@pulumi/vault 6.1.0 → 6.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ad/secretBackend.d.ts +1 -3
- package/ad/secretBackend.js +1 -3
- package/ad/secretBackend.js.map +1 -1
- package/ad/secretLibrary.d.ts +1 -2
- package/ad/secretLibrary.js +1 -2
- package/ad/secretLibrary.js.map +1 -1
- package/ad/secretRole.d.ts +0 -2
- package/ad/secretRole.js +0 -2
- package/ad/secretRole.js.map +1 -1
- package/alicloud/authBackendRole.d.ts +30 -83
- package/alicloud/authBackendRole.js +3 -5
- package/alicloud/authBackendRole.js.map +1 -1
- package/approle/authBackendLogin.d.ts +0 -2
- package/approle/authBackendLogin.js +0 -2
- package/approle/authBackendLogin.js.map +1 -1
- package/approle/authBackendRole.d.ts +27 -80
- package/approle/authBackendRole.js +0 -2
- package/approle/authBackendRole.js.map +1 -1
- package/approle/authBackendRoleSecretId.d.ts +0 -2
- package/approle/authBackendRoleSecretId.js +0 -2
- package/approle/authBackendRoleSecretId.js.map +1 -1
- package/approle/getAuthBackendRoleId.d.ts +0 -4
- package/approle/getAuthBackendRoleId.js +0 -4
- package/approle/getAuthBackendRoleId.js.map +1 -1
- package/audit.d.ts +4 -8
- package/audit.js +4 -8
- package/audit.js.map +1 -1
- package/auditRequestHeader.d.ts +4 -3
- package/auditRequestHeader.js +4 -3
- package/auditRequestHeader.js.map +1 -1
- package/aws/authBackendClient.d.ts +3 -5
- package/aws/authBackendClient.js +3 -5
- package/aws/authBackendClient.js.map +1 -1
- package/aws/authBackendConfigIdentity.d.ts +0 -2
- package/aws/authBackendConfigIdentity.js +0 -2
- package/aws/authBackendConfigIdentity.js.map +1 -1
- package/aws/authBackendIdentityWhitelist.d.ts +3 -5
- package/aws/authBackendIdentityWhitelist.js +3 -5
- package/aws/authBackendIdentityWhitelist.js.map +1 -1
- package/aws/authBackendLogin.d.ts +0 -6
- package/aws/authBackendLogin.js.map +1 -1
- package/aws/authBackendRole.d.ts +27 -80
- package/aws/authBackendRole.js +0 -2
- package/aws/authBackendRole.js.map +1 -1
- package/aws/authBackendRoletagBlacklist.d.ts +3 -5
- package/aws/authBackendRoletagBlacklist.js +3 -5
- package/aws/authBackendRoletagBlacklist.js.map +1 -1
- package/aws/authBackendStsRole.d.ts +0 -2
- package/aws/authBackendStsRole.js +0 -2
- package/aws/authBackendStsRole.js.map +1 -1
- package/aws/secretBackend.d.ts +27 -0
- package/aws/secretBackend.js.map +1 -1
- package/aws/secretBackendRole.d.ts +1 -2
- package/aws/secretBackendRole.js +1 -2
- package/aws/secretBackendRole.js.map +1 -1
- package/aws/secretBackendStaticRole.d.ts +1 -2
- package/aws/secretBackendStaticRole.js +1 -2
- package/aws/secretBackendStaticRole.js.map +1 -1
- package/azure/authBackendConfig.d.ts +3 -5
- package/azure/authBackendConfig.js +3 -5
- package/azure/authBackendConfig.js.map +1 -1
- package/azure/authBackendRole.d.ts +27 -80
- package/azure/authBackendRole.js +0 -2
- package/azure/authBackendRole.js.map +1 -1
- package/azure/backend.d.ts +6 -10
- package/azure/backend.js +6 -10
- package/azure/backend.js.map +1 -1
- package/azure/backendRole.d.ts +7 -9
- package/azure/backendRole.js +7 -9
- package/azure/backendRole.js.map +1 -1
- package/azure/getAccessCredentials.d.ts +0 -4
- package/azure/getAccessCredentials.js +0 -4
- package/azure/getAccessCredentials.js.map +1 -1
- package/certAuthBackendRole.d.ts +35 -91
- package/certAuthBackendRole.js +8 -7
- package/certAuthBackendRole.js.map +1 -1
- package/consul/secretBackend.d.ts +4 -8
- package/consul/secretBackend.js +4 -8
- package/consul/secretBackend.js.map +1 -1
- package/consul/secretBackendRole.d.ts +1 -2
- package/consul/secretBackendRole.js +1 -2
- package/consul/secretBackendRole.js.map +1 -1
- package/database/secretBackendConnection.d.ts +1 -2
- package/database/secretBackendConnection.js +1 -2
- package/database/secretBackendConnection.js.map +1 -1
- package/database/secretBackendRole.d.ts +2 -2
- package/database/secretBackendRole.js +2 -2
- package/database/secretBackendStaticRole.d.ts +5 -4
- package/database/secretBackendStaticRole.js +5 -4
- package/database/secretBackendStaticRole.js.map +1 -1
- package/database/secretsMount.d.ts +2 -2
- package/database/secretsMount.js +2 -2
- package/egpPolicy.d.ts +2 -4
- package/egpPolicy.js +2 -4
- package/egpPolicy.js.map +1 -1
- package/gcp/authBackend.d.ts +0 -20
- package/gcp/authBackend.js +0 -20
- package/gcp/authBackend.js.map +1 -1
- package/gcp/authBackendRole.d.ts +27 -134
- package/gcp/authBackendRole.js +0 -2
- package/gcp/authBackendRole.js.map +1 -1
- package/gcp/getAuthBackendRole.d.ts +0 -4
- package/gcp/getAuthBackendRole.js +0 -4
- package/gcp/getAuthBackendRole.js.map +1 -1
- package/gcp/secretBackend.d.ts +4 -4
- package/gcp/secretBackend.js +4 -4
- package/gcp/secretImpersonatedAccount.d.ts +7 -7
- package/gcp/secretImpersonatedAccount.js +7 -7
- package/gcp/secretRoleset.d.ts +4 -4
- package/gcp/secretRoleset.js +4 -4
- package/gcp/secretStaticAccount.d.ts +8 -8
- package/gcp/secretStaticAccount.js +8 -8
- package/generic/endpoint.d.ts +2 -4
- package/generic/endpoint.js +2 -4
- package/generic/endpoint.js.map +1 -1
- package/generic/getSecret.d.ts +44 -4
- package/generic/getSecret.js +44 -4
- package/generic/getSecret.js.map +1 -1
- package/getAuthBackend.d.ts +0 -4
- package/getAuthBackend.js +0 -4
- package/getAuthBackend.js.map +1 -1
- package/getAuthBackends.d.ts +0 -8
- package/getAuthBackends.js +0 -8
- package/getAuthBackends.js.map +1 -1
- package/getNamespace.d.ts +0 -12
- package/getNamespace.js +0 -12
- package/getNamespace.js.map +1 -1
- package/getNamespaces.d.ts +4 -12
- package/getNamespaces.js +4 -12
- package/getNamespaces.js.map +1 -1
- package/getNomadAccessToken.d.ts +0 -4
- package/getNomadAccessToken.js +0 -4
- package/getNomadAccessToken.js.map +1 -1
- package/getPolicyDocument.d.ts +10 -8
- package/getPolicyDocument.js +10 -8
- package/getPolicyDocument.js.map +1 -1
- package/getRaftAutopilotState.d.ts +0 -4
- package/getRaftAutopilotState.js +0 -4
- package/getRaftAutopilotState.js.map +1 -1
- package/github/authBackend.d.ts +0 -2
