PyPI - pulumi-vault - Versions diffs - 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl - Mend

pulumi-vault 5.21.0a1709368526py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (229) hide show

pulumi_vault/__init__.py +52 -0
pulumi_vault/_inputs.py +560 -0
pulumi_vault/_utilities.py +41 -5
pulumi_vault/ad/get_access_credentials.py +26 -9
pulumi_vault/ad/secret_backend.py +16 -142
pulumi_vault/ad/secret_library.py +16 -9
pulumi_vault/ad/secret_role.py +14 -9
pulumi_vault/alicloud/auth_backend_role.py +76 -190
pulumi_vault/approle/auth_backend_login.py +12 -7
pulumi_vault/approle/auth_backend_role.py +77 -191
pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
pulumi_vault/audit.py +30 -21
pulumi_vault/audit_request_header.py +11 -2
pulumi_vault/auth_backend.py +66 -14
pulumi_vault/aws/auth_backend_cert.py +18 -9
pulumi_vault/aws/auth_backend_client.py +267 -22
pulumi_vault/aws/auth_backend_config_identity.py +14 -9
pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
pulumi_vault/aws/auth_backend_login.py +19 -22
pulumi_vault/aws/auth_backend_role.py +77 -191
pulumi_vault/aws/auth_backend_role_tag.py +12 -7
pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
pulumi_vault/aws/auth_backend_sts_role.py +14 -9
pulumi_vault/aws/get_access_credentials.py +38 -9
pulumi_vault/aws/get_static_access_credentials.py +19 -5
pulumi_vault/aws/secret_backend.py +77 -9
pulumi_vault/aws/secret_backend_role.py +185 -9
pulumi_vault/aws/secret_backend_static_role.py +20 -11
pulumi_vault/azure/_inputs.py +24 -0
pulumi_vault/azure/auth_backend_config.py +153 -15
pulumi_vault/azure/auth_backend_role.py +77 -191
pulumi_vault/azure/backend.py +227 -21
pulumi_vault/azure/backend_role.py +42 -37
pulumi_vault/azure/get_access_credentials.py +41 -7
pulumi_vault/azure/outputs.py +5 -0
pulumi_vault/cert_auth_backend_role.py +87 -267
pulumi_vault/config/__init__.pyi +5 -0
pulumi_vault/config/_inputs.py +73 -0
pulumi_vault/config/outputs.py +35 -0
pulumi_vault/config/ui_custom_message.py +529 -0
pulumi_vault/config/vars.py +5 -0
pulumi_vault/consul/secret_backend.py +28 -19
pulumi_vault/consul/secret_backend_role.py +18 -78
pulumi_vault/database/_inputs.py +2770 -881
pulumi_vault/database/outputs.py +721 -838
pulumi_vault/database/secret_backend_connection.py +119 -112
pulumi_vault/database/secret_backend_role.py +31 -22
pulumi_vault/database/secret_backend_static_role.py +87 -13
pulumi_vault/database/secrets_mount.py +427 -136
pulumi_vault/egp_policy.py +16 -11
pulumi_vault/gcp/_inputs.py +111 -0
pulumi_vault/gcp/auth_backend.py +250 -33
pulumi_vault/gcp/auth_backend_role.py +77 -269
pulumi_vault/gcp/get_auth_backend_role.py +43 -5
pulumi_vault/gcp/outputs.py +5 -0
pulumi_vault/gcp/secret_backend.py +287 -12
pulumi_vault/gcp/secret_impersonated_account.py +76 -15
pulumi_vault/gcp/secret_roleset.py +31 -24
pulumi_vault/gcp/secret_static_account.py +39 -32
pulumi_vault/generic/endpoint.py +24 -17
pulumi_vault/generic/get_secret.py +64 -8
pulumi_vault/generic/secret.py +21 -16
pulumi_vault/get_auth_backend.py +24 -7
pulumi_vault/get_auth_backends.py +51 -9
pulumi_vault/get_namespace.py +226 -0
pulumi_vault/get_namespaces.py +153 -0
pulumi_vault/get_nomad_access_token.py +31 -11
pulumi_vault/get_policy_document.py +34 -19
pulumi_vault/get_raft_autopilot_state.py +29 -10
pulumi_vault/github/_inputs.py +55 -0
