/
config.go
188 lines (155 loc) · 5.65 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
package config
import (
"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
var _ = internal.GetEnvOrDefault
func GetAddAddressToEnv(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:addAddressToEnv")
}
// URL of the root of the target Vault server.
func GetAddress(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:address")
}
// Login to vault with an existing auth method using auth/<mount>/login
func GetAuthLogin(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLogin")
}
// Login to vault using the AWS method
func GetAuthLoginAws(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginAws")
}
// Login to vault using the azure method
func GetAuthLoginAzure(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginAzure")
}
// Login to vault using the cert method
func GetAuthLoginCert(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginCert")
}
// Login to vault using the gcp method
func GetAuthLoginGcp(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginGcp")
}
// Login to vault using the jwt method
func GetAuthLoginJwt(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginJwt")
}
// Login to vault using the kerberos method
func GetAuthLoginKerberos(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginKerberos")
}
// Login to vault using the OCI method
func GetAuthLoginOci(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginOci")
}
// Login to vault using the oidc method
func GetAuthLoginOidc(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginOidc")
}
// Login to vault using the radius method
func GetAuthLoginRadius(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginRadius")
}
// Login to vault using
func GetAuthLoginTokenFile(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginTokenFile")
}
// Login to vault using the userpass method
func GetAuthLoginUserpass(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:authLoginUserpass")
}
// Path to directory containing CA certificate files to validate the server's certificate.
func GetCaCertDir(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:caCertDir")
}
// Path to a CA certificate file to validate the server's certificate.
func GetCaCertFile(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:caCertFile")
}
// Client authentication credentials.
//
// Deprecated: Use auth_login_cert instead
func GetClientAuth(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:clientAuth")
}
// The headers to send with each Vault request.
func GetHeaders(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:headers")
}
// Maximum TTL for secret leases requested by this provider.
func GetMaxLeaseTtlSeconds(ctx *pulumi.Context) int {
v, err := config.TryInt(ctx, "vault:maxLeaseTtlSeconds")
if err == nil {
return v
}
var value int
if d := internal.GetEnvOrDefault(1200, internal.ParseEnvInt, "TERRAFORM_VAULT_MAX_TTL"); d != nil {
value = d.(int)
}
return value
}
// Maximum number of retries when a 5xx error code is encountered.
func GetMaxRetries(ctx *pulumi.Context) int {
v, err := config.TryInt(ctx, "vault:maxRetries")
if err == nil {
return v
}
var value int
if d := internal.GetEnvOrDefault(2, internal.ParseEnvInt, "VAULT_MAX_RETRIES"); d != nil {
value = d.(int)
}
return value
}
// Maximum number of retries for Client Controlled Consistency related operations
func GetMaxRetriesCcc(ctx *pulumi.Context) int {
return config.GetInt(ctx, "vault:maxRetriesCcc")
}
// The namespace to use. Available only for Vault Enterprise.
func GetNamespace(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:namespace")
}
// In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the
// token namespace as the root namespace for all resources.
func GetSetNamespaceFromToken(ctx *pulumi.Context) bool {
return config.GetBool(ctx, "vault:setNamespaceFromToken")
}
// Set this to true to prevent the creation of ephemeral child token used by this provider.
func GetSkipChildToken(ctx *pulumi.Context) bool {
return config.GetBool(ctx, "vault:skipChildToken")
}
// Skip the dynamic fetching of the Vault server version.
func GetSkipGetVaultVersion(ctx *pulumi.Context) bool {
return config.GetBool(ctx, "vault:skipGetVaultVersion")
}
// Set this to true only if the target Vault server is an insecure development instance.
func GetSkipTlsVerify(ctx *pulumi.Context) bool {
v, err := config.TryBool(ctx, "vault:skipTlsVerify")
if err == nil {
return v
}
var value bool
if d := internal.GetEnvOrDefault(nil, internal.ParseEnvBool, "VAULT_SKIP_VERIFY"); d != nil {
value = d.(bool)
}
return value
}
// Name to use as the SNI host when connecting via TLS.
func GetTlsServerName(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:tlsServerName")
}
// Token to use to authenticate to Vault.
func GetToken(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:token")
}
// Token name to use for creating the Vault child token.
func GetTokenName(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:tokenName")
}
// Override the Vault server version, which is normally determined dynamically from the target Vault server
func GetVaultVersionOverride(ctx *pulumi.Context) string {
return config.Get(ctx, "vault:vaultVersionOverride")
}