Docs Home
HashiCorp Vault v6.7.1 published on Friday, May 2, 2025 by Pulumi
vault.Provider
Explore with Pulumi AI
The provider type for the vault package. By default, resources use package-wide configuration
settings, however an explicit Provider instance may be created and passed during resource
construction to achieve fine-grained programmatic control over provider settings. See the
documentation for more information.
Create Provider Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Provider(name: string, args: ProviderArgs, opts?: CustomResourceOptions);@overload
def Provider(resource_name: str,
args: ProviderArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Provider(resource_name: str,
opts: Optional[ResourceOptions] = None,
add_address_to_env: Optional[str] = None,
address: Optional[str] = None,
auth_login: Optional[ProviderAuthLoginArgs] = None,
auth_login_aws: Optional[ProviderAuthLoginAwsArgs] = None,
auth_login_azure: Optional[ProviderAuthLoginAzureArgs] = None,
auth_login_cert: Optional[ProviderAuthLoginCertArgs] = None,
auth_login_gcp: Optional[ProviderAuthLoginGcpArgs] = None,
auth_login_jwt: Optional[ProviderAuthLoginJwtArgs] = None,
auth_login_kerberos: Optional[ProviderAuthLoginKerberosArgs] = None,
auth_login_oci: Optional[ProviderAuthLoginOciArgs] = None,
auth_login_oidc: Optional[ProviderAuthLoginOidcArgs] = None,
auth_login_radius: Optional[ProviderAuthLoginRadiusArgs] = None,
auth_login_token_file: Optional[ProviderAuthLoginTokenFileArgs] = None,
auth_login_userpass: Optional[ProviderAuthLoginUserpassArgs] = None,
ca_cert_dir: Optional[str] = None,
ca_cert_file: Optional[str] = None,
client_auth: Optional[ProviderClientAuthArgs] = None,
headers: Optional[Sequence[ProviderHeaderArgs]] = None,
max_lease_ttl_seconds: Optional[int] = None,
max_retries: Optional[int] = None,
max_retries_ccc: Optional[int] = None,
namespace: Optional[str] = None,
set_namespace_from_token: Optional[bool] = None,
skip_child_token: Optional[bool] = None,
skip_get_vault_version: Optional[bool] = None,
skip_tls_verify: Optional[bool] = None,
tls_server_name: Optional[str] = None,
token: Optional[str] = None,
token_name: Optional[str] = None,
vault_version_override: Optional[str] = None)func NewProvider(ctx *Context, name string, args ProviderArgs, opts ...ResourceOption) (*Provider, error)public Provider(string name, ProviderArgs args, CustomResourceOptions? opts = null)
public Provider(String name, ProviderArgs args)
public Provider(String name, ProviderArgs args, CustomResourceOptions options)
type: pulumi:providers:vault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ProviderArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ProviderArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ProviderArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Provider Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Provider resource accepts the following input properties:
- Address string
- URL of the root of the target Vault server.
- Token string
- Token to use to authenticate to Vault.
- Add
Address stringTo Env - Auth
Login ProviderAuth Login - Login to vault with an existing auth method using auth//login
- Auth
Login ProviderAws Auth Login Aws - Login to vault using the AWS method
- Auth
Login ProviderAzure Auth Login Azure - Login to vault using the azure method
- Auth
Login ProviderCert Auth Login Cert - Login to vault using the cert method
- Auth
Login ProviderGcp Auth Login Gcp - Login to vault using the gcp method
- Auth
Login ProviderJwt Auth Login Jwt - Login to vault using the jwt method
- Auth
Login ProviderKerberos Auth Login Kerberos - Login to vault using the kerberos method
- Auth
Login ProviderOci Auth Login Oci - Login to vault using the OCI method
- Auth
Login ProviderOidc Auth Login Oidc - Login to vault using the oidc method
- Auth
Login ProviderRadius Auth Login Radius - Login to vault using the radius method
- Auth
Login ProviderToken File Auth Login Token File - Login to vault using
- Auth
Login ProviderUserpass Auth Login Userpass - Login to vault using the userpass method
- Ca
Cert stringDir - Path to directory containing CA certificate files to validate the server's certificate.
- Ca
Cert stringFile - Path to a CA certificate file to validate the server's certificate.
- Client
Auth ProviderClient Auth - Client authentication credentials.
- Headers
List<Provider
Header> - The headers to send with each Vault request.
- Max
Lease intTtl Seconds - Maximum TTL for secret leases requested by this provider.
It can also be sourced from the following environment variable:
TERRAFORM_VAULT_MAX_TTL - Max
Retries int - Maximum number of retries when a 5xx error code is encountered.
