1. Packages
  2. HashiCorp Vault Provider
  3. API Docs
  4. Provider
HashiCorp Vault v6.6.0 published on Thursday, Mar 13, 2025 by Pulumi

vault.Provider

Explore with Pulumi AI

The provider type for the vault package. By default, resources use package-wide configuration settings, however an explicit Provider instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.

Create Provider Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Provider(name: string, args: ProviderArgs, opts?: CustomResourceOptions);
@overload
def Provider(resource_name: str,
             args: ProviderArgs,
             opts: Optional[ResourceOptions] = None)

@overload
def Provider(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             add_address_to_env: Optional[str] = None,
             address: Optional[str] = None,
             auth_login: Optional[ProviderAuthLoginArgs] = None,
             auth_login_aws: Optional[ProviderAuthLoginAwsArgs] = None,
             auth_login_azure: Optional[ProviderAuthLoginAzureArgs] = None,
             auth_login_cert: Optional[ProviderAuthLoginCertArgs] = None,
             auth_login_gcp: Optional[ProviderAuthLoginGcpArgs] = None,
             auth_login_jwt: Optional[ProviderAuthLoginJwtArgs] = None,
             auth_login_kerberos: Optional[ProviderAuthLoginKerberosArgs] = None,
             auth_login_oci: Optional[ProviderAuthLoginOciArgs] = None,
             auth_login_oidc: Optional[ProviderAuthLoginOidcArgs] = None,
             auth_login_radius: Optional[ProviderAuthLoginRadiusArgs] = None,
             auth_login_token_file: Optional[ProviderAuthLoginTokenFileArgs] = None,
             auth_login_userpass: Optional[ProviderAuthLoginUserpassArgs] = None,
             ca_cert_dir: Optional[str] = None,
             ca_cert_file: Optional[str] = None,
             client_auth: Optional[ProviderClientAuthArgs] = None,
             headers: Optional[Sequence[ProviderHeaderArgs]] = None,
             max_lease_ttl_seconds: Optional[int] = None,
             max_retries: Optional[int] = None,
             max_retries_ccc: Optional[int] = None,
             namespace: Optional[str] = None,
             set_namespace_from_token: Optional[bool] = None,
             skip_child_token: Optional[bool] = None,
             skip_get_vault_version: Optional[bool] = None,
             skip_tls_verify: Optional[bool] = None,
             tls_server_name: Optional[str] = None,
             token: Optional[str] = None,
             token_name: Optional[str] = None,
             vault_version_override: Optional[str] = None)
func NewProvider(ctx *Context, name string, args ProviderArgs, opts ...ResourceOption) (*Provider, error)
public Provider(string name, ProviderArgs args, CustomResourceOptions? opts = null)
public Provider(String name, ProviderArgs args)
public Provider(String name, ProviderArgs args, CustomResourceOptions options)
type: pulumi:providers:vault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. ProviderArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. ProviderArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. ProviderArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. ProviderArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. ProviderArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Provider Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Provider resource accepts the following input properties:

Address This property is required. string
URL of the root of the target Vault server.
Token This property is required. string
Token to use to authenticate to Vault.
AddAddressToEnv string
AuthLogin ProviderAuthLogin
Login to vault with an existing auth method using auth//login
AuthLoginAws ProviderAuthLoginAws
Login to vault using the AWS method
AuthLoginAzure ProviderAuthLoginAzure
Login to vault using the azure method
AuthLoginCert ProviderAuthLoginCert
Login to vault using the cert method
AuthLoginGcp ProviderAuthLoginGcp
Login to vault using the gcp method
AuthLoginJwt ProviderAuthLoginJwt
Login to vault using the jwt method
AuthLoginKerberos ProviderAuthLoginKerberos
Login to vault using the kerberos method
AuthLoginOci ProviderAuthLoginOci
Login to vault using the OCI method
AuthLoginOidc ProviderAuthLoginOidc
Login to vault using the oidc method
AuthLoginRadius ProviderAuthLoginRadius
Login to vault using the radius method
AuthLoginTokenFile ProviderAuthLoginTokenFile
Login to vault using
AuthLoginUserpass ProviderAuthLoginUserpass
Login to vault using the userpass method
CaCertDir string
Path to directory containing CA certificate files to validate the server's certificate.
CaCertFile string
Path to a CA certificate file to validate the server's certificate.
ClientAuth ProviderClientAuth
Client authentication credentials.