pulumi_vault/github/auth_backend.py +19 -14
pulumi_vault/github/outputs.py +5 -0
pulumi_vault/github/team.py +16 -11
pulumi_vault/github/user.py +16 -11
pulumi_vault/identity/entity.py +20 -13
pulumi_vault/identity/entity_alias.py +20 -13
pulumi_vault/identity/entity_policies.py +28 -11
pulumi_vault/identity/get_entity.py +42 -10
pulumi_vault/identity/get_group.py +47 -9
pulumi_vault/identity/get_oidc_client_creds.py +21 -7
pulumi_vault/identity/get_oidc_openid_config.py +39 -9
pulumi_vault/identity/get_oidc_public_keys.py +29 -10
pulumi_vault/identity/group.py +58 -39
pulumi_vault/identity/group_alias.py +16 -9
pulumi_vault/identity/group_member_entity_ids.py +28 -66
pulumi_vault/identity/group_member_group_ids.py +40 -19
pulumi_vault/identity/group_policies.py +20 -7
pulumi_vault/identity/mfa_duo.py +11 -6
pulumi_vault/identity/mfa_login_enforcement.py +15 -6
pulumi_vault/identity/mfa_okta.py +11 -6
pulumi_vault/identity/mfa_pingid.py +7 -2
pulumi_vault/identity/mfa_totp.py +7 -2
pulumi_vault/identity/oidc.py +12 -7
pulumi_vault/identity/oidc_assignment.py +24 -11
pulumi_vault/identity/oidc_client.py +36 -23
pulumi_vault/identity/oidc_key.py +30 -17
pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
pulumi_vault/identity/oidc_provider.py +36 -21
pulumi_vault/identity/oidc_role.py +42 -21
pulumi_vault/identity/oidc_scope.py +20 -13
pulumi_vault/identity/outputs.py +8 -3
pulumi_vault/jwt/_inputs.py +55 -0
pulumi_vault/jwt/auth_backend.py +45 -40
pulumi_vault/jwt/auth_backend_role.py +133 -254
pulumi_vault/jwt/outputs.py +5 -0
pulumi_vault/kmip/secret_backend.py +24 -19
pulumi_vault/kmip/secret_role.py +14 -9
pulumi_vault/kmip/secret_scope.py +14 -9
pulumi_vault/kubernetes/auth_backend_config.py +57 -5
pulumi_vault/kubernetes/auth_backend_role.py +70 -177
pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
pulumi_vault/kubernetes/get_service_account_token.py +39 -11
pulumi_vault/kubernetes/secret_backend.py +316 -27
pulumi_vault/kubernetes/secret_backend_role.py +137 -46
pulumi_vault/kv/_inputs.py +36 -4
pulumi_vault/kv/get_secret.py +25 -8
pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
pulumi_vault/kv/get_secret_v2.py +85 -9
pulumi_vault/kv/get_secrets_list.py +24 -11
pulumi_vault/kv/get_secrets_list_v2.py +37 -15
pulumi_vault/kv/outputs.py +8 -3
pulumi_vault/kv/secret.py +23 -16
pulumi_vault/kv/secret_backend_v2.py +20 -11
pulumi_vault/kv/secret_v2.py +59 -50
pulumi_vault/ldap/auth_backend.py +127 -166
pulumi_vault/ldap/auth_backend_group.py +14 -9
pulumi_vault/ldap/auth_backend_user.py +14 -9
pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
pulumi_vault/ldap/get_static_credentials.py +24 -5
pulumi_vault/ldap/secret_backend.py +354 -82
pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
pulumi_vault/ldap/secret_backend_library_set.py +16 -9
pulumi_vault/ldap/secret_backend_static_role.py +73 -12
pulumi_vault/managed/_inputs.py +289 -132
pulumi_vault/managed/keys.py +29 -57
pulumi_vault/managed/outputs.py +89 -132
pulumi_vault/mfa_duo.py +18 -11
pulumi_vault/mfa_okta.py +18 -11
pulumi_vault/mfa_pingid.py +18 -11
pulumi_vault/mfa_totp.py +24 -17
pulumi_vault/mongodbatlas/secret_backend.py +20 -15
pulumi_vault/mongodbatlas/secret_role.py +47 -38
pulumi_vault/mount.py +391 -51
pulumi_vault/namespace.py +68 -83
pulumi_vault/nomad_secret_backend.py +18 -13
pulumi_vault/nomad_secret_role.py +14 -9
pulumi_vault/okta/_inputs.py +47 -8
pulumi_vault/okta/auth_backend.py +485 -39
pulumi_vault/okta/auth_backend_group.py +14 -9
pulumi_vault/okta/auth_backend_user.py +14 -9
pulumi_vault/okta/outputs.py +13 -8
pulumi_vault/outputs.py +5 -0
pulumi_vault/password_policy.py +20 -13
pulumi_vault/pkisecret/__init__.py +3 -0
pulumi_vault/pkisecret/_inputs.py +81 -0
pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
pulumi_vault/pkisecret/backend_config_est.py +619 -0
pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
pulumi_vault/pkisecret/get_backend_key.py +24 -9
pulumi_vault/pkisecret/get_backend_keys.py +21 -8
pulumi_vault/pkisecret/outputs.py +69 -0
pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
pulumi_vault/pkisecret/secret_backend_key.py +14 -9
pulumi_vault/pkisecret/secret_backend_role.py +21 -14
pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
pulumi_vault/plugin.py +595 -0
pulumi_vault/plugin_pinned_version.py +298 -0
pulumi_vault/policy.py +14 -9
pulumi_vault/provider.py +48 -53
pulumi_vault/pulumi-plugin.json +2 -1
pulumi_vault/quota_lease_count.py +60 -6
pulumi_vault/quota_rate_limit.py +56 -2
pulumi_vault/rabbitmq/_inputs.py +61 -0
pulumi_vault/rabbitmq/outputs.py +5 -0
pulumi_vault/rabbitmq/secret_backend.py +18 -13
pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
pulumi_vault/raft_autopilot.py +14 -9
pulumi_vault/raft_snapshot_agent_config.py +129 -224
pulumi_vault/rgp_policy.py +14 -9
pulumi_vault/saml/auth_backend.py +22 -17
pulumi_vault/saml/auth_backend_role.py +92 -197
pulumi_vault/secrets/__init__.py +3 -0
pulumi_vault/secrets/_inputs.py +110 -0
pulumi_vault/secrets/outputs.py +94 -0
pulumi_vault/secrets/sync_association.py +56 -71
pulumi_vault/secrets/sync_aws_destination.py +242 -27
pulumi_vault/secrets/sync_azure_destination.py +92 -31
pulumi_vault/secrets/sync_config.py +9 -4
pulumi_vault/secrets/sync_gcp_destination.py +158 -25
pulumi_vault/secrets/sync_gh_destination.py +189 -13
pulumi_vault/secrets/sync_github_apps.py +375 -0
pulumi_vault/secrets/sync_vercel_destination.py +74 -13
pulumi_vault/ssh/_inputs.py +28 -28
pulumi_vault/ssh/outputs.py +11 -28
pulumi_vault/ssh/secret_backend_ca.py +108 -9
pulumi_vault/ssh/secret_backend_role.py +85 -118
pulumi_vault/terraformcloud/secret_backend.py +7 -54
pulumi_vault/terraformcloud/secret_creds.py +14 -20
pulumi_vault/terraformcloud/secret_role.py +16 -74
pulumi_vault/token.py +28 -23
pulumi_vault/tokenauth/auth_backend_role.py +78 -199
pulumi_vault/transform/alphabet.py +16 -9
pulumi_vault/transform/get_decode.py +45 -17
pulumi_vault/transform/get_encode.py +45 -17
pulumi_vault/transform/role.py +16 -9
pulumi_vault/transform/template.py +30 -21
pulumi_vault/transform/transformation.py +12 -7
pulumi_vault/transit/get_decrypt.py +26 -21
pulumi_vault/transit/get_encrypt.py +24 -19
pulumi_vault/transit/secret_backend_key.py +27 -93
pulumi_vault/transit/secret_cache_config.py +12 -7
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0

pulumi_vault/secrets/__init__.py CHANGED Viewed

@@ -11,4 +11,7 @@ from .sync_azure_destination import *
 from .sync_config import *
 from .sync_gcp_destination import *
 from .sync_gh_destination import *
+from .sync_github_apps import *
 from .sync_vercel_destination import *
+from ._inputs import *
+from . import outputs

pulumi_vault/secrets/_inputs.py ADDED Viewed

@@ -0,0 +1,110 @@
+# coding=utf-8
+# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+import copy
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+__all__ = [
+    'SyncAssociationMetadataArgs',
+    'SyncAssociationMetadataArgsDict',
+]
+MYPY = False
+if not MYPY:
+    class SyncAssociationMetadataArgsDict(TypedDict):
+        sub_key: NotRequired[pulumi.Input[str]]
+        """
+        Subkey of the associated secret.
+        """
+        sync_status: NotRequired[pulumi.Input[str]]
+        """
+        A map of sync statuses for each subkey of the associated secret
+        (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
+        """
+        updated_at: NotRequired[pulumi.Input[str]]
+        """
+        A map of duration strings specifying when each subkey of the associated
+        secret was last updated.
+        (for ex.
+        `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
+        kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
+        """
+elif False:
+    SyncAssociationMetadataArgsDict: TypeAlias = Mapping[str, Any]
+@pulumi.input_type
+class SyncAssociationMetadataArgs:
+    def __init__(__self__, *,
+                 sub_key: Optional[pulumi.Input[str]] = None,
+                 sync_status: Optional[pulumi.Input[str]] = None,
+                 updated_at: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] sub_key: Subkey of the associated secret.
+        :param pulumi.Input[str] sync_status: A map of sync statuses for each subkey of the associated secret
+               (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
+        :param pulumi.Input[str] updated_at: A map of duration strings specifying when each subkey of the associated
+               secret was last updated.
+               (for ex.
+               `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
+               kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
+        """
+        if sub_key is not None:
+            pulumi.set(__self__, "sub_key", sub_key)
+        if sync_status is not None:
+            pulumi.set(__self__, "sync_status", sync_status)
+        if updated_at is not None:
+            pulumi.set(__self__, "updated_at", updated_at)
+    @property
+    @pulumi.getter(name="subKey")
+    def sub_key(self) -> Optional[pulumi.Input[str]]:
+        """
+        Subkey of the associated secret.
+        """
+        return pulumi.get(self, "sub_key")
+    @sub_key.setter
+    def sub_key(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "sub_key", value)
+    @property
+    @pulumi.getter(name="syncStatus")
+    def sync_status(self) -> Optional[pulumi.Input[str]]:
+        """
+        A map of sync statuses for each subkey of the associated secret
+        (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
+        """
+        return pulumi.get(self, "sync_status")
+    @sync_status.setter
+    def sync_status(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "sync_status", value)
+    @property
+    @pulumi.getter(name="updatedAt")
+    def updated_at(self) -> Optional[pulumi.Input[str]]:
+        """
+        A map of duration strings specifying when each subkey of the associated
+        secret was last updated.
+        (for ex.
