Skip to content

Latest commit

 

History

History
2338 lines (1482 loc) · 94.2 KB

adSecretBackend.csharp.md

File metadata and controls

2338 lines (1482 loc) · 94.2 KB
Raw

adSecretBackend Submodule

Constructs

AdSecretBackend

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend vault_ad_secret_backend}.

Initializers 

using HashiCorp.Cdktf.Providers.Vault;

new AdSecretBackend(Construct Scope, string Id, AdSecretBackendConfig Config);
Name Type Description
Scope Constructs.Construct The scope in which to define this construct.
Id string The scoped construct ID.
Config AdSecretBackendConfig No description.
ScopeRequired
  • Type: Constructs.Construct

The scope in which to define this construct.

IdRequired
  • Type: string

The scoped construct ID.

Must be unique amongst siblings in the same scope

ConfigRequired

Methods

Name Description
ToString Returns a string representation of this construct.
AddOverride No description.
OverrideLogicalId Overrides the auto-generated logical ID with a specific ID.
ResetOverrideLogicalId Resets a previously passed logical Id to use the auto-generated logical id again.
ToHclTerraform No description.
ToMetadata No description.
ToTerraform Adds this resource to the terraform JSON output.
AddMoveTarget Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
GetAnyMapAttribute No description.
GetBooleanAttribute No description.
GetBooleanMapAttribute No description.
GetListAttribute No description.
GetNumberAttribute No description.
GetNumberListAttribute No description.
GetNumberMapAttribute No description.
GetStringAttribute No description.
GetStringMapAttribute No description.
HasResourceMove No description.
ImportFrom No description.
InterpolationForAttribute No description.
MoveFromId Move the resource corresponding to "id" to this resource.
MoveTo Moves this resource to the target resource given by moveTarget.
MoveToId Moves this resource to the resource corresponding to "id".
ResetAnonymousGroupSearch No description.
ResetBackend No description.
ResetCaseSensitiveNames No description.
ResetCertificate No description.
ResetClientTlsCert No description.
ResetClientTlsKey No description.
ResetDefaultLeaseTtlSeconds No description.
ResetDenyNullBind No description.
ResetDescription No description.
ResetDisableRemount No description.
ResetDiscoverdn No description.
ResetGroupattr No description.
ResetGroupdn No description.
ResetGroupfilter No description.
ResetId No description.
ResetInsecureTls No description.
ResetLastRotationTolerance No description.
ResetLocal No description.
ResetMaxLeaseTtlSeconds No description.
ResetMaxTtl No description.
ResetNamespace No description.
ResetPasswordPolicy No description.
ResetRequestTimeout No description.
ResetStarttls No description.
ResetTlsMaxVersion No description.
ResetTlsMinVersion No description.
ResetTtl No description.
ResetUpndomain No description.
ResetUrl No description.
ResetUsePre111GroupCnBehavior No description.
ResetUserattr No description.
ResetUserdn No description.
ResetUseTokenGroups No description.
ToString 
private string ToString()

Returns a string representation of this construct.

AddOverride 
private void AddOverride(string Path, object Value)
PathRequired
  • Type: string
ValueRequired
  • Type: object
OverrideLogicalId 
private void OverrideLogicalId(string NewLogicalId)

Overrides the auto-generated logical ID with a specific ID.

NewLogicalIdRequired
  • Type: string

The new logical ID to use for this stack element.

ResetOverrideLogicalId 
private void ResetOverrideLogicalId()

Resets a previously passed logical Id to use the auto-generated logical id again.

ToHclTerraform 
private object ToHclTerraform()
ToMetadata 
private object ToMetadata()
ToTerraform 
private object ToTerraform()

Adds this resource to the terraform JSON output.

AddMoveTarget 
private void AddMoveTarget(string MoveTarget)

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

MoveTargetRequired
  • Type: string

The string move target that will correspond to this resource.

