1. Packages
  2. HashiCorp Vault
  3. API Docs
  4. pkiSecret
  5. getBackendKey
HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi

vault.pkiSecret.getBackendKey

Explore with Pulumi AI

vault logo
HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var pki = new Vault.Mount("pki", new()
        {
            Path = "pki",
            Type = "pki",
            Description = "PKI secret engine mount",
        });
    
        var key = new Vault.PkiSecret.SecretBackendKey("key", new()
        {
            Backend = pki.Path,
            Type = "internal",
            KeyName = "example",
            KeyType = "rsa",
            KeyBits = 4096,
        });
    
        var example = Vault.PkiSecret.GetBackendKey.Invoke(new()
        {
            Backend = vault_mount.Key.Path,
            KeyRef = key.KeyId,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v5/go/vault"
    	"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
    			Path:        pulumi.String("pki"),
    			Type:        pulumi.String("pki"),
    			Description: pulumi.String("PKI secret engine mount"),
    		})
    		if err != nil {
    			return err
    		}
    		key, err := pkiSecret.NewSecretBackendKey(ctx, "key", &pkiSecret.SecretBackendKeyArgs{
    			Backend: pki.Path,
    			Type:    pulumi.String("internal"),
    			KeyName: pulumi.String("example"),
    			KeyType: pulumi.String("rsa"),
    			KeyBits: pulumi.Int(4096),
    		})
    		if err != nil {
    			return err
    		}
    		_ = key.KeyId.ApplyT(func(keyId string) (pkisecret.GetBackendKeyResult, error) {
    			return pkiSecret.GetBackendKeyOutput(ctx, pkisecret.GetBackendKeyOutputArgs{
    				Backend: vault_mount.Key.Path,
    				KeyRef:  keyId,
    			}, nil), nil
    		}).(pkisecret.GetBackendKeyResultOutput)
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.Mount;
    import com.pulumi.vault.MountArgs;
    import com.pulumi.vault.pkiSecret.SecretBackendKey;
    import com.pulumi.vault.pkiSecret.SecretBackendKeyArgs;
    import com.pulumi.vault.pkiSecret.PkiSecretFunctions;
    import com.pulumi.vault.pkiSecret.inputs.GetBackendKeyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var pki = new Mount("pki", MountArgs.builder()        
                .path("pki")
                .type("pki")
                .description("PKI secret engine mount")
                .build());
    
            var key = new SecretBackendKey("key", SecretBackendKeyArgs.builder()        
                .backend(pki.path())
                .type("internal")
                .keyName("example")
                .keyType("rsa")
                .keyBits("4096")
                .build());
    
            final var example = PkiSecretFunctions.getBackendKey(GetBackendKeyArgs.builder()
                .backend(vault_mount.key().path())
                .keyRef(key.keyId())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_vault as vault
    
    pki = vault.Mount("pki",
        path="pki",
        type="pki",
        description="PKI secret engine mount")
    key = vault.pki_secret.SecretBackendKey("key",
        backend=pki.path,
        type="internal",
        key_name="example",
        key_type="rsa",
        key_bits=4096)
    example = key.key_id.apply(lambda key_id: vault.pkiSecret.get_backend_key_output(backend=vault_mount["key"]["path"],
        key_ref=key_id))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const pki = new vault.Mount("pki", {
        path: "pki",
        type: "pki",
        description: "PKI secret engine mount",
    });
    const key = new vault.pkisecret.SecretBackendKey("key", {
        backend: pki.path,
        type: "internal",
        keyName: "example",
        keyType: "rsa",
        keyBits: 4096,
    });
    const example = key.keyId.apply(keyId => vault.pkiSecret.getBackendKeyOutput({
        backend: vault_mount.key.path,
        keyRef: keyId,
    }));
    
    resources:
      pki:
        type: vault:Mount
        properties:
          path: pki
          type: pki
          description: PKI secret engine mount
      key:
        type: vault:pkiSecret:SecretBackendKey
        properties:
          backend: ${pki.path}
          type: internal
          keyName: example
          keyType: rsa
          keyBits: '4096'
    variables:
      example:
        fn::invoke:
          Function: vault:pkiSecret:getBackendKey
          Arguments:
            backend: ${vault_mount.key.path}
            keyRef: ${key.keyId}
    