- package/github/authBackend.js +0 -2
- package/github/authBackend.js.map +1 -1
- package/github/team.d.ts +1 -3
- package/github/team.js +1 -3
- package/github/team.js.map +1 -1
- package/github/user.d.ts +1 -3
- package/github/user.js +1 -3
- package/github/user.js.map +1 -1
- package/identity/entity.d.ts +2 -3
- package/identity/entity.js +2 -3
- package/identity/entity.js.map +1 -1
- package/identity/entityAlias.d.ts +2 -3
- package/identity/entityAlias.js +2 -3
- package/identity/entityAlias.js.map +1 -1
- package/identity/entityPolicies.d.ts +8 -6
- package/identity/entityPolicies.js +8 -6
- package/identity/entityPolicies.js.map +1 -1
- package/identity/getEntity.d.ts +0 -4
- package/identity/getEntity.js +0 -4
- package/identity/getEntity.js.map +1 -1
- package/identity/getGroup.d.ts +0 -4
- package/identity/getGroup.js +0 -4
- package/identity/getGroup.js.map +1 -1
- package/identity/getOidcClientCreds.d.ts +2 -4
- package/identity/getOidcClientCreds.js +2 -4
- package/identity/getOidcClientCreds.js.map +1 -1
- package/identity/getOidcOpenidConfig.d.ts +12 -6
- package/identity/getOidcOpenidConfig.js +12 -6
- package/identity/getOidcOpenidConfig.js.map +1 -1
- package/identity/getOidcPublicKeys.d.ts +12 -6
- package/identity/getOidcPublicKeys.js +12 -6
- package/identity/getOidcPublicKeys.js.map +1 -1
- package/identity/group.d.ts +18 -20
- package/identity/group.js +18 -20
- package/identity/group.js.map +1 -1
- package/identity/groupAlias.d.ts +1 -2
- package/identity/groupAlias.js +1 -2
- package/identity/groupAlias.js.map +1 -1
- package/identity/groupMemberEntityIds.d.ts +6 -8
- package/identity/groupMemberEntityIds.js +6 -8
- package/identity/groupMemberEntityIds.js.map +1 -1
- package/identity/groupMemberGroupIds.d.ts +14 -10
- package/identity/groupMemberGroupIds.js +14 -10
- package/identity/groupMemberGroupIds.js.map +1 -1
- package/identity/groupPolicies.d.ts +2 -4
- package/identity/groupPolicies.js +2 -4
- package/identity/groupPolicies.js.map +1 -1
- package/identity/mfaDuo.d.ts +1 -3
- package/identity/mfaDuo.js +1 -3
- package/identity/mfaDuo.js.map +1 -1
- package/identity/mfaLoginEnforcement.d.ts +5 -4
- package/identity/mfaLoginEnforcement.js +5 -4
- package/identity/mfaLoginEnforcement.js.map +1 -1
- package/identity/mfaOkta.d.ts +1 -3
- package/identity/mfaOkta.js +1 -3
- package/identity/mfaOkta.js.map +1 -1
- package/identity/mfaPingid.d.ts +0 -2
- package/identity/mfaPingid.js +0 -2
- package/identity/mfaPingid.js.map +1 -1
- package/identity/mfaTotp.d.ts +0 -2
- package/identity/mfaTotp.js +0 -2
- package/identity/mfaTotp.js.map +1 -1
- package/identity/oidc.d.ts +0 -2
- package/identity/oidc.js +0 -2
- package/identity/oidc.js.map +1 -1
- package/identity/oidcAssignment.d.ts +6 -3
- package/identity/oidcAssignment.js +6 -3
- package/identity/oidcAssignment.js.map +1 -1
- package/identity/oidcClient.d.ts +5 -5
- package/identity/oidcClient.js +5 -5
- package/identity/oidcKey.d.ts +10 -6
- package/identity/oidcKey.js +10 -6
- package/identity/oidcKey.js.map +1 -1
- package/identity/oidcKeyAllowedClientID.d.ts +10 -6
- package/identity/oidcKeyAllowedClientID.js +10 -6
- package/identity/oidcKeyAllowedClientID.js.map +1 -1
- package/identity/oidcProvider.d.ts +11 -8
- package/identity/oidcProvider.js +11 -8
- package/identity/oidcProvider.js.map +1 -1
- package/identity/oidcRole.d.ts +17 -10
- package/identity/oidcRole.js +17 -10
- package/identity/oidcRole.js.map +1 -1
- package/identity/oidcScope.d.ts +2 -3
- package/identity/oidcScope.js +2 -3
- package/identity/oidcScope.js.map +1 -1
- package/jwt/authBackend.d.ts +8 -14
- package/jwt/authBackend.js +8 -14
- package/jwt/authBackend.js.map +1 -1
- package/jwt/authBackendRole.d.ts +27 -82
- package/jwt/authBackendRole.js +0 -4
- package/jwt/authBackendRole.js.map +1 -1
- package/kmip/secretBackend.d.ts +5 -7
- package/kmip/secretBackend.js +5 -7
- package/kmip/secretBackend.js.map +1 -1
- package/kmip/secretRole.d.ts +0 -2
- package/kmip/secretRole.js +0 -2
- package/kmip/secretRole.js.map +1 -1
- package/kmip/secretScope.d.ts +0 -2
- package/kmip/secretScope.js +0 -2
- package/kmip/secretScope.js.map +1 -1
- package/kubernetes/authBackendConfig.d.ts +0 -2
- package/kubernetes/authBackendConfig.js +0 -2
- package/kubernetes/authBackendConfig.js.map +1 -1
- package/kubernetes/authBackendRole.d.ts +24 -74
- package/kubernetes/authBackendRole.js +0 -2
- package/kubernetes/authBackendRole.js.map +1 -1
- package/kubernetes/getServiceAccountToken.d.ts +16 -10
- package/kubernetes/getServiceAccountToken.js +16 -10
- package/kubernetes/getServiceAccountToken.js.map +1 -1
- package/kubernetes/secretBackend.d.ts +7 -5
- package/kubernetes/secretBackend.js +7 -5
- package/kubernetes/secretBackend.js.map +1 -1
- package/kubernetes/secretBackendRole.d.ts +24 -15
- package/kubernetes/secretBackendRole.js +24 -15
- package/kubernetes/secretBackendRole.js.map +1 -1
- package/kv/getSecret.d.ts +0 -4
- package/kv/getSecret.js +0 -4
- package/kv/getSecret.js.map +1 -1
- package/kv/getSecretSubkeysV2.d.ts +4 -6
- package/kv/getSecretSubkeysV2.js +4 -6
- package/kv/getSecretSubkeysV2.js.map +1 -1
- package/kv/getSecretV2.d.ts +64 -0
- package/kv/getSecretV2.js +64 -0
- package/kv/getSecretV2.js.map +1 -1
- package/kv/getSecretsList.d.ts +4 -8
- package/kv/getSecretsList.js +4 -8
- package/kv/getSecretsList.js.map +1 -1
- package/kv/getSecretsListV2.d.ts +14 -12
- package/kv/getSecretsListV2.js +14 -12
- package/kv/getSecretsListV2.js.map +1 -1
- package/kv/secret.d.ts +0 -2
- package/kv/secret.js +0 -2
- package/kv/secret.js.map +1 -1
- package/kv/secretBackendV2.d.ts +0 -2
- package/kv/secretBackendV2.js +0 -2
- package/kv/secretBackendV2.js.map +1 -1
- package/kv/secretV2.d.ts +1 -2
- package/kv/secretV2.js +1 -2
- package/kv/secretV2.js.map +1 -1
- package/ldap/authBackend.d.ts +29 -70
- package/ldap/authBackend.js +5 -7
- package/ldap/authBackend.js.map +1 -1
- package/ldap/authBackendGroup.d.ts +0 -2
- package/ldap/authBackendGroup.js +0 -2
- package/ldap/authBackendGroup.js.map +1 -1
- package/ldap/authBackendUser.d.ts +0 -2
- package/ldap/authBackendUser.js +0 -2
- package/ldap/authBackendUser.js.map +1 -1
- package/ldap/secretBackend.d.ts +2 -4
- package/ldap/secretBackend.js +2 -4
- package/ldap/secretBackend.js.map +1 -1
- package/ldap/secretBackendDynamicRole.d.ts +0 -2
- package/ldap/secretBackendDynamicRole.js +0 -2
- package/ldap/secretBackendDynamicRole.js.map +1 -1
- package/ldap/secretBackendLibrarySet.d.ts +1 -2
- package/ldap/secretBackendLibrarySet.js +1 -2
- package/ldap/secretBackendLibrarySet.js.map +1 -1
- package/ldap/secretBackendStaticRole.d.ts +0 -2
- package/ldap/secretBackendStaticRole.js +0 -2
- package/ldap/secretBackendStaticRole.js.map +1 -1
- package/managed/keys.d.ts +3 -12
- package/managed/keys.js.map +1 -1
- package/mfaDuo.d.ts +2 -3
- package/mfaDuo.js +2 -3
- package/mfaDuo.js.map +1 -1
- package/mfaOkta.d.ts +2 -3
- package/mfaOkta.js +2 -3
- package/mfaOkta.js.map +1 -1
- package/mfaPingid.d.ts +2 -3
- package/mfaPingid.js +2 -3
- package/mfaPingid.js.map +1 -1
- package/mfaTotp.d.ts +4 -5
- package/mfaTotp.js +4 -5
- package/mfaTotp.js.map +1 -1
- package/mongodbatlas/secretBackend.d.ts +0 -2
- package/mongodbatlas/secretBackend.js +0 -2
- package/mongodbatlas/secretBackend.js.map +1 -1
- package/mongodbatlas/secretRole.d.ts +1 -2
- package/mongodbatlas/secretRole.js +1 -2
- package/mongodbatlas/secretRole.js.map +1 -1
- package/mount.d.ts +10 -18
- package/mount.js +10 -18
- package/mount.js.map +1 -1
- package/nomadSecretBackend.d.ts +2 -4
- package/nomadSecretBackend.js +2 -4
- package/nomadSecretBackend.js.map +1 -1
- package/nomadSecretRole.d.ts +0 -2
- package/nomadSecretRole.js +0 -2
- package/nomadSecretRole.js.map +1 -1
- package/okta/authBackend.d.ts +3 -5
- package/okta/authBackend.js +3 -5
- package/okta/authBackend.js.map +1 -1
- package/okta/authBackendGroup.d.ts +0 -2
- package/okta/authBackendGroup.js +0 -2
- package/okta/authBackendGroup.js.map +1 -1
- package/okta/authBackendUser.d.ts +0 -2
- package/okta/authBackendUser.js +0 -2
- package/okta/authBackendUser.js.map +1 -1
- package/package.json +3 -2
- package/passwordPolicy.d.ts +5 -5
- package/passwordPolicy.js +5 -5
- package/pkisecret/backendConfigCluster.d.ts +0 -2
- package/pkisecret/backendConfigCluster.js +0 -2
- package/pkisecret/backendConfigCluster.js.map +1 -1
- package/pkisecret/getBackendIssuer.d.ts +44 -0
- package/pkisecret/getBackendIssuer.js +44 -0
- package/pkisecret/getBackendIssuer.js.map +1 -1
- package/pkisecret/getBackendIssuers.d.ts +0 -4
- package/pkisecret/getBackendIssuers.js +0 -4
- package/pkisecret/getBackendIssuers.js.map +1 -1
- package/pkisecret/getBackendKey.d.ts +2 -6
- package/pkisecret/getBackendKey.js +2 -6
- package/pkisecret/getBackendKey.js.map +1 -1
- package/pkisecret/getBackendKeys.d.ts +0 -4
- package/pkisecret/getBackendKeys.js +0 -4
- package/pkisecret/getBackendKeys.js.map +1 -1
- package/pkisecret/secretBackendCert.d.ts +3 -4
- package/pkisecret/secretBackendCert.js +3 -4
- package/pkisecret/secretBackendCert.js.map +1 -1
- package/pkisecret/secretBackendConfigCa.d.ts +2 -4
- package/pkisecret/secretBackendConfigCa.js +2 -4
- package/pkisecret/secretBackendConfigCa.js.map +1 -1
- package/pkisecret/secretBackendConfigIssuers.d.ts +0 -2
- package/pkisecret/secretBackendConfigIssuers.js +0 -2
- package/pkisecret/secretBackendConfigIssuers.js.map +1 -1
- package/pkisecret/secretBackendConfigUrls.d.ts +0 -2
- package/pkisecret/secretBackendConfigUrls.js +0 -2
- package/pkisecret/secretBackendConfigUrls.js.map +1 -1
- package/pkisecret/secretBackendCrlConfig.d.ts +1 -3
- package/pkisecret/secretBackendCrlConfig.js +1 -3
- package/pkisecret/secretBackendCrlConfig.js.map +1 -1
- package/pkisecret/secretBackendIntermediateCertRequest.d.ts +2 -4
- package/pkisecret/secretBackendIntermediateCertRequest.js +2 -4
- package/pkisecret/secretBackendIntermediateCertRequest.js.map +1 -1
- package/pkisecret/secretBackendIntermediateSetSigned.d.ts +5 -7
- package/pkisecret/secretBackendIntermediateSetSigned.js +5 -7
- package/pkisecret/secretBackendIntermediateSetSigned.js.map +1 -1
- package/pkisecret/secretBackendIssuer.d.ts +0 -2
- package/pkisecret/secretBackendIssuer.js +0 -2
- package/pkisecret/secretBackendIssuer.js.map +1 -1
- package/pkisecret/secretBackendRole.d.ts +1 -2
- package/pkisecret/secretBackendRole.js +1 -2
- package/pkisecret/secretBackendRole.js.map +1 -1
- package/pkisecret/secretBackendRootCert.d.ts +2 -4
- package/pkisecret/secretBackendRootCert.js +2 -4
- package/pkisecret/secretBackendRootCert.js.map +1 -1
- package/pkisecret/secretBackendRootSignIntermediate.d.ts +3 -5
- package/pkisecret/secretBackendRootSignIntermediate.js +3 -5
- package/pkisecret/secretBackendRootSignIntermediate.js.map +1 -1
- package/pkisecret/secretBackendSign.d.ts +3 -4
- package/pkisecret/secretBackendSign.js +3 -4
- package/pkisecret/secretBackendSign.js.map +1 -1
- package/provider.d.ts +0 -6
- package/provider.js.map +1 -1
- package/quotaLeaseCount.d.ts +2 -3
- package/quotaLeaseCount.js +2 -3
- package/quotaLeaseCount.js.map +1 -1
- package/quotaRateLimit.d.ts +1 -2
- package/quotaRateLimit.js +1 -2
- package/quotaRateLimit.js.map +1 -1
- package/rabbitmq/secretBackend.d.ts +1 -3
- package/rabbitmq/secretBackend.js +1 -3
- package/rabbitmq/secretBackend.js.map +1 -1
- package/rabbitmq/secretBackendRole.d.ts +1 -2
- package/rabbitmq/secretBackendRole.js +1 -2
- package/rabbitmq/secretBackendRole.js.map +1 -1
- package/raftAutopilot.d.ts +0 -2
- package/raftAutopilot.js +0 -2
- package/raftAutopilot.js.map +1 -1
- package/raftSnapshotAgentConfig.d.ts +44 -128
- package/raftSnapshotAgentConfig.js +8 -11
- package/raftSnapshotAgentConfig.js.map +1 -1
- package/rgpPolicy.d.ts +1 -3
- package/rgpPolicy.js +1 -3
- package/rgpPolicy.js.map +1 -1
- package/saml/authBackend.d.ts +3 -5
- package/saml/authBackend.js +3 -5
- package/saml/authBackend.js.map +1 -1
- package/saml/authBackendRole.d.ts +28 -77
- package/saml/authBackendRole.js +4 -5
