pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -52,7 +57,7 @@ class GetSecretSubkeysV2Result:
52
57
 
53
58
  @property
54
59
  @pulumi.getter
55
- def data(self) -> Mapping[str, Any]:
60
+ def data(self) -> Mapping[str, str]:
56
61
  """
57
62
  Subkeys for the KV-V2 secret stored as a serialized map of strings.
58
63
  """
@@ -146,8 +151,9 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
146
151
  "version": "2",
147
152
  },
148
153
  description="KV Version 2 secret engine mount")
149
- aws_secret = vault.kv.SecretV2("awsSecret",
154
+ aws_secret = vault.kv.SecretV2("aws_secret",
150
155
  mount=kvv2.path,
156
+ name="aws_secret",
151
157
  data_json=json.dumps({
152
158
  "zip": "zap",
153
159
  "foo": "bar",
@@ -155,6 +161,7 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
155
161
  test = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,
156
162
  name=aws_secret.name)
157
163
  ```
164
+
158
165
  ## Required Vault Capabilities
159
166
 
160
167
  Use of this resource requires the `read` capability on the given path.
@@ -171,7 +178,7 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
171
178
  the name is `foo/bar/baz`.
172
179
  :param str namespace: The namespace of the target resource.
173
180
  The value should not contain leading or trailing forward slashes.
174
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
181
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
175
182
  *Available only for Vault Enterprise*.
176
183
  :param int version: Specifies the version to return. If not
177
184
  set the latest version is returned.
@@ -195,15 +202,12 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
195
202
  namespace=pulumi.get(__ret__, 'namespace'),
196
203
  path=pulumi.get(__ret__, 'path'),
197
204
  version=pulumi.get(__ret__, 'version'))
198
-
199
-
200
- @_utilities.lift_output_func(get_secret_subkeys_v2)
201
205
  def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] = None,
202
206
  mount: Optional[pulumi.Input[str]] = None,
203
207
  name: Optional[pulumi.Input[str]] = None,
204
208
  namespace: Optional[pulumi.Input[Optional[str]]] = None,
205
209
  version: Optional[pulumi.Input[Optional[int]]] = None,
206
- opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretSubkeysV2Result]:
210
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretSubkeysV2Result]:
207
211
  """
208
212
  ## Example Usage
209
213
 
@@ -219,8 +223,9 @@ def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] =
219
223
  "version": "2",
220
224
  },
221
225
  description="KV Version 2 secret engine mount")
222
- aws_secret = vault.kv.SecretV2("awsSecret",
226
+ aws_secret = vault.kv.SecretV2("aws_secret",
223
227
  mount=kvv2.path,
228
+ name="aws_secret",
224
229
  data_json=json.dumps({
225
230
  "zip": "zap",
226
231
  "foo": "bar",
@@ -228,6 +233,7 @@ def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] =
228
233
  test = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,
229
234
  name=aws_secret.name)
230
235
  ```
236
+
231
237
  ## Required Vault Capabilities
232
238
 
233
239
  Use of this resource requires the `read` capability on the given path.
@@ -244,9 +250,26 @@ def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] =
244
250
  the name is `foo/bar/baz`.
245
251
  :param str namespace: The namespace of the target resource.
246
252
  The value should not contain leading or trailing forward slashes.
247
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
253
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
248
254
  *Available only for Vault Enterprise*.
249
255
  :param int version: Specifies the version to return. If not
250
256
  set the latest version is returned.
251
257
  """
252
- ...
258
+ __args__ = dict()
259
+ __args__['depth'] = depth
260
+ __args__['mount'] = mount
261
+ __args__['name'] = name
262
+ __args__['namespace'] = namespace
263
+ __args__['version'] = version
264
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
265
+ __ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretSubkeysV2:getSecretSubkeysV2', __args__, opts=opts, typ=GetSecretSubkeysV2Result)
266
+ return __ret__.apply(lambda __response__: GetSecretSubkeysV2Result(
267
+ data=pulumi.get(__response__, 'data'),
268
+ data_json=pulumi.get(__response__, 'data_json'),
269
+ depth=pulumi.get(__response__, 'depth'),
270
+ id=pulumi.get(__response__, 'id'),
271
+ mount=pulumi.get(__response__, 'mount'),
272
+ name=pulumi.get(__response__, 'name'),
273
+ namespace=pulumi.get(__response__, 'namespace'),
274
+ path=pulumi.get(__response__, 'path'),
275
+ version=pulumi.get(__response__, 'version')))
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -69,7 +74,7 @@ class GetSecretV2Result:
69
74
 