    Using getBackendKey

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getBackendKey(args: GetBackendKeyArgs, opts?: InvokeOptions): Promise<GetBackendKeyResult>
    function getBackendKeyOutput(args: GetBackendKeyOutputArgs, opts?: InvokeOptions): Output<GetBackendKeyResult>
    def get_backend_key(backend: Optional[str] = None,
                        key_ref: Optional[str] = None,
                        namespace: Optional[str] = None,
                        opts: Optional[InvokeOptions] = None) -> GetBackendKeyResult
    def get_backend_key_output(backend: Optional[pulumi.Input[str]] = None,
                        key_ref: Optional[pulumi.Input[str]] = None,
                        namespace: Optional[pulumi.Input[str]] = None,
                        opts: Optional[InvokeOptions] = None) -> Output[GetBackendKeyResult]
    func GetBackendKey(ctx *Context, args *GetBackendKeyArgs, opts ...InvokeOption) (*GetBackendKeyResult, error)
    func GetBackendKeyOutput(ctx *Context, args *GetBackendKeyOutputArgs, opts ...InvokeOption) GetBackendKeyResultOutput

    > Note: This function is named GetBackendKey in the Go SDK.

    public static class GetBackendKey 
    {
        public static Task<GetBackendKeyResult> InvokeAsync(GetBackendKeyArgs args, InvokeOptions? opts = null)
        public static Output<GetBackendKeyResult> Invoke(GetBackendKeyInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetBackendKeyResult> getBackendKey(GetBackendKeyArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: vault:pkiSecret/getBackendKey:getBackendKey
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Backend string
    The path to the PKI secret backend to read the key from, with no leading or trailing /s.
    KeyRef string
    Reference to an existing key.
    Namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    Backend string
    The path to the PKI secret backend to read the key from, with no leading or trailing /s.
    KeyRef string
    Reference to an existing key.
    Namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    backend String
    The path to the PKI secret backend to read the key from, with no leading or trailing /s.
    keyRef String
    Reference to an existing key.
    namespace String
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    backend string
    The path to the PKI secret backend to read the key from, with no leading or trailing /s.
    keyRef string
    Reference to an existing key.
    namespace string
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    backend str
    The path to the PKI secret backend to read the key from, with no leading or trailing /s.
    key_ref str
    Reference to an existing key.
    namespace str
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
    backend String
    The path to the PKI secret backend to read the key from, with no leading or trailing /s.
    keyRef String
    Reference to an existing key.
    namespace String
    The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

    getBackendKey Result

    The following output properties are available:

    Backend string
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyId string
    ID of the key.
    KeyName string
    Name of the key.
    KeyRef string
    KeyType string
    Type of the key.
    Namespace string
    Backend string
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyId string
    ID of the key.
    KeyName string
    Name of the key.
    KeyRef string
    KeyType string
    Type of the key.
    Namespace string
    backend String
    id String
    The provider-assigned unique ID for this managed resource.
    keyId String
    ID of the key.
    keyName String
    Name of the key.
    keyRef String
    keyType String
    Type of the key.
    namespace String
    backend string
    id string
    The provider-assigned unique ID for this managed resource.
    keyId string
    ID of the key.
    keyName string
    Name of the key.
    keyRef string
    keyType string
    Type of the key.
    namespace string
    backend str
    id str
    The provider-assigned unique ID for this managed resource.
    key_id str
    ID of the key.
    key_name str
    Name of the key.
    key_ref str
    key_type str
    Type of the key.
    namespace str
    backend String
    id String
    The provider-assigned unique ID for this managed resource.
    keyId String
    ID of the key.
    keyName String
    Name of the key.
    keyRef String
    keyType String
    Type of the key.
    namespace String

    Package Details

    Repository
    Vault pulumi/pulumi-vault
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the vault Terraform Provider.
    vault logo
    HashiCorp Vault v5.20.0 published on Tuesday, Feb 20, 2024 by Pulumi