1. Docs
  2. Reference
  3. API
  4. pulumi_vault
  5. database

database

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-vault repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-vault repo.

class pulumi_vault.database.SecretBackendConnection(resource_name, opts=None, allowed_roles=None, backend=None, cassandra=None, data=None, elasticsearch=None, hana=None, mongodb=None, mssql=None, mysql=None, mysql_aurora=None, mysql_legacy=None, mysql_rds=None, name=None, oracle=None, postgresql=None, root_rotation_statements=None, verify_connection=None, __props__=None, __name__=None, __opts__=None)

Create a SecretBackendConnection resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[list] allowed_roles: A list of roles that are allowed to use this

connection.

Parameters

  • backend (pulumi.Input[str]) – The unique name of the Vault mount to configure.

  • cassandra (pulumi.Input[dict]) – A nested block containing configuration options for Cassandra connections.

  • data (pulumi.Input[dict]) – A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

  • elasticsearch (pulumi.Input[dict]) – A nested block containing configuration options for Elasticsearch connections.

  • hana (pulumi.Input[dict]) – A nested block containing configuration options for SAP HanaDB connections.

  • mongodb (pulumi.Input[dict]) – A nested block containing configuration options for MongoDB connections.

  • mssql (pulumi.Input[dict]) – A nested block containing configuration options for MSSQL connections.

  • mysql (pulumi.Input[dict]) – A nested block containing configuration options for MySQL connections.

  • mysql_aurora (pulumi.Input[dict]) – A nested block containing configuration options for Aurora MySQL connections.

  • mysql_legacy (pulumi.Input[dict]) – A nested block containing configuration options for legacy MySQL connections.

  • mysql_rds (pulumi.Input[dict]) – A nested block containing configuration options for RDS MySQL connections.

  • name (pulumi.Input[str]) – A unique name to give the database connection.

  • oracle (pulumi.Input[dict]) – A nested block containing configuration options for Oracle connections.

  • postgresql (pulumi.Input[dict]) – A nested block containing configuration options for PostgreSQL connections.

  • root_rotation_statements (pulumi.Input[list]) – A list of database statements to be executed to rotate the root user’s credentials.

  • verify_connection (pulumi.Input[bool]) – Whether the connection should be verified on initial configuration or not.

The cassandra object supports the following:

  • connectTimeout (pulumi.Input[float]) - The number of seconds to use as a connection timeout.

  • hosts (pulumi.Input[list]) - The hosts to connect to.

  • insecure_tls (pulumi.Input[bool]) - Whether to skip verification of the server certificate when using TLS.

  • password (pulumi.Input[str]) - The password to be used in the connection.

  • pem_bundle (pulumi.Input[str]) - Concatenated PEM blocks configuring the certificate chain.

  • pemJson (pulumi.Input[str]) - A JSON structure configuring the certificate chain.

  • port (pulumi.Input[float]) - The default port to connect to if no port is specified as part of the host.

  • protocolVersion (pulumi.Input[float]) - The CQL protocol version to use.

  • tls (pulumi.Input[bool]) - Whether to use TLS when connecting to Cassandra.

  • username (pulumi.Input[str]) - The username to be used in the connection.

The elasticsearch object supports the following:

  • password (pulumi.Input[str]) - The password to be used in the connection.

  • url (pulumi.Input[str]) - The URL for Elasticsearch’s API. https requires certificate by trusted CA if used.

  • username (pulumi.Input[str]) - The username to be used in the connection.

The hana object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mongodb object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mssql object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql_aurora object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql_legacy object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql_rds object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The oracle object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The postgresql object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

allowed_roles: pulumi.Output[list] = None

A list of roles that are allowed to use this connection.

backend: pulumi.Output[str] = None

The unique name of the Vault mount to configure.

cassandra: pulumi.Output[dict] = None

A nested block containing configuration options for Cassandra connections.

