1. Packages
  2. StrongDM
  3. API Docs
  4. SecretStore
StrongDM v1.12.0 published on Sunday, Apr 28, 2024 by Piers Karsenbarg

sdm.SecretStore

Explore with Pulumi AI

sdm logo
StrongDM v1.12.0 published on Sunday, Apr 28, 2024 by Piers Karsenbarg

    A SecretStore is a server where resource secrets (passwords, keys) are stored. Coming soon support for HashiCorp Vault and AWS Secret Store. This resource can be imported using the import command.

    Create SecretStore Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecretStore(name: string, args?: SecretStoreArgs, opts?: CustomResourceOptions);
    @overload
    def SecretStore(resource_name: str,
                    args: Optional[SecretStoreArgs] = None,
                    opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecretStore(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    active_directory_store: Optional[SecretStoreActiveDirectoryStoreArgs] = None,
                    aws: Optional[SecretStoreAwsArgs] = None,
                    aws_cert_x509: Optional[SecretStoreAwsCertX509Args] = None,
                    azure_store: Optional[SecretStoreAzureStoreArgs] = None,
                    cyberark_conjur: Optional[SecretStoreCyberarkConjurArgs] = None,
                    cyberark_pam: Optional[SecretStoreCyberarkPamArgs] = None,
                    cyberark_pam_experimental: Optional[SecretStoreCyberarkPamExperimentalArgs] = None,
                    delinea_store: Optional[SecretStoreDelineaStoreArgs] = None,
                    gcp_cert_x509_store: Optional[SecretStoreGcpCertX509StoreArgs] = None,
                    gcp_store: Optional[SecretStoreGcpStoreArgs] = None,
                    keyfactor_x509_store: Optional[SecretStoreKeyfactorX509StoreArgs] = None,
                    vault_approle: Optional[SecretStoreVaultApproleArgs] = None,
                    vault_approle_cert_ssh: Optional[SecretStoreVaultApproleCertSshArgs] = None,
                    vault_approle_cert_x509: Optional[SecretStoreVaultApproleCertX509Args] = None,
                    vault_tls: Optional[SecretStoreVaultTlsArgs] = None,
                    vault_tls_cert_ssh: Optional[SecretStoreVaultTlsCertSshArgs] = None,
                    vault_tls_cert_x509: Optional[SecretStoreVaultTlsCertX509Args] = None,
                    vault_token: Optional[SecretStoreVaultTokenArgs] = None,
                    vault_token_cert_ssh: Optional[SecretStoreVaultTokenCertSshArgs] = None,
                    vault_token_cert_x509: Optional[SecretStoreVaultTokenCertX509Args] = None)
    func NewSecretStore(ctx *Context, name string, args *SecretStoreArgs, opts ...ResourceOption) (*SecretStore, error)
    public SecretStore(string name, SecretStoreArgs? args = null, CustomResourceOptions? opts = null)
    public SecretStore(String name, SecretStoreArgs args)
    public SecretStore(String name, SecretStoreArgs args, CustomResourceOptions options)
    
    type: sdm:SecretStore
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecretStoreArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecretStoreArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecretStoreArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecretStoreArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecretStoreArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var secretStoreResource = new Sdm.SecretStore("secretStoreResource", new()
    {
        ActiveDirectoryStore = new Sdm.Inputs.SecretStoreActiveDirectoryStoreArgs
        {
            Name = "string",
            ServerAddress = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        Aws = new Sdm.Inputs.SecretStoreAwsArgs
        {
            Name = "string",
            Region = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        AwsCertX509 = new Sdm.Inputs.SecretStoreAwsCertX509Args
        {
            CaArn = "string",
            CertificateTemplateArn = "string",
            IssuedCertTtlMinutes = 0,
            Name = "string",
            Region = "string",
            SigningAlgo = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        AzureStore = new Sdm.Inputs.SecretStoreAzureStoreArgs
        {
            Name = "string",
            VaultUri = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        CyberarkConjur = new Sdm.Inputs.SecretStoreCyberarkConjurArgs
        {
            AppUrl = "string",
            Name = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        CyberarkPam = new Sdm.Inputs.SecretStoreCyberarkPamArgs
        {
            AppUrl = "string",
            Name = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        CyberarkPamExperimental = new Sdm.Inputs.SecretStoreCyberarkPamExperimentalArgs
        {
            AppUrl = "string",
            Name = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        DelineaStore = new Sdm.Inputs.SecretStoreDelineaStoreArgs
        {
            Name = "string",
            ServerUrl = "string",
            Tags = 
            {
                { "string", "string" },
            },
            TenantName = "string",
        },
        GcpCertX509Store = new Sdm.Inputs.SecretStoreGcpCertX509StoreArgs
        {
            CaPoolId = "string",
            IssuedCertTtlMinutes = 0,
            Location = "string",
            Name = "string",
            ProjectId = "string",
            CaId = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        GcpStore = new Sdm.Inputs.SecretStoreGcpStoreArgs
        {
            Name = "string",
            ProjectId = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        KeyfactorX509Store = new Sdm.Inputs.SecretStoreKeyfactorX509StoreArgs
        {
            CertificateFilePath = "string",
            DefaultCertificateAuthorityName = "string",
            DefaultCertificateProfileName = "string",
            DefaultEndEntityProfileName = "string",
            Name = "string",
            ServerAddress = "string",
            CaFilePath = "string",
            EnrollmentCodeEnvVar = "string",
            EnrollmentUsernameEnvVar = "string",
            KeyFilePath = "string",
            KeyPasswordEnvVar = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultApprole = new Sdm.Inputs.SecretStoreVaultApproleArgs
        {
            Name = "string",
            ServerAddress = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultApproleCertSsh = new Sdm.Inputs.SecretStoreVaultApproleCertSshArgs
        {
            IssuedCertTtlMinutes = 0,
            Name = "string",
            ServerAddress = "string",
            SigningRole = "string",
            SshMountPoint = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultApproleCertX509 = new Sdm.Inputs.SecretStoreVaultApproleCertX509Args
        {
            IssuedCertTtlMinutes = 0,
            Name = "string",
            PkiMountPoint = "string",
            ServerAddress = "string",
            SigningRole = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultTls = new Sdm.Inputs.SecretStoreVaultTlsArgs
        {
            ClientCertPath = "string",
            ClientKeyPath = "string",
            Name = "string",
            ServerAddress = "string",
            CaCertPath = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultTlsCertSsh = new Sdm.Inputs.SecretStoreVaultTlsCertSshArgs
        {
            ClientCertPath = "string",
            ClientKeyPath = "string",
            IssuedCertTtlMinutes = 0,
            Name = "string",
            ServerAddress = "string",
            SigningRole = "string",
            SshMountPoint = "string",
            CaCertPath = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultTlsCertX509 = new Sdm.Inputs.SecretStoreVaultTlsCertX509Args
        {
            ClientCertPath = "string",
            ClientKeyPath = "string",
            IssuedCertTtlMinutes = 0,
            Name = "string",
            PkiMountPoint = "string",
            ServerAddress = "string",
            SigningRole = "string",
            CaCertPath = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultToken = new Sdm.Inputs.SecretStoreVaultTokenArgs
        {
            Name = "string",
            ServerAddress = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultTokenCertSsh = new Sdm.Inputs.SecretStoreVaultTokenCertSshArgs
        {
            IssuedCertTtlMinutes = 0,
            Name = "string",
            ServerAddress = "string",
            SigningRole = "string",
            SshMountPoint = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
        VaultTokenCertX509 = new Sdm.Inputs.SecretStoreVaultTokenCertX509Args
        {
            IssuedCertTtlMinutes = 0,
            Name = "string",
            PkiMountPoint = "string",
            ServerAddress = "string",
            SigningRole = "string",
            Namespace = "string",
            Tags = 
            {
                { "string", "string" },
            },
        },
    });
    