GetAnyMapAttribute 
private System.Collections.Generic.IDictionary<string, object> GetAnyMapAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetBooleanAttribute 
private IResolvable GetBooleanAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetBooleanMapAttribute 
private System.Collections.Generic.IDictionary<string, bool> GetBooleanMapAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetListAttribute 
private string[] GetListAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetNumberAttribute 
private double GetNumberAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetNumberListAttribute 
private double[] GetNumberListAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetNumberMapAttribute 
private System.Collections.Generic.IDictionary<string, double> GetNumberMapAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetStringAttribute 
private string GetStringAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
GetStringMapAttribute 
private System.Collections.Generic.IDictionary<string, string> GetStringMapAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
HasResourceMove 
private object HasResourceMove()
ImportFrom 
private void ImportFrom(string Id, TerraformProvider Provider = null)
IdRequired
  • Type: string
ProviderOptional
  • Type: HashiCorp.Cdktf.TerraformProvider
InterpolationForAttribute 
private IResolvable InterpolationForAttribute(string TerraformAttribute)
TerraformAttributeRequired
  • Type: string
MoveFromId 
private void MoveFromId(string Id)

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

IdRequired
  • Type: string

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

MoveTo 
private void MoveTo(string MoveTarget, object Index = null)

Moves this resource to the target resource given by moveTarget.

MoveTargetRequired
  • Type: string

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

IndexOptional
  • Type: object

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

MoveToId 
private void MoveToId(string Id)

Moves this resource to the resource corresponding to "id".

IdRequired
  • Type: string

Full id of resource to move to, e.g. "aws_s3_bucket.example".

ResetAnonymousGroupSearch 
private void ResetAnonymousGroupSearch()
ResetBackend 
private void ResetBackend()
ResetCaseSensitiveNames 
private void ResetCaseSensitiveNames()
ResetCertificate 
private void ResetCertificate()
ResetClientTlsCert 
private void ResetClientTlsCert()
ResetClientTlsKey 
private void ResetClientTlsKey()
ResetDefaultLeaseTtlSeconds 
private void ResetDefaultLeaseTtlSeconds()
ResetDenyNullBind 
private void ResetDenyNullBind()
ResetDescription 
private void ResetDescription()
ResetDisableRemount 
private void ResetDisableRemount()
ResetDiscoverdn 
private void ResetDiscoverdn()
ResetGroupattr 
private void ResetGroupattr()
ResetGroupdn 
private void ResetGroupdn()
ResetGroupfilter 
private void ResetGroupfilter()
ResetId 
private void ResetId()
ResetInsecureTls 
private void ResetInsecureTls()
ResetLastRotationTolerance 
private void ResetLastRotationTolerance()
ResetLocal 
private void ResetLocal()
ResetMaxLeaseTtlSeconds 
private void ResetMaxLeaseTtlSeconds()
ResetMaxTtl 
private void ResetMaxTtl()
ResetNamespace 
private void ResetNamespace()
ResetPasswordPolicy 
private void ResetPasswordPolicy()
ResetRequestTimeout 
private void ResetRequestTimeout()
ResetStarttls 
private void ResetStarttls()
ResetTlsMaxVersion 
private void ResetTlsMaxVersion()
ResetTlsMinVersion 
private void ResetTlsMinVersion()
ResetTtl 
private void ResetTtl()
ResetUpndomain 
private void ResetUpndomain()
ResetUrl 
private void ResetUrl()
ResetUsePre111GroupCnBehavior 
private void ResetUsePre111GroupCnBehavior()
ResetUserattr 
private void ResetUserattr()
ResetUserdn 
private void ResetUserdn()
ResetUseTokenGroups 
private void ResetUseTokenGroups()

Static Functions

Name Description
IsConstruct Checks if x is a construct.
IsTerraformElement No description.
IsTerraformResource No description.
GenerateConfigForImport Generates CDKTF code for importing a AdSecretBackend resource upon running "cdktf plan ".
IsConstruct 
using HashiCorp.Cdktf.Providers.Vault;

AdSecretBackend.IsConstruct(object X);

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

XRequired
  • Type: object

Any object.

IsTerraformElement 
using HashiCorp.Cdktf.Providers.Vault;

AdSecretBackend.IsTerraformElement(object X);
XRequired
  • Type: object
IsTerraformResource 
using HashiCorp.Cdktf.Providers.Vault;

AdSecretBackend.IsTerraformResource(object X);
XRequired
  • Type: object
GenerateConfigForImport 
using HashiCorp.Cdktf.Providers.Vault;

AdSecretBackend.GenerateConfigForImport(Construct Scope, string ImportToId, string ImportFromId, TerraformProvider Provider = null);

Generates CDKTF code for importing a AdSecretBackend resource upon running "cdktf plan ".

ScopeRequired
  • Type: Constructs.Construct

The scope in which to define this construct.

ImportToIdRequired
  • Type: string

The construct id used in the generated config for the AdSecretBackend to import.