  • connectTimeout (float) - The number of seconds to use as a connection timeout.

  • hosts (list) - The hosts to connect to.

  • insecure_tls (bool) - Whether to skip verification of the server certificate when using TLS.

  • password (str) - The password to be used in the connection.

  • pem_bundle (str) - Concatenated PEM blocks configuring the certificate chain.

  • pemJson (str) - A JSON structure configuring the certificate chain.

  • port (float) - The default port to connect to if no port is specified as part of the host.

  • protocolVersion (float) - The CQL protocol version to use.

  • tls (bool) - Whether to use TLS when connecting to Cassandra.

  • username (str) - The username to be used in the connection.

data: pulumi.Output[dict] = None

A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

elasticsearch: pulumi.Output[dict] = None

A nested block containing configuration options for Elasticsearch connections.

  • password (str) - The password to be used in the connection.

  • url (str) - The URL for Elasticsearch’s API. https requires certificate by trusted CA if used.

  • username (str) - The username to be used in the connection.

hana: pulumi.Output[dict] = None

A nested block containing configuration options for SAP HanaDB connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

mongodb: pulumi.Output[dict] = None

A nested block containing configuration options for MongoDB connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

mssql: pulumi.Output[dict] = None

A nested block containing configuration options for MSSQL connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

mysql: pulumi.Output[dict] = None

A nested block containing configuration options for MySQL connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

mysql_aurora: pulumi.Output[dict] = None

A nested block containing configuration options for Aurora MySQL connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

mysql_legacy: pulumi.Output[dict] = None

A nested block containing configuration options for legacy MySQL connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

mysql_rds: pulumi.Output[dict] = None

A nested block containing configuration options for RDS MySQL connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

name: pulumi.Output[str] = None

A unique name to give the database connection.

oracle: pulumi.Output[dict] = None

A nested block containing configuration options for Oracle connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

postgresql: pulumi.Output[dict] = None

A nested block containing configuration options for PostgreSQL connections.

  • connectionUrl (str) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (float) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (float) - The maximum number of idle connections to maintain.

  • maxOpenConnections (float) - The maximum number of open connections to use.

root_rotation_statements: pulumi.Output[list] = None

A list of database statements to be executed to rotate the root user’s credentials.

verify_connection: pulumi.Output[bool] = None

Whether the connection should be verified on initial configuration or not.

static get(resource_name, id, opts=None, allowed_roles=None, backend=None, cassandra=None, data=None, elasticsearch=None, hana=None, mongodb=None, mssql=None, mysql=None, mysql_aurora=None, mysql_legacy=None, mysql_rds=None, name=None, oracle=None, postgresql=None, root_rotation_statements=None, verify_connection=None)

Get an existing SecretBackendConnection resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • allowed_roles (pulumi.Input[list]) – A list of roles that are allowed to use this connection.

  • backend (pulumi.Input[str]) – The unique name of the Vault mount to configure.

  • cassandra (pulumi.Input[dict]) – A nested block containing configuration options for Cassandra connections.

  • data (pulumi.Input[dict]) – A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

  • elasticsearch (pulumi.Input[dict]) – A nested block containing configuration options for Elasticsearch connections.

  • hana (pulumi.Input[dict]) – A nested block containing configuration options for SAP HanaDB connections.

  • mongodb (pulumi.Input[dict]) – A nested block containing configuration options for MongoDB connections.

  • mssql (pulumi.Input[dict]) – A nested block containing configuration options for MSSQL connections.

  • mysql (pulumi.Input[dict]) – A nested block containing configuration options for MySQL connections.

  • mysql_aurora (pulumi.Input[dict]) – A nested block containing configuration options for Aurora MySQL connections.

  • mysql_legacy (pulumi.Input[dict]) – A nested block containing configuration options for legacy MySQL connections.

  • mysql_rds (pulumi.Input[dict]) – A nested block containing configuration options for RDS MySQL connections.

