@pulumi/vault 4.5.0 → 4.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/ad/getAccessCredentials.d.ts +18 -2
- package/ad/getAccessCredentials.js +5 -0
- package/ad/getAccessCredentials.js.map +1 -1
- package/ad/index.js +14 -7
- package/ad/index.js.map +1 -1
- package/ad/secretBackend.d.ts +68 -68
- package/ad/secretBackend.js +1 -0
- package/ad/secretBackend.js.map +1 -1
- package/ad/secretLibrary.d.ts +12 -12
- package/ad/secretLibrary.js +1 -0
- package/ad/secretLibrary.js.map +1 -1
- package/ad/secretRole.d.ts +10 -10
- package/ad/secretRole.js +1 -0
- package/ad/secretRole.js.map +1 -1
- package/alicloud/authBackendRole.d.ts +24 -24
- package/alicloud/authBackendRole.js +1 -0
- package/alicloud/authBackendRole.js.map +1 -1
- package/alicloud/index.js +11 -4
- package/alicloud/index.js.map +1 -1
- package/approle/authBackendLogin.d.ts +16 -16
- package/approle/authBackendLogin.js +4 -3
- package/approle/authBackendLogin.js.map +1 -1
- package/approle/authBackendRole.d.ts +39 -39
- package/approle/authBackendRole.js +2 -1
- package/approle/authBackendRole.js.map +1 -1
- package/approle/authBackendRoleSecretID.d.ts +17 -17
- package/approle/authBackendRoleSecretID.js +3 -2
- package/approle/authBackendRoleSecretID.js.map +1 -1
- package/approle/getAuthBackendRoleId.d.ts +17 -2
- package/approle/getAuthBackendRoleId.js +5 -0
- package/approle/getAuthBackendRoleId.js.map +1 -1
- package/approle/index.js +14 -7
- package/approle/index.js.map +1 -1
- package/audit.d.ts +10 -10
- package/audit.js +1 -0
- package/audit.js.map +1 -1
- package/authBackend.d.ts +17 -17
- package/authBackend.js +1 -0
- package/authBackend.js.map +1 -1
- package/aws/authBackendCert.d.ts +8 -8
- package/aws/authBackendCert.js +1 -0
- package/aws/authBackendCert.js.map +1 -1
- package/aws/authBackendClient.d.ts +16 -16
- package/aws/authBackendClient.js +1 -0
- package/aws/authBackendClient.js.map +1 -1
- package/aws/authBackendIdentityWhitelist.d.ts +6 -6
- package/aws/authBackendIdentityWhitelist.js +1 -0
- package/aws/authBackendIdentityWhitelist.js.map +1 -1
- package/aws/authBackendLogin.d.ts +28 -28
- package/aws/authBackendLogin.js +1 -0
- package/aws/authBackendLogin.js.map +1 -1
- package/aws/authBackendRole.d.ts +62 -62
- package/aws/authBackendRole.js +1 -0
- package/aws/authBackendRole.js.map +1 -1
- package/aws/authBackendRoleTag.d.ts +16 -16
- package/aws/authBackendRoleTag.js +1 -0
- package/aws/authBackendRoleTag.js.map +1 -1
- package/aws/authBackendRoletagBlacklist.d.ts +6 -6
- package/aws/authBackendRoletagBlacklist.js +1 -0
- package/aws/authBackendRoletagBlacklist.js.map +1 -1
- package/aws/authBackendStsRole.d.ts +6 -6
- package/aws/authBackendStsRole.js +1 -0
- package/aws/authBackendStsRole.js.map +1 -1
- package/aws/getAccessCredentials.d.ts +42 -6
- package/aws/getAccessCredentials.js +5 -0
- package/aws/getAccessCredentials.js.map +1 -1
- package/aws/index.js +21 -14
- package/aws/index.js.map +1 -1
- package/aws/secretBackend.d.ts +18 -18
- package/aws/secretBackend.js +1 -0
- package/aws/secretBackend.js.map +1 -1
- package/aws/secretBackendRole.d.ts +18 -18
- package/aws/secretBackendRole.js +1 -0
- package/aws/secretBackendRole.js.map +1 -1
- package/azure/authBackendConfig.d.ts +12 -12
- package/azure/authBackendConfig.js +1 -0
- package/azure/authBackendConfig.js.map +1 -1
- package/azure/authBackendRole.d.ts +45 -45
- package/azure/authBackendRole.js +1 -0
- package/azure/authBackendRole.js.map +1 -1
- package/azure/backend.d.ts +14 -14
- package/azure/backend.js +1 -0
- package/azure/backend.js.map +1 -1
- package/azure/backendRole.d.ts +16 -16
- package/azure/backendRole.js +1 -0
- package/azure/backendRole.js.map +1 -1
- package/azure/getAccessCredentials.d.ts +47 -6
- package/azure/getAccessCredentials.js +5 -0
- package/azure/getAccessCredentials.js.map +1 -1
- package/azure/index.js +15 -8
- package/azure/index.js.map +1 -1
- package/certAuthBackendRole.d.ts +50 -50
- package/certAuthBackendRole.js +1 -0
- package/certAuthBackendRole.js.map +1 -1
- package/config/index.js +11 -4
- package/config/index.js.map +1 -1
- package/config/vars.d.ts +13 -13
- package/config/vars.js +82 -53
- package/config/vars.js.map +1 -1
- package/consul/index.js +12 -5
- package/consul/index.js.map +1 -1
- package/consul/secretBackend.d.ts +22 -22
- package/consul/secretBackend.js +1 -0
- package/consul/secretBackend.js.map +1 -1
- package/consul/secretBackendRole.d.ts +16 -16
- package/consul/secretBackendRole.js +1 -0
- package/consul/secretBackendRole.js.map +1 -1
- package/database/index.js +13 -6
- package/database/index.js.map +1 -1
- package/database/secretBackendConnection.d.ts +38 -38
- package/database/secretBackendConnection.js +1 -0
- package/database/secretBackendConnection.js.map +1 -1
- package/database/secretBackendRole.d.ts +18 -18
- package/database/secretBackendRole.js +1 -0
- package/database/secretBackendRole.js.map +1 -1
- package/database/secretBackendStaticRole.d.ts +12 -12
- package/database/secretBackendStaticRole.js +1 -0
- package/database/secretBackendStaticRole.js.map +1 -1
- package/egpPolicy.d.ts +8 -8
- package/egpPolicy.js +1 -0
- package/egpPolicy.js.map +1 -1
- package/gcp/authBackend.d.ts +16 -16
- package/gcp/authBackend.js +1 -0
- package/gcp/authBackend.js.map +1 -1
- package/gcp/authBackendRole.d.ts +50 -50
- package/gcp/authBackendRole.js +1 -0
- package/gcp/authBackendRole.js.map +1 -1
- package/gcp/getAuthBackendRole.d.ts +80 -12
- package/gcp/getAuthBackendRole.js +6 -1
- package/gcp/getAuthBackendRole.js.map +1 -1
- package/gcp/index.js +16 -9
