1. Docs
  2. Reference
  3. API
  4. pulumi_vault
  5. generic

generic

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-vault repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-vault repo.

class pulumi_vault.generic.AwaitableGetSecretResult(data=None, data_json=None, id=None, lease_duration=None, lease_id=None, lease_renewable=None, lease_start_time=None, path=None, version=None)
class pulumi_vault.generic.Endpoint(resource_name, opts=None, data_json=None, disable_delete=None, disable_read=None, ignore_absent_fields=None, path=None, write_fields=None, __props__=None, __name__=None, __opts__=None)

Create a Endpoint resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be

written to the given path as the secret data.

Parameters

  • disable_delete (pulumi.Input[bool]) – Don’t attempt to delete the path from Vault if true

  • disable_read (pulumi.Input[bool]) – True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the GET method. Setting this to true will break drift detection. You should set this to true for endpoints that are write-only. Defaults to false.

  • ignore_absent_fields (pulumi.Input[bool]) – When reading, disregard fields not present in data_json

  • path (pulumi.Input[str]) – The full logical path at which to write the given data. Consult each backend’s documentation to see which endpoints support the PUT methods and to determine whether they also support DELETE and GET.

  • write_fields (pulumi.Input[list]) – Top-level fields returned by write to persist in state

data_json: pulumi.Output[str] = None

String containing a JSON-encoded object that will be written to the given path as the secret data.

disable_delete: pulumi.Output[bool] = None

Don’t attempt to delete the path from Vault if true

disable_read: pulumi.Output[bool] = None

True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the GET method. Setting this to true will break drift detection. You should set this to true for endpoints that are write-only. Defaults to false.

ignore_absent_fields: pulumi.Output[bool] = None

When reading, disregard fields not present in data_json

path: pulumi.Output[str] = None

The full logical path at which to write the given data. Consult each backend’s documentation to see which endpoints support the PUT methods and to determine whether they also support DELETE and GET.

write_data: pulumi.Output[dict] = None

Map of strings returned by write operation

write_data_json: pulumi.Output[str] = None

JSON data returned by write operation

write_fields: pulumi.Output[list] = None

Top-level fields returned by write to persist in state

static get(resource_name, id, opts=None, data_json=None, disable_delete=None, disable_read=None, ignore_absent_fields=None, path=None, write_data=None, write_data_json=None, write_fields=None)

Get an existing Endpoint resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • data_json (pulumi.Input[str]) – String containing a JSON-encoded object that will be written to the given path as the secret data.

  • disable_delete (pulumi.Input[bool]) – Don’t attempt to delete the path from Vault if true

  • disable_read (pulumi.Input[bool]) – True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the GET method. Setting this to true will break drift detection. You should set this to true for endpoints that are write-only. Defaults to false.

  • ignore_absent_fields (pulumi.Input[bool]) – When reading, disregard fields not present in data_json

  • path (pulumi.Input[str]) – The full logical path at which to write the given data. Consult each backend’s documentation to see which endpoints support the PUT methods and to determine whether they also support DELETE and GET.

  • write_data (pulumi.Input[dict]) – Map of strings returned by write operation

  • write_data_json (pulumi.Input[str]) – JSON data returned by write operation

  • write_fields (pulumi.Input[list]) – Top-level fields returned by write to persist in state

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_vault.generic.GetSecretResult(data=None, data_json=None, id=None, lease_duration=None, lease_id=None, lease_renewable=None, lease_start_time=None, path=None, version=None)

A collection of values returned by getSecret.

data = None

A mapping whose keys are the top-level data keys returned from Vault and whose values are the corresponding values. This map can only represent string data, so any non-string values returned from Vault are serialized as JSON.

data_json = None

A string containing the full data payload retrieved from Vault, serialized in JSON format.

id = None

The provider-assigned unique ID for this managed resource.

lease_duration = None

The duration of the secret lease, in seconds relative to the time the data was requested. Once this time has passed any plan generated with this data may fail to apply.

lease_id = None

The lease identifier assigned by Vault, if any.

class pulumi_vault.generic.Secret(resource_name, opts=None, data_json=None, disable_read=None, path=None, __props__=None, __name__=None, __opts__=None)

Create a Secret resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be

written as the secret data at the given path.

Parameters

  • disable_read (pulumi.Input[bool]) – True/false. Set this to true if your vault authentication is not able to read the data. Setting this to true will break drift detection. Defaults to false.

  • path (pulumi.Input[str]) – The full logical path at which to write the given data. To write data into the “generic” secret backend mounted in Vault by default, this should be prefixed with secret/. Writing to other backends with this resource is possible; consult each backend’s documentation to see which endpoints support the PUT and DELETE methods.

data: pulumi.Output[dict] = None

A mapping whose keys are the top-level data keys returned from Vault and whose values are the corresponding values. This map can only represent string data, so any non-string values returned from Vault are serialized as JSON.

data_json: pulumi.Output[str] = None

String containing a JSON-encoded object that will be written as the secret data at the given path.

disable_read: pulumi.Output[bool] = None

True/false. Set this to true if your vault authentication is not able to read the data. Setting this to true will break drift detection. Defaults to false.

path: pulumi.Output[str] = None

The full logical path at which to write the given data. To write data into the “generic” secret backend mounted in Vault by default, this should be prefixed with secret/. Writing to other backends with this resource is possible; consult each backend’s documentation to see which endpoints support the PUT and DELETE methods.

static get(resource_name, id, opts=None, data=None, data_json=None, disable_read=None, path=None)

Get an existing Secret resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • data (pulumi.Input[dict]) – A mapping whose keys are the top-level data keys returned from Vault and whose values are the corresponding values. This map can only represent string data, so any non-string values returned from Vault are serialized as JSON.

  • data_json (pulumi.Input[str]) – String containing a JSON-encoded object that will be written as the secret data at the given path.

  • disable_read (pulumi.Input[bool]) – True/false. Set this to true if your vault authentication is not able to read the data. Setting this to true will break drift detection. Defaults to false.

  • path (pulumi.Input[str]) – The full logical path at which to write the given data. To write data into the “generic” secret backend mounted in Vault by default, this should be prefixed with secret/. Writing to other backends with this resource is possible; consult each backend’s documentation to see which endpoints support the PUT and DELETE methods.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_vault.generic.get_secret(path=None, version=None, opts=None)

Use this data source to access information about an existing resource.

Parameters

path (str) – The full logical path from which to request data. To read data from the “generic” secret backend mounted in Vault by default, this should be prefixed with secret/. Reading from other backends with this data source is possible; consult each backend’s documentation to see which endpoints support the GET method.