Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend vault_kubernetes_secret_backend}.
using HashiCorp.Cdktf.Providers.Vault;
new KubernetesSecretBackend(Construct Scope, string Id, KubernetesSecretBackendConfig Config);| Name | Type | Description |
|---|---|---|
Scope |
Constructs.Construct |
The scope in which to define this construct. |
Id |
string |
The scoped construct ID. |
Config |
KubernetesSecretBackendConfig |
No description. |
- Type: Constructs.Construct
The scope in which to define this construct.
- Type: string
The scoped construct ID.
Must be unique amongst siblings in the same scope
| Name | Description |
|---|---|
ToString |
Returns a string representation of this construct. |
AddOverride |
No description. |
OverrideLogicalId |
Overrides the auto-generated logical ID with a specific ID. |
ResetOverrideLogicalId |
Resets a previously passed logical Id to use the auto-generated logical id again. |
ToHclTerraform |
No description. |
ToMetadata |
No description. |
ToTerraform |
Adds this resource to the terraform JSON output. |
AddMoveTarget |
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move. |
GetAnyMapAttribute |
No description. |
GetBooleanAttribute |
No description. |
GetBooleanMapAttribute |
No description. |
GetListAttribute |
No description. |
GetNumberAttribute |
No description. |
GetNumberListAttribute |
No description. |
GetNumberMapAttribute |
No description. |
GetStringAttribute |
No description. |
GetStringMapAttribute |
No description. |
HasResourceMove |
No description. |
ImportFrom |
No description. |
InterpolationForAttribute |
No description. |
MoveFromId |
Move the resource corresponding to "id" to this resource. |
MoveTo |
Moves this resource to the target resource given by moveTarget. |
MoveToId |
Moves this resource to the resource corresponding to "id". |
ResetAllowedManagedKeys |
No description. |
ResetAuditNonHmacRequestKeys |
No description. |
ResetAuditNonHmacResponseKeys |
No description. |
ResetDefaultLeaseTtlSeconds |
No description. |
ResetDescription |
No description. |
ResetDisableLocalCaJwt |
No description. |
ResetExternalEntropyAccess |
No description. |
ResetId |
No description. |
ResetKubernetesCaCert |
No description. |
ResetKubernetesHost |
No description. |
ResetLocal |
No description. |
ResetMaxLeaseTtlSeconds |
No description. |
ResetNamespace |
No description. |
ResetOptions |
No description. |
ResetSealWrap |
No description. |
ResetServiceAccountJwt |
No description. |
private string ToString()Returns a string representation of this construct.
private void AddOverride(string Path, object Value)- Type: string
- Type: object
private void OverrideLogicalId(string NewLogicalId)Overrides the auto-generated logical ID with a specific ID.
- Type: string
The new logical ID to use for this stack element.
private void ResetOverrideLogicalId()Resets a previously passed logical Id to use the auto-generated logical id again.
private object ToHclTerraform()private object ToMetadata()private object ToTerraform()Adds this resource to the terraform JSON output.
private void AddMoveTarget(string MoveTarget)Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
- Type: string
The string move target that will correspond to this resource.
private System.Collections.Generic.IDictionary<string, object> GetAnyMapAttribute(string TerraformAttribute)- Type: string
private IResolvable GetBooleanAttribute(string TerraformAttribute)- Type: string
private System.Collections.Generic.IDictionary<string, bool> GetBooleanMapAttribute(string TerraformAttribute)- Type: string
private string[] GetListAttribute(string TerraformAttribute)- Type: string
private double GetNumberAttribute(string TerraformAttribute)- Type: string
private double[] GetNumberListAttribute(string TerraformAttribute)- Type: string
private System.Collections.Generic.IDictionary<string, double> GetNumberMapAttribute(string TerraformAttribute)- Type: string
private string GetStringAttribute(string TerraformAttribute)- Type: string
private System.Collections.Generic.IDictionary<string, string> GetStringMapAttribute(string TerraformAttribute)- Type: string
private object HasResourceMove()private void ImportFrom(string Id, TerraformProvider Provider = null)- Type: string
- Type: HashiCorp.Cdktf.TerraformProvider
private IResolvable InterpolationForAttribute(string TerraformAttribute)- Type: string
private void MoveFromId(string Id)Move the resource corresponding to "id" to this resource.
Note that the resource being moved from must be marked as moved using it's instance function.
- Type: string
Full id of resource being moved from, e.g. "aws_s3_bucket.example".
private void MoveTo(string MoveTarget, object Index = null)Moves this resource to the target resource given by moveTarget.
- Type: string
The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.
- Type: object
Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.
private void MoveToId(string Id)Moves this resource to the resource corresponding to "id".
- Type: string
Full id of resource to move to, e.g. "aws_s3_bucket.example".
private void ResetAllowedManagedKeys()private void ResetAuditNonHmacRequestKeys()private void ResetAuditNonHmacResponseKeys()private void ResetDefaultLeaseTtlSeconds()private void ResetDescription()private void ResetDisableLocalCaJwt()private void ResetExternalEntropyAccess()private void ResetId()private void ResetKubernetesCaCert()private void ResetKubernetesHost()private void ResetLocal()private void ResetMaxLeaseTtlSeconds()private void ResetNamespace()private void ResetOptions()private void ResetSealWrap()private void ResetServiceAccountJwt()| Name | Description |
|---|---|
IsConstruct |
Checks if x is a construct. |
IsTerraformElement |
No description. |
IsTerraformResource |
No description. |
GenerateConfigForImport |
Generates CDKTF code for importing a KubernetesSecretBackend resource upon running "cdktf plan ". |
using HashiCorp.Cdktf.Providers.Vault;
KubernetesSecretBackend.IsConstruct(object X);Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
- Type: object
Any object.
using HashiCorp.Cdktf.Providers.Vault;
KubernetesSecretBackend.IsTerraformElement(object X);- Type: object
using HashiCorp.Cdktf.Providers.Vault;
KubernetesSecretBackend.IsTerraformResource(object X);- Type: object
using HashiCorp.Cdktf.Providers.Vault;
KubernetesSecretBackend.GenerateConfigForImport(Construct Scope, string ImportToId, string ImportFromId, TerraformProvider Provider = null);Generates CDKTF code for importing a KubernetesSecretBackend resource upon running "cdktf plan ".
- Type: Constructs.Construct
The scope in which to define this construct.
- Type: string
The construct id used in the generated config for the KubernetesSecretBackend to import.
- Type: string
The id of the existing KubernetesSecretBackend that should be imported.
Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#import import section} in the documentation of this resource for the id to use
- Type: HashiCorp.Cdktf.TerraformProvider
? Optional instance of the provider where the KubernetesSecretBackend to import is found.
| Name | Type | Description |
|---|---|---|
Node |
Constructs.Node |
The tree node. |
CdktfStack |
HashiCorp.Cdktf.TerraformStack |
No description. |
Fqn |
string |
No description. |
FriendlyUniqueId |
string |
No description. |
TerraformMetaArguments |
System.Collections.Generic.IDictionary<string, object> |
No description. |
TerraformResourceType |
string |
No description. |
TerraformGeneratorMetadata |
HashiCorp.Cdktf.TerraformProviderGeneratorMetadata |
No description. |
Connection |
object |
No description. |
Count |
object |
No description. |
DependsOn |
string[] |
No description. |
ForEach |
HashiCorp.Cdktf.ITerraformIterator |
No description. |
Lifecycle |
HashiCorp.Cdktf.TerraformResourceLifecycle |
No description. |
Provider |
HashiCorp.Cdktf.TerraformProvider |
No description. |
Provisioners |
object[] |
No description. |
Accessor |
string |
No description. |
AllowedManagedKeysInput |
string[] |
No description. |
AuditNonHmacRequestKeysInput |
string[] |
No description. |
AuditNonHmacResponseKeysInput |
string[] |
No description. |
DefaultLeaseTtlSecondsInput |
double |
No description. |
DescriptionInput |
string |
No description. |
DisableLocalCaJwtInput |
object |
No description. |
ExternalEntropyAccessInput |
object |
No description. |
IdInput |
string |
No description. |
KubernetesCaCertInput |
string |
No description. |
KubernetesHostInput |
string |
No description. |
LocalInput |
object |
No description. |
MaxLeaseTtlSecondsInput |
double |
No description. |
NamespaceInput |
string |
No description. |
OptionsInput |
System.Collections.Generic.IDictionary<string, string> |
No description. |
PathInput |
string |
No description. |
SealWrapInput |
object |
No description. |
ServiceAccountJwtInput |
string |
No description. |
AllowedManagedKeys |
string[] |
No description. |
AuditNonHmacRequestKeys |
string[] |
No description. |
AuditNonHmacResponseKeys |
string[] |
No description. |
DefaultLeaseTtlSeconds |
double |
No description. |
Description |
string |
No description. |
DisableLocalCaJwt |
object |
No description. |
ExternalEntropyAccess |
object |
No description. |
Id |
string |
No description. |
KubernetesCaCert |
string |
No description. |
KubernetesHost |
string |
No description. |
Local |
object |
No description. |
MaxLeaseTtlSeconds |
double |
No description. |
Namespace |
string |
No description. |
Options |
System.Collections.Generic.IDictionary<string, string> |
No description. |
Path |
string |
No description. |
SealWrap |
object |
No description. |
ServiceAccountJwt |
string |
No description. |
public Node Node { get; }- Type: Constructs.Node
The tree node.
public TerraformStack CdktfStack { get; }- Type: HashiCorp.Cdktf.TerraformStack
public string Fqn { get; }- Type: string
public string FriendlyUniqueId { get; }- Type: string
public System.Collections.Generic.IDictionary<string, object> TerraformMetaArguments { get; }- Type: System.Collections.Generic.IDictionary<string, object>
public string TerraformResourceType { get; }- Type: string
public TerraformProviderGeneratorMetadata TerraformGeneratorMetadata { get; }- Type: HashiCorp.Cdktf.TerraformProviderGeneratorMetadata
public object Connection { get; }- Type: object
public object Count { get; }- Type: object
public string[] DependsOn { get; }- Type: string[]
public ITerraformIterator ForEach { get; }- Type: HashiCorp.Cdktf.ITerraformIterator
public TerraformResourceLifecycle Lifecycle { get; }- Type: HashiCorp.Cdktf.TerraformResourceLifecycle
public TerraformProvider Provider { get; }- Type: HashiCorp.Cdktf.TerraformProvider
public object[] Provisioners { get; }- Type: object[]
public string Accessor { get; }- Type: string
public string[] AllowedManagedKeysInput { get; }- Type: string[]
public string[] AuditNonHmacRequestKeysInput { get; }- Type: string[]
public string[] AuditNonHmacResponseKeysInput { get; }- Type: string[]
public double DefaultLeaseTtlSecondsInput { get; }- Type: double
public string DescriptionInput { get; }- Type: string
public object DisableLocalCaJwtInput { get; }- Type: object
public object ExternalEntropyAccessInput { get; }- Type: object
public string IdInput { get; }- Type: string
public string KubernetesCaCertInput { get; }- Type: string
public string KubernetesHostInput { get; }- Type: string
public object LocalInput { get; }- Type: object
public double MaxLeaseTtlSecondsInput { get; }- Type: double
public string NamespaceInput { get; }- Type: string
public System.Collections.Generic.IDictionary<string, string> OptionsInput { get; }- Type: System.Collections.Generic.IDictionary<string, string>
public string PathInput { get; }- Type: string
public object SealWrapInput { get; }- Type: object
public string ServiceAccountJwtInput { get; }- Type: string
public string[] AllowedManagedKeys { get; }- Type: string[]
public string[] AuditNonHmacRequestKeys { get; }- Type: string[]
public string[] AuditNonHmacResponseKeys { get; }- Type: string[]
public double DefaultLeaseTtlSeconds { get; }- Type: double
public string Description { get; }- Type: string
public object DisableLocalCaJwt { get; }- Type: object
public object ExternalEntropyAccess { get; }- Type: object
public string Id { get; }- Type: string
public string KubernetesCaCert { get; }- Type: string
public string KubernetesHost { get; }- Type: string
public object Local { get; }- Type: object
public double MaxLeaseTtlSeconds { get; }- Type: double
public string Namespace { get; }- Type: string
public System.Collections.Generic.IDictionary<string, string> Options { get; }- Type: System.Collections.Generic.IDictionary<string, string>
public string Path { get; }- Type: string
public object SealWrap { get; }- Type: object
public string ServiceAccountJwt { get; }- Type: string
| Name | Type | Description |
|---|---|---|
TfResourceType |
string |
No description. |
public string TfResourceType { get; }- Type: string
using HashiCorp.Cdktf.Providers.Vault;
new KubernetesSecretBackendConfig {
object Connection = null,
object Count = null,
ITerraformDependable[] DependsOn = null,
ITerraformIterator ForEach = null,
TerraformResourceLifecycle Lifecycle = null,
TerraformProvider Provider = null,
object[] Provisioners = null,
string Path,
string[] AllowedManagedKeys = null,
string[] AuditNonHmacRequestKeys = null,
string[] AuditNonHmacResponseKeys = null,
double DefaultLeaseTtlSeconds = null,
string Description = null,
object DisableLocalCaJwt = null,
object ExternalEntropyAccess = null,
string Id = null,
string KubernetesCaCert = null,
string KubernetesHost = null,
object Local = null,
double MaxLeaseTtlSeconds = null,
string Namespace = null,
System.Collections.Generic.IDictionary<string, string> Options = null,
object SealWrap = null,
string ServiceAccountJwt = null
};| Name | Type | Description |
|---|---|---|
Connection |
object |
No description. |
Count |
object |
No description. |
DependsOn |
HashiCorp.Cdktf.ITerraformDependable[] |
No description. |
ForEach |
HashiCorp.Cdktf.ITerraformIterator |
No description. |
Lifecycle |
HashiCorp.Cdktf.TerraformResourceLifecycle |
No description. |
Provider |
HashiCorp.Cdktf.TerraformProvider |
No description. |
Provisioners |
object[] |
No description. |
Path |
string |
Where the secret backend will be mounted. |
AllowedManagedKeys |
string[] |
List of managed key registry entry names that the mount in question is allowed to access. |
AuditNonHmacRequestKeys |
string[] |
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. |
AuditNonHmacResponseKeys |
string[] |
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. |
DefaultLeaseTtlSeconds |
double |
Default lease duration for tokens and secrets in seconds. |
Description |
string |
Human-friendly description of the mount. |
DisableLocalCaJwt |
object |
Disable defaulting to the local CA certificate and service account JWT when running in a Kubernetes pod. |
ExternalEntropyAccess |
object |
Enable the secrets engine to access Vault's external entropy source. |
Id |
string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#id KubernetesSecretBackend#id}. |
KubernetesCaCert |
string |
A PEM-encoded CA certificate used by the secret engine to verify the Kubernetes API server certificate. |
KubernetesHost |
string |
The Kubernetes API URL to connect to. |
Local |
object |
Local mount flag that can be explicitly set to true to enforce local mount in HA environment. |
MaxLeaseTtlSeconds |
double |
Maximum possible lease duration for tokens and secrets in seconds. |
Namespace |
string |
Target namespace. (requires Enterprise). |
Options |
System.Collections.Generic.IDictionary<string, string> |
Specifies mount type specific options that are passed to the backend. |
SealWrap |
object |
Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability. |
ServiceAccountJwt |
string |
The JSON web token of the service account used by the secrets engine to manage Kubernetes credentials. |
public object Connection { get; set; }- Type: object
public object Count { get; set; }- Type: object
public ITerraformDependable[] DependsOn { get; set; }- Type: HashiCorp.Cdktf.ITerraformDependable[]
public ITerraformIterator ForEach { get; set; }- Type: HashiCorp.Cdktf.ITerraformIterator
public TerraformResourceLifecycle Lifecycle { get; set; }- Type: HashiCorp.Cdktf.TerraformResourceLifecycle
public TerraformProvider Provider { get; set; }- Type: HashiCorp.Cdktf.TerraformProvider
public object[] Provisioners { get; set; }- Type: object[]
public string Path { get; set; }- Type: string
Where the secret backend will be mounted.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#path KubernetesSecretBackend#path}
public string[] AllowedManagedKeys { get; set; }- Type: string[]
List of managed key registry entry names that the mount in question is allowed to access.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#allowed_managed_keys KubernetesSecretBackend#allowed_managed_keys}
public string[] AuditNonHmacRequestKeys { get; set; }- Type: string[]
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#audit_non_hmac_request_keys KubernetesSecretBackend#audit_non_hmac_request_keys}
public string[] AuditNonHmacResponseKeys { get; set; }- Type: string[]
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#audit_non_hmac_response_keys KubernetesSecretBackend#audit_non_hmac_response_keys}
public double DefaultLeaseTtlSeconds { get; set; }- Type: double
Default lease duration for tokens and secrets in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#default_lease_ttl_seconds KubernetesSecretBackend#default_lease_ttl_seconds}
public string Description { get; set; }- Type: string
Human-friendly description of the mount.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#description KubernetesSecretBackend#description}
public object DisableLocalCaJwt { get; set; }- Type: object
Disable defaulting to the local CA certificate and service account JWT when running in a Kubernetes pod.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#disable_local_ca_jwt KubernetesSecretBackend#disable_local_ca_jwt}
public object ExternalEntropyAccess { get; set; }- Type: object
Enable the secrets engine to access Vault's external entropy source.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#external_entropy_access KubernetesSecretBackend#external_entropy_access}
public string Id { get; set; }- Type: string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#id KubernetesSecretBackend#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
public string KubernetesCaCert { get; set; }- Type: string
A PEM-encoded CA certificate used by the secret engine to verify the Kubernetes API server certificate.
Defaults to the local pod’s CA if found, or otherwise the host's root CA set.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#kubernetes_ca_cert KubernetesSecretBackend#kubernetes_ca_cert}
public string KubernetesHost { get; set; }- Type: string
The Kubernetes API URL to connect to.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#kubernetes_host KubernetesSecretBackend#kubernetes_host}
public object Local { get; set; }- Type: object
Local mount flag that can be explicitly set to true to enforce local mount in HA environment.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#local KubernetesSecretBackend#local}
public double MaxLeaseTtlSeconds { get; set; }- Type: double
Maximum possible lease duration for tokens and secrets in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#max_lease_ttl_seconds KubernetesSecretBackend#max_lease_ttl_seconds}
public string Namespace { get; set; }- Type: string
Target namespace. (requires Enterprise).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#namespace KubernetesSecretBackend#namespace}
public System.Collections.Generic.IDictionary<string, string> Options { get; set; }- Type: System.Collections.Generic.IDictionary<string, string>
Specifies mount type specific options that are passed to the backend.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#options KubernetesSecretBackend#options}
public object SealWrap { get; set; }- Type: object
Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#seal_wrap KubernetesSecretBackend#seal_wrap}
public string ServiceAccountJwt { get; set; }- Type: string
The JSON web token of the service account used by the secrets engine to manage Kubernetes credentials.
Defaults to the local pod’s JWT if found.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#service_account_jwt KubernetesSecretBackend#service_account_jwt}