pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SyncAzureDestinationArgs', 'SyncAzureDestination']
@@ -17,7 +22,8 @@ class SyncAzureDestinationArgs:
17
22
  client_id: Optional[pulumi.Input[str]] = None,
18
23
  client_secret: Optional[pulumi.Input[str]] = None,
19
24
  cloud: Optional[pulumi.Input[str]] = None,
20
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
25
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
26
+ granularity: Optional[pulumi.Input[str]] = None,
21
27
  key_vault_uri: Optional[pulumi.Input[str]] = None,
22
28
  name: Optional[pulumi.Input[str]] = None,
23
29
  namespace: Optional[pulumi.Input[str]] = None,
@@ -32,14 +38,16 @@ class SyncAzureDestinationArgs:
32
38
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
33
39
  variable.
34
40
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
35
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
41
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
42
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
43
+ at the destination. Supports `secret-path` and `secret-key`.
36
44
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
37
45
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
38
46
  variable.
39
47
  :param pulumi.Input[str] name: Unique name of the Azure destination.
40
48
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
41
49
  The value should not contain leading or trailing forward slashes.
42
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
50
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
43
51
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
44
52
  Supports a subset of the Go Template syntax.
45
53
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -54,6 +62,8 @@ class SyncAzureDestinationArgs:
54
62
  pulumi.set(__self__, "cloud", cloud)
55
63
  if custom_tags is not None:
56
64
  pulumi.set(__self__, "custom_tags", custom_tags)
65
+ if granularity is not None:
66
+ pulumi.set(__self__, "granularity", granularity)
57
67
  if key_vault_uri is not None:
58
68
  pulumi.set(__self__, "key_vault_uri", key_vault_uri)
59
69
  if name is not None:
@@ -107,16 +117,29 @@ class SyncAzureDestinationArgs:
107
117
 
108
118
  @property
109
119
  @pulumi.getter(name="customTags")
110
- def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
120
+ def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
111
121
  """
112
122
  Custom tags to set on the secret managed at the destination.
113
123
  """
114
124
  return pulumi.get(self, "custom_tags")
115
125
 
116
126
  @custom_tags.setter
117
- def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
127
+ def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
118
128
  pulumi.set(self, "custom_tags", value)
119
129
 
130
+ @property
131
+ @pulumi.getter
132
+ def granularity(self) -> Optional[pulumi.Input[str]]:
133
+ """
134
+ Determines what level of information is synced as a distinct resource
135
+ at the destination. Supports `secret-path` and `secret-key`.
136
+ """
137
+ return pulumi.get(self, "granularity")
138
+
139
+ @granularity.setter
140
+ def granularity(self, value: Optional[pulumi.Input[str]]):
141
+ pulumi.set(self, "granularity", value)
142
+
120
143
  @property
121
144
  @pulumi.getter(name="keyVaultUri")
122
145
  def key_vault_uri(self) -> Optional[pulumi.Input[str]]:
@@ -149,7 +172,7 @@ class SyncAzureDestinationArgs:
149
172
  """
150
173
  The namespace to provision the resource in.
151
174
  The value should not contain leading or trailing forward slashes.
152
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
175
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
153
176
  """
154
177
  return pulumi.get(self, "namespace")
155
178
 
@@ -191,7 +214,8 @@ class _SyncAzureDestinationState:
191
214
  client_id: Optional[pulumi.Input[str]] = None,
192
215
  client_secret: Optional[pulumi.Input[str]] = None,
193
216
  cloud: Optional[pulumi.Input[str]] = None,
194
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
217
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
218
+ granularity: Optional[pulumi.Input[str]] = None,
195
219
  key_vault_uri: Optional[pulumi.Input[str]] = None,
196
220
  name: Optional[pulumi.Input[str]] = None,
197
221
  namespace: Optional[pulumi.Input[str]] = None,
@@ -207,14 +231,16 @@ class _SyncAzureDestinationState:
207
231
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
208
232
  variable.
209
233
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
210
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
234
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
235
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
236
+ at the destination. Supports `secret-path` and `secret-key`.
211
237
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
212
238
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
213
239
  variable.
214
240
  :param pulumi.Input[str] name: Unique name of the Azure destination.
215
241
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
216
242
  The value should not contain leading or trailing forward slashes.
217
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
243
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
218
244
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
219
245
  Supports a subset of the Go Template syntax.
220
246
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -230,6 +256,8 @@ class _SyncAzureDestinationState:
230
256
  pulumi.set(__self__, "cloud", cloud)
231
257
  if custom_tags is not None:
232
258
  pulumi.set(__self__, "custom_tags", custom_tags)
259
+ if granularity is not None:
260
+ pulumi.set(__self__, "granularity", granularity)
233
261
  if key_vault_uri is not None:
234
262
  pulumi.set(__self__, "key_vault_uri", key_vault_uri)
235
263
  if name is not None:
@@ -285,16 +313,29 @@ class _SyncAzureDestinationState:
285
313
 
286
314
  @property
287
315
  @pulumi.getter(name="customTags")
288
- def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
316
+ def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
289
317
  """
290
318
  Custom tags to set on the secret managed at the destination.
291
319
  """
292
320
  return pulumi.get(self, "custom_tags")
293
321
 
294
322
  @custom_tags.setter
295
- def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
323
+ def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
296
324
  pulumi.set(self, "custom_tags", value)
297
325
 
326
+ @property
327
+ @pulumi.getter
328
+ def granularity(self) -> Optional[pulumi.Input[str]]:
329
+ """
330
+ Determines what level of information is synced as a distinct resource
331
+ at the destination. Supports `secret-path` and `secret-key`.
332
+ """
333
+ return pulumi.get(self, "granularity")
334
+
335
+ @granularity.setter
336
+ def granularity(self, value: Optional[pulumi.Input[str]]):
337
+ pulumi.set(self, "granularity", value)
338
+
298
339
  @property
299
340
  @pulumi.getter(name="keyVaultUri")
300
341
  def key_vault_uri(self) -> Optional[pulumi.Input[str]]:
@@ -327,7 +368,7 @@ class _SyncAzureDestinationState:
327
368
  """
328
369
  The namespace to provision the resource in.
329
370
  The value should not contain leading or trailing forward slashes.
330
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
371
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
331
372
  """
332
373
  return pulumi.get(self, "namespace")
333
374
 
@@ -383,7 +424,8 @@ class SyncAzureDestination(pulumi.CustomResource):
383
424
  client_id: Optional[pulumi.Input[str]] = None,
384
425
  client_secret: Optional[pulumi.Input[str]] = None,
385
426
  cloud: Optional[pulumi.Input[str]] = None,
386
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
427
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
428
+ granularity: Optional[pulumi.Input[str]] = None,
387
429
  key_vault_uri: Optional[pulumi.Input[str]] = None,
388
430
  name: Optional[pulumi.Input[str]] = None,
389
431
  namespace: Optional[pulumi.Input[str]] = None,
@@ -398,10 +440,11 @@ class SyncAzureDestination(pulumi.CustomResource):
398
440
  import pulumi_vault as vault
399
441
 
400
442
  az = vault.secrets.SyncAzureDestination("az",
401
- key_vault_uri=var["key_vault_uri"],
402
- client_id=var["client_id"],
403
- client_secret=var["client_secret"],
404
- tenant_id=var["tenant_id"],
443
+ name="az-dest",
444
+ key_vault_uri=key_vault_uri,
445
+ client_id=client_id,
446
+ client_secret=client_secret,
447
+ tenant_id=tenant_id,
405
448
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
406
449
  custom_tags={
407
450
  "foo": "bar",
@@ -413,7 +456,7 @@ class SyncAzureDestination(pulumi.CustomResource):
413
456
  Azure Secrets sync destinations can be imported using the `name`, e.g.
414
457
 
