@pulumi/vault 6.1.0 → 6.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ad/secretBackend.d.ts +1 -3
- package/ad/secretBackend.js +1 -3
- package/ad/secretBackend.js.map +1 -1
- package/ad/secretLibrary.d.ts +1 -2
- package/ad/secretLibrary.js +1 -2
- package/ad/secretLibrary.js.map +1 -1
- package/ad/secretRole.d.ts +0 -2
- package/ad/secretRole.js +0 -2
- package/ad/secretRole.js.map +1 -1
- package/alicloud/authBackendRole.d.ts +30 -83
- package/alicloud/authBackendRole.js +3 -5
- package/alicloud/authBackendRole.js.map +1 -1
- package/approle/authBackendLogin.d.ts +0 -2
- package/approle/authBackendLogin.js +0 -2
- package/approle/authBackendLogin.js.map +1 -1
- package/approle/authBackendRole.d.ts +27 -80
- package/approle/authBackendRole.js +0 -2
- package/approle/authBackendRole.js.map +1 -1
- package/approle/authBackendRoleSecretId.d.ts +0 -2
- package/approle/authBackendRoleSecretId.js +0 -2
- package/approle/authBackendRoleSecretId.js.map +1 -1
- package/approle/getAuthBackendRoleId.d.ts +0 -4
- package/approle/getAuthBackendRoleId.js +0 -4
- package/approle/getAuthBackendRoleId.js.map +1 -1
- package/audit.d.ts +4 -8
- package/audit.js +4 -8
- package/audit.js.map +1 -1
- package/auditRequestHeader.d.ts +4 -3
- package/auditRequestHeader.js +4 -3
- package/auditRequestHeader.js.map +1 -1
- package/aws/authBackendClient.d.ts +3 -5
- package/aws/authBackendClient.js +3 -5
- package/aws/authBackendClient.js.map +1 -1
- package/aws/authBackendConfigIdentity.d.ts +0 -2
- package/aws/authBackendConfigIdentity.js +0 -2
- package/aws/authBackendConfigIdentity.js.map +1 -1
- package/aws/authBackendIdentityWhitelist.d.ts +3 -5
- package/aws/authBackendIdentityWhitelist.js +3 -5
- package/aws/authBackendIdentityWhitelist.js.map +1 -1
- package/aws/authBackendLogin.d.ts +0 -6
- package/aws/authBackendLogin.js.map +1 -1
- package/aws/authBackendRole.d.ts +27 -80
- package/aws/authBackendRole.js +0 -2
- package/aws/authBackendRole.js.map +1 -1
- package/aws/authBackendRoletagBlacklist.d.ts +3 -5
- package/aws/authBackendRoletagBlacklist.js +3 -5
- package/aws/authBackendRoletagBlacklist.js.map +1 -1
- package/aws/authBackendStsRole.d.ts +0 -2
- package/aws/authBackendStsRole.js +0 -2
- package/aws/authBackendStsRole.js.map +1 -1
- package/aws/secretBackend.d.ts +27 -0
- package/aws/secretBackend.js.map +1 -1
- package/aws/secretBackendRole.d.ts +1 -2
- package/aws/secretBackendRole.js +1 -2
- package/aws/secretBackendRole.js.map +1 -1
- package/aws/secretBackendStaticRole.d.ts +1 -2
- package/aws/secretBackendStaticRole.js +1 -2
- package/aws/secretBackendStaticRole.js.map +1 -1
- package/azure/authBackendConfig.d.ts +3 -5
- package/azure/authBackendConfig.js +3 -5
- package/azure/authBackendConfig.js.map +1 -1
- package/azure/authBackendRole.d.ts +27 -80
- package/azure/authBackendRole.js +0 -2
- package/azure/authBackendRole.js.map +1 -1
- package/azure/backend.d.ts +6 -10
- package/azure/backend.js +6 -10
- package/azure/backend.js.map +1 -1
- package/azure/backendRole.d.ts +7 -9
- package/azure/backendRole.js +7 -9
- package/azure/backendRole.js.map +1 -1
- package/azure/getAccessCredentials.d.ts +0 -4
- package/azure/getAccessCredentials.js +0 -4
- package/azure/getAccessCredentials.js.map +1 -1
- package/certAuthBackendRole.d.ts +35 -91
- package/certAuthBackendRole.js +8 -7
- package/certAuthBackendRole.js.map +1 -1
- package/consul/secretBackend.d.ts +4 -8
- package/consul/secretBackend.js +4 -8
- package/consul/secretBackend.js.map +1 -1
- package/consul/secretBackendRole.d.ts +1 -2
- package/consul/secretBackendRole.js +1 -2
- package/consul/secretBackendRole.js.map +1 -1
- package/database/secretBackendConnection.d.ts +1 -2
- package/database/secretBackendConnection.js +1 -2
- package/database/secretBackendConnection.js.map +1 -1
- package/database/secretBackendRole.d.ts +2 -2
- package/database/secretBackendRole.js +2 -2
- package/database/secretBackendStaticRole.d.ts +5 -4
- package/database/secretBackendStaticRole.js +5 -4
- package/database/secretBackendStaticRole.js.map +1 -1
- package/database/secretsMount.d.ts +2 -2
- package/database/secretsMount.js +2 -2
- package/egpPolicy.d.ts +2 -4
- package/egpPolicy.js +2 -4
- package/egpPolicy.js.map +1 -1
- package/gcp/authBackend.d.ts +0 -20
- package/gcp/authBackend.js +0 -20
- package/gcp/authBackend.js.map +1 -1
- package/gcp/authBackendRole.d.ts +27 -134
- package/gcp/authBackendRole.js +0 -2
- package/gcp/authBackendRole.js.map +1 -1
- package/gcp/getAuthBackendRole.d.ts +0 -4
- package/gcp/getAuthBackendRole.js +0 -4
- package/gcp/getAuthBackendRole.js.map +1 -1
- package/gcp/secretBackend.d.ts +4 -4
- package/gcp/secretBackend.js +4 -4
- package/gcp/secretImpersonatedAccount.d.ts +7 -7
- package/gcp/secretImpersonatedAccount.js +7 -7
- package/gcp/secretRoleset.d.ts +4 -4
- package/gcp/secretRoleset.js +4 -4
- package/gcp/secretStaticAccount.d.ts +8 -8
- package/gcp/secretStaticAccount.js +8 -8
- package/generic/endpoint.d.ts +2 -4
- package/generic/endpoint.js +2 -4
- package/generic/endpoint.js.map +1 -1
- package/generic/getSecret.d.ts +44 -4
- package/generic/getSecret.js +44 -4
- package/generic/getSecret.js.map +1 -1
- package/getAuthBackend.d.ts +0 -4
- package/getAuthBackend.js +0 -4
- package/getAuthBackend.js.map +1 -1
- package/getAuthBackends.d.ts +0 -8
- package/getAuthBackends.js +0 -8
- package/getAuthBackends.js.map +1 -1
- package/getNamespace.d.ts +0 -12
- package/getNamespace.js +0 -12
- package/getNamespace.js.map +1 -1
- package/getNamespaces.d.ts +4 -12
- package/getNamespaces.js +4 -12
- package/getNamespaces.js.map +1 -1
- package/getNomadAccessToken.d.ts +0 -4
- package/getNomadAccessToken.js +0 -4
- package/getNomadAccessToken.js.map +1 -1
- package/getPolicyDocument.d.ts +10 -8
- package/getPolicyDocument.js +10 -8
- package/getPolicyDocument.js.map +1 -1
- package/getRaftAutopilotState.d.ts +0 -4
- package/getRaftAutopilotState.js +0 -4
- package/getRaftAutopilotState.js.map +1 -1
- package/github/authBackend.d.ts +0 -2
