pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +26 -9
- pulumi_vault/ad/secret_backend.py +16 -142
- pulumi_vault/ad/secret_library.py +16 -9
- pulumi_vault/ad/secret_role.py +14 -9
- pulumi_vault/alicloud/auth_backend_role.py +76 -190
- pulumi_vault/approle/auth_backend_login.py +12 -7
- pulumi_vault/approle/auth_backend_role.py +77 -191
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
- pulumi_vault/audit.py +30 -21
- pulumi_vault/audit_request_header.py +11 -2
- pulumi_vault/auth_backend.py +66 -14
- pulumi_vault/aws/auth_backend_cert.py +18 -9
- pulumi_vault/aws/auth_backend_client.py +267 -22
- pulumi_vault/aws/auth_backend_config_identity.py +14 -9
- pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +77 -191
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
- pulumi_vault/aws/auth_backend_sts_role.py +14 -9
- pulumi_vault/aws/get_access_credentials.py +38 -9
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +77 -9
- pulumi_vault/aws/secret_backend_role.py +185 -9
- pulumi_vault/aws/secret_backend_static_role.py +20 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +153 -15
- pulumi_vault/azure/auth_backend_role.py +77 -191
- pulumi_vault/azure/backend.py +227 -21
- pulumi_vault/azure/backend_role.py +42 -37
- pulumi_vault/azure/get_access_credentials.py +41 -7
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -267
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +28 -19
- pulumi_vault/consul/secret_backend_role.py +18 -78
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +119 -112
- pulumi_vault/database/secret_backend_role.py +31 -22
- pulumi_vault/database/secret_backend_static_role.py +87 -13
- pulumi_vault/database/secrets_mount.py +427 -136
- pulumi_vault/egp_policy.py +16 -11
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +250 -33
- pulumi_vault/gcp/auth_backend_role.py +77 -269
- pulumi_vault/gcp/get_auth_backend_role.py +43 -5
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -12
- pulumi_vault/gcp/secret_impersonated_account.py +76 -15
- pulumi_vault/gcp/secret_roleset.py +31 -24
- pulumi_vault/gcp/secret_static_account.py +39 -32
- pulumi_vault/generic/endpoint.py +24 -17
- pulumi_vault/generic/get_secret.py +64 -8
- pulumi_vault/generic/secret.py +21 -16
- pulumi_vault/get_auth_backend.py +24 -7
- pulumi_vault/get_auth_backends.py +51 -9
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -11
- pulumi_vault/get_policy_document.py +34 -19
- pulumi_vault/get_raft_autopilot_state.py +29 -10
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +19 -14
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +16 -11
- pulumi_vault/github/user.py +16 -11
- pulumi_vault/identity/entity.py +20 -13
- pulumi_vault/identity/entity_alias.py +20 -13
- pulumi_vault/identity/entity_policies.py +28 -11
- pulumi_vault/identity/get_entity.py +42 -10
- pulumi_vault/identity/get_group.py +47 -9
- pulumi_vault/identity/get_oidc_client_creds.py +21 -7
- pulumi_vault/identity/get_oidc_openid_config.py +39 -9
- pulumi_vault/identity/get_oidc_public_keys.py +29 -10
- pulumi_vault/identity/group.py +58 -39
- pulumi_vault/identity/group_alias.py +16 -9
- pulumi_vault/identity/group_member_entity_ids.py +28 -66
- pulumi_vault/identity/group_member_group_ids.py +40 -19
- pulumi_vault/identity/group_policies.py +20 -7
- pulumi_vault/identity/mfa_duo.py +11 -6
- pulumi_vault/identity/mfa_login_enforcement.py +15 -6
- pulumi_vault/identity/mfa_okta.py +11 -6
- pulumi_vault/identity/mfa_pingid.py +7 -2
- pulumi_vault/identity/mfa_totp.py +7 -2
- pulumi_vault/identity/oidc.py +12 -7
- pulumi_vault/identity/oidc_assignment.py +24 -11
- pulumi_vault/identity/oidc_client.py +36 -23
- pulumi_vault/identity/oidc_key.py +30 -17
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
- pulumi_vault/identity/oidc_provider.py +36 -21
- pulumi_vault/identity/oidc_role.py +42 -21
- pulumi_vault/identity/oidc_scope.py +20 -13
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +45 -40
- pulumi_vault/jwt/auth_backend_role.py +133 -254
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +24 -19
- pulumi_vault/kmip/secret_role.py +14 -9
- pulumi_vault/kmip/secret_scope.py +14 -9
