pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +26 -9
- pulumi_vault/ad/secret_backend.py +16 -142
- pulumi_vault/ad/secret_library.py +16 -9
- pulumi_vault/ad/secret_role.py +14 -9
- pulumi_vault/alicloud/auth_backend_role.py +76 -190
- pulumi_vault/approle/auth_backend_login.py +12 -7
- pulumi_vault/approle/auth_backend_role.py +77 -191
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
- pulumi_vault/audit.py +30 -21
- pulumi_vault/audit_request_header.py +11 -2
- pulumi_vault/auth_backend.py +66 -14
- pulumi_vault/aws/auth_backend_cert.py +18 -9
- pulumi_vault/aws/auth_backend_client.py +267 -22
- pulumi_vault/aws/auth_backend_config_identity.py +14 -9
- pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +77 -191
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
- pulumi_vault/aws/auth_backend_sts_role.py +14 -9
- pulumi_vault/aws/get_access_credentials.py +38 -9
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +77 -9
- pulumi_vault/aws/secret_backend_role.py +185 -9
- pulumi_vault/aws/secret_backend_static_role.py +20 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +153 -15
- pulumi_vault/azure/auth_backend_role.py +77 -191
- pulumi_vault/azure/backend.py +227 -21
- pulumi_vault/azure/backend_role.py +42 -37
- pulumi_vault/azure/get_access_credentials.py +41 -7
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -267
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +28 -19
- pulumi_vault/consul/secret_backend_role.py +18 -78
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +119 -112
- pulumi_vault/database/secret_backend_role.py +31 -22
- pulumi_vault/database/secret_backend_static_role.py +87 -13
- pulumi_vault/database/secrets_mount.py +427 -136
- pulumi_vault/egp_policy.py +16 -11
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +250 -33
- pulumi_vault/gcp/auth_backend_role.py +77 -269
- pulumi_vault/gcp/get_auth_backend_role.py +43 -5
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -12
- pulumi_vault/gcp/secret_impersonated_account.py +76 -15
- pulumi_vault/gcp/secret_roleset.py +31 -24
- pulumi_vault/gcp/secret_static_account.py +39 -32
- pulumi_vault/generic/endpoint.py +24 -17
- pulumi_vault/generic/get_secret.py +64 -8
- pulumi_vault/generic/secret.py +21 -16
- pulumi_vault/get_auth_backend.py +24 -7
- pulumi_vault/get_auth_backends.py +51 -9
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -11
- pulumi_vault/get_policy_document.py +34 -19
- pulumi_vault/get_raft_autopilot_state.py +29 -10
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +19 -14
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +16 -11
- pulumi_vault/github/user.py +16 -11
- pulumi_vault/identity/entity.py +20 -13
- pulumi_vault/identity/entity_alias.py +20 -13
- pulumi_vault/identity/entity_policies.py +28 -11
- pulumi_vault/identity/get_entity.py +42 -10
- pulumi_vault/identity/get_group.py +47 -9
- pulumi_vault/identity/get_oidc_client_creds.py +21 -7
- pulumi_vault/identity/get_oidc_openid_config.py +39 -9
- pulumi_vault/identity/get_oidc_public_keys.py +29 -10
- pulumi_vault/identity/group.py +58 -39
- pulumi_vault/identity/group_alias.py +16 -9
- pulumi_vault/identity/group_member_entity_ids.py +28 -66
- pulumi_vault/identity/group_member_group_ids.py +40 -19
- pulumi_vault/identity/group_policies.py +20 -7
- pulumi_vault/identity/mfa_duo.py +11 -6
- pulumi_vault/identity/mfa_login_enforcement.py +15 -6
- pulumi_vault/identity/mfa_okta.py +11 -6
- pulumi_vault/identity/mfa_pingid.py +7 -2
- pulumi_vault/identity/mfa_totp.py +7 -2
- pulumi_vault/identity/oidc.py +12 -7
- pulumi_vault/identity/oidc_assignment.py +24 -11
- pulumi_vault/identity/oidc_client.py +36 -23
- pulumi_vault/identity/oidc_key.py +30 -17
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
- pulumi_vault/identity/oidc_provider.py +36 -21
- pulumi_vault/identity/oidc_role.py +42 -21
- pulumi_vault/identity/oidc_scope.py +20 -13
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +45 -40
- pulumi_vault/jwt/auth_backend_role.py +133 -254
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +24 -19
- pulumi_vault/kmip/secret_role.py +14 -9