Deprecated: Use auth_login_cert instead

Headers List<ProviderHeader>
The headers to send with each Vault request.
MaxLeaseTtlSeconds int
Maximum TTL for secret leases requested by this provider. It can also be sourced from the following environment variable: TERRAFORM_VAULT_MAX_TTL
MaxRetries int
Maximum number of retries when a 5xx error code is encountered. It can also be sourced from the following environment variable: VAULT_MAX_RETRIES
MaxRetriesCcc int
Maximum number of retries for Client Controlled Consistency related operations
Namespace string
The namespace to use. Available only for Vault Enterprise.
SetNamespaceFromToken bool
In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
SkipChildToken bool
Set this to true to prevent the creation of ephemeral child token used by this provider.
SkipGetVaultVersion bool
Skip the dynamic fetching of the Vault server version.
SkipTlsVerify bool
Set this to true only if the target Vault server is an insecure development instance. It can also be sourced from the following environment variable: VAULT_SKIP_VERIFY
TlsServerName string
Name to use as the SNI host when connecting via TLS.
TokenName string
Token name to use for creating the Vault child token.
VaultVersionOverride string
Override the Vault server version, which is normally determined dynamically from the target Vault server
Address This property is required. string
URL of the root of the target Vault server.
Token This property is required. string
Token to use to authenticate to Vault.
AddAddressToEnv string
AuthLogin ProviderAuthLoginArgs
Login to vault with an existing auth method using auth//login
AuthLoginAws ProviderAuthLoginAwsArgs
Login to vault using the AWS method
AuthLoginAzure ProviderAuthLoginAzureArgs
Login to vault using the azure method
AuthLoginCert ProviderAuthLoginCertArgs
Login to vault using the cert method
AuthLoginGcp ProviderAuthLoginGcpArgs
Login to vault using the gcp method
AuthLoginJwt ProviderAuthLoginJwtArgs
Login to vault using the jwt method
AuthLoginKerberos ProviderAuthLoginKerberosArgs
Login to vault using the kerberos method
AuthLoginOci ProviderAuthLoginOciArgs
Login to vault using the OCI method
AuthLoginOidc ProviderAuthLoginOidcArgs
Login to vault using the oidc method
AuthLoginRadius ProviderAuthLoginRadiusArgs
Login to vault using the radius method
AuthLoginTokenFile ProviderAuthLoginTokenFileArgs
Login to vault using
AuthLoginUserpass ProviderAuthLoginUserpassArgs
Login to vault using the userpass method
CaCertDir string
Path to directory containing CA certificate files to validate the server's certificate.
CaCertFile string
Path to a CA certificate file to validate the server's certificate.
ClientAuth ProviderClientAuthArgs
Client authentication credentials.

Deprecated: Use auth_login_cert instead

Headers []ProviderHeaderArgs
The headers to send with each Vault request.
MaxLeaseTtlSeconds int
Maximum TTL for secret leases requested by this provider. It can also be sourced from the following environment variable: TERRAFORM_VAULT_MAX_TTL
MaxRetries int
Maximum number of retries when a 5xx error code is encountered. It can also be sourced from the following environment variable: VAULT_MAX_RETRIES
MaxRetriesCcc int
Maximum number of retries for Client Controlled Consistency related operations
Namespace string
The namespace to use. Available only for Vault Enterprise.
SetNamespaceFromToken bool
In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
SkipChildToken bool
Set this to true to prevent the creation of ephemeral child token used by this provider.
SkipGetVaultVersion bool
Skip the dynamic fetching of the Vault server version.
SkipTlsVerify bool
Set this to true only if the target Vault server is an insecure development instance. It can also be sourced from the following environment variable: VAULT_SKIP_VERIFY
TlsServerName string
Name to use as the SNI host when connecting via TLS.
TokenName string
Token name to use for creating the Vault child token.
VaultVersionOverride string
Override the Vault server version, which is normally determined dynamically from the target Vault server
address This property is required. String
URL of the root of the target Vault server.
token This property is required. String
Token to use to authenticate to Vault.
addAddressToEnv String
authLogin ProviderAuthLogin
Login to vault with an existing auth method using auth//login
authLoginAws ProviderAuthLoginAws
Login to vault using the AWS method
authLoginAzure ProviderAuthLoginAzure
Login to vault using the azure method
authLoginCert ProviderAuthLoginCert
Login to vault using the cert method
authLoginGcp ProviderAuthLoginGcp
Login to vault using the gcp method
authLoginJwt ProviderAuthLoginJwt
Login to vault using the jwt method
authLoginKerberos ProviderAuthLoginKerberos
Login to vault using the kerberos method
authLoginOci ProviderAuthLoginOci
Login to vault using the OCI method
authLoginOidc ProviderAuthLoginOidc
Login to vault using the oidc method
authLoginRadius ProviderAuthLoginRadius
Login to vault using the radius method
authLoginTokenFile ProviderAuthLoginTokenFile
Login to vault using
authLoginUserpass ProviderAuthLoginUserpass
Login to vault using the userpass method
caCertDir String
Path to directory containing CA certificate files to validate the server's certificate.
caCertFile String
Path to a CA certificate file to validate the server's certificate.
clientAuth ProviderClientAuth
Client authentication credentials.