- package/github/authBackend.js +0 -2
- package/github/authBackend.js.map +1 -1
- package/github/team.d.ts +1 -3
- package/github/team.js +1 -3
- package/github/team.js.map +1 -1
- package/github/user.d.ts +1 -3
- package/github/user.js +1 -3
- package/github/user.js.map +1 -1
- package/identity/entity.d.ts +2 -3
- package/identity/entity.js +2 -3
- package/identity/entity.js.map +1 -1
- package/identity/entityAlias.d.ts +2 -3
- package/identity/entityAlias.js +2 -3
- package/identity/entityAlias.js.map +1 -1
- package/identity/entityPolicies.d.ts +8 -6
- package/identity/entityPolicies.js +8 -6
- package/identity/entityPolicies.js.map +1 -1
- package/identity/getEntity.d.ts +0 -4
- package/identity/getEntity.js +0 -4
- package/identity/getEntity.js.map +1 -1
- package/identity/getGroup.d.ts +0 -4
- package/identity/getGroup.js +0 -4
- package/identity/getGroup.js.map +1 -1
- package/identity/getOidcClientCreds.d.ts +2 -4
- package/identity/getOidcClientCreds.js +2 -4
- package/identity/getOidcClientCreds.js.map +1 -1
- package/identity/getOidcOpenidConfig.d.ts +12 -6
- package/identity/getOidcOpenidConfig.js +12 -6
- package/identity/getOidcOpenidConfig.js.map +1 -1
- package/identity/getOidcPublicKeys.d.ts +12 -6
- package/identity/getOidcPublicKeys.js +12 -6
- package/identity/getOidcPublicKeys.js.map +1 -1
- package/identity/group.d.ts +18 -20
- package/identity/group.js +18 -20
- package/identity/group.js.map +1 -1
- package/identity/groupAlias.d.ts +1 -2
- package/identity/groupAlias.js +1 -2
- package/identity/groupAlias.js.map +1 -1
- package/identity/groupMemberEntityIds.d.ts +6 -8
- package/identity/groupMemberEntityIds.js +6 -8
- package/identity/groupMemberEntityIds.js.map +1 -1
- package/identity/groupMemberGroupIds.d.ts +14 -10
- package/identity/groupMemberGroupIds.js +14 -10
- package/identity/groupMemberGroupIds.js.map +1 -1
- package/identity/groupPolicies.d.ts +2 -4
- package/identity/groupPolicies.js +2 -4
- package/identity/groupPolicies.js.map +1 -1
- package/identity/mfaDuo.d.ts +1 -3
- package/identity/mfaDuo.js +1 -3
- package/identity/mfaDuo.js.map +1 -1
- package/identity/mfaLoginEnforcement.d.ts +5 -4
- package/identity/mfaLoginEnforcement.js +5 -4
- package/identity/mfaLoginEnforcement.js.map +1 -1
- package/identity/mfaOkta.d.ts +1 -3
- package/identity/mfaOkta.js +1 -3
- package/identity/mfaOkta.js.map +1 -1
- package/identity/mfaPingid.d.ts +0 -2
- package/identity/mfaPingid.js +0 -2
- package/identity/mfaPingid.js.map +1 -1
- package/identity/mfaTotp.d.ts +0 -2
- package/identity/mfaTotp.js +0 -2
- package/identity/mfaTotp.js.map +1 -1
- package/identity/oidc.d.ts +0 -2
- package/identity/oidc.js +0 -2
- package/identity/oidc.js.map +1 -1
- package/identity/oidcAssignment.d.ts +6 -3
- package/identity/oidcAssignment.js +6 -3
- package/identity/oidcAssignment.js.map +1 -1
- package/identity/oidcClient.d.ts +5 -5
- package/identity/oidcClient.js +5 -5
- package/identity/oidcKey.d.ts +10 -6
- package/identity/oidcKey.js +10 -6
- package/identity/oidcKey.js.map +1 -1
- package/identity/oidcKeyAllowedClientID.d.ts +10 -6
- package/identity/oidcKeyAllowedClientID.js +10 -6
- package/identity/oidcKeyAllowedClientID.js.map +1 -1
- package/identity/oidcProvider.d.ts +11 -8
- package/identity/oidcProvider.js +11 -8
- package/identity/oidcProvider.js.map +1 -1
- package/identity/oidcRole.d.ts +17 -10
- package/identity/oidcRole.js +17 -10
- package/identity/oidcRole.js.map +1 -1
- package/identity/oidcScope.d.ts +2 -3
- package/identity/oidcScope.js +2 -3
- package/identity/oidcScope.js.map +1 -1
- package/jwt/authBackend.d.ts +8 -14
- package/jwt/authBackend.js +8 -14
- package/jwt/authBackend.js.map +1 -1
- package/jwt/authBackendRole.d.ts +27 -82
- package/jwt/authBackendRole.js +0 -4
- package/jwt/authBackendRole.js.map +1 -1
- package/kmip/secretBackend.d.ts +5 -7
- package/kmip/secretBackend.js +5 -7
- package/kmip/secretBackend.js.map +1 -1
- package/kmip/secretRole.d.ts +0 -2
- package/kmip/secretRole.js +0 -2
- package/kmip/secretRole.js.map +1 -1
- package/kmip/secretScope.d.ts +0 -2
- package/kmip/secretScope.js +0 -2
- package/kmip/secretScope.js.map +1 -1
- package/kubernetes/authBackendConfig.d.ts +0 -2
- package/kubernetes/authBackendConfig.js +0 -2
- package/kubernetes/authBackendConfig.js.map +1 -1
- package/kubernetes/authBackendRole.d.ts +24 -74
- package/kubernetes/authBackendRole.js +0 -2
- package/kubernetes/authBackendRole.js.map +1 -1
- package/kubernetes/getServiceAccountToken.d.ts +16 -10
- package/kubernetes/getServiceAccountToken.js +16 -10
- package/kubernetes/getServiceAccountToken.js.map +1 -1
- package/kubernetes/secretBackend.d.ts +7 -5
- package/kubernetes/secretBackend.js +7 -5
- package/kubernetes/secretBackend.js.map +1 -1
- package/kubernetes/secretBackendRole.d.ts +24 -15
- package/kubernetes/secretBackendRole.js +24 -15
- package/kubernetes/secretBackendRole.js.map +1 -1
- package/kv/getSecret.d.ts +0 -4
- package/kv/getSecret.js +0 -4
- package/kv/getSecret.js.map +1 -1
- package/kv/getSecretSubkeysV2.d.ts +4 -6
- package/kv/getSecretSubkeysV2.js +4 -6
- package/kv/getSecretSubkeysV2.js.map +1 -1
- package/kv/getSecretV2.d.ts +64 -0
- package/kv/getSecretV2.js +64 -0
- package/kv/getSecretV2.js.map +1 -1
- package/kv/getSecretsList.d.ts +4 -8
- package/kv/getSecretsList.js +4 -8
- package/kv/getSecretsList.js.map +1 -1
- package/kv/getSecretsListV2.d.ts +14 -12
- package/kv/getSecretsListV2.js +14 -12
- package/kv/getSecretsListV2.js.map +1 -1
- package/kv/secret.d.ts +0 -2
- package/kv/secret.js +0 -2
- package/kv/secret.js.map +1 -1
- package/kv/secretBackendV2.d.ts +0 -2
- package/kv/secretBackendV2.js +0 -2
- package/kv/secretBackendV2.js.map +1 -1
- package/kv/secretV2.d.ts +1 -2
- package/kv/secretV2.js +1 -2
- package/kv/secretV2.js.map +1 -1
- package/ldap/authBackend.d.ts +29 -70
- package/ldap/authBackend.js +5 -7
- package/ldap/authBackend.js.map +1 -1
- package/ldap/authBackendGroup.d.ts +0 -2
- package/ldap/authBackendGroup.js +0 -2
