pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

pulumi_vault/kv/secret_v2.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 from . import outputs
 from ._inputs import *
@@ -24,7 +29,7 @@ class SecretV2Args:
                  disable_read: Optional[pulumi.Input[bool]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
-                 options: Optional[pulumi.Input[Mapping[str, Any]]] = None):
+                 options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None):
         """
         The set of arguments for constructing a SecretV2 resource.
         :param pulumi.Input[str] data_json: JSON-encoded string that will be
@@ -47,9 +52,9 @@ class SecretV2Args:
                the name is `foo/bar/baz`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Mapping[str, Any]] options: An object that holds option settings.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
         """
         pulumi.set(__self__, "data_json", data_json)
         pulumi.set(__self__, "mount", mount)
@@ -169,7 +174,7 @@ class SecretV2Args:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -180,14 +185,14 @@ class SecretV2Args:
 
     @property
     @pulumi.getter
-    def options(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         An object that holds option settings.
         """
         return pulumi.get(self, "options")
 
     @options.setter
-    def options(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "options", value)
 
 
@@ -196,15 +201,15 @@ class _SecretV2State:
     def __init__(__self__, *,
                  cas: Optional[pulumi.Input[int]] = None,
                  custom_metadata: Optional[pulumi.Input['SecretV2CustomMetadataArgs']] = None,
-                 data: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  data_json: Optional[pulumi.Input[str]] = None,
                  delete_all_versions: Optional[pulumi.Input[bool]] = None,
                  disable_read: Optional[pulumi.Input[bool]] = None,
-                 metadata: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  mount: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
-                 options: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  path: Optional[pulumi.Input[str]] = None):
         """
         Input properties used for looking up and filtering SecretV2 resources.
@@ -215,7 +220,7 @@ class _SecretV2State:
         :param pulumi.Input['SecretV2CustomMetadataArgs'] custom_metadata: A nested block that allows configuring metadata for the
                KV secret. Refer to the
                Configuration Options for more info.
-        :param pulumi.Input[Mapping[str, Any]] data: A mapping whose keys are the top-level data keys returned from
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
                Vault and whose values are the corresponding values. This map can only
                represent string data, so any non-string values returned from Vault are
                serialized as JSON.
@@ -225,7 +230,7 @@ class _SecretV2State:
                versions for the specified key.
         :param pulumi.Input[bool] disable_read: If set to true, disables reading secret from Vault;
                note: drift won't be detected.
-        :param pulumi.Input[Mapping[str, Any]] metadata: Metadata associated with this secret read from Vault.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] metadata: Metadata associated with this secret read from Vault.
         :param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
         :param pulumi.Input[str] name: Full name of the secret. For a nested secret
                the name is the nested path excluding the mount and data
@@ -233,9 +238,9 @@ class _SecretV2State:
                the name is `foo/bar/baz`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Mapping[str, Any]] options: An object that holds option settings.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
         :param pulumi.Input[str] path: Full path where the KV-V2 secret will be written.
         """
         if cas is not None:
@@ -294,7 +299,7 @@ class _SecretV2State:
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         A mapping whose keys are the top-level data keys returned from
         Vault and whose values are the corresponding values. This map can only
@@ -304,7 +309,7 @@ class _SecretV2State:
         return pulumi.get(self, "data")
 
     @data.setter
-    def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "data", value)
 
     @property
@@ -348,14 +353,14 @@ class _SecretV2State:
 
     @property
     @pulumi.getter
-    def metadata(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def metadata(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         Metadata associated with this secret read from Vault.
         """
         return pulumi.get(self, "metadata")
 
     @metadata.setter
-    def metadata(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def metadata(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "metadata", value)
 
     @property
@@ -391,7 +396,7 @@ class _SecretV2State:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -402,14 +407,14 @@ class _SecretV2State:
 
     @property
     @pulumi.getter
-    def options(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         An object that holds option settings.
         """
         return pulumi.get(self, "options")
 
     @options.setter
-    def options(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "options", value)
 
     @property
@@ -431,14 +436,14 @@ class SecretV2(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  cas: Optional[pulumi.Input[int]] = None,
-                 custom_metadata: Optional[pulumi.Input[pulumi.InputType['SecretV2CustomMetadataArgs']]] = None,
+                 custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
                  data_json: Optional[pulumi.Input[str]] = None,
                  delete_all_versions: Optional[pulumi.Input[bool]] = None,
                  disable_read: Optional[pulumi.Input[bool]] = None,
                  mount: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
-                 options: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  __props__=None):
         """
         Writes a KV-V2 secret to a given path in Vault.
@@ -462,20 +467,22 @@ class SecretV2(pulumi.CustomResource):
             description="KV Version 2 secret engine mount")
         example = vault.kv.SecretV2("example",
             mount=kvv2.path,
+            name="secret",
             cas=1,
             delete_all_versions=True,
             data_json=json.dumps({
                 "zip": "zap",
                 "foo": "bar",
             }),
-            custom_metadata=vault.kv.SecretV2CustomMetadataArgs(
-                max_versions=5,
-                data={
+            custom_metadata={
+                "max_versions": 5,
+                "data": {
                     "foo": "vault@example.com",
                     "bar": "12345",
                 },
-            ))
+            })
         ```
+
         ## Required Vault Capabilities
 
         Use of this resource requires the `create` or `update` capability
@@ -500,7 +507,7 @@ class SecretV2(pulumi.CustomResource):
         KV-V2 secrets can be imported using the `path`, e.g.
 
         ```sh
-         $ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret
+        $ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret
         ```
 
         :param str resource_name: The name of the resource.
@@ -509,7 +516,7 @@ class SecretV2(pulumi.CustomResource):
                on either the secret or the engine's config. In order for a
                write operation to be successful, cas must be set to the current version
                of the secret.
-        :param pulumi.Input[pulumi.InputType['SecretV2CustomMetadataArgs']] custom_metadata: A nested block that allows configuring metadata for the
+        :param pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']] custom_metadata: A nested block that allows configuring metadata for the
                KV secret. Refer to the
                Configuration Options for more info.
         :param pulumi.Input[str] data_json: JSON-encoded string that will be
@@ -525,9 +532,9 @@ class SecretV2(pulumi.CustomResource):
                the name is `foo/bar/baz`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Mapping[str, Any]] options: An object that holds option settings.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
         """
         ...
     @overload
@@ -557,20 +564,22 @@ class SecretV2(pulumi.CustomResource):
             description="KV Version 2 secret engine mount")
         example = vault.kv.SecretV2("example",
             mount=kvv2.path,
+            name="secret",
             cas=1,
             delete_all_versions=True,
             data_json=json.dumps({
                 "zip": "zap",
                 "foo": "bar",
             }),
-            custom_metadata=vault.kv.SecretV2CustomMetadataArgs(
-                max_versions=5,
-                data={
+            custom_metadata={
+                "max_versions": 5,
+                "data": {
                     "foo": "vault@example.com",
                     "bar": "12345",
                 },
-            ))
+            })
         ```
+
         ## Required Vault Capabilities
 
         Use of this resource requires the `create` or `update` capability
@@ -595,7 +604,7 @@ class SecretV2(pulumi.CustomResource):
         KV-V2 secrets can be imported using the `path`, e.g.
 
         ```sh
-         $ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret
+        $ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret
         ```
 
         :param str resource_name: The name of the resource.
@@ -614,14 +623,14 @@ class SecretV2(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  cas: Optional[pulumi.Input[int]] = None,
-                 custom_metadata: Optional[pulumi.Input[pulumi.InputType['SecretV2CustomMetadataArgs']]] = None,
+                 custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
                  data_json: Optional[pulumi.Input[str]] = None,
                  delete_all_versions: Optional[pulumi.Input[bool]] = None,
                  disable_read: Optional[pulumi.Input[bool]] = None,
                  mount: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
-                 options: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -660,16 +669,16 @@ class SecretV2(pulumi.CustomResource):
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
             cas: Optional[pulumi.Input[int]] = None,
-            custom_metadata: Optional[pulumi.Input[pulumi.InputType['SecretV2CustomMetadataArgs']]] = None,
-            data: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+            custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
+            data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
             data_json: Optional[pulumi.Input[str]] = None,
             delete_all_versions: Optional[pulumi.Input[bool]] = None,
             disable_read: Optional[pulumi.Input[bool]] = None,
-            metadata: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+            metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
             mount: Optional[pulumi.Input[str]] = None,
             name: Optional[pulumi.Input[str]] = None,
             namespace: Optional[pulumi.Input[str]] = None,
-            options: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+            options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
             path: Optional[pulumi.Input[str]] = None) -> 'SecretV2':
         """
         Get an existing SecretV2 resource's state with the given name, id, and optional extra
@@ -682,10 +691,10 @@ class SecretV2(pulumi.CustomResource):
                on either the secret or the engine's config. In order for a
                write operation to be successful, cas must be set to the current version
                of the secret.
-        :param pulumi.Input[pulumi.InputType['SecretV2CustomMetadataArgs']] custom_metadata: A nested block that allows configuring metadata for the
+        :param pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']] custom_metadata: A nested block that allows configuring metadata for the
                KV secret. Refer to the
                Configuration Options for more info.
-        :param pulumi.Input[Mapping[str, Any]] data: A mapping whose keys are the top-level data keys returned from
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
                Vault and whose values are the corresponding values. This map can only
                represent string data, so any non-string values returned from Vault are
                serialized as JSON.
@@ -695,7 +704,7 @@ class SecretV2(pulumi.CustomResource):
                versions for the specified key.
         :param pulumi.Input[bool] disable_read: If set to true, disables reading secret from Vault;
                note: drift won't be detected.
-        :param pulumi.Input[Mapping[str, Any]] metadata: Metadata associated with this secret read from Vault.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] metadata: Metadata associated with this secret read from Vault.
         :param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
         :param pulumi.Input[str] name: Full name of the secret. For a nested secret
                the name is the nested path excluding the mount and data
@@ -703,9 +712,9 @@ class SecretV2(pulumi.CustomResource):
                the name is `foo/bar/baz`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Mapping[str, Any]] options: An object that holds option settings.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
         :param pulumi.Input[str] path: Full path where the KV-V2 secret will be written.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -749,7 +758,7 @@ class SecretV2(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def data(self) -> pulumi.Output[Mapping[str, Any]]:
+    def data(self) -> pulumi.Output[Mapping[str, str]]:
         """
         A mapping whose keys are the top-level data keys returned from
         Vault and whose values are the corresponding values. This map can only
@@ -787,7 +796,7 @@ class SecretV2(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def metadata(self) -> pulumi.Output[Mapping[str, Any]]:
+    def metadata(self) -> pulumi.Output[Mapping[str, str]]:
         """
         Metadata associated with this secret read from Vault.
         """
@@ -818,14 +827,14 @@ class SecretV2(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
 
     @property
     @pulumi.getter
-    def options(self) -> pulumi.Output[Optional[Mapping[str, Any]]]:
+    def options(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
         """
         An object that holds option settings.
         """