pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -219,10 +224,12 @@ def get_oidc_openid_config(name: Optional[str] = None,
219
224
  import pulumi_vault as vault
220
225
 
221
226
  key = vault.identity.OidcKey("key",
227
+ name="key",
222
228
  allowed_client_ids=["*"],
223
229
  rotation_period=3600,
224
230
  verification_ttl=3600)
225
231
  app = vault.identity.OidcClient("app",
232
+ name="application",
226
233
  key=key.name,
227
234
  redirect_uris=[
228
235
  "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
@@ -231,7 +238,9 @@ def get_oidc_openid_config(name: Optional[str] = None,
231
238
  ],
232
239
  id_token_ttl=2400,
233
240
  access_token_ttl=7200)
234
- provider = vault.identity.OidcProvider("provider", allowed_client_ids=[vault_identity_oidc_client["test"]["client_id"]])
241
+ provider = vault.identity.OidcProvider("provider",
242
+ name="provider",
243
+ allowed_client_ids=[test["clientId"]])
235
244
  config = vault.identity.get_oidc_openid_config_output(name=provider.name)
236
245
  ```
237
246
 
@@ -239,7 +248,7 @@ def get_oidc_openid_config(name: Optional[str] = None,
239
248
  :param str name: The name of the OIDC Provider in Vault.
240
249
  :param str namespace: The namespace of the target resource.
241
250
  The value should not contain leading or trailing forward slashes.
242
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
251
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
243
252
  *Available only for Vault Enterprise*.
244
253
  """
245
254
  __args__ = dict()
@@ -264,12 +273,9 @@ def get_oidc_openid_config(name: Optional[str] = None,
264
273
  token_endpoint=pulumi.get(__ret__, 'token_endpoint'),
265
274
  token_endpoint_auth_methods_supporteds=pulumi.get(__ret__, 'token_endpoint_auth_methods_supporteds'),
266
275
  userinfo_endpoint=pulumi.get(__ret__, 'userinfo_endpoint'))
267
-
268
-
269
- @_utilities.lift_output_func(get_oidc_openid_config)
270
276
  def get_oidc_openid_config_output(name: Optional[pulumi.Input[str]] = None,
271
277
  namespace: Optional[pulumi.Input[Optional[str]]] = None,
272
- opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetOidcOpenidConfigResult]:
278
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetOidcOpenidConfigResult]:
273
279
  """
274
280
  ## Example Usage
275
281
 
@@ -278,10 +284,12 @@ def get_oidc_openid_config_output(name: Optional[pulumi.Input[str]] = None,
278
284
  import pulumi_vault as vault
279
285
 
280
286
  key = vault.identity.OidcKey("key",
287
+ name="key",
281
288
  allowed_client_ids=["*"],
282
289
  rotation_period=3600,
283
290
  verification_ttl=3600)
284
291
  app = vault.identity.OidcClient("app",
292
+ name="application",
285
293
  key=key.name,
286
294
  redirect_uris=[
287
295
  "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
@@ -290,7 +298,9 @@ def get_oidc_openid_config_output(name: Optional[pulumi.Input[str]] = None,
290
298
  ],
291
299
  id_token_ttl=2400,
292
300
  access_token_ttl=7200)
293
- provider = vault.identity.OidcProvider("provider", allowed_client_ids=[vault_identity_oidc_client["test"]["client_id"]])
301
+ provider = vault.identity.OidcProvider("provider",
302
+ name="provider",
303
+ allowed_client_ids=[test["clientId"]])
294
304
  config = vault.identity.get_oidc_openid_config_output(name=provider.name)
295
305
  ```
296
306
 
@@ -298,7 +308,27 @@ def get_oidc_openid_config_output(name: Optional[pulumi.Input[str]] = None,
298
308
  :param str name: The name of the OIDC Provider in Vault.
299
309
  :param str namespace: The namespace of the target resource.
300
310
  The value should not contain leading or trailing forward slashes.
301
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
311
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
302
312
  *Available only for Vault Enterprise*.
303
313
  """
304
- ...
314
+ __args__ = dict()
315
+ __args__['name'] = name
316
+ __args__['namespace'] = namespace
317
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
318
+ __ret__ = pulumi.runtime.invoke_output('vault:identity/getOidcOpenidConfig:getOidcOpenidConfig', __args__, opts=opts, typ=GetOidcOpenidConfigResult)
319
+ return __ret__.apply(lambda __response__: GetOidcOpenidConfigResult(
320
+ authorization_endpoint=pulumi.get(__response__, 'authorization_endpoint'),
321
+ grant_types_supporteds=pulumi.get(__response__, 'grant_types_supporteds'),
322
+ id=pulumi.get(__response__, 'id'),
323
+ id_token_signing_alg_values_supporteds=pulumi.get(__response__, 'id_token_signing_alg_values_supporteds'),
324
+ issuer=pulumi.get(__response__, 'issuer'),
325
+ jwks_uri=pulumi.get(__response__, 'jwks_uri'),
326
+ name=pulumi.get(__response__, 'name'),
327
+ namespace=pulumi.get(__response__, 'namespace'),
328
+ request_uri_parameter_supported=pulumi.get(__response__, 'request_uri_parameter_supported'),
329
+ response_types_supporteds=pulumi.get(__response__, 'response_types_supporteds'),
330
+ scopes_supporteds=pulumi.get(__response__, 'scopes_supporteds'),
331
+ subject_types_supporteds=pulumi.get(__response__, 'subject_types_supporteds'),
332
+ token_endpoint=pulumi.get(__response__, 'token_endpoint'),
333
+ token_endpoint_auth_methods_supporteds=pulumi.get(__response__, 'token_endpoint_auth_methods_supporteds'),
334
+ userinfo_endpoint=pulumi.get(__response__, 'userinfo_endpoint')))
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -45,7 +50,7 @@ class GetOidcPublicKeysResult:
45
50
 
46
51
  @property
47
52
  @pulumi.getter
48
- def keys(self) -> Sequence[Mapping[str, Any]]:
53
+ def keys(self) -> Sequence[Mapping[str, str]]:
49
54
  """
50
55
  The public portion of keys for an OIDC provider.
51
56
  Clients can use them to validate the authenticity of an identity token.
@@ -86,10 +91,12 @@ def get_oidc_public_keys(name: Optional[str] = None,
86
91
  import pulumi_vault as vault
87
92
 
88
93
  key = vault.identity.OidcKey("key",
94
+ name="key",
89
95
  allowed_client_ids=["*"],
90
96
  rotation_period=3600,
91
97
  verification_ttl=3600)
92
98
  app = vault.identity.OidcClient("app",
99
+ name="application",
93
100
  key=key.name,
94
101
  redirect_uris=[
95
102
  "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
@@ -98,7 +105,9 @@ def get_oidc_public_keys(name: Optional[str] = None,
98
105
  ],
99
106
  id_token_ttl=2400,
100
107
  access_token_ttl=7200)
101
- provider = vault.identity.OidcProvider("provider", allowed_client_ids=[vault_identity_oidc_client["test"]["client_id"]])
108
+ provider = vault.identity.OidcProvider("provider",
109
+ name="provider",
110
+ allowed_client_ids=[test["clientId"]])
102
111
  public_keys = vault.identity.get_oidc_public_keys_output(name=provider.name)
103
112
  ```
104
113
 
@@ -106,7 +115,7 @@ def get_oidc_public_keys(name: Optional[str] = None,
106
115
  :param str name: The name of the OIDC Provider in Vault.
107
116
  :param str namespace: The namespace of the target resource.
108
117
  The value should not contain leading or trailing forward slashes.
109
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
118
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
110
119
  *Available only for Vault Enterprise*.
111
120
  """
112
121
  __args__ = dict()
@@ -120,12 +129,9 @@ def get_oidc_public_keys(name: Optional[str] = None,
120
129
  keys=pulumi.get(__ret__, 'keys'),
121
130
  name=pulumi.get(__ret__, 'name'),
122
131
  namespace=pulumi.get(__ret__, 'namespace'))
123
-
124
-
125
- @_utilities.lift_output_func(get_oidc_public_keys)
126
132
  def get_oidc_public_keys_output(name: Optional[pulumi.Input[str]] = None,
127
133
  namespace: Optional[pulumi.Input[Optional[str]]] = None,
128
- opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetOidcPublicKeysResult]:
134
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetOidcPublicKeysResult]:
129
135
  """
130
136
  ## Example Usage
131
137
 
@@ -134,10 +140,12 @@ def get_oidc_public_keys_output(name: Optional[pulumi.Input[str]] = None,
134
140
  import pulumi_vault as vault
135
141
 
136
142
  key = vault.identity.OidcKey("key",
143
+ name="key",
137
144
  allowed_client_ids=["*"],
138
145
  rotation_period=3600,
139
146
  verification_ttl=3600)
140
147
  app = vault.identity.OidcClient("app",
148
+ name="application",
141
149
  key=key.name,
142
150
  redirect_uris=[
143
151
  "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
@@ -146,7 +154,9 @@ def get_oidc_public_keys_output(name: Optional[pulumi.Input[str]] = None,
146
154
  ],
147
155
  id_token_ttl=2400,
148
156
  access_token_ttl=7200)
149
- provider = vault.identity.OidcProvider("provider", allowed_client_ids=[vault_identity_oidc_client["test"]["client_id"]])
157
+ provider = vault.identity.OidcProvider("provider",
158
+ name="provider",
159
+ allowed_client_ids=[test["clientId"]])
150
160
  public_keys = vault.identity.get_oidc_public_keys_output(name=provider.name)
151
161
  ```
152
162
 
@@ -154,7 +164,16 @@ def get_oidc_public_keys_output(name: Optional[pulumi.Input[str]] = None,
154
164
  :param str name: The name of the OIDC Provider in Vault.
155
165
  :param str namespace: The namespace of the target resource.
156
166
  The value should not contain leading or trailing forward slashes.
157
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
167
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
158
168
  *Available only for Vault Enterprise*.
159
169
  """
160
- ...
170
+ __args__ = dict()
171
+ __args__['name'] = name
172
+ __args__['namespace'] = namespace
173
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
174
+ __ret__ = pulumi.runtime.invoke_output('vault:identity/getOidcPublicKeys:getOidcPublicKeys', __args__, opts=opts, typ=GetOidcPublicKeysResult)
175
+ return __ret__.apply(lambda __response__: GetOidcPublicKeysResult(
176
+ id=pulumi.get(__response__, 'id'),
177
+ keys=pulumi.get(__response__, 'keys'),
178
+ name=pulumi.get(__response__, 'name'),
179
+ namespace=pulumi.get(__response__, 'namespace')))
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['GroupArgs', 'Group']
@@ -43,7 +48,7 @@ class GroupArgs:
43
48
  :param pulumi.Input[str] name: Name of the identity group to create.
44
49
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
45
50
  The value should not contain leading or trailing forward slashes.
46
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
51
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
47
52
  *Available only for Vault Enterprise*.
48
53
  :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: A list of policies to apply to the group.
49
54
  :param pulumi.Input[str] type: Type of the group, internal or external. Defaults to `internal`.
@@ -167,7 +172,7 @@ class GroupArgs:
167
172
  """
168
173
  The namespace to provision the resource in.
169
174
  The value should not contain leading or trailing forward slashes.
170
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
175
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
171
176
  *Available only for Vault Enterprise*.
172
177
  """
173
178
  return pulumi.get(self, "namespace")
@@ -233,7 +238,7 @@ class _GroupState:
233
238
  :param pulumi.Input[str] name: Name of the identity group to create.
234
239
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
235
240
  The value should not contain leading or trailing forward slashes.
236
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
241
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
237
242
  *Available only for Vault Enterprise*.
238
243
  :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: A list of policies to apply to the group.
239
244
  :param pulumi.Input[str] type: Type of the group, internal or external. Defaults to `internal`.
@@ -357,7 +362,7 @@ class _GroupState:
357
362
  """
358
363
  The namespace to provision the resource in.
359
364
  The value should not contain leading or trailing forward slashes.
360
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
365
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
361
366
  *Available only for Vault Enterprise*.
362
367
  """
363
368
  return pulumi.get(self, "namespace")
@@ -413,6 +418,7 @@ class Group(pulumi.CustomResource):
413
418
  A group can contain multiple entities as its members. A group can also have subgroups. Policies set on the group is granted to all members of the group. During request time, when the token's entity ID is being evaluated for the policies that it has access to; along with the policies on the entity itself, policies that are inherited due to group memberships are also granted.
414
419
 
415
420
  ## Example Usage
421
+
416
422
  ### Internal Group
417
423
 
418
424
  ```python
@@ -420,15 +426,17 @@ class Group(pulumi.CustomResource):
420
426
  import pulumi_vault as vault
421
427
 
422
428
  internal = vault.identity.Group("internal",
423
- metadata={
424
- "version": "2",
425
- },
429
+ name="internal",
430
+ type="internal",
426
431
  policies=[
427
432
  "dev",
428
433
  "test",
429
434
  ],
430
- type="internal")
435
+ metadata={
436
+ "version": "2",
437
+ })
431
438
  ```
439
+
432
440
  ### External Group
433
441
 
434
442
  ```python
@@ -436,12 +444,14 @@ class Group(pulumi.CustomResource):
436
444
  import pulumi_vault as vault
437
445
 
438
446
  group = vault.identity.Group("group",
447
+ name="external",
448
+ type="external",
449
+ policies=["test"],
439
450
  metadata={
440
451
  "version": "1",
441
- },
442
- policies=["test"],
443
- type="external")
452
+ })
444
453
  ```
454
+
445
455
  ## Caveats
446
456
 
447
457
  It's important to note that Vault identity groups names are *case-insensitive*. For example the following resources would be equivalent.
@@ -452,24 +462,26 @@ class Group(pulumi.CustomResource):
452
462
  import pulumi
453
463
  import pulumi_vault as vault
454
464
 
455
- internal_identity_group_group = vault.identity.Group("internalIdentity/groupGroup",
456
- metadata={
457
- "version": "2",
458
- },
465
+ internal = vault.identity.Group("internal",
466
+ name="internal",
467
+ type="internal",
459
468
  policies=[
460
469
  "dev",
461
470
  "test",
462
471
  ],
463
- type="internal")
464
- internal_group = vault.identity.Group("internalGroup",
465
472
  metadata={
466
473
  "version": "2",
467
- },
474
+ })
475
+ internal_group = vault.identity.Group("Internal",
476
+ name="Internal",
477
+ type="internal",
468
478
  policies=[
469
479
  "dev",
470
480
  "test",
471
481
  ],
472
- type="internal")
482
+ metadata={
483
+ "version": "2",
484
+ })
473
485
  ```
474
486
 
475
487
  ## Import
@@ -477,7 +489,7 @@ class Group(pulumi.CustomResource):
477
489
  Identity group can be imported using the `id`, e.g.
478
490
 
479
491
  ```sh
480
- $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3'
492
+ $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3'
481
493
  ```
482
494
 
483
495
  :param str resource_name: The name of the resource.
@@ -499,7 +511,7 @@ class Group(pulumi.CustomResource):
499
511
  :param pulumi.Input[str] name: Name of the identity group to create.
500
512
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
501
513
  The value should not contain leading or trailing forward slashes.
502
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
514
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
503
515
  *Available only for Vault Enterprise*.
504
516
  :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: A list of policies to apply to the group.
505
517
  :param pulumi.Input[str] type: Type of the group, internal or external. Defaults to `internal`.
@@ -516,6 +528,7 @@ class Group(pulumi.CustomResource):
516
528
  A group can contain multiple entities as its members. A group can also have subgroups. Policies set on the group is granted to all members of the group. During request time, when the token's entity ID is being evaluated for the policies that it has access to; along with the policies on the entity itself, policies that are inherited due to group memberships are also granted.
517
529
 
518
530
  ## Example Usage
531
+
519
532
  ### Internal Group
520
533
 
521
534
  ```python
@@ -523,15 +536,17 @@ class Group(pulumi.CustomResource):
523
536
  import pulumi_vault as vault
524
537
 
525
538
  internal = vault.identity.Group("internal",
526
- metadata={
527
- "version": "2",
528
- },
539
+ name="internal",
540
+ type="internal",
529
541
  policies=[
530
542
  "dev",
531
543
  "test",
532
544
  ],
533
- type="internal")
545
+ metadata={
546
+ "version": "2",
547
+ })
534
548
  ```
549
+
535
550
  ### External Group
536
551
 
537
552
  ```python
@@ -539,12 +554,14 @@ class Group(pulumi.CustomResource):
539
554
  import pulumi_vault as vault
540
555
 
541
556
  group = vault.identity.Group("group",
557
+ name="external",
558
+ type="external",
559
+ policies=["test"],
542
560
  metadata={
543
561
  "version": "1",
544
- },
545
- policies=["test"],
546
- type="external")
562
+ })
547
563
  ```
564
+
548
565
  ## Caveats
549
566
 
550
567
  It's important to note that Vault identity groups names are *case-insensitive*. For example the following resources would be equivalent.
@@ -555,24 +572,26 @@ class Group(pulumi.CustomResource):
555
572
  import pulumi
556
573
  import pulumi_vault as vault
557
574
 
558
- internal_identity_group_group = vault.identity.Group("internalIdentity/groupGroup",
559
- metadata={
560
- "version": "2",
561
- },
575
+ internal = vault.identity.Group("internal",
576
+ name="internal",
577
+ type="internal",
562
578
  policies=[
563
579
  "dev",
564
580
  "test",
565
581
  ],
566
- type="internal")
567
- internal_group = vault.identity.Group("internalGroup",
568
582
  metadata={
569
583
  "version": "2",
570
- },
584
+ })
585
+ internal_group = vault.identity.Group("Internal",
586
+ name="Internal",
587
+ type="internal",
571
588
  policies=[
572
589
  "dev",
573
590
  "test",
574
591
  ],
575
- type="internal")
592
+ metadata={
593
+ "version": "2",
594
+ })
576
595
  ```
577
596
 
578
597
  ## Import
@@ -580,7 +599,7 @@ class Group(pulumi.CustomResource):
580
599
  Identity group can be imported using the `id`, e.g.
581
600
 
582
601
  ```sh
583
- $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3'
602
+ $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3'
584
603
  ```
585
604
 
586
605
  :param str resource_name: The name of the resource.
@@ -671,7 +690,7 @@ class Group(pulumi.CustomResource):
671
690
  :param pulumi.Input[str] name: Name of the identity group to create.
672
691
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
673
692
  The value should not contain leading or trailing forward slashes.
674
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
693
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
675
694
  *Available only for Vault Enterprise*.
676
695
  :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: A list of policies to apply to the group.
677
696
  :param pulumi.Input[str] type: Type of the group, internal or external. Defaults to `internal`.
@@ -762,7 +781,7 @@ class Group(pulumi.CustomResource):
762
781
  """
763
782
  The namespace to provision the resource in.
764
783
  The value should not contain leading or trailing forward slashes.
765
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
784
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
766
785
  *Available only for Vault Enterprise*.
767
786
  """
768
787
  return pulumi.get(self, "namespace")
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['GroupAliasArgs', 'GroupAlias']
@@ -25,7 +30,7 @@ class GroupAliasArgs:
25
30
  :param pulumi.Input[str] name: Name of the group alias to create.
26
31
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
27
32
  The value should not contain leading or trailing forward slashes.
28
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
33
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
29
34
  *Available only for Vault Enterprise*.
30
35
  """
31
36
  pulumi.set(__self__, "canonical_id", canonical_id)
@@ -76,7 +81,7 @@ class GroupAliasArgs:
76
81
  """
77
82
  The namespace to provision the resource in.
78
83
  The value should not contain leading or trailing forward slashes.
79
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
84
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
80
85
  *Available only for Vault Enterprise*.
81
86
  """
82
87
  return pulumi.get(self, "namespace")
@@ -100,7 +105,7 @@ class _GroupAliasState:
100
105
  :param pulumi.Input[str] name: Name of the group alias to create.
101
106
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
102
107
  The value should not contain leading or trailing forward slashes.
103
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
108
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
104
109
  *Available only for Vault Enterprise*.
105
110
  """
106
111
  if canonical_id is not None:
@@ -154,7 +159,7 @@ class _GroupAliasState:
154
159
  """
155
160
  The namespace to provision the resource in.
156
161
  The value should not contain leading or trailing forward slashes.
157
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
162
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
158
163
  *Available only for Vault Enterprise*.
159
164
  """
160
165
  return pulumi.get(self, "namespace")
@@ -186,6 +191,7 @@ class GroupAlias(pulumi.CustomResource):
186
191
  import pulumi_vault as vault
187
192
 
188
193
  group = vault.identity.Group("group",
194
+ name="test",
189
195
  type="external",
190
196
  policies=["test"])
191
197
  github = vault.AuthBackend("github",
@@ -205,7 +211,7 @@ class GroupAlias(pulumi.CustomResource):
205
211
  $ pulumi import vault:identity/groupAlias:GroupAlias group-alias id
206
212
  ```
207
213
 
208
- Group aliases can also be imported using the UUID of the alias record, e.g.
214
+ Group aliases can also be imported using the UUID of the alias record, e.g.
209
215
 
210
216
  ```sh
211
217
  $ pulumi import vault:identity/groupAlias:GroupAlias alias_name 63104e20-88e4-11eb-8d04-cf7ac9d60157
@@ -218,7 +224,7 @@ class GroupAlias(pulumi.CustomResource):
218
224
  :param pulumi.Input[str] name: Name of the group alias to create.
219
225
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
220
226
  The value should not contain leading or trailing forward slashes.
221
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
227
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
222
228
  *Available only for Vault Enterprise*.
223
229
  """
224
230
  ...
@@ -239,6 +245,7 @@ class GroupAlias(pulumi.CustomResource):
239
245
  import pulumi_vault as vault
240
246
 
241
247
  group = vault.identity.Group("group",
248
+ name="test",
242
249
  type="external",
243
250
  policies=["test"])
244
251
  github = vault.AuthBackend("github",
@@ -258,7 +265,7 @@ class GroupAlias(pulumi.CustomResource):
258
265
  $ pulumi import vault:identity/groupAlias:GroupAlias group-alias id
259
266
  ```
260
267
 
261
- Group aliases can also be imported using the UUID of the alias record, e.g.
268
+ Group aliases can also be imported using the UUID of the alias record, e.g.
262
269
 
263
270
  ```sh
264
271
  $ pulumi import vault:identity/groupAlias:GroupAlias alias_name 63104e20-88e4-11eb-8d04-cf7ac9d60157
@@ -328,7 +335,7 @@ class GroupAlias(pulumi.CustomResource):
328
335
  :param pulumi.Input[str] name: Name of the group alias to create.
329
336
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
330
337
  The value should not contain leading or trailing forward slashes.
331
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
338
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
332
339
  *Available only for Vault Enterprise*.
333
340
  """
334
341
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -371,7 +378,7 @@ class GroupAlias(pulumi.CustomResource):
371
378
  """
372
379
  The namespace to provision the resource in.
373
380
  The value should not contain leading or trailing forward slashes.
374
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
381
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
375
382
  *Available only for Vault Enterprise*.
376
383
  """
377
384
  return pulumi.get(self, "namespace")