- pulumi_vault/kubernetes/auth_backend_config.py +57 -5
- pulumi_vault/kubernetes/auth_backend_role.py +70 -177
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -11
- pulumi_vault/kubernetes/secret_backend.py +316 -27
- pulumi_vault/kubernetes/secret_backend_role.py +137 -46
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +25 -8
- pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
- pulumi_vault/kv/get_secret_v2.py +85 -9
- pulumi_vault/kv/get_secrets_list.py +24 -11
- pulumi_vault/kv/get_secrets_list_v2.py +37 -15
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +23 -16
- pulumi_vault/kv/secret_backend_v2.py +20 -11
- pulumi_vault/kv/secret_v2.py +59 -50
- pulumi_vault/ldap/auth_backend.py +127 -166
- pulumi_vault/ldap/auth_backend_group.py +14 -9
- pulumi_vault/ldap/auth_backend_user.py +14 -9
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +354 -82
- pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
- pulumi_vault/ldap/secret_backend_library_set.py +16 -9
- pulumi_vault/ldap/secret_backend_static_role.py +73 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +29 -57
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +18 -11
- pulumi_vault/mfa_okta.py +18 -11
- pulumi_vault/mfa_pingid.py +18 -11
- pulumi_vault/mfa_totp.py +24 -17
- pulumi_vault/mongodbatlas/secret_backend.py +20 -15
- pulumi_vault/mongodbatlas/secret_role.py +47 -38
- pulumi_vault/mount.py +391 -51
- pulumi_vault/namespace.py +68 -83
- pulumi_vault/nomad_secret_backend.py +18 -13
- pulumi_vault/nomad_secret_role.py +14 -9
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +485 -39
- pulumi_vault/okta/auth_backend_group.py +14 -9
- pulumi_vault/okta/auth_backend_user.py +14 -9
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +20 -13
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
- pulumi_vault/pkisecret/get_backend_key.py +24 -9
- pulumi_vault/pkisecret/get_backend_keys.py +21 -8
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
- pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
- pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
- pulumi_vault/pkisecret/secret_backend_key.py +14 -9
- pulumi_vault/pkisecret/secret_backend_role.py +21 -14
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +14 -9
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +60 -6
- pulumi_vault/quota_rate_limit.py +56 -2
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +18 -13
- pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
- pulumi_vault/raft_autopilot.py +14 -9
- pulumi_vault/raft_snapshot_agent_config.py +129 -224
- pulumi_vault/rgp_policy.py +14 -9
- pulumi_vault/saml/auth_backend.py +22 -17
- pulumi_vault/saml/auth_backend_role.py +92 -197
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -71
- pulumi_vault/secrets/sync_aws_destination.py +242 -27
- pulumi_vault/secrets/sync_azure_destination.py +92 -31
- pulumi_vault/secrets/sync_config.py +9 -4
- pulumi_vault/secrets/sync_gcp_destination.py +158 -25
- pulumi_vault/secrets/sync_gh_destination.py +189 -13
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +74 -13
- pulumi_vault/ssh/_inputs.py +28 -28
- pulumi_vault/ssh/outputs.py +11 -28
- pulumi_vault/ssh/secret_backend_ca.py +108 -9
- pulumi_vault/ssh/secret_backend_role.py +85 -118
- pulumi_vault/terraformcloud/secret_backend.py +7 -54
- pulumi_vault/terraformcloud/secret_creds.py +14 -20
- pulumi_vault/terraformcloud/secret_role.py +16 -74
- pulumi_vault/token.py +28 -23
- pulumi_vault/tokenauth/auth_backend_role.py +78 -199
- pulumi_vault/transform/alphabet.py +16 -9
- pulumi_vault/transform/get_decode.py +45 -17
- pulumi_vault/transform/get_encode.py +45 -17
- pulumi_vault/transform/role.py +16 -9
- pulumi_vault/transform/template.py +30 -21
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -21
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +27 -93
- pulumi_vault/transit/secret_cache_config.py +12 -7
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendDynamicRoleArgs', 'SecretBackendDynamicRole']
|
@@ -46,7 +51,7 @@ class SecretBackendDynamicRoleArgs:
|
|
46
51
|
not begin or end with a `/`. Defaults to `ldap`.
|
47
52
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
48
53
|
The value should not contain leading or trailing forward slashes.
|
49
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
54
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
50
55
|
*Available only for Vault Enterprise*.
|
51
56
|
:param pulumi.Input[str] rollback_ldif: A templatized LDIF string used to attempt to
|
52
57
|
rollback any changes in the event that execution of the `creation_ldif` results
|
@@ -165,7 +170,7 @@ class SecretBackendDynamicRoleArgs:
|
|
165
170
|
"""
|
166
171
|
The namespace to provision the resource in.
|
167
172
|
The value should not contain leading or trailing forward slashes.
|
168
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
173
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
169
174
|
*Available only for Vault Enterprise*.
|
170
175
|
"""
|
171
176
|
return pulumi.get(self, "namespace")
|
@@ -240,7 +245,7 @@ class _SecretBackendDynamicRoleState:
|
|
240
245
|
not begin or end with a `/`. Defaults to `ldap`.
|
241
246
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
242
247
|
The value should not contain leading or trailing forward slashes.
|
243
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
248
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
244
249
|
*Available only for Vault Enterprise*.
|
245
250
|
:param pulumi.Input[str] role_name: Name of the role.
|
246
251
|
:param pulumi.Input[str] rollback_ldif: A templatized LDIF string used to attempt to
|
@@ -351,7 +356,7 @@ class _SecretBackendDynamicRoleState:
|
|
351
356
|
"""
|
352
357
|
The namespace to provision the resource in.
|
353
358
|
The value should not contain leading or trailing forward slashes.
|
354
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
359
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
355
360
|
*Available only for Vault Enterprise*.
|
356
361
|
"""
|
357
362
|
return pulumi.get(self, "namespace")
|
@@ -453,10 +458,11 @@ class SecretBackendDynamicRole(pulumi.CustomResource):
|
|
453
458
|
|
454
459
|
## Import
|
455
460
|
|
456
|
-
LDAP secret backend dynamic role can be imported using the full path to the role
|
461
|
+
LDAP secret backend dynamic role can be imported using the full path to the role
|
462
|
+
of the form: `<mount_path>/dynamic-role/<role_name>` e.g.
|
457
463
|
|
458
464
|
```sh
|
459
|
-
|
465
|
+
$ pulumi import vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole role ldap/role/dynamic-role
|
460
466
|
```
|
461
467
|
|
462
468
|
:param str resource_name: The name of the resource.
|
@@ -481,7 +487,7 @@ class SecretBackendDynamicRole(pulumi.CustomResource):
|
|
481
487
|
not begin or end with a `/`. Defaults to `ldap`.
|
482
488
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
483
489
|
The value should not contain leading or trailing forward slashes.
|
484
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
490
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
485
491
|
*Available only for Vault Enterprise*.
|
486
492
|
:param pulumi.Input[str] role_name: Name of the role.
|
487
493
|
:param pulumi.Input[str] rollback_ldif: A templatized LDIF string used to attempt to
|
@@ -534,10 +540,11 @@ class SecretBackendDynamicRole(pulumi.CustomResource):
|
|
534
540
|
|
535
541
|
## Import
|
536
542
|
|
537
|
-
LDAP secret backend dynamic role can be imported using the full path to the role
|
543
|
+
LDAP secret backend dynamic role can be imported using the full path to the role
|
544
|
+
of the form: `<mount_path>/dynamic-role/<role_name>` e.g.
