@pulumi/vault 7.4.0-alpha.1761895342 → 7.4.0-alpha.1762355663
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/aws/authBackendClient.d.ts +22 -0
- package/aws/authBackendClient.js +6 -0
- package/aws/authBackendClient.js.map +1 -1
- package/aws/secretBackend.d.ts +12 -0
- package/aws/secretBackend.js +2 -0
- package/aws/secretBackend.js.map +1 -1
- package/aws/secretBackendRole.d.ts +17 -5
- package/aws/secretBackendRole.js +7 -5
- package/aws/secretBackendRole.js.map +1 -1
- package/azure/authBackendConfig.d.ts +45 -0
- package/azure/authBackendConfig.js +6 -0
- package/azure/authBackendConfig.js.map +1 -1
- package/azure/backend.d.ts +3 -3
- package/azure/backendRole.d.ts +12 -0
- package/azure/backendRole.js +2 -0
- package/azure/backendRole.js.map +1 -1
- package/gcp/authBackend.d.ts +48 -0
- package/gcp/authBackend.js +8 -0
- package/gcp/authBackend.js.map +1 -1
- package/gcp/authBackendRole.d.ts +12 -0
- package/gcp/authBackendRole.js +2 -0
- package/gcp/authBackendRole.js.map +1 -1
- package/gcp/secretBackend.d.ts +24 -0
- package/gcp/secretBackend.js +4 -0
- package/gcp/secretBackend.js.map +1 -1
- package/generic/endpoint.d.ts +5 -5
- package/generic/endpoint.js +5 -5
- package/kubernetes/secretBackendRole.d.ts +3 -3
- package/kubernetes/secretBackendRole.js +3 -3
- package/ldap/authBackend.d.ts +78 -3
- package/ldap/authBackend.js +14 -0
- package/ldap/authBackend.js.map +1 -1
- package/managed/keys.d.ts +43 -0
- package/managed/keys.js +43 -0
- package/managed/keys.js.map +1 -1
- package/okta/authBackend.d.ts +3 -0
- package/okta/authBackend.js +2 -0
- package/okta/authBackend.js.map +1 -1
- package/package.json +2 -2
- package/pkisecret/backendConfigCmpv2.d.ts +66 -0
- package/pkisecret/backendConfigCmpv2.js +66 -0
- package/pkisecret/backendConfigCmpv2.js.map +1 -1
- package/pkisecret/backendConfigEst.d.ts +76 -0
- package/pkisecret/backendConfigEst.js +76 -0
- package/pkisecret/backendConfigEst.js.map +1 -1
- package/raftSnapshotAgentConfig.d.ts +0 -24
- package/raftSnapshotAgentConfig.js +0 -24
- package/raftSnapshotAgentConfig.js.map +1 -1
- package/saml/authBackend.d.ts +20 -0
- package/saml/authBackend.js +2 -0
- package/saml/authBackend.js.map +1 -1
- package/terraformcloud/secretBackend.d.ts +24 -0
- package/terraformcloud/secretBackend.js +5 -1
- package/terraformcloud/secretBackend.js.map +1 -1
- package/terraformcloud/secretRole.d.ts +15 -0
- package/terraformcloud/secretRole.js +4 -0
- package/terraformcloud/secretRole.js.map +1 -1
- package/types/input.d.ts +126 -0
- package/types/output.d.ts +126 -0
|
@@ -28,6 +28,10 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
28
28
|
* secretKey: "INSERT_AWS_SECRET_KEY",
|
|
29
29
|
* rotationSchedule: "0 * * * SAT",
|
|
30
30
|
* rotationWindow: 3600,
|
|
31
|
+
* allowedStsHeaderValues: [
|
|
32
|
+
* "X-Custom-Header",
|
|
33
|
+
* "X-Another-Header",
|
|
34
|
+
* ],
|
|
31
35
|
* });
|
|
32
36
|
* ```
|
|
33
37
|
*
|
|
@@ -60,6 +64,12 @@ export declare class AuthBackendClient extends pulumi.CustomResource {
|
|
|
60
64
|
* auth backend. Mutually exclusive with `identityTokenAudience`.
|
|
61
65
|
*/
|
|
62
66
|
readonly accessKey: pulumi.Output<string | undefined>;
|
|
67
|
+
/**
|
|
68
|
+
* List of additional headers that are allowed to be in STS request headers.
|
|
69
|
+
* The headers are automatically canonicalized (e.g., `content-type` becomes `Content-Type`). Duplicate values are automatically
|
|
70
|
+
* removed. This can be useful when you need to allow specific headers in STS requests for IAM-based authentication.
|
|
71
|
+
*/
|
|
72
|
+
readonly allowedStsHeaderValues: pulumi.Output<string[] | undefined>;
|
|
63
73
|
/**
|
|
64
74
|
* The path the AWS auth backend being configured was
|
|
65
75
|
* mounted at. Defaults to `aws`.
|
|
@@ -169,6 +179,12 @@ export interface AuthBackendClientState {
|
|
|
169
179
|
* auth backend. Mutually exclusive with `identityTokenAudience`.
|
|
170
180
|
*/
|
|
171
181
|
accessKey?: pulumi.Input<string>;
|
|
182
|
+
/**
|
|
183
|
+
* List of additional headers that are allowed to be in STS request headers.
