PyPI - pulumi-vault - Versions diffs - 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl - Mend

pulumi-vault 5.21.0a1709368526py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (229) hide show

pulumi_vault/__init__.py +52 -0
pulumi_vault/_inputs.py +560 -0
pulumi_vault/_utilities.py +41 -5
pulumi_vault/ad/get_access_credentials.py +26 -9
pulumi_vault/ad/secret_backend.py +16 -142
pulumi_vault/ad/secret_library.py +16 -9
pulumi_vault/ad/secret_role.py +14 -9
pulumi_vault/alicloud/auth_backend_role.py +76 -190
pulumi_vault/approle/auth_backend_login.py +12 -7
pulumi_vault/approle/auth_backend_role.py +77 -191
pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
pulumi_vault/audit.py +30 -21
pulumi_vault/audit_request_header.py +11 -2
pulumi_vault/auth_backend.py +66 -14
pulumi_vault/aws/auth_backend_cert.py +18 -9
pulumi_vault/aws/auth_backend_client.py +267 -22
pulumi_vault/aws/auth_backend_config_identity.py +14 -9
pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
pulumi_vault/aws/auth_backend_login.py +19 -22
pulumi_vault/aws/auth_backend_role.py +77 -191
pulumi_vault/aws/auth_backend_role_tag.py +12 -7
pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
pulumi_vault/aws/auth_backend_sts_role.py +14 -9
pulumi_vault/aws/get_access_credentials.py +38 -9
pulumi_vault/aws/get_static_access_credentials.py +19 -5
pulumi_vault/aws/secret_backend.py +77 -9
pulumi_vault/aws/secret_backend_role.py +185 -9
pulumi_vault/aws/secret_backend_static_role.py +20 -11
pulumi_vault/azure/_inputs.py +24 -0
pulumi_vault/azure/auth_backend_config.py +153 -15
pulumi_vault/azure/auth_backend_role.py +77 -191
pulumi_vault/azure/backend.py +227 -21
pulumi_vault/azure/backend_role.py +42 -37
pulumi_vault/azure/get_access_credentials.py +41 -7
pulumi_vault/azure/outputs.py +5 -0
pulumi_vault/cert_auth_backend_role.py +87 -267
pulumi_vault/config/__init__.pyi +5 -0
pulumi_vault/config/_inputs.py +73 -0
pulumi_vault/config/outputs.py +35 -0
pulumi_vault/config/ui_custom_message.py +529 -0
pulumi_vault/config/vars.py +5 -0
pulumi_vault/consul/secret_backend.py +28 -19
pulumi_vault/consul/secret_backend_role.py +18 -78
pulumi_vault/database/_inputs.py +2770 -881
pulumi_vault/database/outputs.py +721 -838
pulumi_vault/database/secret_backend_connection.py +119 -112
pulumi_vault/database/secret_backend_role.py +31 -22
pulumi_vault/database/secret_backend_static_role.py +87 -13
pulumi_vault/database/secrets_mount.py +427 -136
pulumi_vault/egp_policy.py +16 -11
pulumi_vault/gcp/_inputs.py +111 -0
pulumi_vault/gcp/auth_backend.py +250 -33
pulumi_vault/gcp/auth_backend_role.py +77 -269
pulumi_vault/gcp/get_auth_backend_role.py +43 -5
pulumi_vault/gcp/outputs.py +5 -0
pulumi_vault/gcp/secret_backend.py +287 -12
pulumi_vault/gcp/secret_impersonated_account.py +76 -15
pulumi_vault/gcp/secret_roleset.py +31 -24
pulumi_vault/gcp/secret_static_account.py +39 -32
pulumi_vault/generic/endpoint.py +24 -17
pulumi_vault/generic/get_secret.py +64 -8
pulumi_vault/generic/secret.py +21 -16
pulumi_vault/get_auth_backend.py +24 -7
pulumi_vault/get_auth_backends.py +51 -9
pulumi_vault/get_namespace.py +226 -0
pulumi_vault/get_namespaces.py +153 -0
pulumi_vault/get_nomad_access_token.py +31 -11
pulumi_vault/get_policy_document.py +34 -19
pulumi_vault/get_raft_autopilot_state.py +29 -10
pulumi_vault/github/_inputs.py +55 -0
pulumi_vault/github/auth_backend.py +19 -14
pulumi_vault/github/outputs.py +5 -0
pulumi_vault/github/team.py +16 -11
pulumi_vault/github/user.py +16 -11
pulumi_vault/identity/entity.py +20 -13
pulumi_vault/identity/entity_alias.py +20 -13
pulumi_vault/identity/entity_policies.py +28 -11
pulumi_vault/identity/get_entity.py +42 -10
pulumi_vault/identity/get_group.py +47 -9
pulumi_vault/identity/get_oidc_client_creds.py +21 -7
pulumi_vault/identity/get_oidc_openid_config.py +39 -9
pulumi_vault/identity/get_oidc_public_keys.py +29 -10
pulumi_vault/identity/group.py +58 -39
pulumi_vault/identity/group_alias.py +16 -9
pulumi_vault/identity/group_member_entity_ids.py +28 -66
pulumi_vault/identity/group_member_group_ids.py +40 -19
pulumi_vault/identity/group_policies.py +20 -7
pulumi_vault/identity/mfa_duo.py +11 -6
pulumi_vault/identity/mfa_login_enforcement.py +15 -6
pulumi_vault/identity/mfa_okta.py +11 -6
pulumi_vault/identity/mfa_pingid.py +7 -2
pulumi_vault/identity/mfa_totp.py +7 -2
pulumi_vault/identity/oidc.py +12 -7
pulumi_vault/identity/oidc_assignment.py +24 -11
pulumi_vault/identity/oidc_client.py +36 -23
pulumi_vault/identity/oidc_key.py +30 -17
pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
pulumi_vault/identity/oidc_provider.py +36 -21
pulumi_vault/identity/oidc_role.py +42 -21
pulumi_vault/identity/oidc_scope.py +20 -13
pulumi_vault/identity/outputs.py +8 -3
pulumi_vault/jwt/_inputs.py +55 -0
pulumi_vault/jwt/auth_backend.py +45 -40
pulumi_vault/jwt/auth_backend_role.py +133 -254
pulumi_vault/jwt/outputs.py +5 -0
pulumi_vault/kmip/secret_backend.py +24 -19
pulumi_vault/kmip/secret_role.py +14 -9
pulumi_vault/kmip/secret_scope.py +14 -9
pulumi_vault/kubernetes/auth_backend_config.py +57 -5
pulumi_vault/kubernetes/auth_backend_role.py +70 -177
pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
pulumi_vault/kubernetes/get_service_account_token.py +39 -11
pulumi_vault/kubernetes/secret_backend.py +316 -27
pulumi_vault/kubernetes/secret_backend_role.py +137 -46
pulumi_vault/kv/_inputs.py +36 -4
pulumi_vault/kv/get_secret.py +25 -8
pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
pulumi_vault/kv/get_secret_v2.py +85 -9
pulumi_vault/kv/get_secrets_list.py +24 -11
pulumi_vault/kv/get_secrets_list_v2.py +37 -15
pulumi_vault/kv/outputs.py +8 -3
pulumi_vault/kv/secret.py +23 -16
pulumi_vault/kv/secret_backend_v2.py +20 -11
pulumi_vault/kv/secret_v2.py +59 -50
pulumi_vault/ldap/auth_backend.py +127 -166
pulumi_vault/ldap/auth_backend_group.py +14 -9
pulumi_vault/ldap/auth_backend_user.py +14 -9
pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
pulumi_vault/ldap/get_static_credentials.py +24 -5
pulumi_vault/ldap/secret_backend.py +354 -82
pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
pulumi_vault/ldap/secret_backend_library_set.py +16 -9
pulumi_vault/ldap/secret_backend_static_role.py +73 -12
pulumi_vault/managed/_inputs.py +289 -132
pulumi_vault/managed/keys.py +29 -57
pulumi_vault/managed/outputs.py +89 -132
pulumi_vault/mfa_duo.py +18 -11
pulumi_vault/mfa_okta.py +18 -11
pulumi_vault/mfa_pingid.py +18 -11
pulumi_vault/mfa_totp.py +24 -17
pulumi_vault/mongodbatlas/secret_backend.py +20 -15
pulumi_vault/mongodbatlas/secret_role.py +47 -38
pulumi_vault/mount.py +391 -51
pulumi_vault/namespace.py +68 -83
pulumi_vault/nomad_secret_backend.py +18 -13
pulumi_vault/nomad_secret_role.py +14 -9
pulumi_vault/okta/_inputs.py +47 -8
pulumi_vault/okta/auth_backend.py +485 -39
pulumi_vault/okta/auth_backend_group.py +14 -9
pulumi_vault/okta/auth_backend_user.py +14 -9
pulumi_vault/okta/outputs.py +13 -8
pulumi_vault/outputs.py +5 -0
pulumi_vault/password_policy.py +20 -13
pulumi_vault/pkisecret/__init__.py +3 -0
pulumi_vault/pkisecret/_inputs.py +81 -0
pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
pulumi_vault/pkisecret/backend_config_est.py +619 -0
pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
pulumi_vault/pkisecret/get_backend_key.py +24 -9
pulumi_vault/pkisecret/get_backend_keys.py +21 -8
pulumi_vault/pkisecret/outputs.py +69 -0
pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
pulumi_vault/pkisecret/secret_backend_key.py +14 -9
pulumi_vault/pkisecret/secret_backend_role.py +21 -14
pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
pulumi_vault/plugin.py +595 -0
pulumi_vault/plugin_pinned_version.py +298 -0
pulumi_vault/policy.py +14 -9
pulumi_vault/provider.py +48 -53
pulumi_vault/pulumi-plugin.json +2 -1
pulumi_vault/quota_lease_count.py +60 -6
pulumi_vault/quota_rate_limit.py +56 -2
pulumi_vault/rabbitmq/_inputs.py +61 -0
pulumi_vault/rabbitmq/outputs.py +5 -0
pulumi_vault/rabbitmq/secret_backend.py +18 -13
pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
pulumi_vault/raft_autopilot.py +14 -9
pulumi_vault/raft_snapshot_agent_config.py +129 -224
pulumi_vault/rgp_policy.py +14 -9
pulumi_vault/saml/auth_backend.py +22 -17
pulumi_vault/saml/auth_backend_role.py +92 -197
pulumi_vault/secrets/__init__.py +3 -0
pulumi_vault/secrets/_inputs.py +110 -0
pulumi_vault/secrets/outputs.py +94 -0
pulumi_vault/secrets/sync_association.py +56 -71
pulumi_vault/secrets/sync_aws_destination.py +242 -27
pulumi_vault/secrets/sync_azure_destination.py +92 -31
pulumi_vault/secrets/sync_config.py +9 -4
pulumi_vault/secrets/sync_gcp_destination.py +158 -25
pulumi_vault/secrets/sync_gh_destination.py +189 -13
pulumi_vault/secrets/sync_github_apps.py +375 -0
pulumi_vault/secrets/sync_vercel_destination.py +74 -13
pulumi_vault/ssh/_inputs.py +28 -28
pulumi_vault/ssh/outputs.py +11 -28
pulumi_vault/ssh/secret_backend_ca.py +108 -9
pulumi_vault/ssh/secret_backend_role.py +85 -118
pulumi_vault/terraformcloud/secret_backend.py +7 -54
pulumi_vault/terraformcloud/secret_creds.py +14 -20
pulumi_vault/terraformcloud/secret_role.py +16 -74
pulumi_vault/token.py +28 -23
pulumi_vault/tokenauth/auth_backend_role.py +78 -199
pulumi_vault/transform/alphabet.py +16 -9
pulumi_vault/transform/get_decode.py +45 -17
pulumi_vault/transform/get_encode.py +45 -17
pulumi_vault/transform/role.py +16 -9
pulumi_vault/transform/template.py +30 -21
pulumi_vault/transform/transformation.py +12 -7
pulumi_vault/transit/get_decrypt.py +26 -21
pulumi_vault/transit/get_encrypt.py +24 -19
pulumi_vault/transit/secret_backend_key.py +27 -93
pulumi_vault/transit/secret_cache_config.py +12 -7
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0

pulumi_vault/mongodbatlas/secret_role.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['SecretRoleArgs', 'SecretRole']
@@ -28,20 +33,20 @@ class SecretRoleArgs:
         """
         The set of arguments for constructing a SecretRole resource.
         :param pulumi.Input[str] mount: Path where the MongoDB Atlas Secrets Engine is mounted.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] cidr_blocks: Whitelist entry in CIDR notation to be added for the API key.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: IP address to be added to the whitelist for the API key.
         :param pulumi.Input[str] max_ttl: The maximum allowed lifetime of credentials issued using this role.
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         pulumi.set(__self__, "mount", mount)
@@ -81,7 +86,7 @@ class SecretRoleArgs:
     @pulumi.getter
     def roles(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
         """
-        List of roles that the API Key needs to have.
+        List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         """
         return pulumi.get(self, "roles")
@@ -143,7 +148,7 @@ class SecretRoleArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -170,7 +175,7 @@ class SecretRoleArgs:
     def project_id(self) -> Optional[pulumi.Input[str]]:
         """
         Unique identifier for the project to which the target API Key belongs.
-        Required if `organization_id is` not set.
+        Required if `organization_id` is not set.
         """
         return pulumi.get(self, "project_id")
@@ -182,7 +187,7 @@ class SecretRoleArgs:
     @pulumi.getter(name="projectRoles")
     def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Roles assigned when an org API key is assigned to a project API key.
+        Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         """
         return pulumi.get(self, "project_roles")
@@ -226,14 +231,14 @@ class _SecretRoleState:
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         if cidr_blocks is not None:
@@ -325,7 +330,7 @@ class _SecretRoleState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -352,7 +357,7 @@ class _SecretRoleState:
     def project_id(self) -> Optional[pulumi.Input[str]]:
         """
         Unique identifier for the project to which the target API Key belongs.