- pulumi_vault/kmip/secret_scope.py +14 -9
- pulumi_vault/kubernetes/auth_backend_config.py +57 -5
- pulumi_vault/kubernetes/auth_backend_role.py +70 -177
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -11
- pulumi_vault/kubernetes/secret_backend.py +316 -27
- pulumi_vault/kubernetes/secret_backend_role.py +137 -46
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +25 -8
- pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
- pulumi_vault/kv/get_secret_v2.py +85 -9
- pulumi_vault/kv/get_secrets_list.py +24 -11
- pulumi_vault/kv/get_secrets_list_v2.py +37 -15
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +23 -16
- pulumi_vault/kv/secret_backend_v2.py +20 -11
- pulumi_vault/kv/secret_v2.py +59 -50
- pulumi_vault/ldap/auth_backend.py +127 -166
- pulumi_vault/ldap/auth_backend_group.py +14 -9
- pulumi_vault/ldap/auth_backend_user.py +14 -9
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +354 -82
- pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
- pulumi_vault/ldap/secret_backend_library_set.py +16 -9
- pulumi_vault/ldap/secret_backend_static_role.py +73 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +29 -57
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +18 -11
- pulumi_vault/mfa_okta.py +18 -11
- pulumi_vault/mfa_pingid.py +18 -11
- pulumi_vault/mfa_totp.py +24 -17
- pulumi_vault/mongodbatlas/secret_backend.py +20 -15
- pulumi_vault/mongodbatlas/secret_role.py +47 -38
- pulumi_vault/mount.py +391 -51
- pulumi_vault/namespace.py +68 -83
- pulumi_vault/nomad_secret_backend.py +18 -13
- pulumi_vault/nomad_secret_role.py +14 -9
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +485 -39
- pulumi_vault/okta/auth_backend_group.py +14 -9
- pulumi_vault/okta/auth_backend_user.py +14 -9
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +20 -13
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
- pulumi_vault/pkisecret/get_backend_key.py +24 -9
- pulumi_vault/pkisecret/get_backend_keys.py +21 -8
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
- pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
- pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
- pulumi_vault/pkisecret/secret_backend_key.py +14 -9
- pulumi_vault/pkisecret/secret_backend_role.py +21 -14
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +14 -9
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +60 -6
- pulumi_vault/quota_rate_limit.py +56 -2
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +18 -13
- pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
- pulumi_vault/raft_autopilot.py +14 -9
- pulumi_vault/raft_snapshot_agent_config.py +129 -224
- pulumi_vault/rgp_policy.py +14 -9
- pulumi_vault/saml/auth_backend.py +22 -17
- pulumi_vault/saml/auth_backend_role.py +92 -197
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -71
- pulumi_vault/secrets/sync_aws_destination.py +242 -27
- pulumi_vault/secrets/sync_azure_destination.py +92 -31
- pulumi_vault/secrets/sync_config.py +9 -4
- pulumi_vault/secrets/sync_gcp_destination.py +158 -25
- pulumi_vault/secrets/sync_gh_destination.py +189 -13
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +74 -13
- pulumi_vault/ssh/_inputs.py +28 -28
- pulumi_vault/ssh/outputs.py +11 -28
- pulumi_vault/ssh/secret_backend_ca.py +108 -9
- pulumi_vault/ssh/secret_backend_role.py +85 -118
- pulumi_vault/terraformcloud/secret_backend.py +7 -54
- pulumi_vault/terraformcloud/secret_creds.py +14 -20
- pulumi_vault/terraformcloud/secret_role.py +16 -74
- pulumi_vault/token.py +28 -23
- pulumi_vault/tokenauth/auth_backend_role.py +78 -199
- pulumi_vault/transform/alphabet.py +16 -9
- pulumi_vault/transform/get_decode.py +45 -17
- pulumi_vault/transform/get_encode.py +45 -17
- pulumi_vault/transform/role.py +16 -9
- pulumi_vault/transform/template.py +30 -21
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -21
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +27 -93
- pulumi_vault/transit/secret_cache_config.py +12 -7
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendArgs', 'SecretBackend']
|
@@ -46,7 +51,7 @@ class SecretBackendArgs:
|
|
46
51
|
for credentials issued by this backend.
|
47
52
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
48
53
|
The value should not contain leading or trailing forward slashes.
|
49
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
54
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
50
55
|
*Available only for Vault Enterprise*.
|
51
56
|
:param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults
|
52
57
|
to `consul`.
|
@@ -211,7 +216,7 @@ class SecretBackendArgs:
|
|
211
216
|
"""
|
212
217
|
The namespace to provision the resource in.
|
213
218
|
The value should not contain leading or trailing forward slashes.
|
214
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
219
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
215
220
|
*Available only for Vault Enterprise*.
|
216
221
|
"""
|
217
222
|
return pulumi.get(self, "namespace")
|
@@ -293,7 +298,7 @@ class _SecretBackendState:
|
|
293
298
|
for credentials issued by this backend.
|
294
299
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
295
300
|
The value should not contain leading or trailing forward slashes.
|
296
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
301
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
297
302
|
*Available only for Vault Enterprise*.
|
298
303
|
:param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults
|
299
304
|
to `consul`.
|
@@ -459,7 +464,7 @@ class _SecretBackendState:
|
|
459
464
|
"""
|
460
465
|
The namespace to provision the resource in.
|
461
466
|
The value should not contain leading or trailing forward slashes.
|
462
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
467
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
463
468
|
*Available only for Vault Enterprise*.
|
464
469
|
"""
|
465
470
|
return pulumi.get(self, "namespace")
|
@@ -528,27 +533,29 @@ class SecretBackend(pulumi.CustomResource):
|
|
528
533
|
__props__=None):
|
529
534
|
"""
|
530
535
|
## Example Usage
|
536
|
+
|
531
537
|
### Creating a standard backend resource:
|
532
538
|
```python
|
533
539
|
import pulumi
|
534
540
|
import pulumi_vault as vault
|
535
541
|
|
536
542
|
test = vault.consul.SecretBackend("test",
|
537
|
-
address="127.0.0.1:8500",
|
538
|
-
description="Manages the Consul backend",
|
539
543
|
path="consul",
|
544
|
+
description="Manages the Consul backend",
|
545
|
+
address="127.0.0.1:8500",
|
540
546
|
token="4240861b-ce3d-8530-115a-521ff070dd29")
|
541
547
|
```
|
548
|
+
|
542
549
|
### Creating a backend resource to bootstrap a new Consul instance:
|
543
550
|
```python
|
544
551
|
import pulumi
|
545
552
|
import pulumi_vault as vault
|
546
553
|
|
547
554
|
test = vault.consul.SecretBackend("test",
|
548
|
-
|
549
|
-
bootstrap=True,
|
555
|
+
path="consul",
|
550
556
|
description="Bootstrap the Consul backend",
|
551
|
-
|
557
|
+
address="127.0.0.1:8500",
|
558
|
+
bootstrap=True)
|
552
559
|
```
|
553
560
|
|
554
561
|
## Import
|
@@ -556,7 +563,7 @@ class SecretBackend(pulumi.CustomResource):
|
|
556
563
|
Consul secret backends can be imported using the `path`, e.g.
|
557
564
|
|
558
565
|
```sh
|
559
|
-
|
566
|
+
$ pulumi import vault:consul/secretBackend:SecretBackend example consul
|
560
567
|
```
|
561
568
|
|
562
569
|
:param str resource_name: The name of the resource.
|
@@ -577,7 +584,7 @@ class SecretBackend(pulumi.CustomResource):
|
|
577
584
|
for credentials issued by this backend.
|
578
585
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
579
586
|
The value should not contain leading or trailing forward slashes.
|
580
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
587
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
581
588
|
*Available only for Vault Enterprise*.