It can also be sourced from the following environment variable:
VAULT_MAX_RETRIES - Max
Retries intCcc - Maximum number of retries for Client Controlled Consistency related operations
- Namespace string
- The namespace to use. Available only for Vault Enterprise.
- Set
Namespace boolFrom Token - In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
- Skip
Child boolToken - Set this to true to prevent the creation of ephemeral child token used by this provider.
- Skip
Get boolVault Version - Skip the dynamic fetching of the Vault server version.
- Skip
Tls boolVerify - Set this to true only if the target Vault server is an insecure development instance.
It can also be sourced from the following environment variable:
VAULT_SKIP_VERIFY - Tls
Server stringName - Name to use as the SNI host when connecting via TLS.
- Token
Name string - Token name to use for creating the Vault child token.
- Vault
Version stringOverride - Override the Vault server version, which is normally determined dynamically from the target Vault server
- Address string
- URL of the root of the target Vault server.
- Token string
- Token to use to authenticate to Vault.
- Add
Address stringTo Env - Auth
Login ProviderAuth Login Args - Login to vault with an existing auth method using auth//login
- Auth
Login ProviderAws Auth Login Aws Args - Login to vault using the AWS method
- Auth
Login ProviderAzure Auth Login Azure Args - Login to vault using the azure method
- Auth
Login ProviderCert Auth Login Cert Args - Login to vault using the cert method
- Auth
Login ProviderGcp Auth Login Gcp Args - Login to vault using the gcp method
- Auth
Login ProviderJwt Auth Login Jwt Args - Login to vault using the jwt method
- Auth
Login ProviderKerberos Auth Login Kerberos Args - Login to vault using the kerberos method
- Auth
Login ProviderOci Auth Login Oci Args - Login to vault using the OCI method
- Auth
Login ProviderOidc Auth Login Oidc Args - Login to vault using the oidc method
- Auth
Login ProviderRadius Auth Login Radius Args - Login to vault using the radius method
- Auth
Login ProviderToken File Auth Login Token File Args - Login to vault using
- Auth
Login ProviderUserpass Auth Login Userpass Args - Login to vault using the userpass method
- Ca
Cert stringDir - Path to directory containing CA certificate files to validate the server's certificate.
- Ca
Cert stringFile - Path to a CA certificate file to validate the server's certificate.
- Client
Auth ProviderClient Auth Args - Client authentication credentials.
- Headers
[]Provider
Header Args - The headers to send with each Vault request.
- Max
Lease intTtl Seconds - Maximum TTL for secret leases requested by this provider.
It can also be sourced from the following environment variable:
TERRAFORM_VAULT_MAX_TTL - Max
Retries int - Maximum number of retries when a 5xx error code is encountered.
It can also be sourced from the following environment variable:
VAULT_MAX_RETRIES - Max
Retries intCcc - Maximum number of retries for Client Controlled Consistency related operations
- Namespace string
- The namespace to use. Available only for Vault Enterprise.
- Set
Namespace boolFrom Token - In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
- Skip
Child boolToken - Set this to true to prevent the creation of ephemeral child token used by this provider.
- Skip
Get boolVault Version - Skip the dynamic fetching of the Vault server version.
- Skip
Tls boolVerify - Set this to true only if the target Vault server is an insecure development instance.
It can also be sourced from the following environment variable:
VAULT_SKIP_VERIFY - Tls
Server stringName - Name to use as the SNI host when connecting via TLS.
- Token
Name string - Token name to use for creating the Vault child token.
- Vault
Version stringOverride - Override the Vault server version, which is normally determined dynamically from the target Vault server
- address String
- URL of the root of the target Vault server.
- token String
- Token to use to authenticate to Vault.
- add
Address StringTo Env - auth
Login ProviderAuth Login - Login to vault with an existing auth method using auth//login
- auth
Login ProviderAws Auth Login Aws - Login to vault using the AWS method
- auth
Login ProviderAzure Auth Login Azure - Login to vault using the azure method
- auth
Login ProviderCert Auth Login Cert - Login to vault using the cert method
- auth
Login ProviderGcp Auth Login Gcp - Login to vault using the gcp method
- auth
Login ProviderJwt Auth Login Jwt - Login to vault using the jwt method
- auth
Login ProviderKerberos Auth Login Kerberos - Login to vault using the kerberos method
- auth
Login ProviderOci Auth Login Oci - Login to vault using the OCI method
- auth
Login ProviderOidc Auth Login Oidc - Login to vault using the oidc method
- auth
Login ProviderRadius Auth Login Radius - Login to vault using the radius method
- auth
Login ProviderToken File Auth Login Token File - Login to vault using
- auth
Login ProviderUserpass Auth Login Userpass - Login to vault using the userpass method
- ca
Cert StringDir - Path to directory containing CA certificate files to validate the server's certificate.
- ca
Cert StringFile - Path to a CA certificate file to validate the server's certificate.
- client
Auth ProviderClient Auth - Client authentication credentials.
- headers
List<Provider
Header> - The headers to send with each Vault request.
- max
Lease IntegerTtl Seconds - Maximum TTL for secret leases requested by this provider.
It can also be sourced from the following environment variable:
TERRAFORM_VAULT_MAX_TTL - max
Retries Integer - Maximum number of retries when a 5xx error code is encountered.
It can also be sourced from the following environment variable:
VAULT_MAX_RETRIES - max
Retries IntegerCcc - Maximum number of retries for Client Controlled Consistency related operations
- namespace String
- The namespace to use. Available only for Vault Enterprise.
- set
Namespace BooleanFrom Token - In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
- skip
Child BooleanToken - Set this to true to prevent the creation of ephemeral child token used by this provider.
- skip
Get BooleanVault Version - Skip the dynamic fetching of the Vault server version.
- skip
Tls BooleanVerify - Set this to true only if the target Vault server is an insecure development instance.
It can also be sourced from the following environment variable:
VAULT_SKIP_VERIFY - tls
Server StringName - Name to use as the SNI host when connecting via TLS.
- token
Name String - Token name to use for creating the Vault child token.
- vault
Version StringOverride - Override the Vault server version, which is normally determined dynamically from the target Vault server
- address string
- URL of the root of the target Vault server.
- token string
- Token to use to authenticate to Vault.
- add
Address stringTo Env - auth
Login ProviderAuth Login - Login to vault with an existing auth method using auth//login
- auth
Login ProviderAws Auth Login Aws - Login to vault using the AWS method
- auth
Login ProviderAzure Auth Login Azure - Login to vault using the azure method
- auth
Login ProviderCert Auth Login Cert - Login to vault using the cert method
- auth
Login ProviderGcp Auth Login Gcp - Login to vault using the gcp method
- auth
Login ProviderJwt Auth Login Jwt - Login to vault using the jwt method
- auth
Login ProviderKerberos Auth Login Kerberos - Login to vault using the kerberos method
- auth
Login ProviderOci Auth Login Oci - Login to vault using the OCI method
- auth
Login ProviderOidc Auth Login Oidc - Login to vault using the oidc method
- auth
Login ProviderRadius Auth Login Radius - Login to vault using the radius method
- auth
Login ProviderToken File Auth Login Token File - Login to vault using
- auth
Login ProviderUserpass Auth Login Userpass - Login to vault using the userpass method
- ca
Cert stringDir - Path to directory containing CA certificate files to validate the server's certificate.
- ca
Cert stringFile - Path to a CA certificate file to validate the server's certificate.
- client
Auth ProviderClient Auth - Client authentication credentials.
- headers
Provider
Header[] - The headers to send with each Vault request.
- max
Lease numberTtl Seconds - Maximum TTL for secret leases requested by this provider.
It can also be sourced from the following environment variable:
TERRAFORM_VAULT_MAX_TTL - max
Retries number - Maximum number of retries when a 5xx error code is encountered.
It can also be sourced from the following environment variable:
VAULT_MAX_RETRIES - max
Retries numberCcc - Maximum number of retries for Client Controlled Consistency related operations
- namespace string
- The namespace to use. Available only for Vault Enterprise.
- set
Namespace booleanFrom Token - In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
- skip
Child booleanToken - Set this to true to prevent the creation of ephemeral child token used by this provider.
- skip
Get booleanVault Version - Skip the dynamic fetching of the Vault server version.
- skip
Tls booleanVerify - Set this to true only if the target Vault server is an insecure development instance.
It can also be sourced from the following environment variable:
VAULT_SKIP_VERIFY - tls
Server stringName - Name to use as the SNI host when connecting via TLS.
- token
Name string - Token name to use for creating the Vault child token.
- vault
Version stringOverride - Override the Vault server version, which is normally determined dynamically from the target Vault server
- address str
- URL of the root of the target Vault server.
- token str
- Token to use to authenticate to Vault.
- add_
address_ strto_ env - auth_
login ProviderAuth Login Args - Login to vault with an existing auth method using auth//login
- auth_
login_ Provideraws Auth Login Aws Args - Login to vault using the AWS method
- auth_
login_ Providerazure Auth Login Azure Args - Login to vault using the azure method
- auth_
login_ Providercert Auth Login Cert Args - Login to vault using the cert method
- auth_
login_ Providergcp Auth Login Gcp Args - Login to vault using the gcp method
- auth_
login_ Providerjwt Auth Login Jwt Args - Login to vault using the jwt method
- auth_
login_ Providerkerberos Auth Login Kerberos Args - Login to vault using the kerberos method
- auth_
login_ Provideroci Auth Login Oci Args - Login to vault using the OCI method
- auth_
login_ Provideroidc Auth Login Oidc Args - Login to vault using the oidc method
- auth_
login_ Providerradius Auth Login Radius Args - Login to vault using the radius method
- auth_
login_ Providertoken_ file Auth Login Token File Args - Login to vault using
- auth_
login_ Provideruserpass Auth Login Userpass Args - Login to vault using the userpass method
- ca_
cert_ strdir - Path to directory containing CA certificate files to validate the server's certificate.
- ca_
cert_ strfile - Path to a CA certificate file to validate the server's certificate.
- client_
auth ProviderClient Auth Args - Client authentication credentials.
- headers
Sequence[Provider
Header Args] - The headers to send with each Vault request.
- max_
lease_ intttl_ seconds - Maximum TTL for secret leases requested by this provider.
It can also be sourced from the following environment variable:
TERRAFORM_VAULT_MAX_TTL - max_
retries int - Maximum number of retries when a 5xx error code is encountered.
It can also be sourced from the following environment variable:
VAULT_MAX_RETRIES - max_
retries_ intccc - Maximum number of retries for Client Controlled Consistency related operations
- namespace str
- The namespace to use. Available only for Vault Enterprise.
- set_
namespace_ boolfrom_ token - In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
- skip_
child_ booltoken - Set this to true to prevent the creation of ephemeral child token used by this provider.
- skip_
get_ boolvault_ version - Skip the dynamic fetching of the Vault server version.
- skip_
tls_ boolverify - Set this to true only if the target Vault server is an insecure development instance.
It can also be sourced from the following environment variable:
VAULT_SKIP_VERIFY - tls_
server_ strname - Name to use as the SNI host when connecting via TLS.
- token_
name str - Token name to use for creating the Vault child token.
- vault_
version_ stroverride - Override the Vault server version, which is normally determined dynamically from the target Vault server
- address String
- URL of the root of the target Vault server.
- token String
- Token to use to authenticate to Vault.
- add
Address StringTo Env - auth
Login Property Map - Login to vault with an existing auth method using auth//login
- auth
Login Property MapAws - Login to vault using the AWS method
- auth
Login Property MapAzure - Login to vault using the azure method
- auth
Login Property MapCert - Login to vault using the cert method
- auth
Login Property MapGcp - Login to vault using the gcp method
- auth
Login Property MapJwt - Login to vault using the jwt method
- auth
Login Property MapKerberos - Login to vault using the kerberos method
- auth
Login Property MapOci - Login to vault using the OCI method
- auth
Login Property MapOidc - Login to vault using the oidc method
- auth
Login Property MapRadius - Login to vault using the radius method
- auth
Login Property MapToken File - Login to vault using
- auth
Login Property MapUserpass - Login to vault using the userpass method
- ca
Cert StringDir - Path to directory containing CA certificate files to validate the server's certificate.
- ca
Cert StringFile - Path to a CA certificate file to validate the server's certificate.
- client
Auth Property Map - Client authentication credentials.
- headers List<Property Map>
- The headers to send with each Vault request.
- max
Lease NumberTtl Seconds - Maximum TTL for secret leases requested by this provider.
It can also be sourced from the following environment variable:
TERRAFORM_VAULT_MAX_TTL - max
Retries Number - Maximum number of retries when a 5xx error code is encountered.
It can also be sourced from the following environment variable:
VAULT_MAX_RETRIES - max
Retries NumberCcc - Maximum number of retries for Client Controlled Consistency related operations
- namespace String
- The namespace to use. Available only for Vault Enterprise.
- set
Namespace BooleanFrom Token - In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
- skip
Child BooleanToken - Set this to true to prevent the creation of ephemeral child token used by this provider.
- skip
Get BooleanVault Version - Skip the dynamic fetching of the Vault server version.
- skip
Tls BooleanVerify - Set this to true only if the target Vault server is an insecure development instance.
It can also be sourced from the following environment variable:
VAULT_SKIP_VERIFY - tls
Server StringName - Name to use as the SNI host when connecting via TLS.
- token
Name String - Token name to use for creating the Vault child token.
- vault
Version StringOverride - Override the Vault server version, which is normally determined dynamically from the target Vault server
Outputs
All input properties are implicitly available as output properties. Additionally, the Provider resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Supporting Types
ProviderAuthLogin, ProviderAuthLoginArgs
- Path string
- Method string
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Parameters Dictionary<string, string>
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Path string
- Method string
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Parameters map[string]string
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- path String
- method String
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- parameters Map<String,String>
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- path string
- method string
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- parameters {[key: string]: string}
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- path str
- method str
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- parameters Mapping[str, str]
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- path String
- method String
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- parameters Map<String>
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginAws, ProviderAuthLoginAwsArgs
- Role string
- The Vault role to use when logging into Vault.
- Aws
Access stringKey Id - The AWS access key ID.
- Aws
Iam stringEndpoint - The IAM endpoint URL.
- Aws
Profile string - The name of the AWS profile.
- Aws
Region string - The AWS region.
- Aws
Role stringArn - The ARN of the AWS Role to assume.Used during STS AssumeRole
- Aws
Role stringSession Name - Specifies the name to attach to the AWS role session. Used during STS AssumeRole
- Aws
Secret stringAccess Key - The AWS secret access key.
- Aws
Session stringToken - The AWS session token.
- string
- Path to the AWS shared credentials file.
- Aws
Sts stringEndpoint - The STS endpoint URL.
- Aws
Web stringIdentity Token File - Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
- Header
Value string - The Vault header value to include in the STS signing request.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Role string
- The Vault role to use when logging into Vault.
- Aws
Access stringKey Id - The AWS access key ID.
- Aws
Iam stringEndpoint - The IAM endpoint URL.
- Aws
Profile string - The name of the AWS profile.
- Aws
Region string - The AWS region.
- Aws
Role stringArn - The ARN of the AWS Role to assume.Used during STS AssumeRole
- Aws
Role stringSession Name - Specifies the name to attach to the AWS role session. Used during STS AssumeRole
- Aws
Secret stringAccess Key - The AWS secret access key.
- Aws
Session stringToken - The AWS session token.
- string
- Path to the AWS shared credentials file.
- Aws
Sts stringEndpoint - The STS endpoint URL.
- Aws
Web stringIdentity Token File - Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
- Header
Value string - The Vault header value to include in the STS signing request.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role String
- The Vault role to use when logging into Vault.
- aws
Access StringKey Id - The AWS access key ID.
- aws
Iam StringEndpoint - The IAM endpoint URL.
- aws
Profile String - The name of the AWS profile.
- aws
Region String - The AWS region.
- aws
Role StringArn - The ARN of the AWS Role to assume.Used during STS AssumeRole
- aws
Role StringSession Name - Specifies the name to attach to the AWS role session. Used during STS AssumeRole
- aws
Secret StringAccess Key - The AWS secret access key.
- aws
Session StringToken - The AWS session token.
- String
- Path to the AWS shared credentials file.
- aws
Sts StringEndpoint - The STS endpoint URL.
- aws
Web StringIdentity Token File - Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
- header
Value String - The Vault header value to include in the STS signing request.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role string
- The Vault role to use when logging into Vault.
- aws
Access stringKey Id - The AWS access key ID.
- aws
Iam stringEndpoint - The IAM endpoint URL.
- aws
Profile string - The name of the AWS profile.
- aws
Region string - The AWS region.
- aws
Role stringArn - The ARN of the AWS Role to assume.Used during STS AssumeRole
- aws
Role stringSession Name - Specifies the name to attach to the AWS role session. Used during STS AssumeRole
- aws
Secret stringAccess Key - The AWS secret access key.
- aws
Session stringToken - The AWS session token.
- string
- Path to the AWS shared credentials file.
- aws
Sts stringEndpoint - The STS endpoint URL.
- aws
Web stringIdentity Token File - Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
- header
Value string - The Vault header value to include in the STS signing request.
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role str
- The Vault role to use when logging into Vault.
- aws_
access_ strkey_ id - The AWS access key ID.
- aws_
iam_ strendpoint - The IAM endpoint URL.
- aws_
profile str - The name of the AWS profile.
- aws_
region str - The AWS region.
- aws_
role_ strarn - The ARN of the AWS Role to assume.Used during STS AssumeRole
- aws_
role_ strsession_ name - Specifies the name to attach to the AWS role session. Used during STS AssumeRole
- aws_
secret_ straccess_ key - The AWS secret access key.
- aws_
session_ strtoken - The AWS session token.
- str
- Path to the AWS shared credentials file.
- aws_
sts_ strendpoint - The STS endpoint URL.
- aws_
web_ stridentity_ token_ file - Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
- header_
value str - The Vault header value to include in the STS signing request.
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role String
- The Vault role to use when logging into Vault.
- aws
Access StringKey Id - The AWS access key ID.
- aws
Iam StringEndpoint - The IAM endpoint URL.
- aws
Profile String - The name of the AWS profile.
- aws
Region String - The AWS region.
- aws
Role StringArn - The ARN of the AWS Role to assume.Used during STS AssumeRole
- aws
Role StringSession Name - Specifies the name to attach to the AWS role session. Used during STS AssumeRole
- aws
Secret StringAccess Key - The AWS secret access key.
- aws
Session StringToken - The AWS session token.
- String
- Path to the AWS shared credentials file.
- aws
Sts StringEndpoint - The STS endpoint URL.
- aws
Web StringIdentity Token File - Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
- header
Value String - The Vault header value to include in the STS signing request.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginAzure, ProviderAuthLoginAzureArgs
- Resource
Group stringName - The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
- Role string
- Name of the login role.
- Subscription
Id string - The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
- Client
Id string - The identity's client ID.
- Jwt string
- A signed JSON Web Token. If not specified on will be created automatically
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Scope string
- The scopes to include in the token request.
- Tenant
Id string - Provides the tenant ID to use in a multi-tenant authentication scenario.
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Vm
Name string - The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- Vmss
Name string - The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- Resource
Group stringName - The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
- Role string
- Name of the login role.
- Subscription
Id string - The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
- Client
Id string - The identity's client ID.
- Jwt string
- A signed JSON Web Token. If not specified on will be created automatically
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Scope string
- The scopes to include in the token request.
- Tenant
Id string - Provides the tenant ID to use in a multi-tenant authentication scenario.
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Vm
Name string - The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- Vmss
Name string - The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- resource
Group StringName - The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
- role String
- Name of the login role.
- subscription
Id String - The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
- client
Id String - The identity's client ID.
- jwt String
- A signed JSON Web Token. If not specified on will be created automatically
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- scope String
- The scopes to include in the token request.
- tenant
Id String - Provides the tenant ID to use in a multi-tenant authentication scenario.
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- vm
Name String - The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- vmss
Name String - The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- resource
Group stringName - The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
- role string
- Name of the login role.
- subscription
Id string - The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
- client
Id string - The identity's client ID.
- jwt string
- A signed JSON Web Token. If not specified on will be created automatically
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- scope string
- The scopes to include in the token request.
- tenant
Id string - Provides the tenant ID to use in a multi-tenant authentication scenario.
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- vm
Name string - The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- vmss
Name string - The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- resource_
group_ strname - The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
- role str
- Name of the login role.
- subscription_
id str - The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
- client_
id str - The identity's client ID.
- jwt str
- A signed JSON Web Token. If not specified on will be created automatically
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- scope str
- The scopes to include in the token request.
- tenant_
id str - Provides the tenant ID to use in a multi-tenant authentication scenario.
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- vm_
name str - The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- vmss_
name str - The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- resource
Group StringName - The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
- role String
- Name of the login role.
- subscription
Id String - The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
- client
Id String - The identity's client ID.
- jwt String
- A signed JSON Web Token. If not specified on will be created automatically
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- scope String
- The scopes to include in the token request.
- tenant
Id String - Provides the tenant ID to use in a multi-tenant authentication scenario.
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- vm
Name String - The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
- vmss
Name String - The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
ProviderAuthLoginCert, ProviderAuthLoginCertArgs
- Cert
File string - Path to a file containing the client certificate.
- Key
File string - Path to a file containing the private key that the certificate was issued for.
- Mount string
- The path where the authentication engine is mounted.
- Name string
- Name of the certificate's role
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Cert
File string - Path to a file containing the client certificate.
- Key
File string - Path to a file containing the private key that the certificate was issued for.
- Mount string
- The path where the authentication engine is mounted.
- Name string
- Name of the certificate's role
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- cert
File String - Path to a file containing the client certificate.
- key
File String - Path to a file containing the private key that the certificate was issued for.
- mount String
- The path where the authentication engine is mounted.
- name String
- Name of the certificate's role
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- cert
File string - Path to a file containing the client certificate.
- key
File string - Path to a file containing the private key that the certificate was issued for.
- mount string
- The path where the authentication engine is mounted.
- name string
- Name of the certificate's role
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- cert_
file str - Path to a file containing the client certificate.
- key_
file str - Path to a file containing the private key that the certificate was issued for.
- mount str
- The path where the authentication engine is mounted.
- name str
- Name of the certificate's role
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- cert
File String - Path to a file containing the client certificate.
- key
File String - Path to a file containing the private key that the certificate was issued for.
- mount String
- The path where the authentication engine is mounted.
- name String
- Name of the certificate's role
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginGcp, ProviderAuthLoginGcpArgs
- Role string
- Name of the login role.
- Credentials string
- Path to the Google Cloud credentials file.
- Jwt string
- A signed JSON Web Token.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Service
Account string - IAM service account.
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Role string
- Name of the login role.
- Credentials string
- Path to the Google Cloud credentials file.
- Jwt string
- A signed JSON Web Token.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Service
Account string - IAM service account.
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role String
- Name of the login role.
- credentials String
- Path to the Google Cloud credentials file.
- jwt String
- A signed JSON Web Token.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- service
Account String - IAM service account.
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role string
- Name of the login role.
- credentials string
- Path to the Google Cloud credentials file.
- jwt string
- A signed JSON Web Token.
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- service
Account string - IAM service account.
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role str
- Name of the login role.
- credentials str
- Path to the Google Cloud credentials file.
- jwt str
- A signed JSON Web Token.
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- service_
account str - IAM service account.
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role String
- Name of the login role.
- credentials String
- Path to the Google Cloud credentials file.
- jwt String
- A signed JSON Web Token.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- service
Account String - IAM service account.
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginJwt, ProviderAuthLoginJwtArgs
- Jwt string
- A signed JSON Web Token.
- Role string
- Name of the login role.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Jwt string
- A signed JSON Web Token.
- Role string
- Name of the login role.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- jwt String
- A signed JSON Web Token.
- role String
- Name of the login role.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- jwt string
- A signed JSON Web Token.
- role string
- Name of the login role.
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- jwt str
- A signed JSON Web Token.
- role str
- Name of the login role.
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- jwt String
- A signed JSON Web Token.
- role String
- Name of the login role.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginKerberos, ProviderAuthLoginKerberosArgs
- Disable
Fast boolNegotiation - Disable the Kerberos FAST negotiation.
- Keytab
Path string - The Kerberos keytab file containing the entry of the login entity.
- Krb5conf
Path string - A valid Kerberos configuration file e.g. /etc/krb5.conf.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Realm string
- The Kerberos server's authoritative authentication domain
- Remove
Instance boolName - Strip the host from the username found in the keytab.
- Service string
- The service principle name.
- Token string
- Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Username string
- The username to login into Kerberos with.
- Disable
Fast boolNegotiation - Disable the Kerberos FAST negotiation.
- Keytab
Path string - The Kerberos keytab file containing the entry of the login entity.
- Krb5conf
Path string - A valid Kerberos configuration file e.g. /etc/krb5.conf.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Realm string
- The Kerberos server's authoritative authentication domain
- Remove
Instance boolName - Strip the host from the username found in the keytab.
- Service string
- The service principle name.
- Token string
- Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Username string
- The username to login into Kerberos with.
- disable
Fast BooleanNegotiation - Disable the Kerberos FAST negotiation.
- keytab
Path String - The Kerberos keytab file containing the entry of the login entity.
- krb5conf
Path String - A valid Kerberos configuration file e.g. /etc/krb5.conf.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- realm String
- The Kerberos server's authoritative authentication domain
- remove
Instance BooleanName - Strip the host from the username found in the keytab.
- service String
- The service principle name.
- token String
- Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username String
- The username to login into Kerberos with.
- disable
Fast booleanNegotiation - Disable the Kerberos FAST negotiation.
- keytab
Path string - The Kerberos keytab file containing the entry of the login entity.
- krb5conf
Path string - A valid Kerberos configuration file e.g. /etc/krb5.conf.
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- realm string
- The Kerberos server's authoritative authentication domain
- remove
Instance booleanName - Strip the host from the username found in the keytab.
- service string
- The service principle name.
- token string
- Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username string
- The username to login into Kerberos with.
- disable_
fast_ boolnegotiation - Disable the Kerberos FAST negotiation.
- keytab_
path str - The Kerberos keytab file containing the entry of the login entity.
- krb5conf_
path str - A valid Kerberos configuration file e.g. /etc/krb5.conf.
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- realm str
- The Kerberos server's authoritative authentication domain
- remove_
instance_ boolname - Strip the host from the username found in the keytab.
- service str
- The service principle name.
- token str
- Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username str
- The username to login into Kerberos with.
- disable
Fast BooleanNegotiation - Disable the Kerberos FAST negotiation.
- keytab
Path String - The Kerberos keytab file containing the entry of the login entity.
- krb5conf
Path String - A valid Kerberos configuration file e.g. /etc/krb5.conf.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- realm String
- The Kerberos server's authoritative authentication domain
- remove
Instance BooleanName - Strip the host from the username found in the keytab.
- service String
- The service principle name.
- token String
- Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username String
- The username to login into Kerberos with.
ProviderAuthLoginOci, ProviderAuthLoginOciArgs
- Auth
Type string - Authentication type to use when getting OCI credentials.
- Role string
- Name of the login role.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Auth
Type string - Authentication type to use when getting OCI credentials.
- Role string
- Name of the login role.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- auth
Type String - Authentication type to use when getting OCI credentials.
- role String
- Name of the login role.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- auth
Type string - Authentication type to use when getting OCI credentials.
- role string
- Name of the login role.
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- auth_
type str - Authentication type to use when getting OCI credentials.
- role str
- Name of the login role.
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- auth
Type String - Authentication type to use when getting OCI credentials.
- role String
- Name of the login role.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginOidc, ProviderAuthLoginOidcArgs
- Role string
- Name of the login role.
- Callback
Address string - The callback address. Must be a valid URI without the path.
- Callback
Listener stringAddress - The callback listener's address. Must be a valid URI without the path.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Role string
- Name of the login role.
- Callback
Address string - The callback address. Must be a valid URI without the path.
- Callback
Listener stringAddress - The callback listener's address. Must be a valid URI without the path.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role String
- Name of the login role.
- callback
Address String - The callback address. Must be a valid URI without the path.
- callback
Listener StringAddress - The callback listener's address. Must be a valid URI without the path.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role string
- Name of the login role.
- callback
Address string - The callback address. Must be a valid URI without the path.
- callback
Listener stringAddress - The callback listener's address. Must be a valid URI without the path.
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role str
- Name of the login role.
- callback_
address str - The callback address. Must be a valid URI without the path.
- callback_
listener_ straddress - The callback listener's address. Must be a valid URI without the path.
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- role String
- Name of the login role.
- callback
Address String - The callback address. Must be a valid URI without the path.
- callback
Listener StringAddress - The callback listener's address. Must be a valid URI without the path.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginRadius, ProviderAuthLoginRadiusArgs
- Password string
- The Radius password for username.
- Username string
- The Radius username.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Password string
- The Radius password for username.
- Username string
- The Radius username.
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- password String
- The Radius password for username.
- username String
- The Radius username.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- password string
- The Radius password for username.
- username string
- The Radius username.
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- password str
- The Radius password for username.
- username str
- The Radius username.
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- password String
- The Radius password for username.
- username String
- The Radius username.
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginTokenFile, ProviderAuthLoginTokenFileArgs
- Filename string
- The name of a file containing a single line that is a valid Vault token
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Filename string
- The name of a file containing a single line that is a valid Vault token
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- filename String
- The name of a file containing a single line that is a valid Vault token
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- filename string
- The name of a file containing a single line that is a valid Vault token
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- filename str
- The name of a file containing a single line that is a valid Vault token
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- filename String
- The name of a file containing a single line that is a valid Vault token
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderAuthLoginUserpass, ProviderAuthLoginUserpassArgs
- Username string
- Login with username
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Password string
- Login with password
- Password
File string - Login with password from a file
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- Username string
- Login with username
- Mount string
- The path where the authentication engine is mounted.
- Namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- Password string
- Login with password
- Password
File string - Login with password from a file
- Use
Root boolNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username String
- Login with username
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- password String
- Login with password
- password
File String - Login with password from a file
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username string
- Login with username
- mount string
- The path where the authentication engine is mounted.
- namespace string
- The authentication engine's namespace. Conflicts with use_root_namespace
- password string
- Login with password
- password
File string - Login with password from a file
- use
Root booleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username str
- Login with username
- mount str
- The path where the authentication engine is mounted.
- namespace str
- The authentication engine's namespace. Conflicts with use_root_namespace
- password str
- Login with password
- password_
file str - Login with password from a file
- use_
root_ boolnamespace - Authenticate to the root Vault namespace. Conflicts with namespace
- username String
- Login with username
- mount String
- The path where the authentication engine is mounted.
- namespace String
- The authentication engine's namespace. Conflicts with use_root_namespace
- password String
- Login with password
- password
File String - Login with password from a file
- use
Root BooleanNamespace - Authenticate to the root Vault namespace. Conflicts with namespace
ProviderClientAuth, ProviderClientAuthArgs
ProviderHeader, ProviderHeaderArgs
Package Details
- Repository
- Vault pulumi/pulumi-vault
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
vaultTerraform Provider.