- package/saml/authBackendRole.js.map +1 -1
- package/secrets/syncAssociation.d.ts +6 -5
- package/secrets/syncAssociation.js +6 -5
- package/secrets/syncAssociation.js.map +1 -1
- package/secrets/syncAwsDestination.d.ts +3 -4
- package/secrets/syncAwsDestination.js +3 -4
- package/secrets/syncAwsDestination.js.map +1 -1
- package/secrets/syncAzureDestination.d.ts +5 -6
- package/secrets/syncAzureDestination.js +5 -6
- package/secrets/syncAzureDestination.js.map +1 -1
- package/secrets/syncConfig.d.ts +1 -3
- package/secrets/syncConfig.js +1 -3
- package/secrets/syncConfig.js.map +1 -1
- package/secrets/syncGcpDestination.d.ts +5 -4
- package/secrets/syncGcpDestination.js +5 -4
- package/secrets/syncGcpDestination.js.map +1 -1
- package/secrets/syncGhDestination.d.ts +3 -4
- package/secrets/syncGhDestination.js +3 -4
- package/secrets/syncGhDestination.js.map +1 -1
- package/secrets/syncGithubApps.d.ts +6 -5
- package/secrets/syncGithubApps.js +6 -5
- package/secrets/syncGithubApps.js.map +1 -1
- package/secrets/syncVercelDestination.d.ts +3 -4
- package/secrets/syncVercelDestination.js +3 -4
- package/secrets/syncVercelDestination.js.map +1 -1
- package/ssh/secretBackendCa.d.ts +3 -5
- package/ssh/secretBackendCa.js +0 -2
- package/ssh/secretBackendCa.js.map +1 -1
- package/ssh/secretBackendRole.d.ts +2 -2
- package/ssh/secretBackendRole.js +2 -2
- package/terraformcloud/secretBackend.d.ts +0 -38
- package/terraformcloud/secretBackend.js +0 -2
- package/terraformcloud/secretBackend.js.map +1 -1
- package/terraformcloud/secretCreds.d.ts +1 -11
- package/terraformcloud/secretCreds.js +1 -2
- package/terraformcloud/secretCreds.js.map +1 -1
- package/terraformcloud/secretRole.d.ts +1 -47
- package/terraformcloud/secretRole.js +1 -2
- package/terraformcloud/secretRole.js.map +1 -1
- package/token.d.ts +6 -8
- package/token.js +6 -8
- package/token.js.map +1 -1
- package/tokenauth/authBackendRole.d.ts +28 -78
- package/tokenauth/authBackendRole.js +4 -6
- package/tokenauth/authBackendRole.js.map +1 -1
- package/transform/alphabet.d.ts +2 -3
- package/transform/alphabet.js +2 -3
- package/transform/alphabet.js.map +1 -1
- package/transform/getDecode.d.ts +4 -4
- package/transform/getDecode.js +4 -4
- package/transform/getEncode.d.ts +4 -4
- package/transform/getEncode.js +4 -4
- package/transform/role.d.ts +2 -3
- package/transform/role.js +2 -3
- package/transform/role.js.map +1 -1
- package/transform/template.d.ts +2 -2
- package/transform/template.js +2 -2
- package/transit/getDecrypt.d.ts +2 -30
- package/transit/getDecrypt.js +2 -6
- package/transit/getDecrypt.js.map +1 -1
- package/transit/getEncrypt.d.ts +0 -30
- package/transit/getEncrypt.js.map +1 -1
- package/transit/secretBackendKey.d.ts +4 -3
- package/transit/secretBackendKey.js +4 -3
- package/transit/secretBackendKey.js.map +1 -1
- package/transit/secretCacheConfig.d.ts +0 -2
- package/transit/secretCacheConfig.js +0 -2
- package/transit/secretCacheConfig.js.map +1 -1
- package/types/input.d.ts +310 -502
- package/types/output.d.ts +310 -490
- package/package.json.bak +0 -27
package/identity/mfaTotp.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mfaTotp.js","sourceRoot":"","sources":["../../identity/mfaTotp.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"mfaTotp.js","sourceRoot":"","sources":["../../identity/mfaTotp.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAa,OAAQ,SAAQ,MAAM,CAAC,cAAc;IAC9C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAoB,EAAE,IAAmC;QAClH,OAAO,IAAI,OAAO,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC9D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC;IACxD,CAAC;IA2ED,YAAY,IAAY,EAAE,WAAwC,EAAE,IAAmC;QACnG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAuC,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAsC,CAAC;YACpD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,eAAe,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACpD,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC3C,cAAc,CAAC,aAAa,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAClD,cAAc,CAAC,eAAe,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACpD,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC3C,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC9C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;;AAlJL,0BAmJC;AArIG,gBAAgB;AACO,oBAAY,GAAG,gCAAgC,CAAC"}
|
package/identity/oidc.d.ts
CHANGED
|
@@ -9,14 +9,12 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
9
9
|
*
|
|
10
10
|
* ## Example Usage
|
|
11
11
|
*
|
|
12
|
-
* <!--Start PulumiCodeChooser -->
|
|
13
12
|
* ```typescript
|
|
14
13
|
* import * as pulumi from "@pulumi/pulumi";
|
|
15
14
|
* import * as vault from "@pulumi/vault";
|
|
16
15
|
*
|
|
17
16
|
* const server = new vault.identity.Oidc("server", {issuer: "https://www.acme.com"});
|
|
18
17
|
* ```
|
|
19
|
-
* <!--End PulumiCodeChooser -->
|
|
20
18
|
*/
|
|
21
19
|
export declare class Oidc extends pulumi.CustomResource {
|
|
22
20
|
/**
|
package/identity/oidc.js
CHANGED
|
@@ -15,14 +15,12 @@ const utilities = require("../utilities");
|
|
|
15
15
|
*
|
|
16
16
|
* ## Example Usage
|
|
17
17
|
*
|
|
18
|
-
* <!--Start PulumiCodeChooser -->
|
|
19
18
|
* ```typescript
|
|
20
19
|
* import * as pulumi from "@pulumi/pulumi";
|
|
21
20
|
* import * as vault from "@pulumi/vault";
|
|
22
21
|
*
|
|
23
22
|
* const server = new vault.identity.Oidc("server", {issuer: "https://www.acme.com"});
|
|
24
23
|
* ```
|
|
25
|
-
* <!--End PulumiCodeChooser -->
|
|
26
24
|
*/
|
|
27
25
|
class Oidc extends pulumi.CustomResource {
|
|
28
26
|
/**
|