70
75
  @property
71
76
  @pulumi.getter(name="customMetadata")
72
- def custom_metadata(self) -> Mapping[str, Any]:
77
+ def custom_metadata(self) -> Mapping[str, str]:
73
78
  """
74
79
  Custom metadata for the secret.
75
80
  """
@@ -77,7 +82,7 @@ class GetSecretV2Result:
77
82
 
78
83
  @property
79
84
  @pulumi.getter
80
- def data(self) -> Mapping[str, Any]:
85
+ def data(self) -> Mapping[str, str]:
81
86
  """
82
87
  A mapping whose keys are the top-level data keys returned from
83
88
  Vault and whose values are the corresponding values. This map can only
@@ -145,6 +150,9 @@ class GetSecretV2Result:
145
150
  @property
146
151
  @pulumi.getter
147
152
  def version(self) -> Optional[int]:
153
+ """
154
+ Version of the secret.
155
+ """
148
156
  return pulumi.get(self, "version")
149
157
 
150
158
 
@@ -174,6 +182,32 @@ def get_secret_v2(mount: Optional[str] = None,
174
182
  version: Optional[int] = None,
175
183
  opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSecretV2Result:
176
184
  """
185
+ ## Example Usage
186
+
187
+ ```python
188
+ import pulumi
189
+ import json
190
+ import pulumi_vault as vault
191
+
192
+ kvv2 = vault.Mount("kvv2",
193
+ path="kvv2",
194
+ type="kv",
195
+ options={
196
+ "version": "2",
197
+ },
198
+ description="KV Version 2 secret engine mount")
199
+ example_secret_v2 = vault.kv.SecretV2("example",
200
+ mount=kvv2.path,
201
+ name="secret",
202
+ delete_all_versions=True,
203
+ data_json=json.dumps({
204
+ "zip": "zap",
205
+ "foo": "bar",
206
+ }))
207
+ example = vault.kv.get_secret_v2_output(mount=kvv2.path,
208
+ name=example_secret_v2.name)
209
+ ```
210
+
177
211
  ## Required Vault Capabilities
178
212
 
179
213
  Use of this resource requires the `read` capability on the given path.
@@ -186,7 +220,7 @@ def get_secret_v2(mount: Optional[str] = None,
186
220
  the name is `foo/bar/baz`.
187
221
  :param str namespace: The namespace of the target resource.
188
222
  The value should not contain leading or trailing forward slashes.
189
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
223
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
190
224
  *Available only for Vault Enterprise*.
191
225
  :param int version: Version of the secret to retrieve.
192
226
  """
@@ -211,15 +245,38 @@ def get_secret_v2(mount: Optional[str] = None,
211
245
  namespace=pulumi.get(__ret__, 'namespace'),
212
246
  path=pulumi.get(__ret__, 'path'),
213
247
  version=pulumi.get(__ret__, 'version'))
214
-
215
-
216
- @_utilities.lift_output_func(get_secret_v2)
217
248
  def get_secret_v2_output(mount: Optional[pulumi.Input[str]] = None,
218
249
  name: Optional[pulumi.Input[str]] = None,
219
250
  namespace: Optional[pulumi.Input[Optional[str]]] = None,
220
251
  version: Optional[pulumi.Input[Optional[int]]] = None,
221
- opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretV2Result]:
252
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretV2Result]:
222
253
  """
254
+ ## Example Usage
255
+
256
+ ```python
257
+ import pulumi
258
+ import json
259
+ import pulumi_vault as vault
260
+
261
+ kvv2 = vault.Mount("kvv2",
262
+ path="kvv2",
263
+ type="kv",
264
+ options={
265
+ "version": "2",
266
+ },
267
+ description="KV Version 2 secret engine mount")
268
+ example_secret_v2 = vault.kv.SecretV2("example",
269
+ mount=kvv2.path,
270
+ name="secret",
271
+ delete_all_versions=True,
272
+ data_json=json.dumps({
273
+ "zip": "zap",
274
+ "foo": "bar",
275
+ }))
276
+ example = vault.kv.get_secret_v2_output(mount=kvv2.path,
277
+ name=example_secret_v2.name)
278
+ ```
279
+
223
280
  ## Required Vault Capabilities
224
281
 
225
282
  Use of this resource requires the `read` capability on the given path.
@@ -232,8 +289,27 @@ def get_secret_v2_output(mount: Optional[pulumi.Input[str]] = None,
232
289
  the name is `foo/bar/baz`.
233
290
  :param str namespace: The namespace of the target resource.
234
291
  The value should not contain leading or trailing forward slashes.
235
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
292
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
236
293
  *Available only for Vault Enterprise*.
237
294
  :param int version: Version of the secret to retrieve.
238
295
  """
239
- ...
296
+ __args__ = dict()
297
+ __args__['mount'] = mount
298
+ __args__['name'] = name
299
+ __args__['namespace'] = namespace
300
+ __args__['version'] = version
301
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
302
+ __ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretV2:getSecretV2', __args__, opts=opts, typ=GetSecretV2Result)
303
+ return __ret__.apply(lambda __response__: GetSecretV2Result(
304
+ created_time=pulumi.get(__response__, 'created_time'),
305
+ custom_metadata=pulumi.get(__response__, 'custom_metadata'),
306
+ data=pulumi.get(__response__, 'data'),
307
+ data_json=pulumi.get(__response__, 'data_json'),
308
+ deletion_time=pulumi.get(__response__, 'deletion_time'),
309
+ destroyed=pulumi.get(__response__, 'destroyed'),
310
+ id=pulumi.get(__response__, 'id'),
311
+ mount=pulumi.get(__response__, 'mount'),
312
+ name=pulumi.get(__response__, 'name'),
313
+ namespace=pulumi.get(__response__, 'namespace'),
314
+ path=pulumi.get(__response__, 'path'),
315
+ version=pulumi.get(__response__, 'version')))
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -92,18 +97,19 @@ def get_secrets_list(namespace: Optional[str] = None,
92
97
  "version": "1",
93
98
  },
94
99
  description="KV Version 1 secret engine mount")
95
- aws_secret = vault.kv.Secret("awsSecret",
100
+ aws_secret = vault.kv.Secret("aws_secret",
96
101
  path=kvv1.path.apply(lambda path: f"{path}/aws-secret"),
97
102
  data_json=json.dumps({
98
103
  "zip": "zap",
99
104
  }))
100
- azure_secret = vault.kv.Secret("azureSecret",
105
+ azure_secret = vault.kv.Secret("azure_secret",
101
106
  path=kvv1.path.apply(lambda path: f"{path}/azure-secret"),
102
107
  data_json=json.dumps({
103
108
  "foo": "bar",
104
109
  }))
105
110
  secrets = vault.kv.get_secrets_list_output(path=kvv1.path)
106
111
  ```
112
+
107
113
  ## Required Vault Capabilities
108
114
 
109
115
  Use of this resource requires the `read` capability on the given path.
@@ -111,7 +117,7 @@ def get_secrets_list(namespace: Optional[str] = None,
111
117
 
112
118
  :param str namespace: The namespace of the target resource.
113
119
  The value should not contain leading or trailing forward slashes.
114
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
120
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
115
121
  *Available only for Vault Enterprise*.
116
122
  :param str path: Full KV-V1 path where secrets will be listed.
117
123
  """
@@ -126,12 +132,9 @@ def get_secrets_list(namespace: Optional[str] = None,
126
132
  names=pulumi.get(__ret__, 'names'),
127
133
  namespace=pulumi.get(__ret__, 'namespace'),
128
134
  path=pulumi.get(__ret__, 'path'))
129
-
130
-
131
- @_utilities.lift_output_func(get_secrets_list)
132
135
  def get_secrets_list_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
133
136
  path: Optional[pulumi.Input[str]] = None,
134
- opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretsListResult]:
137
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretsListResult]:
135
138
  """
136
139
  ## Example Usage
137
140
 
@@ -147,18 +150,19 @@ def get_secrets_list_output(namespace: Optional[pulumi.Input[Optional[str]]] = N
147
150
  "version": "1",
148
151
  },
149
152
  description="KV Version 1 secret engine mount")
150
- aws_secret = vault.kv.Secret("awsSecret",
153
+ aws_secret = vault.kv.Secret("aws_secret",
151
154
  path=kvv1.path.apply(lambda path: f"{path}/aws-secret"),
152
155
  data_json=json.dumps({
153
156
  "zip": "zap",
154
157
  }))
155
- azure_secret = vault.kv.Secret("azureSecret",
158
+ azure_secret = vault.kv.Secret("azure_secret",
156
159
  path=kvv1.path.apply(lambda path: f"{path}/azure-secret"),
157
160
  data_json=json.dumps({
158
161
  "foo": "bar",
159
162
  }))
160
163
  secrets = vault.kv.get_secrets_list_output(path=kvv1.path)
161
164
  ```
165
+
162
166
  ## Required Vault Capabilities
163
167
 
164
168
  Use of this resource requires the `read` capability on the given path.
@@ -166,8 +170,17 @@ def get_secrets_list_output(namespace: Optional[pulumi.Input[Optional[str]]] = N
166
170
 
167
171
  :param str namespace: The namespace of the target resource.
168
172
  The value should not contain leading or trailing forward slashes.
169
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
173
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
170
174
  *Available only for Vault Enterprise*.
171
175
  :param str path: Full KV-V1 path where secrets will be listed.
172
176
  """
173
- ...
177
+ __args__ = dict()
178
+ __args__['namespace'] = namespace
179
+ __args__['path'] = path
180
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
181
+ __ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretsList:getSecretsList', __args__, opts=opts, typ=GetSecretsListResult)
182
+ return __ret__.apply(lambda __response__: GetSecretsListResult(
183
+ id=pulumi.get(__response__, 'id'),
184
+ names=pulumi.get(__response__, 'names'),
185
+ namespace=pulumi.get(__response__, 'namespace'),
186
+ path=pulumi.get(__response__, 'path')))
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -114,25 +119,29 @@ def get_secrets_list_v2(mount: Optional[str] = None,
114
119
  "version": "2",
115
120
  },
116
121
  description="KV Version 2 secret engine mount")
117
- aws_secret = vault.kv.SecretV2("awsSecret",
122
+ aws_secret = vault.kv.SecretV2("aws_secret",
118
123
  mount=kvv2.path,
124
+ name="aws_secret",
119
125
  data_json=json.dumps({
120
126
  "zip": "zap",
121
127
  }))
122
- azure_secret = vault.kv.SecretV2("azureSecret",
128
+ azure_secret = vault.kv.SecretV2("azure_secret",
123
129
  mount=kvv2.path,
130
+ name="azure_secret",
124
131
  data_json=json.dumps({
125
132
  "foo": "bar",
126
133
  }))
127
- nested_secret = vault.kv.SecretV2("nestedSecret",
134
+ nested_secret = vault.kv.SecretV2("nested_secret",
128
135
  mount=kvv2.path,
136
+ name=azure_secret.name.apply(lambda name: f"{name}/dev"),
129
137
  data_json=json.dumps({
130
138
  "password": "test",
131
139
  }))
132
140
  secrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)
133
141
  nested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,
134
- name=vault_kv_secret_v2["test_2"]["name"]))
142
+ name=test2["name"]))
135
143
  ```
144
+
136
145
  ## Required Vault Capabilities
137
146
 
138
147
  Use of this resource requires the `read` capability on the given path.
@@ -145,7 +154,7 @@ def get_secrets_list_v2(mount: Optional[str] = None,
145
154
  the name is `foo/bar/baz`.
146
155
  :param str namespace: The namespace of the target resource.
147
156
  The value should not contain leading or trailing forward slashes.
148
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
157
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
149
158
  *Available only for Vault Enterprise*.
150
159
  """
151
160
  __args__ = dict()
@@ -162,13 +171,10 @@ def get_secrets_list_v2(mount: Optional[str] = None,
162
171
  names=pulumi.get(__ret__, 'names'),
163
172
  namespace=pulumi.get(__ret__, 'namespace'),
164
173
  path=pulumi.get(__ret__, 'path'))
165
-
166
-
167
- @_utilities.lift_output_func(get_secrets_list_v2)
168
174
  def get_secrets_list_v2_output(mount: Optional[pulumi.Input[str]] = None,
169
175
  name: Optional[pulumi.Input[Optional[str]]] = None,
170
176
  namespace: Optional[pulumi.Input[Optional[str]]] = None,
171
- opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretsListV2Result]:
177
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretsListV2Result]:
172
178
  """
173
179
  ## Example Usage
174
180
 
@@ -184,25 +190,29 @@ def get_secrets_list_v2_output(mount: Optional[pulumi.Input[str]] = None,
184
190
  "version": "2",
185
191
  },
186
192
  description="KV Version 2 secret engine mount")
187
- aws_secret = vault.kv.SecretV2("awsSecret",
193
+ aws_secret = vault.kv.SecretV2("aws_secret",
188
194
  mount=kvv2.path,
195
+ name="aws_secret",
189
196
  data_json=json.dumps({
190
197
  "zip": "zap",
191
198
  }))
192
- azure_secret = vault.kv.SecretV2("azureSecret",
199
+ azure_secret = vault.kv.SecretV2("azure_secret",
193
200
  mount=kvv2.path,
201
+ name="azure_secret",
194
202
  data_json=json.dumps({
195
203
  "foo": "bar",
196
204
  }))
197
- nested_secret = vault.kv.SecretV2("nestedSecret",
205
+ nested_secret = vault.kv.SecretV2("nested_secret",
198
206
  mount=kvv2.path,
207
+ name=azure_secret.name.apply(lambda name: f"{name}/dev"),
199
208
  data_json=json.dumps({
200
209
  "password": "test",
201
210
  }))
202
211
  secrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)
203
212
  nested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,
204
- name=vault_kv_secret_v2["test_2"]["name"]))
213
+ name=test2["name"]))
205
214
  ```
215
+
206
216
  ## Required Vault Capabilities
207
217
 
208
218
  Use of this resource requires the `read` capability on the given path.
@@ -215,7 +225,19 @@ def get_secrets_list_v2_output(mount: Optional[pulumi.Input[str]] = None,
215
225
  the name is `foo/bar/baz`.
216
226
  :param str namespace: The namespace of the target resource.
217
227
  The value should not contain leading or trailing forward slashes.
218
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
228
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
219
229
  *Available only for Vault Enterprise*.
220
230
  """
221
- ...
231
+ __args__ = dict()
232
+ __args__['mount'] = mount
233
+ __args__['name'] = name
234
+ __args__['namespace'] = namespace
235
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
236
+ __ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretsListV2:getSecretsListV2', __args__, opts=opts, typ=GetSecretsListV2Result)
237
+ return __ret__.apply(lambda __response__: GetSecretsListV2Result(
238
+ id=pulumi.get(__response__, 'id'),
239
+ mount=pulumi.get(__response__, 'mount'),
240
+ name=pulumi.get(__response__, 'name'),
241
+ names=pulumi.get(__response__, 'names'),
242
+ namespace=pulumi.get(__response__, 'namespace'),
243
+ path=pulumi.get(__response__, 'path')))
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -38,12 +43,12 @@ class SecretV2CustomMetadata(dict):
38
43
 
39
44
  def __init__(__self__, *,
40
45
  cas_required: Optional[bool] = None,
41
- data: Optional[Mapping[str, Any]] = None,
46
+ data: Optional[Mapping[str, str]] = None,
42
47
  delete_version_after: Optional[int] = None,
43
48
  max_versions: Optional[int] = None):
44
49
  """
45
50
  :param bool cas_required: If true, all keys will require the cas parameter to be set on all write requests.
46
- :param Mapping[str, Any] data: A mapping whose keys are the top-level data keys returned from
51
+ :param Mapping[str, str] data: A mapping whose keys are the top-level data keys returned from
47
52
  Vault and whose values are the corresponding values. This map can only
48
53
  represent string data, so any non-string values returned from Vault are
49
54
  serialized as JSON.
@@ -69,7 +74,7 @@ class SecretV2CustomMetadata(dict):
69
74
 
70
75
  @property
71
76
  @pulumi.getter
72
- def data(self) -> Optional[Mapping[str, Any]]:
77
+ def data(self) -> Optional[Mapping[str, str]]:
73
78
  """
74
79
  A mapping whose keys are the top-level data keys returned from
75
80
  Vault and whose values are the corresponding values. This map can only