ImportFromIdRequired
  • Type: string

The id of the existing AdSecretBackend that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#import import section} in the documentation of this resource for the id to use

ProviderOptional
  • Type: HashiCorp.Cdktf.TerraformProvider

? Optional instance of the provider where the AdSecretBackend to import is found.

Properties

Name Type Description
Node Constructs.Node The tree node.
CdktfStack HashiCorp.Cdktf.TerraformStack No description.
Fqn string No description.
FriendlyUniqueId string No description.
TerraformMetaArguments System.Collections.Generic.IDictionary<string, object> No description.
TerraformResourceType string No description.
TerraformGeneratorMetadata HashiCorp.Cdktf.TerraformProviderGeneratorMetadata No description.
Connection object No description.
Count object No description.
DependsOn string[] No description.
ForEach HashiCorp.Cdktf.ITerraformIterator No description.
Lifecycle HashiCorp.Cdktf.TerraformResourceLifecycle No description.
Provider HashiCorp.Cdktf.TerraformProvider No description.
Provisioners object[] No description.
AnonymousGroupSearchInput object No description.
BackendInput string No description.
BinddnInput string No description.
BindpassInput string No description.
CaseSensitiveNamesInput object No description.
CertificateInput string No description.
ClientTlsCertInput string No description.
ClientTlsKeyInput string No description.
DefaultLeaseTtlSecondsInput double No description.
DenyNullBindInput object No description.
DescriptionInput string No description.
DisableRemountInput object No description.
DiscoverdnInput object No description.
GroupattrInput string No description.
GroupdnInput string No description.
GroupfilterInput string No description.
IdInput string No description.
InsecureTlsInput object No description.
LastRotationToleranceInput double No description.
LocalInput object No description.
MaxLeaseTtlSecondsInput double No description.
MaxTtlInput double No description.
NamespaceInput string No description.
PasswordPolicyInput string No description.
RequestTimeoutInput double No description.
StarttlsInput object No description.
TlsMaxVersionInput string No description.
TlsMinVersionInput string No description.
TtlInput double No description.
UpndomainInput string No description.
UrlInput string No description.
UsePre111GroupCnBehaviorInput object No description.
UserattrInput string No description.
UserdnInput string No description.
UseTokenGroupsInput object No description.
AnonymousGroupSearch object No description.
Backend string No description.
Binddn string No description.
Bindpass string No description.
CaseSensitiveNames object No description.
Certificate string No description.
ClientTlsCert string No description.
ClientTlsKey string No description.
DefaultLeaseTtlSeconds double No description.
DenyNullBind object No description.
Description string No description.
DisableRemount object No description.
Discoverdn object No description.
Groupattr string No description.
Groupdn string No description.
Groupfilter string No description.
Id string No description.
InsecureTls object No description.
LastRotationTolerance double No description.
Local object No description.
MaxLeaseTtlSeconds double No description.
MaxTtl double No description.
Namespace string No description.
PasswordPolicy string No description.
RequestTimeout double No description.
Starttls object No description.
TlsMaxVersion string No description.
TlsMinVersion string No description.
Ttl double No description.
Upndomain string No description.
Url string No description.
UsePre111GroupCnBehavior object No description.
Userattr string No description.
Userdn string No description.
UseTokenGroups object No description.
NodeRequired 
public Node Node { get; }
  • Type: Constructs.Node

The tree node.

