pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SecretRoleArgs', 'SecretRole']
@@ -28,20 +33,20 @@ class SecretRoleArgs:
28
33
  """
29
34
  The set of arguments for constructing a SecretRole resource.
30
35
  :param pulumi.Input[str] mount: Path where the MongoDB Atlas Secrets Engine is mounted.
31
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
36
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
32
37
  :param pulumi.Input[Sequence[pulumi.Input[str]]] cidr_blocks: Whitelist entry in CIDR notation to be added for the API key.
33
38
  :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: IP address to be added to the whitelist for the API key.
34
39
  :param pulumi.Input[str] max_ttl: The maximum allowed lifetime of credentials issued using this role.
35
40
  :param pulumi.Input[str] name: The name of the role.
36
41
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
37
42
  The value should not contain leading or trailing forward slashes.
38
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
43
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
39
44
  *Available only for Vault Enterprise*.
40
45
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
41
46
  Required if `project_id` is not set.
42
47
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
43
- Required if `organization_id is` not set.
44
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
48
+ Required if `organization_id` is not set.
49
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
45
50
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
46
51
  """
47
52
  pulumi.set(__self__, "mount", mount)
@@ -81,7 +86,7 @@ class SecretRoleArgs:
81
86
  @pulumi.getter
82
87
  def roles(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
83
88
  """
84
- List of roles that the API Key needs to have.
89
+ List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
85
90
  """
86
91
  return pulumi.get(self, "roles")
87
92
 
@@ -143,7 +148,7 @@ class SecretRoleArgs:
143
148
  """
144
149
  The namespace to provision the resource in.
145
150
  The value should not contain leading or trailing forward slashes.
146
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
151
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
147
152
  *Available only for Vault Enterprise*.
148
153
  """
149
154
  return pulumi.get(self, "namespace")
@@ -170,7 +175,7 @@ class SecretRoleArgs:
170
175
  def project_id(self) -> Optional[pulumi.Input[str]]:
171
176
  """
172
177
  Unique identifier for the project to which the target API Key belongs.
173
- Required if `organization_id is` not set.
178
+ Required if `organization_id` is not set.
174
179
  """
175
180
  return pulumi.get(self, "project_id")
176
181
 
@@ -182,7 +187,7 @@ class SecretRoleArgs:
182
187
  @pulumi.getter(name="projectRoles")
183
188
  def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
184
189
  """
185
- Roles assigned when an org API key is assigned to a project API key.
190
+ Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
186
191
  """
187
192
  return pulumi.get(self, "project_roles")
188
193
 
@@ -226,14 +231,14 @@ class _SecretRoleState:
226
231
  :param pulumi.Input[str] name: The name of the role.
227
232
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
228
233
  The value should not contain leading or trailing forward slashes.
229
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
234
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
230
235
  *Available only for Vault Enterprise*.
231
236
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
232
237
  Required if `project_id` is not set.
233
238
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
234
- Required if `organization_id is` not set.
235
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
236
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
239
+ Required if `organization_id` is not set.
240
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
241
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
237
242
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
238
243
  """
239
244
  if cidr_blocks is not None:
@@ -325,7 +330,7 @@ class _SecretRoleState:
325
330
  """
326
331
  The namespace to provision the resource in.
327
332
  The value should not contain leading or trailing forward slashes.
328
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
333
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
329
334
  *Available only for Vault Enterprise*.
330
335
  """
331
336
  return pulumi.get(self, "namespace")
@@ -352,7 +357,7 @@ class _SecretRoleState:
352
357
  def project_id(self) -> Optional[pulumi.Input[str]]:
353
358
  """
354
359
  Unique identifier for the project to which the target API Key belongs.
355
- Required if `organization_id is` not set.
360
+ Required if `organization_id` is not set.
356
361
  """
357
362
  return pulumi.get(self, "project_id")
358
363
 
@@ -364,7 +369,7 @@ class _SecretRoleState:
364
369
  @pulumi.getter(name="projectRoles")
365
370
  def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
366
371
  """
367
- Roles assigned when an org API key is assigned to a project API key.
372
+ Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
368
373
  """
369
374
  return pulumi.get(self, "project_roles")
370
375
 
@@ -376,7 +381,7 @@ class _SecretRoleState:
376
381
  @pulumi.getter
377
382
  def roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
378
383
  """
379
- List of roles that the API Key needs to have.
384
+ List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
380
385
  """
381
386
  return pulumi.get(self, "roles")
382
387
 
@@ -426,27 +431,29 @@ class SecretRole(pulumi.CustomResource):
426
431
  type="mongodbatlas",
427
432
  description="MongoDB Atlas secret engine mount")
428
433
  config = vault.mongodbatlas.SecretBackend("config",
429
- mount="vault_mount.mongo.path",
434
+ mount=mongo.path,
430
435
  private_key="privateKey",
431
436
  public_key="publicKey")
432
437
  role = vault.mongodbatlas.SecretRole("role",
433
438
  mount=mongo.path,
439
+ name="tf-test-role",
434
440
  organization_id="7cf5a45a9ccf6400e60981b7",
435
441
  project_id="5cf5a45a9ccf6400e60981b6",
436
- roles="ORG_READ_ONLY",
442
+ roles=["ORG_READ_ONLY"],
437
443
  ip_addresses="192.168.1.5, 192.168.1.6",
438
444
  cidr_blocks="192.168.1.3/35",
439
- project_roles="GROUP_READ_ONLY",
445
+ project_roles=["GROUP_READ_ONLY"],
440
446
  ttl="60",
441
447
  max_ttl="120")
442
448
  ```
443
449
 
444
450
  ## Import
445
451
 
446
- The MongoDB Atlas secret role can be imported using the full path to the role of the form: `<mount_path>/roles/<role_name>` e.g.
452
+ The MongoDB Atlas secret role can be imported using the full path to the role
453
+ of the form: `<mount_path>/roles/<role_name>` e.g.
447
454
 
448
455
  ```sh
449
- $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
456
+ $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
450
457
  ```
451
458
 
452
459
  :param str resource_name: The name of the resource.
@@ -458,14 +465,14 @@ class SecretRole(pulumi.CustomResource):
458
465
  :param pulumi.Input[str] name: The name of the role.
459
466
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
460
467
  The value should not contain leading or trailing forward slashes.
461
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
468
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
462
469
  *Available only for Vault Enterprise*.
463
470
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
464
471
  Required if `project_id` is not set.
465
472
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
466
- Required if `organization_id is` not set.
467
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
468
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
473
+ Required if `organization_id` is not set.
474
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
475
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
469
476
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
470
477
  """
471
478
  ...
@@ -486,27 +493,29 @@ class SecretRole(pulumi.CustomResource):
486
493
  type="mongodbatlas",
487
494
  description="MongoDB Atlas secret engine mount")
488
495
  config = vault.mongodbatlas.SecretBackend("config",
489
- mount="vault_mount.mongo.path",
496
+ mount=mongo.path,
490
497
  private_key="privateKey",
491
498
  public_key="publicKey")
492
499
  role = vault.mongodbatlas.SecretRole("role",
493
500
  mount=mongo.path,
501
+ name="tf-test-role",
494
502
  organization_id="7cf5a45a9ccf6400e60981b7",
495
503
  project_id="5cf5a45a9ccf6400e60981b6",
496
- roles="ORG_READ_ONLY",
504
+ roles=["ORG_READ_ONLY"],
497
505
  ip_addresses="192.168.1.5, 192.168.1.6",
498
506
  cidr_blocks="192.168.1.3/35",
499
- project_roles="GROUP_READ_ONLY",
507
+ project_roles=["GROUP_READ_ONLY"],
500
508
  ttl="60",
501
509
  max_ttl="120")
502
510
  ```
503
511
 
504
512
  ## Import
505
513
 
506
- The MongoDB Atlas secret role can be imported using the full path to the role of the form: `<mount_path>/roles/<role_name>` e.g.
514
+ The MongoDB Atlas secret role can be imported using the full path to the role
515
+ of the form: `<mount_path>/roles/<role_name>` e.g.
507
516
 
508
517
  ```sh
509
- $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
518
+ $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
510
519
  ```
511
520
 
512
521
  :param str resource_name: The name of the resource.
@@ -594,14 +603,14 @@ class SecretRole(pulumi.CustomResource):
594
603
  :param pulumi.Input[str] name: The name of the role.
595
604
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
596
605
  The value should not contain leading or trailing forward slashes.
597
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
606
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
598
607
  *Available only for Vault Enterprise*.
599
608
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
600
609
  Required if `project_id` is not set.
601
610
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
602
- Required if `organization_id is` not set.
603
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
604
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
611
+ Required if `organization_id` is not set.
612
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
613
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
605
614
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
606
615
  """
607
616
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -667,7 +676,7 @@ class SecretRole(pulumi.CustomResource):
667
676
  """
668
677
  The namespace to provision the resource in.
669
678
  The value should not contain leading or trailing forward slashes.
670
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
679
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
671
680
  *Available only for Vault Enterprise*.
672
681
  """
673
682
  return pulumi.get(self, "namespace")
@@ -686,7 +695,7 @@ class SecretRole(pulumi.CustomResource):
686
695
  def project_id(self) -> pulumi.Output[Optional[str]]:
687
696
  """
688
697
  Unique identifier for the project to which the target API Key belongs.
689
- Required if `organization_id is` not set.
698
+ Required if `organization_id` is not set.
690
699
  """
691
700
  return pulumi.get(self, "project_id")
692
701
 
@@ -694,7 +703,7 @@ class SecretRole(pulumi.CustomResource):
694
703
  @pulumi.getter(name="projectRoles")
695
704
  def project_roles(self) -> pulumi.Output[Optional[Sequence[str]]]:
696
705
  """
697
- Roles assigned when an org API key is assigned to a project API key.
706
+ Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
698
707
  """
699
708
  return pulumi.get(self, "project_roles")
700
709
 
@@ -702,7 +711,7 @@ class SecretRole(pulumi.CustomResource):
702
711
  @pulumi.getter
703
712
  def roles(self) -> pulumi.Output[Sequence[str]]:
704
713
  """
705
- List of roles that the API Key needs to have.
714
+ List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
706
715
  """
707
716
  return pulumi.get(self, "roles")
708
717