    example, err := sdm.NewSecretStore(ctx, "secretStoreResource", &sdm.SecretStoreArgs{
    	ActiveDirectoryStore: &sdm.SecretStoreActiveDirectoryStoreArgs{
    		Name:          pulumi.String("string"),
    		ServerAddress: pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	Aws: &sdm.SecretStoreAwsArgs{
    		Name:   pulumi.String("string"),
    		Region: pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	AwsCertX509: &sdm.SecretStoreAwsCertX509Args{
    		CaArn:                  pulumi.String("string"),
    		CertificateTemplateArn: pulumi.String("string"),
    		IssuedCertTtlMinutes:   pulumi.Int(0),
    		Name:                   pulumi.String("string"),
    		Region:                 pulumi.String("string"),
    		SigningAlgo:            pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	AzureStore: &sdm.SecretStoreAzureStoreArgs{
    		Name:     pulumi.String("string"),
    		VaultUri: pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	CyberarkConjur: &sdm.SecretStoreCyberarkConjurArgs{
    		AppUrl: pulumi.String("string"),
    		Name:   pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	CyberarkPam: &sdm.SecretStoreCyberarkPamArgs{
    		AppUrl: pulumi.String("string"),
    		Name:   pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	CyberarkPamExperimental: &sdm.SecretStoreCyberarkPamExperimentalArgs{
    		AppUrl: pulumi.String("string"),
    		Name:   pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	DelineaStore: &sdm.SecretStoreDelineaStoreArgs{
    		Name:      pulumi.String("string"),
    		ServerUrl: pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    		TenantName: pulumi.String("string"),
    	},
    	GcpCertX509Store: &sdm.SecretStoreGcpCertX509StoreArgs{
    		CaPoolId:             pulumi.String("string"),
    		IssuedCertTtlMinutes: pulumi.Int(0),
    		Location:             pulumi.String("string"),
    		Name:                 pulumi.String("string"),
    		ProjectId:            pulumi.String("string"),
    		CaId:                 pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	GcpStore: &sdm.SecretStoreGcpStoreArgs{
    		Name:      pulumi.String("string"),
    		ProjectId: pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	KeyfactorX509Store: &sdm.SecretStoreKeyfactorX509StoreArgs{
    		CertificateFilePath:             pulumi.String("string"),
    		DefaultCertificateAuthorityName: pulumi.String("string"),
    		DefaultCertificateProfileName:   pulumi.String("string"),
    		DefaultEndEntityProfileName:     pulumi.String("string"),
    		Name:                            pulumi.String("string"),
    		ServerAddress:                   pulumi.String("string"),
    		CaFilePath:                      pulumi.String("string"),
    		EnrollmentCodeEnvVar:            pulumi.String("string"),
    		EnrollmentUsernameEnvVar:        pulumi.String("string"),
    		KeyFilePath:                     pulumi.String("string"),
    		KeyPasswordEnvVar:               pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultApprole: &sdm.SecretStoreVaultApproleArgs{
    		Name:          pulumi.String("string"),
    		ServerAddress: pulumi.String("string"),
    		Namespace:     pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultApproleCertSsh: &sdm.SecretStoreVaultApproleCertSshArgs{
    		IssuedCertTtlMinutes: pulumi.Int(0),
    		Name:                 pulumi.String("string"),
    		ServerAddress:        pulumi.String("string"),
    		SigningRole:          pulumi.String("string"),
    		SshMountPoint:        pulumi.String("string"),
    		Namespace:            pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultApproleCertX509: &sdm.SecretStoreVaultApproleCertX509Args{
    		IssuedCertTtlMinutes: pulumi.Int(0),
    		Name:                 pulumi.String("string"),
    		PkiMountPoint:        pulumi.String("string"),
    		ServerAddress:        pulumi.String("string"),
    		SigningRole:          pulumi.String("string"),
    		Namespace:            pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultTls: &sdm.SecretStoreVaultTlsArgs{
    		ClientCertPath: pulumi.String("string"),
    		ClientKeyPath:  pulumi.String("string"),
    		Name:           pulumi.String("string"),
    		ServerAddress:  pulumi.String("string"),
    		CaCertPath:     pulumi.String("string"),
    		Namespace:      pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultTlsCertSsh: &sdm.SecretStoreVaultTlsCertSshArgs{
    		ClientCertPath:       pulumi.String("string"),
    		ClientKeyPath:        pulumi.String("string"),
    		IssuedCertTtlMinutes: pulumi.Int(0),
    		Name:                 pulumi.String("string"),
    		ServerAddress:        pulumi.String("string"),
    		SigningRole:          pulumi.String("string"),
    		SshMountPoint:        pulumi.String("string"),
    		CaCertPath:           pulumi.String("string"),
    		Namespace:            pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultTlsCertX509: &sdm.SecretStoreVaultTlsCertX509Args{
    		ClientCertPath:       pulumi.String("string"),
    		ClientKeyPath:        pulumi.String("string"),
    		IssuedCertTtlMinutes: pulumi.Int(0),
    		Name:                 pulumi.String("string"),
    		PkiMountPoint:        pulumi.String("string"),
    		ServerAddress:        pulumi.String("string"),
    		SigningRole:          pulumi.String("string"),
    		CaCertPath:           pulumi.String("string"),
    		Namespace:            pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultToken: &sdm.SecretStoreVaultTokenArgs{
    		Name:          pulumi.String("string"),
    		ServerAddress: pulumi.String("string"),
    		Namespace:     pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultTokenCertSsh: &sdm.SecretStoreVaultTokenCertSshArgs{
    		IssuedCertTtlMinutes: pulumi.Int(0),
    		Name:                 pulumi.String("string"),
    		ServerAddress:        pulumi.String("string"),
    		SigningRole:          pulumi.String("string"),
    		SshMountPoint:        pulumi.String("string"),
    		Namespace:            pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	VaultTokenCertX509: &sdm.SecretStoreVaultTokenCertX509Args{
    		IssuedCertTtlMinutes: pulumi.Int(0),
    		Name:                 pulumi.String("string"),
    		PkiMountPoint:        pulumi.String("string"),
    		ServerAddress:        pulumi.String("string"),
    		SigningRole:          pulumi.String("string"),
    		Namespace:            pulumi.String("string"),
    		Tags: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    })
    
    var secretStoreResource = new SecretStore("secretStoreResource", SecretStoreArgs.builder()
        .activeDirectoryStore(SecretStoreActiveDirectoryStoreArgs.builder()
            .name("string")
            .serverAddress("string")
            .tags(Map.of("string", "string"))
            .build())
        .aws(SecretStoreAwsArgs.builder()
            .name("string")
            .region("string")
            .tags(Map.of("string", "string"))
            .build())
        .awsCertX509(SecretStoreAwsCertX509Args.builder()
            .caArn("string")
            .certificateTemplateArn("string")
            .issuedCertTtlMinutes(0)
            .name("string")
            .region("string")
            .signingAlgo("string")
            .tags(Map.of("string", "string"))
            .build())
        .azureStore(SecretStoreAzureStoreArgs.builder()
            .name("string")
            .vaultUri("string")
            .tags(Map.of("string", "string"))
            .build())
        .cyberarkConjur(SecretStoreCyberarkConjurArgs.builder()
            .appUrl("string")
            .name("string")
            .tags(Map.of("string", "string"))
            .build())
        .cyberarkPam(SecretStoreCyberarkPamArgs.builder()
            .appUrl("string")
            .name("string")
            .tags(Map.of("string", "string"))
            .build())
        .cyberarkPamExperimental(SecretStoreCyberarkPamExperimentalArgs.builder()
            .appUrl("string")
            .name("string")
            .tags(Map.of("string", "string"))
            .build())
        .delineaStore(SecretStoreDelineaStoreArgs.builder()
            .name("string")
            .serverUrl("string")
            .tags(Map.of("string", "string"))
            .tenantName("string")
            .build())
        .gcpCertX509Store(SecretStoreGcpCertX509StoreArgs.builder()
            .caPoolId("string")
            .issuedCertTtlMinutes(0)
            .location("string")
            .name("string")
            .projectId("string")
            .caId("string")
            .tags(Map.of("string", "string"))
            .build())
        .gcpStore(SecretStoreGcpStoreArgs.builder()
            .name("string")
            .projectId("string")
            .tags(Map.of("string", "string"))
            .build())
        .keyfactorX509Store(SecretStoreKeyfactorX509StoreArgs.builder()
            .certificateFilePath("string")
            .defaultCertificateAuthorityName("string")
            .defaultCertificateProfileName("string")
            .defaultEndEntityProfileName("string")
            .name("string")
            .serverAddress("string")
            .caFilePath("string")
            .enrollmentCodeEnvVar("string")
            .enrollmentUsernameEnvVar("string")
            .keyFilePath("string")
            .keyPasswordEnvVar("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultApprole(SecretStoreVaultApproleArgs.builder()
            .name("string")
            .serverAddress("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultApproleCertSsh(SecretStoreVaultApproleCertSshArgs.builder()
            .issuedCertTtlMinutes(0)
            .name("string")
            .serverAddress("string")
            .signingRole("string")
            .sshMountPoint("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultApproleCertX509(SecretStoreVaultApproleCertX509Args.builder()
            .issuedCertTtlMinutes(0)
            .name("string")
            .pkiMountPoint("string")
            .serverAddress("string")
            .signingRole("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultTls(SecretStoreVaultTlsArgs.builder()
            .clientCertPath("string")
            .clientKeyPath("string")
            .name("string")
            .serverAddress("string")
            .caCertPath("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultTlsCertSsh(SecretStoreVaultTlsCertSshArgs.builder()
            .clientCertPath("string")
            .clientKeyPath("string")
            .issuedCertTtlMinutes(0)
            .name("string")
            .serverAddress("string")
            .signingRole("string")
            .sshMountPoint("string")
            .caCertPath("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultTlsCertX509(SecretStoreVaultTlsCertX509Args.builder()
            .clientCertPath("string")
            .clientKeyPath("string")
            .issuedCertTtlMinutes(0)
            .name("string")
            .pkiMountPoint("string")
            .serverAddress("string")
            .signingRole("string")
            .caCertPath("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultToken(SecretStoreVaultTokenArgs.builder()
            .name("string")
            .serverAddress("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultTokenCertSsh(SecretStoreVaultTokenCertSshArgs.builder()
            .issuedCertTtlMinutes(0)
            .name("string")
            .serverAddress("string")
            .signingRole("string")
            .sshMountPoint("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .vaultTokenCertX509(SecretStoreVaultTokenCertX509Args.builder()
            .issuedCertTtlMinutes(0)
            .name("string")
            .pkiMountPoint("string")
            .serverAddress("string")
            .signingRole("string")
            .namespace("string")
            .tags(Map.of("string", "string"))
            .build())
        .build());
    
    secret_store_resource = sdm.SecretStore("secretStoreResource",
        active_directory_store=sdm.SecretStoreActiveDirectoryStoreArgs(
            name="string",
            server_address="string",
            tags={
                "string": "string",
            },
        ),
        aws=sdm.SecretStoreAwsArgs(
            name="string",
            region="string",
            tags={
                "string": "string",
            },
        ),
        aws_cert_x509=sdm.SecretStoreAwsCertX509Args(
            ca_arn="string",
            certificate_template_arn="string",
            issued_cert_ttl_minutes=0,
            name="string",
            region="string",
            signing_algo="string",
            tags={
                "string": "string",
            },
        ),
        azure_store=sdm.SecretStoreAzureStoreArgs(
            name="string",
            vault_uri="string",
            tags={
                "string": "string",
            },
        ),
        cyberark_conjur=sdm.SecretStoreCyberarkConjurArgs(
            app_url="string",
            name="string",
            tags={
                "string": "string",
            },
        ),
        cyberark_pam=sdm.SecretStoreCyberarkPamArgs(
            app_url="string",
            name="string",
            tags={
                "string": "string",
            },
        ),
        cyberark_pam_experimental=sdm.SecretStoreCyberarkPamExperimentalArgs(
            app_url="string",
            name="string",
            tags={
                "string": "string",
            },
        ),
        delinea_store=sdm.SecretStoreDelineaStoreArgs(
            name="string",
            server_url="string",
            tags={
                "string": "string",
            },
            tenant_name="string",
        ),
        gcp_cert_x509_store=sdm.SecretStoreGcpCertX509StoreArgs(
            ca_pool_id="string",
            issued_cert_ttl_minutes=0,
            location="string",
            name="string",
            project_id="string",
            ca_id="string",
            tags={
                "string": "string",
            },
        ),
        gcp_store=sdm.SecretStoreGcpStoreArgs(
            name="string",
            project_id="string",
            tags={
                "string": "string",
            },
        ),
        keyfactor_x509_store=sdm.SecretStoreKeyfactorX509StoreArgs(
            certificate_file_path="string",
            default_certificate_authority_name="string",
            default_certificate_profile_name="string",
            default_end_entity_profile_name="string",
            name="string",
            server_address="string",
            ca_file_path="string",
            enrollment_code_env_var="string",
            enrollment_username_env_var="string",
            key_file_path="string",
            key_password_env_var="string",
            tags={
                "string": "string",
            },
        ),
        vault_approle=sdm.SecretStoreVaultApproleArgs(
            name="string",
            server_address="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_approle_cert_ssh=sdm.SecretStoreVaultApproleCertSshArgs(
            issued_cert_ttl_minutes=0,
            name="string",
            server_address="string",
            signing_role="string",
            ssh_mount_point="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_approle_cert_x509=sdm.SecretStoreVaultApproleCertX509Args(
            issued_cert_ttl_minutes=0,
            name="string",
            pki_mount_point="string",
            server_address="string",
            signing_role="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_tls=sdm.SecretStoreVaultTlsArgs(
            client_cert_path="string",
            client_key_path="string",
            name="string",
            server_address="string",
            ca_cert_path="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_tls_cert_ssh=sdm.SecretStoreVaultTlsCertSshArgs(
            client_cert_path="string",
            client_key_path="string",
            issued_cert_ttl_minutes=0,
            name="string",
            server_address="string",
            signing_role="string",
            ssh_mount_point="string",
            ca_cert_path="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_tls_cert_x509=sdm.SecretStoreVaultTlsCertX509Args(
            client_cert_path="string",
            client_key_path="string",
            issued_cert_ttl_minutes=0,
            name="string",
            pki_mount_point="string",
            server_address="string",
            signing_role="string",
            ca_cert_path="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_token=sdm.SecretStoreVaultTokenArgs(
            name="string",
            server_address="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_token_cert_ssh=sdm.SecretStoreVaultTokenCertSshArgs(
            issued_cert_ttl_minutes=0,
            name="string",
            server_address="string",
            signing_role="string",
            ssh_mount_point="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ),
        vault_token_cert_x509=sdm.SecretStoreVaultTokenCertX509Args(
            issued_cert_ttl_minutes=0,
            name="string",
            pki_mount_point="string",
            server_address="string",
            signing_role="string",
            namespace="string",
            tags={
                "string": "string",
            },
        ))
    
    const secretStoreResource = new sdm.SecretStore("secretStoreResource", {
        activeDirectoryStore: {
            name: "string",
            serverAddress: "string",
            tags: {
                string: "string",
            },
        },
        aws: {
            name: "string",
            region: "string",
            tags: {
                string: "string",
            },
        },
        awsCertX509: {
            caArn: "string",
            certificateTemplateArn: "string",
            issuedCertTtlMinutes: 0,
            name: "string",
            region: "string",
            signingAlgo: "string",
            tags: {
                string: "string",
            },
        },
        azureStore: {
            name: "string",
            vaultUri: "string",
            tags: {
                string: "string",
            },
        },
        cyberarkConjur: {
            appUrl: "string",
            name: "string",
            tags: {
                string: "string",
            },
        },
        cyberarkPam: {
            appUrl: "string",
            name: "string",
            tags: {
                string: "string",
            },
        },
        cyberarkPamExperimental: {
            appUrl: "string",
            name: "string",
            tags: {
                string: "string",
            },
        },
        delineaStore: {
            name: "string",
            serverUrl: "string",
            tags: {
                string: "string",
            },
            tenantName: "string",
        },
        gcpCertX509Store: {
            caPoolId: "string",
            issuedCertTtlMinutes: 0,
            location: "string",
            name: "string",
            projectId: "string",
            caId: "string",
            tags: {
                string: "string",
            },
        },
        gcpStore: {
            name: "string",
            projectId: "string",
            tags: {
                string: "string",
            },
        },
        keyfactorX509Store: {
            certificateFilePath: "string",
            defaultCertificateAuthorityName: "string",
            defaultCertificateProfileName: "string",
            defaultEndEntityProfileName: "string",
            name: "string",
            serverAddress: "string",
            caFilePath: "string",
            enrollmentCodeEnvVar: "string",
            enrollmentUsernameEnvVar: "string",
            keyFilePath: "string",
            keyPasswordEnvVar: "string",
            tags: {
                string: "string",
            },
        },
        vaultApprole: {
            name: "string",
            serverAddress: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultApproleCertSsh: {
            issuedCertTtlMinutes: 0,
            name: "string",
            serverAddress: "string",
            signingRole: "string",
            sshMountPoint: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultApproleCertX509: {
            issuedCertTtlMinutes: 0,
            name: "string",
            pkiMountPoint: "string",
            serverAddress: "string",
            signingRole: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultTls: {
            clientCertPath: "string",
            clientKeyPath: "string",
            name: "string",
            serverAddress: "string",
            caCertPath: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultTlsCertSsh: {
            clientCertPath: "string",
            clientKeyPath: "string",
            issuedCertTtlMinutes: 0,
            name: "string",
            serverAddress: "string",
            signingRole: "string",
            sshMountPoint: "string",
            caCertPath: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultTlsCertX509: {
            clientCertPath: "string",
            clientKeyPath: "string",
            issuedCertTtlMinutes: 0,
            name: "string",
            pkiMountPoint: "string",
            serverAddress: "string",
            signingRole: "string",
            caCertPath: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultToken: {
            name: "string",
            serverAddress: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultTokenCertSsh: {
            issuedCertTtlMinutes: 0,
            name: "string",
            serverAddress: "string",
            signingRole: "string",
            sshMountPoint: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
        vaultTokenCertX509: {
            issuedCertTtlMinutes: 0,
            name: "string",
            pkiMountPoint: "string",
            serverAddress: "string",
            signingRole: "string",
            namespace: "string",
            tags: {
                string: "string",
            },
        },
    });
    
    type: sdm:SecretStore
    properties:
        activeDirectoryStore:
            name: string
            serverAddress: string
            tags:
                string: string
        aws:
            name: string
            region: string
            tags:
                string: string
        awsCertX509:
            caArn: string
            certificateTemplateArn: string
            issuedCertTtlMinutes: 0
            name: string
            region: string
            signingAlgo: string
            tags:
                string: string
        azureStore:
            name: string
            tags:
                string: string
            vaultUri: string
        cyberarkConjur:
            appUrl: string
            name: string
            tags:
                string: string
        cyberarkPam:
            appUrl: string
            name: string
            tags:
                string: string
        cyberarkPamExperimental:
            appUrl: string
            name: string
            tags:
                string: string
        delineaStore:
            name: string
            serverUrl: string
            tags:
                string: string
            tenantName: string
        gcpCertX509Store:
            caId: string
            caPoolId: string
            issuedCertTtlMinutes: 0
            location: string
            name: string
            projectId: string
            tags:
                string: string
        gcpStore:
            name: string
            projectId: string
            tags:
                string: string
        keyfactorX509Store:
            caFilePath: string
            certificateFilePath: string
            defaultCertificateAuthorityName: string
            defaultCertificateProfileName: string
            defaultEndEntityProfileName: string
            enrollmentCodeEnvVar: string
            enrollmentUsernameEnvVar: string
            keyFilePath: string
            keyPasswordEnvVar: string
            name: string
            serverAddress: string
            tags:
                string: string
        vaultApprole:
            name: string
            namespace: string
            serverAddress: string
            tags:
                string: string
        vaultApproleCertSsh:
            issuedCertTtlMinutes: 0
            name: string
            namespace: string
            serverAddress: string
            signingRole: string
            sshMountPoint: string
            tags:
                string: string
        vaultApproleCertX509:
            issuedCertTtlMinutes: 0
            name: string
            namespace: string
            pkiMountPoint: string
            serverAddress: string
            signingRole: string
            tags:
                string: string
        vaultTls:
            caCertPath: string
            clientCertPath: string
            clientKeyPath: string
            name: string
            namespace: string
            serverAddress: string
            tags:
                string: string
        vaultTlsCertSsh:
            caCertPath: string
            clientCertPath: string
            clientKeyPath: string
            issuedCertTtlMinutes: 0
            name: string
            namespace: string
            serverAddress: string
            signingRole: string
            sshMountPoint: string
            tags:
                string: string
        vaultTlsCertX509:
            caCertPath: string
            clientCertPath: string
            clientKeyPath: string
            issuedCertTtlMinutes: 0
            name: string
            namespace: string
            pkiMountPoint: string
            serverAddress: string
            signingRole: string
            tags:
                string: string
        vaultToken:
            name: string
            namespace: string
            serverAddress: string
            tags:
                string: string
        vaultTokenCertSsh:
            issuedCertTtlMinutes: 0
            name: string
            namespace: string
            serverAddress: string
            signingRole: string
            sshMountPoint: string
            tags:
                string: string
        vaultTokenCertX509:
            issuedCertTtlMinutes: 0
            name: string
            namespace: string
            pkiMountPoint: string
            serverAddress: string
            signingRole: string
            tags:
                string: string
    

    SecretStore Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SecretStore resource accepts the following input properties:

    ActiveDirectoryStore PiersKarsenbarg.Sdm.Inputs.SecretStoreActiveDirectoryStore
    Aws PiersKarsenbarg.Sdm.Inputs.SecretStoreAws
    AwsCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreAwsCertX509
    AzureStore PiersKarsenbarg.Sdm.Inputs.SecretStoreAzureStore
    CyberarkConjur PiersKarsenbarg.Sdm.Inputs.SecretStoreCyberarkConjur
    CyberarkPam PiersKarsenbarg.Sdm.Inputs.SecretStoreCyberarkPam
    CyberarkPamExperimental PiersKarsenbarg.Sdm.Inputs.SecretStoreCyberarkPamExperimental
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    DelineaStore PiersKarsenbarg.Sdm.Inputs.SecretStoreDelineaStore
    GcpCertX509Store PiersKarsenbarg.Sdm.Inputs.SecretStoreGcpCertX509Store
    GcpStore PiersKarsenbarg.Sdm.Inputs.SecretStoreGcpStore
    KeyfactorX509Store PiersKarsenbarg.Sdm.Inputs.SecretStoreKeyfactorX509Store
    VaultApprole PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultApprole
    VaultApproleCertSsh PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultApproleCertSsh
    VaultApproleCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultApproleCertX509
    VaultTls PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTls
    VaultTlsCertSsh PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTlsCertSsh
    VaultTlsCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTlsCertX509
    VaultToken PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultToken
    VaultTokenCertSsh PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTokenCertSsh
    VaultTokenCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTokenCertX509
    ActiveDirectoryStore SecretStoreActiveDirectoryStoreArgs
    Aws SecretStoreAwsArgs
    AwsCertX509 SecretStoreAwsCertX509Args
    AzureStore SecretStoreAzureStoreArgs
    CyberarkConjur SecretStoreCyberarkConjurArgs
    CyberarkPam SecretStoreCyberarkPamArgs
    CyberarkPamExperimental SecretStoreCyberarkPamExperimentalArgs
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    DelineaStore SecretStoreDelineaStoreArgs
    GcpCertX509Store SecretStoreGcpCertX509StoreArgs
    GcpStore SecretStoreGcpStoreArgs
    KeyfactorX509Store SecretStoreKeyfactorX509StoreArgs
    VaultApprole SecretStoreVaultApproleArgs
    VaultApproleCertSsh SecretStoreVaultApproleCertSshArgs
    VaultApproleCertX509 SecretStoreVaultApproleCertX509Args
    VaultTls SecretStoreVaultTlsArgs
    VaultTlsCertSsh SecretStoreVaultTlsCertSshArgs
    VaultTlsCertX509 SecretStoreVaultTlsCertX509Args
    VaultToken SecretStoreVaultTokenArgs
    VaultTokenCertSsh SecretStoreVaultTokenCertSshArgs
    VaultTokenCertX509 SecretStoreVaultTokenCertX509Args
    activeDirectoryStore SecretStoreActiveDirectoryStore
    aws SecretStoreAws
    awsCertX509 SecretStoreAwsCertX509
    azureStore SecretStoreAzureStore
    cyberarkConjur SecretStoreCyberarkConjur
    cyberarkPam SecretStoreCyberarkPam
    cyberarkPamExperimental SecretStoreCyberarkPamExperimental
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    delineaStore SecretStoreDelineaStore
    gcpCertX509Store SecretStoreGcpCertX509Store
    gcpStore SecretStoreGcpStore
    keyfactorX509Store SecretStoreKeyfactorX509Store
    vaultApprole SecretStoreVaultApprole
    vaultApproleCertSsh SecretStoreVaultApproleCertSsh
    vaultApproleCertX509 SecretStoreVaultApproleCertX509
    vaultTls SecretStoreVaultTls
    vaultTlsCertSsh SecretStoreVaultTlsCertSsh
    vaultTlsCertX509 SecretStoreVaultTlsCertX509
    vaultToken SecretStoreVaultToken
    vaultTokenCertSsh SecretStoreVaultTokenCertSsh
    vaultTokenCertX509 SecretStoreVaultTokenCertX509
    activeDirectoryStore SecretStoreActiveDirectoryStore
    aws SecretStoreAws
    awsCertX509 SecretStoreAwsCertX509
    azureStore SecretStoreAzureStore
    cyberarkConjur SecretStoreCyberarkConjur
    cyberarkPam SecretStoreCyberarkPam
    cyberarkPamExperimental SecretStoreCyberarkPamExperimental
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    delineaStore SecretStoreDelineaStore
    gcpCertX509Store SecretStoreGcpCertX509Store
    gcpStore SecretStoreGcpStore
    keyfactorX509Store SecretStoreKeyfactorX509Store
    vaultApprole SecretStoreVaultApprole
    vaultApproleCertSsh SecretStoreVaultApproleCertSsh
    vaultApproleCertX509 SecretStoreVaultApproleCertX509
    vaultTls SecretStoreVaultTls
    vaultTlsCertSsh SecretStoreVaultTlsCertSsh
    vaultTlsCertX509 SecretStoreVaultTlsCertX509
    vaultToken SecretStoreVaultToken
    vaultTokenCertSsh SecretStoreVaultTokenCertSsh
    vaultTokenCertX509 SecretStoreVaultTokenCertX509
    active_directory_store SecretStoreActiveDirectoryStoreArgs
    aws SecretStoreAwsArgs
    aws_cert_x509 SecretStoreAwsCertX509Args
    azure_store SecretStoreAzureStoreArgs
    cyberark_conjur SecretStoreCyberarkConjurArgs
    cyberark_pam SecretStoreCyberarkPamArgs
    cyberark_pam_experimental SecretStoreCyberarkPamExperimentalArgs
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    delinea_store SecretStoreDelineaStoreArgs
    gcp_cert_x509_store SecretStoreGcpCertX509StoreArgs
    gcp_store SecretStoreGcpStoreArgs
    keyfactor_x509_store SecretStoreKeyfactorX509StoreArgs
    vault_approle SecretStoreVaultApproleArgs
    vault_approle_cert_ssh SecretStoreVaultApproleCertSshArgs
    vault_approle_cert_x509 SecretStoreVaultApproleCertX509Args
    vault_tls SecretStoreVaultTlsArgs
    vault_tls_cert_ssh SecretStoreVaultTlsCertSshArgs
    vault_tls_cert_x509 SecretStoreVaultTlsCertX509Args
    vault_token SecretStoreVaultTokenArgs
    vault_token_cert_ssh SecretStoreVaultTokenCertSshArgs
    vault_token_cert_x509 SecretStoreVaultTokenCertX509Args