- package/ldap/authBackendGroup.js.map +1 -1
- package/ldap/authBackendUser.d.ts +0 -2
- package/ldap/authBackendUser.js +0 -2
- package/ldap/authBackendUser.js.map +1 -1
- package/ldap/secretBackend.d.ts +2 -4
- package/ldap/secretBackend.js +2 -4
- package/ldap/secretBackend.js.map +1 -1
- package/ldap/secretBackendDynamicRole.d.ts +0 -2
- package/ldap/secretBackendDynamicRole.js +0 -2
- package/ldap/secretBackendDynamicRole.js.map +1 -1
- package/ldap/secretBackendLibrarySet.d.ts +1 -2
- package/ldap/secretBackendLibrarySet.js +1 -2
- package/ldap/secretBackendLibrarySet.js.map +1 -1
- package/ldap/secretBackendStaticRole.d.ts +0 -2
- package/ldap/secretBackendStaticRole.js +0 -2
- package/ldap/secretBackendStaticRole.js.map +1 -1
- package/managed/keys.d.ts +3 -12
- package/managed/keys.js.map +1 -1
- package/mfaDuo.d.ts +2 -3
- package/mfaDuo.js +2 -3
- package/mfaDuo.js.map +1 -1
- package/mfaOkta.d.ts +2 -3
- package/mfaOkta.js +2 -3
- package/mfaOkta.js.map +1 -1
- package/mfaPingid.d.ts +2 -3
- package/mfaPingid.js +2 -3
- package/mfaPingid.js.map +1 -1
- package/mfaTotp.d.ts +4 -5
- package/mfaTotp.js +4 -5
- package/mfaTotp.js.map +1 -1
- package/mongodbatlas/secretBackend.d.ts +0 -2
- package/mongodbatlas/secretBackend.js +0 -2
- package/mongodbatlas/secretBackend.js.map +1 -1
- package/mongodbatlas/secretRole.d.ts +1 -2
- package/mongodbatlas/secretRole.js +1 -2
- package/mongodbatlas/secretRole.js.map +1 -1
- package/mount.d.ts +10 -18
- package/mount.js +10 -18
- package/mount.js.map +1 -1
- package/nomadSecretBackend.d.ts +2 -4
- package/nomadSecretBackend.js +2 -4
- package/nomadSecretBackend.js.map +1 -1
- package/nomadSecretRole.d.ts +0 -2
- package/nomadSecretRole.js +0 -2
- package/nomadSecretRole.js.map +1 -1
- package/okta/authBackend.d.ts +3 -5
- package/okta/authBackend.js +3 -5
- package/okta/authBackend.js.map +1 -1
- package/okta/authBackendGroup.d.ts +0 -2
- package/okta/authBackendGroup.js +0 -2
- package/okta/authBackendGroup.js.map +1 -1
- package/okta/authBackendUser.d.ts +0 -2
- package/okta/authBackendUser.js +0 -2
- package/okta/authBackendUser.js.map +1 -1
- package/package.json +3 -2
- package/passwordPolicy.d.ts +5 -5
- package/passwordPolicy.js +5 -5
- package/pkisecret/backendConfigCluster.d.ts +0 -2
- package/pkisecret/backendConfigCluster.js +0 -2
- package/pkisecret/backendConfigCluster.js.map +1 -1
- package/pkisecret/getBackendIssuer.d.ts +44 -0
- package/pkisecret/getBackendIssuer.js +44 -0
- package/pkisecret/getBackendIssuer.js.map +1 -1
- package/pkisecret/getBackendIssuers.d.ts +0 -4
- package/pkisecret/getBackendIssuers.js +0 -4
- package/pkisecret/getBackendIssuers.js.map +1 -1
- package/pkisecret/getBackendKey.d.ts +2 -6
- package/pkisecret/getBackendKey.js +2 -6
- package/pkisecret/getBackendKey.js.map +1 -1
- package/pkisecret/getBackendKeys.d.ts +0 -4
- package/pkisecret/getBackendKeys.js +0 -4
- package/pkisecret/getBackendKeys.js.map +1 -1
- package/pkisecret/secretBackendCert.d.ts +3 -4
- package/pkisecret/secretBackendCert.js +3 -4
- package/pkisecret/secretBackendCert.js.map +1 -1
- package/pkisecret/secretBackendConfigCa.d.ts +2 -4
- package/pkisecret/secretBackendConfigCa.js +2 -4
- package/pkisecret/secretBackendConfigCa.js.map +1 -1
- package/pkisecret/secretBackendConfigIssuers.d.ts +0 -2
- package/pkisecret/secretBackendConfigIssuers.js +0 -2
- package/pkisecret/secretBackendConfigIssuers.js.map +1 -1
- package/pkisecret/secretBackendConfigUrls.d.ts +0 -2
- package/pkisecret/secretBackendConfigUrls.js +0 -2
- package/pkisecret/secretBackendConfigUrls.js.map +1 -1
- package/pkisecret/secretBackendCrlConfig.d.ts +1 -3
- package/pkisecret/secretBackendCrlConfig.js +1 -3
- package/pkisecret/secretBackendCrlConfig.js.map +1 -1
- package/pkisecret/secretBackendIntermediateCertRequest.d.ts +2 -4
- package/pkisecret/secretBackendIntermediateCertRequest.js +2 -4
- package/pkisecret/secretBackendIntermediateCertRequest.js.map +1 -1
- package/pkisecret/secretBackendIntermediateSetSigned.d.ts +5 -7
- package/pkisecret/secretBackendIntermediateSetSigned.js +5 -7
- package/pkisecret/secretBackendIntermediateSetSigned.js.map +1 -1
- package/pkisecret/secretBackendIssuer.d.ts +0 -2
- package/pkisecret/secretBackendIssuer.js +0 -2
- package/pkisecret/secretBackendIssuer.js.map +1 -1
- package/pkisecret/secretBackendRole.d.ts +1 -2
- package/pkisecret/secretBackendRole.js +1 -2
- package/pkisecret/secretBackendRole.js.map +1 -1
- package/pkisecret/secretBackendRootCert.d.ts +2 -4
- package/pkisecret/secretBackendRootCert.js +2 -4
- package/pkisecret/secretBackendRootCert.js.map +1 -1
- package/pkisecret/secretBackendRootSignIntermediate.d.ts +3 -5
- package/pkisecret/secretBackendRootSignIntermediate.js +3 -5
- package/pkisecret/secretBackendRootSignIntermediate.js.map +1 -1
- package/pkisecret/secretBackendSign.d.ts +3 -4
- package/pkisecret/secretBackendSign.js +3 -4
- package/pkisecret/secretBackendSign.js.map +1 -1
- package/provider.d.ts +0 -6
- package/provider.js.map +1 -1
- package/quotaLeaseCount.d.ts +2 -3
- package/quotaLeaseCount.js +2 -3
- package/quotaLeaseCount.js.map +1 -1
- package/quotaRateLimit.d.ts +1 -2
- package/quotaRateLimit.js +1 -2
- package/quotaRateLimit.js.map +1 -1
- package/rabbitmq/secretBackend.d.ts +1 -3
- package/rabbitmq/secretBackend.js +1 -3
- package/rabbitmq/secretBackend.js.map +1 -1
- package/rabbitmq/secretBackendRole.d.ts +1 -2
- package/rabbitmq/secretBackendRole.js +1 -2
- package/rabbitmq/secretBackendRole.js.map +1 -1
- package/raftAutopilot.d.ts +0 -2
- package/raftAutopilot.js +0 -2
- package/raftAutopilot.js.map +1 -1
- package/raftSnapshotAgentConfig.d.ts +44 -128
- package/raftSnapshotAgentConfig.js +8 -11
- package/raftSnapshotAgentConfig.js.map +1 -1
- package/rgpPolicy.d.ts +1 -3
- package/rgpPolicy.js +1 -3
- package/rgpPolicy.js.map +1 -1
- package/saml/authBackend.d.ts +3 -5
- package/saml/authBackend.js +3 -5
- package/saml/authBackend.js.map +1 -1
- package/saml/authBackendRole.d.ts +28 -77
- package/saml/authBackendRole.js +4 -5
- package/saml/authBackendRole.js.map +1 -1
- package/secrets/syncAssociation.d.ts +6 -5
- package/secrets/syncAssociation.js +6 -5
- package/secrets/syncAssociation.js.map +1 -1
- package/secrets/syncAwsDestination.d.ts +3 -4
- package/secrets/syncAwsDestination.js +3 -4
- package/secrets/syncAwsDestination.js.map +1 -1
- package/secrets/syncAzureDestination.d.ts +5 -6
- package/secrets/syncAzureDestination.js +5 -6
- package/secrets/syncAzureDestination.js.map +1 -1
- package/secrets/syncConfig.d.ts +1 -3
- package/secrets/syncConfig.js +1 -3
- package/secrets/syncConfig.js.map +1 -1
- package/secrets/syncGcpDestination.d.ts +5 -4
- package/secrets/syncGcpDestination.js +5 -4
- package/secrets/syncGcpDestination.js.map +1 -1
- package/secrets/syncGhDestination.d.ts +3 -4
- package/secrets/syncGhDestination.js +3 -4
- package/secrets/syncGhDestination.js.map +1 -1
- package/secrets/syncGithubApps.d.ts +6 -5
- package/secrets/syncGithubApps.js +6 -5
- package/secrets/syncGithubApps.js.map +1 -1
- package/secrets/syncVercelDestination.d.ts +3 -4
- package/secrets/syncVercelDestination.js +3 -4
- package/secrets/syncVercelDestination.js.map +1 -1
- package/ssh/secretBackendCa.d.ts +3 -5
- package/ssh/secretBackendCa.js +0 -2
- package/ssh/secretBackendCa.js.map +1 -1
- package/ssh/secretBackendRole.d.ts +2 -2
- package/ssh/secretBackendRole.js +2 -2
- package/terraformcloud/secretBackend.d.ts +0 -38
- package/terraformcloud/secretBackend.js +0 -2
- package/terraformcloud/secretBackend.js.map +1 -1
- package/terraformcloud/secretCreds.d.ts +1 -11
- package/terraformcloud/secretCreds.js +1 -2
- package/terraformcloud/secretCreds.js.map +1 -1
- package/terraformcloud/secretRole.d.ts +1 -47
- package/terraformcloud/secretRole.js +1 -2
- package/terraformcloud/secretRole.js.map +1 -1
- package/token.d.ts +6 -8
- package/token.js +6 -8
- package/token.js.map +1 -1
- package/tokenauth/authBackendRole.d.ts +28 -78
- package/tokenauth/authBackendRole.js +4 -6
- package/tokenauth/authBackendRole.js.map +1 -1
- package/transform/alphabet.d.ts +2 -3
- package/transform/alphabet.js +2 -3
- package/transform/alphabet.js.map +1 -1
- package/transform/getDecode.d.ts +4 -4
- package/transform/getDecode.js +4 -4
- package/transform/getEncode.d.ts +4 -4
- package/transform/getEncode.js +4 -4
- package/transform/role.d.ts +2 -3
- package/transform/role.js +2 -3
- package/transform/role.js.map +1 -1
- package/transform/template.d.ts +2 -2
- package/transform/template.js +2 -2
- package/transit/getDecrypt.d.ts +2 -30
- package/transit/getDecrypt.js +2 -6
- package/transit/getDecrypt.js.map +1 -1
- package/transit/getEncrypt.d.ts +0 -30
- package/transit/getEncrypt.js.map +1 -1
- package/transit/secretBackendKey.d.ts +4 -3
- package/transit/secretBackendKey.js +4 -3
- package/transit/secretBackendKey.js.map +1 -1
- package/transit/secretCacheConfig.d.ts +0 -2
- package/transit/secretCacheConfig.js +0 -2
- package/transit/secretCacheConfig.js.map +1 -1
- package/types/input.d.ts +310 -502
- package/types/output.d.ts +310 -490
- package/package.json.bak +0 -27
package/kmip/secretScope.d.ts
CHANGED
|
@@ -6,7 +6,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
6
6
|
*
|
|
7
7
|
* ## Example Usage
|
|
8
8
|
*
|
|
9
|
-
* <!--Start PulumiCodeChooser -->
|
|
10
9
|
* ```typescript
|
|
11
10
|
* import * as pulumi from "@pulumi/pulumi";
|
|
12
11
|
* import * as vault from "@pulumi/vault";
|
|
@@ -21,7 +20,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
21
20
|
* force: true,
|
|
22
21
|
* });
|
|
23
22
|
* ```
|
|
24
|
-
* <!--End PulumiCodeChooser -->
|
|
25
23
|
*
|
|
26
24
|
* ## Import
|
|
27
25
|
*
|
package/kmip/secretScope.js
CHANGED
|
@@ -12,7 +12,6 @@ const utilities = require("../utilities");
|
|
|
12
12
|
*
|
|
13
13
|
* ## Example Usage
|
|
14
14
|
*
|
|
15
|
-
* <!--Start PulumiCodeChooser -->
|
|
16
15
|
* ```typescript
|
|
17
16
|
* import * as pulumi from "@pulumi/pulumi";
|
|
18
17
|
* import * as vault from "@pulumi/vault";
|
|
@@ -27,7 +26,6 @@ const utilities = require("../utilities");
|
|
|
27
26
|
* force: true,
|
|
28
27
|
* });
|
|
29
28
|
* ```
|
|
30
|
-
* <!--End PulumiCodeChooser -->
|
|
31
29
|
*
|
|
32
30
|
* ## Import
|
|
33
31
|
*
|
package/kmip/secretScope.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretScope.js","sourceRoot":"","sources":["../../kmip/secretScope.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"secretScope.js","sourceRoot":"","sources":["../../kmip/secretScope.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;IAClD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwB,EAAE,IAAmC;QACtH,OAAO,IAAI,WAAW,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAClE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,YAAY,CAAC;IAC5D,CAAC;IA+BD,YAAY,IAAY,EAAE,WAAgD,EAAE,IAAmC;QAC3G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2C,CAAC;YAC1D,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;SAC7D;aAAM;YACH,MAAM,IAAI,GAAG,WAA0C,CAAC;YACxD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,WAAW,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAChE,CAAC;;AAjFL,kCAkFC;AApEG,gBAAgB;AACO,wBAAY,GAAG,oCAAoC,CAAC"}
|
|
@@ -6,7 +6,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
6
6
|
*
|
|
7
7
|
* ## Example Usage
|
|
8
8
|
*
|
|
9
|
-
* <!--Start PulumiCodeChooser -->
|
|
10
9
|
* ```typescript
|
|
11
10
|
* import * as pulumi from "@pulumi/pulumi";
|
|
12
11
|
* import * as vault from "@pulumi/vault";
|
|
@@ -23,7 +22,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
23
22
|
* disableIssValidation: true,
|
|
24
23
|
* });
|
|
25
24
|
* ```
|
|
26
|
-
* <!--End PulumiCodeChooser -->
|
|
27
25
|
*
|
|
28
26
|
* ## Import
|
|
29
27
|
*
|
|
@@ -12,7 +12,6 @@ const utilities = require("../utilities");
|
|
|
12
12
|
*
|
|
13
13
|
* ## Example Usage
|
|
14
14
|
*
|
|
15
|
-
* <!--Start PulumiCodeChooser -->
|
|
16
15
|
* ```typescript
|
|
17
16
|
* import * as pulumi from "@pulumi/pulumi";
|
|
18
17
|
* import * as vault from "@pulumi/vault";
|
|
@@ -29,7 +28,6 @@ const utilities = require("../utilities");
|
|
|
29
28
|
* disableIssValidation: true,
|
|
30
29
|
* });
|
|
31
30
|
* ```
|
|
32
|
-
* <!--End PulumiCodeChooser -->
|
|
33
31
|
*
|
|
34
32
|
* ## Import
|
|
35
33
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authBackendConfig.js","sourceRoot":"","sources":["../../kubernetes/authBackendConfig.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"authBackendConfig.js","sourceRoot":"","sources":["../../kubernetes/authBackendConfig.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IAkDD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;SACnF;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC3D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aACjE;YACD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,kBAAkB,CAAC,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,gBAAgB,EAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;SAClH;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACrE,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA7GL,8CA8GC;AAhGG,gBAAgB;AACO,8BAAY,GAAG,sDAAsD,CAAC"}
|
|
@@ -6,7 +6,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
6
6
|
*
|
|
7
7
|
* ## Example Usage
|
|
8
8
|
*
|
|
9
|
-
* <!--Start PulumiCodeChooser -->
|
|
10
9
|
* ```typescript
|
|
11
10
|
* import * as pulumi from "@pulumi/pulumi";
|
|
12
11
|
* import * as vault from "@pulumi/vault";
|
|
@@ -26,7 +25,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
26
25
|
* audience: "vault",
|
|
27
26
|
* });
|
|
28
27
|
* ```
|
|
29
|
-
* <!--End PulumiCodeChooser -->
|
|
30
28
|
*
|
|
31
29
|
* ## Import
|
|
32
30
|
*
|
|
@@ -89,43 +87,31 @@ export declare class AuthBackendRole extends pulumi.CustomResource {
|
|
|
89
87
|
*/
|
|
90
88
|
readonly roleName: pulumi.Output<string>;
|
|
91
89
|
/**
|
|
92
|
-
*
|
|
93
|
-
* addresses which can authenticate successfully, and ties the resulting token to these blocks
|
|
94
|
-
* as well.
|
|
90
|
+
* Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
95
91
|
*/
|
|
96
92
|
readonly tokenBoundCidrs: pulumi.Output<string[] | undefined>;
|
|
97
93
|
/**
|
|
98
|
-
*
|
|
99
|
-
* [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
|
|
100
|
-
* onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
|
|
101
|
-
* `tokenMaxTtl` would otherwise allow a renewal.
|
|
94
|
+
* Generated Token's Explicit Maximum TTL in seconds
|
|
102
95
|
*/
|
|
103
96
|
readonly tokenExplicitMaxTtl: pulumi.Output<number | undefined>;
|
|
104
97
|
/**
|
|
105
|
-
* The maximum lifetime
|
|
106
|
-
* Its current value will be referenced at renewal time.
|
|
98
|
+
* The maximum lifetime of the generated token
|
|
107
99
|
*/
|
|
108
100
|
readonly tokenMaxTtl: pulumi.Output<number | undefined>;
|
|
109
101
|
/**
|
|
110
|
-
* If
|
|
111
|
-
* generated tokens; otherwise it will be added to the policies set in token_policies.
|
|
102
|
+
* If true, the 'default' policy will not automatically be added to generated tokens
|
|
112
103
|
*/
|
|
113
104
|
readonly tokenNoDefaultPolicy: pulumi.Output<boolean | undefined>;
|
|
114
105
|
/**
|
|
115
|
-
* The
|
|
116
|
-
* of times a generated token may be used (within its lifetime); 0 means unlimited.
|
|
106
|
+
* The maximum number of times a token may be used, a value of zero means unlimited
|
|
117
107
|
*/
|
|
118
108
|
readonly tokenNumUses: pulumi.Output<number | undefined>;
|
|
119
109
|
/**
|
|
120
|
-
*
|
|
121
|
-
* token generated using this role should never expire. The token should be renewed within the
|
|
122
|
-
* duration specified by this value. At each renewal, the token's TTL will be set to the
|
|
123
|
-
* value of this field. Specified in seconds.
|
|
110
|
+
* Generated Token's Period
|
|
124
111
|
*/
|
|
125
112
|
readonly tokenPeriod: pulumi.Output<number | undefined>;
|
|
126
113
|
/**
|
|
127
|
-
*
|
|
128
|
-
* on the auth method, this list may be supplemented by user/group/other values.
|
|
114
|
+
* Generated Token's Policies
|
|
129
115
|
*/
|
|
130
116
|
readonly tokenPolicies: pulumi.Output<string[] | undefined>;
|
|
131
117
|
/**
|
|
@@ -133,11 +119,7 @@ export declare class AuthBackendRole extends pulumi.CustomResource {
|
|
|
133
119
|
*/
|
|
134
120
|
readonly tokenTtl: pulumi.Output<number | undefined>;
|
|
135
121
|
/**
|
|
136
|
-
* The type of token
|
|
137
|
-
* `batch`, or `default` to use the mount's tuned default (which unless changed will be
|
|
138
|
-
* `service` tokens). For token store roles, there are two additional possibilities:
|
|
139
|
-
* `default-service` and `default-batch` which specify the type to return unless the client
|
|
140
|
-
* requests a different type at generation time.
|
|
122
|
+
* The type of token to generate, service or batch
|
|
141
123
|
*/
|
|
142
124
|
readonly tokenType: pulumi.Output<string | undefined>;
|
|
143
125
|
/**
|
|
@@ -190,43 +172,31 @@ export interface AuthBackendRoleState {
|
|
|
190
172
|
*/
|
|
191
173
|
roleName?: pulumi.Input<string>;
|
|
192
174
|
/**
|
|
193
|
-
*
|
|
194
|
-
* addresses which can authenticate successfully, and ties the resulting token to these blocks
|
|
195
|
-
* as well.
|
|
175
|
+
* Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
196
176
|
*/
|
|
197
177
|
tokenBoundCidrs?: pulumi.Input<pulumi.Input<string>[]>;
|
|
198
178
|
/**
|
|
199
|
-
*
|
|
200
|
-
* [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
|
|
201
|
-
* onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
|
|
202
|
-
* `tokenMaxTtl` would otherwise allow a renewal.
|
|
179
|
+
* Generated Token's Explicit Maximum TTL in seconds
|
|
203
180
|
*/
|
|
204
181
|
tokenExplicitMaxTtl?: pulumi.Input<number>;
|
|
205
182
|
/**
|
|
206
|
-
* The maximum lifetime
|
|
207
|
-
* Its current value will be referenced at renewal time.
|
|
183
|
+
* The maximum lifetime of the generated token
|
|
208
184
|
*/
|
|
209
185
|
tokenMaxTtl?: pulumi.Input<number>;
|
|
210
186
|
/**
|
|
211
|
-
* If
|
|
212
|
-
* generated tokens; otherwise it will be added to the policies set in token_policies.