- package/gcp/index.js.map +1 -1
- package/gcp/secretBackend.d.ts +12 -12
- package/gcp/secretBackend.js +1 -0
- package/gcp/secretBackend.js.map +1 -1
- package/gcp/secretRoleset.d.ts +13 -13
- package/gcp/secretRoleset.js +1 -0
- package/gcp/secretRoleset.js.map +1 -1
- package/gcp/secretStaticAccount.d.ts +39 -13
- package/gcp/secretStaticAccount.js +27 -0
- package/gcp/secretStaticAccount.js.map +1 -1
- package/generic/endpoint.d.ts +14 -14
- package/generic/endpoint.js +1 -0
- package/generic/endpoint.js.map +1 -1
- package/generic/getSecret.d.ts +22 -2
- package/generic/getSecret.js +5 -0
- package/generic/getSecret.js.map +1 -1
- package/generic/index.js +13 -6
- package/generic/index.js.map +1 -1
- package/generic/secret.d.ts +7 -7
- package/generic/secret.js +1 -0
- package/generic/secret.js.map +1 -1
- package/getAuthBackend.d.ts +13 -3
- package/getAuthBackend.js +6 -1
- package/getAuthBackend.js.map +1 -1
- package/getNomadAccessToken.d.ts +18 -2
- package/getNomadAccessToken.js +5 -0
- package/getNomadAccessToken.js.map +1 -1
- package/getPolicyDocument.d.ts +8 -1
- package/getPolicyDocument.js +5 -0
- package/getPolicyDocument.js.map +1 -1
- package/github/authBackend.d.ts +44 -35
- package/github/authBackend.js +3 -2
- package/github/authBackend.js.map +1 -1
- package/github/index.js +13 -6
- package/github/index.js.map +1 -1
- package/github/team.d.ts +24 -24
- package/github/team.js +1 -0
- package/github/team.js.map +1 -1
- package/github/user.d.ts +24 -24
- package/github/user.js +1 -0
- package/github/user.js.map +1 -1
- package/identity/entity.d.ts +10 -10
- package/identity/entity.js +1 -0
- package/identity/entity.js.map +1 -1
- package/identity/entityAlias.d.ts +6 -6
- package/identity/entityAlias.js +1 -0
- package/identity/entityAlias.js.map +1 -1
- package/identity/entityPolicies.d.ts +7 -7
- package/identity/entityPolicies.js +1 -0
- package/identity/entityPolicies.js.map +1 -1
- package/identity/getEntity.d.ts +33 -5
- package/identity/getEntity.js +5 -0
- package/identity/getEntity.js.map +1 -1
- package/identity/getGroup.d.ts +33 -5
- package/identity/getGroup.js +5 -0
- package/identity/getGroup.js.map +1 -1
- package/identity/group.d.ts +16 -16
- package/identity/group.js +1 -0
- package/identity/group.js.map +1 -1
- package/identity/groupAlias.d.ts +6 -6
- package/identity/groupAlias.js +1 -0
- package/identity/groupAlias.js.map +1 -1
- package/identity/groupMemberEntityIds.d.ts +7 -7
- package/identity/groupMemberEntityIds.js +1 -0
- package/identity/groupMemberEntityIds.js.map +1 -1
- package/identity/groupPolicies.d.ts +7 -7
- package/identity/groupPolicies.js +1 -0
- package/identity/groupPolicies.js.map +1 -1
- package/identity/index.js +23 -16
- package/identity/index.js.map +1 -1
- package/identity/oidc.d.ts +2 -2
- package/identity/oidc.js +1 -0
- package/identity/oidc.js.map +1 -1
- package/identity/oidcKey.d.ts +10 -10
- package/identity/oidcKey.js +1 -0
- package/identity/oidcKey.js.map +1 -1
- package/identity/oidcKeyAllowedClientID.d.ts +4 -4
- package/identity/oidcKeyAllowedClientID.js +1 -0
- package/identity/oidcKeyAllowedClientID.js.map +1 -1
- package/identity/oidcRole.d.ts +10 -10
- package/identity/oidcRole.js +1 -0
- package/identity/oidcRole.js.map +1 -1
- package/index.js +31 -23
- package/index.js.map +1 -1
- package/jwt/authBackend.d.ts +33 -33
- package/jwt/authBackend.js +1 -0
- package/jwt/authBackend.js.map +1 -1
- package/jwt/authBackendRole.d.ts +64 -64
- package/jwt/authBackendRole.js +1 -0
- package/jwt/authBackendRole.js.map +1 -1
- package/jwt/index.js +12 -5
- package/jwt/index.js.map +1 -1
- package/kubernetes/authBackendConfig.d.ts +16 -16
- package/kubernetes/authBackendConfig.js +1 -0
- package/kubernetes/authBackendConfig.js.map +1 -1
- package/kubernetes/authBackendRole.d.ts +40 -40
- package/kubernetes/authBackendRole.js +1 -0
- package/kubernetes/authBackendRole.js.map +1 -1
- package/kubernetes/getAuthBackendConfig.d.ts +36 -7
- package/kubernetes/getAuthBackendConfig.js +5 -0
- package/kubernetes/getAuthBackendConfig.js.map +1 -1
- package/kubernetes/getAuthBackendRole.d.ts +115 -18
- package/kubernetes/getAuthBackendRole.js +5 -0
- package/kubernetes/getAuthBackendRole.js.map +1 -1
- package/kubernetes/index.js +14 -7
- package/kubernetes/index.js.map +1 -1
- package/ldap/authBackend.d.ts +63 -63
- package/ldap/authBackend.js +1 -0
- package/ldap/authBackend.js.map +1 -1
- package/ldap/authBackendGroup.d.ts +6 -6
- package/ldap/authBackendGroup.js +1 -0
- package/ldap/authBackendGroup.js.map +1 -1
- package/ldap/authBackendUser.d.ts +8 -8
- package/ldap/authBackendUser.js +1 -0
- package/ldap/authBackendUser.js.map +1 -1
- package/ldap/index.js +13 -6
- package/ldap/index.js.map +1 -1
- package/mfaDuo.d.ts +14 -14
- package/mfaDuo.js +1 -0
- package/mfaDuo.js.map +1 -1
- package/mount.d.ts +19 -19
- package/mount.js +1 -0
- package/mount.js.map +1 -1
- package/namespace.d.ts +3 -3
- package/namespace.js +1 -0
- package/namespace.js.map +1 -1
- package/nomadSecretBackend.d.ts +26 -26
- package/nomadSecretBackend.js +1 -0
- package/nomadSecretBackend.js.map +1 -1
- package/nomadSecretRole.d.ts +10 -10
- package/nomadSecretRole.js +1 -0
- package/nomadSecretRole.js.map +1 -1
- package/okta/authBackend.d.ts +21 -21
- package/okta/authBackend.js +1 -0
- package/okta/authBackend.js.map +1 -1
- package/okta/authBackendGroup.d.ts +6 -6
- package/okta/authBackendGroup.js +1 -0
- package/okta/authBackendGroup.js.map +1 -1
- package/okta/authBackendUser.d.ts +16 -8
- package/okta/authBackendUser.js +9 -0
- package/okta/authBackendUser.js.map +1 -1
- package/okta/index.js +13 -6
- package/okta/index.js.map +1 -1
- package/package.json +4 -3
- package/package.json.bak +3 -2
- package/package.json.dev +4 -3
- package/passwordPolicy.d.ts +4 -4
- package/passwordPolicy.js +1 -0
- package/passwordPolicy.js.map +1 -1
- package/pkisecret/index.js +21 -14
- package/pkisecret/index.js.map +1 -1
- package/pkisecret/secretBackend.d.ts +8 -8
- package/pkisecret/secretBackend.js +1 -0
- package/pkisecret/secretBackend.js.map +1 -1
- package/pkisecret/secretBackendCert.d.ts +33 -33
- package/pkisecret/secretBackendCert.js +1 -0
- package/pkisecret/secretBackendCert.js.map +1 -1
- package/pkisecret/secretBackendConfigCa.d.ts +4 -4
- package/pkisecret/secretBackendConfigCa.js +1 -0
- package/pkisecret/secretBackendConfigCa.js.map +1 -1
- package/pkisecret/secretBackendConfigUrls.d.ts +10 -10
- package/pkisecret/secretBackendConfigUrls.js +3 -2
- package/pkisecret/secretBackendConfigUrls.js.map +1 -1
- package/pkisecret/secretBackendCrlConfig.d.ts +7 -7
- package/pkisecret/secretBackendCrlConfig.js +2 -1
- package/pkisecret/secretBackendCrlConfig.js.map +1 -1
- package/pkisecret/secretBackendIntermediateCertRequest.d.ts +41 -41
- package/pkisecret/secretBackendIntermediateCertRequest.js +1 -0
- package/pkisecret/secretBackendIntermediateCertRequest.js.map +1 -1
- package/pkisecret/secretBackendIntermediateSetSigned.d.ts +4 -4
- package/pkisecret/secretBackendIntermediateSetSigned.js +1 -0
- package/pkisecret/secretBackendIntermediateSetSigned.js.map +1 -1
- package/pkisecret/secretBackendRole.d.ts +78 -78
- package/pkisecret/secretBackendRole.js +3 -2
- package/pkisecret/secretBackendRole.js.map +1 -1
- package/pkisecret/secretBackendRootCert.d.ts +47 -47
- package/pkisecret/secretBackendRootCert.js +1 -0
- package/pkisecret/secretBackendRootCert.js.map +1 -1
- package/pkisecret/secretBackendRootSignIntermediate.d.ts +45 -45
- package/pkisecret/secretBackendRootSignIntermediate.js +2 -1
- package/pkisecret/secretBackendRootSignIntermediate.js.map +1 -1
- package/pkisecret/secretBackendSign.d.ts +31 -31
- package/pkisecret/secretBackendSign.js +1 -0
- package/pkisecret/secretBackendSign.js.map +1 -1
- package/policy.d.ts +4 -4
- package/policy.js +1 -0
- package/policy.js.map +1 -1
- package/provider.d.ts +41 -13
- package/provider.js +4 -3
- package/provider.js.map +1 -1
- package/quotaLeaseCount.d.ts +6 -6
- package/quotaLeaseCount.js +1 -0
- package/quotaLeaseCount.js.map +1 -1
- package/quotaRateLimit.d.ts +6 -6
- package/quotaRateLimit.js +1 -0
- package/quotaRateLimit.js.map +1 -1
- package/rabbitmq/index.js +12 -5
- package/rabbitmq/index.js.map +1 -1
- package/rabbitmq/secretBackend.d.ts +16 -16
- package/rabbitmq/secretBackend.js +1 -0
- package/rabbitmq/secretBackend.js.map +1 -1
- package/rabbitmq/secretBackendRole.d.ts +8 -8
- package/rabbitmq/secretBackendRole.js +1 -0
- package/rabbitmq/secretBackendRole.js.map +1 -1
- package/raftSnapshotAgentConfig.d.ts +54 -54
- package/raftSnapshotAgentConfig.js +1 -0
- package/raftSnapshotAgentConfig.js.map +1 -1
- package/rgpPolicy.d.ts +6 -6
- package/rgpPolicy.js +1 -0
- package/rgpPolicy.js.map +1 -1
- package/ssh/index.js +12 -5
- package/ssh/index.js.map +1 -1
- package/ssh/secretBackendCa.d.ts +8 -8
- package/ssh/secretBackendCa.js +1 -0
- package/ssh/secretBackendCa.js.map +1 -1
- package/ssh/secretBackendRole.d.ts +44 -44
- package/ssh/secretBackendRole.js +1 -0
- package/ssh/secretBackendRole.js.map +1 -1
- package/token.d.ts +34 -34
- package/token.js +1 -0
- package/token.js.map +1 -1
- package/tokenauth/authBackendRole.d.ts +39 -39
- package/tokenauth/authBackendRole.js +1 -0
- package/tokenauth/authBackendRole.js.map +1 -1
- package/tokenauth/index.js +11 -4
- package/tokenauth/index.js.map +1 -1
- package/transform/alphabet.d.ts +6 -6
- package/transform/alphabet.js +1 -0
- package/transform/alphabet.js.map +1 -1
- package/transform/getDecode.d.ts +50 -8
- package/transform/getDecode.js +5 -0
- package/transform/getDecode.js.map +1 -1
- package/transform/getEncode.d.ts +50 -8
- package/transform/getEncode.js +5 -0
- package/transform/getEncode.js.map +1 -1
- package/transform/index.js +16 -9
- package/transform/index.js.map +1 -1
- package/transform/role.d.ts +6 -6
- package/transform/role.js +1 -0
- package/transform/role.js.map +1 -1
- package/transform/template.d.ts +10 -10
- package/transform/template.js +1 -0
- package/transform/template.js.map +1 -1
- package/transform/transformation.d.ts +16 -16
- package/transform/transformation.js +1 -0
- package/transform/transformation.js.map +1 -1
- package/transit/getDecrypt.d.ts +27 -5
- package/transit/getDecrypt.js +6 -1
- package/transit/getDecrypt.js.map +1 -1
- package/transit/getEncrypt.d.ts +31 -5
- package/transit/getEncrypt.js +5 -0
- package/transit/getEncrypt.js.map +1 -1
- package/transit/index.js +14 -7
- package/transit/index.js.map +1 -1
- package/transit/secretBackendKey.d.ts +27 -27
- package/transit/secretBackendKey.js +1 -0
- package/transit/secretBackendKey.js.map +1 -1
- package/transit/secretCacheConfig.d.ts +4 -4
- package/transit/secretCacheConfig.js +1 -0
- package/transit/secretCacheConfig.js.map +1 -1
- package/types/index.js +1 -0
- package/types/index.js.map +1 -1
- package/types/input.d.ts +54 -0
- package/types/output.d.ts +0 -16
- package/utilities.js +1 -0
- package/utilities.js.map +1 -1
|
@@ -64,18 +64,18 @@ export interface AuthBackendRoletagBlacklistState {
|
|
|
64
64
|
* The path the AWS auth backend being configured was
|
|
65
65
|
* mounted at.
