Class ApplicationCredential

Manages a V3 Application Credential resource within OpenStack Keystone.

Note: All arguments including the application credential name and secret will be stored in the raw state as plain-text. Read more about sensitive data in state.

Note: An Application Credential is created within the authenticated user project scope and is not visible by an admin or other accounts. The Application Credential visibility is similar to openstack.compute.Keypair.

Example Usage

Predefined secret

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
public MyStack()
{
    var swift = new OpenStack.Identity.ApplicationCredential("swift", new OpenStack.Identity.ApplicationCredentialArgs
    {
        Description = "Swift technical application credential",
        ExpiresAt = "2019-02-13T12:12:12Z",
        Roles = 
        {
            "swiftoperator",
        },
        Secret = "supersecret",
    });
}

}

Unrestricted with autogenerated secret and unlimited TTL

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
public MyStack()
{
    var unrestricted = new OpenStack.Identity.ApplicationCredential("unrestricted", new OpenStack.Identity.ApplicationCredentialArgs
    {
        Description = "Unrestricted application credential",
        Unrestricted = true,
    });
    this.ApplicationCredentialSecret = unrestricted.Secret;
}

[Output("applicationCredentialSecret")]
public Output<string> ApplicationCredentialSecret { get; set; }
}

Application credential with access rules

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
public MyStack()
{
    var monitoring = new OpenStack.Identity.ApplicationCredential("monitoring", new OpenStack.Identity.ApplicationCredentialArgs
    {
        AccessRules = 
        {
            new OpenStack.Identity.Inputs.ApplicationCredentialAccessRuleArgs
            {
                Method = "GET",
                Path = "/v2.0/metrics",
                Service = "monitoring",
            },
            new OpenStack.Identity.Inputs.ApplicationCredentialAccessRuleArgs
            {
                Method = "PUT",
                Path = "/v2.0/metrics",
                Service = "monitoring",
            },
        },
        ExpiresAt = "2019-02-13T12:12:12Z",
    });
}

}
Inheritance
System.Object
Resource
CustomResource
ApplicationCredential
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.OpenStack.Identity
Assembly: Pulumi.OpenStack.dll
Syntax
public class ApplicationCredential : CustomResource

Constructors

View Source

ApplicationCredential(String, ApplicationCredentialArgs, CustomResourceOptions)

Create a ApplicationCredential resource with the given unique name, arguments, and options.

Declaration
public ApplicationCredential(string name, ApplicationCredentialArgs args = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
ApplicationCredentialArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

AccessRules

A collection of one or more access rules, which this application credential allows to follow. The structure is described below. Changing this creates a new application credential.

Declaration
public Output<ImmutableArray<ApplicationCredentialAccessRule>> AccessRules { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<ApplicationCredentialAccessRule>>
View Source

Description

A description of the application credential. Changing this creates a new application credential.

Declaration
public Output<string> Description { get; }
Property Value
Type Description
Output<System.String>
View Source

ExpiresAt

The expiration time of the application credential in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, an application credential will never expire. Changing this creates a new application credential.

Declaration
public Output<string> ExpiresAt { get; }
Property Value
Type Description
Output<System.String>
View Source

Name

A name of the application credential. Changing this creates a new application credential.

Declaration
public Output<string> Name { get; }
Property Value
Type Description
Output<System.String>
View Source

ProjectId

The ID of the project the application credential was created for and that authentication requests using this application credential will be scoped to.

Declaration
public Output<string> ProjectId { get; }
Property Value
Type Description
Output<System.String>
View Source

Region

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new application credential.

Declaration
public Output<string> Region { get; }
Property Value
Type Description
Output<System.String>
View Source

Roles

A collection of one or more role names, which this application credential has to be associated with its project. If omitted, all the current user's roles within the scoped project will be inherited by a new application credential. Changing this creates a new application credential.

Declaration
public Output<ImmutableArray<string>> Roles { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

Secret

The secret for the application credential. If omitted, it will be generated by the server. Changing this creates a new application credential.

Declaration
public Output<string> Secret { get; }
Property Value
Type Description
Output<System.String>
View Source

Unrestricted

A flag indicating whether the application credential may be used for creation or destruction of other application credentials or trusts. Changing this creates a new application credential.

Declaration
public Output<bool?> Unrestricted { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>

Methods

View Source

Get(String, Input<String>, ApplicationCredentialState, CustomResourceOptions)

Get an existing ApplicationCredential resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static ApplicationCredential Get(string name, Input<string> id, ApplicationCredentialState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
ApplicationCredentialState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
ApplicationCredential