Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
Ldap rotated secret resource
Create RotatedSecretLdap Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RotatedSecretLdap(name: string, args: RotatedSecretLdapArgs, opts?: CustomResourceOptions);@overload
def RotatedSecretLdap(resource_name: str,
args: RotatedSecretLdapArgs,
opts: Optional[ResourceOptions] = None)
@overload
def RotatedSecretLdap(resource_name: str,
opts: Optional[ResourceOptions] = None,
rotator_type: Optional[str] = None,
target_name: Optional[str] = None,
rotation_hour: Optional[float] = None,
secure_access_rdp_domain: Optional[str] = None,
host_provider: Optional[str] = None,
item_custom_fields: Optional[Mapping[str, str]] = None,
keep_prev_version: Optional[str] = None,
key: Optional[str] = None,
max_versions: Optional[str] = None,
name: Optional[str] = None,
password_length: Optional[str] = None,
rotate_after_disconnect: Optional[str] = None,
rotated_password: Optional[str] = None,
rotated_secret_ldap_id: Optional[str] = None,
rotated_username: Optional[str] = None,
rotation_event_ins: Optional[Sequence[str]] = None,
description: Optional[str] = None,
authentication_credentials: Optional[str] = None,
secure_access_web: Optional[bool] = None,
secure_access_certificate_issuer: Optional[str] = None,
secure_access_enable: Optional[str] = None,
secure_access_hosts: Optional[Sequence[str]] = None,
rotation_interval: Optional[str] = None,
secure_access_url: Optional[str] = None,
delete_protection: Optional[str] = None,
secure_access_web_browsing: Optional[bool] = None,
secure_access_web_proxy: Optional[bool] = None,
tags: Optional[Sequence[str]] = None,
auto_rotate: Optional[str] = None,
targets: Optional[Sequence[str]] = None,
user_attribute: Optional[str] = None,
user_dn: Optional[str] = None)func NewRotatedSecretLdap(ctx *Context, name string, args RotatedSecretLdapArgs, opts ...ResourceOption) (*RotatedSecretLdap, error)public RotatedSecretLdap(string name, RotatedSecretLdapArgs args, CustomResourceOptions? opts = null)
public RotatedSecretLdap(String name, RotatedSecretLdapArgs args)
public RotatedSecretLdap(String name, RotatedSecretLdapArgs args, CustomResourceOptions options)
type: akeyless:RotatedSecretLdap
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RotatedSecretLdapArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RotatedSecretLdapArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RotatedSecretLdapArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RotatedSecretLdapArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RotatedSecretLdapArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var rotatedSecretLdapResource = new Akeyless.RotatedSecretLdap("rotatedSecretLdapResource", new()
{
RotatorType = "string",
TargetName = "string",
RotationHour = 0,
SecureAccessRdpDomain = "string",
HostProvider = "string",
ItemCustomFields =
{
{ "string", "string" },
},
KeepPrevVersion = "string",
Key = "string",
MaxVersions = "string",
Name = "string",
PasswordLength = "string",
RotateAfterDisconnect = "string",
RotatedPassword = "string",
RotatedSecretLdapId = "string",
RotatedUsername = "string",
RotationEventIns = new[]
{
"string",
},
Description = "string",
AuthenticationCredentials = "string",
SecureAccessWeb = false,
SecureAccessCertificateIssuer = "string",
SecureAccessEnable = "string",
SecureAccessHosts = new[]
{
"string",
},
RotationInterval = "string",
SecureAccessUrl = "string",
DeleteProtection = "string",
SecureAccessWebBrowsing = false,
SecureAccessWebProxy = false,
Tags = new[]
{
"string",
},
AutoRotate = "string",
Targets = new[]
{
"string",
},
UserAttribute = "string",
UserDn = "string",
});
example, err := akeyless.NewRotatedSecretLdap(ctx, "rotatedSecretLdapResource", &akeyless.RotatedSecretLdapArgs{
RotatorType: pulumi.String("string"),
TargetName: pulumi.String("string"),
RotationHour: pulumi.Float64(0),
SecureAccessRdpDomain: pulumi.String("string"),
HostProvider: pulumi.String("string"),
ItemCustomFields: pulumi.StringMap{
"string": pulumi.String("string"),
},
KeepPrevVersion: pulumi.String("string"),
Key: pulumi.String("string"),
MaxVersions: pulumi.String("string"),
Name: pulumi.String("string"),
PasswordLength: pulumi.String("string"),
RotateAfterDisconnect: pulumi.String("string"),
RotatedPassword: pulumi.String("string"),
RotatedSecretLdapId: pulumi.String("string"),
RotatedUsername: pulumi.String("string"),
RotationEventIns: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
AuthenticationCredentials: pulumi.String("string"),
SecureAccessWeb: pulumi.Bool(false),
SecureAccessCertificateIssuer: pulumi.String("string"),