CdktfStackRequired 
public TerraformStack CdktfStack { get; }
  • Type: HashiCorp.Cdktf.TerraformStack
FqnRequired 
public string Fqn { get; }
  • Type: string
FriendlyUniqueIdRequired 
public string FriendlyUniqueId { get; }
  • Type: string
TerraformMetaArgumentsRequired 
public System.Collections.Generic.IDictionary<string, object> TerraformMetaArguments { get; }
  • Type: System.Collections.Generic.IDictionary<string, object>
TerraformResourceTypeRequired 
public string TerraformResourceType { get; }
  • Type: string
TerraformGeneratorMetadataOptional 
public TerraformProviderGeneratorMetadata TerraformGeneratorMetadata { get; }
  • Type: HashiCorp.Cdktf.TerraformProviderGeneratorMetadata
ConnectionOptional 
public object Connection { get; }
  • Type: object
CountOptional 
public object Count { get; }
  • Type: object
DependsOnOptional 
public string[] DependsOn { get; }
  • Type: string[]
ForEachOptional 
public ITerraformIterator ForEach { get; }
  • Type: HashiCorp.Cdktf.ITerraformIterator
LifecycleOptional 
public TerraformResourceLifecycle Lifecycle { get; }
  • Type: HashiCorp.Cdktf.TerraformResourceLifecycle
ProviderOptional 
public TerraformProvider Provider { get; }
  • Type: HashiCorp.Cdktf.TerraformProvider
ProvisionersOptional 
public object[] Provisioners { get; }
  • Type: object[]
AnonymousGroupSearchInputOptional 
public object AnonymousGroupSearchInput { get; }
  • Type: object
BackendInputOptional 
public string BackendInput { get; }
  • Type: string
BinddnInputOptional 
public string BinddnInput { get; }
  • Type: string
BindpassInputOptional 
public string BindpassInput { get; }
  • Type: string
CaseSensitiveNamesInputOptional 
public object CaseSensitiveNamesInput { get; }
  • Type: object
CertificateInputOptional 
public string CertificateInput { get; }
  • Type: string
ClientTlsCertInputOptional 
public string ClientTlsCertInput { get; }
  • Type: string
ClientTlsKeyInputOptional 
public string ClientTlsKeyInput { get; }
  • Type: string
DefaultLeaseTtlSecondsInputOptional 
public double DefaultLeaseTtlSecondsInput { get; }
  • Type: double
DenyNullBindInputOptional 
public object DenyNullBindInput { get; }
  • Type: object
DescriptionInputOptional 
public string DescriptionInput { get; }
  • Type: string
DisableRemountInputOptional 
public object DisableRemountInput { get; }
  • Type: object
DiscoverdnInputOptional 
public object DiscoverdnInput { get; }
  • Type: object
GroupattrInputOptional 
public string GroupattrInput { get; }
  • Type: string
GroupdnInputOptional 
public string GroupdnInput { get; }
  • Type: string
GroupfilterInputOptional 
public string GroupfilterInput { get; }
  • Type: string
IdInputOptional 
public string IdInput { get; }
  • Type: string
InsecureTlsInputOptional 
public object InsecureTlsInput { get; }
  • Type: object
LastRotationToleranceInputOptional 
public double LastRotationToleranceInput { get; }
  • Type: double
LocalInputOptional 
public object LocalInput { get; }
  • Type: object
MaxLeaseTtlSecondsInputOptional 
public double MaxLeaseTtlSecondsInput { get; }
  • Type: double
MaxTtlInputOptional 
public double MaxTtlInput { get; }
  • Type: double
NamespaceInputOptional 
public string NamespaceInput { get; }
  • Type: string
PasswordPolicyInputOptional 
public string PasswordPolicyInput { get; }
  • Type: string
RequestTimeoutInputOptional 
public double RequestTimeoutInput { get; }
  • Type: double
StarttlsInputOptional 
public object StarttlsInput { get; }
  • Type: object
TlsMaxVersionInputOptional 
public string TlsMaxVersionInput { get; }
  • Type: string
TlsMinVersionInputOptional 
public string TlsMinVersionInput { get; }
  • Type: string
TtlInputOptional 
public double TtlInput { get; }
  • Type: double
UpndomainInputOptional 
public string UpndomainInput { get; }
  • Type: string
UrlInputOptional 
public string UrlInput { get; }
  • Type: string
UsePre111GroupCnBehaviorInputOptional 
public object UsePre111GroupCnBehaviorInput { get; }
  • Type: object
UserattrInputOptional 
public string UserattrInput { get; }
  • Type: string
UserdnInputOptional 
public string UserdnInput { get; }
  • Type: string
UseTokenGroupsInputOptional 
public object UseTokenGroupsInput { get; }
  • Type: object
AnonymousGroupSearchRequired 
public object AnonymousGroupSearch { get; }
  • Type: object
BackendRequired 
public string Backend { get; }
  • Type: string
BinddnRequired 
public string Binddn { get; }
  • Type: string
BindpassRequired 
public string Bindpass { get; }
  • Type: string
CaseSensitiveNamesRequired 
public object CaseSensitiveNames { get; }
  • Type: object
CertificateRequired 
public string Certificate { get; }
  • Type: string
ClientTlsCertRequired 
public string ClientTlsCert { get; }
  • Type: string
ClientTlsKeyRequired 
public string ClientTlsKey { get; }
  • Type: string
DefaultLeaseTtlSecondsRequired 
public double DefaultLeaseTtlSeconds { get; }
  • Type: double
DenyNullBindRequired 
public object DenyNullBind { get; }
  • Type: object
DescriptionRequired 
public string Description { get; }
  • Type: string
DisableRemountRequired 
public object DisableRemount { get; }
  • Type: object
DiscoverdnRequired 
public object Discoverdn { get; }
  • Type: object
GroupattrRequired 
public string Groupattr { get; }
  • Type: string
GroupdnRequired 
public string Groupdn { get; }
  • Type: string
GroupfilterRequired 
public string Groupfilter { get; }
  • Type: string
IdRequired 
public string Id { get; }
  • Type: string
InsecureTlsRequired 
public object InsecureTls { get; }
  • Type: object
LastRotationToleranceRequired 
public double LastRotationTolerance { get; }
  • Type: double
LocalRequired 
public object Local { get; }
  • Type: object
MaxLeaseTtlSecondsRequired 
public double MaxLeaseTtlSeconds { get; }
  • Type: double
MaxTtlRequired 
public double MaxTtl { get; }
  • Type: double
NamespaceRequired 
public string Namespace { get; }
  • Type: string
PasswordPolicyRequired 
public string PasswordPolicy { get; }
  • Type: string
RequestTimeoutRequired 
public double RequestTimeout { get; }
  • Type: double
StarttlsRequired 
public object Starttls { get; }
  • Type: object
TlsMaxVersionRequired 
public string TlsMaxVersion { get; }
  • Type: string
TlsMinVersionRequired 
public string TlsMinVersion { get; }
  • Type: string
TtlRequired 
public double Ttl { get; }
  • Type: double
UpndomainRequired 
public string Upndomain { get; }
  • Type: string
UrlRequired 
public string Url { get; }
  • Type: string
UsePre111GroupCnBehaviorRequired 
public object UsePre111GroupCnBehavior { get; }
  • Type: object
UserattrRequired 
public string Userattr { get; }
  • Type: string
UserdnRequired 
public string Userdn { get; }
  • Type: string
UseTokenGroupsRequired 
public object UseTokenGroups { get; }
  • Type: object

