ContainerV1
Manages a V1 Barbican container resource within OpenStack.
Example Usage
Simple secret
using System.IO;
using Pulumi;
using OpenStack = Pulumi.OpenStack;
class MyStack : Stack
{
public MyStack()
{
var certificate1 = new OpenStack.KeyManager.SecretV1("certificate1", new OpenStack.KeyManager.SecretV1Args
{
Payload = File.ReadAllText("cert.pem"),
PayloadContentType = "text/plain",
SecretType = "certificate",
});
var privateKey1 = new OpenStack.KeyManager.SecretV1("privateKey1", new OpenStack.KeyManager.SecretV1Args
{
Payload = File.ReadAllText("cert-key.pem"),
PayloadContentType = "text/plain",
SecretType = "private",
});
var intermediate1 = new OpenStack.KeyManager.SecretV1("intermediate1", new OpenStack.KeyManager.SecretV1Args
{
Payload = File.ReadAllText("intermediate-ca.pem"),
PayloadContentType = "text/plain",
SecretType = "certificate",
});
var tls1 = new OpenStack.KeyManager.ContainerV1("tls1", new OpenStack.KeyManager.ContainerV1Args
{
SecretRefs =
{
new OpenStack.KeyManager.Inputs.ContainerV1SecretRefArgs
{
Name = "certificate",
SecretRef = certificate1.SecretRef,
},
new OpenStack.KeyManager.Inputs.ContainerV1SecretRefArgs
{
Name = "private_key",
SecretRef = privateKey1.SecretRef,
},
new OpenStack.KeyManager.Inputs.ContainerV1SecretRefArgs
{
Name = "intermediates",
SecretRef = intermediate1.SecretRef,
},
},
Type = "certificate",
});
var subnet1 = Output.Create(OpenStack.Networking.GetSubnet.InvokeAsync(new OpenStack.Networking.GetSubnetArgs
{
Name = "my-subnet",
}));
var lb1 = new OpenStack.LoadBalancer.LoadBalancer("lb1", new OpenStack.LoadBalancer.LoadBalancerArgs
{
VipSubnetId = subnet1.Apply(subnet1 => subnet1.Id),
});
var listener1 = new OpenStack.LoadBalancer.Listener("listener1", new OpenStack.LoadBalancer.ListenerArgs
{
DefaultTlsContainerRef = tls1.ContainerRef,
LoadbalancerId = lb1.Id,
Protocol = "TERMINATED_HTTPS",
ProtocolPort = 443,
});
}
}
Coming soon!
import pulumi
import pulumi_openstack as openstack
certificate1 = openstack.keymanager.SecretV1("certificate1",
payload=(lambda path: open(path).read())("cert.pem"),
payload_content_type="text/plain",
secret_type="certificate")
private_key1 = openstack.keymanager.SecretV1("privateKey1",
payload=(lambda path: open(path).read())("cert-key.pem"),
payload_content_type="text/plain",
secret_type="private")
intermediate1 = openstack.keymanager.SecretV1("intermediate1",
payload=(lambda path: open(path).read())("intermediate-ca.pem"),
payload_content_type="text/plain",
secret_type="certificate")
tls1 = openstack.keymanager.ContainerV1("tls1",
secret_refs=[
{
"name": "certificate",
"secret_ref": certificate1.secret_ref,
},
{
"name": "private_key",
"secret_ref": private_key1.secret_ref,
},
{
"name": "intermediates",
"secret_ref": intermediate1.secret_ref,
},
],
type="certificate")
subnet1 = openstack.networking.get_subnet(name="my-subnet")
lb1 = openstack.loadbalancer.LoadBalancer("lb1", vip_subnet_id=subnet1.id)
listener1 = openstack.loadbalancer.Listener("listener1",
default_tls_container_ref=tls1.container_ref,
loadbalancer_id=lb1.id,
protocol="TERMINATED_HTTPS",
protocol_port=443)import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as openstack from "@pulumi/openstack";
const certificate1 = new openstack.keymanager.SecretV1("certificate_1", {
payload: fs.readFileSync("cert.pem", "utf-8"),
payloadContentType: "text/plain",
secretType: "certificate",
});
const privateKey1 = new openstack.keymanager.SecretV1("private_key_1", {
payload: fs.readFileSync("cert-key.pem", "utf-8"),
payloadContentType: "text/plain",
secretType: "private",
});
const intermediate1 = new openstack.keymanager.SecretV1("intermediate_1", {
payload: fs.readFileSync("intermediate-ca.pem", "utf-8"),
payloadContentType: "text/plain",
secretType: "certificate",
});
const tls1 = new openstack.keymanager.ContainerV1("tls_1", {
secretRefs: [
{
name: "certificate",
secretRef: certificate1.secretRef,
},
{
name: "private_key",
secretRef: privateKey1.secretRef,
},
{
name: "intermediates",
secretRef: intermediate1.secretRef,
},
],
type: "certificate",
});
const subnet1 = pulumi.output(openstack.networking.getSubnet({
name: "my-subnet",
}, { async: true }));
const lb1 = new openstack.loadbalancer.LoadBalancer("lb_1", {
vipSubnetId: subnet1.id,
});
const listener1 = new openstack.loadbalancer.Listener("listener_1", {
defaultTlsContainerRef: tls1.containerRef,
loadbalancerId: lb1.id,
protocol: "TERMINATED_HTTPS",
protocolPort: 443,
});Container with the ACL
using Pulumi;
using OpenStack = Pulumi.OpenStack;
class MyStack : Stack
{
public MyStack()
{
var tls1 = new OpenStack.KeyManager.ContainerV1("tls1", new OpenStack.KeyManager.ContainerV1Args
{
Acl = new OpenStack.KeyManager.Inputs.ContainerV1AclArgs
{
Read = new OpenStack.KeyManager.Inputs.ContainerV1AclReadArgs
{
ProjectAccess = false,
Users =
{
"userid1",
"userid2",
},
},
},
SecretRefs =
{
new OpenStack.KeyManager.Inputs.ContainerV1SecretRefArgs
