory to which the key belongs
    created_on str
    An RFC3339 formatted date time when the EAB token was created
    eab_id str
    The identifier of a specific ACME EAB token
    id str
    The provider-assigned unique ID for this managed resource.
    key str
    The EAB token
    key_type str
    The key type of the EAB key
    acmeDirectory String
    The ACME directory to which the key belongs
    createdOn String
    An RFC3339 formatted date time when the EAB token was created
    eabId String
    The identifier of a specific ACME EAB token
    id String
    The provider-assigned unique ID for this managed resource.
    key String
    The EAB token
    keyType String
    The key type of the EAB key

    Look up Existing BackendAcmeEab Resource

    Get an existing BackendAcmeEab resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: BackendAcmeEabState, opts?: CustomResourceOptions): BackendAcmeEab
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            acme_directory: Optional[str] = None,
            backend: Optional[str] = None,
            created_on: Optional[str] = None,
            eab_id: Optional[str] = None,
            issuer: Optional[str] = None,
            key: Optional[str] = None,
            key_type: Optional[str] = None,
            namespace: Optional[str] = None,
            role: Optional[str] = None) -> BackendAcmeEab
    func GetBackendAcmeEab(ctx *Context, name string, id IDInput, state *BackendAcmeEabState, opts ...ResourceOption) (*BackendAcmeEab, error)
    public static BackendAcmeEab Get(string name, Input<string> id, BackendAcmeEabState? state, CustomResourceOptions? opts = null)
    public static BackendAcmeEab get(String name, Output<String> id, BackendAcmeEabState state, CustomResourceOptions options)
    resources:  _:    type: vault:pkiSecret:BackendAcmeEab    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AcmeDirectory string
    The ACME directory to which the key belongs
    Backend string
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    CreatedOn string
    An RFC3339 formatted date time when the EAB token was created
    EabId string
    The identifier of a specific ACME EAB token
    Issuer string
    Create an EAB token that is specific to an issuer's ACME directory.
    Key string
    The EAB token
    KeyType string
    The key type of the EAB key
    Namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Role string

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    AcmeDirectory string
    The ACME directory to which the key belongs
    Backend string
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    CreatedOn string
    An RFC3339 formatted date time when the EAB token was created
    EabId string
    The identifier of a specific ACME EAB token
    Issuer string
    Create an EAB token that is specific to an issuer's ACME directory.
    Key string
    The EAB token
    KeyType string
    The key type of the EAB key
    Namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Role string

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    acmeDirectory String
    The ACME directory to which the key belongs
    backend String
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    createdOn String
    An RFC3339 formatted date time when the EAB token was created
    eabId String
    The identifier of a specific ACME EAB token
    issuer String
    Create an EAB token that is specific to an issuer's ACME directory.
    key String
    The EAB token
    keyType String
    The key type of the EAB key
    namespace String
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role String

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    acmeDirectory string
    The ACME directory to which the key belongs
    backend string
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    createdOn string
    An RFC3339 formatted date time when the EAB token was created
    eabId string
    The identifier of a specific ACME EAB token
    issuer string
    Create an EAB token that is specific to an issuer's ACME directory.
    key string
    The EAB token
    keyType string
    The key type of the EAB key
    namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role string

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    acme_directory str
    The ACME directory to which the key belongs
    backend str
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    created_on str
    An RFC3339 formatted date time when the EAB token was created
    eab_id str
    The identifier of a specific ACME EAB token
    issuer str
    Create an EAB token that is specific to an issuer's ACME directory.
    key str
    The EAB token
    key_type str
    The key type of the EAB key
    namespace str
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role str

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters
    acmeDirectory String
    The ACME directory to which the key belongs
    backend String
    The path to the PKI secret backend to create the EAB token within, with no leading or trailing /s.
    createdOn String
    An RFC3339 formatted date time when the EAB token was created
    eabId String
    The identifier of a specific ACME EAB token
    issuer String
    Create an EAB token that is specific to an issuer's ACME directory.
    key String
    The EAB token
    keyType String
    The key type of the EAB key
    namespace String
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    role String

    Create an EAB token that is specific to a role's ACME directory.

    NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;

    1. Default directory (pki/acme/) - Do not specify a value for issuer nor role parameters.
    2. Issuer specific (pki/issuer/:issuer_ref/acme/) - Specify a value for the issuer parameter
    3. Role specific (pki/roles/:role/acme/) - Specify a value for the role parameter
    4. Issuer and Role specific (pki/issuer/:issuer_ref/roles/:role/acme/) - Specify a value for both the issuer and role parameters

    Import

    As EAB tokens are only available on initial creation there is no possibility to

    import or update this resource.

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Vault pulumi/pulumi-vault
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the vault Terraform Provider.
    vault logo
    HashiCorp Vault v6.5.0 published on Thursday, Jan 16, 2025 by Pulumi