Namespace Pulumi.Vault.Gcp

Classes

AuthBackend

Provides a resource to configure the GCP auth backend within Vault.

Example Usage

using System.IO;
using Pulumi;
using Vault = Pulumi.Vault;

class MyStack : Stack
{
public MyStack()
{
    var gcp = new Vault.Gcp.AuthBackend(&quot;gcp&quot;, new Vault.Gcp.AuthBackendArgs
    {
        Credentials = File.ReadAllText(&quot;vault-gcp-credentials.json&quot;),
    });
}

}

AuthBackendArgs

AuthBackendRole

Provides a resource to create a role in an GCP auth backend within Vault.

AuthBackendRoleArgs

AuthBackendRoleState

AuthBackendState

SecretBackend

SecretBackendArgs

SecretBackendState

SecretRoleset

Creates a Roleset in the GCP Secrets Engine for Vault.

Each Roleset is tied to a Service Account, and can have one or more bindings associated with it.

Example Usage

using System.IO;
using Pulumi;
using Vault = Pulumi.Vault;

class MyStack : Stack
{
public MyStack()
{
    var project = &quot;my-awesome-project&quot;;
    var gcp = new Vault.Gcp.SecretBackend(&quot;gcp&quot;, new Vault.Gcp.SecretBackendArgs
    {
        Credentials = File.ReadAllText(&quot;credentials.json&quot;),
        Path = &quot;gcp&quot;,
    });
    var roleset = new Vault.Gcp.SecretRoleset(&quot;roleset&quot;, new Vault.Gcp.SecretRolesetArgs
    {
        Backend = gcp.Path,
        Bindings = 
        {
            new Vault.Gcp.Inputs.SecretRolesetBindingArgs
            {
                Resource = $&quot;//cloudresourcemanager.googleapis.com/projects/{project}&quot;,
                Roles = 
                {
                    &quot;roles/viewer&quot;,
                },
            },
        },
        Project = project,
        Roleset = &quot;project_viewer&quot;,
        SecretType = &quot;access_token&quot;,
        TokenScopes = 
        {
            &quot;https://www.googleapis.com/auth/cloud-platform&quot;,
        },
    });
}

}