{
Name = "certificate",
SecretRef = openstack_keymanager_secret_v1.Certificate_1.Secret_ref,
},
new OpenStack.KeyManager.Inputs.ContainerV1SecretRefArgs
{
Name = "private_key",
SecretRef = openstack_keymanager_secret_v1.Private_key_1.Secret_ref,
},
new OpenStack.KeyManager.Inputs.ContainerV1SecretRefArgs
{
Name = "intermediates",
SecretRef = openstack_keymanager_secret_v1.Intermediate_1.Secret_ref,
},
},
Type = "certificate",
});
}
}
Coming soon!
import pulumi
import pulumi_openstack as openstack
tls1 = openstack.keymanager.ContainerV1("tls1",
acl={
"read": {
"projectAccess": False,
"users": [
"userid1",
"userid2",
],
},
},
secret_refs=[
{
"name": "certificate",
"secret_ref": openstack_keymanager_secret_v1["certificate_1"]["secret_ref"],
},
{
"name": "private_key",
"secret_ref": openstack_keymanager_secret_v1["private_key_1"]["secret_ref"],
},
{
"name": "intermediates",
"secret_ref": openstack_keymanager_secret_v1["intermediate_1"]["secret_ref"],
},
],
type="certificate")import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";
const tls1 = new openstack.keymanager.ContainerV1("tls_1", {
acl: {
read: {
projectAccess: false,
users: [
"userid1",
"userid2",
],
},
},
secretRefs: [
{
name: "certificate",
secretRef: openstack_keymanager_secret_v1_certificate_1.secretRef,
},
{
name: "private_key",
secretRef: openstack_keymanager_secret_v1_private_key_1.secretRef,
},
{
name: "intermediates",
secretRef: openstack_keymanager_secret_v1_intermediate_1.secretRef,
},
],
type: "certificate",
});Create a ContainerV1 Resource
new ContainerV1(name: string, args: ContainerV1Args, opts?: CustomResourceOptions);def ContainerV1(resource_name, opts=None, acl=None, name=None, region=None, secret_refs=None, type=None, __props__=None);func NewContainerV1(ctx *Context, name string, args ContainerV1Args, opts ...ResourceOption) (*ContainerV1, error)public ContainerV1(string name, ContainerV1Args args, CustomResourceOptions? opts = null)- name string
- The unique name of the resource.
- args ContainerV1Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ContainerV1Args
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ContainerV1Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
ContainerV1 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The ContainerV1 resource accepts the following input properties:
- Type string
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- Acl
Pulumi.
Open Stack. Key Manager. Inputs. Container V1Acl Args Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- Name string
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- Region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- Secret
Refs List<Pulumi.Open Stack. Key Manager. Inputs. Container V1Secret Ref Args> A set of dictionaries containing references to secrets. The structure is described below.
- Type string
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- Acl
Container
V1Acl Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- Name string
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- Region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- Secret
Refs []ContainerV1Secret Ref A set of dictionaries containing references to secrets. The structure is described below.
- type string
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- acl
Container
V1Acl Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- name string
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- secret
Refs ContainerV1Secret Ref[] A set of dictionaries containing references to secrets. The structure is described below.
- type str
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- acl
Dict[Container
V1Acl] Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- name str
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- region str
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- secret_
refs List[ContainerV1Secret Ref] A set of dictionaries containing references to secrets. The structure is described below.
Outputs
All input properties are implicitly available as output properties. Additionally, the ContainerV1 resource produces the following output properties:
- Consumers
List<Pulumi.
Open Stack. Key Manager. Outputs. Container V1Consumer> The list of the container consumers. The structure is described below.
- Container
Ref string The container reference / where to find the container.
- Created
At string The date the container ACL was created.
- Creator
Id string The creator of the container.
- Id string
- The provider-assigned unique ID for this managed resource.
- Status string
The status of the container.
- Updated
At string The date the container ACL was last updated.
- Consumers
[]Container
V1Consumer The list of the container consumers. The structure is described below.
- Container
Ref string The container reference / where to find the container.
- Created
At string The date the container ACL was created.
