vault.pkiSecret.BackendAcmeEab
Explore with Pulumi AI
Allows creating ACME EAB (External Account Binding) tokens and deleting unused ones.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const test = new vault.Mount("test", {
path: "pki",
type: "pki",
description: "PKI secret engine mount",
});
const testBackendAcmeEab = new vault.pkisecret.BackendAcmeEab("test", {backend: test.path});
import pulumi
import pulumi_vault as vault
test = vault.Mount("test",
path="pki",
type="pki",
description="PKI secret engine mount")
test_backend_acme_eab = vault.pki_secret.BackendAcmeEab("test", backend=test.path)
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkisecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
test, err := vault.NewMount(ctx, "test", &vault.MountArgs{
Path: pulumi.String("pki"),
Type: pulumi.String("pki"),
Description: pulumi.String("PKI secret engine mount"),
})
if err != nil {
return err
}
_, err = pkisecret.NewBackendAcmeEab(ctx, "test", &pkisecret.BackendAcmeEabArgs{
Backend: test.Path,
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var test = new Vault.Mount("test", new()
{
Path = "pki",
Type = "pki",
Description = "PKI secret engine mount",
});
var testBackendAcmeEab = new Vault.PkiSecret.BackendAcmeEab("test", new()
{
Backend = test.Path,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.pkiSecret.BackendAcmeEab;
import com.pulumi.vault.pkiSecret.BackendAcmeEabArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Mount("test", MountArgs.builder()
.path("pki")
.type("pki")
.description("PKI secret engine mount")
.build());
var testBackendAcmeEab = new BackendAcmeEab("testBackendAcmeEab", BackendAcmeEabArgs.builder()
.backend(test.path())
.build());
}
}
resources:
test:
type: vault:Mount
properties:
path: pki
type: pki
description: PKI secret engine mount
testBackendAcmeEab:
type: vault:pkiSecret:BackendAcmeEab
name: test
properties:
backend: ${test.path}
Create BackendAcmeEab Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new BackendAcmeEab(name: string, args: BackendAcmeEabArgs, opts?: CustomResourceOptions);
@overload
def BackendAcmeEab(resource_name: str,
args: BackendAcmeEabArgs,
opts: Optional[ResourceOptions] = None)
@overload
def BackendAcmeEab(resource_name: str,
opts: Optional[ResourceOptions] = None,
backend: Optional[str] = None,
issuer: Optional[str] = None,
namespace: Optional[str] = None,
role: Optional[str] = None)
func NewBackendAcmeEab(ctx *Context, name string, args BackendAcmeEabArgs, opts ...ResourceOption) (*BackendAcmeEab, error)
public BackendAcmeEab(string name, BackendAcmeEabArgs args, CustomResourceOptions? opts = null)
public BackendAcmeEab(String name, BackendAcmeEabArgs args)
public BackendAcmeEab(String name, BackendAcmeEabArgs args, CustomResourceOptions options)
type: vault:pkiSecret:BackendAcmeEab
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args BackendAcmeEabArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args BackendAcmeEabArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args BackendAcmeEabArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BackendAcmeEabArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args BackendAcmeEabArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var backendAcmeEabResource = new Vault.PkiSecret.BackendAcmeEab("backendAcmeEabResource", new()
{
Backend = "string",
Issuer = "string",
Namespace = "string",
Role = "string",
});
example, err := pkiSecret.NewBackendAcmeEab(ctx, "backendAcmeEabResource", &pkiSecret.BackendAcmeEabArgs{
Backend: pulumi.String("string"),
Issuer: pulumi.String("string"),
Namespace: pulumi.String("string"),
Role: pulumi.String("string"),
})
var backendAcmeEabResource = new BackendAcmeEab("backendAcmeEabResource", BackendAcmeEabArgs.builder()
.backend("string")
.issuer("string")
.namespace("string")
.role("string")
.build());
backend_acme_eab_resource = vault.pki_secret.BackendAcmeEab("backendAcmeEabResource",
backend="string",
issuer="string",
namespace="string",
role="string")
const backendAcmeEabResource = new vault.pkisecret.BackendAcmeEab("backendAcmeEabResource", {
backend: "string",
issuer: "string",
namespace: "string",
role: "string",
});
type: vault:pkiSecret:BackendAcmeEab
properties:
backend: string
issuer: string
namespace: string
role: string
BackendAcmeEab Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The BackendAcmeEab resource accepts the following input properties:
- Backend string
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - Issuer string
- Create an EAB token that is specific to an issuer's ACME directory.
- Namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - Role string
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- Backend string
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - Issuer string
- Create an EAB token that is specific to an issuer's ACME directory.
- Namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - Role string
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- backend String
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - issuer String
- Create an EAB token that is specific to an issuer's ACME directory.
- namespace String
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role String
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- backend string
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - issuer string
- Create an EAB token that is specific to an issuer's ACME directory.
- namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role string
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- backend str
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - issuer str
- Create an EAB token that is specific to an issuer's ACME directory.
- namespace str
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role str
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- backend String
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - issuer String
- Create an EAB token that is specific to an issuer's ACME directory.
- namespace String
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role String
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
Outputs
All input properties are implicitly available as output properties. Additionally, the BackendAcmeEab resource produces the following output properties:
- Acme
Directory string - The ACME directory to which the key belongs
- Created
On string - An RFC3339 formatted date time when the EAB token was created
- Eab
Id string - The identifier of a specific ACME EAB token
- Id string
- The provider-assigned unique ID for this managed resource.
- Key string
- The EAB token
- Key
Type string - The key type of the EAB key
- Acme
Directory string - The ACME directory to which the key belongs
- Created
On string - An RFC3339 formatted date time when the EAB token was created
- Eab
Id string - The identifier of a specific ACME EAB token
- Id string
- The provider-assigned unique ID for this managed resource.