SecureAccessEnable: pulumi.String("string"),
SecureAccessHosts: pulumi.StringArray{
pulumi.String("string"),
},
RotationInterval: pulumi.String("string"),
SecureAccessUrl: pulumi.String("string"),
DeleteProtection: pulumi.String("string"),
SecureAccessWebBrowsing: pulumi.Bool(false),
SecureAccessWebProxy: pulumi.Bool(false),
Tags: pulumi.StringArray{
pulumi.String("string"),
},
AutoRotate: pulumi.String("string"),
Targets: pulumi.StringArray{
pulumi.String("string"),
},
UserAttribute: pulumi.String("string"),
UserDn: pulumi.String("string"),
})
var rotatedSecretLdapResource = new RotatedSecretLdap("rotatedSecretLdapResource", RotatedSecretLdapArgs.builder()
.rotatorType("string")
.targetName("string")
.rotationHour(0.0)
.secureAccessRdpDomain("string")
.hostProvider("string")
.itemCustomFields(Map.of("string", "string"))
.keepPrevVersion("string")
.key("string")
.maxVersions("string")
.name("string")
.passwordLength("string")
.rotateAfterDisconnect("string")
.rotatedPassword("string")
.rotatedSecretLdapId("string")
.rotatedUsername("string")
.rotationEventIns("string")
.description("string")
.authenticationCredentials("string")
.secureAccessWeb(false)
.secureAccessCertificateIssuer("string")
.secureAccessEnable("string")
.secureAccessHosts("string")
.rotationInterval("string")
.secureAccessUrl("string")
.deleteProtection("string")
.secureAccessWebBrowsing(false)
.secureAccessWebProxy(false)
.tags("string")
.autoRotate("string")
.targets("string")
.userAttribute("string")
.userDn("string")
.build());
rotated_secret_ldap_resource = akeyless.RotatedSecretLdap("rotatedSecretLdapResource",
rotator_type="string",
target_name="string",
rotation_hour=float(0),
secure_access_rdp_domain="string",
host_provider="string",
item_custom_fields={
"string": "string",
},
keep_prev_version="string",
key="string",
max_versions="string",
name="string",
password_length="string",
rotate_after_disconnect="string",
rotated_password="string",
rotated_secret_ldap_id="string",
rotated_username="string",
rotation_event_ins=["string"],
description="string",
authentication_credentials="string",
secure_access_web=False,
secure_access_certificate_issuer="string",
secure_access_enable="string",
secure_access_hosts=["string"],
rotation_interval="string",
secure_access_url="string",
delete_protection="string",
secure_access_web_browsing=False,
secure_access_web_proxy=False,
tags=["string"],
auto_rotate="string",
targets=["string"],
user_attribute="string",
user_dn="string")
const rotatedSecretLdapResource = new akeyless.RotatedSecretLdap("rotatedSecretLdapResource", {
rotatorType: "string",
targetName: "string",
rotationHour: 0,
secureAccessRdpDomain: "string",
hostProvider: "string",
itemCustomFields: {
string: "string",
},
keepPrevVersion: "string",
key: "string",
maxVersions: "string",
name: "string",
passwordLength: "string",
rotateAfterDisconnect: "string",
rotatedPassword: "string",
rotatedSecretLdapId: "string",
rotatedUsername: "string",
rotationEventIns: ["string"],
description: "string",
authenticationCredentials: "string",
secureAccessWeb: false,
secureAccessCertificateIssuer: "string",
secureAccessEnable: "string",
secureAccessHosts: ["string"],
rotationInterval: "string",
secureAccessUrl: "string",
deleteProtection: "string",
secureAccessWebBrowsing: false,
secureAccessWebProxy: false,
tags: ["string"],
autoRotate: "string",
targets: ["string"],
userAttribute: "string",
userDn: "string",
});
type: akeyless:RotatedSecretLdap
properties:
authenticationCredentials: string
autoRotate: string
deleteProtection: string
description: string
hostProvider: string
itemCustomFields:
string: string
keepPrevVersion: string
key: string
maxVersions: string
name: string
passwordLength: string
rotateAfterDisconnect: string
rotatedPassword: string
rotatedSecretLdapId: string
rotatedUsername: string
rotationEventIns:
- string
rotationHour: 0
rotationInterval: string
rotatorType: string
secureAccessCertificateIssuer: string
secureAccessEnable: string
secureAccessHosts:
- string
secureAccessRdpDomain: string
secureAccessUrl: string
secureAccessWeb: false
secureAccessWebBrowsing: false
secureAccessWebProxy: false
tags:
- string
targetName: string
targets:
- string
userAttribute: string
userDn: string
RotatedSecretLdap Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The RotatedSecretLdap resource accepts the following input properties:
- Rotator
Type string - The rotator type. options: [target/ldap]
- Target
Name string - Target name
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom Dictionary<string, string>Fields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults.
- Name string
- Rotated secret name
- Password
Length string - The length of the password to be generated
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=ldap)
- Rotated
Secret stringLdap Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- Rotation
Event List<string>Ins - How many days before the rotation of the item would you like to be notified
- Rotation
Hour double - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access List<string>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringUrl - Destination URL to inject secrets
- Secure
Access boolWeb - Enable Web Secure Remote Access
- Secure
Access boolWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- Secure
Access boolWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- List<string>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- Targets List<string>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- User
Attribute string - LDAP User Attribute, Default value "cn"
- User
Dn string - Base DN to Perform User Search
- Rotator
Type string - The rotator type. options: [target/ldap]
- Target
Name string - Target name
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom map[string]stringFields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults.
- Name string
- Rotated secret name
- Password
Length string - The length of the password to be generated
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=ldap)
- Rotated
Secret stringLdap Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- Rotation
Event []stringIns - How many days before the rotation of the item would you like to be notified
- Rotation
Hour float64 - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access []stringHosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringUrl - Destination URL to inject secrets
- Secure
Access boolWeb - Enable Web Secure Remote Access
- Secure
Access boolWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- Secure
Access boolWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- []string
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- Targets []string
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- User
Attribute string - LDAP User Attribute, Default value "cn"
- User
Dn string - Base DN to Perform User Search
- rotator
Type String - The rotator type. options: [target/ldap]
- target
Name String - Target name
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String,String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults.
- name String
- Rotated secret name
- password
Length String - The length of the password to be generated
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=ldap)
- rotated
Secret StringLdap Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Double - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringUrl - Destination URL to inject secrets
- secure
Access BooleanWeb - Enable Web Secure Remote Access
- secure
Access BooleanWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure
Access BooleanWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user
Attribute String - LDAP User Attribute, Default value "cn"
- user
Dn String - Base DN to Perform User Search
- rotator
Type string - The rotator type. options: [target/ldap]
- target
Name string - Target name
- authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete
Protection string - Protection from accidental deletion of this object [true/false]
- description string
- Description of the object
- host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom {[key: string]: string}Fields - Additional custom fields to associate with the item
- keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max
Versions string - Set the maximum number of versions, limited by the account settings defaults.
- name string
- Rotated secret name
- password
Length string - The length of the password to be generated
- rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password string - rotated-username password (relevant only for rotator-type=ldap)
- rotated
Secret stringLdap Id - The ID of this resource.
- rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation
Event string[]Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour number - The Hour of the rotation in UTC
- rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- secure
Access string[]Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access stringUrl - Destination URL to inject secrets
- secure
Access booleanWeb - Enable Web Secure Remote Access
- secure
Access booleanWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure
Access booleanWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- string[]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- targets string[]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user
Attribute string - LDAP User Attribute, Default value "cn"
- user
Dn string - Base DN to Perform User Search
- rotator_
type str - The rotator type. options: [target/ldap]
- target_
name str - Target name
- authentication_
credentials str - The credentials to connect with use-self-creds/use-target-creds
- auto_
rotate str - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete_
protection str - Protection from accidental deletion of this object [true/false]
- description str
- Description of the object
- host_
provider str - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item_
custom_ Mapping[str, str]fields - Additional custom fields to associate with the item
- keep_
prev_ strversion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key str
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max_
versions str - Set the maximum number of versions, limited by the account settings defaults.
- name str
- Rotated secret name
- password_
length str - The length of the password to be generated
- rotate_
after_ strdisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated_
password str - rotated-username password (relevant only for rotator-type=ldap)
- rotated_
secret_ strldap_ id - The ID of this resource.
