pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -11,4 +11,7 @@ from .sync_azure_destination import *
11
11
  from .sync_config import *
12
12
  from .sync_gcp_destination import *
13
13
  from .sync_gh_destination import *
14
+ from .sync_github_apps import *
14
15
  from .sync_vercel_destination import *
16
+ from ._inputs import *
17
+ from . import outputs
@@ -0,0 +1,110 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import copy
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+
17
+ __all__ = [
18
+ 'SyncAssociationMetadataArgs',
19
+ 'SyncAssociationMetadataArgsDict',
20
+ ]
21
+
22
+ MYPY = False
23
+
24
+ if not MYPY:
25
+ class SyncAssociationMetadataArgsDict(TypedDict):
26
+ sub_key: NotRequired[pulumi.Input[str]]
27
+ """
28
+ Subkey of the associated secret.
29
+ """
30
+ sync_status: NotRequired[pulumi.Input[str]]
31
+ """
32
+ A map of sync statuses for each subkey of the associated secret
33
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
34
+ """
35
+ updated_at: NotRequired[pulumi.Input[str]]
36
+ """
37
+ A map of duration strings specifying when each subkey of the associated
38
+ secret was last updated.
39
+ (for ex.
40
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
41
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
42
+ """
43
+ elif False:
44
+ SyncAssociationMetadataArgsDict: TypeAlias = Mapping[str, Any]
45
+
46
+ @pulumi.input_type
47
+ class SyncAssociationMetadataArgs:
48
+ def __init__(__self__, *,
49
+ sub_key: Optional[pulumi.Input[str]] = None,
50
+ sync_status: Optional[pulumi.Input[str]] = None,
51
+ updated_at: Optional[pulumi.Input[str]] = None):
52
+ """
53
+ :param pulumi.Input[str] sub_key: Subkey of the associated secret.
54
+ :param pulumi.Input[str] sync_status: A map of sync statuses for each subkey of the associated secret
55
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
56
+ :param pulumi.Input[str] updated_at: A map of duration strings specifying when each subkey of the associated
57
+ secret was last updated.
58
+ (for ex.
59
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
60
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
61
+ """
62
+ if sub_key is not None:
63
+ pulumi.set(__self__, "sub_key", sub_key)
64
+ if sync_status is not None:
65
+ pulumi.set(__self__, "sync_status", sync_status)
66
+ if updated_at is not None:
67
+ pulumi.set(__self__, "updated_at", updated_at)
68
+
69
+ @property
70
+ @pulumi.getter(name="subKey")
71
+ def sub_key(self) -> Optional[pulumi.Input[str]]:
72
+ """
73
+ Subkey of the associated secret.
74
+ """
75
+ return pulumi.get(self, "sub_key")
76
+
77
+ @sub_key.setter
78
+ def sub_key(self, value: Optional[pulumi.Input[str]]):
79
+ pulumi.set(self, "sub_key", value)
80
+
81
+ @property
82
+ @pulumi.getter(name="syncStatus")
83
+ def sync_status(self) -> Optional[pulumi.Input[str]]:
84
+ """
85
+ A map of sync statuses for each subkey of the associated secret
86
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
87
+ """
88
+ return pulumi.get(self, "sync_status")
89
+
90
+ @sync_status.setter
91
+ def sync_status(self, value: Optional[pulumi.Input[str]]):
92
+ pulumi.set(self, "sync_status", value)
93
+
94
+ @property
95
+ @pulumi.getter(name="updatedAt")
96
+ def updated_at(self) -> Optional[pulumi.Input[str]]:
97
+ """
98
+ A map of duration strings specifying when each subkey of the associated
99
+ secret was last updated.
100
+ (for ex.
101
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
102
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
103
+ """
104
+ return pulumi.get(self, "updated_at")
105
+
106
+ @updated_at.setter
107
+ def updated_at(self, value: Optional[pulumi.Input[str]]):
108
+ pulumi.set(self, "updated_at", value)
109
+
110
+
@@ -0,0 +1,94 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import copy
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+
17
+ __all__ = [
18
+ 'SyncAssociationMetadata',
19
+ ]
20
+
21
+ @pulumi.output_type
22
+ class SyncAssociationMetadata(dict):
23
+ @staticmethod
24
+ def __key_warning(key: str):
25
+ suggest = None
26
+ if key == "subKey":
27
+ suggest = "sub_key"
28
+ elif key == "syncStatus":
29
+ suggest = "sync_status"
30
+ elif key == "updatedAt":
31
+ suggest = "updated_at"
32
+
33
+ if suggest:
34
+ pulumi.log.warn(f"Key '{key}' not found in SyncAssociationMetadata. Access the value via the '{suggest}' property getter instead.")
35
+
36
+ def __getitem__(self, key: str) -> Any:
37
+ SyncAssociationMetadata.__key_warning(key)
38
+ return super().__getitem__(key)
39
+
40
+ def get(self, key: str, default = None) -> Any:
41
+ SyncAssociationMetadata.__key_warning(key)
42
+ return super().get(key, default)
43
+
44
+ def __init__(__self__, *,
45
+ sub_key: Optional[str] = None,
46
+ sync_status: Optional[str] = None,
47
+ updated_at: Optional[str] = None):
48
+ """
49
+ :param str sub_key: Subkey of the associated secret.
50
+ :param str sync_status: A map of sync statuses for each subkey of the associated secret
51
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
52
+ :param str updated_at: A map of duration strings specifying when each subkey of the associated
53
+ secret was last updated.
54
+ (for ex.
55
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
56
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
57
+ """
58
+ if sub_key is not None:
59
+ pulumi.set(__self__, "sub_key", sub_key)
60
+ if sync_status is not None:
61
+ pulumi.set(__self__, "sync_status", sync_status)
62
+ if updated_at is not None:
63
+ pulumi.set(__self__, "updated_at", updated_at)
64
+
65
+ @property
66
+ @pulumi.getter(name="subKey")
67
+ def sub_key(self) -> Optional[str]:
68
+ """
69
+ Subkey of the associated secret.
70
+ """
71
+ return pulumi.get(self, "sub_key")
72
+
73
+ @property
74
+ @pulumi.getter(name="syncStatus")
75
+ def sync_status(self) -> Optional[str]:
76
+ """
77
+ A map of sync statuses for each subkey of the associated secret
78
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
79
+ """
80
+ return pulumi.get(self, "sync_status")
81
+
82
+ @property
83
+ @pulumi.getter(name="updatedAt")
84
+ def updated_at(self) -> Optional[str]:
85
+ """
86
+ A map of duration strings specifying when each subkey of the associated
87
+ secret was last updated.
88
+ (for ex.
89
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
90
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
91
+ """
92
+ return pulumi.get(self, "updated_at")
93
+
94
+
@@ -4,10 +4,17 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
16
+ from . import outputs
17
+ from ._inputs import *
11
18
 