- Key string
- The EAB token
- Key
Type string - The key type of the EAB key
- acme
Directory String - The ACME directory to which the key belongs
- created
On String - An RFC3339 formatted date time when the EAB token was created
- eab
Id String - The identifier of a specific ACME EAB token
- id String
- The provider-assigned unique ID for this managed resource.
- key String
- The EAB token
- key
Type String - The key type of the EAB key
- acme
Directory string - The ACME directory to which the key belongs
- created
On string - An RFC3339 formatted date time when the EAB token was created
- eab
Id string - The identifier of a specific ACME EAB token
- id string
- The provider-assigned unique ID for this managed resource.
- key string
- The EAB token
- key
Type string - The key type of the EAB key
- acme_
directory str - The ACME directory to which the key belongs
- created_
on str - An RFC3339 formatted date time when the EAB token was created
- eab_
id str - The identifier of a specific ACME EAB token
- id str
- The provider-assigned unique ID for this managed resource.
- key str
- The EAB token
- key_
type str - The key type of the EAB key
- acme
Directory String - The ACME directory to which the key belongs
- created
On String - An RFC3339 formatted date time when the EAB token was created
- eab
Id String - The identifier of a specific ACME EAB token
- id String
- The provider-assigned unique ID for this managed resource.
- key String
- The EAB token
- key
Type String - The key type of the EAB key
Look up Existing BackendAcmeEab Resource
Get an existing BackendAcmeEab resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: BackendAcmeEabState, opts?: CustomResourceOptions): BackendAcmeEab
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
acme_directory: Optional[str] = None,
backend: Optional[str] = None,
created_on: Optional[str] = None,
eab_id: Optional[str] = None,
issuer: Optional[str] = None,
key: Optional[str] = None,
key_type: Optional[str] = None,
namespace: Optional[str] = None,
role: Optional[str] = None) -> BackendAcmeEab
func GetBackendAcmeEab(ctx *Context, name string, id IDInput, state *BackendAcmeEabState, opts ...ResourceOption) (*BackendAcmeEab, error)
public static BackendAcmeEab Get(string name, Input<string> id, BackendAcmeEabState? state, CustomResourceOptions? opts = null)
public static BackendAcmeEab get(String name, Output<String> id, BackendAcmeEabState state, CustomResourceOptions options)
resources: _: type: vault:pkiSecret:BackendAcmeEab get: id: ${id}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Acme
Directory string - The ACME directory to which the key belongs
- Backend string
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - Created
On string - An RFC3339 formatted date time when the EAB token was created
- Eab
Id string - The identifier of a specific ACME EAB token
- Issuer string
- Create an EAB token that is specific to an issuer's ACME directory.
- Key string
- The EAB token
- Key
Type string - The key type of the EAB key
- Namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - Role string
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- Acme
Directory string - The ACME directory to which the key belongs
- Backend string
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - Created
On string - An RFC3339 formatted date time when the EAB token was created
- Eab
Id string - The identifier of a specific ACME EAB token
- Issuer string
- Create an EAB token that is specific to an issuer's ACME directory.
- Key string
- The EAB token
- Key
Type string - The key type of the EAB key
- Namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - Role string
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- acme
Directory String - The ACME directory to which the key belongs
- backend String
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - created
On String - An RFC3339 formatted date time when the EAB token was created
- eab
Id String - The identifier of a specific ACME EAB token
- issuer String
- Create an EAB token that is specific to an issuer's ACME directory.
- key String
- The EAB token
- key
Type String - The key type of the EAB key
- namespace String
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role String
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- acme
Directory string - The ACME directory to which the key belongs
- backend string
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - created
On string - An RFC3339 formatted date time when the EAB token was created
- eab
Id string - The identifier of a specific ACME EAB token
- issuer string
- Create an EAB token that is specific to an issuer's ACME directory.
- key string
- The EAB token
- key
Type string - The key type of the EAB key
- namespace string
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role string
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- acme_
directory str - The ACME directory to which the key belongs
- backend str
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - created_
on str - An RFC3339 formatted date time when the EAB token was created
- eab_
id str - The identifier of a specific ACME EAB token
- issuer str
- Create an EAB token that is specific to an issuer's ACME directory.
- key str
- The EAB token
- key_
type str - The key type of the EAB key
- namespace str
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role str
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
- acme
Directory String - The ACME directory to which the key belongs
- backend String
- The path to the PKI secret backend to
create the EAB token within, with no leading or trailing
/
s. - created
On String - An RFC3339 formatted date time when the EAB token was created
- eab
Id String - The identifier of a specific ACME EAB token
- issuer String
- Create an EAB token that is specific to an issuer's ACME directory.
- key String
- The EAB token
- key
Type String - The key type of the EAB key
- namespace String
- The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The
namespace
is always relative to the provider's configured namespace. Available only for Vault Enterprise. - role String
Create an EAB token that is specific to a role's ACME directory.
NOTE: Within Vault ACME there are different ACME directories which an EAB token is associated with;
- Default directory (
pki/acme/
) - Do not specify a value for issuer nor role parameters. - Issuer specific (
pki/issuer/:issuer_ref/acme/
) - Specify a value for the issuer parameter - Role specific (
pki/roles/:role/acme/
) - Specify a value for the role parameter - Issuer and Role specific (
pki/issuer/:issuer_ref/roles/:role/acme/
) - Specify a value for both the issuer and role parameters
- Default directory (
Import
As EAB tokens are only available on initial creation there is no possibility to
import or update this resource.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Vault pulumi/pulumi-vault
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
vault
Terraform Provider.