|
|
184
|
+
* The headers are automatically canonicalized (e.g., `content-type` becomes `Content-Type`). Duplicate values are automatically
|
|
185
|
+
* removed. This can be useful when you need to allow specific headers in STS requests for IAM-based authentication.
|
|
186
|
+
*/
|
|
187
|
+
allowedStsHeaderValues?: pulumi.Input<pulumi.Input<string>[]>;
|
|
172
188
|
/**
|
|
173
189
|
* The path the AWS auth backend being configured was
|
|
174
190
|
* mounted at. Defaults to `aws`.
|
|
@@ -270,6 +286,12 @@ export interface AuthBackendClientArgs {
|
|
|
270
286
|
* auth backend. Mutually exclusive with `identityTokenAudience`.
|
|
271
287
|
*/
|
|
272
288
|
accessKey?: pulumi.Input<string>;
|
|
289
|
+
/**
|
|
290
|
+
* List of additional headers that are allowed to be in STS request headers.
|
|
291
|
+
* The headers are automatically canonicalized (e.g., `content-type` becomes `Content-Type`). Duplicate values are automatically
|
|
292
|
+
* removed. This can be useful when you need to allow specific headers in STS requests for IAM-based authentication.
|
|
293
|
+
*/
|
|
294
|
+
allowedStsHeaderValues?: pulumi.Input<pulumi.Input<string>[]>;
|
|
273
295
|
/**
|
|
274
296
|
* The path the AWS auth backend being configured was
|
|
275
297
|
* mounted at. Defaults to `aws`.
|
package/aws/authBackendClient.js
CHANGED
|
@@ -34,6 +34,10 @@ const utilities = require("../utilities");
|
|
|
34
34
|
* secretKey: "INSERT_AWS_SECRET_KEY",
|
|
35
35
|
* rotationSchedule: "0 * * * SAT",
|
|
36
36
|
* rotationWindow: 3600,
|
|
37
|
+
* allowedStsHeaderValues: [
|
|
38
|
+
* "X-Custom-Header",
|
|
39
|
+
* "X-Another-Header",
|
|
40
|
+
* ],
|
|
37
41
|
* });
|
|
38
42
|
* ```
|
|
39
43
|
*
|
|
@@ -74,6 +78,7 @@ class AuthBackendClient extends pulumi.CustomResource {
|
|
|
74
78
|
if (opts.id) {
|
|
75
79
|
const state = argsOrState;
|
|
76
80
|
resourceInputs["accessKey"] = state?.accessKey;
|
|
81
|
+
resourceInputs["allowedStsHeaderValues"] = state?.allowedStsHeaderValues;
|
|
77
82
|
resourceInputs["backend"] = state?.backend;
|
|
78
83
|
resourceInputs["disableAutomatedRotation"] = state?.disableAutomatedRotation;
|
|
79
84
|
resourceInputs["ec2Endpoint"] = state?.ec2Endpoint;
|
|
@@ -95,6 +100,7 @@ class AuthBackendClient extends pulumi.CustomResource {
|
|
|
95
100
|
else {
|
|
96
101
|
const args = argsOrState;
|
|
97
102
|
resourceInputs["accessKey"] = args?.accessKey ? pulumi.secret(args.accessKey) : undefined;
|
|
103
|
+
resourceInputs["allowedStsHeaderValues"] = args?.allowedStsHeaderValues;
|
|
98
104
|
resourceInputs["backend"] = args?.backend;
|
|
99
105
|
resourceInputs["disableAutomatedRotation"] = args?.disableAutomatedRotation;
|
|
100
106
|
resourceInputs["ec2Endpoint"] = args?.ec2Endpoint;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authBackendClient.js","sourceRoot":"","sources":["../../aws/authBackendClient.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"authBackendClient.js","sourceRoot":"","sources":["../../aws/authBackendClient.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2CG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IAiHD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;SAC5E;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;SAC3E;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3E,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA7LL,8CA8LC;AAhLG,gBAAgB;AACO,8BAAY,GAAG,+CAA+C,CAAC"}
|
package/aws/secretBackend.d.ts
CHANGED
|
@@ -106,6 +106,10 @@ export declare class SecretBackend extends pulumi.CustomResource {
|
|
|
106
106
|
* Maximum possible lease duration for secrets in seconds
|
|
107
107
|
*/
|
|
108
108
|
readonly maxLeaseTtlSeconds: pulumi.Output<number>;
|
|
109
|
+
/**
|
|
110
|
+
* Number of max retries the client should use for recoverable errors.
|
|
111
|
+
*/
|
|
112
|
+
readonly maxRetries: pulumi.Output<number | undefined>;
|
|
109
113
|
/**
|
|
110
114
|
* The namespace to provision the resource in.
|
|
111
115
|
* The value should not contain leading or trailing forward slashes.
|
|
@@ -288,6 +292,10 @@ export interface SecretBackendState {
|
|
|
288
292
|
* Maximum possible lease duration for secrets in seconds
|
|
289
293
|
*/
|
|
290
294
|
maxLeaseTtlSeconds?: pulumi.Input<number>;
|
|
295
|
+
/**
|
|
296
|
+
* Number of max retries the client should use for recoverable errors.
|
|
297
|
+
*/
|
|
298
|
+
maxRetries?: pulumi.Input<number>;
|
|
291
299
|
/**
|
|
292
300
|
* The namespace to provision the resource in.
|
|
293
301
|
* The value should not contain leading or trailing forward slashes.
|
|
@@ -458,6 +466,10 @@ export interface SecretBackendArgs {
|
|
|
458
466
|
* Maximum possible lease duration for secrets in seconds
|
|
459
467
|
*/
|
|
460
468
|
maxLeaseTtlSeconds?: pulumi.Input<number>;
|
|
469
|
+
/**
|
|
470
|
+
* Number of max retries the client should use for recoverable errors.
|
|
471
|
+
*/
|
|
472
|
+
maxRetries?: pulumi.Input<number>;
|
|
461
473
|
/**
|
|
462
474
|
* The namespace to provision the resource in.
|
|
463
475
|
* The value should not contain leading or trailing forward slashes.
|
package/aws/secretBackend.js
CHANGED
|
@@ -62,6 +62,7 @@ class SecretBackend extends pulumi.CustomResource {
|
|
|
62
62
|
resourceInputs["listingVisibility"] = state?.listingVisibility;
|
|
63
63
|
resourceInputs["local"] = state?.local;
|
|
64
64
|
resourceInputs["maxLeaseTtlSeconds"] = state?.maxLeaseTtlSeconds;
|
|
65
|
+
resourceInputs["maxRetries"] = state?.maxRetries;
|
|
65
66
|
resourceInputs["namespace"] = state?.namespace;
|
|
66
67
|
resourceInputs["options"] = state?.options;
|
|
67
68
|
resourceInputs["passthroughRequestHeaders"] = state?.passthroughRequestHeaders;
|
|
@@ -101,6 +102,7 @@ class SecretBackend extends pulumi.CustomResource {
|
|
|
101
102
|
resourceInputs["listingVisibility"] = args?.listingVisibility;
|
|
102
103
|
resourceInputs["local"] = args?.local;
|
|
103
104
|
resourceInputs["maxLeaseTtlSeconds"] = args?.maxLeaseTtlSeconds;
|
|
105
|
+
resourceInputs["maxRetries"] = args?.maxRetries;
|
|
104
106
|
resourceInputs["namespace"] = args?.namespace;
|
|
105
107
|
resourceInputs["options"] = args?.options;
|
|
106
108
|
resourceInputs["passthroughRequestHeaders"] = args?.passthroughRequestHeaders;
|
package/aws/secretBackend.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretBackend.js","sourceRoot":"","sources":["../../aws/secretBackend.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;GAQG;AACH,MAAa,aAAc,SAAQ,MAAM,CAAC,cAAc;IACpD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA0B,EAAE,IAAmC;QACxH,OAAO,IAAI,aAAa,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACpE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,aAAa,CAAC,YAAY,CAAC;IAC9D,CAAC;
|
|
1
|
+
{"version":3,"file":"secretBackend.js","sourceRoot":"","sources":["../../aws/secretBackend.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;GAQG;AACH,MAAa,aAAc,SAAQ,MAAM,CAAC,cAAc;IACpD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA0B,EAAE,IAAmC;QACxH,OAAO,IAAI,aAAa,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACpE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,aAAa,CAAC,YAAY,CAAC;IAC9D,CAAC;IAsLD,YAAY,IAAY,EAAE,WAAoD,EAAE,IAAmC;QAC/G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA6C,CAAC;YAC5D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,EAAE,kBAAkB,CAAC;YACjE,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,EAAE,uBAAuB,CAAC;YAC3E,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,EAAE,kBAAkB,CAAC;YACjE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,EAAE,yBAAyB,CAAC;YAC/E,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,EAAE,oBAAoB,CAAC;YACrE,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,EAAE,kBAAkB,CAAC;YACjE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;SAChE;aAAM;YACH,MAAM,IAAI,GAAG,WAA4C,CAAC;YAC1D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,EAAE,kBAAkB,CAAC;YAChE,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,EAAE,uBAAuB,CAAC;YAC1E,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,KAAK,CAAC;YACtC,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,EAAE,kBAAkB,CAAC;YAChE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,EAAE,yBAAyB,CAAC;YAC9E,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,EAAE,oBAAoB,CAAC;YACpE,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,EAAE,kBAAkB,CAAC;YAChE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAClD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3E,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAClE,CAAC;;AAxSL,sCAySC;AA3RG,gBAAgB;AACO,0BAAY,GAAG,uCAAuC,CAAC"}
|
|
@@ -15,12 +15,12 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
15
15
|
* name: "deploy",
|
|
16
16
|
* credentialType: "iam_user",
|
|
17
17
|
* policyDocument: `{
|
|
18
|
-
* "Version": "2012-10-17",
|
|
19
|
-
* "Statement": [
|
|
18
|
+
* \\"Version\\": \\"2012-10-17\\",
|
|
19
|
+
* \\"Statement\\": [
|
|
20
20
|
* {
|
|
21
|
-
* "Effect": "Allow",
|
|
22
|
-
* "Action": "iam
|
|
23
|
-
* "Resource": "
|
|
21
|
+
* \\"Effect\\": \\"Allow\\",
|
|
22
|
+
* \\"Action\\": \\"iam:*\\",
|
|
23
|
+
* \\"Resource\\": \\"*\\"
|
|
24
24
|
* }
|
|
25
25
|
* ]
|
|
26
26
|
* }
|
|
@@ -98,6 +98,10 @@ export declare class SecretBackendRole extends pulumi.CustomResource {
|
|
|
98
98
|
* one of `assumedRole` or `federationToken`.