+        `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
+        kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
+        """
+        return pulumi.get(self, "updated_at")
+    @updated_at.setter
+    def updated_at(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "updated_at", value)

pulumi_vault/secrets/outputs.py ADDED Viewed

@@ -0,0 +1,94 @@
+# coding=utf-8
+# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+import copy
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+__all__ = [
+    'SyncAssociationMetadata',
+]
+@pulumi.output_type
+class SyncAssociationMetadata(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "subKey":
+            suggest = "sub_key"
+        elif key == "syncStatus":
+            suggest = "sync_status"
+        elif key == "updatedAt":
+            suggest = "updated_at"
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in SyncAssociationMetadata. Access the value via the '{suggest}' property getter instead.")
+    def __getitem__(self, key: str) -> Any:
+        SyncAssociationMetadata.__key_warning(key)
+        return super().__getitem__(key)
+    def get(self, key: str, default = None) -> Any:
+        SyncAssociationMetadata.__key_warning(key)
+        return super().get(key, default)
+    def __init__(__self__, *,
+                 sub_key: Optional[str] = None,
+                 sync_status: Optional[str] = None,
+                 updated_at: Optional[str] = None):
+        """
+        :param str sub_key: Subkey of the associated secret.
+        :param str sync_status: A map of sync statuses for each subkey of the associated secret
+               (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
+        :param str updated_at: A map of duration strings specifying when each subkey of the associated
+               secret was last updated.
+               (for ex.
+               `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
+               kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
+        """
+        if sub_key is not None:
+            pulumi.set(__self__, "sub_key", sub_key)
+        if sync_status is not None:
+            pulumi.set(__self__, "sync_status", sync_status)
+        if updated_at is not None:
+            pulumi.set(__self__, "updated_at", updated_at)
+    @property
+    @pulumi.getter(name="subKey")
+    def sub_key(self) -> Optional[str]:
+        """
+        Subkey of the associated secret.
+        """
+        return pulumi.get(self, "sub_key")
+    @property
+    @pulumi.getter(name="syncStatus")
+    def sync_status(self) -> Optional[str]:
+        """
+        A map of sync statuses for each subkey of the associated secret
+        (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
+        """
+        return pulumi.get(self, "sync_status")
+    @property
+    @pulumi.getter(name="updatedAt")
+    def updated_at(self) -> Optional[str]:
+        """
+        A map of duration strings specifying when each subkey of the associated
+        secret was last updated.
+        (for ex.
+        `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
+        kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
+        """
+        return pulumi.get(self, "updated_at")

pulumi_vault/secrets/sync_association.py CHANGED Viewed

@@ -4,10 +4,17 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
+from . import outputs
+from ._inputs import *
 __all__ = ['SyncAssociationArgs', 'SyncAssociation']
@@ -27,7 +34,7 @@ class SyncAssociationArgs:
         :param pulumi.Input[str] name: Specifies the name of the destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         pulumi.set(__self__, "mount", mount)
         pulumi.set(__self__, "secret_name", secret_name)
@@ -91,7 +98,7 @@ class SyncAssociationArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
@@ -103,25 +110,25 @@ class SyncAssociationArgs:
 @pulumi.input_type
 class _SyncAssociationState:
     def __init__(__self__, *,
+                 metadatas: Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]] = None,
                  mount: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  secret_name: Optional[pulumi.Input[str]] = None,
-                 sync_status: Optional[pulumi.Input[str]] = None,
-                 type: Optional[pulumi.Input[str]] = None,
-                 updated_at: Optional[pulumi.Input[str]] = None):
+                 type: Optional[pulumi.Input[str]] = None):
         """
         Input properties used for looking up and filtering SyncAssociation resources.
+        :param pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]] metadatas: Metadata for each subkey of the associated secret.
         :param pulumi.Input[str] mount: Specifies the mount where the secret is located.
         :param pulumi.Input[str] name: Specifies the name of the destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
-        :param pulumi.Input[str] sync_status: Specifies the status of the association (for eg. `SYNCED`).
         :param pulumi.Input[str] type: Specifies the destination type.
-        :param pulumi.Input[str] updated_at: Duration string specifying when the secret was last updated.
         """
+        if metadatas is not None:
+            pulumi.set(__self__, "metadatas", metadatas)
         if mount is not None:
             pulumi.set(__self__, "mount", mount)
         if name is not None:
@@ -130,12 +137,20 @@ class _SyncAssociationState:
             pulumi.set(__self__, "namespace", namespace)
         if secret_name is not None:
             pulumi.set(__self__, "secret_name", secret_name)
-        if sync_status is not None:
-            pulumi.set(__self__, "sync_status", sync_status)
         if type is not None:
             pulumi.set(__self__, "type", type)
-        if updated_at is not None:
-            pulumi.set(__self__, "updated_at", updated_at)
+    @property
+    @pulumi.getter
+    def metadatas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]]:
+        """
+        Metadata for each subkey of the associated secret.
+        """
+        return pulumi.get(self, "metadatas")
+    @metadatas.setter
+    def metadatas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]]):
+        pulumi.set(self, "metadatas", value)
     @property
     @pulumi.getter
@@ -167,7 +182,7 @@ class _SyncAssociationState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
@@ -187,18 +202,6 @@ class _SyncAssociationState:
     def secret_name(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "secret_name", value)
-    @property
-    @pulumi.getter(name="syncStatus")
-    def sync_status(self) -> Optional[pulumi.Input[str]]:
-        """
-        Specifies the status of the association (for eg. `SYNCED`).
-        """
-        return pulumi.get(self, "sync_status")
-    @sync_status.setter
-    def sync_status(self, value: Optional[pulumi.Input[str]]):
-        pulumi.set(self, "sync_status", value)
     @property
     @pulumi.getter
     def type(self) -> Optional[pulumi.Input[str]]:
@@ -211,18 +214,6 @@ class _SyncAssociationState:
     def type(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "type", value)
-    @property
-    @pulumi.getter(name="updatedAt")
-    def updated_at(self) -> Optional[pulumi.Input[str]]:
-        """
-        Duration string specifying when the secret was last updated.
-        """
-        return pulumi.get(self, "updated_at")
-    @updated_at.setter
-    def updated_at(self, value: Optional[pulumi.Input[str]]):
-        pulumi.set(self, "updated_at", value)
 class SyncAssociation(pulumi.CustomResource):
     @overload
@@ -252,16 +243,19 @@ class SyncAssociation(pulumi.CustomResource):
             description="KV Version 2 secret engine mount")
         token = vault.kv.SecretV2("token",
             mount=kvv2.path,
+            name="token",
             data_json=json.dumps({
                 "dev": "B!gS3cr3t",
                 "prod": "S3cureP4$$",
             }))
         gh = vault.secrets.SyncGhDestination("gh",
-            access_token=var["access_token"],
-            repository_owner=var["repo_owner"],
+            name="gh-dest",
+            access_token=access_token,
+            repository_owner=repo_owner,
             repository_name="repo-name-example",
             secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
-        gh_token = vault.secrets.SyncAssociation("ghToken",
+        gh_token = vault.secrets.SyncAssociation("gh_token",
+            name=gh.name,
             type=gh.type,
             mount=kvv2.path,
             secret_name=token.name)
@@ -273,7 +267,7 @@ class SyncAssociation(pulumi.CustomResource):
         :param pulumi.Input[str] name: Specifies the name of the destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
         :param pulumi.Input[str] type: Specifies the destination type.
         """
@@ -300,16 +294,19 @@ class SyncAssociation(pulumi.CustomResource):
             description="KV Version 2 secret engine mount")
         token = vault.kv.SecretV2("token",
             mount=kvv2.path,
+            name="token",
             data_json=json.dumps({
                 "dev": "B!gS3cr3t",
                 "prod": "S3cureP4$$",
             }))
         gh = vault.secrets.SyncGhDestination("gh",
-            access_token=var["access_token"],
-            repository_owner=var["repo_owner"],
+            name="gh-dest",
+            access_token=access_token,
+            repository_owner=repo_owner,
             repository_name="repo-name-example",
             secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
-        gh_token = vault.secrets.SyncAssociation("ghToken",
+        gh_token = vault.secrets.SyncAssociation("gh_token",
+            name=gh.name,
             type=gh.type,
             mount=kvv2.path,
             secret_name=token.name)
@@ -355,8 +352,7 @@ class SyncAssociation(pulumi.CustomResource):
             if type is None and not opts.urn:
                 raise TypeError("Missing required property 'type'")
             __props__.__dict__["type"] = type
-            __props__.__dict__["sync_status"] = None
-            __props__.__dict__["updated_at"] = None
+            __props__.__dict__["metadatas"] = None
         super(SyncAssociation, __self__).__init__(
             'vault:secrets/syncAssociation:SyncAssociation',
             resource_name,
@@ -367,13 +363,12 @@ class SyncAssociation(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
+            metadatas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SyncAssociationMetadataArgs', 'SyncAssociationMetadataArgsDict']]]]] = None,
             mount: Optional[pulumi.Input[str]] = None,
             name: Optional[pulumi.Input[str]] = None,
             namespace: Optional[pulumi.Input[str]] = None,
             secret_name: Optional[pulumi.Input[str]] = None,
-            sync_status: Optional[pulumi.Input[str]] = None,
-            type: Optional[pulumi.Input[str]] = None,
-            updated_at: Optional[pulumi.Input[str]] = None) -> 'SyncAssociation':
+            type: Optional[pulumi.Input[str]] = None) -> 'SyncAssociation':
         """
         Get an existing SyncAssociation resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -381,29 +376,35 @@ class SyncAssociation(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SyncAssociationMetadataArgs', 'SyncAssociationMetadataArgsDict']]]] metadatas: Metadata for each subkey of the associated secret.
         :param pulumi.Input[str] mount: Specifies the mount where the secret is located.
         :param pulumi.Input[str] name: Specifies the name of the destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
-        :param pulumi.Input[str] sync_status: Specifies the status of the association (for eg. `SYNCED`).
         :param pulumi.Input[str] type: Specifies the destination type.
-        :param pulumi.Input[str] updated_at: Duration string specifying when the secret was last updated.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
         __props__ = _SyncAssociationState.__new__(_SyncAssociationState)
+        __props__.__dict__["metadatas"] = metadatas
         __props__.__dict__["mount"] = mount
         __props__.__dict__["name"] = name
         __props__.__dict__["namespace"] = namespace
         __props__.__dict__["secret_name"] = secret_name
-        __props__.__dict__["sync_status"] = sync_status
         __props__.__dict__["type"] = type
-        __props__.__dict__["updated_at"] = updated_at
         return SyncAssociation(resource_name, opts=opts, __props__=__props__)
+    @property
+    @pulumi.getter
+    def metadatas(self) -> pulumi.Output[Sequence['outputs.SyncAssociationMetadata']]:
+        """
+        Metadata for each subkey of the associated secret.
+        """
+        return pulumi.get(self, "metadatas")
     @property
     @pulumi.getter
     def mount(self) -> pulumi.Output[str]:
@@ -426,7 +427,7 @@ class SyncAssociation(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
@@ -438,14 +439,6 @@ class SyncAssociation(pulumi.CustomResource):
         """
         return pulumi.get(self, "secret_name")
-    @property
-    @pulumi.getter(name="syncStatus")
-    def sync_status(self) -> pulumi.Output[str]:
-        """
-        Specifies the status of the association (for eg. `SYNCED`).
-        """
-        return pulumi.get(self, "sync_status")
     @property
     @pulumi.getter
     def type(self) -> pulumi.Output[str]:
@@ -454,11 +447,3 @@ class SyncAssociation(pulumi.CustomResource):
         """
         return pulumi.get(self, "type")
-    @property
-    @pulumi.getter(name="updatedAt")
-    def updated_at(self) -> pulumi.Output[str]:
-        """
-        Duration string specifying when the secret was last updated.
-        """
-        return pulumi.get(self, "updated_at")

pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

pulumi-vault 5.21.0a1709368526py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl