Class AuthBackendConfig
Manages an Kubernetes auth backend config in a Vault server. See the Vault documentation for more information.
Example Usage
using Pulumi;
using Vault = Pulumi.Vault;
class MyStack : Stack
{
public MyStack()
{
var kubernetes = new Vault.AuthBackend("kubernetes", new Vault.AuthBackendArgs
{
Type = "kubernetes",
});
var example = new Vault.Kubernetes.AuthBackendConfig("example", new Vault.Kubernetes.AuthBackendConfigArgs
{
Backend = kubernetes.Path,
Issuer = "api",
KubernetesCaCert = @"-----BEGIN CERTIFICATE-----
example
-----END CERTIFICATE-----
",
KubernetesHost = "http://example.com:443",
TokenReviewerJwt = "ZXhhbXBsZQo=",
});
}
}
Inherited Members
Namespace: Pulumi.Vault.Kubernetes
Assembly: Pulumi.Vault.dll
Syntax
public class AuthBackendConfig : CustomResourceConstructors
View SourceAuthBackendConfig(String, AuthBackendConfigArgs, CustomResourceOptions)
Create a AuthBackendConfig resource with the given unique name, arguments, and options.
Declaration
public AuthBackendConfig(string name, AuthBackendConfigArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| AuthBackendConfigArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceBackend
Unique name of the kubernetes backend to configure.
Declaration
public Output<string> Backend { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Issuer
Optional JWT issuer. If no issuer is specified, kubernetes.io/serviceaccount will be used as the default issuer.
Declaration
public Output<string> Issuer { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
KubernetesCaCert
PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API.
Declaration
public Output<string> KubernetesCaCert { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
KubernetesHost
Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.
Declaration
public Output<string> KubernetesHost { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
PemKeys
List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
Declaration
public Output<ImmutableArray<string>> PemKeys { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<System.String>> |
TokenReviewerJwt
A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
Declaration
public Output<string> TokenReviewerJwt { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Methods
View SourceGet(String, Input<String>, AuthBackendConfigState, CustomResourceOptions)
Get an existing AuthBackendConfig resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static AuthBackendConfig Get(string name, Input<string> id, AuthBackendConfigState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| AuthBackendConfigState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| AuthBackendConfig |