|
|
66
66
|
*/
|
|
67
|
-
|
|
67
|
+
backend?: pulumi.Input<string>;
|
|
68
68
|
/**
|
|
69
69
|
* If set to true, disables the periodic
|
|
70
70
|
* tidying of the roletag blacklist entries. Defaults to false.
|
|
71
71
|
*/
|
|
72
|
-
|
|
72
|
+
disablePeriodicTidy?: pulumi.Input<boolean>;
|
|
73
73
|
/**
|
|
74
74
|
* The amount of extra time that must have passed
|
|
75
75
|
* beyond the roletag expiration, before it is removed from the backend storage.
|
|
76
76
|
* Defaults to 259,200 seconds, or 72 hours.
|
|
77
77
|
*/
|
|
78
|
-
|
|
78
|
+
safetyBuffer?: pulumi.Input<number>;
|
|
79
79
|
}
|
|
80
80
|
/**
|
|
81
81
|
* The set of arguments for constructing a AuthBackendRoletagBlacklist resource.
|
|
@@ -85,16 +85,16 @@ export interface AuthBackendRoletagBlacklistArgs {
|
|
|
85
85
|
* The path the AWS auth backend being configured was
|
|
86
86
|
* mounted at.
|
|
87
87
|
*/
|
|
88
|
-
|
|
88
|
+
backend: pulumi.Input<string>;
|
|
89
89
|
/**
|
|
90
90
|
* If set to true, disables the periodic
|
|
91
91
|
* tidying of the roletag blacklist entries. Defaults to false.
|
|
92
92
|
*/
|
|
93
|
-
|
|
93
|
+
disablePeriodicTidy?: pulumi.Input<boolean>;
|
|
94
94
|
/**
|
|
95
95
|
* The amount of extra time that must have passed
|
|
96
96
|
* beyond the roletag expiration, before it is removed from the backend storage.
|
|
97
97
|
* Defaults to 259,200 seconds, or 72 hours.
|
|
98
98
|
*/
|
|
99
|
-
|
|
99
|
+
safetyBuffer?: pulumi.Input<number>;
|
|
100
100
|
}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.AuthBackendRoletagBlacklist = void 0;
|
|
5
6
|
const pulumi = require("@pulumi/pulumi");
|
|
6
7
|
const utilities = require("../utilities");
|
|
7
8
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authBackendRoletagBlacklist.js","sourceRoot":"","sources":["../../aws/authBackendRoletagBlacklist.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF
|
|
1
|
+
{"version":3,"file":"authBackendRoletagBlacklist.js","sourceRoot":"","sources":["../../aws/authBackendRoletagBlacklist.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;GAeG;AACH,MAAa,2BAA4B,SAAQ,MAAM,CAAC,cAAc;IAqDlE,YAAY,IAAY,EAAE,WAAgF,EAAE,IAAmC;QAC3I,IAAI,MAAM,GAAkB,EAAE,CAAC;QAC/B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2D,CAAC;YAC1E,MAAM,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,MAAM,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,MAAM,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;aAAM;YACH,MAAM,IAAI,GAAG,WAA0D,CAAC;YACxE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,MAAM,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YACpD,MAAM,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,MAAM,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;QACD,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACf,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,EAAC,CAAC,CAAC;SACxE;QACD,KAAK,CAAC,2BAA2B,CAAC,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IACxE,CAAC;IAzED;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwC,EAAE,IAAmC;QACtI,OAAO,IAAI,2BAA2B,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAClF,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,2BAA2B,CAAC,YAAY,CAAC;IAC5E,CAAC;;AA1BL,kEA2EC;AA7DG,gBAAgB;AACO,wCAAY,GAAG,mEAAmE,CAAC"}
|
|
@@ -54,17 +54,17 @@ export interface AuthBackendStsRoleState {
|
|
|
54
54
|
/**
|
|
55
55
|
* The AWS account ID to configure the STS role for.
|
|
56
56
|
*/
|
|
57
|
-
|
|
57
|
+
accountId?: pulumi.Input<string>;
|
|
58
58
|
/**
|
|
59
59
|
* The path the AWS auth backend being configured was
|
|
60
60
|
* mounted at. Defaults to `aws`.
|
|
61
61
|
*/
|
|
62
|
-
|
|
62
|
+
backend?: pulumi.Input<string>;
|
|
63
63
|
/**
|
|
64
64
|
* The STS role to assume when verifying requests made
|
|
65
65
|
* by EC2 instances in the account specified by `accountId`.
|
|
66
66
|
*/
|
|
67
|
-
|
|
67
|
+
stsRole?: pulumi.Input<string>;
|
|
68
68
|
}
|
|
69
69
|
/**
|
|
70
70
|
* The set of arguments for constructing a AuthBackendStsRole resource.
|
|
@@ -73,15 +73,15 @@ export interface AuthBackendStsRoleArgs {
|
|
|
73
73
|
/**
|
|
74
74
|
* The AWS account ID to configure the STS role for.
|
|
75
75
|
*/
|
|
76
|
-
|
|
76
|
+
accountId: pulumi.Input<string>;
|
|
77
77
|
/**
|
|
78
78
|
* The path the AWS auth backend being configured was
|
|
79
79
|
* mounted at. Defaults to `aws`.
|
|
80
80
|
*/
|
|
81
|
-
|
|
81
|
+
backend?: pulumi.Input<string>;
|
|
82
82
|
/**
|
|
83
83
|
* The STS role to assume when verifying requests made
|
|
84
84
|
* by EC2 instances in the account specified by `accountId`.
|
|
85
85
|
*/
|
|
86
|
-
|
|
86
|
+
stsRole: pulumi.Input<string>;
|
|
87
87
|
}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.AuthBackendStsRole = void 0;
|
|
5
6
|
const pulumi = require("@pulumi/pulumi");
|
|
6
7
|
const utilities = require("../utilities");
|
|
7
8
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authBackendStsRole.js","sourceRoot":"","sources":["../../aws/authBackendStsRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF
|
|
1
|
+
{"version":3,"file":"authBackendStsRole.js","sourceRoot":"","sources":["../../aws/authBackendStsRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;GAQG;AACH,MAAa,kBAAmB,SAAQ,MAAM,CAAC,cAAc;IAmDzD,YAAY,IAAY,EAAE,WAA8D,EAAE,IAAmC;QACzH,IAAI,MAAM,GAAkB,EAAE,CAAC;QAC/B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAkD,CAAC;YACjE,MAAM,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,MAAM,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACzD;aAAM;YACH,MAAM,IAAI,GAAG,WAAiD,CAAC;YAC/D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;aAC5D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,MAAM,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,MAAM,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YACpD,MAAM,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACvD;QACD,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACf,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,EAAC,CAAC,CAAC;SACxE;QACD,KAAK,CAAC,kBAAkB,CAAC,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IAC/D,CAAC;IA1ED;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA+B,EAAE,IAAmC;QAC7H,OAAO,IAAI,kBAAkB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACzE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,kBAAkB,CAAC,YAAY,CAAC;IACnE,CAAC;;AA1BL,gDA4EC;AA9DG,gBAAgB;AACO,+BAAY,GAAG,iDAAiD,CAAC"}
|
|
@@ -8,32 +8,32 @@ export interface GetAccessCredentialsArgs {
|
|
|
8
8
|
* The path to the AWS secret backend to
|
|
9
9
|
* read credentials from, with no leading or trailing `/`s.
|
|
10
10
|
*/
|
|
11
|
-
|
|
12
|
-
|
|
11
|
+
backend: string;
|
|
12
|
+
region?: string;
|
|
13
13
|
/**
|
|
14
14
|
* The name of the AWS secret backend role to read
|
|
15
15
|
* credentials from, with no leading or trailing `/`s.
|
|
16
16
|
*/
|
|
17
|
-
|
|
17
|
+
role: string;
|
|
18
18
|
/**
|
|
19
19
|
* The specific AWS ARN to use
|
|
20
20
|
* from the configured role. If the role does not have multiple ARNs, this does
|
|
21
21
|
* not need to be specified.
|
|
22
22
|
*/
|
|
23
|
-
|
|
23
|
+
roleArn?: string;
|
|
24
24
|
/**
|
|
25
25
|
* Specifies the TTL for the use of the STS token. This
|
|
26
26
|
* is specified as a string with a duration suffix. Valid only when
|
|
27
27
|
* `credentialType` is `assumedRole` or `federationToken`
|
|
28
28
|
*/
|
|
29
|
-
|
|
29
|
+
ttl?: string;
|
|
30
30
|
/**
|
|
31
31
|
* The type of credentials to read. Defaults
|
|
32
32
|
* to `"creds"`, which just returns an AWS Access Key ID and Secret
|
|
33
33
|
* Key. Can also be set to `"sts"`, which will return a security token
|
|
34
34
|
* in addition to the keys.
|
|
35
35
|
*/
|
|
36
|
-
|
|
36
|
+
type?: string;
|
|
37
37
|
}
|
|
38
38
|
/**
|
|
39
39
|
* A collection of values returned by getAccessCredentials.
|
|
@@ -74,3 +74,39 @@ export interface GetAccessCredentialsResult {
|
|
|
74
74
|
readonly ttl?: string;
|
|
75
75
|
readonly type?: string;
|
|
76
76
|
}
|
|
77
|
+
export declare function getAccessCredentialsOutput(args: GetAccessCredentialsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output<GetAccessCredentialsResult>;
|
|
78
|
+
/**
|
|
79
|
+
* A collection of arguments for invoking getAccessCredentials.
|
|
80
|
+
*/
|
|
81
|
+
export interface GetAccessCredentialsOutputArgs {
|
|
82
|
+
/**
|
|
83
|
+
* The path to the AWS secret backend to
|
|
84
|
+
* read credentials from, with no leading or trailing `/`s.
|
|
85
|
+
*/
|
|
86
|
+
backend: pulumi.Input<string>;
|
|
87
|
+
region?: pulumi.Input<string>;
|
|
88
|
+
/**
|
|
89
|
+
* The name of the AWS secret backend role to read
|
|
90
|
+
* credentials from, with no leading or trailing `/`s.
|
|
91
|
+
*/
|
|
92
|
+
role: pulumi.Input<string>;
|
|
93
|
+
/**
|
|
94
|
+
* The specific AWS ARN to use
|
|
95
|
+
* from the configured role. If the role does not have multiple ARNs, this does
|
|
96
|
+
* not need to be specified.
|
|
97
|
+
*/
|
|
98
|
+
roleArn?: pulumi.Input<string>;
|
|
99
|
+
/**
|
|
100
|
+
* Specifies the TTL for the use of the STS token. This
|
|
101
|
+
* is specified as a string with a duration suffix. Valid only when
|
|
102
|
+
* `credentialType` is `assumedRole` or `federationToken`
|
|
103
|
+
*/
|
|
104
|
+
ttl?: pulumi.Input<string>;
|
|
105
|
+
/**
|
|
106
|
+
* The type of credentials to read. Defaults
|
|
107
|
+
* to `"creds"`, which just returns an AWS Access Key ID and Secret
|
|
108
|
+
* Key. Can also be set to `"sts"`, which will return a security token
|
|
109
|
+
* in addition to the keys.
|
|
110
|
+
*/
|
|
111
|
+
type?: pulumi.Input<string>;
|
|
112
|
+
}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.getAccessCredentialsOutput = exports.getAccessCredentials = void 0;
|
|
5
6
|
const pulumi = require("@pulumi/pulumi");
|
|
6
7
|
const utilities = require("../utilities");
|
|
7
8
|
function getAccessCredentials(args, opts) {
|
|
@@ -21,4 +22,8 @@ function getAccessCredentials(args, opts) {
|
|
|
21
22
|
}, opts);
|
|
22
23
|
}
|
|
23
24
|
exports.getAccessCredentials = getAccessCredentials;
|
|
25
|
+
function getAccessCredentialsOutput(args, opts) {
|
|
26
|
+
return pulumi.output(args).apply(a => getAccessCredentials(a, opts));
|
|
27
|
+
}
|
|
28
|
+
exports.getAccessCredentialsOutput = getAccessCredentialsOutput;
|
|
24
29
|
//# sourceMappingURL=getAccessCredentials.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAccessCredentials.js","sourceRoot":"","sources":["../../aws/getAccessCredentials.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF
|
|
1
|
+
{"version":3,"file":"getAccessCredentials.js","sourceRoot":"","sources":["../../aws/getAccessCredentials.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C,SAAgB,oBAAoB,CAAC,IAA8B,EAAE,IAA2B;IAC5F,IAAI,CAAC,IAAI,EAAE;QACP,IAAI,GAAG,EAAE,CAAA;KACZ;IAED,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;QACf,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,UAAU,EAAE,CAAC;KACzC;IACD,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,qDAAqD,EAAE;QAChF,SAAS,EAAE,IAAI,CAAC,OAAO;QACvB,QAAQ,EAAE,IAAI,CAAC,MAAM;QACrB,MAAM,EAAE,IAAI,CAAC,IAAI;QACjB,SAAS,EAAE,IAAI,CAAC,OAAO;QACvB,KAAK,EAAE,IAAI,CAAC,GAAG;QACf,MAAM,EAAE,IAAI,CAAC,IAAI;KACpB,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAhBD,oDAgBC;AA8ED,SAAgB,0BAA0B,CAAC,IAAoC,EAAE,IAA2B;IACxG,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;AACxE,CAAC;AAFD,gEAEC"}
|
package/aws/index.js
CHANGED
|
@@ -1,24 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
-
function
|
|
5
|
-
|
|
6
|
-
}
|
|
4
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
5
|
+
if (k2 === undefined) k2 = k;
|
|
6
|
+
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
|
|
7
|
+
}) : (function(o, m, k, k2) {
|
|
8
|
+
if (k2 === undefined) k2 = k;
|
|
9
|
+
o[k2] = m[k];
|
|
10
|
+
}));
|
|
11
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
12
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
13
|
+
};
|
|
7
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
8
15
|
