permalink |
---|
/gcp_secret_static_account/ |
gcp_secret_static_account
represents the vault_gcp_secret_static_account
Terraform resource.
This package contains functions and utilities for setting up the resource using Jsonnet code.
fn new()
fn newAttrs()
fn withBackend()
fn withBinding()
fn withBindingMixin()
fn withNamespace()
fn withSecretType()
fn withServiceAccountEmail()
fn withStaticAccount()
fn withTokenScopes()
obj binding
new()
vault.gcp_secret_static_account.new
injects a new vault_gcp_secret_static_account
Terraform resource
block into the root module document.
Additionally, this inserts a private function into the _ref
attribute that generates references to attributes of the
resource. For example, if you added a new instance to the root using:
# arguments omitted for brevity
vault.gcp_secret_static_account.new('some_id')
You can get the reference to the id
field of the created vault.gcp_secret_static_account
using the reference:
$._ref.vault_gcp_secret_static_account.some_id.get('id')
This is the same as directly entering "${ vault_gcp_secret_static_account.some_id.id }"
as the value.
NOTE: if you are chaining multiple resources together in a merge operation, you may not be able to use super
, self
,
or $
to refer to the root object. Instead, make an explicit outer object using local
.
Args:
resourceLabel
(string
): The name label of the block.backend
(string
): Path where the GCP secrets engine is mounted.namespace
(string
): Target namespace. (requires Enterprise) Whennull
, thenamespace
field will be omitted from the resulting object.secret_type
(string
): Type of secret generated for this static account. Defaults toaccess_token
. Accepted values:access_token
,service_account_key
Whennull
, thesecret_type
field will be omitted from the resulting object.service_account_email
(string
): Email of the GCP service account.static_account
(string
): Name of the Static Account to createtoken_scopes
(list
): List of OAuth scopes to assign toaccess_token
secrets generated under this static account (access_token
static accounts only) Whennull
, thetoken_scopes
field will be omitted from the resulting object.binding
(list[obj]
): Set thebinding
field on the resulting resource block. Whennull
, thebinding
sub block will be omitted from the resulting object. When setting the sub block, it is recommended to construct the object using the vault.gcp_secret_static_account.binding.new constructor.
Returns:
- A mixin object that injects the new resource into the root Terraform configuration.
newAttrs()
vault.gcp_secret_static_account.newAttrs
constructs a new object with attributes and blocks configured for the gcp_secret_static_account
Terraform resource.
Unlike vault.gcp_secret_static_account.new, this function will not inject the resource
block into the root Terraform document. Instead, this must be passed in as the attrs
argument for the
tf.withResource function to build a complete block.
This is most useful when you need to preprocess the attributes with functions, conditional, or looping logic prior to injecting into a complete block.
Args:
backend
(string
): Path where the GCP secrets engine is mounted.namespace
(string
): Target namespace. (requires Enterprise) Whennull
, thenamespace
field will be omitted from the resulting object.secret_type
(string
): Type of secret generated for this static account. Defaults toaccess_token
. Accepted values:access_token
,service_account_key
Whennull
, thesecret_type
field will be omitted from the resulting object.service_account_email
(string
): Email of the GCP service account.static_account
(string
): Name of the Static Account to createtoken_scopes
(list
): List of OAuth scopes to assign toaccess_token
secrets generated under this static account (access_token
static accounts only) Whennull
, thetoken_scopes
field will be omitted from the resulting object.binding
(list[obj]
): Set thebinding
field on the resulting object. Whennull
, thebinding
sub block will be omitted from the resulting object. When setting the sub block, it is recommended to construct the object using the vault.gcp_secret_static_account.binding.new constructor.
Returns:
- An attribute object that can be used with tf.withResource to construct a new
gcp_secret_static_account
resource into the root Terraform configuration.
withBackend()
vault.string.withBackend
constructs a mixin object that can be merged into the string
Terraform resource block to set or update the backend field.
Args:
resourceLabel
(string
): The name label of the block to update.value
(string
): The value to set for thebackend
field.
withBinding()
vault.list[obj].withBinding
constructs a mixin object that can be merged into the list[obj]
Terraform resource block to set or update the binding field.
This function will replace the array with the passed in value
. If you wish to instead append the
passed in value to the existing array, use the vault.list[obj].withBindingMixin function.
Args:
resourceLabel
(string
): The name label of the block to update.value
(list[obj]
): The value to set for thebinding
field.
withBindingMixin()
vault.list[obj].withBindingMixin
constructs a mixin object that can be merged into the list[obj]
Terraform resource block to set or update the binding field.
This function will append the passed in array or object to the existing array. If you wish
to instead replace the array with the passed in value
, use the vault.list[obj].withBinding
function.
Args:
resourceLabel
(string
): The name label of the block to update.value
(list[obj]
): The value to set for thebinding
field.
withNamespace()
vault.string.withNamespace
constructs a mixin object that can be merged into the string
Terraform resource block to set or update the namespace field.
Args:
resourceLabel
(string
): The name label of the block to update.value
(string
): The value to set for thenamespace
field.
withSecretType()
vault.string.withSecretType
constructs a mixin object that can be merged into the string
Terraform resource block to set or update the secret_type field.
Args:
resourceLabel
(string
): The name label of the block to update.value
(string
): The value to set for thesecret_type
field.
withServiceAccountEmail()
vault.string.withServiceAccountEmail
constructs a mixin object that can be merged into the string
Terraform resource block to set or update the service_account_email field.
Args:
resourceLabel
(string
): The name label of the block to update.value
(string
): The value to set for theservice_account_email
field.
withStaticAccount()
vault.string.withStaticAccount
constructs a mixin object that can be merged into the string
Terraform resource block to set or update the static_account field.
Args:
resourceLabel
(string
): The name label of the block to update.value
(string
): The value to set for thestatic_account
field.
withTokenScopes()
vault.list.withTokenScopes
constructs a mixin object that can be merged into the list
Terraform resource block to set or update the token_scopes field.
Args:
resourceLabel
(string
): The name label of the block to update.value
(list
): The value to set for thetoken_scopes
field.
new()
vault.gcp_secret_static_account.binding.new
constructs a new object with attributes and blocks configured for the binding
Terraform sub block.
Args:
resource
(string
): Resource nameroles
(list
): List of roles to apply to the resource
Returns:
- An attribute object that represents the
binding
sub block.