Constants

Name Type Description
TfResourceType string No description.
TfResourceTypeRequired 
public string TfResourceType { get; }
  • Type: string

Structs

AdSecretBackendConfig

Initializer 

using HashiCorp.Cdktf.Providers.Vault;

new AdSecretBackendConfig {
    object Connection = null,
    object Count = null,
    ITerraformDependable[] DependsOn = null,
    ITerraformIterator ForEach = null,
    TerraformResourceLifecycle Lifecycle = null,
    TerraformProvider Provider = null,
    object[] Provisioners = null,
    string Binddn,
    string Bindpass,
    object AnonymousGroupSearch = null,
    string Backend = null,
    object CaseSensitiveNames = null,
    string Certificate = null,
    string ClientTlsCert = null,
    string ClientTlsKey = null,
    double DefaultLeaseTtlSeconds = null,
    object DenyNullBind = null,
    string Description = null,
    object DisableRemount = null,
    object Discoverdn = null,
    string Groupattr = null,
    string Groupdn = null,
    string Groupfilter = null,
    string Id = null,
    object InsecureTls = null,
    double LastRotationTolerance = null,
    object Local = null,
    double MaxLeaseTtlSeconds = null,
    double MaxTtl = null,
    string Namespace = null,
    string PasswordPolicy = null,
    double RequestTimeout = null,
    object Starttls = null,
    string TlsMaxVersion = null,
    string TlsMinVersion = null,
    double Ttl = null,
    string Upndomain = null,
    string Url = null,
    object UsePre111GroupCnBehavior = null,
    string Userattr = null,
    string Userdn = null,
    object UseTokenGroups = null
};

Properties

Name Type Description
Connection object No description.
Count object No description.
DependsOn HashiCorp.Cdktf.ITerraformDependable[] No description.
ForEach HashiCorp.Cdktf.ITerraformIterator No description.
Lifecycle HashiCorp.Cdktf.TerraformResourceLifecycle No description.
Provider HashiCorp.Cdktf.TerraformProvider No description.
Provisioners object[] No description.
Binddn string Distinguished name of object to bind when performing user and group search.
Bindpass string LDAP password for searching for the user DN.
AnonymousGroupSearch object Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
Backend string The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".
CaseSensitiveNames object If true, case sensitivity will be used when comparing usernames and groups for matching policies.
Certificate string CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
ClientTlsCert string Client certificate to provide to the LDAP server, must be x509 PEM encoded.
ClientTlsKey string Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
DefaultLeaseTtlSeconds double Default lease duration for secrets in seconds.
DenyNullBind object Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.
Description string Human-friendly description of the mount for the backend.
DisableRemount object If set, opts out of mount migration on path updates.
Discoverdn object Use anonymous bind to discover the bind DN of a user.
Groupattr string LDAP attribute to follow on objects returned by in order to enumerate user group membership.
Groupdn string LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
Groupfilter string Go template for querying group membership of user.
Id string Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.
InsecureTls object Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.
LastRotationTolerance double The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.
Local object Mark the secrets engine as local-only.
MaxLeaseTtlSeconds double Maximum possible lease duration for secrets in seconds.
MaxTtl double In seconds, the maximum password time-to-live.
Namespace string Target namespace. (requires Enterprise).
PasswordPolicy string Name of the password policy to use to generate passwords.
RequestTimeout double Timeout, in seconds, for the connection when making requests against the server before returning back an error.
Starttls object Issue a StartTLS command after establishing unencrypted connection.
TlsMaxVersion string Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
TlsMinVersion string Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
Ttl double In seconds, the default password time-to-live.
Upndomain string Enables userPrincipalDomain login with [username]@UPNDomain.
Url string LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
UsePre111GroupCnBehavior object In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
Userattr string Attribute used for users (default: cn).
Userdn string LDAP domain to use for users (eg: ou=People,dc=example,dc=org).
UseTokenGroups object If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.
ConnectionOptional 
public object Connection { get; set; }
  • Type: object
CountOptional 
public object Count { get; set; }
  • Type: object
DependsOnOptional 
public ITerraformDependable[] DependsOn { get; set; }
  • Type: HashiCorp.Cdktf.ITerraformDependable[]
ForEachOptional 
public ITerraformIterator ForEach { get; set; }
  • Type: HashiCorp.Cdktf.ITerraformIterator
LifecycleOptional 
public TerraformResourceLifecycle Lifecycle { get; set; }
  • Type: HashiCorp.Cdktf.TerraformResourceLifecycle
ProviderOptional 
public TerraformProvider Provider { get; set; }
  • Type: HashiCorp.Cdktf.TerraformProvider
ProvisionersOptional 
public object[] Provisioners { get; set; }
  • Type: object[]
BinddnRequired 
public string Binddn { get; set; }
  • Type: string

Distinguished name of object to bind when performing user and group search.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#binddn AdSecretBackend#binddn}

BindpassRequired 
public string Bindpass { get; set; }
  • Type: string

LDAP password for searching for the user DN.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#bindpass AdSecretBackend#bindpass}

AnonymousGroupSearchOptional 
public object AnonymousGroupSearch { get; set; }
  • Type: object

Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#anonymous_group_search AdSecretBackend#anonymous_group_search}

BackendOptional 
public string Backend { get; set; }
  • Type: string

The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#backend AdSecretBackend#backend}

CaseSensitiveNamesOptional 
public object CaseSensitiveNames { get; set; }
  • Type: object

If true, case sensitivity will be used when comparing usernames and groups for matching policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#case_sensitive_names AdSecretBackend#case_sensitive_names}

CertificateOptional 
public string Certificate { get; set; }
  • Type: string

CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#certificate AdSecretBackend#certificate}

ClientTlsCertOptional 
public string ClientTlsCert { get; set; }
  • Type: string

Client certificate to provide to the LDAP server, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#client_tls_cert AdSecretBackend#client_tls_cert}

ClientTlsKeyOptional 
public string ClientTlsKey { get; set; }
  • Type: string

Client certificate key to provide to the LDAP server, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#client_tls_key AdSecretBackend#client_tls_key}

DefaultLeaseTtlSecondsOptional 
public double DefaultLeaseTtlSeconds { get; set; }
  • Type: double

Default lease duration for secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#default_lease_ttl_seconds AdSecretBackend#default_lease_ttl_seconds}

DenyNullBindOptional 
public object DenyNullBind { get; set; }
  • Type: object

Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#deny_null_bind AdSecretBackend#deny_null_bind}

DescriptionOptional 
public string Description { get; set; }
  • Type: string

Human-friendly description of the mount for the backend.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#description AdSecretBackend#description}

DisableRemountOptional 
public object DisableRemount { get; set; }
  • Type: object

If set, opts out of mount migration on path updates.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#disable_remount AdSecretBackend#disable_remount}

DiscoverdnOptional 
public object Discoverdn { get; set; }
  • Type: object

Use anonymous bind to discover the bind DN of a user.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#discoverdn AdSecretBackend#discoverdn}

GroupattrOptional 
public string Groupattr { get; set; }
  • Type: string

LDAP attribute to follow on objects returned by in order to enumerate user group membership.

Examples: "cn" or "memberOf", etc. Default: cn

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#groupattr AdSecretBackend#groupattr}

GroupdnOptional 
public string Groupdn { get; set; }
  • Type: string

LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#groupdn AdSecretBackend#groupdn}

GroupfilterOptional 
public string Groupfilter { get; set; }
  • Type: string

Go template for querying group membership of user.

The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#groupfilter AdSecretBackend#groupfilter}

IdOptional 
public string Id { get; set; }
  • Type: string

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

InsecureTlsOptional 
public object InsecureTls { get; set; }
  • Type: object

Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#insecure_tls AdSecretBackend#insecure_tls}

LastRotationToleranceOptional 
public double LastRotationTolerance { get; set; }
  • Type: double

The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#last_rotation_tolerance AdSecretBackend#last_rotation_tolerance}

LocalOptional 
public object Local { get; set; }
  • Type: object

Mark the secrets engine as local-only.

Local engines are not replicated or removed by replication.Tolerance duration to use when checking the last rotation time.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#local AdSecretBackend#local}

MaxLeaseTtlSecondsOptional 
public double MaxLeaseTtlSeconds { get; set; }
  • Type: double

Maximum possible lease duration for secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#max_lease_ttl_seconds AdSecretBackend#max_lease_ttl_seconds}

MaxTtlOptional 
public double MaxTtl { get; set; }
  • Type: double

In seconds, the maximum password time-to-live.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#max_ttl AdSecretBackend#max_ttl}

NamespaceOptional 
public string Namespace { get; set; }
  • Type: string

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#namespace AdSecretBackend#namespace}

PasswordPolicyOptional 
public string PasswordPolicy { get; set; }
  • Type: string

Name of the password policy to use to generate passwords.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#password_policy AdSecretBackend#password_policy}

RequestTimeoutOptional 
public double RequestTimeout { get; set; }
  • Type: double

Timeout, in seconds, for the connection when making requests against the server before returning back an error.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#request_timeout AdSecretBackend#request_timeout}

StarttlsOptional 
public object Starttls { get; set; }
  • Type: object

Issue a StartTLS command after establishing unencrypted connection.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#starttls AdSecretBackend#starttls}

TlsMaxVersionOptional 
public string TlsMaxVersion { get; set; }
  • Type: string

Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#tls_max_version AdSecretBackend#tls_max_version}

TlsMinVersionOptional 
public string TlsMinVersion { get; set; }
  • Type: string

Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#tls_min_version AdSecretBackend#tls_min_version}

TtlOptional 
public double Ttl { get; set; }
  • Type: double

In seconds, the default password time-to-live.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#ttl AdSecretBackend#ttl}

UpndomainOptional 
public string Upndomain { get; set; }
  • Type: string

Enables userPrincipalDomain login with [username]@UPNDomain.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#upndomain AdSecretBackend#upndomain}

UrlOptional 
public string Url { get; set; }
  • Type: string

LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#url AdSecretBackend#url}

UsePre111GroupCnBehaviorOptional 
public object UsePre111GroupCnBehavior { get; set; }
  • Type: object

In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#use_pre111_group_cn_behavior AdSecretBackend#use_pre111_group_cn_behavior}

UserattrOptional 
public string Userattr { get; set; }
  • Type: string

Attribute used for users (default: cn).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#userattr AdSecretBackend#userattr}

UserdnOptional 
public string Userdn { get; set; }
  • Type: string

LDAP domain to use for users (eg: ou=People,dc=example,dc=org).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#userdn AdSecretBackend#userdn}

UseTokenGroupsOptional 
public object UseTokenGroups { get; set; }
  • Type: object

If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.

This will find all security groups including nested ones.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/ad_secret_backend#use_token_groups AdSecretBackend#use_token_groups}