415
458
  ```sh
416
- $ pulumi import vault:secrets/syncAzureDestination:SyncAzureDestination az az-dest
459
+ $ pulumi import vault:secrets/syncAzureDestination:SyncAzureDestination az az-dest
417
460
  ```
418
461
 
419
462
  :param str resource_name: The name of the resource.
@@ -425,14 +468,16 @@ class SyncAzureDestination(pulumi.CustomResource):
425
468
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
426
469
  variable.
427
470
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
428
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
471
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
472
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
473
+ at the destination. Supports `secret-path` and `secret-key`.
429
474
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
430
475
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
431
476
  variable.
432
477
  :param pulumi.Input[str] name: Unique name of the Azure destination.
433
478
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
434
479
  The value should not contain leading or trailing forward slashes.
435
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
480
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
436
481
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
437
482
  Supports a subset of the Go Template syntax.
438
483
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -453,10 +498,11 @@ class SyncAzureDestination(pulumi.CustomResource):
453
498
  import pulumi_vault as vault
454
499
 
455
500
  az = vault.secrets.SyncAzureDestination("az",
456
- key_vault_uri=var["key_vault_uri"],
457
- client_id=var["client_id"],
458
- client_secret=var["client_secret"],
459
- tenant_id=var["tenant_id"],
501
+ name="az-dest",
502
+ key_vault_uri=key_vault_uri,
503
+ client_id=client_id,
504
+ client_secret=client_secret,
505
+ tenant_id=tenant_id,
460
506
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
461
507
  custom_tags={
462
508
  "foo": "bar",
@@ -468,7 +514,7 @@ class SyncAzureDestination(pulumi.CustomResource):
468
514
  Azure Secrets sync destinations can be imported using the `name`, e.g.
469
515
 
470
516
  ```sh
471
- $ pulumi import vault:secrets/syncAzureDestination:SyncAzureDestination az az-dest
517
+ $ pulumi import vault:secrets/syncAzureDestination:SyncAzureDestination az az-dest
472
518
  ```
473
519
 
474
520
  :param str resource_name: The name of the resource.
@@ -489,7 +535,8 @@ class SyncAzureDestination(pulumi.CustomResource):
489
535
  client_id: Optional[pulumi.Input[str]] = None,
490
536
  client_secret: Optional[pulumi.Input[str]] = None,
491
537
  cloud: Optional[pulumi.Input[str]] = None,
492
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
538
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
539
+ granularity: Optional[pulumi.Input[str]] = None,
493
540
  key_vault_uri: Optional[pulumi.Input[str]] = None,
494
541
  name: Optional[pulumi.Input[str]] = None,
495
542
  namespace: Optional[pulumi.Input[str]] = None,
@@ -508,6 +555,7 @@ class SyncAzureDestination(pulumi.CustomResource):
508
555
  __props__.__dict__["client_secret"] = None if client_secret is None else pulumi.Output.secret(client_secret)
509
556
  __props__.__dict__["cloud"] = cloud
510
557
  __props__.__dict__["custom_tags"] = custom_tags
558
+ __props__.__dict__["granularity"] = granularity
511
559
  __props__.__dict__["key_vault_uri"] = key_vault_uri
512
560
  __props__.__dict__["name"] = name
513
561
  __props__.__dict__["namespace"] = namespace
@@ -529,7 +577,8 @@ class SyncAzureDestination(pulumi.CustomResource):
529
577
  client_id: Optional[pulumi.Input[str]] = None,
530
578
  client_secret: Optional[pulumi.Input[str]] = None,
531
579
  cloud: Optional[pulumi.Input[str]] = None,
532
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
580
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
581
+ granularity: Optional[pulumi.Input[str]] = None,
533
582
  key_vault_uri: Optional[pulumi.Input[str]] = None,
534
583
  name: Optional[pulumi.Input[str]] = None,
535
584
  namespace: Optional[pulumi.Input[str]] = None,
@@ -550,14 +599,16 @@ class SyncAzureDestination(pulumi.CustomResource):
550
599
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
551
600
  variable.
552
601
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
553
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
602
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
603
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
604
+ at the destination. Supports `secret-path` and `secret-key`.
554
605
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
555
606
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
556
607
  variable.
557
608
  :param pulumi.Input[str] name: Unique name of the Azure destination.
558
609
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
559
610
  The value should not contain leading or trailing forward slashes.
560
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
611
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
561
612
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
562
613
  Supports a subset of the Go Template syntax.
563
614
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -573,6 +624,7 @@ class SyncAzureDestination(pulumi.CustomResource):
573
624
  __props__.__dict__["client_secret"] = client_secret
574
625
  __props__.__dict__["cloud"] = cloud
575
626
  __props__.__dict__["custom_tags"] = custom_tags
627
+ __props__.__dict__["granularity"] = granularity
576
628
  __props__.__dict__["key_vault_uri"] = key_vault_uri
577
629
  __props__.__dict__["name"] = name
578
630
  __props__.__dict__["namespace"] = namespace
@@ -611,12 +663,21 @@ class SyncAzureDestination(pulumi.CustomResource):
611
663
 
612
664
  @property
613
665
  @pulumi.getter(name="customTags")
614
- def custom_tags(self) -> pulumi.Output[Optional[Mapping[str, Any]]]:
666
+ def custom_tags(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
615
667
  """
616
668
  Custom tags to set on the secret managed at the destination.
617
669
  """
618
670
  return pulumi.get(self, "custom_tags")
619
671
 
672
+ @property
673
+ @pulumi.getter
674
+ def granularity(self) -> pulumi.Output[Optional[str]]:
675
+ """
676
+ Determines what level of information is synced as a distinct resource
677
+ at the destination. Supports `secret-path` and `secret-key`.
678
+ """
679
+ return pulumi.get(self, "granularity")
680
+
620
681
  @property
621
682
  @pulumi.getter(name="keyVaultUri")
622
683
  def key_vault_uri(self) -> pulumi.Output[Optional[str]]:
@@ -641,7 +702,7 @@ class SyncAzureDestination(pulumi.CustomResource):
641
702
  """
642
703
  The namespace to provision the resource in.
643
704
  The value should not contain leading or trailing forward slashes.
644
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
705
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
645
706
  """
646
707
  return pulumi.get(self, "namespace")
647
708
 
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SyncConfigArgs', 'SyncConfig']
@@ -154,7 +159,7 @@ class SyncConfig(pulumi.CustomResource):
154
159
  import pulumi
155
160
  import pulumi_vault as vault
156
161
 
157
- global_config = vault.secrets.SyncConfig("globalConfig",
162
+ global_config = vault.secrets.SyncConfig("global_config",
158
163
  disabled=True,
159
164
  queue_capacity=500000)
160
165
  ```
@@ -162,7 +167,7 @@ class SyncConfig(pulumi.CustomResource):
162
167
  ## Import
163
168
 
164
169
  ```sh
165
- $ pulumi import vault:secrets/syncConfig:SyncConfig config global_config
170
+ $ pulumi import vault:secrets/syncConfig:SyncConfig config global_config
166
171
  ```
167
172
 
168
173
  :param str resource_name: The name of the resource.
@@ -193,7 +198,7 @@ class SyncConfig(pulumi.CustomResource):
193
198
  import pulumi
194
199
  import pulumi_vault as vault
195
200
 
196
- global_config = vault.secrets.SyncConfig("globalConfig",
201
+ global_config = vault.secrets.SyncConfig("global_config",
197
202
  disabled=True,
198
203
  queue_capacity=500000)
199
204
  ```
@@ -201,7 +206,7 @@ class SyncConfig(pulumi.CustomResource):
201
206
  ## Import
202
207
 
203
208
  ```sh
204
- $ pulumi import vault:secrets/syncConfig:SyncConfig config global_config
209
+ $ pulumi import vault:secrets/syncConfig:SyncConfig config global_config
205
210
  ```
206
211
 
207
212
  :param str resource_name: The name of the resource.