|
538
545
|
|
539
546
|
```sh
|
540
|
-
|
547
|
+
$ pulumi import vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole role ldap/role/dynamic-role
|
541
548
|
```
|
542
549
|
|
543
550
|
:param str resource_name: The name of the resource.
|
@@ -634,7 +641,7 @@ class SecretBackendDynamicRole(pulumi.CustomResource):
|
|
634
641
|
not begin or end with a `/`. Defaults to `ldap`.
|
635
642
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
636
643
|
The value should not contain leading or trailing forward slashes.
|
637
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
644
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
638
645
|
*Available only for Vault Enterprise*.
|
639
646
|
:param pulumi.Input[str] role_name: Name of the role.
|
640
647
|
:param pulumi.Input[str] rollback_ldif: A templatized LDIF string used to attempt to
|
@@ -721,7 +728,7 @@ class SecretBackendDynamicRole(pulumi.CustomResource):
|
|
721
728
|
"""
|
722
729
|
The namespace to provision the resource in.
|
723
730
|
The value should not contain leading or trailing forward slashes.
|
724
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
731
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
725
732
|
*Available only for Vault Enterprise*.
|
726
733
|
"""
|
727
734
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendLibrarySetArgs', 'SecretBackendLibrarySet']
|
@@ -34,7 +39,7 @@ class SecretBackendLibrarySetArgs:
|
|
34
39
|
Must be unique within the backend.
|
35
40
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
36
41
|
The value should not contain leading or trailing forward slashes.
|
37
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
42
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
38
43
|
*Available only for Vault Enterprise*.
|
39
44
|
:param pulumi.Input[int] ttl: The password time-to-live in seconds. Defaults to the configuration
|
40
45
|
ttl if not provided.
|
@@ -123,7 +128,7 @@ class SecretBackendLibrarySetArgs:
|
|
123
128
|
"""
|
124
129
|
The namespace to provision the resource in.
|
125
130
|
The value should not contain leading or trailing forward slashes.
|
126
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
131
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
127
132
|
*Available only for Vault Enterprise*.
|
128
133
|
"""
|
129
134
|
return pulumi.get(self, "namespace")
|
@@ -168,7 +173,7 @@ class _SecretBackendLibrarySetState:
|
|
168
173
|
Must be unique within the backend.
|
169
174
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
170
175
|
The value should not contain leading or trailing forward slashes.
|
171
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
176
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
172
177
|
*Available only for Vault Enterprise*.
|
173
178
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] service_account_names: Specifies the slice of service accounts mapped to this set.
|
174
179
|
:param pulumi.Input[int] ttl: The password time-to-live in seconds. Defaults to the configuration
|
@@ -247,7 +252,7 @@ class _SecretBackendLibrarySetState:
|
|
247
252
|
"""
|
248
253
|
The namespace to provision the resource in.
|
249
254
|
The value should not contain leading or trailing forward slashes.
|
250
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
255
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
251
256
|
*Available only for Vault Enterprise*.
|
252
257
|
"""
|
253
258
|
return pulumi.get(self, "namespace")
|
@@ -311,6 +316,7 @@ class SecretBackendLibrarySet(pulumi.CustomResource):
|
|
311
316
|
userdn="CN=Users,DC=corp,DC=example,DC=net")
|
312
317
|
qa = vault.ldap.SecretBackendLibrarySet("qa",
|
313
318
|
mount=config.path,
|
319
|
+
name="qa",
|
314
320
|
service_account_names=[
|
315
321
|
"Bob",
|
316
322
|
"Mary",
|
@@ -325,7 +331,7 @@ class SecretBackendLibrarySet(pulumi.CustomResource):
|
|
325
331
|
LDAP secret backend libraries can be imported using the `path`, e.g.
|
326
332
|
|
327
333
|
```sh
|
328
|
-
|
334
|
+
$ pulumi import vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet qa ldap/library/bob
|
329
335
|
```
|
330
336
|
|
331
337
|
:param str resource_name: The name of the resource.
|
@@ -340,7 +346,7 @@ class SecretBackendLibrarySet(pulumi.CustomResource):
|
|
340
346
|
Must be unique within the backend.
|
341
347
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
342
348
|
The value should not contain leading or trailing forward slashes.
|
343
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
349
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
344
350
|
*Available only for Vault Enterprise*.
|
345
351
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] service_account_names: Specifies the slice of service accounts mapped to this set.
|
346
352
|
:param pulumi.Input[int] ttl: The password time-to-live in seconds. Defaults to the configuration
|
@@ -368,6 +374,7 @@ class SecretBackendLibrarySet(pulumi.CustomResource):
|
|
368
374
|
userdn="CN=Users,DC=corp,DC=example,DC=net")
|
369
375
|
qa = vault.ldap.SecretBackendLibrarySet("qa",
|
370
376
|
mount=config.path,
|
377
|
+
name="qa",
|
371
378
|
service_account_names=[
|
372
379
|
"Bob",
|
373
380
|
"Mary",
|
@@ -382,7 +389,7 @@ class SecretBackendLibrarySet(pulumi.CustomResource):
|
|
382
389
|
LDAP secret backend libraries can be imported using the `path`, e.g.
|
383
390
|
|
384
391
|
```sh
|
385
|
-
|
392
|
+
$ pulumi import vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet qa ldap/library/bob
|
386
393
|
```
|
387
394
|
|
388
395
|
:param str resource_name: The name of the resource.
|
@@ -459,7 +466,7 @@ class SecretBackendLibrarySet(pulumi.CustomResource):
|
|
459
466
|
Must be unique within the backend.
|
460
467
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
461
468
|
The value should not contain leading or trailing forward slashes.
|
462
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
469
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
463
470
|
*Available only for Vault Enterprise*.
|
464
471
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] service_account_names: Specifies the slice of service accounts mapped to this set.
|
465
472
|
:param pulumi.Input[int] ttl: The password time-to-live in seconds. Defaults to the configuration
|
@@ -520,7 +527,7 @@ class SecretBackendLibrarySet(pulumi.CustomResource):
|
|
520
527
|
"""
|
521
528
|
The namespace to provision the resource in.
|
522
529
|
The value should not contain leading or trailing forward slashes.
|
523
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
530
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
524
531
|
*Available only for Vault Enterprise*.
|
525
532
|
"""
|
526
533
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendStaticRoleArgs', 'SecretBackendStaticRole']
|
@@ -19,7 +24,8 @@ class SecretBackendStaticRoleArgs:
|
|
19
24
|
username: pulumi.Input[str],
|
20
25
|
dn: Optional[pulumi.Input[str]] = None,
|
21
26
|
mount: Optional[pulumi.Input[str]] = None,
|
22
|
-
namespace: Optional[pulumi.Input[str]] = None
|
27
|
+
namespace: Optional[pulumi.Input[str]] = None,
|
28
|
+
skip_import_rotation: Optional[pulumi.Input[bool]] = None):
|
23
29
|
"""
|
24
30
|
The set of arguments for constructing a SecretBackendStaticRole resource.
|
25
31
|
:param pulumi.Input[str] role_name: Name of the role.
|
@@ -32,8 +38,10 @@ class SecretBackendStaticRoleArgs:
|
|
32
38
|
not begin or end with a `/`. Defaults to `ldap`.
|
33
39
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
34
40
|
The value should not contain leading or trailing forward slashes.
|
35
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
41
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
36
42
|
*Available only for Vault Enterprise*.
|
43
|
+
:param pulumi.Input[bool] skip_import_rotation: Causes vault to skip the initial secret rotation on import. Not applicable to updates.
|
44
|
+
Requires Vault 1.16 or above.