- rotated_
username str - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation_
event_ Sequence[str]ins - How many days before the rotation of the item would you like to be notified
- rotation_
hour float - The Hour of the rotation in UTC
- rotation_
interval str - The number of days to wait between every automatic key rotation (1-365)
- secure_
access_ strcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ strenable - Enable/Disable secure remote access [true/false]
- secure_
access_ Sequence[str]hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ strrdp_ domain - Default domain name server. i.e. microsoft.com
- secure_
access_ strurl - Destination URL to inject secrets
- secure_
access_ boolweb - Enable Web Secure Remote Access
- secure_
access_ boolweb_ browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure_
access_ boolweb_ proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- Sequence[str]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- targets Sequence[str]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user_
attribute str - LDAP User Attribute, Default value "cn"
- user_
dn str - Base DN to Perform User Search
- rotator
Type String - The rotator type. options: [target/ldap]
- target
Name String - Target name
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults.
- name String
- Rotated secret name
- password
Length String - The length of the password to be generated
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=ldap)
- rotated
Secret StringLdap Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Number - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringUrl - Destination URL to inject secrets
- secure
Access BooleanWeb - Enable Web Secure Remote Access
- secure
Access BooleanWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure
Access BooleanWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user
Attribute String - LDAP User Attribute, Default value "cn"
- user
Dn String - Base DN to Perform User Search
Outputs
All input properties are implicitly available as output properties. Additionally, the RotatedSecretLdap resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RotatedSecretLdap Resource
Get an existing RotatedSecretLdap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RotatedSecretLdapState, opts?: CustomResourceOptions): RotatedSecretLdap@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authentication_credentials: Optional[str] = None,
auto_rotate: Optional[str] = None,
delete_protection: Optional[str] = None,
description: Optional[str] = None,
host_provider: Optional[str] = None,
item_custom_fields: Optional[Mapping[str, str]] = None,
keep_prev_version: Optional[str] = None,
key: Optional[str] = None,
max_versions: Optional[str] = None,
name: Optional[str] = None,
password_length: Optional[str] = None,
rotate_after_disconnect: Optional[str] = None,
rotated_password: Optional[str] = None,
rotated_secret_ldap_id: Optional[str] = None,
rotated_username: Optional[str] = None,
rotation_event_ins: Optional[Sequence[str]] = None,
rotation_hour: Optional[float] = None,
rotation_interval: Optional[str] = None,
rotator_type: Optional[str] = None,
secure_access_certificate_issuer: Optional[str] = None,
secure_access_enable: Optional[str] = None,
secure_access_hosts: Optional[Sequence[str]] = None,
secure_access_rdp_domain: Optional[str] = None,
secure_access_url: Optional[str] = None,
secure_access_web: Optional[bool] = None,
secure_access_web_browsing: Optional[bool] = None,
secure_access_web_proxy: Optional[bool] = None,
tags: Optional[Sequence[str]] = None,
target_name: Optional[str] = None,
targets: Optional[Sequence[str]] = None,
user_attribute: Optional[str] = None,
user_dn: Optional[str] = None) -> RotatedSecretLdapfunc GetRotatedSecretLdap(ctx *Context, name string, id IDInput, state *RotatedSecretLdapState, opts ...ResourceOption) (*RotatedSecretLdap, error)public static RotatedSecretLdap Get(string name, Input<string> id, RotatedSecretLdapState? state, CustomResourceOptions? opts = null)public static RotatedSecretLdap get(String name, Output<String> id, RotatedSecretLdapState state, CustomResourceOptions options)resources: _: type: akeyless:RotatedSecretLdap get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom Dictionary<string, string>Fields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults.
- Name string
- Rotated secret name
- Password
Length string - The length of the password to be generated
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=ldap)
- Rotated
Secret stringLdap Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- Rotation
Event List<string>Ins - How many days before the rotation of the item would you like to be notified
- Rotation
Hour double - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Rotator
Type string - The rotator type. options: [target/ldap]
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access List<string>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringUrl - Destination URL to inject secrets
- Secure
Access boolWeb - Enable Web Secure Remote Access
- Secure
Access boolWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- Secure
Access boolWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- List<string>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- Target
Name string - Target name
- Targets List<string>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- User
Attribute string - LDAP User Attribute, Default value "cn"
- User
Dn string - Base DN to Perform User Search
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- Item
Custom map[string]stringFields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults.