12
19
  __all__ = ['SyncAssociationArgs', 'SyncAssociation']
13
20
 
@@ -27,7 +34,7 @@ class SyncAssociationArgs:
27
34
  :param pulumi.Input[str] name: Specifies the name of the destination.
28
35
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
29
36
  The value should not contain leading or trailing forward slashes.
30
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
37
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
31
38
  """
32
39
  pulumi.set(__self__, "mount", mount)
33
40
  pulumi.set(__self__, "secret_name", secret_name)
@@ -91,7 +98,7 @@ class SyncAssociationArgs:
91
98
  """
92
99
  The namespace to provision the resource in.
93
100
  The value should not contain leading or trailing forward slashes.
94
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
101
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
95
102
  """
96
103
  return pulumi.get(self, "namespace")
97
104
 
@@ -103,25 +110,25 @@ class SyncAssociationArgs:
103
110
  @pulumi.input_type
104
111
  class _SyncAssociationState:
105
112
  def __init__(__self__, *,
113
+ metadatas: Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]] = None,
106
114
  mount: Optional[pulumi.Input[str]] = None,
107
115
  name: Optional[pulumi.Input[str]] = None,
108
116
  namespace: Optional[pulumi.Input[str]] = None,
109
117
  secret_name: Optional[pulumi.Input[str]] = None,
110
- sync_status: Optional[pulumi.Input[str]] = None,
111
- type: Optional[pulumi.Input[str]] = None,
112
- updated_at: Optional[pulumi.Input[str]] = None):
118
+ type: Optional[pulumi.Input[str]] = None):
113
119
  """
114
120
  Input properties used for looking up and filtering SyncAssociation resources.
121
+ :param pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]] metadatas: Metadata for each subkey of the associated secret.
115
122
  :param pulumi.Input[str] mount: Specifies the mount where the secret is located.
116
123
  :param pulumi.Input[str] name: Specifies the name of the destination.
117
124
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
118
125
  The value should not contain leading or trailing forward slashes.
119
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
126
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
120
127
  :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
121
- :param pulumi.Input[str] sync_status: Specifies the status of the association (for eg. `SYNCED`).
122
128
  :param pulumi.Input[str] type: Specifies the destination type.
123
- :param pulumi.Input[str] updated_at: Duration string specifying when the secret was last updated.
124
129
  """
130
+ if metadatas is not None:
131
+ pulumi.set(__self__, "metadatas", metadatas)
125
132
  if mount is not None:
126
133
  pulumi.set(__self__, "mount", mount)
127
134
  if name is not None:
@@ -130,12 +137,20 @@ class _SyncAssociationState:
130
137
  pulumi.set(__self__, "namespace", namespace)
131
138
  if secret_name is not None:
132
139
  pulumi.set(__self__, "secret_name", secret_name)
133
- if sync_status is not None:
134
- pulumi.set(__self__, "sync_status", sync_status)
135
140
  if type is not None:
136
141
  pulumi.set(__self__, "type", type)
137
- if updated_at is not None:
138
- pulumi.set(__self__, "updated_at", updated_at)
142
+
143
+ @property
144
+ @pulumi.getter
145
+ def metadatas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]]:
146
+ """
147
+ Metadata for each subkey of the associated secret.
148
+ """
149
+ return pulumi.get(self, "metadatas")
150
+
151
+ @metadatas.setter
152
+ def metadatas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]]):
153
+ pulumi.set(self, "metadatas", value)
139
154
 
140
155
  @property
141
156
  @pulumi.getter
@@ -167,7 +182,7 @@ class _SyncAssociationState:
167
182
  """
168
183
  The namespace to provision the resource in.
169
184
  The value should not contain leading or trailing forward slashes.
170
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
185
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
171
186
  """
172
187
  return pulumi.get(self, "namespace")
173
188
 
@@ -187,18 +202,6 @@ class _SyncAssociationState:
187
202
  def secret_name(self, value: Optional[pulumi.Input[str]]):
188
203
  pulumi.set(self, "secret_name", value)
189
204
 
190
- @property
191
- @pulumi.getter(name="syncStatus")
192
- def sync_status(self) -> Optional[pulumi.Input[str]]:
193
- """
194
- Specifies the status of the association (for eg. `SYNCED`).
195
- """
196
- return pulumi.get(self, "sync_status")
197
-
198
- @sync_status.setter
199
- def sync_status(self, value: Optional[pulumi.Input[str]]):
200
- pulumi.set(self, "sync_status", value)
201
-
202
205
  @property
203
206
  @pulumi.getter
204
207
  def type(self) -> Optional[pulumi.Input[str]]:
@@ -211,18 +214,6 @@ class _SyncAssociationState:
211
214
  def type(self, value: Optional[pulumi.Input[str]]):
212
215
  pulumi.set(self, "type", value)
213
216
 
214
- @property
215
- @pulumi.getter(name="updatedAt")
216
- def updated_at(self) -> Optional[pulumi.Input[str]]:
217
- """
218
- Duration string specifying when the secret was last updated.
219
- """
220
- return pulumi.get(self, "updated_at")
221
-
222
- @updated_at.setter
223
- def updated_at(self, value: Optional[pulumi.Input[str]]):
224
- pulumi.set(self, "updated_at", value)
225
-
226
217
 