|
|
187
|
+
* If true, the 'default' policy will not automatically be added to generated tokens
|
|
213
188
|
*/
|
|
214
189
|
tokenNoDefaultPolicy?: pulumi.Input<boolean>;
|
|
215
190
|
/**
|
|
216
|
-
* The
|
|
217
|
-
* of times a generated token may be used (within its lifetime); 0 means unlimited.
|
|
191
|
+
* The maximum number of times a token may be used, a value of zero means unlimited
|
|
218
192
|
*/
|
|
219
193
|
tokenNumUses?: pulumi.Input<number>;
|
|
220
194
|
/**
|
|
221
|
-
*
|
|
222
|
-
* token generated using this role should never expire. The token should be renewed within the
|
|
223
|
-
* duration specified by this value. At each renewal, the token's TTL will be set to the
|
|
224
|
-
* value of this field. Specified in seconds.
|
|
195
|
+
* Generated Token's Period
|
|
225
196
|
*/
|
|
226
197
|
tokenPeriod?: pulumi.Input<number>;
|
|
227
198
|
/**
|
|
228
|
-
*
|
|
229
|
-
* on the auth method, this list may be supplemented by user/group/other values.
|
|
199
|
+
* Generated Token's Policies
|
|
230
200
|
*/
|
|
231
201
|
tokenPolicies?: pulumi.Input<pulumi.Input<string>[]>;
|
|
232
202
|
/**
|
|
@@ -234,11 +204,7 @@ export interface AuthBackendRoleState {
|
|
|
234
204
|
*/
|
|
235
205
|
tokenTtl?: pulumi.Input<number>;
|
|
236
206
|
/**
|
|
237
|
-
* The type of token
|
|
238
|
-
* `batch`, or `default` to use the mount's tuned default (which unless changed will be
|
|
239
|
-
* `service` tokens). For token store roles, there are two additional possibilities:
|
|
240
|
-
* `default-service` and `default-batch` which specify the type to return unless the client
|
|
241
|
-
* requests a different type at generation time.
|
|
207
|
+
* The type of token to generate, service or batch
|
|
242
208
|
*/
|
|
243
209
|
tokenType?: pulumi.Input<string>;
|
|
244
210
|
}
|
|
@@ -283,43 +249,31 @@ export interface AuthBackendRoleArgs {
|
|
|
283
249
|
*/
|
|
284
250
|
roleName: pulumi.Input<string>;
|
|
285
251
|
/**
|
|
286
|
-
*
|
|
287
|
-
* addresses which can authenticate successfully, and ties the resulting token to these blocks
|
|
288
|
-
* as well.
|
|
252
|
+
* Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
289
253
|
*/
|
|
290
254
|
tokenBoundCidrs?: pulumi.Input<pulumi.Input<string>[]>;
|
|
291
255
|
/**
|
|
292
|
-
*
|
|
293
|
-
* [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
|
|
294
|
-
* onto the token in number of seconds. This is a hard cap even if `tokenTtl` and
|
|
295
|
-
* `tokenMaxTtl` would otherwise allow a renewal.
|
|
256
|
+
* Generated Token's Explicit Maximum TTL in seconds
|
|
296
257
|
*/
|
|
297
258
|
tokenExplicitMaxTtl?: pulumi.Input<number>;
|
|
298
259
|
/**
|
|
299
|
-
* The maximum lifetime
|
|
300
|
-
* Its current value will be referenced at renewal time.
|
|
260
|
+
* The maximum lifetime of the generated token
|
|
301
261
|
*/
|
|
302
262
|
tokenMaxTtl?: pulumi.Input<number>;
|
|
303
263
|
/**
|
|
304
|
-
* If
|
|
305
|
-
* generated tokens; otherwise it will be added to the policies set in token_policies.
|
|
264
|
+
* If true, the 'default' policy will not automatically be added to generated tokens
|
|
306
265
|
*/
|
|
307
266
|
tokenNoDefaultPolicy?: pulumi.Input<boolean>;
|
|
308
267
|
/**
|
|
309
|
-
* The
|
|
310
|
-
* of times a generated token may be used (within its lifetime); 0 means unlimited.
|
|
268
|
+
* The maximum number of times a token may be used, a value of zero means unlimited
|
|
311
269
|
*/
|
|
312
270
|
tokenNumUses?: pulumi.Input<number>;
|
|
313
271
|
/**
|
|
314
|
-
*
|
|
315
|
-
* token generated using this role should never expire. The token should be renewed within the
|
|
316
|
-
* duration specified by this value. At each renewal, the token's TTL will be set to the
|
|
317
|
-
* value of this field. Specified in seconds.
|
|
272
|
+
* Generated Token's Period
|
|
318
273
|
*/
|
|
319
274
|
tokenPeriod?: pulumi.Input<number>;
|
|
320
275
|
/**
|
|
321
|
-
*
|
|
322
|
-
* on the auth method, this list may be supplemented by user/group/other values.
|
|
276
|
+
* Generated Token's Policies
|
|
323
277
|
*/
|
|
324
278
|
tokenPolicies?: pulumi.Input<pulumi.Input<string>[]>;
|
|
325
279
|
/**
|
|
@@ -327,11 +281,7 @@ export interface AuthBackendRoleArgs {
|
|
|
327
281
|
*/
|
|
328
282
|
tokenTtl?: pulumi.Input<number>;
|
|
329
283
|
/**
|
|
330
|
-
* The type of token
|
|
331
|
-
* `batch`, or `default` to use the mount's tuned default (which unless changed will be
|
|
332
|
-
* `service` tokens). For token store roles, there are two additional possibilities:
|
|
333
|
-
* `default-service` and `default-batch` which specify the type to return unless the client
|
|
334
|
-
* requests a different type at generation time.