Deprecated: Use auth_login_cert instead

headers List<ProviderHeader>
The headers to send with each Vault request.
maxLeaseTtlSeconds Integer
Maximum TTL for secret leases requested by this provider. It can also be sourced from the following environment variable: TERRAFORM_VAULT_MAX_TTL
maxRetries Integer
Maximum number of retries when a 5xx error code is encountered. It can also be sourced from the following environment variable: VAULT_MAX_RETRIES
maxRetriesCcc Integer
Maximum number of retries for Client Controlled Consistency related operations
namespace String
The namespace to use. Available only for Vault Enterprise.
setNamespaceFromToken Boolean
In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
skipChildToken Boolean
Set this to true to prevent the creation of ephemeral child token used by this provider.
skipGetVaultVersion Boolean
Skip the dynamic fetching of the Vault server version.
skipTlsVerify Boolean
Set this to true only if the target Vault server is an insecure development instance. It can also be sourced from the following environment variable: VAULT_SKIP_VERIFY
tlsServerName String
Name to use as the SNI host when connecting via TLS.
tokenName String
Token name to use for creating the Vault child token.
vaultVersionOverride String
Override the Vault server version, which is normally determined dynamically from the target Vault server
address This property is required. string
URL of the root of the target Vault server.
token This property is required. string
Token to use to authenticate to Vault.
addAddressToEnv string
authLogin ProviderAuthLogin
Login to vault with an existing auth method using auth//login
authLoginAws ProviderAuthLoginAws
Login to vault using the AWS method
authLoginAzure ProviderAuthLoginAzure
Login to vault using the azure method
authLoginCert ProviderAuthLoginCert
Login to vault using the cert method
authLoginGcp ProviderAuthLoginGcp
Login to vault using the gcp method
authLoginJwt ProviderAuthLoginJwt
Login to vault using the jwt method
authLoginKerberos ProviderAuthLoginKerberos
Login to vault using the kerberos method
authLoginOci ProviderAuthLoginOci
Login to vault using the OCI method
authLoginOidc ProviderAuthLoginOidc
Login to vault using the oidc method
authLoginRadius ProviderAuthLoginRadius
Login to vault using the radius method
authLoginTokenFile ProviderAuthLoginTokenFile
Login to vault using
authLoginUserpass ProviderAuthLoginUserpass
Login to vault using the userpass method
caCertDir string
Path to directory containing CA certificate files to validate the server's certificate.
caCertFile string
Path to a CA certificate file to validate the server's certificate.
clientAuth ProviderClientAuth
Client authentication credentials.

Deprecated: Use auth_login_cert instead

headers ProviderHeader[]
The headers to send with each Vault request.
maxLeaseTtlSeconds number
Maximum TTL for secret leases requested by this provider. It can also be sourced from the following environment variable: TERRAFORM_VAULT_MAX_TTL
maxRetries number
Maximum number of retries when a 5xx error code is encountered. It can also be sourced from the following environment variable: VAULT_MAX_RETRIES
maxRetriesCcc number
Maximum number of retries for Client Controlled Consistency related operations
namespace string
The namespace to use. Available only for Vault Enterprise.
setNamespaceFromToken boolean
In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
skipChildToken boolean
Set this to true to prevent the creation of ephemeral child token used by this provider.
skipGetVaultVersion boolean
Skip the dynamic fetching of the Vault server version.
skipTlsVerify boolean
Set this to true only if the target Vault server is an insecure development instance. It can also be sourced from the following environment variable: VAULT_SKIP_VERIFY
tlsServerName string
Name to use as the SNI host when connecting via TLS.
tokenName string
Token name to use for creating the Vault child token.
vaultVersionOverride string
Override the Vault server version, which is normally determined dynamically from the target Vault server
address This property is required. str
URL of the root of the target Vault server.
token This property is required. str
Token to use to authenticate to Vault.
add_address_to_env str
auth_login ProviderAuthLoginArgs
Login to vault with an existing auth method using auth//login
auth_login_aws ProviderAuthLoginAwsArgs
Login to vault using the AWS method
auth_login_azure ProviderAuthLoginAzureArgs
Login to vault using the azure method
auth_login_cert ProviderAuthLoginCertArgs
Login to vault using the cert method
auth_login_gcp ProviderAuthLoginGcpArgs
Login to vault using the gcp method
auth_login_jwt ProviderAuthLoginJwtArgs
Login to vault using the jwt method
auth_login_kerberos ProviderAuthLoginKerberosArgs
Login to vault using the kerberos method
auth_login_oci ProviderAuthLoginOciArgs
Login to vault using the OCI method
auth_login_oidc ProviderAuthLoginOidcArgs
Login to vault using the oidc method
auth_login_radius ProviderAuthLoginRadiusArgs
Login to vault using the radius method
auth_login_token_file ProviderAuthLoginTokenFileArgs
Login to vault using
auth_login_userpass ProviderAuthLoginUserpassArgs
Login to vault using the userpass method
ca_cert_dir str
Path to directory containing CA certificate files to validate the server's certificate.
ca_cert_file str
Path to a CA certificate file to validate the server's certificate.
client_auth ProviderClientAuthArgs
Client authentication credentials.

Deprecated: Use auth_login_cert instead

headers Sequence[ProviderHeaderArgs]
The headers to send with each Vault request.
max_lease_ttl_seconds int
Maximum TTL for secret leases requested by this provider. It can also be sourced from the following environment variable: TERRAFORM_VAULT_MAX_TTL
max_retries int
Maximum number of retries when a 5xx error code is encountered. It can also be sourced from the following environment variable: VAULT_MAX_RETRIES
max_retries_ccc int
Maximum number of retries for Client Controlled Consistency related operations
namespace str
The namespace to use. Available only for Vault Enterprise.
set_namespace_from_token bool
In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
skip_child_token bool
Set this to true to prevent the creation of ephemeral child token used by this provider.
skip_get_vault_version bool
Skip the dynamic fetching of the Vault server version.
skip_tls_verify bool
Set this to true only if the target Vault server is an insecure development instance. It can also be sourced from the following environment variable: VAULT_SKIP_VERIFY
tls_server_name str
Name to use as the SNI host when connecting via TLS.
token_name str
Token name to use for creating the Vault child token.
vault_version_override str
Override the Vault server version, which is normally determined dynamically from the target Vault server
address This property is required. String
URL of the root of the target Vault server.
token This property is required. String
Token to use to authenticate to Vault.
addAddressToEnv String
authLogin Property Map
Login to vault with an existing auth method using auth//login
authLoginAws Property Map
Login to vault using the AWS method
authLoginAzure Property Map
Login to vault using the azure method
authLoginCert Property Map
Login to vault using the cert method
authLoginGcp Property Map
Login to vault using the gcp method
authLoginJwt Property Map
Login to vault using the jwt method
authLoginKerberos Property Map
Login to vault using the kerberos method
authLoginOci Property Map
Login to vault using the OCI method
authLoginOidc Property Map
Login to vault using the oidc method
authLoginRadius Property Map
Login to vault using the radius method
authLoginTokenFile Property Map
Login to vault using
authLoginUserpass Property Map
Login to vault using the userpass method
caCertDir String
Path to directory containing CA certificate files to validate the server's certificate.
caCertFile String
Path to a CA certificate file to validate the server's certificate.
clientAuth Property Map
Client authentication credentials.

Deprecated: Use auth_login_cert instead

headers List<Property Map>
The headers to send with each Vault request.
maxLeaseTtlSeconds Number
Maximum TTL for secret leases requested by this provider. It can also be sourced from the following environment variable: TERRAFORM_VAULT_MAX_TTL
maxRetries Number
Maximum number of retries when a 5xx error code is encountered. It can also be sourced from the following environment variable: VAULT_MAX_RETRIES
maxRetriesCcc Number
Maximum number of retries for Client Controlled Consistency related operations
namespace String
The namespace to use. Available only for Vault Enterprise.
setNamespaceFromToken Boolean
In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the token namespace as the root namespace for all resources.
skipChildToken Boolean
Set this to true to prevent the creation of ephemeral child token used by this provider.
skipGetVaultVersion Boolean
Skip the dynamic fetching of the Vault server version.
skipTlsVerify Boolean
Set this to true only if the target Vault server is an insecure development instance. It can also be sourced from the following environment variable: VAULT_SKIP_VERIFY
tlsServerName String
Name to use as the SNI host when connecting via TLS.
tokenName String
Token name to use for creating the Vault child token.
vaultVersionOverride String
Override the Vault server version, which is normally determined dynamically from the target Vault server

Outputs

All input properties are implicitly available as output properties. Additionally, the Provider resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Supporting Types

ProviderAuthLogin
, ProviderAuthLoginArgs

Path This property is required. string
Method string
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Parameters Dictionary<string, string>
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Path This property is required. string
Method string
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Parameters map[string]string
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
path This property is required. String
method String
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
parameters Map<String,String>
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
path This property is required. string
method string
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
parameters {[key: string]: string}
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
path This property is required. str
method str
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
parameters Mapping[str, str]
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
path This property is required. String
method String
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
parameters Map<String>
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginAws
, ProviderAuthLoginAwsArgs

Role This property is required. string
The Vault role to use when logging into Vault.
AwsAccessKeyId string
The AWS access key ID.
AwsIamEndpoint string
The IAM endpoint URL.
AwsProfile string
The name of the AWS profile.
AwsRegion string
The AWS region.
AwsRoleArn string
The ARN of the AWS Role to assume.Used during STS AssumeRole
AwsRoleSessionName string
Specifies the name to attach to the AWS role session. Used during STS AssumeRole
AwsSecretAccessKey string
The AWS secret access key.
AwsSessionToken string
The AWS session token.
AwsSharedCredentialsFile string
Path to the AWS shared credentials file.
AwsStsEndpoint string
The STS endpoint URL.
AwsWebIdentityTokenFile string
Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
HeaderValue string
The Vault header value to include in the STS signing request.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Role This property is required. string
The Vault role to use when logging into Vault.
AwsAccessKeyId string
The AWS access key ID.
AwsIamEndpoint string
The IAM endpoint URL.
AwsProfile string
The name of the AWS profile.
AwsRegion string
The AWS region.
AwsRoleArn string
The ARN of the AWS Role to assume.Used during STS AssumeRole
AwsRoleSessionName string
Specifies the name to attach to the AWS role session. Used during STS AssumeRole
AwsSecretAccessKey string
The AWS secret access key.
AwsSessionToken string
The AWS session token.
AwsSharedCredentialsFile string
Path to the AWS shared credentials file.
AwsStsEndpoint string
The STS endpoint URL.
AwsWebIdentityTokenFile string
Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
HeaderValue string
The Vault header value to include in the STS signing request.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. String
The Vault role to use when logging into Vault.
awsAccessKeyId String
The AWS access key ID.
awsIamEndpoint String
The IAM endpoint URL.
awsProfile String
The name of the AWS profile.
awsRegion String
The AWS region.
awsRoleArn String
The ARN of the AWS Role to assume.Used during STS AssumeRole
awsRoleSessionName String
Specifies the name to attach to the AWS role session. Used during STS AssumeRole
awsSecretAccessKey String
The AWS secret access key.
awsSessionToken String
The AWS session token.
awsSharedCredentialsFile String
Path to the AWS shared credentials file.
awsStsEndpoint String
The STS endpoint URL.
awsWebIdentityTokenFile String
Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
headerValue String
The Vault header value to include in the STS signing request.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. string
The Vault role to use when logging into Vault.
awsAccessKeyId string
The AWS access key ID.
awsIamEndpoint string
The IAM endpoint URL.
awsProfile string
The name of the AWS profile.
awsRegion string
The AWS region.
awsRoleArn string
The ARN of the AWS Role to assume.Used during STS AssumeRole
awsRoleSessionName string
Specifies the name to attach to the AWS role session. Used during STS AssumeRole
awsSecretAccessKey string
The AWS secret access key.
awsSessionToken string
The AWS session token.
awsSharedCredentialsFile string
Path to the AWS shared credentials file.
awsStsEndpoint string
The STS endpoint URL.
awsWebIdentityTokenFile string
Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
headerValue string
The Vault header value to include in the STS signing request.
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. str
The Vault role to use when logging into Vault.
aws_access_key_id str
The AWS access key ID.
aws_iam_endpoint str
The IAM endpoint URL.
aws_profile str
The name of the AWS profile.
aws_region str
The AWS region.
aws_role_arn str
The ARN of the AWS Role to assume.Used during STS AssumeRole
aws_role_session_name str
Specifies the name to attach to the AWS role session. Used during STS AssumeRole
aws_secret_access_key str
The AWS secret access key.
aws_session_token str
The AWS session token.
aws_shared_credentials_file str
Path to the AWS shared credentials file.
aws_sts_endpoint str
The STS endpoint URL.
aws_web_identity_token_file str
Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
header_value str
The Vault header value to include in the STS signing request.
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. String
The Vault role to use when logging into Vault.
awsAccessKeyId String
The AWS access key ID.
awsIamEndpoint String
The IAM endpoint URL.
awsProfile String
The name of the AWS profile.
awsRegion String
The AWS region.
awsRoleArn String
The ARN of the AWS Role to assume.Used during STS AssumeRole
awsRoleSessionName String
Specifies the name to attach to the AWS role session. Used during STS AssumeRole
awsSecretAccessKey String
The AWS secret access key.
awsSessionToken String
The AWS session token.
awsSharedCredentialsFile String
Path to the AWS shared credentials file.
awsStsEndpoint String
The STS endpoint URL.
awsWebIdentityTokenFile String
Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
headerValue String
The Vault header value to include in the STS signing request.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginAzure
, ProviderAuthLoginAzureArgs

ResourceGroupName This property is required. string
The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
Role This property is required. string
Name of the login role.
SubscriptionId This property is required. string
The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
ClientId string
The identity's client ID.
Jwt string
A signed JSON Web Token. If not specified on will be created automatically
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Scope string
The scopes to include in the token request.
TenantId string
Provides the tenant ID to use in a multi-tenant authentication scenario.
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
VmName string
The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
VmssName string
The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
ResourceGroupName This property is required. string
The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
Role This property is required. string
Name of the login role.
SubscriptionId This property is required. string
The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
ClientId string
The identity's client ID.
Jwt string
A signed JSON Web Token. If not specified on will be created automatically
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Scope string
The scopes to include in the token request.
TenantId string
Provides the tenant ID to use in a multi-tenant authentication scenario.
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
VmName string
The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
VmssName string
The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
resourceGroupName This property is required. String
The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
role This property is required. String
Name of the login role.
subscriptionId This property is required. String
The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
clientId String
The identity's client ID.
jwt String
A signed JSON Web Token. If not specified on will be created automatically
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
scope String
The scopes to include in the token request.
tenantId String
Provides the tenant ID to use in a multi-tenant authentication scenario.
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
vmName String
The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
vmssName String
The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
resourceGroupName This property is required. string
The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
role This property is required. string
Name of the login role.
subscriptionId This property is required. string
The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
clientId string
The identity's client ID.
jwt string
A signed JSON Web Token. If not specified on will be created automatically
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
scope string
The scopes to include in the token request.
tenantId string
Provides the tenant ID to use in a multi-tenant authentication scenario.
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
vmName string
The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
vmssName string
The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
resource_group_name This property is required. str
The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
role This property is required. str
Name of the login role.
subscription_id This property is required. str
The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
client_id str
The identity's client ID.
jwt str
A signed JSON Web Token. If not specified on will be created automatically
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
scope str
The scopes to include in the token request.
tenant_id str
Provides the tenant ID to use in a multi-tenant authentication scenario.
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
vm_name str
The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
vmss_name str
The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
resourceGroupName This property is required. String
The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
role This property is required. String
Name of the login role.
subscriptionId This property is required. String
The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
clientId String
The identity's client ID.
jwt String
A signed JSON Web Token. If not specified on will be created automatically
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
scope String
The scopes to include in the token request.
tenantId String
Provides the tenant ID to use in a multi-tenant authentication scenario.
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
vmName String
The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
vmssName String
The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.

ProviderAuthLoginCert
, ProviderAuthLoginCertArgs

CertFile This property is required. string
Path to a file containing the client certificate.
KeyFile This property is required. string
Path to a file containing the private key that the certificate was issued for.
Mount string
The path where the authentication engine is mounted.
Name string
Name of the certificate's role
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
CertFile This property is required. string
Path to a file containing the client certificate.
KeyFile This property is required. string
Path to a file containing the private key that the certificate was issued for.
Mount string
The path where the authentication engine is mounted.
Name string
Name of the certificate's role
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
certFile This property is required. String
Path to a file containing the client certificate.
keyFile This property is required. String
Path to a file containing the private key that the certificate was issued for.
mount String
The path where the authentication engine is mounted.
name String
Name of the certificate's role
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
certFile This property is required. string
Path to a file containing the client certificate.
keyFile This property is required. string
Path to a file containing the private key that the certificate was issued for.
mount string
The path where the authentication engine is mounted.
name string
Name of the certificate's role
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
cert_file This property is required. str
Path to a file containing the client certificate.
key_file This property is required. str
Path to a file containing the private key that the certificate was issued for.
mount str
The path where the authentication engine is mounted.
name str
Name of the certificate's role
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
certFile This property is required. String
Path to a file containing the client certificate.
keyFile This property is required. String
Path to a file containing the private key that the certificate was issued for.
mount String
The path where the authentication engine is mounted.
name String
Name of the certificate's role
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginGcp
, ProviderAuthLoginGcpArgs

Role This property is required. string
Name of the login role.
Credentials string
Path to the Google Cloud credentials file.
Jwt string
A signed JSON Web Token.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
ServiceAccount string
IAM service account.
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Role This property is required. string
Name of the login role.
Credentials string
Path to the Google Cloud credentials file.
Jwt string
A signed JSON Web Token.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
ServiceAccount string
IAM service account.
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. String
Name of the login role.
credentials String
Path to the Google Cloud credentials file.
jwt String
A signed JSON Web Token.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
serviceAccount String
IAM service account.
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. string
Name of the login role.
credentials string
Path to the Google Cloud credentials file.
jwt string
A signed JSON Web Token.
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
serviceAccount string
IAM service account.
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. str
Name of the login role.
credentials str
Path to the Google Cloud credentials file.
jwt str
A signed JSON Web Token.
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
service_account str
IAM service account.
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. String
Name of the login role.
credentials String
Path to the Google Cloud credentials file.
jwt String
A signed JSON Web Token.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
serviceAccount String
IAM service account.
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginJwt
, ProviderAuthLoginJwtArgs

Jwt This property is required. string
A signed JSON Web Token.
Role This property is required. string
Name of the login role.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Jwt This property is required. string
A signed JSON Web Token.
Role This property is required. string
Name of the login role.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
jwt This property is required. String
A signed JSON Web Token.
role This property is required. String
Name of the login role.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
jwt This property is required. string
A signed JSON Web Token.
role This property is required. string
Name of the login role.
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
jwt This property is required. str
A signed JSON Web Token.
role This property is required. str
Name of the login role.
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
jwt This property is required. String
A signed JSON Web Token.
role This property is required. String
Name of the login role.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginKerberos
, ProviderAuthLoginKerberosArgs

DisableFastNegotiation bool
Disable the Kerberos FAST negotiation.
KeytabPath string
The Kerberos keytab file containing the entry of the login entity.
Krb5confPath string
A valid Kerberos configuration file e.g. /etc/krb5.conf.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Realm string
The Kerberos server's authoritative authentication domain
RemoveInstanceName bool
Strip the host from the username found in the keytab.
Service string
The service principle name.
Token string
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Username string
The username to login into Kerberos with.
DisableFastNegotiation bool
Disable the Kerberos FAST negotiation.
KeytabPath string
The Kerberos keytab file containing the entry of the login entity.
Krb5confPath string
A valid Kerberos configuration file e.g. /etc/krb5.conf.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Realm string
The Kerberos server's authoritative authentication domain
RemoveInstanceName bool
Strip the host from the username found in the keytab.
Service string
The service principle name.
Token string
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Username string
The username to login into Kerberos with.
disableFastNegotiation Boolean
Disable the Kerberos FAST negotiation.
keytabPath String
The Kerberos keytab file containing the entry of the login entity.
krb5confPath String
A valid Kerberos configuration file e.g. /etc/krb5.conf.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
realm String
The Kerberos server's authoritative authentication domain
removeInstanceName Boolean
Strip the host from the username found in the keytab.
service String
The service principle name.
token String
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
username String
The username to login into Kerberos with.
disableFastNegotiation boolean
Disable the Kerberos FAST negotiation.
keytabPath string
The Kerberos keytab file containing the entry of the login entity.
krb5confPath string
A valid Kerberos configuration file e.g. /etc/krb5.conf.
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
realm string
The Kerberos server's authoritative authentication domain
removeInstanceName boolean
Strip the host from the username found in the keytab.
service string
The service principle name.
token string
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
username string
The username to login into Kerberos with.
disable_fast_negotiation bool
Disable the Kerberos FAST negotiation.
keytab_path str
The Kerberos keytab file containing the entry of the login entity.
krb5conf_path str
A valid Kerberos configuration file e.g. /etc/krb5.conf.
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
realm str
The Kerberos server's authoritative authentication domain
remove_instance_name bool
Strip the host from the username found in the keytab.
service str
The service principle name.
token str
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
username str
The username to login into Kerberos with.
disableFastNegotiation Boolean
Disable the Kerberos FAST negotiation.
keytabPath String
The Kerberos keytab file containing the entry of the login entity.
krb5confPath String
A valid Kerberos configuration file e.g. /etc/krb5.conf.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
realm String
The Kerberos server's authoritative authentication domain
removeInstanceName Boolean
Strip the host from the username found in the keytab.
service String
The service principle name.
token String
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
username String
The username to login into Kerberos with.

ProviderAuthLoginOci
, ProviderAuthLoginOciArgs

AuthType This property is required. string
Authentication type to use when getting OCI credentials.
Role This property is required. string
Name of the login role.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
AuthType This property is required. string
Authentication type to use when getting OCI credentials.
Role This property is required. string
Name of the login role.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
authType This property is required. String
Authentication type to use when getting OCI credentials.
role This property is required. String
Name of the login role.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
authType This property is required. string
Authentication type to use when getting OCI credentials.
role This property is required. string
Name of the login role.
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
auth_type This property is required. str
Authentication type to use when getting OCI credentials.
role This property is required. str
Name of the login role.
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
authType This property is required. String
Authentication type to use when getting OCI credentials.
role This property is required. String
Name of the login role.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginOidc
, ProviderAuthLoginOidcArgs