package/identity/oidc.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc.js","sourceRoot":"","sources":["../../identity/oidc.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"oidc.js","sourceRoot":"","sources":["../../identity/oidc.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;GAgBG;AACH,MAAa,IAAK,SAAQ,MAAM,CAAC,cAAc;IAC3C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAiB,EAAE,IAAmC;QAC/G,OAAO,IAAI,IAAI,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC3D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,IAAI,CAAC,YAAY,CAAC;IACrD,CAAC;IAyBD,YAAY,IAAY,EAAE,WAAkC,EAAE,IAAmC;QAC7F,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAoC,CAAC;YACnD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACrE;aAAM;YACH,MAAM,IAAI,GAAG,WAAmC,CAAC;YACjD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACzD,CAAC;;AAjEL,oBAkEC;AApDG,gBAAgB;AACO,iBAAY,GAAG,0BAA0B,CAAC"}
|
|
@@ -5,25 +5,28 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
5
5
|
*
|
|
6
6
|
* ## Example Usage
|
|
7
7
|
*
|
|
8
|
-
* <!--Start PulumiCodeChooser -->
|
|
9
8
|
* ```typescript
|
|
10
9
|
* import * as pulumi from "@pulumi/pulumi";
|
|
11
10
|
* import * as vault from "@pulumi/vault";
|
|
12
11
|
*
|
|
13
12
|
* const internal = new vault.identity.Group("internal", {
|
|
13
|
+
* name: "internal",
|
|
14
14
|
* type: "internal",
|
|
15
15
|
* policies: [
|
|
16
16
|
* "dev",
|
|
17
17
|
* "test",
|
|
18
18
|
* ],
|
|
19
19
|
* });
|
|
20
|
-
* const test = new vault.identity.Entity("test", {
|
|
20
|
+
* const test = new vault.identity.Entity("test", {
|
|
21
|
+
* name: "test",
|
|
22
|
+
* policies: ["test"],
|
|
23
|
+
* });
|
|
21
24
|
* const _default = new vault.identity.OidcAssignment("default", {
|
|
25
|
+
* name: "assignment",
|
|
22
26
|
* entityIds: [test.id],
|
|
23
27
|
* groupIds: [internal.id],
|
|
24
28
|
* });
|
|
25
29
|
* ```
|
|
26
|
-
* <!--End PulumiCodeChooser -->
|
|
27
30
|
*
|
|
28
31
|
* ## Import
|
|
29
32
|
*
|
|
@@ -11,25 +11,28 @@ const utilities = require("../utilities");
|
|
|
11
11
|
*
|
|
12
12
|
* ## Example Usage
|
|
13
13
|
*
|
|
14
|
-
* <!--Start PulumiCodeChooser -->
|
|
15
14
|
* ```typescript
|
|
16
15
|
* import * as pulumi from "@pulumi/pulumi";
|
|
17
16
|
* import * as vault from "@pulumi/vault";
|
|
18
17
|
*
|
|
19
18
|
* const internal = new vault.identity.Group("internal", {
|
|
19
|
+
* name: "internal",
|
|
20
20
|
* type: "internal",
|
|
21
21
|
* policies: [
|
|
22
22
|
* "dev",
|
|
23
23
|
* "test",
|
|
24
24
|
* ],
|
|
25
25
|
* });
|
|
26
|
-
* const test = new vault.identity.Entity("test", {
|
|
26
|
+
* const test = new vault.identity.Entity("test", {
|
|
27
|
+
* name: "test",
|
|
28
|
+
* policies: ["test"],
|
|
29
|
+
* });
|
|
27
30
|
* const _default = new vault.identity.OidcAssignment("default", {
|
|
31
|
+
* name: "assignment",
|
|
28
32
|
* entityIds: [test.id],
|
|
29
33
|
* groupIds: [internal.id],
|
|
30
34
|
* });
|
|
31
35
|
* ```
|
|
32
|
-
* <!--End PulumiCodeChooser -->
|
|
33
36
|
*
|
|
34
37
|
* ## Import
|
|
35
38
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidcAssignment.js","sourceRoot":"","sources":["../../identity/oidcAssignment.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"oidcAssignment.js","sourceRoot":"","sources":["../../identity/oidcAssignment.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;IACrD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA2B,EAAE,IAAmC;QACzH,OAAO,IAAI,cAAc,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACrE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,cAAc,CAAC,YAAY,CAAC;IAC/D,CAAC;IA8BD,YAAY,IAAY,EAAE,WAAsD,EAAE,IAAmC;QACjH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA8C,CAAC;YAC7D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACrE;aAAM;YACH,MAAM,IAAI,GAAG,WAA6C,CAAC;YAC3D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACnE,CAAC;;AA1EL,wCA2EC;AA7DG,gBAAgB;AACO,2BAAY,GAAG,8CAA8C,CAAC"}
|
package/identity/oidcClient.d.ts
CHANGED
|
@@ -5,27 +5,27 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
5
5
|
*
|
|
6
6
|
* ## Example Usage
|
|
7
7
|
*
|
|
8
|
-
* <!--Start PulumiCodeChooser -->
|
|
9
8
|
* ```typescript
|
|
10
9
|
* import * as pulumi from "@pulumi/pulumi";
|
|
11
10
|
* import * as vault from "@pulumi/vault";
|
|
12
11
|
*
|
|
13
|
-
* const
|
|
12
|
+
* const test = new vault.identity.OidcAssignment("test", {
|
|
13
|
+
* name: "my-assignment",
|
|
14
14
|
* entityIds: ["ascbascas-2231a-sdfaa"],
|
|
15
15
|
* groupIds: ["sajkdsad-32414-sfsada"],
|
|
16
16
|
* });
|
|
17
|
-
* const testOidcClient = new vault.identity.OidcClient("
|
|
17
|
+
* const testOidcClient = new vault.identity.OidcClient("test", {
|
|
18
|
+
* name: "my-app",
|
|
18
19
|
* redirectUris: [
|
|
19
20
|
* "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
|
|
20
21
|
* "http://127.0.0.1:8251/callback",
|
|
21
22
|
* "http://127.0.0.1:8080/callback",
|
|
22
23
|
* ],
|
|
23
|
-
* assignments: [
|
|
24
|
+
* assignments: [test.name],
|
|
24
25
|
* idTokenTtl: 2400,
|
|
25
26
|
* accessTokenTtl: 7200,
|
|
26
27
|
* });
|
|
27
28
|
* ```
|
|
28
|
-
* <!--End PulumiCodeChooser -->
|
|
29
29
|
*
|
|
30
30
|
* ## Import
|
|
31
31
|
*
|
package/identity/oidcClient.js
CHANGED
|
@@ -11,27 +11,27 @@ const utilities = require("../utilities");
|
|
|
11
11
|
*
|
|
12
12
|
* ## Example Usage
|
|
13
13
|
*
|
|
14
|
-
* <!--Start PulumiCodeChooser -->
|
|
15
14
|
* ```typescript
|
|
16
15
|
* import * as pulumi from "@pulumi/pulumi";
|
|
17
16
|
* import * as vault from "@pulumi/vault";
|
|
18
17
|
*
|
|
19
|
-
* const
|
|
18
|
+
* const test = new vault.identity.OidcAssignment("test", {
|
|
19
|
+
* name: "my-assignment",
|
|
20
20
|
* entityIds: ["ascbascas-2231a-sdfaa"],
|
|
21
21
|
* groupIds: ["sajkdsad-32414-sfsada"],
|
|
22
22
|
* });
|
|
23
|
-
* const testOidcClient = new vault.identity.OidcClient("
|
|
23
|
+
* const testOidcClient = new vault.identity.OidcClient("test", {
|
|
24
|
+
* name: "my-app",
|
|
24
25
|
* redirectUris: [
|
|
25
26
|
* "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
|
|
26
27
|
* "http://127.0.0.1:8251/callback",
|
|
27
28
|
* "http://127.0.0.1:8080/callback",
|
|
28
29
|
* ],
|
|
29
|
-
* assignments: [
|
|
30
|
+
* assignments: [test.name],
|
|
30
31
|
* idTokenTtl: 2400,
|
|
31
32
|
* accessTokenTtl: 7200,
|
|
32
33
|
* });
|
|
33
34
|
* ```
|
|
34
|
-
* <!--End PulumiCodeChooser -->
|
|
35
35
|
*
|
|
36
36
|
* ## Import
|
|
37
37
|
*
|
package/identity/oidcKey.d.ts
CHANGED
|
@@ -2,19 +2,23 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
2
2
|
/**
|
|
3
3
|
* ## Example Usage
|
|
4
4
|
*
|
|
5
|
-
* <!--Start PulumiCodeChooser -->
|
|
6
5
|
* ```typescript
|
|
7
6
|
* import * as pulumi from "@pulumi/pulumi";
|
|
8
7
|
* import * as vault from "@pulumi/vault";
|
|
9
8
|
*
|
|
10
|
-
* const key = new vault.identity.OidcKey("key", {
|
|
11
|
-
*
|
|
12
|
-
*
|
|
9
|
+
* const key = new vault.identity.OidcKey("key", {
|
|
10
|
+
* name: "key",
|
|
11
|
+
* algorithm: "RS256",
|
|
12
|
+
* });
|
|
13
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
14
|
+
* name: "role",
|
|
15
|
+
* key: key.name,
|
|
16
|
+
* });
|
|
17
|
+
* const roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID("role", {
|
|
13
18
|
* keyName: key.name,
|
|
14
|
-
* allowedClientId:
|
|
19
|
+
* allowedClientId: role.clientId,
|
|
15
20
|
* });
|
|
16
21
|
* ```
|
|
17
|
-
* <!--End PulumiCodeChooser -->
|
|
18
22
|
*
|
|
19
23
|
* ## Import
|
|
20
24
|
*
|
package/identity/oidcKey.js
CHANGED
|
@@ -8,19 +8,23 @@ const utilities = require("../utilities");
|
|
|
8
8
|
/**
|
|
9
9
|
* ## Example Usage
|
|
10
10
|
*
|
|
11
|
-
* <!--Start PulumiCodeChooser -->
|
|
12
11
|
* ```typescript
|
|
13
12
|
* import * as pulumi from "@pulumi/pulumi";
|
|
14
13
|
* import * as vault from "@pulumi/vault";
|
|
15
14
|
*
|
|
16
|
-
* const key = new vault.identity.OidcKey("key", {
|
|
17
|
-
*
|
|
18
|
-
*
|
|
15
|
+
* const key = new vault.identity.OidcKey("key", {
|
|
16
|
+
* name: "key",
|
|
17
|
+
* algorithm: "RS256",
|
|
18
|
+
* });
|
|
19
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
20
|
+
* name: "role",
|
|
21
|
+
* key: key.name,
|
|
22
|
+
* });
|
|
23
|
+
* const roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID("role", {
|
|
19
24
|
* keyName: key.name,
|
|
20
|
-
* allowedClientId:
|
|
25
|
+
* allowedClientId: role.clientId,
|
|
21
26
|
* });
|
|
22
27
|
* ```
|
|
23
|
-
* <!--End PulumiCodeChooser -->
|
|
24
28
|
*
|
|
25
29
|
* ## Import
|
|
26
30
|
*
|
package/identity/oidcKey.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidcKey.js","sourceRoot":"","sources":["../../identity/oidcKey.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"oidcKey.js","sourceRoot":"","sources":["../../identity/oidcKey.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAa,OAAQ,SAAQ,MAAM,CAAC,cAAc;IAC9C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAoB,EAAE,IAAmC;QAClH,OAAO,IAAI,OAAO,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC9D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC;IACxD,CAAC;IAyCD,YAAY,IAAY,EAAE,WAAwC,EAAE,IAAmC;QACnG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAuC,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;SACjF;aAAM;YACH,MAAM,IAAI,GAAG,WAAsC,CAAC;YACpD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/E;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;;AAzFL,0BA0FC;AA5EG,gBAAgB;AACO,oBAAY,GAAG,gCAAgC,CAAC"}
|
|
@@ -2,19 +2,23 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
2
2
|
/**
|
|
3
3
|
* ## Example Usage
|
|
4
4
|
*
|
|
5
|
-
* <!--Start PulumiCodeChooser -->
|
|
6
5
|
* ```typescript
|
|
7
6
|
* import * as pulumi from "@pulumi/pulumi";
|
|
8
7
|
* import * as vault from "@pulumi/vault";
|
|
9
8
|
*
|
|
10
|
-
* const key = new vault.identity.OidcKey("key", {
|
|
11
|
-
*
|
|
12
|
-
*
|
|
9
|
+
* const key = new vault.identity.OidcKey("key", {
|
|
10
|
+
* name: "key",
|
|
11
|
+
* algorithm: "RS256",
|
|
12
|
+
* });
|
|
13
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
14
|
+
* name: "role",
|
|
15
|
+
* key: key.name,
|
|
16
|
+
* });
|
|
17
|
+
* const roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID("role", {
|
|
13
18
|
* keyName: key.name,
|
|
14
|
-
* allowedClientId:
|
|
19
|
+
* allowedClientId: role.clientId,
|
|
15
20
|
* });
|
|
16
21
|
* ```
|
|
17
|
-
* <!--End PulumiCodeChooser -->
|
|
18
22
|
*/
|
|
19
23
|
export declare class OidcKeyAllowedClientID extends pulumi.CustomResource {
|
|
20
24
|
/**
|
|
@@ -8,19 +8,23 @@ const utilities = require("../utilities");
|
|
|
8
8
|
/**
|
|
9
9
|
* ## Example Usage
|
|
10
10
|
*
|
|
11
|
-
* <!--Start PulumiCodeChooser -->
|
|
12
11
|
* ```typescript
|
|
13
12
|
* import * as pulumi from "@pulumi/pulumi";
|
|
14
13
|
* import * as vault from "@pulumi/vault";
|
|
15
14
|
*
|
|
16
|
-
* const key = new vault.identity.OidcKey("key", {
|
|
17
|
-
*
|
|
18
|
-
*
|
|
15
|
+
* const key = new vault.identity.OidcKey("key", {
|
|
16
|
+
* name: "key",
|
|
17
|
+
* algorithm: "RS256",
|
|
18
|
+
* });
|
|
19
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
20
|
+
* name: "role",
|
|
21
|
+
* key: key.name,
|
|
22
|
+
* });
|
|
23
|
+
* const roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID("role", {
|
|
19
24
|
* keyName: key.name,
|
|
20
|
-
* allowedClientId:
|
|
25
|
+
* allowedClientId: role.clientId,
|
|
21
26
|
* });
|
|
22
27
|
* ```
|
|
23
|
-
* <!--End PulumiCodeChooser -->
|
|
24
28
|
*/
|
|
25
29
|
class OidcKeyAllowedClientID extends pulumi.CustomResource {
|
|
26
30
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidcKeyAllowedClientID.js","sourceRoot":"","sources":["../../identity/oidcKeyAllowedClientID.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"oidcKeyAllowedClientID.js","sourceRoot":"","sources":["../../identity/oidcKeyAllowedClientID.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAa,sBAAuB,SAAQ,MAAM,CAAC,cAAc;IAC7D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmC,EAAE,IAAmC;QACjI,OAAO,IAAI,sBAAsB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,sBAAsB,CAAC,YAAY,CAAC;IACvE,CAAC;IA0BD,YAAY,IAAY,EAAE,WAAsE,EAAE,IAAmC;QACjI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsD,CAAC;YACrE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACrE;aAAM;YACH,MAAM,IAAI,GAAG,WAAqD,CAAC;YACnE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,eAAe,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC5D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;aAClE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,sBAAsB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3E,CAAC;;AA1EL,wDA2EC;AA7DG,gBAAgB;AACO,mCAAY,GAAG,8DAA8D,CAAC"}
|
|
@@ -5,22 +5,24 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
5
5
|
*
|
|
6
6
|
* ## Example Usage
|
|
7
7
|
*
|
|
8
|
-
* <!--Start PulumiCodeChooser -->
|
|
9
8
|
* ```typescript
|
|
10
9
|
* import * as pulumi from "@pulumi/pulumi";
|
|
11
10
|
* import * as vault from "@pulumi/vault";
|
|
12
11
|
*
|
|
13
|
-
* const
|
|
12
|
+
* const test = new vault.identity.OidcKey("test", {
|
|
13
|
+
* name: "my-key",
|
|
14
14
|
* allowedClientIds: ["*"],
|
|
15
15
|
* rotationPeriod: 3600,
|
|
16
16
|
* verificationTtl: 3600,
|
|
17
17
|
* });
|
|
18
|
-
* const testOidcAssignment = new vault.identity.OidcAssignment("
|
|
18
|
+
* const testOidcAssignment = new vault.identity.OidcAssignment("test", {
|
|
19
|
+
* name: "my-assignment",
|
|
19
20
|
* entityIds: ["fake-ascbascas-2231a-sdfaa"],
|
|
20
21
|
* groupIds: ["fake-sajkdsad-32414-sfsada"],
|
|
21
22
|
* });
|
|
22
|
-
* const testOidcClient = new vault.identity.OidcClient("
|
|
23
|
-
*
|
|
23
|
+
* const testOidcClient = new vault.identity.OidcClient("test", {
|
|
24
|
+
* name: "application",
|
|
25
|
+
* key: test.name,
|
|
24
26
|
* redirectUris: [
|
|
25
27
|
* "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
|
|
26
28
|
* "http://127.0.0.1:8251/callback",
|
|
@@ -30,20 +32,21 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
30
32
|
* idTokenTtl: 2400,
|
|
31
33
|
* accessTokenTtl: 7200,
|
|
32
34
|
* });
|
|
33
|
-
* const testOidcScope = new vault.identity.OidcScope("
|
|
35
|
+
* const testOidcScope = new vault.identity.OidcScope("test", {
|
|
36
|
+
* name: "groups",
|
|
34
37
|
* template: JSON.stringify({
|
|
35
38
|
* groups: "{{identity.entity.groups.names}}",
|
|
36
39
|
* }),
|
|
37
40
|
* description: "Groups scope.",
|
|
38
41
|
* });
|
|
39
|
-
* const testOidcProvider = new vault.identity.OidcProvider("
|
|
42
|
+
* const testOidcProvider = new vault.identity.OidcProvider("test", {
|
|
43
|
+
* name: "my-provider",
|
|
40
44
|
* httpsEnabled: false,
|
|
41
45
|
* issuerHost: "127.0.0.1:8200",
|
|
42
46
|
* allowedClientIds: [testOidcClient.clientId],
|
|
43
47
|
* scopesSupporteds: [testOidcScope.name],
|
|
44
48
|
* });
|
|
45
49
|
* ```
|
|
46
|
-
* <!--End PulumiCodeChooser -->
|
|
47
50
|
*
|
|
48
51
|
* ## Import
|
|
49
52
|
*
|
package/identity/oidcProvider.js
CHANGED
|
@@ -11,22 +11,24 @@ const utilities = require("../utilities");
|
|
|
11
11
|
*
|
|
12
12
|
* ## Example Usage
|
|
13
13
|
*
|
|
14
|
-
* <!--Start PulumiCodeChooser -->
|
|
15
14
|
* ```typescript
|
|
16
15
|
* import * as pulumi from "@pulumi/pulumi";
|
|
17
16
|
* import * as vault from "@pulumi/vault";
|
|
18
17
|
*
|
|
19
|
-
* const
|
|
18
|
+
* const test = new vault.identity.OidcKey("test", {
|
|
19
|
+
* name: "my-key",
|
|
20
20
|
* allowedClientIds: ["*"],
|
|
21
21
|
* rotationPeriod: 3600,
|
|
22
22
|
* verificationTtl: 3600,
|
|
23
23
|
* });
|
|
24
|
-
* const testOidcAssignment = new vault.identity.OidcAssignment("
|
|
24
|
+
* const testOidcAssignment = new vault.identity.OidcAssignment("test", {
|
|
25
|
+
* name: "my-assignment",
|
|
25
26
|
* entityIds: ["fake-ascbascas-2231a-sdfaa"],
|
|
26
27
|
* groupIds: ["fake-sajkdsad-32414-sfsada"],
|
|
27
28
|
* });
|
|
28
|
-
* const testOidcClient = new vault.identity.OidcClient("
|
|
29
|
-
*
|
|
29
|
+
* const testOidcClient = new vault.identity.OidcClient("test", {
|
|
30
|
+
* name: "application",
|
|
31
|
+
* key: test.name,
|
|
30
32
|
* redirectUris: [
|
|
31
33
|
* "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
|
|
32
34
|
* "http://127.0.0.1:8251/callback",
|
|
@@ -36,20 +38,21 @@ const utilities = require("../utilities");
|
|
|
36
38
|
* idTokenTtl: 2400,
|
|
37
39
|
* accessTokenTtl: 7200,
|
|
38
40
|
* });
|
|
39
|
-
* const testOidcScope = new vault.identity.OidcScope("
|
|
41
|
+
* const testOidcScope = new vault.identity.OidcScope("test", {
|
|
42
|
+
* name: "groups",
|
|
40
43
|
* template: JSON.stringify({
|
|
41
44
|
* groups: "{{identity.entity.groups.names}}",
|
|
42
45
|
* }),
|
|
43
46
|
* description: "Groups scope.",
|
|
44
47
|
* });
|
|
45
|
-
* const testOidcProvider = new vault.identity.OidcProvider("
|
|
48
|
+
* const testOidcProvider = new vault.identity.OidcProvider("test", {
|
|
49
|
+
* name: "my-provider",
|
|
46
50
|
* httpsEnabled: false,
|
|
47
51
|
* issuerHost: "127.0.0.1:8200",
|
|
48
52
|
* allowedClientIds: [testOidcClient.clientId],
|
|
49
53
|
* scopesSupporteds: [testOidcScope.name],
|
|
50
54
|
* });
|
|
51
55
|
* ```
|
|
52
|
-
* <!--End PulumiCodeChooser -->
|
|
53
56
|
*
|
|
54
57
|
* ## Import
|
|
55
58
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidcProvider.js","sourceRoot":"","sources":["../../identity/oidcProvider.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"oidcProvider.js","sourceRoot":"","sources":["../../identity/oidcProvider.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwDG;AACH,MAAa,YAAa,SAAQ,MAAM,CAAC,cAAc;IACnD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAyB,EAAE,IAAmC;QACvH,OAAO,IAAI,YAAY,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACnE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,YAAY,CAAC,YAAY,CAAC;IAC7D,CAAC;IA6CD,YAAY,IAAY,EAAE,WAAkD,EAAE,IAAmC;QAC7G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA4C,CAAC;YAC3D,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;SACnF;aAAM;YACH,MAAM,IAAI,GAAG,WAA2C,CAAC;YACzD,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAChD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,YAAY,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACjE,CAAC;;AA/FL,oCAgGC;AAlFG,gBAAgB;AACO,yBAAY,GAAG,0CAA0C,CAAC"}
|
package/identity/oidcRole.d.ts
CHANGED
|
@@ -7,38 +7,45 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
7
7
|
* exist before the role can be used to issue tokens. You must also configure the key with the
|
|
8
8
|
* role's Client ID to allow the role to use the key.
|
|
9
9
|
*
|
|
10
|
-
* <!--Start PulumiCodeChooser -->
|
|
11
10
|
* ```typescript
|
|
12
11
|
* import * as pulumi from "@pulumi/pulumi";
|
|
13
12
|
* import * as vault from "@pulumi/vault";
|
|
14
13
|
*
|
|
15
14
|
* const config = new pulumi.Config();
|
|
15
|
+
* // Name of the OIDC Key
|
|
16
16
|
* const key = config.get("key") || "key";
|
|
17
|
-
* const role = new vault.identity.OidcRole("role", {
|
|
18
|
-
*
|
|
17
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
18
|
+
* name: "role",
|
|
19
|
+
* key: key,
|
|
20
|
+
* });
|
|
21
|
+
* const keyOidcKey = new vault.identity.OidcKey("key", {
|
|
22
|
+
* name: key,
|
|
19
23
|
* algorithm: "RS256",
|
|
20
24
|
* allowedClientIds: [role.clientId],
|
|
21
25
|
* });
|
|
22
26
|
* ```
|
|
23
|
-
* <!--End PulumiCodeChooser -->
|
|
24
27
|
*
|
|
25
28
|
* If you want to create the key first before creating the role, you can use a separate
|
|
26
29
|
* resource to configure the allowed Client ID on
|
|
27
30
|
* the key.
|
|
28
31
|
*
|
|
29
|
-
* <!--Start PulumiCodeChooser -->
|
|
30
32
|
* ```typescript
|
|
31
33
|
* import * as pulumi from "@pulumi/pulumi";
|
|
32
34
|
* import * as vault from "@pulumi/vault";
|
|
33
35
|
*
|
|
34
|
-
* const key = new vault.identity.OidcKey("key", {
|
|
35
|
-
*
|
|
36
|
-
*
|
|
36
|
+
* const key = new vault.identity.OidcKey("key", {
|
|
37
|
+
* name: "key",
|
|
38
|
+
* algorithm: "RS256",
|
|
39
|
+
* });
|
|
40
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
41
|
+
* name: "role",
|
|
42
|
+
* key: key.name,
|
|
43
|
+
* });
|
|
44
|
+
* const roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID("role", {
|
|
37
45
|
* keyName: key.name,
|
|
38
|
-
* allowedClientId:
|
|
46
|
+
* allowedClientId: role.clientId,
|
|
39
47
|
* });
|
|
40
48
|
* ```
|
|
41
|
-
* <!--End PulumiCodeChooser -->
|
|
42
49
|
*
|
|
43
50
|
* ## Import
|
|
44
51
|
*
|
package/identity/oidcRole.js
CHANGED
|
@@ -13,38 +13,45 @@ const utilities = require("../utilities");
|
|
|
13
13
|
* exist before the role can be used to issue tokens. You must also configure the key with the
|
|
14
14
|
* role's Client ID to allow the role to use the key.
|
|
15
15
|
*
|
|
16
|
-
* <!--Start PulumiCodeChooser -->
|
|
17
16
|
* ```typescript
|
|
18
17
|
* import * as pulumi from "@pulumi/pulumi";
|
|
19
18
|
* import * as vault from "@pulumi/vault";
|
|
20
19
|
*
|
|
21
20
|
* const config = new pulumi.Config();
|
|
21
|
+
* // Name of the OIDC Key
|
|
22
22
|
* const key = config.get("key") || "key";
|
|
23
|
-
* const role = new vault.identity.OidcRole("role", {
|
|
24
|
-
*
|
|
23
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
24
|
+
* name: "role",
|
|
25
|
+
* key: key,
|
|
26
|
+
* });
|
|
27
|
+
* const keyOidcKey = new vault.identity.OidcKey("key", {
|
|
28
|
+
* name: key,
|
|
25
29
|
* algorithm: "RS256",
|
|
26
30
|
* allowedClientIds: [role.clientId],
|
|
27
31
|
* });
|
|
28
32
|
* ```
|
|
29
|
-
* <!--End PulumiCodeChooser -->
|
|
30
33
|
*
|
|
31
34
|
* If you want to create the key first before creating the role, you can use a separate
|
|
32
35
|
* resource to configure the allowed Client ID on
|
|
33
36
|
* the key.
|
|
34
37
|
*
|
|
35
|
-
* <!--Start PulumiCodeChooser -->
|
|
36
38
|
* ```typescript
|
|
37
39
|
* import * as pulumi from "@pulumi/pulumi";
|
|
38
40
|
* import * as vault from "@pulumi/vault";
|
|
39
41
|
*
|
|
40
|
-
* const key = new vault.identity.OidcKey("key", {
|
|
41
|
-
*
|
|
42
|
-
*
|
|
42
|
+
* const key = new vault.identity.OidcKey("key", {
|
|
43
|
+
* name: "key",
|
|
44
|
+
* algorithm: "RS256",
|
|
45
|
+
* });
|
|
46
|
+
* const role = new vault.identity.OidcRole("role", {
|
|
47
|
+
* name: "role",
|
|
48
|
+
* key: key.name,
|
|
49
|
+
* });
|
|
50
|
+
* const roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID("role", {
|
|
43
51
|
* keyName: key.name,
|
|
44
|
-
* allowedClientId:
|
|
52
|
+
* allowedClientId: role.clientId,
|
|
45
53
|
* });
|
|
46
54
|
* ```
|
|
47
|
-
* <!--End PulumiCodeChooser -->
|
|
48
55
|
*
|
|
49
56
|
* ## Import
|
|
50
57
|
*
|
package/identity/oidcRole.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidcRole.js","sourceRoot":"","sources":["../../identity/oidcRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"oidcRole.js","sourceRoot":"","sources":["../../identity/oidcRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG;AACH,MAAa,QAAS,SAAQ,MAAM,CAAC,cAAc;IAC/C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAqB,EAAE,IAAmC;QACnH,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC/D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,QAAQ,CAAC,YAAY,CAAC;IACzD,CAAC;IA2CD,YAAY,IAAY,EAAE,WAA0C,EAAE,IAAmC;QACrG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAwC,CAAC;YACvD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;SACzD;aAAM;YACH,MAAM,IAAI,GAAG,WAAuC,CAAC;YACrD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAChD,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;aACtD;YACD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACpD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;SACvD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,QAAQ,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC7D,CAAC;;AA9FL,4BA+FC;AAjFG,gBAAgB;AACO,qBAAY,GAAG,kCAAkC,CAAC"}
|
package/identity/oidcScope.d.ts
CHANGED
|
@@ -5,17 +5,16 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
5
5
|
*
|
|
6
6
|
* ## Example Usage
|
|
7
7
|
*
|
|
8
|
-
* <!--Start PulumiCodeChooser -->
|
|
9
8
|
* ```typescript
|
|
10
9
|
* import * as pulumi from "@pulumi/pulumi";
|
|
11
10
|
* import * as vault from "@pulumi/vault";
|
|
12
11
|
*
|
|
13
12
|
* const groups = new vault.identity.OidcScope("groups", {
|
|
14
|
-
*
|
|
13
|
+
* name: "groups",
|
|
15
14
|
* template: "{\"groups\":{{identity.entity.groups.names}}}",
|
|
15
|
+
* description: "Vault OIDC Groups Scope",
|
|
16
16
|
* });
|
|
17
17
|
* ```
|
|
18
|
-
* <!--End PulumiCodeChooser -->
|
|
19
18
|
*
|
|
20
19
|
* ## Import
|
|
21
20
|
*
|