|
37
45
|
"""
|
38
46
|
pulumi.set(__self__, "role_name", role_name)
|
39
47
|
pulumi.set(__self__, "rotation_period", rotation_period)
|
@@ -44,6 +52,8 @@ class SecretBackendStaticRoleArgs:
|
|
44
52
|
pulumi.set(__self__, "mount", mount)
|
45
53
|
if namespace is not None:
|
46
54
|
pulumi.set(__self__, "namespace", namespace)
|
55
|
+
if skip_import_rotation is not None:
|
56
|
+
pulumi.set(__self__, "skip_import_rotation", skip_import_rotation)
|
47
57
|
|
48
58
|
@property
|
49
59
|
@pulumi.getter(name="roleName")
|
@@ -114,7 +124,7 @@ class SecretBackendStaticRoleArgs:
|
|
114
124
|
"""
|
115
125
|
The namespace to provision the resource in.
|
116
126
|
The value should not contain leading or trailing forward slashes.
|
117
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
127
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
118
128
|
*Available only for Vault Enterprise*.
|
119
129
|
"""
|
120
130
|
return pulumi.get(self, "namespace")
|
@@ -123,6 +133,19 @@ class SecretBackendStaticRoleArgs:
|
|
123
133
|
def namespace(self, value: Optional[pulumi.Input[str]]):
|
124
134
|
pulumi.set(self, "namespace", value)
|
125
135
|
|
136
|
+
@property
|
137
|
+
@pulumi.getter(name="skipImportRotation")
|
138
|
+
def skip_import_rotation(self) -> Optional[pulumi.Input[bool]]:
|
139
|
+
"""
|
140
|
+
Causes vault to skip the initial secret rotation on import. Not applicable to updates.
|
141
|
+
Requires Vault 1.16 or above.
|
142
|
+
"""
|
143
|
+
return pulumi.get(self, "skip_import_rotation")
|
144
|
+
|
145
|
+
@skip_import_rotation.setter
|
146
|
+
def skip_import_rotation(self, value: Optional[pulumi.Input[bool]]):
|
147
|
+
pulumi.set(self, "skip_import_rotation", value)
|
148
|
+
|
126
149
|
|
127
150
|
@pulumi.input_type
|
128
151
|
class _SecretBackendStaticRoleState:
|
@@ -132,6 +155,7 @@ class _SecretBackendStaticRoleState:
|
|
132
155
|
namespace: Optional[pulumi.Input[str]] = None,
|
133
156
|
role_name: Optional[pulumi.Input[str]] = None,
|
134
157
|
rotation_period: Optional[pulumi.Input[int]] = None,
|
158
|
+
skip_import_rotation: Optional[pulumi.Input[bool]] = None,
|
135
159
|
username: Optional[pulumi.Input[str]] = None):
|
136
160
|
"""
|
137
161
|
Input properties used for looking up and filtering SecretBackendStaticRole resources.
|
@@ -142,10 +166,12 @@ class _SecretBackendStaticRoleState:
|
|
142
166
|
not begin or end with a `/`. Defaults to `ldap`.
|
143
167
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
144
168
|
The value should not contain leading or trailing forward slashes.
|
145
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
169
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
146
170
|
*Available only for Vault Enterprise*.
|
147
171
|
:param pulumi.Input[str] role_name: Name of the role.
|
148
172
|
:param pulumi.Input[int] rotation_period: How often Vault should rotate the password of the user entry.
|
173
|
+
:param pulumi.Input[bool] skip_import_rotation: Causes vault to skip the initial secret rotation on import. Not applicable to updates.
|
174
|
+
Requires Vault 1.16 or above.
|
149
175
|
:param pulumi.Input[str] username: The username of the existing LDAP entry to manage password rotation for.
|
150
176
|
"""
|
151
177
|
if dn is not None:
|
@@ -158,6 +184,8 @@ class _SecretBackendStaticRoleState:
|
|
158
184
|
pulumi.set(__self__, "role_name", role_name)
|
159
185
|
if rotation_period is not None:
|
160
186
|
pulumi.set(__self__, "rotation_period", rotation_period)
|
187
|
+
if skip_import_rotation is not None:
|
188
|
+
pulumi.set(__self__, "skip_import_rotation", skip_import_rotation)
|
161
189
|
if username is not None:
|
162
190
|
pulumi.set(__self__, "username", username)
|
163
191
|
|
@@ -194,7 +222,7 @@ class _SecretBackendStaticRoleState:
|
|
194
222
|
"""
|
195
223
|
The namespace to provision the resource in.
|
196
224
|
The value should not contain leading or trailing forward slashes.
|
197
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
225
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
198
226
|
*Available only for Vault Enterprise*.
|
199
227
|
"""
|
200
228
|
return pulumi.get(self, "namespace")
|
@@ -227,6 +255,19 @@ class _SecretBackendStaticRoleState:
|
|
227
255
|
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
228
256
|
pulumi.set(self, "rotation_period", value)
|
229
257
|
|
258
|
+
@property
|
259
|
+
@pulumi.getter(name="skipImportRotation")
|
260
|
+
def skip_import_rotation(self) -> Optional[pulumi.Input[bool]]:
|
261
|
+
"""
|
262
|
+
Causes vault to skip the initial secret rotation on import. Not applicable to updates.
|
263
|
+
Requires Vault 1.16 or above.
|
264
|
+
"""
|
265
|
+
return pulumi.get(self, "skip_import_rotation")
|
266
|
+
|
267
|
+
@skip_import_rotation.setter
|
268
|
+
def skip_import_rotation(self, value: Optional[pulumi.Input[bool]]):
|
269
|
+
pulumi.set(self, "skip_import_rotation", value)
|
270
|
+
|
230
271
|
@property
|
231
272
|
@pulumi.getter
|
232
273
|
def username(self) -> Optional[pulumi.Input[str]]:
|
@@ -250,6 +291,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
250
291
|
namespace: Optional[pulumi.Input[str]] = None,
|
251
292
|
role_name: Optional[pulumi.Input[str]] = None,
|
252
293
|
rotation_period: Optional[pulumi.Input[int]] = None,
|
294
|
+
skip_import_rotation: Optional[pulumi.Input[bool]] = None,
|
253
295
|
username: Optional[pulumi.Input[str]] = None,
|
254
296
|
__props__=None):
|
255
297
|
"""
|
@@ -276,10 +318,11 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
276
318
|
|
277
319
|
## Import
|
278
320
|
|
279
|
-
LDAP secret backend static role can be imported using the full path to the role
|
321
|
+
LDAP secret backend static role can be imported using the full path to the role
|
322
|
+
of the form: `<mount_path>/static-role/<role_name>` e.g.
|
280
323
|
|
281
324
|
```sh
|
282
|
-
|
325
|
+
$ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role
|
283
326
|
```
|
284
327
|
|
285
328
|
:param str resource_name: The name of the resource.
|
@@ -291,10 +334,12 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
291
334
|
not begin or end with a `/`. Defaults to `ldap`.
|
292
335
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
293
336
|
The value should not contain leading or trailing forward slashes.
|
294
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
337
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
295
338
|
*Available only for Vault Enterprise*.
|
296
339
|
:param pulumi.Input[str] role_name: Name of the role.
|
297
340
|
:param pulumi.Input[int] rotation_period: How often Vault should rotate the password of the user entry.
|
341
|
+
:param pulumi.Input[bool] skip_import_rotation: Causes vault to skip the initial secret rotation on import. Not applicable to updates.
|
342
|
+
Requires Vault 1.16 or above.
|
298
343
|
:param pulumi.Input[str] username: The username of the existing LDAP entry to manage password rotation for.
|
299
344
|
"""
|
300
345
|
...
|
@@ -327,10 +372,11 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
327
372
|
|
328
373
|
## Import
|
329
374
|
|
330
|
-
LDAP secret backend static role can be imported using the full path to the role
|
375
|
+
LDAP secret backend static role can be imported using the full path to the role
|
376
|
+
of the form: `<mount_path>/static-role/<role_name>` e.g.
|
331
377
|
|
332
378
|
```sh
|
333
|
-
|
379
|
+
$ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role
|
334
380
|
```
|
335
381
|
|
336
382
|
:param str resource_name: The name of the resource.
|
@@ -353,6 +399,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
353
399
|
namespace: Optional[pulumi.Input[str]] = None,
|
354
400
|
role_name: Optional[pulumi.Input[str]] = None,
|
355
401
|
rotation_period: Optional[pulumi.Input[int]] = None,
|
402
|
+
skip_import_rotation: Optional[pulumi.Input[bool]] = None,
|
356
403
|
username: Optional[pulumi.Input[str]] = None,
|
357
404
|
__props__=None):
|
358
405
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
@@ -372,6 +419,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
372
419
|
if rotation_period is None and not opts.urn:
|
373
420
|
raise TypeError("Missing required property 'rotation_period'")
|
374
421
|
__props__.__dict__["rotation_period"] = rotation_period
|
422
|
+
__props__.__dict__["skip_import_rotation"] = skip_import_rotation
|
375
423
|
if username is None and not opts.urn:
|
376
424
|
raise TypeError("Missing required property 'username'")
|
377
425
|
__props__.__dict__["username"] = username
|
@@ -390,6 +438,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
390
438
|
namespace: Optional[pulumi.Input[str]] = None,
|
391
439
|
role_name: Optional[pulumi.Input[str]] = None,
|
392
440
|
rotation_period: Optional[pulumi.Input[int]] = None,
|
441
|
+
skip_import_rotation: Optional[pulumi.Input[bool]] = None,
|
393
442
|
username: Optional[pulumi.Input[str]] = None) -> 'SecretBackendStaticRole':
|
394
443
|
"""
|
395
444
|
Get an existing SecretBackendStaticRole resource's state with the given name, id, and optional extra
|
@@ -405,10 +454,12 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
405
454
|
not begin or end with a `/`. Defaults to `ldap`.
|
406
455
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
407
456
|
The value should not contain leading or trailing forward slashes.
|
408
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
457
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
409
458
|
*Available only for Vault Enterprise*.
|
410
459
|
:param pulumi.Input[str] role_name: Name of the role.
|
411
460
|
:param pulumi.Input[int] rotation_period: How often Vault should rotate the password of the user entry.
|
461
|
+
:param pulumi.Input[bool] skip_import_rotation: Causes vault to skip the initial secret rotation on import. Not applicable to updates.
|
462
|
+
Requires Vault 1.16 or above.
|
412
463
|
:param pulumi.Input[str] username: The username of the existing LDAP entry to manage password rotation for.
|
413
464
|
"""
|
414
465
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
@@ -420,6 +471,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
420
471
|
__props__.__dict__["namespace"] = namespace
|
421
472
|
__props__.__dict__["role_name"] = role_name
|
422
473
|
__props__.__dict__["rotation_period"] = rotation_period
|
474
|
+
__props__.__dict__["skip_import_rotation"] = skip_import_rotation
|
423
475
|
__props__.__dict__["username"] = username
|
424
476
|
return SecretBackendStaticRole(resource_name, opts=opts, __props__=__props__)
|
425
477
|
|
@@ -448,7 +500,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
448
500
|
"""
|
449
501
|
The namespace to provision the resource in.
|
450
502
|
The value should not contain leading or trailing forward slashes.
|
451
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
503
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
452
504
|
*Available only for Vault Enterprise*.
|
453
505
|
"""
|
454
506
|
return pulumi.get(self, "namespace")
|
@@ -469,6 +521,15 @@ class SecretBackendStaticRole(pulumi.CustomResource):
|
|
469
521
|
"""
|
470
522
|
return pulumi.get(self, "rotation_period")
|
471
523
|
|
524
|
+
@property
|
525
|
+
@pulumi.getter(name="skipImportRotation")
|
526
|
+
def skip_import_rotation(self) -> pulumi.Output[Optional[bool]]:
|
527
|
+
"""
|
528
|
+
Causes vault to skip the initial secret rotation on import. Not applicable to updates.
|
529
|
+
Requires Vault 1.16 or above.
|
530
|
+
"""
|
531
|
+
return pulumi.get(self, "skip_import_rotation")
|
532
|
+
|
472
533
|
@property
|
473
534
|
@pulumi.getter
|
474
535
|
def username(self) -> pulumi.Output[str]:
|