|
582
589
|
:param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults
|
583
590
|
to `consul`.
|
@@ -592,27 +599,29 @@ class SecretBackend(pulumi.CustomResource):
|
|
592
599
|
opts: Optional[pulumi.ResourceOptions] = None):
|
593
600
|
"""
|
594
601
|
## Example Usage
|
602
|
+
|
595
603
|
### Creating a standard backend resource:
|
596
604
|
```python
|
597
605
|
import pulumi
|
598
606
|
import pulumi_vault as vault
|
599
607
|
|
600
608
|
test = vault.consul.SecretBackend("test",
|
601
|
-
address="127.0.0.1:8500",
|
602
|
-
description="Manages the Consul backend",
|
603
609
|
path="consul",
|
610
|
+
description="Manages the Consul backend",
|
611
|
+
address="127.0.0.1:8500",
|
604
612
|
token="4240861b-ce3d-8530-115a-521ff070dd29")
|
605
613
|
```
|
614
|
+
|
606
615
|
### Creating a backend resource to bootstrap a new Consul instance:
|
607
616
|
```python
|
608
617
|
import pulumi
|
609
618
|
import pulumi_vault as vault
|
610
619
|
|
611
620
|
test = vault.consul.SecretBackend("test",
|
612
|
-
|
613
|
-
bootstrap=True,
|
621
|
+
path="consul",
|
614
622
|
description="Bootstrap the Consul backend",
|
615
|
-
|
623
|
+
address="127.0.0.1:8500",
|
624
|
+
bootstrap=True)
|
616
625
|
```
|
617
626
|
|
618
627
|
## Import
|
@@ -620,7 +629,7 @@ class SecretBackend(pulumi.CustomResource):
|
|
620
629
|
Consul secret backends can be imported using the `path`, e.g.
|
621
630
|
|
622
631
|
```sh
|
623
|
-
|
632
|
+
$ pulumi import vault:consul/secretBackend:SecretBackend example consul
|
624
633
|
```
|
625
634
|
|
626
635
|
:param str resource_name: The name of the resource.
|
@@ -726,7 +735,7 @@ class SecretBackend(pulumi.CustomResource):
|
|
726
735
|
for credentials issued by this backend.
|
727
736
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
728
737
|
The value should not contain leading or trailing forward slashes.
|
729
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
738
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
730
739
|
*Available only for Vault Enterprise*.
|
731
740
|
:param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults
|
732
741
|
to `consul`.
|
@@ -843,7 +852,7 @@ class SecretBackend(pulumi.CustomResource):
|
|
843
852
|
"""
|
844
853
|
The namespace to provision the resource in.
|
845
854
|
The value should not contain leading or trailing forward slashes.
|
846
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
855
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
847
856
|
*Available only for Vault Enterprise*.
|
848
857
|
"""
|
849
858
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendRoleArgs', 'SecretBackendRole']
|
@@ -26,7 +31,6 @@ class SecretBackendRoleArgs:
|
|
26
31
|
partition: Optional[pulumi.Input[str]] = None,
|
27
32
|
policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
28
33
|
service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
29
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
30
34
|
ttl: Optional[pulumi.Input[int]] = None):
|
31
35
|
"""
|
32
36
|
The set of arguments for constructing a SecretBackendRole resource.
|
@@ -41,7 +45,7 @@ class SecretBackendRoleArgs:
|
|
41
45
|
:param pulumi.Input[str] name: The name of the Consul secrets engine role to create.
|
42
46
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
43
47
|
The value should not contain leading or trailing forward slashes.
|
44
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
48
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
45
49
|
*Available only for Vault Enterprise*.
|
46
50
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
|
47
51
|
identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
|
@@ -52,8 +56,6 @@ class SecretBackendRoleArgs:
|
|
52
56
|
`policies`, remains supported for legacy users, but Vault has deprecated this field.
|
53
57
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
|
54
58
|
service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
|
55
|
-
:param pulumi.Input[str] token_type: Specifies the type of token to create when using this role. Valid values are "client" or "management".
|
56
|
-
*Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
|
57
59
|
:param pulumi.Input[int] ttl: Specifies the TTL for this role.
|
58
60
|
"""
|
59
61
|
if backend is not None:
|
@@ -80,11 +82,6 @@ class SecretBackendRoleArgs:
|
|
80
82
|
pulumi.set(__self__, "policies", policies)
|
81
83
|
if service_identities is not None:
|
82
84
|
pulumi.set(__self__, "service_identities", service_identities)
|
83
|
-
if token_type is not None:
|
84
|
-
warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning)
|
85
|
-
pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""")
|
86
|
-
if token_type is not None:
|
87
|
-
pulumi.set(__self__, "token_type", token_type)
|
88
85
|
if ttl is not None:
|
89
86
|
pulumi.set(__self__, "ttl", ttl)
|
90
87
|
|
@@ -180,7 +177,7 @@ class SecretBackendRoleArgs:
|
|
180
177
|
"""
|
181
178
|
The namespace to provision the resource in.
|
182
179
|
The value should not contain leading or trailing forward slashes.
|
183
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
180
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
184
181
|
*Available only for Vault Enterprise*.
|
185
182
|
"""
|
186
183
|
return pulumi.get(self, "namespace")
|
@@ -242,22 +239,6 @@ class SecretBackendRoleArgs:
|
|
242
239
|
def service_identities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
243
240
|
pulumi.set(self, "service_identities", value)
|
244
241
|
|
245
|
-
@property
|
246
|
-
@pulumi.getter(name="tokenType")
|
247
|
-
def token_type(self) -> Optional[pulumi.Input[str]]:
|
248
|
-
"""
|
249
|
-
Specifies the type of token to create when using this role. Valid values are "client" or "management".
|
250
|
-
*Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
|
251
|
-
"""
|
252
|
-
warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning)
|
253
|
-
pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""")
|
254
|
-
|
255
|
-
return pulumi.get(self, "token_type")
|
256
|
-
|
257
|
-
@token_type.setter
|
258
|
-
def token_type(self, value: Optional[pulumi.Input[str]]):
|
259
|
-
pulumi.set(self, "token_type", value)
|
260
|
-
|
261
242
|
@property
|
262
243
|
@pulumi.getter
|
263
244
|
def ttl(self) -> Optional[pulumi.Input[int]]:
|
@@ -286,7 +267,6 @@ class _SecretBackendRoleState:
|
|
286
267
|
partition: Optional[pulumi.Input[str]] = None,
|
287
268
|
policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
288
269
|
service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
289
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
290
270
|
ttl: Optional[pulumi.Input[int]] = None):
|
291
271
|
"""
|
292
272
|
Input properties used for looking up and filtering SecretBackendRole resources.
|
@@ -301,7 +281,7 @@ class _SecretBackendRoleState:
|
|
301
281
|
:param pulumi.Input[str] name: The name of the Consul secrets engine role to create.
|
302
282
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
303
283
|
The value should not contain leading or trailing forward slashes.
|
304
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
284
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
305
285
|
*Available only for Vault Enterprise*.
|
306
286
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
|
307
287
|
identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
|
@@ -312,8 +292,6 @@ class _SecretBackendRoleState:
|
|
312
292
|
`policies`, remains supported for legacy users, but Vault has deprecated this field.
|
313
293
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
|
314
294
|
service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
|
315
|
-
:param pulumi.Input[str] token_type: Specifies the type of token to create when using this role. Valid values are "client" or "management".
|
316
|
-
*Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
|
317
295
|
:param pulumi.Input[int] ttl: Specifies the TTL for this role.
|
318
296
|
"""
|
319
297
|
if backend is not None:
|
@@ -340,11 +318,6 @@ class _SecretBackendRoleState:
|
|
340
318
|
pulumi.set(__self__, "policies", policies)
|
341
319
|
if service_identities is not None:
|
342
320
|
pulumi.set(__self__, "service_identities", service_identities)
|
343
|
-
if token_type is not None:
|
344
|
-
warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning)
|
345
|
-
pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""")
|
346
|
-
if token_type is not None:
|
347
|
-
pulumi.set(__self__, "token_type", token_type)
|
348
321
|
if ttl is not None:
|
349
322
|
pulumi.set(__self__, "ttl", ttl)
|
350
323
|
|
@@ -440,7 +413,7 @@ class _SecretBackendRoleState:
|
|
440
413
|
"""
|
441
414
|
The namespace to provision the resource in.
|
442
415
|
The value should not contain leading or trailing forward slashes.
|
443
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
416
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
444
417
|
*Available only for Vault Enterprise*.
|
445
418
|
"""
|
446
419
|
return pulumi.get(self, "namespace")
|
@@ -502,22 +475,6 @@ class _SecretBackendRoleState:
|
|
502
475
|
def service_identities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
503
476
|
pulumi.set(self, "service_identities", value)
|
504
477
|
|
505
|
-
@property
|
506
|
-
@pulumi.getter(name="tokenType")
|
507
|
-
def token_type(self) -> Optional[pulumi.Input[str]]:
|
508
|
-
"""
|
509
|
-
Specifies the type of token to create when using this role. Valid values are "client" or "management".
|
510
|
-
*Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
|
511
|
-
"""
|
512
|
-
warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning)
|
513
|
-
pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""")
|
514
|
-
|
515
|
-
return pulumi.get(self, "token_type")
|
516
|
-
|
517
|
-
@token_type.setter
|
518
|
-
def token_type(self, value: Optional[pulumi.Input[str]]):
|
519
|
-
pulumi.set(self, "token_type", value)
|
520
|
-
|
521
478
|
@property
|
522
479
|
@pulumi.getter
|
523
480
|
def ttl(self) -> Optional[pulumi.Input[int]]:
|
@@ -548,7 +505,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
548
505
|
partition: Optional[pulumi.Input[str]] = None,
|
549
506
|
policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
550
507
|
service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
551
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
552
508
|
ttl: Optional[pulumi.Input[int]] = None,
|
553
509
|
__props__=None):
|
554
510
|
"""
|
@@ -566,9 +522,11 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
566
522
|
address="127.0.0.1:8500",
|
567
523
|
token="4240861b-ce3d-8530-115a-521ff070dd29")
|
568
524
|
example = vault.consul.SecretBackendRole("example",
|
525
|
+
name="test-role",
|
569
526
|
backend=test.path,
|
570
527
|
consul_policies=["example-policy"])
|
571
528
|
```
|
529
|
+
|
572
530
|
## Note About Required Arguments
|
573
531
|
|
574
532
|
*At least one* of the four arguments `consul_policies`, `consul_roles`, `service_identities`, or
|
@@ -580,7 +538,7 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
580
538
|
Consul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.
|
581
539
|
|
582
540
|
```sh
|
583
|
-
|
541
|
+
$ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role
|
584
542
|
```
|
585
543
|
|
586
544
|
:param str resource_name: The name of the resource.
|
@@ -596,7 +554,7 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
596
554
|
:param pulumi.Input[str] name: The name of the Consul secrets engine role to create.
|
597
555
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
598
556
|
The value should not contain leading or trailing forward slashes.
|
599
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
557
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
600
558
|
*Available only for Vault Enterprise*.
|
601
559
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
|
602
560
|
identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
|
@@ -607,8 +565,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
607
565
|
`policies`, remains supported for legacy users, but Vault has deprecated this field.
|
608
566
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
|
609
567
|
service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
|
610
|
-
:param pulumi.Input[str] token_type: Specifies the type of token to create when using this role. Valid values are "client" or "management".
|
611
|
-
*Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
|
612
568
|
:param pulumi.Input[int] ttl: Specifies the TTL for this role.
|
613
569
|
"""
|
614
570
|
...
|
@@ -632,9 +588,11 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
632
588
|
address="127.0.0.1:8500",
|
633
589
|
token="4240861b-ce3d-8530-115a-521ff070dd29")
|
634
590
|
example = vault.consul.SecretBackendRole("example",
|
591
|
+
name="test-role",
|
635
592
|
backend=test.path,
|
636
593
|
consul_policies=["example-policy"])
|
637
594
|
```
|
595
|
+
|
638
596
|
## Note About Required Arguments
|
639
597
|
|
640
598
|
*At least one* of the four arguments `consul_policies`, `consul_roles`, `service_identities`, or
|
@@ -646,7 +604,7 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
646
604
|
Consul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.
|
647
605
|
|
648
606
|
```sh
|
649
|
-
|
607
|
+
$ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role
|
650
608
|
```
|
651
609
|
|
652
610
|
:param str resource_name: The name of the resource.
|
@@ -676,7 +634,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
676
634
|
partition: Optional[pulumi.Input[str]] = None,
|
677
635
|
policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
678
636
|
service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
679
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
680
637
|
ttl: Optional[pulumi.Input[int]] = None,
|
681
638
|
__props__=None):
|
682
639
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
@@ -699,7 +656,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
699
656
|
__props__.__dict__["partition"] = partition
|
700
657
|
__props__.__dict__["policies"] = policies
|
701
658
|
__props__.__dict__["service_identities"] = service_identities
|
702
|
-
__props__.__dict__["token_type"] = token_type
|
703
659
|
__props__.__dict__["ttl"] = ttl
|
704
660
|
super(SecretBackendRole, __self__).__init__(
|
705
661
|
'vault:consul/secretBackendRole:SecretBackendRole',
|
@@ -723,7 +679,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
723
679
|
partition: Optional[pulumi.Input[str]] = None,
|
724
680
|
policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
725
681
|
service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
726
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
727
682
|
ttl: Optional[pulumi.Input[int]] = None) -> 'SecretBackendRole':
|
728
683
|
"""
|
729
684
|
Get an existing SecretBackendRole resource's state with the given name, id, and optional extra
|
@@ -743,7 +698,7 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
743
698
|
:param pulumi.Input[str] name: The name of the Consul secrets engine role to create.
|
744
699
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
745
700
|
The value should not contain leading or trailing forward slashes.
|
746
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
701
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
747
702
|
*Available only for Vault Enterprise*.
|
748
703
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
|
749
704
|
identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
|
@@ -754,8 +709,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
754
709
|
`policies`, remains supported for legacy users, but Vault has deprecated this field.
|
755
710
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
|
756
711
|
service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
|
757
|
-
:param pulumi.Input[str] token_type: Specifies the type of token to create when using this role. Valid values are "client" or "management".
|
758
|
-
*Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
|
759
712
|
:param pulumi.Input[int] ttl: Specifies the TTL for this role.
|
760
713
|
"""
|
761
714
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
@@ -774,7 +727,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
774
727
|
__props__.__dict__["partition"] = partition
|
775
728
|
__props__.__dict__["policies"] = policies
|
776
729
|
__props__.__dict__["service_identities"] = service_identities
|
777
|
-
__props__.__dict__["token_type"] = token_type
|
778
730
|
__props__.__dict__["ttl"] = ttl
|
779
731
|
return SecretBackendRole(resource_name, opts=opts, __props__=__props__)
|
780
732
|
|
@@ -842,7 +794,7 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
842
794
|
"""
|
843
795
|
The namespace to provision the resource in.
|
844
796
|
The value should not contain leading or trailing forward slashes.
|
845
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
797
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
846
798
|
*Available only for Vault Enterprise*.
|
847
799
|
"""
|
848
800
|
return pulumi.get(self, "namespace")
|
@@ -884,18 +836,6 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
884
836
|
"""
|
885
837
|
return pulumi.get(self, "service_identities")
|
886
838
|
|
887
|
-
@property
|
888
|
-
@pulumi.getter(name="tokenType")
|
889
|
-
def token_type(self) -> pulumi.Output[Optional[str]]:
|
890
|
-
"""
|
891
|
-
Specifies the type of token to create when using this role. Valid values are "client" or "management".
|
892
|
-
*Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.*
|
893
|
-
"""
|
894
|
-
warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning)
|
895
|
-
pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""")
|
896
|
-
|
897
|
-
return pulumi.get(self, "token_type")
|
898
|
-
|
899
839
|
@property
|
900
840
|
@pulumi.getter
|
901
841
|
def ttl(self) -> pulumi.Output[Optional[int]]:
|