  • name (pulumi.Input[str]) – A unique name to give the database connection.

  • oracle (pulumi.Input[dict]) – A nested block containing configuration options for Oracle connections.

  • postgresql (pulumi.Input[dict]) – A nested block containing configuration options for PostgreSQL connections.

  • root_rotation_statements (pulumi.Input[list]) – A list of database statements to be executed to rotate the root user’s credentials.

  • verify_connection (pulumi.Input[bool]) – Whether the connection should be verified on initial configuration or not.

The cassandra object supports the following:

  • connectTimeout (pulumi.Input[float]) - The number of seconds to use as a connection timeout.

  • hosts (pulumi.Input[list]) - The hosts to connect to.

  • insecure_tls (pulumi.Input[bool]) - Whether to skip verification of the server certificate when using TLS.

  • password (pulumi.Input[str]) - The password to be used in the connection.

  • pem_bundle (pulumi.Input[str]) - Concatenated PEM blocks configuring the certificate chain.

  • pemJson (pulumi.Input[str]) - A JSON structure configuring the certificate chain.

  • port (pulumi.Input[float]) - The default port to connect to if no port is specified as part of the host.

  • protocolVersion (pulumi.Input[float]) - The CQL protocol version to use.

  • tls (pulumi.Input[bool]) - Whether to use TLS when connecting to Cassandra.

  • username (pulumi.Input[str]) - The username to be used in the connection.

The elasticsearch object supports the following:

  • password (pulumi.Input[str]) - The password to be used in the connection.

  • url (pulumi.Input[str]) - The URL for Elasticsearch’s API. https requires certificate by trusted CA if used.

  • username (pulumi.Input[str]) - The username to be used in the connection.

The hana object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mongodb object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mssql object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql_aurora object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql_legacy object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The mysql_rds object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The oracle object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

The postgresql object supports the following:

  • connectionUrl (pulumi.Input[str]) - A URL containing connection information. See the Vault docs for an example.

  • maxConnectionLifetime (pulumi.Input[float]) - The maximum number of seconds to keep a connection alive for.

  • maxIdleConnections (pulumi.Input[float]) - The maximum number of idle connections to maintain.

  • maxOpenConnections (pulumi.Input[float]) - The maximum number of open connections to use.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_vault.database.SecretBackendRole(resource_name, opts=None, backend=None, creation_statements=None, db_name=None, default_ttl=None, max_ttl=None, name=None, renew_statements=None, revocation_statements=None, rollback_statements=None, __props__=None, __name__=None, __opts__=None)

Create a SecretBackendRole resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] backend: The unique name of the Vault mount to configure. :param pulumi.Input[list] creation_statements: The database statements to execute when

creating a user.

Parameters

  • db_name (pulumi.Input[str]) – The unique name of the database connection to use for the role.

  • default_ttl (pulumi.Input[float]) – The default number of seconds for leases for this role.

  • max_ttl (pulumi.Input[float]) – The maximum number of seconds for leases for this role.

  • name (pulumi.Input[str]) – A unique name to give the role.

  • renew_statements (pulumi.Input[list]) – The database statements to execute when renewing a user.

  • revocation_statements (pulumi.Input[list]) – The database statements to execute when revoking a user.

  • rollback_statements (pulumi.Input[list]) – The database statements to execute when rolling back creation due to an error.

backend: pulumi.Output[str] = None

The unique name of the Vault mount to configure.

creation_statements: pulumi.Output[list] = None

The database statements to execute when creating a user.

db_name: pulumi.Output[str] = None

The unique name of the database connection to use for the role.

default_ttl: pulumi.Output[float] = None

The default number of seconds for leases for this role.

max_ttl: pulumi.Output[float] = None

The maximum number of seconds for leases for this role.

name: pulumi.Output[str] = None

A unique name to give the role.

renew_statements: pulumi.Output[list] = None

The database statements to execute when renewing a user.

revocation_statements: pulumi.Output[list] = None

The database statements to execute when revoking a user.

rollback_statements: pulumi.Output[list] = None

The database statements to execute when rolling back creation due to an error.

static get(resource_name, id, opts=None, backend=None, creation_statements=None, db_name=None, default_ttl=None, max_ttl=None, name=None, renew_statements=None, revocation_statements=None, rollback_statements=None)

Get an existing SecretBackendRole resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • backend (pulumi.Input[str]) – The unique name of the Vault mount to configure.

