pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +26 -9
- pulumi_vault/ad/secret_backend.py +16 -142
- pulumi_vault/ad/secret_library.py +16 -9
- pulumi_vault/ad/secret_role.py +14 -9
- pulumi_vault/alicloud/auth_backend_role.py +76 -190
- pulumi_vault/approle/auth_backend_login.py +12 -7
- pulumi_vault/approle/auth_backend_role.py +77 -191
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
- pulumi_vault/audit.py +30 -21
- pulumi_vault/audit_request_header.py +11 -2
- pulumi_vault/auth_backend.py +66 -14
- pulumi_vault/aws/auth_backend_cert.py +18 -9
- pulumi_vault/aws/auth_backend_client.py +267 -22
- pulumi_vault/aws/auth_backend_config_identity.py +14 -9
- pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +77 -191
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
- pulumi_vault/aws/auth_backend_sts_role.py +14 -9
- pulumi_vault/aws/get_access_credentials.py +38 -9
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +77 -9
- pulumi_vault/aws/secret_backend_role.py +185 -9
- pulumi_vault/aws/secret_backend_static_role.py +20 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +153 -15
- pulumi_vault/azure/auth_backend_role.py +77 -191
- pulumi_vault/azure/backend.py +227 -21
- pulumi_vault/azure/backend_role.py +42 -37
- pulumi_vault/azure/get_access_credentials.py +41 -7
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -267
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +28 -19
- pulumi_vault/consul/secret_backend_role.py +18 -78
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +119 -112
- pulumi_vault/database/secret_backend_role.py +31 -22
- pulumi_vault/database/secret_backend_static_role.py +87 -13
- pulumi_vault/database/secrets_mount.py +427 -136
- pulumi_vault/egp_policy.py +16 -11
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +250 -33
- pulumi_vault/gcp/auth_backend_role.py +77 -269
- pulumi_vault/gcp/get_auth_backend_role.py +43 -5
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -12
- pulumi_vault/gcp/secret_impersonated_account.py +76 -15
- pulumi_vault/gcp/secret_roleset.py +31 -24
- pulumi_vault/gcp/secret_static_account.py +39 -32
- pulumi_vault/generic/endpoint.py +24 -17
- pulumi_vault/generic/get_secret.py +64 -8
- pulumi_vault/generic/secret.py +21 -16
- pulumi_vault/get_auth_backend.py +24 -7
- pulumi_vault/get_auth_backends.py +51 -9
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -11
- pulumi_vault/get_policy_document.py +34 -19
- pulumi_vault/get_raft_autopilot_state.py +29 -10
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +19 -14
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +16 -11
- pulumi_vault/github/user.py +16 -11
- pulumi_vault/identity/entity.py +20 -13
- pulumi_vault/identity/entity_alias.py +20 -13
- pulumi_vault/identity/entity_policies.py +28 -11
- pulumi_vault/identity/get_entity.py +42 -10
- pulumi_vault/identity/get_group.py +47 -9
- pulumi_vault/identity/get_oidc_client_creds.py +21 -7
- pulumi_vault/identity/get_oidc_openid_config.py +39 -9
- pulumi_vault/identity/get_oidc_public_keys.py +29 -10
- pulumi_vault/identity/group.py +58 -39
- pulumi_vault/identity/group_alias.py +16 -9
- pulumi_vault/identity/group_member_entity_ids.py +28 -66
- pulumi_vault/identity/group_member_group_ids.py +40 -19
- pulumi_vault/identity/group_policies.py +20 -7
- pulumi_vault/identity/mfa_duo.py +11 -6
- pulumi_vault/identity/mfa_login_enforcement.py +15 -6
- pulumi_vault/identity/mfa_okta.py +11 -6
- pulumi_vault/identity/mfa_pingid.py +7 -2
- pulumi_vault/identity/mfa_totp.py +7 -2
- pulumi_vault/identity/oidc.py +12 -7
- pulumi_vault/identity/oidc_assignment.py +24 -11
- pulumi_vault/identity/oidc_client.py +36 -23
- pulumi_vault/identity/oidc_key.py +30 -17
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
- pulumi_vault/identity/oidc_provider.py +36 -21
- pulumi_vault/identity/oidc_role.py +42 -21
- pulumi_vault/identity/oidc_scope.py +20 -13
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +45 -40
- pulumi_vault/jwt/auth_backend_role.py +133 -254
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +24 -19
- pulumi_vault/kmip/secret_role.py +14 -9
- pulumi_vault/kmip/secret_scope.py +14 -9
- pulumi_vault/kubernetes/auth_backend_config.py +57 -5
- pulumi_vault/kubernetes/auth_backend_role.py +70 -177
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -11
- pulumi_vault/kubernetes/secret_backend.py +316 -27
- pulumi_vault/kubernetes/secret_backend_role.py +137 -46
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +25 -8
- pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
- pulumi_vault/kv/get_secret_v2.py +85 -9
- pulumi_vault/kv/get_secrets_list.py +24 -11
- pulumi_vault/kv/get_secrets_list_v2.py +37 -15
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +23 -16
- pulumi_vault/kv/secret_backend_v2.py +20 -11
- pulumi_vault/kv/secret_v2.py +59 -50
- pulumi_vault/ldap/auth_backend.py +127 -166
- pulumi_vault/ldap/auth_backend_group.py +14 -9
- pulumi_vault/ldap/auth_backend_user.py +14 -9
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +354 -82
- pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
- pulumi_vault/ldap/secret_backend_library_set.py +16 -9
- pulumi_vault/ldap/secret_backend_static_role.py +73 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +29 -57
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +18 -11
- pulumi_vault/mfa_okta.py +18 -11
- pulumi_vault/mfa_pingid.py +18 -11
- pulumi_vault/mfa_totp.py +24 -17
- pulumi_vault/mongodbatlas/secret_backend.py +20 -15
- pulumi_vault/mongodbatlas/secret_role.py +47 -38
- pulumi_vault/mount.py +391 -51
- pulumi_vault/namespace.py +68 -83
- pulumi_vault/nomad_secret_backend.py +18 -13
- pulumi_vault/nomad_secret_role.py +14 -9
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +485 -39
- pulumi_vault/okta/auth_backend_group.py +14 -9
- pulumi_vault/okta/auth_backend_user.py +14 -9
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +20 -13
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
- pulumi_vault/pkisecret/get_backend_key.py +24 -9
- pulumi_vault/pkisecret/get_backend_keys.py +21 -8
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
- pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
- pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
- pulumi_vault/pkisecret/secret_backend_key.py +14 -9
- pulumi_vault/pkisecret/secret_backend_role.py +21 -14
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +14 -9
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +60 -6
- pulumi_vault/quota_rate_limit.py +56 -2
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +18 -13
- pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
- pulumi_vault/raft_autopilot.py +14 -9
- pulumi_vault/raft_snapshot_agent_config.py +129 -224
- pulumi_vault/rgp_policy.py +14 -9
- pulumi_vault/saml/auth_backend.py +22 -17
- pulumi_vault/saml/auth_backend_role.py +92 -197
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -71
- pulumi_vault/secrets/sync_aws_destination.py +242 -27
- pulumi_vault/secrets/sync_azure_destination.py +92 -31
- pulumi_vault/secrets/sync_config.py +9 -4
- pulumi_vault/secrets/sync_gcp_destination.py +158 -25
- pulumi_vault/secrets/sync_gh_destination.py +189 -13
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +74 -13
- pulumi_vault/ssh/_inputs.py +28 -28
- pulumi_vault/ssh/outputs.py +11 -28
- pulumi_vault/ssh/secret_backend_ca.py +108 -9
- pulumi_vault/ssh/secret_backend_role.py +85 -118
- pulumi_vault/terraformcloud/secret_backend.py +7 -54
- pulumi_vault/terraformcloud/secret_creds.py +14 -20
- pulumi_vault/terraformcloud/secret_role.py +16 -74
- pulumi_vault/token.py +28 -23
- pulumi_vault/tokenauth/auth_backend_role.py +78 -199
- pulumi_vault/transform/alphabet.py +16 -9
- pulumi_vault/transform/get_decode.py +45 -17
- pulumi_vault/transform/get_encode.py +45 -17
- pulumi_vault/transform/role.py +16 -9
- pulumi_vault/transform/template.py +30 -21
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -21
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +27 -93
- pulumi_vault/transit/secret_cache_config.py +12 -7
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
pulumi_vault/kv/secret_v2.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
from . import outputs
|
12
17
|
from ._inputs import *
|
@@ -24,7 +29,7 @@ class SecretV2Args:
|
|
24
29
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
25
30
|
name: Optional[pulumi.Input[str]] = None,
|
26
31
|
namespace: Optional[pulumi.Input[str]] = None,
|
27
|
-
options: Optional[pulumi.Input[Mapping[str,
|
32
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None):
|
28
33
|
"""
|
29
34
|
The set of arguments for constructing a SecretV2 resource.
|
30
35
|
:param pulumi.Input[str] data_json: JSON-encoded string that will be
|
@@ -47,9 +52,9 @@ class SecretV2Args:
|
|
47
52
|
the name is `foo/bar/baz`.
|
48
53
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
49
54
|
The value should not contain leading or trailing forward slashes.
|
50
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
55
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
51
56
|
*Available only for Vault Enterprise*.
|
52
|
-
:param pulumi.Input[Mapping[str,
|
57
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
53
58
|
"""
|
54
59
|
pulumi.set(__self__, "data_json", data_json)
|
55
60
|
pulumi.set(__self__, "mount", mount)
|
@@ -169,7 +174,7 @@ class SecretV2Args:
|
|
169
174
|
"""
|
170
175
|
The namespace to provision the resource in.
|
171
176
|
The value should not contain leading or trailing forward slashes.
|
172
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
177
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
173
178
|
*Available only for Vault Enterprise*.
|
174
179
|
"""
|
175
180
|
return pulumi.get(self, "namespace")
|
@@ -180,14 +185,14 @@ class SecretV2Args:
|
|
180
185
|
|
181
186
|
@property
|
182
187
|
@pulumi.getter
|
183
|
-
def options(self) -> Optional[pulumi.Input[Mapping[str,
|
188
|
+
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
184
189
|
"""
|
185
190
|
An object that holds option settings.
|
186
191
|
"""
|
187
192
|
return pulumi.get(self, "options")
|
188
193
|
|
189
194
|
@options.setter
|
190
|
-
def options(self, value: Optional[pulumi.Input[Mapping[str,
|
195
|
+
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
191
196
|
pulumi.set(self, "options", value)
|
192
197
|
|
193
198
|
|
@@ -196,15 +201,15 @@ class _SecretV2State:
|
|
196
201
|
def __init__(__self__, *,
|
197
202
|
cas: Optional[pulumi.Input[int]] = None,
|
198
203
|
custom_metadata: Optional[pulumi.Input['SecretV2CustomMetadataArgs']] = None,
|
199
|
-
data: Optional[pulumi.Input[Mapping[str,
|
204
|
+
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
200
205
|
data_json: Optional[pulumi.Input[str]] = None,
|
201
206
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
202
207
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
203
|
-
metadata: Optional[pulumi.Input[Mapping[str,
|
208
|
+
metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
204
209
|
mount: Optional[pulumi.Input[str]] = None,
|
205
210
|
name: Optional[pulumi.Input[str]] = None,
|
206
211
|
namespace: Optional[pulumi.Input[str]] = None,
|
207
|
-
options: Optional[pulumi.Input[Mapping[str,
|
212
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
208
213
|
path: Optional[pulumi.Input[str]] = None):
|
209
214
|
"""
|
210
215
|
Input properties used for looking up and filtering SecretV2 resources.
|
@@ -215,7 +220,7 @@ class _SecretV2State:
|
|
215
220
|
:param pulumi.Input['SecretV2CustomMetadataArgs'] custom_metadata: A nested block that allows configuring metadata for the
|
216
221
|
KV secret. Refer to the
|
217
222
|
Configuration Options for more info.
|
218
|
-
:param pulumi.Input[Mapping[str,
|
223
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
|
219
224
|
Vault and whose values are the corresponding values. This map can only
|
220
225
|
represent string data, so any non-string values returned from Vault are
|
221
226
|
serialized as JSON.
|
@@ -225,7 +230,7 @@ class _SecretV2State:
|
|
225
230
|
versions for the specified key.
|
226
231
|
:param pulumi.Input[bool] disable_read: If set to true, disables reading secret from Vault;
|
227
232
|
note: drift won't be detected.
|
228
|
-
:param pulumi.Input[Mapping[str,
|
233
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] metadata: Metadata associated with this secret read from Vault.
|
229
234
|
:param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
|
230
235
|
:param pulumi.Input[str] name: Full name of the secret. For a nested secret
|
231
236
|
the name is the nested path excluding the mount and data
|
@@ -233,9 +238,9 @@ class _SecretV2State:
|
|
233
238
|
the name is `foo/bar/baz`.
|
234
239
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
235
240
|
The value should not contain leading or trailing forward slashes.
|
236
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
241
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
237
242
|
*Available only for Vault Enterprise*.
|
238
|
-
:param pulumi.Input[Mapping[str,
|
243
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
239
244
|
:param pulumi.Input[str] path: Full path where the KV-V2 secret will be written.
|
240
245
|
"""
|
241
246
|
if cas is not None:
|
@@ -294,7 +299,7 @@ class _SecretV2State:
|
|
294
299
|
|
295
300
|
@property
|
296
301
|
@pulumi.getter
|
297
|
-
def data(self) -> Optional[pulumi.Input[Mapping[str,
|
302
|
+
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
298
303
|
"""
|
299
304
|
A mapping whose keys are the top-level data keys returned from
|
300
305
|
Vault and whose values are the corresponding values. This map can only
|
@@ -304,7 +309,7 @@ class _SecretV2State:
|
|
304
309
|
return pulumi.get(self, "data")
|
305
310
|
|
306
311
|
@data.setter
|
307
|
-
def data(self, value: Optional[pulumi.Input[Mapping[str,
|
312
|
+
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
308
313
|
pulumi.set(self, "data", value)
|
309
314
|
|
310
315
|
@property
|
@@ -348,14 +353,14 @@ class _SecretV2State:
|
|
348
353
|
|
349
354
|
@property
|
350
355
|
@pulumi.getter
|
351
|
-
def metadata(self) -> Optional[pulumi.Input[Mapping[str,
|
356
|
+
def metadata(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
352
357
|
"""
|
353
358
|
Metadata associated with this secret read from Vault.
|
354
359
|
"""
|
355
360
|
return pulumi.get(self, "metadata")
|
356
361
|
|
357
362
|
@metadata.setter
|
358
|
-
def metadata(self, value: Optional[pulumi.Input[Mapping[str,
|
363
|
+
def metadata(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
359
364
|
pulumi.set(self, "metadata", value)
|
360
365
|
|
361
366
|
@property
|
@@ -391,7 +396,7 @@ class _SecretV2State:
|
|
391
396
|
"""
|
392
397
|
The namespace to provision the resource in.
|
393
398
|
The value should not contain leading or trailing forward slashes.
|
394
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
399
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
395
400
|
*Available only for Vault Enterprise*.
|
396
401
|
"""
|
397
402
|
return pulumi.get(self, "namespace")
|
@@ -402,14 +407,14 @@ class _SecretV2State:
|
|
402
407
|
|
403
408
|
@property
|
404
409
|
@pulumi.getter
|
405
|
-
def options(self) -> Optional[pulumi.Input[Mapping[str,
|
410
|
+
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
406
411
|
"""
|
407
412
|
An object that holds option settings.
|
408
413
|
"""
|
409
414
|
return pulumi.get(self, "options")
|
410
415
|
|
411
416
|
@options.setter
|
412
|
-
def options(self, value: Optional[pulumi.Input[Mapping[str,
|
417
|
+
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
413
418
|
pulumi.set(self, "options", value)
|
414
419
|
|
415
420
|
@property
|
@@ -431,14 +436,14 @@ class SecretV2(pulumi.CustomResource):
|
|
431
436
|
resource_name: str,
|
432
437
|
opts: Optional[pulumi.ResourceOptions] = None,
|
433
438
|
cas: Optional[pulumi.Input[int]] = None,
|
434
|
-
custom_metadata: Optional[pulumi.Input[
|
439
|
+
custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
|
435
440
|
data_json: Optional[pulumi.Input[str]] = None,
|
436
441
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
437
442
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
438
443
|
mount: Optional[pulumi.Input[str]] = None,
|
439
444
|
name: Optional[pulumi.Input[str]] = None,
|
440
445
|
namespace: Optional[pulumi.Input[str]] = None,
|
441
|
-
options: Optional[pulumi.Input[Mapping[str,
|
446
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
442
447
|
__props__=None):
|
443
448
|
"""
|
444
449
|
Writes a KV-V2 secret to a given path in Vault.
|
@@ -462,20 +467,22 @@ class SecretV2(pulumi.CustomResource):
|
|
462
467
|
description="KV Version 2 secret engine mount")
|
463
468
|
example = vault.kv.SecretV2("example",
|
464
469
|
mount=kvv2.path,
|
470
|
+
name="secret",
|
465
471
|
cas=1,
|
466
472
|
delete_all_versions=True,
|
467
473
|
data_json=json.dumps({
|
468
474
|
"zip": "zap",
|
469
475
|
"foo": "bar",
|
470
476
|
}),
|
471
|
-
custom_metadata=
|
472
|
-
max_versions
|
473
|
-
data
|
477
|
+
custom_metadata={
|
478
|
+
"max_versions": 5,
|
479
|
+
"data": {
|
474
480
|
"foo": "vault@example.com",
|
475
481
|
"bar": "12345",
|
476
482
|
},
|
477
|
-
)
|
483
|
+
})
|
478
484
|
```
|
485
|
+
|
479
486
|
## Required Vault Capabilities
|
480
487
|
|
481
488
|
Use of this resource requires the `create` or `update` capability
|
@@ -500,7 +507,7 @@ class SecretV2(pulumi.CustomResource):
|
|
500
507
|
KV-V2 secrets can be imported using the `path`, e.g.
|
501
508
|
|
502
509
|
```sh
|
503
|
-
|
510
|
+
$ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret
|
504
511
|
```
|
505
512
|
|
506
513
|
:param str resource_name: The name of the resource.
|
@@ -509,7 +516,7 @@ class SecretV2(pulumi.CustomResource):
|
|
509
516
|
on either the secret or the engine's config. In order for a
|
510
517
|
write operation to be successful, cas must be set to the current version
|
511
518
|
of the secret.
|
512
|
-
:param pulumi.Input[
|
519
|
+
:param pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']] custom_metadata: A nested block that allows configuring metadata for the
|
513
520
|
KV secret. Refer to the
|
514
521
|
Configuration Options for more info.
|
515
522
|
:param pulumi.Input[str] data_json: JSON-encoded string that will be
|
@@ -525,9 +532,9 @@ class SecretV2(pulumi.CustomResource):
|
|
525
532
|
the name is `foo/bar/baz`.
|
526
533
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
527
534
|
The value should not contain leading or trailing forward slashes.
|
528
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
535
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
529
536
|
*Available only for Vault Enterprise*.
|
530
|
-
:param pulumi.Input[Mapping[str,
|
537
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
531
538
|
"""
|
532
539
|
...
|
533
540
|
@overload
|
@@ -557,20 +564,22 @@ class SecretV2(pulumi.CustomResource):
|
|
557
564
|
description="KV Version 2 secret engine mount")
|
558
565
|
example = vault.kv.SecretV2("example",
|
559
566
|
mount=kvv2.path,
|
567
|
+
name="secret",
|
560
568
|
cas=1,
|
561
569
|
delete_all_versions=True,
|
562
570
|
data_json=json.dumps({
|
563
571
|
"zip": "zap",
|
564
572
|
"foo": "bar",
|
565
573
|
}),
|
566
|
-
custom_metadata=
|
567
|
-
max_versions
|
568
|
-
data
|
574
|
+
custom_metadata={
|
575
|
+
"max_versions": 5,
|
576
|
+
"data": {
|
569
577
|
"foo": "vault@example.com",
|
570
578
|
"bar": "12345",
|
571
579
|
},
|
572
|
-
)
|
580
|
+
})
|
573
581
|
```
|
582
|
+
|
574
583
|
## Required Vault Capabilities
|
575
584
|
|
576
585
|
Use of this resource requires the `create` or `update` capability
|
@@ -595,7 +604,7 @@ class SecretV2(pulumi.CustomResource):
|
|
595
604
|
KV-V2 secrets can be imported using the `path`, e.g.
|
596
605
|
|
597
606
|
```sh
|
598
|
-
|
607
|
+
$ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret
|
599
608
|
```
|
600
609
|
|
601
610
|
:param str resource_name: The name of the resource.
|
@@ -614,14 +623,14 @@ class SecretV2(pulumi.CustomResource):
|
|
614
623
|
resource_name: str,
|
615
624
|
opts: Optional[pulumi.ResourceOptions] = None,
|
616
625
|
cas: Optional[pulumi.Input[int]] = None,
|
617
|
-
custom_metadata: Optional[pulumi.Input[
|
626
|
+
custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
|
618
627
|
data_json: Optional[pulumi.Input[str]] = None,
|
619
628
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
620
629
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
621
630
|
mount: Optional[pulumi.Input[str]] = None,
|
622
631
|
name: Optional[pulumi.Input[str]] = None,
|
623
632
|
namespace: Optional[pulumi.Input[str]] = None,
|
624
|
-
options: Optional[pulumi.Input[Mapping[str,
|
633
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
625
634
|
__props__=None):
|
626
635
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
627
636
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -660,16 +669,16 @@ class SecretV2(pulumi.CustomResource):
|
|
660
669
|
id: pulumi.Input[str],
|
661
670
|
opts: Optional[pulumi.ResourceOptions] = None,
|
662
671
|
cas: Optional[pulumi.Input[int]] = None,
|
663
|
-
custom_metadata: Optional[pulumi.Input[
|
664
|
-
data: Optional[pulumi.Input[Mapping[str,
|
672
|
+
custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
|
673
|
+
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
665
674
|
data_json: Optional[pulumi.Input[str]] = None,
|
666
675
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
667
676
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
668
|
-
metadata: Optional[pulumi.Input[Mapping[str,
|
677
|
+
metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
669
678
|
mount: Optional[pulumi.Input[str]] = None,
|
670
679
|
name: Optional[pulumi.Input[str]] = None,
|
671
680
|
namespace: Optional[pulumi.Input[str]] = None,
|
672
|
-
options: Optional[pulumi.Input[Mapping[str,
|
681
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
673
682
|
path: Optional[pulumi.Input[str]] = None) -> 'SecretV2':
|
674
683
|
"""
|
675
684
|
Get an existing SecretV2 resource's state with the given name, id, and optional extra
|
@@ -682,10 +691,10 @@ class SecretV2(pulumi.CustomResource):
|
|
682
691
|
on either the secret or the engine's config. In order for a
|
683
692
|
write operation to be successful, cas must be set to the current version
|
684
693
|
of the secret.
|
685
|
-
:param pulumi.Input[
|
694
|
+
:param pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']] custom_metadata: A nested block that allows configuring metadata for the
|
686
695
|
KV secret. Refer to the
|
687
696
|
Configuration Options for more info.
|
688
|
-
:param pulumi.Input[Mapping[str,
|
697
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
|
689
698
|
Vault and whose values are the corresponding values. This map can only
|
690
699
|
represent string data, so any non-string values returned from Vault are
|
691
700
|
serialized as JSON.
|
@@ -695,7 +704,7 @@ class SecretV2(pulumi.CustomResource):
|
|
695
704
|
versions for the specified key.
|
696
705
|
:param pulumi.Input[bool] disable_read: If set to true, disables reading secret from Vault;
|
697
706
|
note: drift won't be detected.
|
698
|
-
:param pulumi.Input[Mapping[str,
|
707
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] metadata: Metadata associated with this secret read from Vault.
|
699
708
|
:param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
|
700
709
|
:param pulumi.Input[str] name: Full name of the secret. For a nested secret
|
701
710
|
the name is the nested path excluding the mount and data
|
@@ -703,9 +712,9 @@ class SecretV2(pulumi.CustomResource):
|
|
703
712
|
the name is `foo/bar/baz`.
|
704
713
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
705
714
|
The value should not contain leading or trailing forward slashes.
|
706
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
715
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
707
716
|
*Available only for Vault Enterprise*.
|
708
|
-
:param pulumi.Input[Mapping[str,
|
717
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
709
718
|
:param pulumi.Input[str] path: Full path where the KV-V2 secret will be written.
|
710
719
|
"""
|
711
720
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
@@ -749,7 +758,7 @@ class SecretV2(pulumi.CustomResource):
|
|
749
758
|
|
750
759
|
@property
|
751
760
|
@pulumi.getter
|
752
|
-
def data(self) -> pulumi.Output[Mapping[str,
|
761
|
+
def data(self) -> pulumi.Output[Mapping[str, str]]:
|
753
762
|
"""
|
754
763
|
A mapping whose keys are the top-level data keys returned from
|
755
764
|
Vault and whose values are the corresponding values. This map can only
|
@@ -787,7 +796,7 @@ class SecretV2(pulumi.CustomResource):
|
|
787
796
|
|
788
797
|
@property
|
789
798
|
@pulumi.getter
|
790
|
-
def metadata(self) -> pulumi.Output[Mapping[str,
|
799
|
+
def metadata(self) -> pulumi.Output[Mapping[str, str]]:
|
791
800
|
"""
|
792
801
|
Metadata associated with this secret read from Vault.
|
793
802
|
"""
|
@@ -818,14 +827,14 @@ class SecretV2(pulumi.CustomResource):
|
|
818
827
|
"""
|
819
828
|
The namespace to provision the resource in.
|
820
829
|
The value should not contain leading or trailing forward slashes.
|
821
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
830
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
822
831
|
*Available only for Vault Enterprise*.
|
823
832
|
"""
|
824
833
|
return pulumi.get(self, "namespace")
|
825
834
|
|
826
835
|
@property
|
827
836
|
@pulumi.getter
|
828
|
-
def options(self) -> pulumi.Output[Optional[Mapping[str,
|
837
|
+
def options(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
|
829
838
|
"""
|
830
839
|
An object that holds option settings.
|
831
840
|
"""
|