227
218
  class SyncAssociation(pulumi.CustomResource):
228
219
  @overload
@@ -252,16 +243,19 @@ class SyncAssociation(pulumi.CustomResource):
252
243
  description="KV Version 2 secret engine mount")
253
244
  token = vault.kv.SecretV2("token",
254
245
  mount=kvv2.path,
246
+ name="token",
255
247
  data_json=json.dumps({
256
248
  "dev": "B!gS3cr3t",
257
249
  "prod": "S3cureP4$$",
258
250
  }))
259
251
  gh = vault.secrets.SyncGhDestination("gh",
260
- access_token=var["access_token"],
261
- repository_owner=var["repo_owner"],
252
+ name="gh-dest",
253
+ access_token=access_token,
254
+ repository_owner=repo_owner,
262
255
  repository_name="repo-name-example",
263
256
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
264
- gh_token = vault.secrets.SyncAssociation("ghToken",
257
+ gh_token = vault.secrets.SyncAssociation("gh_token",
258
+ name=gh.name,
265
259
  type=gh.type,
266
260
  mount=kvv2.path,
267
261
  secret_name=token.name)
@@ -273,7 +267,7 @@ class SyncAssociation(pulumi.CustomResource):
273
267
  :param pulumi.Input[str] name: Specifies the name of the destination.
274
268
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
275
269
  The value should not contain leading or trailing forward slashes.
276
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
270
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
277
271
  :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
278
272
  :param pulumi.Input[str] type: Specifies the destination type.
279
273
  """
@@ -300,16 +294,19 @@ class SyncAssociation(pulumi.CustomResource):
300
294
  description="KV Version 2 secret engine mount")
301
295
  token = vault.kv.SecretV2("token",
302
296
  mount=kvv2.path,
297
+ name="token",
303
298
  data_json=json.dumps({
304
299
  "dev": "B!gS3cr3t",
305
300
  "prod": "S3cureP4$$",
306
301
  }))
307
302
  gh = vault.secrets.SyncGhDestination("gh",
308
- access_token=var["access_token"],
309
- repository_owner=var["repo_owner"],
303
+ name="gh-dest",
304
+ access_token=access_token,
305
+ repository_owner=repo_owner,
310
306
  repository_name="repo-name-example",
311
307
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
312
- gh_token = vault.secrets.SyncAssociation("ghToken",
308
+ gh_token = vault.secrets.SyncAssociation("gh_token",
309
+ name=gh.name,
313
310
  type=gh.type,
314
311
  mount=kvv2.path,
315
312
  secret_name=token.name)
@@ -355,8 +352,7 @@ class SyncAssociation(pulumi.CustomResource):
355
352
  if type is None and not opts.urn:
356
353
  raise TypeError("Missing required property 'type'")
357
354
  __props__.__dict__["type"] = type
358
- __props__.__dict__["sync_status"] = None
359
- __props__.__dict__["updated_at"] = None
355
+ __props__.__dict__["metadatas"] = None
360
356
  super(SyncAssociation, __self__).__init__(
361
357
  'vault:secrets/syncAssociation:SyncAssociation',
362
358
  resource_name,
@@ -367,13 +363,12 @@ class SyncAssociation(pulumi.CustomResource):
367
363
  def get(resource_name: str,
368
364
  id: pulumi.Input[str],
369
365
  opts: Optional[pulumi.ResourceOptions] = None,
366
+ metadatas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SyncAssociationMetadataArgs', 'SyncAssociationMetadataArgsDict']]]]] = None,
370
367
  mount: Optional[pulumi.Input[str]] = None,
371
368
  name: Optional[pulumi.Input[str]] = None,
372
369
  namespace: Optional[pulumi.Input[str]] = None,
373
370
  secret_name: Optional[pulumi.Input[str]] = None,
374
- sync_status: Optional[pulumi.Input[str]] = None,
375
- type: Optional[pulumi.Input[str]] = None,
376
- updated_at: Optional[pulumi.Input[str]] = None) -> 'SyncAssociation':
371
+ type: Optional[pulumi.Input[str]] = None) -> 'SyncAssociation':
377
372
  """
378
373
  Get an existing SyncAssociation resource's state with the given name, id, and optional extra
379
374
  properties used to qualify the lookup.
@@ -381,29 +376,35 @@ class SyncAssociation(pulumi.CustomResource):
381
376
  :param str resource_name: The unique name of the resulting resource.
382
377
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
383
378
  :param pulumi.ResourceOptions opts: Options for the resource.
379
+ :param pulumi.Input[Sequence[pulumi.Input[Union['SyncAssociationMetadataArgs', 'SyncAssociationMetadataArgsDict']]]] metadatas: Metadata for each subkey of the associated secret.
384
380
  :param pulumi.Input[str] mount: Specifies the mount where the secret is located.
385
381
  :param pulumi.Input[str] name: Specifies the name of the destination.
386
382
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
387
383
  The value should not contain leading or trailing forward slashes.
388
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
384
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
389
385
  :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
390
- :param pulumi.Input[str] sync_status: Specifies the status of the association (for eg. `SYNCED`).
391
386
  :param pulumi.Input[str] type: Specifies the destination type.
392
- :param pulumi.Input[str] updated_at: Duration string specifying when the secret was last updated.
393
387
  """
394
388
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
395
389
 
396
390
  __props__ = _SyncAssociationState.__new__(_SyncAssociationState)
397
391
 
392
+ __props__.__dict__["metadatas"] = metadatas
398
393
  __props__.__dict__["mount"] = mount
399
394
  __props__.__dict__["name"] = name
400
395
  __props__.__dict__["namespace"] = namespace
401
396
  __props__.__dict__["secret_name"] = secret_name
402
- __props__.__dict__["sync_status"] = sync_status
403
397
  __props__.__dict__["type"] = type
404
- __props__.__dict__["updated_at"] = updated_at
405
398
  return SyncAssociation(resource_name, opts=opts, __props__=__props__)
406
399
 
400
+ @property
401
+ @pulumi.getter
402
+ def metadatas(self) -> pulumi.Output[Sequence['outputs.SyncAssociationMetadata']]:
403
+ """
404
+ Metadata for each subkey of the associated secret.
405
+ """
406
+ return pulumi.get(self, "metadatas")
407
+
407
408
  @property
408
409
  @pulumi.getter
409
410
  def mount(self) -> pulumi.Output[str]:
@@ -426,7 +427,7 @@ class SyncAssociation(pulumi.CustomResource):
426
427
  """
427
428
  The namespace to provision the resource in.
428
429
  The value should not contain leading or trailing forward slashes.
429
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
430
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
430
431
  """
431
432
  return pulumi.get(self, "namespace")
432
433
 
@@ -438,14 +439,6 @@ class SyncAssociation(pulumi.CustomResource):
438
439
  """
439
440
  return pulumi.get(self, "secret_name")
440
441
 
441
- @property
442
- @pulumi.getter(name="syncStatus")
443
- def sync_status(self) -> pulumi.Output[str]:
444
- """
445
- Specifies the status of the association (for eg. `SYNCED`).
446
- """
447
- return pulumi.get(self, "sync_status")
448
-
449
442
  @property
450
443
  @pulumi.getter
451
444
  def type(self) -> pulumi.Output[str]:
@@ -454,11 +447,3 @@ class SyncAssociation(pulumi.CustomResource):
454
447
  """
455
448
  return pulumi.get(self, "type")
456
449
 
457
- @property
458
- @pulumi.getter(name="updatedAt")
459
- def updated_at(self) -> pulumi.Output[str]:
460
- """
461
- Duration string specifying when the secret was last updated.
462
- """
463
- return pulumi.get(self, "updated_at")
464
-