`kubernetesSecretBackend` Submodule

Constructs

KubernetesSecretBackend

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend vault_kubernetes_secret_backend}.

Initializers

import com.hashicorp.cdktf.providers.vault.kubernetes_secret_backend.KubernetesSecretBackend;

KubernetesSecretBackend.Builder.create(Construct scope, java.lang.String id)
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .path(java.lang.String)
//  .allowedManagedKeys(java.util.List<java.lang.String>)
//  .auditNonHmacRequestKeys(java.util.List<java.lang.String>)
//  .auditNonHmacResponseKeys(java.util.List<java.lang.String>)
//  .defaultLeaseTtlSeconds(java.lang.Number)
//  .description(java.lang.String)
//  .disableLocalCaJwt(java.lang.Boolean)
//  .disableLocalCaJwt(IResolvable)
//  .externalEntropyAccess(java.lang.Boolean)
//  .externalEntropyAccess(IResolvable)
//  .id(java.lang.String)
//  .kubernetesCaCert(java.lang.String)
//  .kubernetesHost(java.lang.String)
//  .local(java.lang.Boolean)
//  .local(IResolvable)
//  .maxLeaseTtlSeconds(java.lang.Number)
//  .namespace(java.lang.String)
//  .options(java.util.Map<java.lang.String, java.lang.String>)
//  .sealWrap(java.lang.Boolean)
//  .sealWrap(IResolvable)
//  .serviceAccountJwt(java.lang.String)
    .build();

Name	Type	Description
`scope`	`software.constructs.Construct`	The scope in which to define this construct.
`id`	`java.lang.String`	The scoped construct ID.
`connection`	`com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection`	No description.
`count`	`java.lang.Number OR com.hashicorp.cdktf.TerraformCount`	No description.
`dependsOn`	`java.util.List<com.hashicorp.cdktf.ITerraformDependable>`	No description.
`forEach`	`com.hashicorp.cdktf.ITerraformIterator`	No description.
`lifecycle`	`com.hashicorp.cdktf.TerraformResourceLifecycle`	No description.
`provider`	`com.hashicorp.cdktf.TerraformProvider`	No description.
`provisioners`	`java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>`	No description.
`path`	`java.lang.String`	Where the secret backend will be mounted.
`allowedManagedKeys`	`java.util.List<java.lang.String>`	List of managed key registry entry names that the mount in question is allowed to access.
`auditNonHmacRequestKeys`	`java.util.List<java.lang.String>`	Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
`auditNonHmacResponseKeys`	`java.util.List<java.lang.String>`	Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
`defaultLeaseTtlSeconds`	`java.lang.Number`	Default lease duration for tokens and secrets in seconds.
`description`	`java.lang.String`	Human-friendly description of the mount.
`disableLocalCaJwt`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Disable defaulting to the local CA certificate and service account JWT when running in a Kubernetes pod.
`externalEntropyAccess`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Enable the secrets engine to access Vault's external entropy source.
`id`	`java.lang.String`	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#id KubernetesSecretBackend#id}.
`kubernetesCaCert`	`java.lang.String`	A PEM-encoded CA certificate used by the secret engine to verify the Kubernetes API server certificate.
`kubernetesHost`	`java.lang.String`	The Kubernetes API URL to connect to.
`local`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Local mount flag that can be explicitly set to true to enforce local mount in HA environment.
`maxLeaseTtlSeconds`	`java.lang.Number`	Maximum possible lease duration for tokens and secrets in seconds.
`namespace`	`java.lang.String`	Target namespace. (requires Enterprise).
`options`	`java.util.Map<java.lang.String, java.lang.String>`	Specifies mount type specific options that are passed to the backend.
`sealWrap`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability.
`serviceAccountJwt`	`java.lang.String`	The JSON web token of the service account used by the secrets engine to manage Kubernetes credentials.

`scope`^Required

Type: software.constructs.Construct

The scope in which to define this construct.

`id`^Required

Type: java.lang.String

The scoped construct ID.

Must be unique amongst siblings in the same scope

`connection`^Optional

Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

`count`^Optional

Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

`dependsOn`^Optional

Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

`forEach`^Optional

Type: com.hashicorp.cdktf.ITerraformIterator

`lifecycle`^Optional

Type: com.hashicorp.cdktf.TerraformResourceLifecycle

`provider`^Optional

Type: com.hashicorp.cdktf.TerraformProvider

`provisioners`^Optional

Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

`path`^Required

Type: java.lang.String

Where the secret backend will be mounted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#path KubernetesSecretBackend#path}

`allowedManagedKeys`^Optional

Type: java.util.List<java.lang.String>

List of managed key registry entry names that the mount in question is allowed to access.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#allowed_managed_keys KubernetesSecretBackend#allowed_managed_keys}

`auditNonHmacRequestKeys`^Optional

Type: java.util.List<java.lang.String>

Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#audit_non_hmac_request_keys KubernetesSecretBackend#audit_non_hmac_request_keys}

`auditNonHmacResponseKeys`^Optional

Type: java.util.List<java.lang.String>

Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#audit_non_hmac_response_keys KubernetesSecretBackend#audit_non_hmac_response_keys}

`defaultLeaseTtlSeconds`^Optional

Type: java.lang.Number

Default lease duration for tokens and secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#default_lease_ttl_seconds KubernetesSecretBackend#default_lease_ttl_seconds}

`description`^Optional

Type: java.lang.String

Human-friendly description of the mount.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#description KubernetesSecretBackend#description}

`disableLocalCaJwt`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Disable defaulting to the local CA certificate and service account JWT when running in a Kubernetes pod.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#disable_local_ca_jwt KubernetesSecretBackend#disable_local_ca_jwt}

`externalEntropyAccess`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Enable the secrets engine to access Vault's external entropy source.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#external_entropy_access KubernetesSecretBackend#external_entropy_access}

`id`^Optional

Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#id KubernetesSecretBackend#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

`kubernetesCaCert`^Optional

Type: java.lang.String

A PEM-encoded CA certificate used by the secret engine to verify the Kubernetes API server certificate.

Defaults to the local pod’s CA if found, or otherwise the host's root CA set.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#kubernetes_ca_cert KubernetesSecretBackend#kubernetes_ca_cert}

`kubernetesHost`^Optional

Type: java.lang.String

The Kubernetes API URL to connect to.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#kubernetes_host KubernetesSecretBackend#kubernetes_host}

`local`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Local mount flag that can be explicitly set to true to enforce local mount in HA environment.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#local KubernetesSecretBackend#local}

`maxLeaseTtlSeconds`^Optional

Type: java.lang.Number

Maximum possible lease duration for tokens and secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#max_lease_ttl_seconds KubernetesSecretBackend#max_lease_ttl_seconds}

`namespace`^Optional

Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#namespace KubernetesSecretBackend#namespace}

`options`^Optional

Type: java.util.Map<java.lang.String, java.lang.String>

Specifies mount type specific options that are passed to the backend.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#options KubernetesSecretBackend#options}

`sealWrap`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#seal_wrap KubernetesSecretBackend#seal_wrap}

`serviceAccountJwt`^Optional

Type: java.lang.String

The JSON web token of the service account used by the secrets engine to manage Kubernetes credentials.

Defaults to the local pod’s JWT if found.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#service_account_jwt KubernetesSecretBackend#service_account_jwt}

Methods

Name	Description
`toString`	Returns a string representation of this construct.
`addOverride`	No description.
`overrideLogicalId`	Overrides the auto-generated logical ID with a specific ID.
`resetOverrideLogicalId`	Resets a previously passed logical Id to use the auto-generated logical id again.
`toHclTerraform`	No description.
`toMetadata`	No description.
`toTerraform`	Adds this resource to the terraform JSON output.
`addMoveTarget`	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
`getAnyMapAttribute`	No description.
`getBooleanAttribute`	No description.
`getBooleanMapAttribute`	No description.
`getListAttribute`	No description.
`getNumberAttribute`	No description.
`getNumberListAttribute`	No description.
`getNumberMapAttribute`	No description.
`getStringAttribute`	No description.
`getStringMapAttribute`	No description.
`hasResourceMove`	No description.
`importFrom`	No description.
`interpolationForAttribute`	No description.
`moveFromId`	Move the resource corresponding to "id" to this resource.
`moveTo`	Moves this resource to the target resource given by moveTarget.
`moveToId`	Moves this resource to the resource corresponding to "id".
`resetAllowedManagedKeys`	No description.
`resetAuditNonHmacRequestKeys`	No description.
`resetAuditNonHmacResponseKeys`	No description.
`resetDefaultLeaseTtlSeconds`	No description.
`resetDescription`	No description.
`resetDisableLocalCaJwt`	No description.
`resetExternalEntropyAccess`	No description.
`resetId`	No description.
`resetKubernetesCaCert`	No description.
`resetKubernetesHost`	No description.
`resetLocal`	No description.
`resetMaxLeaseTtlSeconds`	No description.
`resetNamespace`	No description.
`resetOptions`	No description.
`resetSealWrap`	No description.
`resetServiceAccountJwt`	No description.

`toString`

public java.lang.String toString()

Returns a string representation of this construct.

`addOverride`

public void addOverride(java.lang.String path, java.lang.Object value)

`path`^Required

Type: java.lang.String

`value`^Required

Type: java.lang.Object

`overrideLogicalId`

public void overrideLogicalId(java.lang.String newLogicalId)

Overrides the auto-generated logical ID with a specific ID.

`newLogicalId`^Required

Type: java.lang.String

The new logical ID to use for this stack element.

`resetOverrideLogicalId`

public void resetOverrideLogicalId()

Resets a previously passed logical Id to use the auto-generated logical id again.

`toHclTerraform`

public java.lang.Object toHclTerraform()

`toMetadata`

public java.lang.Object toMetadata()

`toTerraform`

public java.lang.Object toTerraform()

Adds this resource to the terraform JSON output.

`addMoveTarget`

public void addMoveTarget(java.lang.String moveTarget)

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

`moveTarget`^Required

Type: java.lang.String

The string move target that will correspond to this resource.

`getAnyMapAttribute`

public java.util.Map<java.lang.String, java.lang.Object> getAnyMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getBooleanAttribute`

public IResolvable getBooleanAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getBooleanMapAttribute`

public java.util.Map<java.lang.String, java.lang.Boolean> getBooleanMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getListAttribute`

public java.util.List<java.lang.String> getListAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getNumberAttribute`

public java.lang.Number getNumberAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getNumberListAttribute`

public java.util.List<java.lang.Number> getNumberListAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getNumberMapAttribute`

public java.util.Map<java.lang.String, java.lang.Number> getNumberMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getStringAttribute`

public java.lang.String getStringAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getStringMapAttribute`

public java.util.Map<java.lang.String, java.lang.String> getStringMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`hasResourceMove`

public TerraformResourceMoveByTarget OR TerraformResourceMoveById hasResourceMove()

`importFrom`

public void importFrom(java.lang.String id)
public void importFrom(java.lang.String id, TerraformProvider provider)

`id`^Required

Type: java.lang.String

`provider`^Optional

Type: com.hashicorp.cdktf.TerraformProvider

`interpolationForAttribute`

public IResolvable interpolationForAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`moveFromId`

public void moveFromId(java.lang.String id)

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

`id`^Required

Type: java.lang.String

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

`moveTo`

public void moveTo(java.lang.String moveTarget)
public void moveTo(java.lang.String moveTarget, java.lang.String OR java.lang.Number index)

Moves this resource to the target resource given by moveTarget.

`moveTarget`^Required

Type: java.lang.String

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

`index`^Optional

Type: java.lang.String OR java.lang.Number

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

`moveToId`

public void moveToId(java.lang.String id)

Moves this resource to the resource corresponding to "id".

`id`^Required

Type: java.lang.String

Full id of resource to move to, e.g. "aws_s3_bucket.example".

`resetAllowedManagedKeys`

public void resetAllowedManagedKeys()

`resetAuditNonHmacRequestKeys`

public void resetAuditNonHmacRequestKeys()

`resetAuditNonHmacResponseKeys`

public void resetAuditNonHmacResponseKeys()

`resetDefaultLeaseTtlSeconds`

public void resetDefaultLeaseTtlSeconds()

`resetDescription`

public void resetDescription()

`resetDisableLocalCaJwt`

public void resetDisableLocalCaJwt()

`resetExternalEntropyAccess`

public void resetExternalEntropyAccess()

`resetId`

public void resetId()

`resetKubernetesCaCert`

public void resetKubernetesCaCert()

`resetKubernetesHost`

public void resetKubernetesHost()

`resetLocal`

public void resetLocal()

`resetMaxLeaseTtlSeconds`

public void resetMaxLeaseTtlSeconds()

`resetNamespace`

public void resetNamespace()

`resetOptions`

public void resetOptions()

`resetSealWrap`

public void resetSealWrap()

`resetServiceAccountJwt`

public void resetServiceAccountJwt()

Static Functions

Name	Description
`isConstruct`	Checks if `x` is a construct.
`isTerraformElement`	No description.
`isTerraformResource`	No description.
`generateConfigForImport`	Generates CDKTF code for importing a KubernetesSecretBackend resource upon running "cdktf plan ".

`isConstruct`

import com.hashicorp.cdktf.providers.vault.kubernetes_secret_backend.KubernetesSecretBackend;

KubernetesSecretBackend.isConstruct(java.lang.Object x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

`x`^Required

Type: java.lang.Object

Any object.

`isTerraformElement`

import com.hashicorp.cdktf.providers.vault.kubernetes_secret_backend.KubernetesSecretBackend;

KubernetesSecretBackend.isTerraformElement(java.lang.Object x)

`x`^Required

Type: java.lang.Object

`isTerraformResource`

import com.hashicorp.cdktf.providers.vault.kubernetes_secret_backend.KubernetesSecretBackend;

KubernetesSecretBackend.isTerraformResource(java.lang.Object x)

`x`^Required

Type: java.lang.Object

`generateConfigForImport`

import com.hashicorp.cdktf.providers.vault.kubernetes_secret_backend.KubernetesSecretBackend;

KubernetesSecretBackend.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId),KubernetesSecretBackend.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId, TerraformProvider provider)

Generates CDKTF code for importing a KubernetesSecretBackend resource upon running "cdktf plan ".

`scope`^Required

Type: software.constructs.Construct

The scope in which to define this construct.

`importToId`^Required

Type: java.lang.String

The construct id used in the generated config for the KubernetesSecretBackend to import.

`importFromId`^Required

Type: java.lang.String

The id of the existing KubernetesSecretBackend that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#import import section} in the documentation of this resource for the id to use

`provider`^Optional

Type: com.hashicorp.cdktf.TerraformProvider

? Optional instance of the provider where the KubernetesSecretBackend to import is found.

Properties

Name	Type	Description
`node`	`software.constructs.Node`	The tree node.
`cdktfStack`	`com.hashicorp.cdktf.TerraformStack`	No description.
`fqn`	`java.lang.String`	No description.
`friendlyUniqueId`	`java.lang.String`	No description.
`terraformMetaArguments`	`java.util.Map<java.lang.String, java.lang.Object>`	No description.
`terraformResourceType`	`java.lang.String`	No description.
`terraformGeneratorMetadata`	`com.hashicorp.cdktf.TerraformProviderGeneratorMetadata`	No description.
`connection`	`com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection`	No description.
`count`	`java.lang.Number OR com.hashicorp.cdktf.TerraformCount`	No description.
`dependsOn`	`java.util.List<java.lang.String>`	No description.
`forEach`	`com.hashicorp.cdktf.ITerraformIterator`	No description.
`lifecycle`	`com.hashicorp.cdktf.TerraformResourceLifecycle`	No description.
`provider`	`com.hashicorp.cdktf.TerraformProvider`	No description.
`provisioners`	`java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>`	No description.
`accessor`	`java.lang.String`	No description.
`allowedManagedKeysInput`	`java.util.List<java.lang.String>`	No description.
`auditNonHmacRequestKeysInput`	`java.util.List<java.lang.String>`	No description.
`auditNonHmacResponseKeysInput`	`java.util.List<java.lang.String>`	No description.
`defaultLeaseTtlSecondsInput`	`java.lang.Number`	No description.
`descriptionInput`	`java.lang.String`	No description.
`disableLocalCaJwtInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`externalEntropyAccessInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`idInput`	`java.lang.String`	No description.
`kubernetesCaCertInput`	`java.lang.String`	No description.
`kubernetesHostInput`	`java.lang.String`	No description.
`localInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`maxLeaseTtlSecondsInput`	`java.lang.Number`	No description.
`namespaceInput`	`java.lang.String`	No description.
`optionsInput`	`java.util.Map<java.lang.String, java.lang.String>`	No description.
`pathInput`	`java.lang.String`	No description.
`sealWrapInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`serviceAccountJwtInput`	`java.lang.String`	No description.
`allowedManagedKeys`	`java.util.List<java.lang.String>`	No description.
`auditNonHmacRequestKeys`	`java.util.List<java.lang.String>`	No description.
`auditNonHmacResponseKeys`	`java.util.List<java.lang.String>`	No description.
`defaultLeaseTtlSeconds`	`java.lang.Number`	No description.
`description`	`java.lang.String`	No description.
`disableLocalCaJwt`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`externalEntropyAccess`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`id`	`java.lang.String`	No description.
`kubernetesCaCert`	`java.lang.String`	No description.
`kubernetesHost`	`java.lang.String`	No description.
`local`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`maxLeaseTtlSeconds`	`java.lang.Number`	No description.
`namespace`	`java.lang.String`	No description.
`options`	`java.util.Map<java.lang.String, java.lang.String>`	No description.
`path`	`java.lang.String`	No description.
`sealWrap`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`serviceAccountJwt`	`java.lang.String`	No description.

`node`^Required

public Node getNode();

Type: software.constructs.Node

The tree node.

`cdktfStack`^Required

public TerraformStack getCdktfStack();

Type: com.hashicorp.cdktf.TerraformStack

`fqn`^Required

public java.lang.String getFqn();

Type: java.lang.String

`friendlyUniqueId`^Required

public java.lang.String getFriendlyUniqueId();

Type: java.lang.String

`terraformMetaArguments`^Required

public java.util.Map<java.lang.String, java.lang.Object> getTerraformMetaArguments();

Type: java.util.Map<java.lang.String, java.lang.Object>

`terraformResourceType`^Required

public java.lang.String getTerraformResourceType();

Type: java.lang.String

`terraformGeneratorMetadata`^Optional

public TerraformProviderGeneratorMetadata getTerraformGeneratorMetadata();

Type: com.hashicorp.cdktf.TerraformProviderGeneratorMetadata

`connection`^Optional

public java.lang.Object getConnection();

Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

`count`^Optional

public java.lang.Object getCount();

Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

`dependsOn`^Optional

public java.util.List<java.lang.String> getDependsOn();

Type: java.util.List<java.lang.String>

`forEach`^Optional

public ITerraformIterator getForEach();

Type: com.hashicorp.cdktf.ITerraformIterator

`lifecycle`^Optional

public TerraformResourceLifecycle getLifecycle();

Type: com.hashicorp.cdktf.TerraformResourceLifecycle

`provider`^Optional

public TerraformProvider getProvider();

Type: com.hashicorp.cdktf.TerraformProvider

`provisioners`^Optional

public java.lang.Object getProvisioners();

Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

`accessor`^Required

public java.lang.String getAccessor();

Type: java.lang.String

`allowedManagedKeysInput`^Optional

public java.util.List<java.lang.String> getAllowedManagedKeysInput();

Type: java.util.List<java.lang.String>

`auditNonHmacRequestKeysInput`^Optional

public java.util.List<java.lang.String> getAuditNonHmacRequestKeysInput();

Type: java.util.List<java.lang.String>

`auditNonHmacResponseKeysInput`^Optional

public java.util.List<java.lang.String> getAuditNonHmacResponseKeysInput();

Type: java.util.List<java.lang.String>

`defaultLeaseTtlSecondsInput`^Optional

public java.lang.Number getDefaultLeaseTtlSecondsInput();

Type: java.lang.Number

`descriptionInput`^Optional

public java.lang.String getDescriptionInput();

Type: java.lang.String

`disableLocalCaJwtInput`^Optional

public java.lang.Object getDisableLocalCaJwtInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`externalEntropyAccessInput`^Optional

public java.lang.Object getExternalEntropyAccessInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`idInput`^Optional

public java.lang.String getIdInput();

Type: java.lang.String

`kubernetesCaCertInput`^Optional

public java.lang.String getKubernetesCaCertInput();

Type: java.lang.String

`kubernetesHostInput`^Optional

public java.lang.String getKubernetesHostInput();

Type: java.lang.String

`localInput`^Optional

public java.lang.Object getLocalInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`maxLeaseTtlSecondsInput`^Optional

public java.lang.Number getMaxLeaseTtlSecondsInput();

Type: java.lang.Number

`namespaceInput`^Optional

public java.lang.String getNamespaceInput();

Type: java.lang.String

`optionsInput`^Optional

public java.util.Map<java.lang.String, java.lang.String> getOptionsInput();

Type: java.util.Map<java.lang.String, java.lang.String>

`pathInput`^Optional

public java.lang.String getPathInput();

Type: java.lang.String

`sealWrapInput`^Optional

public java.lang.Object getSealWrapInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`serviceAccountJwtInput`^Optional

public java.lang.String getServiceAccountJwtInput();

Type: java.lang.String

`allowedManagedKeys`^Required

public java.util.List<java.lang.String> getAllowedManagedKeys();

Type: java.util.List<java.lang.String>

`auditNonHmacRequestKeys`^Required

public java.util.List<java.lang.String> getAuditNonHmacRequestKeys();

Type: java.util.List<java.lang.String>

`auditNonHmacResponseKeys`^Required

public java.util.List<java.lang.String> getAuditNonHmacResponseKeys();

Type: java.util.List<java.lang.String>

`defaultLeaseTtlSeconds`^Required

public java.lang.Number getDefaultLeaseTtlSeconds();

Type: java.lang.Number

`description`^Required

public java.lang.String getDescription();

Type: java.lang.String

`disableLocalCaJwt`^Required

public java.lang.Object getDisableLocalCaJwt();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`externalEntropyAccess`^Required

public java.lang.Object getExternalEntropyAccess();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`id`^Required

public java.lang.String getId();

Type: java.lang.String

`kubernetesCaCert`^Required

public java.lang.String getKubernetesCaCert();

Type: java.lang.String

`kubernetesHost`^Required

public java.lang.String getKubernetesHost();

Type: java.lang.String

`local`^Required

public java.lang.Object getLocal();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`maxLeaseTtlSeconds`^Required

public java.lang.Number getMaxLeaseTtlSeconds();

Type: java.lang.Number

`namespace`^Required

public java.lang.String getNamespace();

Type: java.lang.String

`options`^Required

public java.util.Map<java.lang.String, java.lang.String> getOptions();

Type: java.util.Map<java.lang.String, java.lang.String>

`path`^Required

public java.lang.String getPath();

Type: java.lang.String

`sealWrap`^Required

public java.lang.Object getSealWrap();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`serviceAccountJwt`^Required

public java.lang.String getServiceAccountJwt();

Type: java.lang.String

Constants

Name	Type	Description
`tfResourceType`	`java.lang.String`	No description.

`tfResourceType`^Required

public java.lang.String getTfResourceType();

Type: java.lang.String

Structs

KubernetesSecretBackendConfig

Initializer

import com.hashicorp.cdktf.providers.vault.kubernetes_secret_backend.KubernetesSecretBackendConfig;

KubernetesSecretBackendConfig.builder()
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .path(java.lang.String)
//  .allowedManagedKeys(java.util.List<java.lang.String>)
//  .auditNonHmacRequestKeys(java.util.List<java.lang.String>)
//  .auditNonHmacResponseKeys(java.util.List<java.lang.String>)
//  .defaultLeaseTtlSeconds(java.lang.Number)
//  .description(java.lang.String)
//  .disableLocalCaJwt(java.lang.Boolean)
//  .disableLocalCaJwt(IResolvable)
//  .externalEntropyAccess(java.lang.Boolean)
//  .externalEntropyAccess(IResolvable)
//  .id(java.lang.String)
//  .kubernetesCaCert(java.lang.String)
//  .kubernetesHost(java.lang.String)
//  .local(java.lang.Boolean)
//  .local(IResolvable)
//  .maxLeaseTtlSeconds(java.lang.Number)
//  .namespace(java.lang.String)
//  .options(java.util.Map<java.lang.String, java.lang.String>)
//  .sealWrap(java.lang.Boolean)
//  .sealWrap(IResolvable)
//  .serviceAccountJwt(java.lang.String)
    .build();

Properties

Name	Type	Description
`connection`	`com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection`	No description.
`count`	`java.lang.Number OR com.hashicorp.cdktf.TerraformCount`	No description.
`dependsOn`	`java.util.List<com.hashicorp.cdktf.ITerraformDependable>`	No description.
`forEach`	`com.hashicorp.cdktf.ITerraformIterator`	No description.
`lifecycle`	`com.hashicorp.cdktf.TerraformResourceLifecycle`	No description.
`provider`	`com.hashicorp.cdktf.TerraformProvider`	No description.
`provisioners`	`java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>`	No description.
`path`	`java.lang.String`	Where the secret backend will be mounted.
`allowedManagedKeys`	`java.util.List<java.lang.String>`	List of managed key registry entry names that the mount in question is allowed to access.
`auditNonHmacRequestKeys`	`java.util.List<java.lang.String>`	Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
`auditNonHmacResponseKeys`	`java.util.List<java.lang.String>`	Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
`defaultLeaseTtlSeconds`	`java.lang.Number`	Default lease duration for tokens and secrets in seconds.
`description`	`java.lang.String`	Human-friendly description of the mount.
`disableLocalCaJwt`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Disable defaulting to the local CA certificate and service account JWT when running in a Kubernetes pod.
`externalEntropyAccess`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Enable the secrets engine to access Vault's external entropy source.
`id`	`java.lang.String`	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#id KubernetesSecretBackend#id}.
`kubernetesCaCert`	`java.lang.String`	A PEM-encoded CA certificate used by the secret engine to verify the Kubernetes API server certificate.
`kubernetesHost`	`java.lang.String`	The Kubernetes API URL to connect to.
`local`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Local mount flag that can be explicitly set to true to enforce local mount in HA environment.
`maxLeaseTtlSeconds`	`java.lang.Number`	Maximum possible lease duration for tokens and secrets in seconds.
`namespace`	`java.lang.String`	Target namespace. (requires Enterprise).
`options`	`java.util.Map<java.lang.String, java.lang.String>`	Specifies mount type specific options that are passed to the backend.
`sealWrap`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability.
`serviceAccountJwt`	`java.lang.String`	The JSON web token of the service account used by the secrets engine to manage Kubernetes credentials.

`connection`^Optional

public java.lang.Object getConnection();

Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

`count`^Optional

public java.lang.Object getCount();

Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

`dependsOn`^Optional

public java.util.List<ITerraformDependable> getDependsOn();

Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

`forEach`^Optional

public ITerraformIterator getForEach();

Type: com.hashicorp.cdktf.ITerraformIterator

`lifecycle`^Optional

public TerraformResourceLifecycle getLifecycle();

Type: com.hashicorp.cdktf.TerraformResourceLifecycle

`provider`^Optional

public TerraformProvider getProvider();

Type: com.hashicorp.cdktf.TerraformProvider

`provisioners`^Optional

public java.lang.Object getProvisioners();

Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

`path`^Required

public java.lang.String getPath();

Type: java.lang.String

Where the secret backend will be mounted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#path KubernetesSecretBackend#path}

`allowedManagedKeys`^Optional

public java.util.List<java.lang.String> getAllowedManagedKeys();

Type: java.util.List<java.lang.String>

List of managed key registry entry names that the mount in question is allowed to access.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#allowed_managed_keys KubernetesSecretBackend#allowed_managed_keys}

`auditNonHmacRequestKeys`^Optional

public java.util.List<java.lang.String> getAuditNonHmacRequestKeys();

Type: java.util.List<java.lang.String>

Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#audit_non_hmac_request_keys KubernetesSecretBackend#audit_non_hmac_request_keys}

`auditNonHmacResponseKeys`^Optional

public java.util.List<java.lang.String> getAuditNonHmacResponseKeys();

Type: java.util.List<java.lang.String>

Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#audit_non_hmac_response_keys KubernetesSecretBackend#audit_non_hmac_response_keys}

`defaultLeaseTtlSeconds`^Optional

public java.lang.Number getDefaultLeaseTtlSeconds();

Type: java.lang.Number

Default lease duration for tokens and secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#default_lease_ttl_seconds KubernetesSecretBackend#default_lease_ttl_seconds}

`description`^Optional

public java.lang.String getDescription();

Type: java.lang.String

Human-friendly description of the mount.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#description KubernetesSecretBackend#description}

`disableLocalCaJwt`^Optional

public java.lang.Object getDisableLocalCaJwt();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Disable defaulting to the local CA certificate and service account JWT when running in a Kubernetes pod.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#disable_local_ca_jwt KubernetesSecretBackend#disable_local_ca_jwt}

`externalEntropyAccess`^Optional

public java.lang.Object getExternalEntropyAccess();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Enable the secrets engine to access Vault's external entropy source.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#external_entropy_access KubernetesSecretBackend#external_entropy_access}

`id`^Optional

public java.lang.String getId();

Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#id KubernetesSecretBackend#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

`kubernetesCaCert`^Optional

public java.lang.String getKubernetesCaCert();

Type: java.lang.String

A PEM-encoded CA certificate used by the secret engine to verify the Kubernetes API server certificate.

Defaults to the local pod’s CA if found, or otherwise the host's root CA set.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#kubernetes_ca_cert KubernetesSecretBackend#kubernetes_ca_cert}

`kubernetesHost`^Optional

public java.lang.String getKubernetesHost();

Type: java.lang.String

The Kubernetes API URL to connect to.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#kubernetes_host KubernetesSecretBackend#kubernetes_host}

`local`^Optional

public java.lang.Object getLocal();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Local mount flag that can be explicitly set to true to enforce local mount in HA environment.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#local KubernetesSecretBackend#local}

`maxLeaseTtlSeconds`^Optional

public java.lang.Number getMaxLeaseTtlSeconds();

Type: java.lang.Number

Maximum possible lease duration for tokens and secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#max_lease_ttl_seconds KubernetesSecretBackend#max_lease_ttl_seconds}

`namespace`^Optional

public java.lang.String getNamespace();

Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#namespace KubernetesSecretBackend#namespace}

`options`^Optional

public java.util.Map<java.lang.String, java.lang.String> getOptions();

Type: java.util.Map<java.lang.String, java.lang.String>

Specifies mount type specific options that are passed to the backend.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#options KubernetesSecretBackend#options}

`sealWrap`^Optional

public java.lang.Object getSealWrap();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#seal_wrap KubernetesSecretBackend#seal_wrap}

`serviceAccountJwt`^Optional

public java.lang.String getServiceAccountJwt();

Type: java.lang.String

The JSON web token of the service account used by the secrets engine to manage Kubernetes credentials.

Defaults to the local pod’s JWT if found.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kubernetes_secret_backend#service_account_jwt KubernetesSecretBackend#service_account_jwt}

Files

kubernetesSecretBackend.java.md

Latest commit

History

kubernetesSecretBackend.java.md

File metadata and controls

kubernetesSecretBackend Submodule

Constructs