|
|
99
99
|
*/
|
|
100
100
|
readonly maxStsTtl: pulumi.Output<number>;
|
|
101
|
+
/**
|
|
102
|
+
* The ARN or hardware device number of the device configured to the IAM user for multi-factor authentication. Only required if the IAM user has an MFA device set up in AWS.
|
|
103
|
+
*/
|
|
104
|
+
readonly mfaSerialNumber: pulumi.Output<string | undefined>;
|
|
101
105
|
/**
|
|
102
106
|
* The name to identify this role within the backend.
|
|
103
107
|
* Must be unique within the backend.
|
|
@@ -213,6 +217,10 @@ export interface SecretBackendRoleState {
|
|
|
213
217
|
* one of `assumedRole` or `federationToken`.
|
|
214
218
|
*/
|
|
215
219
|
maxStsTtl?: pulumi.Input<number>;
|
|
220
|
+
/**
|
|
221
|
+
* The ARN or hardware device number of the device configured to the IAM user for multi-factor authentication. Only required if the IAM user has an MFA device set up in AWS.
|
|
222
|
+
*/
|
|
223
|
+
mfaSerialNumber?: pulumi.Input<string>;
|
|
216
224
|
/**
|
|
217
225
|
* The name to identify this role within the backend.
|
|
218
226
|
* Must be unique within the backend.
|
|
@@ -320,6 +328,10 @@ export interface SecretBackendRoleArgs {
|
|
|
320
328
|
* one of `assumedRole` or `federationToken`.
|
|
321
329
|
*/
|
|
322
330
|
maxStsTtl?: pulumi.Input<number>;
|
|
331
|
+
/**
|
|
332
|
+
* The ARN or hardware device number of the device configured to the IAM user for multi-factor authentication. Only required if the IAM user has an MFA device set up in AWS.
|
|
333
|
+
*/
|
|
334
|
+
mfaSerialNumber?: pulumi.Input<string>;
|
|
323
335
|
/**
|
|
324
336
|
* The name to identify this role within the backend.
|
|
325
337
|
* Must be unique within the backend.
|
package/aws/secretBackendRole.js
CHANGED
|
@@ -21,12 +21,12 @@ const utilities = require("../utilities");
|
|
|
21
21
|
* name: "deploy",
|
|
22
22
|
* credentialType: "iam_user",
|
|
23
23
|
* policyDocument: `{
|
|
24
|
-
* "Version": "2012-10-17",
|
|
25
|
-
* "Statement": [
|
|
24
|
+
* \\"Version\\": \\"2012-10-17\\",
|
|
25
|
+
* \\"Statement\\": [
|
|
26
26
|
* {
|
|
27
|
-
* "Effect": "Allow",
|
|
28
|
-
* "Action": "iam
|
|
29
|
-
* "Resource": "
|
|
27
|
+
* \\"Effect\\": \\"Allow\\",
|
|
28
|
+
* \\"Action\\": \\"iam:*\\",
|
|
29
|
+
* \\"Resource\\": \\"*\\"
|
|
30
30
|
* }
|
|
31
31
|
* ]
|
|
32
32
|
* }
|
|
@@ -77,6 +77,7 @@ class SecretBackendRole extends pulumi.CustomResource {
|
|
|
77
77
|
resourceInputs["iamGroups"] = state?.iamGroups;
|
|
78
78
|
resourceInputs["iamTags"] = state?.iamTags;
|
|
79
79
|
resourceInputs["maxStsTtl"] = state?.maxStsTtl;
|
|
80
|
+
resourceInputs["mfaSerialNumber"] = state?.mfaSerialNumber;
|
|
80
81
|
resourceInputs["name"] = state?.name;
|
|
81
82
|
resourceInputs["namespace"] = state?.namespace;
|
|
82
83
|
resourceInputs["permissionsBoundaryArn"] = state?.permissionsBoundaryArn;
|
|
@@ -101,6 +102,7 @@ class SecretBackendRole extends pulumi.CustomResource {
|
|
|
101
102
|
resourceInputs["iamGroups"] = args?.iamGroups;
|
|
102
103
|
resourceInputs["iamTags"] = args?.iamTags;
|
|
103
104
|
resourceInputs["maxStsTtl"] = args?.maxStsTtl;
|
|
105
|
+
resourceInputs["mfaSerialNumber"] = args?.mfaSerialNumber;
|
|
104
106
|
resourceInputs["name"] = args?.name;
|
|
105
107
|
resourceInputs["namespace"] = args?.namespace;
|
|
106
108
|
resourceInputs["permissionsBoundaryArn"] = args?.permissionsBoundaryArn;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretBackendRole.js","sourceRoot":"","sources":["../../aws/secretBackendRole.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;
|
|
1
|
+
{"version":3,"file":"secretBackendRole.js","sourceRoot":"","sources":["../../aws/secretBackendRole.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IAiHD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;SAChD;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,IAAI,EAAE,cAAc,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aACjE;YACD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;SAC/C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA3LL,8CA4LC;AA9KG,gBAAgB;AACO,8BAAY,GAAG,+CAA+C,CAAC"}
|
|
@@ -97,6 +97,16 @@ export declare class AuthBackendConfig extends pulumi.CustomResource {
|
|
|
97
97
|
* The TTL of generated identity tokens in seconds.
|
|
98
98
|
*/
|
|
99
99
|
readonly identityTokenTtl: pulumi.Output<number>;
|
|
100
|
+
/**
|
|
101
|
+
* Maximum number of retries for Azure API requests.
|
|
102
|
+
* Defaults to `3`.
|
|
103
|
+
*/
|
|
104
|
+
readonly maxRetries: pulumi.Output<number | undefined>;
|
|
105
|
+
/**
|
|
106
|
+
* The maximum delay in seconds between retries for Azure API requests.
|
|
107
|
+
* Defaults to `60`.
|
|
108
|
+
*/
|
|
109
|
+
readonly maxRetryDelay: pulumi.Output<number | undefined>;
|
|
100
110
|
/**
|
|
101
111
|
* The namespace to provision the resource in.
|
|
102
112
|
* The value should not contain leading or trailing forward slashes.
|
|
@@ -109,6 +119,11 @@ export declare class AuthBackendConfig extends pulumi.CustomResource {
|
|
|
109
119
|
* Azure Active Directory.
|
|
110
120
|
*/
|
|
111
121
|
readonly resource: pulumi.Output<string>;
|
|
122
|
+
/**
|
|
123
|
+
* The initial delay in seconds between retries for Azure API requests.
|
|
124
|
+
* Defaults to `4`.
|
|
125
|
+
*/
|
|
126
|
+
readonly retryDelay: pulumi.Output<number | undefined>;
|
|
112
127
|
/**
|
|
113
128
|
* The amount of time in seconds Vault should wait before rotating the root credential.
|
|
114
129
|
* A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
@@ -181,6 +196,16 @@ export interface AuthBackendConfigState {
|
|
|
181
196
|
* The TTL of generated identity tokens in seconds.
|
|
182
197
|
*/
|
|
183
198
|
identityTokenTtl?: pulumi.Input<number>;
|
|
199
|
+
/**
|
|
200
|
+
* Maximum number of retries for Azure API requests.
|
|
201
|
+
* Defaults to `3`.
|
|
202
|
+
*/
|
|
203
|
+
maxRetries?: pulumi.Input<number>;
|
|
204
|
+
/**
|
|
205
|
+
* The maximum delay in seconds between retries for Azure API requests.
|
|
206
|
+
* Defaults to `60`.
|
|
207
|
+
*/
|
|
208
|
+
maxRetryDelay?: pulumi.Input<number>;
|
|
184
209
|
/**
|
|
185
210
|
* The namespace to provision the resource in.
|
|
186
211
|
* The value should not contain leading or trailing forward slashes.
|
|
@@ -193,6 +218,11 @@ export interface AuthBackendConfigState {
|
|
|
193
218
|
* Azure Active Directory.
|
|
194
219
|
*/
|
|
195
220
|
resource?: pulumi.Input<string>;
|
|
221
|
+
/**
|
|
222
|
+
* The initial delay in seconds between retries for Azure API requests.
|
|
223
|
+
* Defaults to `4`.
|
|
224
|
+
*/
|
|
225
|
+
retryDelay?: pulumi.Input<number>;
|
|
196
226
|
/**
|
|
197
227
|
* The amount of time in seconds Vault should wait before rotating the root credential.
|
|
198
228
|
* A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
@@ -257,6 +287,16 @@ export interface AuthBackendConfigArgs {
|
|
|
257
287
|
* The TTL of generated identity tokens in seconds.
|
|
258
288
|
*/
|
|
259
289
|
identityTokenTtl?: pulumi.Input<number>;
|
|
290
|
+
/**
|
|
291
|
+
* Maximum number of retries for Azure API requests.
|
|
292
|
+
* Defaults to `3`.
|
|
293
|
+
*/
|
|
294
|
+
maxRetries?: pulumi.Input<number>;
|
|
295
|
+
/**
|
|
296
|
+
* The maximum delay in seconds between retries for Azure API requests.
|
|
297
|
+
* Defaults to `60`.
|
|
298
|
+
*/
|
|
299
|
+
maxRetryDelay?: pulumi.Input<number>;
|
|
260
300
|
/**
|
|
261
301
|
* The namespace to provision the resource in.
|
|
262
302
|
* The value should not contain leading or trailing forward slashes.
|
|
@@ -269,6 +309,11 @@ export interface AuthBackendConfigArgs {
|
|
|
269
309
|
* Azure Active Directory.
|
|
270
310
|
*/
|
|
271
311
|
resource: pulumi.Input<string>;
|
|
312
|
+
/**
|
|
313
|
+
* The initial delay in seconds between retries for Azure API requests.
|
|
314
|
+
* Defaults to `4`.
|
|
315
|
+
*/
|
|
316
|
+
retryDelay?: pulumi.Input<number>;
|
|
272
317
|
/**
|
|
273
318
|
* The amount of time in seconds Vault should wait before rotating the root credential.
|
|
274
319
|
* A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
@@ -87,8 +87,11 @@ class AuthBackendConfig extends pulumi.CustomResource {
|
|
|
87
87
|
resourceInputs["environment"] = state?.environment;
|
|
88
88
|
resourceInputs["identityTokenAudience"] = state?.identityTokenAudience;
|
|
89
89
|
resourceInputs["identityTokenTtl"] = state?.identityTokenTtl;
|
|
90
|
+
resourceInputs["maxRetries"] = state?.maxRetries;
|
|
91
|
+
resourceInputs["maxRetryDelay"] = state?.maxRetryDelay;
|
|
90
92
|
resourceInputs["namespace"] = state?.namespace;
|
|
91
93
|
resourceInputs["resource"] = state?.resource;
|
|
94
|
+
resourceInputs["retryDelay"] = state?.retryDelay;
|
|
92
95
|
resourceInputs["rotationPeriod"] = state?.rotationPeriod;
|
|
93
96
|
resourceInputs["rotationSchedule"] = state?.rotationSchedule;
|
|
94
97
|
resourceInputs["rotationWindow"] = state?.rotationWindow;
|
|
@@ -109,8 +112,11 @@ class AuthBackendConfig extends pulumi.CustomResource {
|
|
|
109
112
|
resourceInputs["environment"] = args?.environment;
|
|
110
113
|
resourceInputs["identityTokenAudience"] = args?.identityTokenAudience;
|
|
111
114
|
resourceInputs["identityTokenTtl"] = args?.identityTokenTtl;
|
|
115
|
+
resourceInputs["maxRetries"] = args?.maxRetries;
|
|
116
|
+
resourceInputs["maxRetryDelay"] = args?.maxRetryDelay;
|
|
112
117
|
resourceInputs["namespace"] = args?.namespace;
|
|
113
118
|
resourceInputs["resource"] = args?.resource;
|
|
119
|
+
resourceInputs["retryDelay"] = args?.retryDelay;
|
|
114
120
|
resourceInputs["rotationPeriod"] = args?.rotationPeriod;
|
|
115
121
|
resourceInputs["rotationSchedule"] = args?.rotationSchedule;
|
|
116
122
|
resourceInputs["rotationWindow"] = args?.rotationWindow;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authBackendConfig.js","sourceRoot":"","sources":["../../azure/authBackendConfig.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8CG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;
|
|
1
|
+
{"version":3,"file":"authBackendConfig.js","sourceRoot":"","sources":["../../azure/authBackendConfig.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8CG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IAiGD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;SAChD;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,IAAI,EAAE,QAAQ,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC3C,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,IAAI,EAAE,QAAQ,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC3C,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YACvF,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YACnG,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;SAC1F;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,UAAU,EAAE,cAAc,EAAE,UAAU,CAAC,EAAE,CAAC;QACzF,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA7KL,8CA8KC;AAhKG,gBAAgB;AACO,8BAAY,GAAG,iDAAiD,CAAC"}
|
package/azure/backend.d.ts
CHANGED
|
@@ -165,7 +165,7 @@ export declare class Backend extends pulumi.CustomResource {
|
|
|
165
165
|
*/
|
|
166
166
|
readonly pluginVersion: pulumi.Output<string | undefined>;
|
|
167
167
|
/**
|
|
168
|
-
*
|
|
168
|
+
* Specifies the TTL of the root password when rotate-root generates a new client secret. Requires Vault 1.15+.
|
|
169
169
|
*/
|
|
170
170
|
readonly rootPasswordTtl: pulumi.Output<number>;
|
|
171
171
|
/**
|
|
@@ -325,7 +325,7 @@ export interface BackendState {
|
|
|
325
325
|
*/
|
|
326
326
|
pluginVersion?: pulumi.Input<string>;
|
|
327
327
|
/**
|
|
328
|
-
*
|
|
328
|
+
* Specifies the TTL of the root password when rotate-root generates a new client secret. Requires Vault 1.15+.
|
|
329
329
|
*/
|
|
330
330
|
rootPasswordTtl?: pulumi.Input<number>;
|
|
331
331
|
/**
|
|
@@ -473,7 +473,7 @@ export interface BackendArgs {
|
|
|
473
473
|
*/
|
|
474
474
|
pluginVersion?: pulumi.Input<string>;
|
|
475
475
|
/**
|
|
476
|
-
*
|
|
476
|
+
* Specifies the TTL of the root password when rotate-root generates a new client secret. Requires Vault 1.15+.
|
|
477
477
|
*/
|
|
478
478
|
rootPasswordTtl?: pulumi.Input<number>;
|
|
479
479
|
/**
|
package/azure/backendRole.d.ts
CHANGED
|
@@ -96,6 +96,10 @@ export declare class BackendRole extends pulumi.CustomResource {
|
|
|
96
96
|
* deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
|
97
97
|
*/
|
|
98
98
|
readonly permanentlyDelete: pulumi.Output<boolean>;
|
|
99
|
+
/**
|
|
100
|
+
* If set to true, persists the created service principal and application for the lifetime of the role
|
|
101
|
+
*/
|
|
102
|
+
readonly persistApp: pulumi.Output<boolean | undefined>;
|
|
99
103
|
/**
|
|
100
104
|
* Name of the Azure role
|
|
101
105
|
*/
|
|
@@ -169,6 +173,10 @@ export interface BackendRoleState {
|
|
|
169
173
|
* deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
|
170
174
|
*/
|
|
171
175
|
permanentlyDelete?: pulumi.Input<boolean>;
|
|
176
|
+
/**
|
|
177
|
+
* If set to true, persists the created service principal and application for the lifetime of the role
|
|
178
|
+
*/
|
|
179
|
+
persistApp?: pulumi.Input<boolean>;
|
|
172
180
|
/**
|
|
173
181
|
* Name of the Azure role
|
|
174
182
|
*/
|
|
@@ -234,6 +242,10 @@ export interface BackendRoleArgs {
|
|
|
234
242
|
* deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
|
235
243
|
*/
|
|
236
244
|
permanentlyDelete?: pulumi.Input<boolean>;
|
|
245
|
+
/**
|
|
246
|
+
* If set to true, persists the created service principal and application for the lifetime of the role
|
|
247
|
+
*/
|
|
248
|
+
persistApp?: pulumi.Input<boolean>;
|
|
237
249
|
/**
|
|
238
250
|
* Name of the Azure role
|
|
239
251
|
*/
|
package/azure/backendRole.js
CHANGED
|
@@ -79,6 +79,7 @@ class BackendRole extends pulumi.CustomResource {
|
|
|
79
79
|
resourceInputs["maxTtl"] = state?.maxTtl;
|
|
80
80
|
resourceInputs["namespace"] = state?.namespace;
|
|
81
81
|
resourceInputs["permanentlyDelete"] = state?.permanentlyDelete;
|
|
82
|
+
resourceInputs["persistApp"] = state?.persistApp;
|
|
82
83
|
resourceInputs["role"] = state?.role;
|
|
83
84
|
resourceInputs["signInAudience"] = state?.signInAudience;
|
|
84
85
|
resourceInputs["tags"] = state?.tags;
|
|
@@ -98,6 +99,7 @@ class BackendRole extends pulumi.CustomResource {
|
|
|
98
99
|
resourceInputs["maxTtl"] = args?.maxTtl;
|
|
99
100
|
resourceInputs["namespace"] = args?.namespace;
|
|
100
101
|
resourceInputs["permanentlyDelete"] = args?.permanentlyDelete;
|
|
102
|
+
resourceInputs["persistApp"] = args?.persistApp;
|
|
101
103
|
resourceInputs["role"] = args?.role;
|
|
102
104
|
resourceInputs["signInAudience"] = args?.signInAudience;
|
|
103
105
|
resourceInputs["tags"] = args?.tags;
|
package/azure/backendRole.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"backendRole.js","sourceRoot":"","sources":["../../azure/backendRole.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;IAClD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwB,EAAE,IAAmC;QACtH,OAAO,IAAI,WAAW,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,YAAY,CAAC;IAC5D,CAAC;
|
|
1
|
+
{"version":3,"file":"backendRole.js","sourceRoot":"","sources":["../../azure/backendRole.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;IAClD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwB,EAAE,IAAmC;QACtH,OAAO,IAAI,WAAW,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,YAAY,CAAC;IAC5D,CAAC;IA2ED,YAAY,IAAY,EAAE,WAAgD,EAAE,IAAmC;QAC3G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2C,CAAC;YAC1D,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,EAAE,GAAG,CAAC;SACtC;aAAM;YACH,MAAM,IAAI,GAAG,WAA0C,CAAC;YACxD,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,KAAK,CAAC,GAAG,IAAI,EAAE,GAAG,CAAC;SACrC;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,WAAW,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAChE,CAAC;;AA9IL,kCA+IC;AAjIG,gBAAgB;AACO,wBAAY,GAAG,qCAAqC,CAAC"}
|
package/gcp/authBackend.d.ts
CHANGED
|
@@ -84,6 +84,22 @@ export declare class AuthBackend extends pulumi.CustomResource {
|
|
|
84
84
|
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
|
85
85
|
*/
|
|
86
86
|
readonly disableRemount: pulumi.Output<boolean | undefined>;
|
|
87
|
+
/**
|
|
88
|
+
* Defines what alias needs to be used during login and refelects the same in token metadata and audit logs.
|
|
89
|
+
*/
|
|
90
|
+
readonly gceAlias: pulumi.Output<string>;
|
|
91
|
+
/**
|
|
92
|
+
* Controls which instance metadata fields from the GCE login are captured into Vault's token metadata or audit logs.
|
|
93
|
+
*/
|
|
94
|
+
readonly gceMetadatas: pulumi.Output<string[]>;
|
|
95
|
+
/**
|
|
96
|
+
* Defines what alias needs to be used during login and refelects the same in token metadata and audit logs.
|
|
97
|
+
*/
|
|
98
|
+
readonly iamAlias: pulumi.Output<string>;
|
|
99
|
+
/**
|
|
100
|
+
* Controls the metadata to include on the token returned by the login endpoint.
|
|
101
|
+
*/
|
|
102
|
+
readonly iamMetadatas: pulumi.Output<string[]>;
|
|
87
103
|
/**
|
|
88
104
|
* The audience claim value for plugin identity
|
|
89
105
|
* tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
|
|
@@ -201,6 +217,22 @@ export interface AuthBackendState {
|
|
|
201
217
|
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
|
202
218
|
*/
|
|
203
219
|
disableRemount?: pulumi.Input<boolean>;
|
|
220
|
+
/**
|
|
221
|
+
* Defines what alias needs to be used during login and refelects the same in token metadata and audit logs.
|
|
222
|
+
*/
|
|
223
|
+
gceAlias?: pulumi.Input<string>;
|
|
224
|
+
/**
|
|
225
|
+
* Controls which instance metadata fields from the GCE login are captured into Vault's token metadata or audit logs.
|
|
226
|
+
*/
|
|
227
|
+
gceMetadatas?: pulumi.Input<pulumi.Input<string>[]>;
|
|
228
|
+
/**
|
|
229
|
+
* Defines what alias needs to be used during login and refelects the same in token metadata and audit logs.
|
|
230
|
+
*/
|
|
231
|
+
iamAlias?: pulumi.Input<string>;
|
|
232
|
+
/**
|
|
233
|
+
* Controls the metadata to include on the token returned by the login endpoint.
|
|
234
|
+
*/
|
|
235
|
+
iamMetadatas?: pulumi.Input<pulumi.Input<string>[]>;
|
|
204
236
|
/**
|
|
205
237
|
* The audience claim value for plugin identity
|
|
206
238
|
* tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
|
|
@@ -306,6 +338,22 @@ export interface AuthBackendArgs {
|
|
|
306
338
|
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
|
307
339
|
*/
|
|
308
340
|
disableRemount?: pulumi.Input<boolean>;
|
|
341
|
+
/**
|
|
342
|
+
* Defines what alias needs to be used during login and refelects the same in token metadata and audit logs.
|
|
343
|
+
*/
|
|
344
|
+
gceAlias?: pulumi.Input<string>;
|
|
345
|
+
/**
|
|
346
|
+
* Controls which instance metadata fields from the GCE login are captured into Vault's token metadata or audit logs.
|
|
347
|
+
*/
|
|
348
|
+
gceMetadatas?: pulumi.Input<pulumi.Input<string>[]>;
|
|
349
|
+
/**
|
|
350
|
+
* Defines what alias needs to be used during login and refelects the same in token metadata and audit logs.
|
|
351
|
+
*/
|
|
352
|
+
iamAlias?: pulumi.Input<string>;
|
|
353
|
+
/**
|
|
354
|
+
* Controls the metadata to include on the token returned by the login endpoint.
|
|
355
|
+
*/
|
|
356
|
+
iamMetadatas?: pulumi.Input<pulumi.Input<string>[]>;
|
|
309
357
|
/**
|
|
310
358
|
* The audience claim value for plugin identity
|
|
311
359
|
* tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
|
package/gcp/authBackend.js
CHANGED
|
@@ -69,6 +69,10 @@ class AuthBackend extends pulumi.CustomResource {
|
|
|
69
69
|
resourceInputs["description"] = state?.description;
|
|
70
70
|
resourceInputs["disableAutomatedRotation"] = state?.disableAutomatedRotation;
|
|
71
71
|
resourceInputs["disableRemount"] = state?.disableRemount;
|
|
72
|
+
resourceInputs["gceAlias"] = state?.gceAlias;
|
|
73
|
+
resourceInputs["gceMetadatas"] = state?.gceMetadatas;
|
|
74
|
+
resourceInputs["iamAlias"] = state?.iamAlias;
|
|
75
|
+
resourceInputs["iamMetadatas"] = state?.iamMetadatas;
|
|
72
76
|
resourceInputs["identityTokenAudience"] = state?.identityTokenAudience;
|
|
73
77
|
resourceInputs["identityTokenKey"] = state?.identityTokenKey;
|
|
74
78
|
resourceInputs["identityTokenTtl"] = state?.identityTokenTtl;
|
|
@@ -92,6 +96,10 @@ class AuthBackend extends pulumi.CustomResource {
|
|
|
92
96
|
resourceInputs["description"] = args?.description;
|
|
93
97
|
resourceInputs["disableAutomatedRotation"] = args?.disableAutomatedRotation;
|
|
94
98
|
resourceInputs["disableRemount"] = args?.disableRemount;
|
|
99
|
+
resourceInputs["gceAlias"] = args?.gceAlias;
|
|
100
|
+
resourceInputs["gceMetadatas"] = args?.gceMetadatas;
|
|
101
|
+
resourceInputs["iamAlias"] = args?.iamAlias;
|
|
102
|
+
resourceInputs["iamMetadatas"] = args?.iamMetadatas;
|
|
95
103
|
resourceInputs["identityTokenAudience"] = args?.identityTokenAudience;
|
|
96
104
|
resourceInputs["identityTokenKey"] = args?.identityTokenKey;
|
|
97
105
|
resourceInputs["identityTokenTtl"] = args?.identityTokenTtl;
|
package/gcp/authBackend.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authBackend.js","sourceRoot":"","sources":["../../gcp/authBackend.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;IAClD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwB,EAAE,IAAmC;QACtH,OAAO,IAAI,WAAW,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,YAAY,CAAC;IAC5D,CAAC;
|
|
1
|
+
{"version":3,"file":"authBackend.js","sourceRoot":"","sources":["../../gcp/authBackend.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;IAClD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwB,EAAE,IAAmC;QACtH,OAAO,IAAI,WAAW,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,YAAY,CAAC;IAC5D,CAAC;IAmID,YAAY,IAAY,EAAE,WAAgD,EAAE,IAAmC;QAC3G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2C,CAAC;YAC1D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;SACxC;aAAM;YACH,MAAM,IAAI,GAAG,WAA0C,CAAC;YACxD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAChG,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,KAAK,CAAC;YACtC,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAClD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,aAAa,CAAC,EAAE,CAAC;QAChE,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,WAAW,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAChE,CAAC;;AA3NL,kCA4NC;AA9MG,gBAAgB;AACO,wBAAY,GAAG,mCAAmC,CAAC"}
|