  • creation_statements (pulumi.Input[list]) – The database statements to execute when creating a user.

  • db_name (pulumi.Input[str]) – The unique name of the database connection to use for the role.

  • default_ttl (pulumi.Input[float]) – The default number of seconds for leases for this role.

  • max_ttl (pulumi.Input[float]) – The maximum number of seconds for leases for this role.

  • name (pulumi.Input[str]) – A unique name to give the role.

  • renew_statements (pulumi.Input[list]) – The database statements to execute when renewing a user.

  • revocation_statements (pulumi.Input[list]) – The database statements to execute when revoking a user.

  • rollback_statements (pulumi.Input[list]) – The database statements to execute when rolling back creation due to an error.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_vault.database.SecretBackendStaticRole(resource_name, opts=None, backend=None, db_name=None, name=None, rotation_period=None, rotation_statements=None, username=None, __props__=None, __name__=None, __opts__=None)

Creates a Database Secret Backend static role in Vault. Database secret backend static roles can be used to manage 1-to-1 mapping of a Vault Role to a user in a database for the database.

import pulumi
import pulumi_vault as vault

db = vault.Mount("db",
    path="postgres",
    type="database")
postgres = vault.database.SecretBackendConnection("postgres",
    allowed_roles=["*"],
    backend=db.path,
    postgresql={
        "connectionUrl": "postgres://username:password@host:port/database",
    })
static_role = vault.database.SecretBackendStaticRole("staticRole",
    backend=db.path,
    db_name=postgres.name,
    rotation_period="3600",
    rotation_statements=["ALTER USER "{{name}}" WITH PASSWORD '{{password}}';"],
    username="example")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • backend (pulumi.Input[str]) – The unique name of the Vault mount to configure.

  • db_name (pulumi.Input[str]) – The unique name of the database connection to use for the static role.

  • name (pulumi.Input[str]) – A unique name to give the static role.

  • rotation_period (pulumi.Input[float]) – The amount of time Vault should wait before rotating the password, in seconds.

  • rotation_statements (pulumi.Input[list]) – Database statements to execute to rotate the password for the configured database user.

  • username (pulumi.Input[str]) – The database username that this static role corresponds to.

backend: pulumi.Output[str] = None

The unique name of the Vault mount to configure.

db_name: pulumi.Output[str] = None

The unique name of the database connection to use for the static role.

name: pulumi.Output[str] = None

A unique name to give the static role.

rotation_period: pulumi.Output[float] = None

The amount of time Vault should wait before rotating the password, in seconds.

rotation_statements: pulumi.Output[list] = None

Database statements to execute to rotate the password for the configured database user.

username: pulumi.Output[str] = None

The database username that this static role corresponds to.

static get(resource_name, id, opts=None, backend=None, db_name=None, name=None, rotation_period=None, rotation_statements=None, username=None)

Get an existing SecretBackendStaticRole resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • backend (pulumi.Input[str]) – The unique name of the Vault mount to configure.

  • db_name (pulumi.Input[str]) – The unique name of the database connection to use for the static role.

  • name (pulumi.Input[str]) – A unique name to give the static role.

  • rotation_period (pulumi.Input[float]) – The amount of time Vault should wait before rotating the password, in seconds.

  • rotation_statements (pulumi.Input[list]) – Database statements to execute to rotate the password for the configured database user.

  • username (pulumi.Input[str]) – The database username that this static role corresponds to.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str