Class SecretBackendRole

Creates a role on an PKI Secret Backend for Vault.

Example Usage

using Pulumi;
using Vault = Pulumi.Vault;

class MyStack : Stack
{
public MyStack()
{
    var pki = new Vault.PkiSecret.SecretBackend("pki", new Vault.PkiSecret.SecretBackendArgs
    {
        DefaultLeaseTtlSeconds = 3600,
        MaxLeaseTtlSeconds = 86400,
        Path = "%s",
    });
    var role = new Vault.PkiSecret.SecretBackendRole("role", new Vault.PkiSecret.SecretBackendRoleArgs
    {
        Backend = pki.Path,
    });
}

}
Inheritance
System.Object
Resource
CustomResource
SecretBackendRole
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Vault.PkiSecret
Assembly: Pulumi.Vault.dll
Syntax
public class SecretBackendRole : CustomResource

Constructors

View Source

SecretBackendRole(String, SecretBackendRoleArgs, CustomResourceOptions)

Create a SecretBackendRole resource with the given unique name, arguments, and options.

Declaration
public SecretBackendRole(string name, SecretBackendRoleArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
SecretBackendRoleArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

AllowAnyName

Flag to allow any name

Declaration
public Output<bool?> AllowAnyName { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

AllowBareDomains

Flag to allow certificates matching the actual domain

Declaration
public Output<bool?> AllowBareDomains { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

AllowedDomains

List of allowed domains for certificates

Declaration
public Output<ImmutableArray<string>> AllowedDomains { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

AllowedOtherSans

Defines allowed custom SANs

Declaration
public Output<ImmutableArray<string>> AllowedOtherSans { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

AllowedUriSans

Defines allowed URI SANs

Declaration
public Output<ImmutableArray<string>> AllowedUriSans { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

AllowGlobDomains

Flag to allow names containing glob patterns.

Declaration
public Output<bool?> AllowGlobDomains { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

AllowIpSans

Flag to allow IP SANs

Declaration
public Output<bool?> AllowIpSans { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

AllowLocalhost

Flag to allow certificates for localhost

Declaration
public Output<bool?> AllowLocalhost { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

AllowSubdomains

Flag to allow certificates matching subdomains

Declaration
public Output<bool?> AllowSubdomains { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

Backend

The path the PKI secret backend is mounted at, with no leading or trailing /s.

Declaration
public Output<string> Backend { get; }
Property Value
Type Description
Output<System.String>
View Source

BasicConstraintsValidForNonCa

Flag to mark basic constraints valid when issuing non-CA certificates

Declaration
public Output<bool?> BasicConstraintsValidForNonCa { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

ClientFlag

Flag to specify certificates for client use

Declaration
public Output<bool?> ClientFlag { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

CodeSigningFlag

Flag to specify certificates for code signing use

Declaration
public Output<bool?> CodeSigningFlag { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

Countries

The country of generated certificates

Declaration
public Output<ImmutableArray<string>> Countries { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

EmailProtectionFlag

Flag to specify certificates for email protection use

Declaration
public Output<bool?> EmailProtectionFlag { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

EnforceHostnames

Flag to allow only valid host names

Declaration
public Output<bool?> EnforceHostnames { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

ExtKeyUsages

Specify the allowed extended key usage constraint on issued certificates

Declaration
public Output<ImmutableArray<string>> ExtKeyUsages { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

GenerateLease

Flag to generate leases with certificates

Declaration
public Output<bool?> GenerateLease { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

KeyBits

The number of bits of generated keys

Declaration
public Output<int?> KeyBits { get; }
Property Value
Type Description
Output<System.Nullable<System.Int32>>
View Source

KeyType

The type of generated keys

Declaration
public Output<string> KeyType { get; }
Property Value
Type Description
Output<System.String>
View Source

KeyUsages

Specify the allowed key usage constraint on issued certificates

Declaration
public Output<ImmutableArray<string>> KeyUsages { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

Localities

The locality of generated certificates

Declaration
public Output<ImmutableArray<string>> Localities { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

MaxTtl

The maximum TTL

Declaration
public Output<string> MaxTtl { get; }
Property Value
Type Description
Output<System.String>
View Source

Name

The name to identify this role within the backend. Must be unique within the backend.

Declaration
public Output<string> Name { get; }
Property Value
Type Description
Output<System.String>
View Source

NoStore

Flag to not store certificates in the storage backend

Declaration
public Output<bool?> NoStore { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

NotBeforeDuration

Specifies the duration by which to backdate the NotBefore property.

Declaration
public Output<string> NotBeforeDuration { get; }
Property Value
Type Description
Output<System.String>
View Source

Organizations

The organization of generated certificates

Declaration
public Output<ImmutableArray<string>> Organizations { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

OrganizationUnit

The organization unit of generated certificates

Declaration
public Output<ImmutableArray<string>> OrganizationUnit { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

PolicyIdentifiers

Specify the list of allowed policies IODs

Declaration
public Output<ImmutableArray<string>> PolicyIdentifiers { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

PostalCodes

The postal code of generated certificates

Declaration
public Output<ImmutableArray<string>> PostalCodes { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

Provinces

The province of generated certificates

Declaration
public Output<ImmutableArray<string>> Provinces { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

RequireCn

Flag to force CN usage

Declaration
public Output<bool?> RequireCn { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

ServerFlag

Flag to specify certificates for server use

Declaration
public Output<bool?> ServerFlag { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

StreetAddresses

The street address of generated certificates

Declaration
public Output<ImmutableArray<string>> StreetAddresses { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

Ttl

The TTL

Declaration
public Output<string> Ttl { get; }
Property Value
Type Description
Output<System.String>
View Source

UseCsrCommonName

Flag to use the CN in the CSR

Declaration
public Output<bool?> UseCsrCommonName { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

UseCsrSans

Flag to use the SANs in the CSR

Declaration
public Output<bool?> UseCsrSans { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>

Methods

View Source

Get(String, Input<String>, SecretBackendRoleState, CustomResourceOptions)

Get an existing SecretBackendRole resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static SecretBackendRole Get(string name, Input<string> id, SecretBackendRoleState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
SecretBackendRoleState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
SecretBackendRole