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecretStore resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing SecretStore Resource

    Get an existing SecretStore resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecretStoreState, opts?: CustomResourceOptions): SecretStore
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            active_directory_store: Optional[SecretStoreActiveDirectoryStoreArgs] = None,
            aws: Optional[SecretStoreAwsArgs] = None,
            aws_cert_x509: Optional[SecretStoreAwsCertX509Args] = None,
            azure_store: Optional[SecretStoreAzureStoreArgs] = None,
            cyberark_conjur: Optional[SecretStoreCyberarkConjurArgs] = None,
            cyberark_pam: Optional[SecretStoreCyberarkPamArgs] = None,
            cyberark_pam_experimental: Optional[SecretStoreCyberarkPamExperimentalArgs] = None,
            delinea_store: Optional[SecretStoreDelineaStoreArgs] = None,
            gcp_cert_x509_store: Optional[SecretStoreGcpCertX509StoreArgs] = None,
            gcp_store: Optional[SecretStoreGcpStoreArgs] = None,
            keyfactor_x509_store: Optional[SecretStoreKeyfactorX509StoreArgs] = None,
            vault_approle: Optional[SecretStoreVaultApproleArgs] = None,
            vault_approle_cert_ssh: Optional[SecretStoreVaultApproleCertSshArgs] = None,
            vault_approle_cert_x509: Optional[SecretStoreVaultApproleCertX509Args] = None,
            vault_tls: Optional[SecretStoreVaultTlsArgs] = None,
            vault_tls_cert_ssh: Optional[SecretStoreVaultTlsCertSshArgs] = None,
            vault_tls_cert_x509: Optional[SecretStoreVaultTlsCertX509Args] = None,
            vault_token: Optional[SecretStoreVaultTokenArgs] = None,
            vault_token_cert_ssh: Optional[SecretStoreVaultTokenCertSshArgs] = None,
            vault_token_cert_x509: Optional[SecretStoreVaultTokenCertX509Args] = None) -> SecretStore
    func GetSecretStore(ctx *Context, name string, id IDInput, state *SecretStoreState, opts ...ResourceOption) (*SecretStore, error)
    public static SecretStore Get(string name, Input<string> id, SecretStoreState? state, CustomResourceOptions? opts = null)
    public static SecretStore get(String name, Output<String> id, SecretStoreState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ActiveDirectoryStore PiersKarsenbarg.Sdm.Inputs.SecretStoreActiveDirectoryStore
    Aws PiersKarsenbarg.Sdm.Inputs.SecretStoreAws
    AwsCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreAwsCertX509
    AzureStore PiersKarsenbarg.Sdm.Inputs.SecretStoreAzureStore
    CyberarkConjur PiersKarsenbarg.Sdm.Inputs.SecretStoreCyberarkConjur
    CyberarkPam PiersKarsenbarg.Sdm.Inputs.SecretStoreCyberarkPam
    CyberarkPamExperimental PiersKarsenbarg.Sdm.Inputs.SecretStoreCyberarkPamExperimental
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    DelineaStore PiersKarsenbarg.Sdm.Inputs.SecretStoreDelineaStore
    GcpCertX509Store PiersKarsenbarg.Sdm.Inputs.SecretStoreGcpCertX509Store
    GcpStore PiersKarsenbarg.Sdm.Inputs.SecretStoreGcpStore
    KeyfactorX509Store PiersKarsenbarg.Sdm.Inputs.SecretStoreKeyfactorX509Store
    VaultApprole PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultApprole
    VaultApproleCertSsh PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultApproleCertSsh
    VaultApproleCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultApproleCertX509
    VaultTls PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTls
    VaultTlsCertSsh PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTlsCertSsh
    VaultTlsCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTlsCertX509
    VaultToken PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultToken
    VaultTokenCertSsh PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTokenCertSsh
    VaultTokenCertX509 PiersKarsenbarg.Sdm.Inputs.SecretStoreVaultTokenCertX509
    ActiveDirectoryStore SecretStoreActiveDirectoryStoreArgs
    Aws SecretStoreAwsArgs
    AwsCertX509 SecretStoreAwsCertX509Args
    AzureStore SecretStoreAzureStoreArgs
    CyberarkConjur SecretStoreCyberarkConjurArgs
    CyberarkPam SecretStoreCyberarkPamArgs
    CyberarkPamExperimental SecretStoreCyberarkPamExperimentalArgs
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    DelineaStore SecretStoreDelineaStoreArgs
    GcpCertX509Store SecretStoreGcpCertX509StoreArgs
    GcpStore SecretStoreGcpStoreArgs
    KeyfactorX509Store SecretStoreKeyfactorX509StoreArgs
    VaultApprole SecretStoreVaultApproleArgs
    VaultApproleCertSsh SecretStoreVaultApproleCertSshArgs
    VaultApproleCertX509 SecretStoreVaultApproleCertX509Args
    VaultTls SecretStoreVaultTlsArgs
    VaultTlsCertSsh SecretStoreVaultTlsCertSshArgs
    VaultTlsCertX509 SecretStoreVaultTlsCertX509Args
    VaultToken SecretStoreVaultTokenArgs
    VaultTokenCertSsh SecretStoreVaultTokenCertSshArgs
    VaultTokenCertX509 SecretStoreVaultTokenCertX509Args
    activeDirectoryStore SecretStoreActiveDirectoryStore
    aws SecretStoreAws
    awsCertX509 SecretStoreAwsCertX509
    azureStore SecretStoreAzureStore
    cyberarkConjur SecretStoreCyberarkConjur
    cyberarkPam SecretStoreCyberarkPam
    cyberarkPamExperimental SecretStoreCyberarkPamExperimental
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    delineaStore SecretStoreDelineaStore
    gcpCertX509Store SecretStoreGcpCertX509Store
    gcpStore SecretStoreGcpStore
    keyfactorX509Store SecretStoreKeyfactorX509Store
    vaultApprole SecretStoreVaultApprole
    vaultApproleCertSsh SecretStoreVaultApproleCertSsh
    vaultApproleCertX509 SecretStoreVaultApproleCertX509
    vaultTls SecretStoreVaultTls
    vaultTlsCertSsh SecretStoreVaultTlsCertSsh
    vaultTlsCertX509 SecretStoreVaultTlsCertX509
    vaultToken SecretStoreVaultToken
    vaultTokenCertSsh SecretStoreVaultTokenCertSsh
    vaultTokenCertX509 SecretStoreVaultTokenCertX509
    activeDirectoryStore SecretStoreActiveDirectoryStore
    aws SecretStoreAws
    awsCertX509 SecretStoreAwsCertX509
    azureStore SecretStoreAzureStore
    cyberarkConjur SecretStoreCyberarkConjur
    cyberarkPam SecretStoreCyberarkPam
    cyberarkPamExperimental SecretStoreCyberarkPamExperimental
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    delineaStore SecretStoreDelineaStore
    gcpCertX509Store SecretStoreGcpCertX509Store
    gcpStore SecretStoreGcpStore
    keyfactorX509Store SecretStoreKeyfactorX509Store
    vaultApprole SecretStoreVaultApprole
    vaultApproleCertSsh SecretStoreVaultApproleCertSsh
    vaultApproleCertX509 SecretStoreVaultApproleCertX509
    vaultTls SecretStoreVaultTls
    vaultTlsCertSsh SecretStoreVaultTlsCertSsh
    vaultTlsCertX509 SecretStoreVaultTlsCertX509
    vaultToken SecretStoreVaultToken
    vaultTokenCertSsh SecretStoreVaultTokenCertSsh
    vaultTokenCertX509 SecretStoreVaultTokenCertX509
    active_directory_store SecretStoreActiveDirectoryStoreArgs
    aws SecretStoreAwsArgs
    aws_cert_x509 SecretStoreAwsCertX509Args
    azure_store SecretStoreAzureStoreArgs
    cyberark_conjur SecretStoreCyberarkConjurArgs
    cyberark_pam SecretStoreCyberarkPamArgs
    cyberark_pam_experimental SecretStoreCyberarkPamExperimentalArgs
    CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
    delinea_store SecretStoreDelineaStoreArgs
    gcp_cert_x509_store SecretStoreGcpCertX509StoreArgs
    gcp_store SecretStoreGcpStoreArgs
    keyfactor_x509_store SecretStoreKeyfactorX509StoreArgs
    vault_approle SecretStoreVaultApproleArgs
    vault_approle_cert_ssh SecretStoreVaultApproleCertSshArgs
    vault_approle_cert_x509 SecretStoreVaultApproleCertX509Args
    vault_tls SecretStoreVaultTlsArgs
    vault_tls_cert_ssh SecretStoreVaultTlsCertSshArgs
    vault_tls_cert_x509 SecretStoreVaultTlsCertX509Args
    vault_token SecretStoreVaultTokenArgs
    vault_token_cert_ssh SecretStoreVaultTokenCertSshArgs
    vault_token_cert_x509 SecretStoreVaultTokenCertX509Args

    Supporting Types

    SecretStoreActiveDirectoryStore, SecretStoreActiveDirectoryStoreArgs

    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    Tags map[string]string
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    tags Map<String,String>
    Tags is a map of key, value pairs.
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreAws, SecretStoreAwsArgs

    Name string
    Unique human-readable name of the SecretStore.
    Region string
    The AWS region to target e.g. us-east-1
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    Name string
    Unique human-readable name of the SecretStore.
    Region string
    The AWS region to target e.g. us-east-1
    Tags map[string]string
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    region String
    The AWS region to target e.g. us-east-1
    tags Map<String,String>
    Tags is a map of key, value pairs.
    name string
    Unique human-readable name of the SecretStore.
    region string
    The AWS region to target e.g. us-east-1
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    name str
    Unique human-readable name of the SecretStore.
    region str
    The AWS region to target e.g. us-east-1
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    region String
    The AWS region to target e.g. us-east-1
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreAwsCertX509, SecretStoreAwsCertX509Args

    CaArn string
    The ARN of the CA in AWS Private CA
    CertificateTemplateArn string
    The ARN of the AWS certificate template for requested certificates. Must allow SAN, key usage, and ext key usage passthrough from CSR
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    Region string
    The AWS region to target e.g. us-east-1
    SigningAlgo string
    The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. e.g. SHA256WITHRSA
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    CaArn string
    The ARN of the CA in AWS Private CA
    CertificateTemplateArn string
    The ARN of the AWS certificate template for requested certificates. Must allow SAN, key usage, and ext key usage passthrough from CSR
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    Region string
    The AWS region to target e.g. us-east-1
    SigningAlgo string
    The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. e.g. SHA256WITHRSA
    Tags map[string]string
    Tags is a map of key, value pairs.
    caArn String
    The ARN of the CA in AWS Private CA
    certificateTemplateArn String
    The ARN of the AWS certificate template for requested certificates. Must allow SAN, key usage, and ext key usage passthrough from CSR
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    region String
    The AWS region to target e.g. us-east-1
    signingAlgo String
    The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. e.g. SHA256WITHRSA
    tags Map<String,String>
    Tags is a map of key, value pairs.
    caArn string
    The ARN of the CA in AWS Private CA
    certificateTemplateArn string
    The ARN of the AWS certificate template for requested certificates. Must allow SAN, key usage, and ext key usage passthrough from CSR
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    name string
    Unique human-readable name of the SecretStore.
    region string
    The AWS region to target e.g. us-east-1
    signingAlgo string
    The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. e.g. SHA256WITHRSA
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    ca_arn str
    The ARN of the CA in AWS Private CA
    certificate_template_arn str
    The ARN of the AWS certificate template for requested certificates. Must allow SAN, key usage, and ext key usage passthrough from CSR
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    name str
    Unique human-readable name of the SecretStore.
    region str
    The AWS region to target e.g. us-east-1
    signing_algo str
    The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. e.g. SHA256WITHRSA
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    caArn String
    The ARN of the CA in AWS Private CA
    certificateTemplateArn String
    The ARN of the AWS certificate template for requested certificates. Must allow SAN, key usage, and ext key usage passthrough from CSR
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    region String
    The AWS region to target e.g. us-east-1
    signingAlgo String
    The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. e.g. SHA256WITHRSA
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreAzureStore, SecretStoreAzureStoreArgs

    Name string
    Unique human-readable name of the SecretStore.
    VaultUri string
    The URI of the key vault to target e.g. https://myvault.vault.azure.net

    • cyberark_conjur:
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    Name string
    Unique human-readable name of the SecretStore.
    VaultUri string
    The URI of the key vault to target e.g. https://myvault.vault.azure.net

    • cyberark_conjur:
    Tags map[string]string
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    vaultUri String
    The URI of the key vault to target e.g. https://myvault.vault.azure.net

    • cyberark_conjur:
    tags Map<String,String>
    Tags is a map of key, value pairs.
    name string
    Unique human-readable name of the SecretStore.
    vaultUri string
    The URI of the key vault to target e.g. https://myvault.vault.azure.net

    • cyberark_conjur:
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    name str
    Unique human-readable name of the SecretStore.
    vault_uri str
    The URI of the key vault to target e.g. https://myvault.vault.azure.net

    • cyberark_conjur:
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    vaultUri String
    The URI of the key vault to target e.g. https://myvault.vault.azure.net

    • cyberark_conjur:
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreCyberarkConjur, SecretStoreCyberarkConjurArgs

    AppUrl string
    The URL of the Cyberark instance
    Name string
    Unique human-readable name of the SecretStore.
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    AppUrl string
    The URL of the Cyberark instance
    Name string
    Unique human-readable name of the SecretStore.
    Tags map[string]string
    Tags is a map of key, value pairs.
    appUrl String
    The URL of the Cyberark instance
    name String
    Unique human-readable name of the SecretStore.
    tags Map<String,String>
    Tags is a map of key, value pairs.
    appUrl string
    The URL of the Cyberark instance
    name string
    Unique human-readable name of the SecretStore.
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    app_url str
    The URL of the Cyberark instance
    name str
    Unique human-readable name of the SecretStore.
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    appUrl String
    The URL of the Cyberark instance
    name String
    Unique human-readable name of the SecretStore.
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreCyberarkPam, SecretStoreCyberarkPamArgs

    AppUrl string
    The URL of the Cyberark instance
    Name string
    Unique human-readable name of the SecretStore.
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    AppUrl string
    The URL of the Cyberark instance
    Name string
    Unique human-readable name of the SecretStore.
    Tags map[string]string
    Tags is a map of key, value pairs.
    appUrl String
    The URL of the Cyberark instance
    name String
    Unique human-readable name of the SecretStore.
    tags Map<String,String>
    Tags is a map of key, value pairs.
    appUrl string
    The URL of the Cyberark instance
    name string
    Unique human-readable name of the SecretStore.
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    app_url str
    The URL of the Cyberark instance
    name str
    Unique human-readable name of the SecretStore.
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    appUrl String
    The URL of the Cyberark instance
    name String
    Unique human-readable name of the SecretStore.
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreCyberarkPamExperimental, SecretStoreCyberarkPamExperimentalArgs

    AppUrl string
    The URL of the Cyberark instance
    Name string
    Unique human-readable name of the SecretStore.
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    AppUrl string
    The URL of the Cyberark instance
    Name string
    Unique human-readable name of the SecretStore.
    Tags map[string]string
    Tags is a map of key, value pairs.
    appUrl String
    The URL of the Cyberark instance
    name String
    Unique human-readable name of the SecretStore.
    tags Map<String,String>
    Tags is a map of key, value pairs.
    appUrl string
    The URL of the Cyberark instance
    name string
    Unique human-readable name of the SecretStore.
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    app_url str
    The URL of the Cyberark instance
    name str
    Unique human-readable name of the SecretStore.
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    appUrl String
    The URL of the Cyberark instance
    name String
    Unique human-readable name of the SecretStore.
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreDelineaStore, SecretStoreDelineaStoreArgs

    Name string
    Unique human-readable name of the SecretStore.
    ServerUrl string
    The URL of the Delinea instance
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    TenantName string
    The tenant name to target

    • gcp_store:
    Name string
    Unique human-readable name of the SecretStore.
    ServerUrl string
    The URL of the Delinea instance
    Tags map[string]string
    Tags is a map of key, value pairs.
    TenantName string
    The tenant name to target

    • gcp_store:
    name String
    Unique human-readable name of the SecretStore.
    serverUrl String
    The URL of the Delinea instance
    tags Map<String,String>
    Tags is a map of key, value pairs.
    tenantName String
    The tenant name to target

    • gcp_store:
    name string
    Unique human-readable name of the SecretStore.
    serverUrl string
    The URL of the Delinea instance
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    tenantName string
    The tenant name to target

    • gcp_store:
    name str
    Unique human-readable name of the SecretStore.
    server_url str
    The URL of the Delinea instance
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    tenant_name str
    The tenant name to target

    • gcp_store:
    name String
    Unique human-readable name of the SecretStore.
    serverUrl String
    The URL of the Delinea instance
    tags Map<String>
    Tags is a map of key, value pairs.
    tenantName String
    The tenant name to target

    • gcp_store:

    SecretStoreGcpCertX509Store, SecretStoreGcpCertX509StoreArgs

    CaPoolId string
    The ID of the target CA pool
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Location string
    The Region for the CA in GCP format e.g. us-west1
    Name string
    Unique human-readable name of the SecretStore.
    ProjectId string
    The GCP project ID to target.
    CaId string
    The ID of the target CA
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    CaPoolId string
    The ID of the target CA pool
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Location string
    The Region for the CA in GCP format e.g. us-west1
    Name string
    Unique human-readable name of the SecretStore.
    ProjectId string
    The GCP project ID to target.
    CaId string
    The ID of the target CA
    Tags map[string]string
    Tags is a map of key, value pairs.
    caPoolId String
    The ID of the target CA pool
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    location String
    The Region for the CA in GCP format e.g. us-west1
    name String
    Unique human-readable name of the SecretStore.
    projectId String
    The GCP project ID to target.
    caId String
    The ID of the target CA
    tags Map<String,String>
    Tags is a map of key, value pairs.
    caPoolId string
    The ID of the target CA pool
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    location string
    The Region for the CA in GCP format e.g. us-west1
    name string
    Unique human-readable name of the SecretStore.
    projectId string
    The GCP project ID to target.
    caId string
    The ID of the target CA
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    ca_pool_id str
    The ID of the target CA pool
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    location str
    The Region for the CA in GCP format e.g. us-west1
    name str
    Unique human-readable name of the SecretStore.
    project_id str
    The GCP project ID to target.
    ca_id str
    The ID of the target CA
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    caPoolId String
    The ID of the target CA pool
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    location String
    The Region for the CA in GCP format e.g. us-west1
    name String
    Unique human-readable name of the SecretStore.
    projectId String
    The GCP project ID to target.
    caId String
    The ID of the target CA
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreGcpStore, SecretStoreGcpStoreArgs

    Name string
    Unique human-readable name of the SecretStore.
    ProjectId string
    The GCP project ID to target.
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    Name string
    Unique human-readable name of the SecretStore.
    ProjectId string
    The GCP project ID to target.
    Tags map[string]string
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    projectId String
    The GCP project ID to target.
    tags Map<String,String>
    Tags is a map of key, value pairs.
    name string
    Unique human-readable name of the SecretStore.
    projectId string
    The GCP project ID to target.
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    name str
    Unique human-readable name of the SecretStore.
    project_id str
    The GCP project ID to target.
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    projectId String
    The GCP project ID to target.
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreKeyfactorX509Store, SecretStoreKeyfactorX509StoreArgs

    CertificateFilePath string
    Path to client certificate in PEM format. This certificate must contain a client certificate that is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private key associated with the certificate, but KeyFile can also be set to configure the private key.
    DefaultCertificateAuthorityName string
    Name of EJBCA certificate authority that will enroll CSR.
    DefaultCertificateProfileName string
    Certificate profile name that EJBCA will enroll the CSR with.
    DefaultEndEntityProfileName string
    End entity profile that EJBCA will enroll the CSR with.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    CaFilePath string
    Path to the root CA that signed the certificate passed to the client for HTTPS connection. This is not required if the CA is trusted by the host operating system. This should be a PEM formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
    EnrollmentCodeEnvVar string
    code used by EJBCA during enrollment. May be left blank if no code is required.
    EnrollmentUsernameEnvVar string
    username that used by the EJBCA during enrollment. This can be left out. If so, the username must be auto-generated on the Keyfactor side.
    KeyFilePath string
    Path to private key in PEM format. This file should contain the private key associated with the client certificate configured in CertificateFile.
    KeyPasswordEnvVar string
    optional environment variable housing the password that is used to decrypt the key file.
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    CertificateFilePath string
    Path to client certificate in PEM format. This certificate must contain a client certificate that is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private key associated with the certificate, but KeyFile can also be set to configure the private key.
    DefaultCertificateAuthorityName string
    Name of EJBCA certificate authority that will enroll CSR.
    DefaultCertificateProfileName string
    Certificate profile name that EJBCA will enroll the CSR with.
    DefaultEndEntityProfileName string
    End entity profile that EJBCA will enroll the CSR with.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    CaFilePath string
    Path to the root CA that signed the certificate passed to the client for HTTPS connection. This is not required if the CA is trusted by the host operating system. This should be a PEM formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
    EnrollmentCodeEnvVar string
    code used by EJBCA during enrollment. May be left blank if no code is required.
    EnrollmentUsernameEnvVar string
    username that used by the EJBCA during enrollment. This can be left out. If so, the username must be auto-generated on the Keyfactor side.
    KeyFilePath string
    Path to private key in PEM format. This file should contain the private key associated with the client certificate configured in CertificateFile.
    KeyPasswordEnvVar string
    optional environment variable housing the password that is used to decrypt the key file.
    Tags map[string]string
    Tags is a map of key, value pairs.
    certificateFilePath String
    Path to client certificate in PEM format. This certificate must contain a client certificate that is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private key associated with the certificate, but KeyFile can also be set to configure the private key.
    defaultCertificateAuthorityName String
    Name of EJBCA certificate authority that will enroll CSR.
    defaultCertificateProfileName String
    Certificate profile name that EJBCA will enroll the CSR with.
    defaultEndEntityProfileName String
    End entity profile that EJBCA will enroll the CSR with.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    caFilePath String
    Path to the root CA that signed the certificate passed to the client for HTTPS connection. This is not required if the CA is trusted by the host operating system. This should be a PEM formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
    enrollmentCodeEnvVar String
    code used by EJBCA during enrollment. May be left blank if no code is required.
    enrollmentUsernameEnvVar String
    username that used by the EJBCA during enrollment. This can be left out. If so, the username must be auto-generated on the Keyfactor side.
    keyFilePath String
    Path to private key in PEM format. This file should contain the private key associated with the client certificate configured in CertificateFile.
    keyPasswordEnvVar String
    optional environment variable housing the password that is used to decrypt the key file.
    tags Map<String,String>
    Tags is a map of key, value pairs.
    certificateFilePath string
    Path to client certificate in PEM format. This certificate must contain a client certificate that is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private key associated with the certificate, but KeyFile can also be set to configure the private key.
    defaultCertificateAuthorityName string
    Name of EJBCA certificate authority that will enroll CSR.
    defaultCertificateProfileName string
    Certificate profile name that EJBCA will enroll the CSR with.
    defaultEndEntityProfileName string
    End entity profile that EJBCA will enroll the CSR with.
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    caFilePath string
    Path to the root CA that signed the certificate passed to the client for HTTPS connection. This is not required if the CA is trusted by the host operating system. This should be a PEM formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
    enrollmentCodeEnvVar string
    code used by EJBCA during enrollment. May be left blank if no code is required.
    enrollmentUsernameEnvVar string
    username that used by the EJBCA during enrollment. This can be left out. If so, the username must be auto-generated on the Keyfactor side.
    keyFilePath string
    Path to private key in PEM format. This file should contain the private key associated with the client certificate configured in CertificateFile.
    keyPasswordEnvVar string
    optional environment variable housing the password that is used to decrypt the key file.
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    certificate_file_path str
    Path to client certificate in PEM format. This certificate must contain a client certificate that is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private key associated with the certificate, but KeyFile can also be set to configure the private key.
    default_certificate_authority_name str
    Name of EJBCA certificate authority that will enroll CSR.
    default_certificate_profile_name str
    Certificate profile name that EJBCA will enroll the CSR with.
    default_end_entity_profile_name str
    End entity profile that EJBCA will enroll the CSR with.
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    ca_file_path str
    Path to the root CA that signed the certificate passed to the client for HTTPS connection. This is not required if the CA is trusted by the host operating system. This should be a PEM formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
    enrollment_code_env_var str
    code used by EJBCA during enrollment. May be left blank if no code is required.
    enrollment_username_env_var str
    username that used by the EJBCA during enrollment. This can be left out. If so, the username must be auto-generated on the Keyfactor side.
    key_file_path str
    Path to private key in PEM format. This file should contain the private key associated with the client certificate configured in CertificateFile.
    key_password_env_var str
    optional environment variable housing the password that is used to decrypt the key file.
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    certificateFilePath String
    Path to client certificate in PEM format. This certificate must contain a client certificate that is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private key associated with the certificate, but KeyFile can also be set to configure the private key.
    defaultCertificateAuthorityName String
    Name of EJBCA certificate authority that will enroll CSR.
    defaultCertificateProfileName String
    Certificate profile name that EJBCA will enroll the CSR with.
    defaultEndEntityProfileName String
    End entity profile that EJBCA will enroll the CSR with.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    caFilePath String
    Path to the root CA that signed the certificate passed to the client for HTTPS connection. This is not required if the CA is trusted by the host operating system. This should be a PEM formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
    enrollmentCodeEnvVar String
    code used by EJBCA during enrollment. May be left blank if no code is required.
    enrollmentUsernameEnvVar String
    username that used by the EJBCA during enrollment. This can be left out. If so, the username must be auto-generated on the Keyfactor side.
    keyFilePath String
    Path to private key in PEM format. This file should contain the private key associated with the client certificate configured in CertificateFile.
    keyPasswordEnvVar String
    optional environment variable housing the password that is used to decrypt the key file.
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultApprole, SecretStoreVaultApproleArgs

    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultApproleCertSsh, SecretStoreVaultApproleCertSshArgs

    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    SshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    SshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    sshMountPoint String
    The mount point of the SSH engine configured with the desired CA
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    signingRole string
    The signing role to be used for signing certificates
    sshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    signing_role str
    The signing role to be used for signing certificates
    ssh_mount_point str
    The mount point of the SSH engine configured with the desired CA
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    sshMountPoint String
    The mount point of the SSH engine configured with the desired CA
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultApproleCertX509, SecretStoreVaultApproleCertX509Args

    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    PkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    PkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    pkiMountPoint String
    The mount point of the PKI engine configured with the desired CA
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    name string
    Unique human-readable name of the SecretStore.
    pkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    serverAddress string
    The URL of the Vault to target
    signingRole string
    The signing role to be used for signing certificates
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    name str
    Unique human-readable name of the SecretStore.
    pki_mount_point str
    The mount point of the PKI engine configured with the desired CA
    server_address str
    The URL of the Vault to target
    signing_role str
    The signing role to be used for signing certificates
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    pkiMountPoint String
    The mount point of the PKI engine configured with the desired CA
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultTls, SecretStoreVaultTlsArgs

    ClientCertPath string
    A path to a client certificate file accessible by a Node
    ClientKeyPath string
    A path to a client key file accessible by a Node
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    CaCertPath string
    A path to a CA file accessible by a Node
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    ClientCertPath string
    A path to a client certificate file accessible by a Node
    ClientKeyPath string
    A path to a client key file accessible by a Node
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    CaCertPath string
    A path to a CA file accessible by a Node
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    clientCertPath String
    A path to a client certificate file accessible by a Node
    clientKeyPath String
    A path to a client key file accessible by a Node
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    caCertPath String
    A path to a CA file accessible by a Node
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    clientCertPath string
    A path to a client certificate file accessible by a Node
    clientKeyPath string
    A path to a client key file accessible by a Node
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    caCertPath string
    A path to a CA file accessible by a Node
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    client_cert_path str
    A path to a client certificate file accessible by a Node
    client_key_path str
    A path to a client key file accessible by a Node
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    ca_cert_path str
    A path to a CA file accessible by a Node
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    clientCertPath String
    A path to a client certificate file accessible by a Node
    clientKeyPath String
    A path to a client key file accessible by a Node
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    caCertPath String
    A path to a CA file accessible by a Node
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultTlsCertSsh, SecretStoreVaultTlsCertSshArgs

    ClientCertPath string
    A path to a client certificate file accessible by a Node
    ClientKeyPath string
    A path to a client key file accessible by a Node
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    SshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    CaCertPath string
    A path to a CA file accessible by a Node
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    ClientCertPath string
    A path to a client certificate file accessible by a Node
    ClientKeyPath string
    A path to a client key file accessible by a Node
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    SshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    CaCertPath string
    A path to a CA file accessible by a Node
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    clientCertPath String
    A path to a client certificate file accessible by a Node
    clientKeyPath String
    A path to a client key file accessible by a Node
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    sshMountPoint String
    The mount point of the SSH engine configured with the desired CA
    caCertPath String
    A path to a CA file accessible by a Node
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    clientCertPath string
    A path to a client certificate file accessible by a Node
    clientKeyPath string
    A path to a client key file accessible by a Node
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    signingRole string
    The signing role to be used for signing certificates
    sshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    caCertPath string
    A path to a CA file accessible by a Node
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    client_cert_path str
    A path to a client certificate file accessible by a Node
    client_key_path str
    A path to a client key file accessible by a Node
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    signing_role str
    The signing role to be used for signing certificates
    ssh_mount_point str
    The mount point of the SSH engine configured with the desired CA
    ca_cert_path str
    A path to a CA file accessible by a Node
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    clientCertPath String
    A path to a client certificate file accessible by a Node
    clientKeyPath String
    A path to a client key file accessible by a Node
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    sshMountPoint String
    The mount point of the SSH engine configured with the desired CA
    caCertPath String
    A path to a CA file accessible by a Node
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultTlsCertX509, SecretStoreVaultTlsCertX509Args

    ClientCertPath string
    A path to a client certificate file accessible by a Node
    ClientKeyPath string
    A path to a client key file accessible by a Node
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    PkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    CaCertPath string
    A path to a CA file accessible by a Node
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    ClientCertPath string
    A path to a client certificate file accessible by a Node
    ClientKeyPath string
    A path to a client key file accessible by a Node
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    PkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    CaCertPath string
    A path to a CA file accessible by a Node
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    clientCertPath String
    A path to a client certificate file accessible by a Node
    clientKeyPath String
    A path to a client key file accessible by a Node
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    pkiMountPoint String
    The mount point of the PKI engine configured with the desired CA
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    caCertPath String
    A path to a CA file accessible by a Node
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    clientCertPath string
    A path to a client certificate file accessible by a Node
    clientKeyPath string
    A path to a client key file accessible by a Node
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    name string
    Unique human-readable name of the SecretStore.
    pkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    serverAddress string
    The URL of the Vault to target
    signingRole string
    The signing role to be used for signing certificates
    caCertPath string
    A path to a CA file accessible by a Node
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    client_cert_path str
    A path to a client certificate file accessible by a Node
    client_key_path str
    A path to a client key file accessible by a Node
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    name str
    Unique human-readable name of the SecretStore.
    pki_mount_point str
    The mount point of the PKI engine configured with the desired CA
    server_address str
    The URL of the Vault to target
    signing_role str
    The signing role to be used for signing certificates
    ca_cert_path str
    A path to a CA file accessible by a Node
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    clientCertPath String
    A path to a client certificate file accessible by a Node
    clientKeyPath String
    A path to a client key file accessible by a Node
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    pkiMountPoint String
    The mount point of the PKI engine configured with the desired CA
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    caCertPath String
    A path to a CA file accessible by a Node
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultToken, SecretStoreVaultTokenArgs

    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultTokenCertSsh, SecretStoreVaultTokenCertSshArgs

    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    SshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    SshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    sshMountPoint String
    The mount point of the SSH engine configured with the desired CA
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    name string
    Unique human-readable name of the SecretStore.
    serverAddress string
    The URL of the Vault to target
    signingRole string
    The signing role to be used for signing certificates
    sshMountPoint string
    The mount point of the SSH engine configured with the desired CA
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    name str
    Unique human-readable name of the SecretStore.
    server_address str
    The URL of the Vault to target
    signing_role str
    The signing role to be used for signing certificates
    ssh_mount_point str
    The mount point of the SSH engine configured with the desired CA
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    sshMountPoint String
    The mount point of the SSH engine configured with the desired CA
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    SecretStoreVaultTokenCertX509, SecretStoreVaultTokenCertX509Args

    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    PkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    Namespace string
    The namespace to make requests within
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    IssuedCertTtlMinutes int
    The lifetime of certificates issued by this CA represented in minutes.
    Name string
    Unique human-readable name of the SecretStore.
    PkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    ServerAddress string
    The URL of the Vault to target
    SigningRole string
    The signing role to be used for signing certificates
    Namespace string
    The namespace to make requests within
    Tags map[string]string
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Integer
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    pkiMountPoint String
    The mount point of the PKI engine configured with the desired CA
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    namespace String
    The namespace to make requests within
    tags Map<String,String>
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes number
    The lifetime of certificates issued by this CA represented in minutes.
    name string
    Unique human-readable name of the SecretStore.
    pkiMountPoint string
    The mount point of the PKI engine configured with the desired CA
    serverAddress string
    The URL of the Vault to target
    signingRole string
    The signing role to be used for signing certificates
    namespace string
    The namespace to make requests within
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    issued_cert_ttl_minutes int
    The lifetime of certificates issued by this CA represented in minutes.
    name str
    Unique human-readable name of the SecretStore.
    pki_mount_point str
    The mount point of the PKI engine configured with the desired CA
    server_address str
    The URL of the Vault to target
    signing_role str
    The signing role to be used for signing certificates
    namespace str
    The namespace to make requests within
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    issuedCertTtlMinutes Number
    The lifetime of certificates issued by this CA represented in minutes.
    name String
    Unique human-readable name of the SecretStore.
    pkiMountPoint String
    The mount point of the PKI engine configured with the desired CA
    serverAddress String
    The URL of the Vault to target
    signingRole String
    The signing role to be used for signing certificates
    namespace String
    The namespace to make requests within
    tags Map<String>
    Tags is a map of key, value pairs.

    Import

    A SecretStore can be imported using the id, e.g.,

    $ pulumi import sdm:index/secretStore:SecretStore example se-12345678
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    sdm pierskarsenbarg/pulumi-sdm
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the sdm Terraform Provider.
    sdm logo
    StrongDM v1.12.0 published on Sunday, Apr 28, 2024 by Piers Karsenbarg