const pulumi = require("@pulumi/pulumi");
|
|
9
16
|
const utilities = require("../utilities");
|
|
10
17
|
// Export members:
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
18
|
+
__exportStar(require("./authBackendCert"), exports);
|
|
19
|
+
__exportStar(require("./authBackendClient"), exports);
|
|
20
|
+
__exportStar(require("./authBackendIdentityWhitelist"), exports);
|
|
21
|
+
__exportStar(require("./authBackendLogin"), exports);
|
|
22
|
+
__exportStar(require("./authBackendRole"), exports);
|
|
23
|
+
__exportStar(require("./authBackendRoleTag"), exports);
|
|
24
|
+
__exportStar(require("./authBackendRoletagBlacklist"), exports);
|
|
25
|
+
__exportStar(require("./authBackendStsRole"), exports);
|
|
26
|
+
__exportStar(require("./getAccessCredentials"), exports);
|
|
27
|
+
__exportStar(require("./secretBackend"), exports);
|
|
28
|
+
__exportStar(require("./secretBackendRole"), exports);
|
|
22
29
|
// Import resources to register:
|
|
23
30
|
const authBackendCert_1 = require("./authBackendCert");
|
|
24
31
|
const authBackendClient_1 = require("./authBackendClient");
|
package/aws/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../aws/index.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../aws/index.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;;;;;;;;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C,kBAAkB;AAClB,oDAAkC;AAClC,sDAAoC;AACpC,iEAA+C;AAC/C,qDAAmC;AACnC,oDAAkC;AAClC,uDAAqC;AACrC,gEAA8C;AAC9C,uDAAqC;AACrC,yDAAuC;AACvC,kDAAgC;AAChC,sDAAoC;AAEpC,gCAAgC;AAChC,uDAAoD;AACpD,2DAAwD;AACxD,iFAA8E;AAC9E,yDAAsD;AACtD,uDAAoD;AACpD,6DAA0D;AAC1D,+EAA4E;AAC5E,6DAA0D;AAC1D,mDAAgD;AAChD,2DAAwD;AAExD,MAAM,OAAO,GAAG;IACZ,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE;IAC/B,SAAS,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,GAAW,EAAmB,EAAE;QACpE,QAAQ,IAAI,EAAE;YACV,KAAK,2CAA2C;gBAC5C,OAAO,IAAI,iCAAe,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC7D,KAAK,+CAA+C;gBAChD,OAAO,IAAI,qCAAiB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC/D,KAAK,qEAAqE;gBACtE,OAAO,IAAI,2DAA4B,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC1E,KAAK,6CAA6C;gBAC9C,OAAO,IAAI,mCAAgB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC9D,KAAK,2CAA2C;gBAC5C,OAAO,IAAI,iCAAe,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC7D,KAAK,iDAAiD;gBAClD,OAAO,IAAI,uCAAkB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAChE,KAAK,mEAAmE;gBACpE,OAAO,IAAI,yDAA2B,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YACzE,KAAK,iDAAiD;gBAClD,OAAO,IAAI,uCAAkB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAChE,KAAK,uCAAuC;gBACxC,OAAO,IAAI,6BAAa,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC3D,KAAK,+CAA+C;gBAChD,OAAO,IAAI,qCAAiB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC/D;gBACI,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;SACxD;IACL,CAAC;CACJ,CAAC;AACF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,qBAAqB,EAAE,OAAO,CAAC,CAAA;AAC9E,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,uBAAuB,EAAE,OAAO,CAAC,CAAA;AAChF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,kCAAkC,EAAE,OAAO,CAAC,CAAA;AAC3F,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,sBAAsB,EAAE,OAAO,CAAC,CAAA;AAC/E,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,qBAAqB,EAAE,OAAO,CAAC,CAAA;AAC9E,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,wBAAwB,EAAE,OAAO,CAAC,CAAA;AACjF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,iCAAiC,EAAE,OAAO,CAAC,CAAA;AAC1F,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,wBAAwB,EAAE,OAAO,CAAC,CAAA;AACjF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,mBAAmB,EAAE,OAAO,CAAC,CAAA;AAC5E,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,uBAAuB,EAAE,OAAO,CAAC,CAAA"}
|
package/aws/secretBackend.d.ts
CHANGED
|
@@ -82,43 +82,43 @@ export interface SecretBackendState {
|
|
|
82
82
|
* The AWS Access Key ID this backend should use to
|
|
83
83
|
* issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
|
|
84
84
|
*/
|
|
85
|
-
|
|
85
|
+
accessKey?: pulumi.Input<string>;
|
|
86
86
|
/**
|
|
87
87
|
* The default TTL for credentials
|
|
88
88
|
* issued by this backend.
|
|
89
89
|
*/
|
|
90
|
-
|
|
90
|
+
defaultLeaseTtlSeconds?: pulumi.Input<number>;
|
|
91
91
|
/**
|
|
92
92
|
* A human-friendly description for this backend.
|
|
93
93
|
*/
|
|
94
|
-
|
|
94
|
+
description?: pulumi.Input<string>;
|
|
95
95
|
/**
|
|
96
96
|
* Specifies a custom HTTP IAM endpoint to use.
|
|
97
97
|
*/
|
|
98
|
-
|
|
98
|
+
iamEndpoint?: pulumi.Input<string>;
|
|
99
99
|
/**
|
|
100
100
|
* The maximum TTL that can be requested
|
|
101
101
|
* for credentials issued by this backend.
|
|
102
102
|
*/
|
|
103
|
-
|
|
103
|
+
maxLeaseTtlSeconds?: pulumi.Input<number>;
|
|
104
104
|
/**
|
|
105
105
|
* The unique path this backend should be mounted at. Must
|
|
106
106
|
* not begin or end with a `/`. Defaults to `aws`.
|
|
107
107
|
*/
|
|
108
|
-
|
|
108
|
+
path?: pulumi.Input<string>;
|
|
109
109
|
/**
|
|
110
110
|
* The AWS region for API calls. Defaults to `us-east-1`.
|
|
111
111
|
*/
|
|
112
|
-
|
|
112
|
+
region?: pulumi.Input<string>;
|
|
113
113
|
/**
|
|
114
114
|
* The AWS Secret Key this backend should use to
|
|
115
115
|
* issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
|
|
116
116
|
*/
|
|
117
|
-
|
|
117
|
+
secretKey?: pulumi.Input<string>;
|
|
118
118
|
/**
|
|
119
119
|
* Specifies a custom HTTP STS endpoint to use.
|
|
120
120
|
*/
|
|
121
|
-
|
|
121
|
+
stsEndpoint?: pulumi.Input<string>;
|
|
122
122
|
}
|
|
123
123
|
/**
|
|
124
124
|
* The set of arguments for constructing a SecretBackend resource.
|
|
@@ -128,41 +128,41 @@ export interface SecretBackendArgs {
|
|
|
128
128
|
* The AWS Access Key ID this backend should use to
|
|
129
129
|
* issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
|
|
130
130
|
*/
|
|
131
|
-
|
|
131
|
+
accessKey?: pulumi.Input<string>;
|
|
132
132
|
/**
|
|
133
133
|
* The default TTL for credentials
|
|
134
134
|
* issued by this backend.
|
|
135
135
|
*/
|
|
136
|
-
|
|
136
|
+
defaultLeaseTtlSeconds?: pulumi.Input<number>;
|
|
137
137
|
/**
|
|
138
138
|
* A human-friendly description for this backend.
|
|
139
139
|
*/
|
|
140
|
-
|
|
140
|
+
description?: pulumi.Input<string>;
|
|
141
141
|
/**
|
|
142
142
|
* Specifies a custom HTTP IAM endpoint to use.
|
|
143
143
|
*/
|
|
144
|
-
|
|
144
|
+
iamEndpoint?: pulumi.Input<string>;
|
|
145
145
|
/**
|
|
146
146
|
* The maximum TTL that can be requested
|
|
147
147
|
* for credentials issued by this backend.
|
|
148
148
|
*/
|
|
149
|
-
|
|
149
|
+
maxLeaseTtlSeconds?: pulumi.Input<number>;
|
|
150
150
|
/**
|
|
151
151
|
* The unique path this backend should be mounted at. Must
|
|
152
152
|
* not begin or end with a `/`. Defaults to `aws`.
|
|
153
153
|
*/
|
|
154
|
-
|
|
154
|
+
path?: pulumi.Input<string>;
|
|
155
155
|
/**
|
|
156
156
|
* The AWS region for API calls. Defaults to `us-east-1`.
|
|
157
157
|
*/
|
|
158
|
-
|
|
158
|
+
region?: pulumi.Input<string>;
|
|
159
159
|
/**
|
|
160
160
|
* The AWS Secret Key this backend should use to
|
|
161
161
|
* issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
|
|
162
162
|
*/
|
|
163
|
-
|
|
163
|
+
secretKey?: pulumi.Input<string>;
|
|
164
164
|
/**
|
|
165
165
|
* Specifies a custom HTTP STS endpoint to use.
|
|
166
166
|
*/
|
|
167
|
-
|
|
167
|
+
stsEndpoint?: pulumi.Input<string>;
|
|
168
168
|
}
|
package/aws/secretBackend.js
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.SecretBackend = void 0;
|
|
5
6
|
const pulumi = require("@pulumi/pulumi");
|
|
6
7
|
const utilities = require("../utilities");
|
|
7
8
|
/**
|
package/aws/secretBackend.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretBackend.js","sourceRoot":"","sources":["../../aws/secretBackend.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF
|
|
1
|
+
{"version":3,"file":"secretBackend.js","sourceRoot":"","sources":["../../aws/secretBackend.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;GAQG;AACH,MAAa,aAAc,SAAQ,MAAM,CAAC,cAAc;IA8EpD,YAAY,IAAY,EAAE,WAAoD,EAAE,IAAmC;QAC/G,IAAI,MAAM,GAAkB,EAAE,CAAC;QAC/B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA6C,CAAC;YAC5D,MAAM,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,CAAC,wBAAwB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,MAAM,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,MAAM,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,MAAM,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,MAAM,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAChD,MAAM,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YACpD,MAAM,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;aAAM;YACH,MAAM,IAAI,GAAG,WAA4C,CAAC;YAC1D,MAAM,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,MAAM,CAAC,wBAAwB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,MAAM,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9C,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAClD,MAAM,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;QACD,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACf,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,EAAC,CAAC,CAAC;SACxE;QACD,KAAK,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IAC1D,CAAC;IA3GD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA0B,EAAE,IAAmC;QACxH,OAAO,IAAI,aAAa,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACpE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,aAAa,CAAC,YAAY,CAAC;IAC9D,CAAC;;AA1BL,sCA6GC;AA/FG,gBAAgB;AACO,0BAAY,GAAG,uCAAuC,CAAC"}
|
|
@@ -104,13 +104,13 @@ export interface SecretBackendRoleState {
|
|
|
104
104
|
* The path the AWS secret backend is mounted at,
|
|
105
105
|
* with no leading or trailing `/`s.
|
|
106
106
|
*/
|
|
107
|
-
|
|
107
|
+
backend?: pulumi.Input<string>;
|
|
108
108
|
/**
|
|
109
109
|
* Specifies the type of credential to be used when
|
|
110
110
|
* retrieving credentials from the role. Must be one of `iamUser`, `assumedRole`, or
|
|
111
111
|
* `federationToken`.
|
|
112
112
|
*/
|
|
113
|
-
|
|
113
|
+
credentialType?: pulumi.Input<string>;
|
|
114
114
|
/**
|
|
115
115
|
* The default TTL in seconds for STS credentials.
|
|
116
116
|
* When a TTL is not specified when STS credentials are requested,
|
|
@@ -118,7 +118,7 @@ export interface SecretBackendRoleState {
|
|
|
118
118
|
* then this default TTL will be used. Valid only when `credentialType` is one of
|
|
119
119
|
* `assumedRole` or `federationToken`.
|
|
120
120
|
*/
|
|
121
|
-
|
|
121
|
+
defaultStsTtl?: pulumi.Input<number>;
|
|
122
122
|
/**
|
|
123
123
|
* A list of IAM group names. IAM users generated
|
|
124
124
|
* against this vault role will be added to these IAM Groups. For a credential
|
|
@@ -127,18 +127,18 @@ export interface SecretBackendRoleState {
|
|
|
127
127
|
* policies from each group in `iamGroups` combined with the `policyDocument`
|
|
128
128
|
* and `policyArns` parameters.
|
|
129
129
|
*/
|
|
130
|
-
|
|
130
|
+
iamGroups?: pulumi.Input<pulumi.Input<string>[]>;
|
|
131
131
|
/**
|
|
132
132
|
* The max allowed TTL in seconds for STS credentials
|
|
133
133
|
* (credentials TTL are capped to `maxStsTtl`). Valid only when `credentialType` is
|
|
134
134
|
* one of `assumedRole` or `federationToken`.
|
|
135
135
|
*/
|
|
136
|
-
|
|
136
|
+
maxStsTtl?: pulumi.Input<number>;
|
|
137
137
|
/**
|
|
138
138
|
* The name to identify this role within the backend.
|
|
139
139
|
* Must be unique within the backend.
|
|
140
140
|
*/
|
|
141
|
-
|
|
141
|
+
name?: pulumi.Input<string>;
|
|
142
142
|
/**
|
|
143
143
|
* Specifies a list of AWS managed policy ARNs. The
|
|
144
144
|
* behavior depends on the credential type. With `iamUser`, the policies will be
|
|
@@ -148,7 +148,7 @@ export interface SecretBackendRoleState {
|
|
|
148
148
|
* `federationToken`, at least one of `policyDocument` or `policyArns` must
|
|
149
149
|
* be specified.
|
|
150
150
|
*/
|
|
151
|
-
|
|
151
|
+
policyArns?: pulumi.Input<pulumi.Input<string>[]>;
|
|
152
152
|
/**
|
|
153
153
|
* The IAM policy document for the role. The
|
|
154
154
|
* behavior depends on the credential type. With `iamUser`, the policy document
|
|
@@ -156,13 +156,13 @@ export interface SecretBackendRoleState {
|
|
|
156
156
|
* user has. With `assumedRole` and `federationToken`, the policy document will
|
|
157
157
|
* act as a filter on what the credentials can do, similar to `policyArns`.
|
|
158
158
|
*/
|
|
159
|
-
|
|
159
|
+
policyDocument?: pulumi.Input<string>;
|
|
160
160
|
/**
|
|
161
161
|
* Specifies the ARNs of the AWS roles this Vault role
|
|
162
162
|
* is allowed to assume. Required when `credentialType` is `assumedRole` and
|
|
163
163
|
* prohibited otherwise.
|
|
164
164
|
*/
|
|
165
|
-
|
|
165
|
+
roleArns?: pulumi.Input<pulumi.Input<string>[]>;
|
|
166
166
|
}
|
|
167
167
|
/**
|
|
168
168
|
* The set of arguments for constructing a SecretBackendRole resource.
|
|
@@ -172,13 +172,13 @@ export interface SecretBackendRoleArgs {
|
|
|
172
172
|
* The path the AWS secret backend is mounted at,
|
|
173
173
|
* with no leading or trailing `/`s.
|
|
174
174
|
*/
|
|
175
|
-
|
|
175
|
+
backend: pulumi.Input<string>;
|
|
176
176
|
/**
|
|
177
177
|
* Specifies the type of credential to be used when
|
|
178
178
|
* retrieving credentials from the role. Must be one of `iamUser`, `assumedRole`, or
|
|
179
179
|
* `federationToken`.
|
|
180
180
|
*/
|
|
181
|
-
|
|
181
|
+
credentialType: pulumi.Input<string>;
|
|
182
182
|
/**
|
|
183
183
|
* The default TTL in seconds for STS credentials.
|
|
184
184
|
* When a TTL is not specified when STS credentials are requested,
|
|
@@ -186,7 +186,7 @@ export interface SecretBackendRoleArgs {
|
|
|
186
186
|
* then this default TTL will be used. Valid only when `credentialType` is one of
|
|
187
187
|
* `assumedRole` or `federationToken`.
|
|
188
188
|
*/
|
|
189
|
-
|
|
189
|
+
defaultStsTtl?: pulumi.Input<number>;
|
|
190
190
|
/**
|
|
191
191
|
* A list of IAM group names. IAM users generated
|
|
192
192
|
* against this vault role will be added to these IAM Groups. For a credential
|
|
@@ -195,18 +195,18 @@ export interface SecretBackendRoleArgs {
|
|
|
195
195
|
* policies from each group in `iamGroups` combined with the `policyDocument`
|
|
196
196
|
* and `policyArns` parameters.
|
|
197
197
|
*/
|
|
198
|
-
|
|
198
|
+
iamGroups?: pulumi.Input<pulumi.Input<string>[]>;
|
|
199
199
|
/**
|
|
200
200
|
* The max allowed TTL in seconds for STS credentials
|
|
201
201
|
* (credentials TTL are capped to `maxStsTtl`). Valid only when `credentialType` is
|
|
202
202
|
* one of `assumedRole` or `federationToken`.
|
|
203
203
|
*/
|
|
204
|
-
|
|
204
|
+
maxStsTtl?: pulumi.Input<number>;
|
|
205
205
|
/**
|
|
206
206
|
* The name to identify this role within the backend.
|
|
207
207
|
* Must be unique within the backend.
|
|
208
208
|
*/
|
|
209
|
-
|
|
209
|
+
name?: pulumi.Input<string>;
|
|
210
210
|
/**
|
|
211
211
|
* Specifies a list of AWS managed policy ARNs. The
|
|
212
212
|
* behavior depends on the credential type. With `iamUser`, the policies will be
|
|
@@ -216,7 +216,7 @@ export interface SecretBackendRoleArgs {
|
|
|
216
216
|
* `federationToken`, at least one of `policyDocument` or `policyArns` must
|
|
217
217
|
* be specified.
|
|
218
218
|
*/
|
|
219
|
-
|
|
219
|
+
policyArns?: pulumi.Input<pulumi.Input<string>[]>;
|
|
220
220
|
/**
|
|
221
221
|
* The IAM policy document for the role. The
|
|
222
222
|
* behavior depends on the credential type. With `iamUser`, the policy document
|
|
@@ -224,11 +224,11 @@ export interface SecretBackendRoleArgs {
|
|
|
224
224
|
* user has. With `assumedRole` and `federationToken`, the policy document will
|
|
225
225
|
* act as a filter on what the credentials can do, similar to `policyArns`.
|
|
226
226
|
*/
|
|
227
|
-
|
|
227
|
+
policyDocument?: pulumi.Input<string>;
|
|
228
228
|
/**
|
|
229
229
|
* Specifies the ARNs of the AWS roles this Vault role
|
|
230
230
|
* is allowed to assume. Required when `credentialType` is `assumedRole` and
|
|
231
231
|
* prohibited otherwise.
|
|
232
232
|
*/
|
|
233
|
-
|
|
233
|
+
roleArns?: pulumi.Input<pulumi.Input<string>[]>;
|
|
234
234
|
}
|
package/aws/secretBackendRole.js
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.SecretBackendRole = void 0;
|
|
5
6
|
const pulumi = require("@pulumi/pulumi");
|
|
6
7
|
const utilities = require("../utilities");
|
|
7
8
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretBackendRole.js","sourceRoot":"","sources":["../../aws/secretBackendRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF
|
|
1
|
+
{"version":3,"file":"secretBackendRole.js","sourceRoot":"","sources":["../../aws/secretBackendRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;GAQG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IAoGxD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,MAAM,GAAkB,EAAE,CAAC;QAC/B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,MAAM,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,MAAM,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,MAAM,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,MAAM,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAChD,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,MAAM,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,MAAM,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC3D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aACjE;YACD,MAAM,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YACpD,MAAM,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,MAAM,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,MAAM,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,MAAM,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9C,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACzD;QACD,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACf,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,EAAC,CAAC,CAAC;SACxE;QACD,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IAC9D,CAAC;IAvID;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;;AA1BL,8CAyIC;AA3HG,gBAAgB;AACO,8BAAY,GAAG,+CAA+C,CAAC"}
|