|
|
284
|
+
* The type of token to generate, service or batch
|
|
335
285
|
*/
|
|
336
286
|
tokenType?: pulumi.Input<string>;
|
|
337
287
|
}
|
|
@@ -12,7 +12,6 @@ const utilities = require("../utilities");
|
|
|
12
12
|
*
|
|
13
13
|
* ## Example Usage
|
|
14
14
|
*
|
|
15
|
-
* <!--Start PulumiCodeChooser -->
|
|
16
15
|
* ```typescript
|
|
17
16
|
* import * as pulumi from "@pulumi/pulumi";
|
|
18
17
|
* import * as vault from "@pulumi/vault";
|
|
@@ -32,7 +31,6 @@ const utilities = require("../utilities");
|
|
|
32
31
|
* audience: "vault",
|
|
33
32
|
* });
|
|
34
33
|
* ```
|
|
35
|
-
* <!--End PulumiCodeChooser -->
|
|
36
34
|
*
|
|
37
35
|
* ## Import
|
|
38
36
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authBackendRole.js","sourceRoot":"","sources":["../../kubernetes/authBackendRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"authBackendRole.js","sourceRoot":"","sources":["../../kubernetes/authBackendRole.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,MAAa,eAAgB,SAAQ,MAAM,CAAC,cAAc;IACtD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA4B,EAAE,IAAmC;QAC1H,OAAO,IAAI,eAAe,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACtE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,eAAe,CAAC,YAAY,CAAC;IAChE,CAAC;IAmFD,YAAY,IAAY,EAAE,WAAwD,EAAE,IAAmC;QACnH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA+C,CAAC;YAC9D,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChG,cAAc,CAAC,+BAA+B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1G,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACrE;aAAM;YACH,MAAM,IAAI,GAAG,WAA8C,CAAC;YAC5D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,wBAAwB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrE,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;aAC3E;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,6BAA6B,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1E,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,+BAA+B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,CAAC,SAAS,CAAC;YACxG,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACpE,CAAC;;AAhKL,0CAiKC;AAnJG,gBAAgB;AACO,4BAAY,GAAG,kDAAkD,CAAC"}
|
|
@@ -2,22 +2,26 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
2
2
|
/**
|
|
3
3
|
* ## Example Usage
|
|
4
4
|
*
|
|
5
|
-
* <!--Start PulumiCodeChooser -->
|
|
6
5
|
* ```typescript
|
|
7
6
|
* import * as pulumi from "@pulumi/pulumi";
|
|
8
|
-
* import * as
|
|
7
|
+
* import * as std from "@pulumi/std";
|
|
9
8
|
* import * as vault from "@pulumi/vault";
|
|
10
9
|
*
|
|
11
10
|
* const config = new vault.kubernetes.SecretBackend("config", {
|
|
12
11
|
* path: "kubernetes",
|
|
13
12
|
* description: "kubernetes secrets engine description",
|
|
14
13
|
* kubernetesHost: "https://127.0.0.1:61233",
|
|
15
|
-
* kubernetesCaCert:
|
|
16
|
-
*
|
|
14
|
+
* kubernetesCaCert: std.file({
|
|
15
|
+
* input: "/path/to/cert",
|
|
16
|
+
* }).then(invoke => invoke.result),
|
|
17
|
+
* serviceAccountJwt: std.file({
|
|
18
|
+
* input: "/path/to/token",
|
|
19
|
+
* }).then(invoke => invoke.result),
|
|
17
20
|
* disableLocalCaJwt: false,
|
|
18
21
|
* });
|
|
19
22
|
* const role = new vault.kubernetes.SecretBackendRole("role", {
|
|
20
23
|
* backend: config.path,
|
|
24
|
+
* name: "service-account-name-role",
|
|
21
25
|
* allowedKubernetesNamespaces: ["*"],
|
|
22
26
|
* tokenMaxTtl: 43200,
|
|
23
27
|
* tokenDefaultTtl: 21600,
|
|
@@ -39,7 +43,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
39
43
|
* ttl: "1h",
|
|
40
44
|
* });
|
|
41
45
|
* ```
|
|
42
|
-
* <!--End PulumiCodeChooser -->
|
|
43
46
|
*/
|
|
44
47
|
export declare function getServiceAccountToken(args: GetServiceAccountTokenArgs, opts?: pulumi.InvokeOptions): Promise<GetServiceAccountTokenResult>;
|
|
45
48
|
/**
|
|
@@ -121,22 +124,26 @@ export interface GetServiceAccountTokenResult {
|
|
|
121
124
|
/**
|
|
122
125
|
* ## Example Usage
|
|
123
126
|
*
|
|
124
|
-
* <!--Start PulumiCodeChooser -->
|
|
125
127
|
* ```typescript
|
|
126
128
|
* import * as pulumi from "@pulumi/pulumi";
|
|
127
|
-
* import * as
|
|
129
|
+
* import * as std from "@pulumi/std";
|
|
128
130
|
* import * as vault from "@pulumi/vault";
|
|
129
131
|
*
|
|
130
132
|
* const config = new vault.kubernetes.SecretBackend("config", {
|
|
131
133
|
* path: "kubernetes",
|
|
132
134
|
* description: "kubernetes secrets engine description",
|
|
133
135
|
* kubernetesHost: "https://127.0.0.1:61233",
|
|
134
|
-
* kubernetesCaCert:
|
|
135
|
-
*
|
|
136
|
+
* kubernetesCaCert: std.file({
|
|
137
|
+
* input: "/path/to/cert",
|
|
138
|
+
* }).then(invoke => invoke.result),
|
|
139
|
+
* serviceAccountJwt: std.file({
|
|
140
|
+
* input: "/path/to/token",
|
|
141
|
+
* }).then(invoke => invoke.result),
|
|
136
142
|
* disableLocalCaJwt: false,
|
|
137
143
|
* });
|
|
138
144
|
* const role = new vault.kubernetes.SecretBackendRole("role", {
|
|
139
145
|
* backend: config.path,
|
|
146
|
+
* name: "service-account-name-role",
|
|
140
147
|
* allowedKubernetesNamespaces: ["*"],
|
|
141
148
|
* tokenMaxTtl: 43200,
|
|
142
149
|
* tokenDefaultTtl: 21600,
|
|
@@ -158,7 +165,6 @@ export interface GetServiceAccountTokenResult {
|
|
|
158
165
|
* ttl: "1h",
|
|
159
166
|
* });
|
|
160
167
|
* ```
|
|
161
|
-
* <!--End PulumiCodeChooser -->
|
|
162
168
|
*/
|
|
163
169
|
export declare function getServiceAccountTokenOutput(args: GetServiceAccountTokenOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output<GetServiceAccountTokenResult>;
|
|
164
170
|
/**
|
|
@@ -8,22 +8,26 @@ const utilities = require("../utilities");
|
|
|
8
8
|
/**
|
|
9
9
|
* ## Example Usage
|
|
10
10
|
*
|
|
11
|
-
* <!--Start PulumiCodeChooser -->
|
|
12
11
|
* ```typescript
|
|
13
12
|
* import * as pulumi from "@pulumi/pulumi";
|
|
14
|
-
* import * as
|
|
13
|
+
* import * as std from "@pulumi/std";
|
|
15
14
|
* import * as vault from "@pulumi/vault";
|
|
16
15
|
*
|
|
17
16
|
* const config = new vault.kubernetes.SecretBackend("config", {
|
|
18
17
|
* path: "kubernetes",
|
|
19
18
|
* description: "kubernetes secrets engine description",
|
|
20
19
|
* kubernetesHost: "https://127.0.0.1:61233",
|
|
21
|
-
* kubernetesCaCert:
|
|
22
|
-
*
|
|
20
|
+
* kubernetesCaCert: std.file({
|
|
21
|
+
* input: "/path/to/cert",
|
|
22
|
+
* }).then(invoke => invoke.result),
|
|
23
|
+
* serviceAccountJwt: std.file({
|
|
24
|
+
* input: "/path/to/token",
|
|
25
|
+
* }).then(invoke => invoke.result),
|
|
23
26
|
* disableLocalCaJwt: false,
|
|
24
27
|
* });
|
|
25
28
|
* const role = new vault.kubernetes.SecretBackendRole("role", {
|
|
26
29
|
* backend: config.path,
|
|
30
|
+
* name: "service-account-name-role",
