Class SecretBackendStaticRole
Creates a Database Secret Backend static role in Vault. Database secret backend static roles can be used to manage 1-to-1 mapping of a Vault Role to a user in a database for the database.
Example Usage
using Pulumi;
using Vault = Pulumi.Vault;
class MyStack : Stack
{
public MyStack()
{
var db = new Vault.Mount("db", new Vault.MountArgs
{
Path = "postgres",
Type = "database",
});
var postgres = new Vault.Database.SecretBackendConnection("postgres", new Vault.Database.SecretBackendConnectionArgs
{
AllowedRoles =
{
"*",
},
Backend = db.Path,
Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs
{
ConnectionUrl = "postgres://username:password@host:port/database",
},
});
var staticRole = new Vault.Database.SecretBackendStaticRole("staticRole", new Vault.Database.SecretBackendStaticRoleArgs
{
Backend = db.Path,
DbName = postgres.Name,
RotationPeriod = "3600",
RotationStatements =
{
"ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';",
},
Username = "example",
});
}
}
Inherited Members
Namespace: Pulumi.Vault.Database
Assembly: Pulumi.Vault.dll
Syntax
public class SecretBackendStaticRole : CustomResourceConstructors
View SourceSecretBackendStaticRole(String, SecretBackendStaticRoleArgs, CustomResourceOptions)
Create a SecretBackendStaticRole resource with the given unique name, arguments, and options.
Declaration
public SecretBackendStaticRole(string name, SecretBackendStaticRoleArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| SecretBackendStaticRoleArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceBackend
The unique name of the Vault mount to configure.
Declaration
public Output<string> Backend { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
DbName
The unique name of the database connection to use for the static role.
Declaration
public Output<string> DbName { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Name
A unique name to give the static role.
Declaration
public Output<string> Name { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
RotationPeriod
The amount of time Vault should wait before rotating the password, in seconds.
Declaration
public Output<int> RotationPeriod { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Int32> |
RotationStatements
Database statements to execute to rotate the password for the configured database user.
Declaration
public Output<ImmutableArray<string>> RotationStatements { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<System.String>> |
Username
The database username that this static role corresponds to.
Declaration
public Output<string> Username { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Methods
View SourceGet(String, Input<String>, SecretBackendStaticRoleState, CustomResourceOptions)
Get an existing SecretBackendStaticRole resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static SecretBackendStaticRole Get(string name, Input<string> id, SecretBackendStaticRoleState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| SecretBackendStaticRoleState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| SecretBackendStaticRole |