- Name string
- Rotated secret name
- Password
Length string - The length of the password to be generated
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=ldap)
- Rotated
Secret stringLdap Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- Rotation
Event []stringIns - How many days before the rotation of the item would you like to be notified
- Rotation
Hour float64 - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Rotator
Type string - The rotator type. options: [target/ldap]
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access []stringHosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringUrl - Destination URL to inject secrets
- Secure
Access boolWeb - Enable Web Secure Remote Access
- Secure
Access boolWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- Secure
Access boolWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- []string
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- Target
Name string - Target name
- Targets []string
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- User
Attribute string - LDAP User Attribute, Default value "cn"
- User
Dn string - Base DN to Perform User Search
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String,String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults.
- name String
- Rotated secret name
- password
Length String - The length of the password to be generated
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=ldap)
- rotated
Secret StringLdap Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Double - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- rotator
Type String - The rotator type. options: [target/ldap]
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringUrl - Destination URL to inject secrets
- secure
Access BooleanWeb - Enable Web Secure Remote Access
- secure
Access BooleanWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure
Access BooleanWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target
Name String - Target name
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user
Attribute String - LDAP User Attribute, Default value "cn"
- user
Dn String - Base DN to Perform User Search
- authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete
Protection string - Protection from accidental deletion of this object [true/false]
- description string
- Description of the object
- host
Provider string - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom {[key: string]: string}Fields - Additional custom fields to associate with the item
- keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max
Versions string - Set the maximum number of versions, limited by the account settings defaults.
- name string
- Rotated secret name
- password
Length string - The length of the password to be generated
- rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password string - rotated-username password (relevant only for rotator-type=ldap)
- rotated
Secret stringLdap Id - The ID of this resource.
- rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation
Event string[]Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour number - The Hour of the rotation in UTC
- rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- rotator
Type string - The rotator type. options: [target/ldap]
- secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- secure
Access string[]Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access stringUrl - Destination URL to inject secrets
- secure
Access booleanWeb - Enable Web Secure Remote Access
- secure
Access booleanWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure
Access booleanWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- string[]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target
Name string - Target name
- targets string[]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user
Attribute string - LDAP User Attribute, Default value "cn"
- user
Dn string - Base DN to Perform User Search
- authentication_
credentials str - The credentials to connect with use-self-creds/use-target-creds
- auto_
rotate str - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete_
protection str - Protection from accidental deletion of this object [true/false]
- description str
- Description of the object
- host_
provider str - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item_
custom_ Mapping[str, str]fields - Additional custom fields to associate with the item
- keep_
prev_ strversion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key str
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max_
versions str - Set the maximum number of versions, limited by the account settings defaults.
- name str
- Rotated secret name
- password_
length str - The length of the password to be generated
- rotate_
after_ strdisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated_
password str - rotated-username password (relevant only for rotator-type=ldap)
- rotated_
secret_ strldap_ id - The ID of this resource.
- rotated_
username str - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation_
event_ Sequence[str]ins - How many days before the rotation of the item would you like to be notified
- rotation_
hour float - The Hour of the rotation in UTC
- rotation_
interval str - The number of days to wait between every automatic key rotation (1-365)
- rotator_
type str - The rotator type. options: [target/ldap]
- secure_
access_ strcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ strenable - Enable/Disable secure remote access [true/false]
- secure_
access_ Sequence[str]hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ strrdp_ domain - Default domain name server. i.e. microsoft.com
- secure_
access_ strurl - Destination URL to inject secrets
- secure_
access_ boolweb - Enable Web Secure Remote Access
- secure_
access_ boolweb_ browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure_
access_ boolweb_ proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- Sequence[str]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target_
name str - Target name
- targets Sequence[str]
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user_
attribute str - LDAP User Attribute, Default value "cn"
- user_
dn str - Base DN to Perform User Search
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- host
Provider String - Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret
- item
Custom Map<String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults.
- name String
- Rotated secret name
- password
Length String - The length of the password to be generated
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=ldap)
- rotated
Secret StringLdap Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=ldap)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Number - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- rotator
Type String - The rotator type. options: [target/ldap]
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringUrl - Destination URL to inject secrets
- secure
Access BooleanWeb - Enable Web Secure Remote Access
- secure
Access BooleanWeb Browsing - Secure browser via Akeyless's Secure Remote Access (SRA)
- secure
Access BooleanWeb Proxy - Web-Proxy via Akeyless's Secure Remote Access (SRA)
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target
Name String - Target name
- targets List<String>
- A list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple times
- user
Attribute String - LDAP User Attribute, Default value "cn"
- user
Dn String - Base DN to Perform User Search
Package Details
- Repository
- akeyless akeyless-community/terraform-provider-akeyless
- License
- Notes
- This Pulumi package is based on the
akeylessTerraform Provider.
Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