|
|
27
31
|
* allowedKubernetesNamespaces: ["*"],
|
|
28
32
|
* tokenMaxTtl: 43200,
|
|
29
33
|
* tokenDefaultTtl: 21600,
|
|
@@ -45,7 +49,6 @@ const utilities = require("../utilities");
|
|
|
45
49
|
* ttl: "1h",
|
|
46
50
|
* });
|
|
47
51
|
* ```
|
|
48
|
-
* <!--End PulumiCodeChooser -->
|
|
49
52
|
*/
|
|
50
53
|
function getServiceAccountToken(args, opts) {
|
|
51
54
|
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {});
|
|
@@ -62,22 +65,26 @@ exports.getServiceAccountToken = getServiceAccountToken;
|
|
|
62
65
|
/**
|
|
63
66
|
* ## Example Usage
|
|
64
67
|
*
|
|
65
|
-
* <!--Start PulumiCodeChooser -->
|
|
66
68
|
* ```typescript
|
|
67
69
|
* import * as pulumi from "@pulumi/pulumi";
|
|
68
|
-
* import * as
|
|
70
|
+
* import * as std from "@pulumi/std";
|
|
69
71
|
* import * as vault from "@pulumi/vault";
|
|
70
72
|
*
|
|
71
73
|
* const config = new vault.kubernetes.SecretBackend("config", {
|
|
72
74
|
* path: "kubernetes",
|
|
73
75
|
* description: "kubernetes secrets engine description",
|
|
74
76
|
* kubernetesHost: "https://127.0.0.1:61233",
|
|
75
|
-
* kubernetesCaCert:
|
|
76
|
-
*
|
|
77
|
+
* kubernetesCaCert: std.file({
|
|
78
|
+
* input: "/path/to/cert",
|
|
79
|
+
* }).then(invoke => invoke.result),
|
|
80
|
+
* serviceAccountJwt: std.file({
|
|
81
|
+
* input: "/path/to/token",
|
|
82
|
+
* }).then(invoke => invoke.result),
|
|
77
83
|
* disableLocalCaJwt: false,
|
|
78
84
|
* });
|
|
79
85
|
* const role = new vault.kubernetes.SecretBackendRole("role", {
|
|
80
86
|
* backend: config.path,
|
|
87
|
+
* name: "service-account-name-role",
|
|
81
88
|
* allowedKubernetesNamespaces: ["*"],
|
|
82
89
|
* tokenMaxTtl: 43200,
|
|
83
90
|
* tokenDefaultTtl: 21600,
|
|
@@ -99,7 +106,6 @@ exports.getServiceAccountToken = getServiceAccountToken;
|
|
|
99
106
|
* ttl: "1h",
|
|
100
107
|
* });
|
|
101
108
|
* ```
|
|
102
|
-
* <!--End PulumiCodeChooser -->
|
|
103
109
|
*/
|
|
104
110
|
function getServiceAccountTokenOutput(args, opts) {
|
|
105
111
|
return pulumi.output(args).apply((a) => getServiceAccountToken(a, opts));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getServiceAccountToken.js","sourceRoot":"","sources":["../../kubernetes/getServiceAccountToken.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"getServiceAccountToken.js","sourceRoot":"","sources":["../../kubernetes/getServiceAccountToken.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,SAAgB,sBAAsB,CAAC,IAAgC,EAAE,IAA2B;IAEhG,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,gEAAgE,EAAE;QAC3F,SAAS,EAAE,IAAI,CAAC,OAAO;QACvB,oBAAoB,EAAE,IAAI,CAAC,kBAAkB;QAC7C,qBAAqB,EAAE,IAAI,CAAC,mBAAmB;QAC/C,WAAW,EAAE,IAAI,CAAC,SAAS;QAC3B,MAAM,EAAE,IAAI,CAAC,IAAI;QACjB,KAAK,EAAE,IAAI,CAAC,GAAG;KAClB,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAXD,wDAWC;AA+ED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,SAAgB,4BAA4B,CAAC,IAAsC,EAAE,IAA2B;IAC5G,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,sBAAsB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;AACjF,CAAC;AAFD,oEAEC"}
|
|
@@ -2,10 +2,9 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
2
2
|
/**
|
|
3
3
|
* ## Example Usage
|
|
4
4
|
*
|
|
5
|
-
* <!--Start PulumiCodeChooser -->
|
|
6
5
|
* ```typescript
|
|
7
6
|
* import * as pulumi from "@pulumi/pulumi";
|
|
8
|
-
* import * as
|
|
7
|
+
* import * as std from "@pulumi/std";
|
|
9
8
|
* import * as vault from "@pulumi/vault";
|
|
10
9
|
*
|
|
11
10
|
* const config = new vault.kubernetes.SecretBackend("config", {
|
|
@@ -14,12 +13,15 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
14
13
|
* defaultLeaseTtlSeconds: 43200,
|
|
15
14
|
* maxLeaseTtlSeconds: 86400,
|
|
16
15
|
* kubernetesHost: "https://127.0.0.1:61233",
|
|
17
|
-
* kubernetesCaCert:
|
|
18
|
-
*
|
|
16
|
+
* kubernetesCaCert: std.file({
|
|
17
|
+
* input: "/path/to/cert",
|
|
18
|
+
* }).then(invoke => invoke.result),
|
|
19
|
+
* serviceAccountJwt: std.file({
|
|
20
|
+
* input: "/path/to/token",
|
|
21
|
+
* }).then(invoke => invoke.result),
|
|
19
22
|
* disableLocalCaJwt: false,
|
|
20
23
|
* });
|
|
21
24
|
* ```
|
|
22
|
-
* <!--End PulumiCodeChooser -->
|
|
23
25
|
*
|
|
24
26
|
* ## Import
|
|
25
27
|
*
|
|
@@ -8,10 +8,9 @@ const utilities = require("../utilities");
|
|
|
8
8
|
/**
|
|
9
9
|
* ## Example Usage
|
|
10
10
|
*
|
|
11
|
-
* <!--Start PulumiCodeChooser -->
|
|
12
11
|
* ```typescript
|
|
13
12
|
* import * as pulumi from "@pulumi/pulumi";
|
|
14
|
-
* import * as
|
|
13
|
+
* import * as std from "@pulumi/std";
|
|
15
14
|
* import * as vault from "@pulumi/vault";
|
|
16
15
|
*
|
|
17
16
|
* const config = new vault.kubernetes.SecretBackend("config", {
|
|
@@ -20,12 +19,15 @@ const utilities = require("../utilities");
|
|
|
20
19
|
* defaultLeaseTtlSeconds: 43200,
|
|
21
20
|
* maxLeaseTtlSeconds: 86400,
|
|
22
21
|
* kubernetesHost: "https://127.0.0.1:61233",
|
|
23
|
-
* kubernetesCaCert:
|
|
24
|
-
*
|
|
22
|
+
* kubernetesCaCert: std.file({
|
|
23
|
+
* input: "/path/to/cert",
|
|
24
|
+
* }).then(invoke => invoke.result),
|
|
25
|
+
* serviceAccountJwt: std.file({
|
|
26
|
+
* input: "/path/to/token",
|
|
27
|
+
* }).then(invoke => invoke.result),
|
|
25
28
|
* disableLocalCaJwt: false,
|
|
26
29
|
* });
|
|
27
30
|
* ```
|
|
28
|
-
* <!--End PulumiCodeChooser -->
|
|
29
31
|
*
|
|
30
32
|
* ## Import
|
|
31
33
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretBackend.js","sourceRoot":"","sources":["../../kubernetes/secretBackend.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"secretBackend.js","sourceRoot":"","sources":["../../kubernetes/secretBackend.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,MAAa,aAAc,SAAQ,MAAM,CAAC,cAAc;IACpD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA0B,EAAE,IAAmC;QACxH,OAAO,IAAI,aAAa,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACpE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,aAAa,CAAC,YAAY,CAAC;IAC9D,CAAC;IA0FD,YAAY,IAAY,EAAE,WAAoD,EAAE,IAAmC;QAC/G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA6C,CAAC;YAC5D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChG,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;SACrF;aAAM;YACH,MAAM,IAAI,GAAG,WAA4C,CAAC;YAC1D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,mBAAmB,CAAC,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,iBAAiB,EAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAClH,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAClD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,mBAAmB,CAAC,EAAE,CAAC;QACtE,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAClE,CAAC;;AArKL,sCAsKC;AAxJG,gBAAgB;AACO,0BAAY,GAAG,8CAA8C,CAAC"}
|