Module generic

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-vault repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-vault repo.

Resources

Resource Endpoint

class Endpoint extends CustomResource

constructor

new Endpoint(name: string, args: EndpointArgs, opts?: pulumi.CustomResourceOptions)

Create a Endpoint resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: EndpointState, opts?: pulumi.CustomResourceOptions): Endpoint

Get an existing Endpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Endpoint

Returns true if the given object is an instance of Endpoint. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property dataJson

public dataJson: pulumi.Output<string>;

String containing a JSON-encoded object that will be written to the given path as the secret data.

property disableDelete

public disableDelete: pulumi.Output<boolean | undefined>;

Don’t attempt to delete the path from Vault if true

property disableRead

public disableRead: pulumi.Output<boolean | undefined>;

True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the GET method. Setting this to true will break drift detection. You should set this to true for endpoints that are write-only. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ignoreAbsentFields

public ignoreAbsentFields: pulumi.Output<boolean | undefined>;

When reading, disregard fields not present in data_json

property path

public path: pulumi.Output<string>;

The full logical path at which to write the given data. Consult each backend’s documentation to see which endpoints support the PUT methods and to determine whether they also support DELETE and GET.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property writeData

public writeData: pulumi.Output<{[key: string]: string}>;

Map of strings returned by write operation

property writeDataJson

public writeDataJson: pulumi.Output<string>;

JSON data returned by write operation

property writeFields

public writeFields: pulumi.Output<string[] | undefined>;

Top-level fields returned by write to persist in state

Resource Secret

class Secret extends CustomResource

constructor

new Secret(name: string, args: SecretArgs, opts?: pulumi.CustomResourceOptions)

Create a Secret resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecretState, opts?: pulumi.CustomResourceOptions): Secret

Get an existing Secret resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Secret

Returns true if the given object is an instance of Secret. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property data

public data: pulumi.Output<{[key: string]: any}>;

A mapping whose keys are the top-level data keys returned from Vault and whose values are the corresponding values. This map can only represent string data, so any non-string values returned from Vault are serialized as JSON.

property dataJson

public dataJson: pulumi.Output<string>;

String containing a JSON-encoded object that will be written as the secret data at the given path.

property disableRead

public disableRead: pulumi.Output<boolean | undefined>;

True/false. Set this to true if your vault authentication is not able to read the data. Setting this to true will break drift detection. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property path

public path: pulumi.Output<string>;

The full logical path at which to write the given data. To write data into the “generic” secret backend mounted in Vault by default, this should be prefixed with secret/. Writing to other backends with this resource is possible; consult each backend’s documentation to see which endpoints support the PUT and DELETE methods.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Functions

Function getSecret

getSecret(args: GetSecretArgs, opts?: pulumi.InvokeOptions): Promise<GetSecretResult>

Others

interface EndpointArgs

interface EndpointArgs

The set of arguments for constructing a Endpoint resource.

property dataJson

dataJson: pulumi.Input<string>;

String containing a JSON-encoded object that will be written to the given path as the secret data.

property disableDelete

disableDelete?: pulumi.Input<boolean>;

Don’t attempt to delete the path from Vault if true

property disableRead

disableRead?: pulumi.Input<boolean>;

property ignoreAbsentFields

ignoreAbsentFields?: pulumi.Input<boolean>;

When reading, disregard fields not present in data_json

property path

path: pulumi.Input<string>;

property writeFields

writeFields?: pulumi.Input<pulumi.Input<string>[]>;

Top-level fields returned by write to persist in state

interface EndpointState

interface EndpointState

Input properties used for looking up and filtering Endpoint resources.

property dataJson

dataJson?: pulumi.Input<string>;

String containing a JSON-encoded object that will be written to the given path as the secret data.

property disableDelete

disableDelete?: pulumi.Input<boolean>;

Don’t attempt to delete the path from Vault if true

property disableRead

disableRead?: pulumi.Input<boolean>;

property ignoreAbsentFields

ignoreAbsentFields?: pulumi.Input<boolean>;

When reading, disregard fields not present in data_json

property path

path?: pulumi.Input<string>;

property writeData

writeData?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Map of strings returned by write operation

property writeDataJson

writeDataJson?: pulumi.Input<string>;

JSON data returned by write operation

property writeFields

writeFields?: pulumi.Input<pulumi.Input<string>[]>;

Top-level fields returned by write to persist in state

interface GetSecretArgs

interface GetSecretArgs

A collection of arguments for invoking getSecret.

property path

path: string;

The full logical path from which to request data. To read data from the “generic” secret backend mounted in Vault by default, this should be prefixed with secret/. Reading from other backends with this data source is possible; consult each backend’s documentation to see which endpoints support the GET method.

property version

version?: undefined | number;

interface GetSecretResult

interface GetSecretResult

A collection of values returned by getSecret.

property data

data: {[key: string]: any};

property dataJson

dataJson: string;

A string containing the full data payload retrieved from Vault, serialized in JSON format.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property leaseDuration

leaseDuration: number;

The duration of the secret lease, in seconds relative to the time the data was requested. Once this time has passed any plan generated with this data may fail to apply.

property leaseId

leaseId: string;

The lease identifier assigned by Vault, if any.

property leaseRenewable

leaseRenewable: boolean;

property leaseStartTime

leaseStartTime: string;

property path

path: string;

property version

version?: undefined | number;

interface SecretArgs

interface SecretArgs

The set of arguments for constructing a Secret resource.

property dataJson

dataJson: pulumi.Input<string>;

String containing a JSON-encoded object that will be written as the secret data at the given path.

property disableRead

disableRead?: pulumi.Input<boolean>;

True/false. Set this to true if your vault authentication is not able to read the data. Setting this to true will break drift detection. Defaults to false.

property path

path: pulumi.Input<string>;

interface SecretState

interface SecretState

Input properties used for looking up and filtering Secret resources.

property data

data?: pulumi.Input<{[key: string]: any}>;

property dataJson

dataJson?: pulumi.Input<string>;

String containing a JSON-encoded object that will be written as the secret data at the given path.

property disableRead

disableRead?: pulumi.Input<boolean>;

True/false. Set this to true if your vault authentication is not able to read the data. Setting this to true will break drift detection. Defaults to false.

property path

path?: pulumi.Input<string>;

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

Module generic

Resources

Functions

Others

Resources

Functions

Others