Role This property is required. string
Name of the login role.
CallbackAddress string
The callback address. Must be a valid URI without the path.
CallbackListenerAddress string
The callback listener's address. Must be a valid URI without the path.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Role This property is required. string
Name of the login role.
CallbackAddress string
The callback address. Must be a valid URI without the path.
CallbackListenerAddress string
The callback listener's address. Must be a valid URI without the path.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. String
Name of the login role.
callbackAddress String
The callback address. Must be a valid URI without the path.
callbackListenerAddress String
The callback listener's address. Must be a valid URI without the path.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. string
Name of the login role.
callbackAddress string
The callback address. Must be a valid URI without the path.
callbackListenerAddress string
The callback listener's address. Must be a valid URI without the path.
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. str
Name of the login role.
callback_address str
The callback address. Must be a valid URI without the path.
callback_listener_address str
The callback listener's address. Must be a valid URI without the path.
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
role This property is required. String
Name of the login role.
callbackAddress String
The callback address. Must be a valid URI without the path.
callbackListenerAddress String
The callback listener's address. Must be a valid URI without the path.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginRadius
, ProviderAuthLoginRadiusArgs

Password This property is required. string
The Radius password for username.
Username This property is required. string
The Radius username.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Password This property is required. string
The Radius password for username.
Username This property is required. string
The Radius username.
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
password This property is required. String
The Radius password for username.
username This property is required. String
The Radius username.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
password This property is required. string
The Radius password for username.
username This property is required. string
The Radius username.
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
password This property is required. str
The Radius password for username.
username This property is required. str
The Radius username.
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
password This property is required. String
The Radius password for username.
username This property is required. String
The Radius username.
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginTokenFile
, ProviderAuthLoginTokenFileArgs

Filename This property is required. string
The name of a file containing a single line that is a valid Vault token
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Filename This property is required. string
The name of a file containing a single line that is a valid Vault token
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
filename This property is required. String
The name of a file containing a single line that is a valid Vault token
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
filename This property is required. string
The name of a file containing a single line that is a valid Vault token
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
filename This property is required. str
The name of a file containing a single line that is a valid Vault token
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
filename This property is required. String
The name of a file containing a single line that is a valid Vault token
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderAuthLoginUserpass
, ProviderAuthLoginUserpassArgs

Username This property is required. string
Login with username
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Password string
Login with password
PasswordFile string
Login with password from a file
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
Username This property is required. string
Login with username
Mount string
The path where the authentication engine is mounted.
Namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
Password string
Login with password
PasswordFile string
Login with password from a file
UseRootNamespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
username This property is required. String
Login with username
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
password String
Login with password
passwordFile String
Login with password from a file
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace
username This property is required. string
Login with username
mount string
The path where the authentication engine is mounted.
namespace string
The authentication engine's namespace. Conflicts with use_root_namespace
password string
Login with password
passwordFile string
Login with password from a file
useRootNamespace boolean
Authenticate to the root Vault namespace. Conflicts with namespace
username This property is required. str
Login with username
mount str
The path where the authentication engine is mounted.
namespace str
The authentication engine's namespace. Conflicts with use_root_namespace
password str
Login with password
password_file str
Login with password from a file
use_root_namespace bool
Authenticate to the root Vault namespace. Conflicts with namespace
username This property is required. String
Login with username
mount String
The path where the authentication engine is mounted.
namespace String
The authentication engine's namespace. Conflicts with use_root_namespace
password String
Login with password
passwordFile String
Login with password from a file
useRootNamespace Boolean
Authenticate to the root Vault namespace. Conflicts with namespace

ProviderClientAuth
, ProviderClientAuthArgs

CertFile This property is required. string
Path to a file containing the client certificate.
KeyFile This property is required. string
Path to a file containing the private key that the certificate was issued for.
CertFile This property is required. string
Path to a file containing the client certificate.
KeyFile This property is required. string
Path to a file containing the private key that the certificate was issued for.
certFile This property is required. String
Path to a file containing the client certificate.
keyFile This property is required. String
Path to a file containing the private key that the certificate was issued for.
certFile This property is required. string
Path to a file containing the client certificate.
keyFile This property is required. string
Path to a file containing the private key that the certificate was issued for.
cert_file This property is required. str
Path to a file containing the client certificate.
key_file This property is required. str
Path to a file containing the private key that the certificate was issued for.
certFile This property is required. String
Path to a file containing the client certificate.
keyFile This property is required. String
Path to a file containing the private key that the certificate was issued for.

ProviderHeader
, ProviderHeaderArgs

Name This property is required. string
The header name
Value This property is required. string
The header value
Name This property is required. string
The header name
Value This property is required. string
The header value
name This property is required. String
The header name
value This property is required. String
The header value
name This property is required. string
The header name
value This property is required. string
The header value
name This property is required. str
The header name
value This property is required. str
The header value
name This property is required. String
The header name
value This property is required. String
The header value

Package Details

Repository
Vault pulumi/pulumi-vault
License
Apache-2.0
Notes
This Pulumi package is based on the vault Terraform Provider.