- Creator
Id string The creator of the container.
- Id string
- The provider-assigned unique ID for this managed resource.
- Status string
The status of the container.
- Updated
At string The date the container ACL was last updated.
- consumers
Container
V1Consumer[] The list of the container consumers. The structure is described below.
- container
Ref string The container reference / where to find the container.
- created
At string The date the container ACL was created.
- creator
Id string The creator of the container.
- id string
- The provider-assigned unique ID for this managed resource.
- status string
The status of the container.
- updated
At string The date the container ACL was last updated.
- consumers
List[Container
V1Consumer] The list of the container consumers. The structure is described below.
- container_
ref str The container reference / where to find the container.
- created_
at str The date the container ACL was created.
- creator_
id str The creator of the container.
- id str
- The provider-assigned unique ID for this managed resource.
- status str
The status of the container.
- updated_
at str The date the container ACL was last updated.
Look up an Existing ContainerV1 Resource
Get an existing ContainerV1 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ContainerV1State, opts?: CustomResourceOptions): ContainerV1static get(resource_name, id, opts=None, acl=None, consumers=None, container_ref=None, created_at=None, creator_id=None, name=None, region=None, secret_refs=None, status=None, type=None, updated_at=None, __props__=None);func GetContainerV1(ctx *Context, name string, id IDInput, state *ContainerV1State, opts ...ResourceOption) (*ContainerV1, error)public static ContainerV1 Get(string name, Input<string> id, ContainerV1State? state, CustomResourceOptions? opts = null)- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Acl
Pulumi.
Open Stack. Key Manager. Inputs. Container V1Acl Args Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- Consumers
List<Pulumi.
Open Stack. Key Manager. Inputs. Container V1Consumer Args> The list of the container consumers. The structure is described below.
- Container
Ref string The container reference / where to find the container.
- Created
At string The date the container ACL was created.
- Creator
Id string The creator of the container.
- Name string
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- Region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- Secret
Refs List<Pulumi.Open Stack. Key Manager. Inputs. Container V1Secret Ref Args> A set of dictionaries containing references to secrets. The structure is described below.
- Status string
The status of the container.
- Type string
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- Updated
At string The date the container ACL was last updated.
- Acl
Container
V1Acl Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- Consumers
[]Container
V1Consumer The list of the container consumers. The structure is described below.
- Container
Ref string The container reference / where to find the container.
- Created
At string The date the container ACL was created.
- Creator
Id string The creator of the container.
- Name string
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- Region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- Secret
Refs []ContainerV1Secret Ref A set of dictionaries containing references to secrets. The structure is described below.
- Status string
The status of the container.
- Type string
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- Updated
At string The date the container ACL was last updated.
- acl
Container
V1Acl Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- consumers
Container
V1Consumer[] The list of the container consumers. The structure is described below.
- container
Ref string The container reference / where to find the container.
- created
At string The date the container ACL was created.
- creator
Id string The creator of the container.
- name string
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- secret
Refs ContainerV1Secret Ref[] A set of dictionaries containing references to secrets. The structure is described below.
- status string
The status of the container.
- type string
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- updated
At string The date the container ACL was last updated.
- acl
Dict[Container
V1Acl] Allows to control an access to a container. Currently only the
readoperation is supported. If not specified, the container is accessible project wide. Thereadstructure is described below.- consumers
List[Container
V1Consumer] The list of the container consumers. The structure is described below.
- container_
ref str The container reference / where to find the container.
- created_
at str The date the container ACL was created.
- creator_
id str The creator of the container.
- name str
The name of the secret reference. The reference names must correspond the container type, more details are available here.
- region str
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 container.- secret_
refs List[ContainerV1Secret Ref] A set of dictionaries containing references to secrets. The structure is described below.
- status str
The status of the container.
- type str
Used to indicate the type of container. Must be one of
generic,rsaorcertificate.- updated_
at str The date the container ACL was last updated.
Supporting Types
ContainerV1Acl
ContainerV1AclRead
- Created
At string The date the container ACL was created.
- Project
Access bool Whether the container is accessible project wide. Defaults to
true.- Updated
At string The date the container ACL was last updated.
- Users List<string>
The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- Created
At string The date the container ACL was created.
- Project
Access bool Whether the container is accessible project wide. Defaults to
true.- Updated
At string The date the container ACL was last updated.
- Users []string
The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- created
At string The date the container ACL was created.
- project
Access boolean Whether the container is accessible project wide. Defaults to
true.- updated
At string The date the container ACL was last updated.
- users string[]
The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- created_
at str The date the container ACL was created.
- project
Access bool Whether the container is accessible project wide. Defaults to
true.- updated_
at str The date the container ACL was last updated.
- users List[str]
The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
ContainerV1Consumer
See the output API doc for this type.
See the output API doc for this type.
See the output API doc for this type.
ContainerV1SecretRef
- secret_
ref str The secret reference / where to find the secret, URL.
- name str
The name of the secret reference. The reference names must correspond the container type, more details are available here.
Package Details
- Repository
- https://github.com/pulumi/pulumi-openstack
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
openstackTerraform Provider.