-        Required if `organization_id is` not set.
+        Required if `organization_id` is not set.
         """
         return pulumi.get(self, "project_id")
@@ -364,7 +369,7 @@ class _SecretRoleState:
     @pulumi.getter(name="projectRoles")
     def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Roles assigned when an org API key is assigned to a project API key.
+        Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         """
         return pulumi.get(self, "project_roles")
@@ -376,7 +381,7 @@ class _SecretRoleState:
     @pulumi.getter
     def roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        List of roles that the API Key needs to have.
+        List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         """
         return pulumi.get(self, "roles")
@@ -426,27 +431,29 @@ class SecretRole(pulumi.CustomResource):
             type="mongodbatlas",
             description="MongoDB Atlas secret engine mount")
         config = vault.mongodbatlas.SecretBackend("config",
-            mount="vault_mount.mongo.path",
+            mount=mongo.path,
             private_key="privateKey",
             public_key="publicKey")
         role = vault.mongodbatlas.SecretRole("role",
             mount=mongo.path,
+            name="tf-test-role",
             organization_id="7cf5a45a9ccf6400e60981b7",
             project_id="5cf5a45a9ccf6400e60981b6",
-            roles="ORG_READ_ONLY",
+            roles=["ORG_READ_ONLY"],
             ip_addresses="192.168.1.5, 192.168.1.6",
             cidr_blocks="192.168.1.3/35",
-            project_roles="GROUP_READ_ONLY",
+            project_roles=["GROUP_READ_ONLY"],
             ttl="60",
             max_ttl="120")
         ```
         ## Import
-        The MongoDB Atlas secret role can be imported using the full path to the role of the form: `<mount_path>/roles/<role_name>` e.g.
+        The MongoDB Atlas secret role can be imported using the full path to the role
+        of the form: `<mount_path>/roles/<role_name>` e.g.
         ```sh
-         $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
+        $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
         ```
         :param str resource_name: The name of the resource.
@@ -458,14 +465,14 @@ class SecretRole(pulumi.CustomResource):
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         ...
@@ -486,27 +493,29 @@ class SecretRole(pulumi.CustomResource):
             type="mongodbatlas",
             description="MongoDB Atlas secret engine mount")
         config = vault.mongodbatlas.SecretBackend("config",
-            mount="vault_mount.mongo.path",
+            mount=mongo.path,
             private_key="privateKey",
             public_key="publicKey")
         role = vault.mongodbatlas.SecretRole("role",
             mount=mongo.path,
+            name="tf-test-role",
             organization_id="7cf5a45a9ccf6400e60981b7",
             project_id="5cf5a45a9ccf6400e60981b6",
-            roles="ORG_READ_ONLY",
+            roles=["ORG_READ_ONLY"],
             ip_addresses="192.168.1.5, 192.168.1.6",
             cidr_blocks="192.168.1.3/35",
-            project_roles="GROUP_READ_ONLY",
+            project_roles=["GROUP_READ_ONLY"],
             ttl="60",
             max_ttl="120")
         ```
         ## Import
-        The MongoDB Atlas secret role can be imported using the full path to the role of the form: `<mount_path>/roles/<role_name>` e.g.
+        The MongoDB Atlas secret role can be imported using the full path to the role
+        of the form: `<mount_path>/roles/<role_name>` e.g.
         ```sh
-         $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
+        $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
         ```
         :param str resource_name: The name of the resource.
@@ -594,14 +603,14 @@ class SecretRole(pulumi.CustomResource):
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -667,7 +676,7 @@ class SecretRole(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -686,7 +695,7 @@ class SecretRole(pulumi.CustomResource):
     def project_id(self) -> pulumi.Output[Optional[str]]:
         """
         Unique identifier for the project to which the target API Key belongs.
-        Required if `organization_id is` not set.
+        Required if `organization_id` is not set.
         """
         return pulumi.get(self, "project_id")
@@ -694,7 +703,7 @@ class SecretRole(pulumi.CustomResource):
     @pulumi.getter(name="projectRoles")
     def project_roles(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        Roles assigned when an org API key is assigned to a project API key.
+        Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         """
         return pulumi.get(self, "project_roles")
@@ -702,7 +711,7 @@ class SecretRole(pulumi.CustomResource):
     @pulumi.getter
     def roles(self) -> pulumi.Output[Sequence[str]]:
         """
-        List of roles that the API Key needs to have.
+        List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         """
         return pulumi.get(self, "roles")

pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

pulumi-vault 5.21.0a1709368526py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl