PyPI - pulumi-vault - Versions diffs - 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl - Mend

pulumi-vault 5.21.0a1709368526py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (229) hide show

pulumi_vault/__init__.py +52 -0
pulumi_vault/_inputs.py +560 -0
pulumi_vault/_utilities.py +41 -5
pulumi_vault/ad/get_access_credentials.py +26 -9
pulumi_vault/ad/secret_backend.py +16 -142
pulumi_vault/ad/secret_library.py +16 -9
pulumi_vault/ad/secret_role.py +14 -9
pulumi_vault/alicloud/auth_backend_role.py +76 -190
pulumi_vault/approle/auth_backend_login.py +12 -7
pulumi_vault/approle/auth_backend_role.py +77 -191
pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
pulumi_vault/audit.py +30 -21
pulumi_vault/audit_request_header.py +11 -2
pulumi_vault/auth_backend.py +66 -14
pulumi_vault/aws/auth_backend_cert.py +18 -9
pulumi_vault/aws/auth_backend_client.py +267 -22
pulumi_vault/aws/auth_backend_config_identity.py +14 -9
pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
pulumi_vault/aws/auth_backend_login.py +19 -22
pulumi_vault/aws/auth_backend_role.py +77 -191
pulumi_vault/aws/auth_backend_role_tag.py +12 -7
pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
pulumi_vault/aws/auth_backend_sts_role.py +14 -9
pulumi_vault/aws/get_access_credentials.py +38 -9
pulumi_vault/aws/get_static_access_credentials.py +19 -5
pulumi_vault/aws/secret_backend.py +77 -9
pulumi_vault/aws/secret_backend_role.py +185 -9
pulumi_vault/aws/secret_backend_static_role.py +20 -11
pulumi_vault/azure/_inputs.py +24 -0
pulumi_vault/azure/auth_backend_config.py +153 -15
pulumi_vault/azure/auth_backend_role.py +77 -191
pulumi_vault/azure/backend.py +227 -21
pulumi_vault/azure/backend_role.py +42 -37
pulumi_vault/azure/get_access_credentials.py +41 -7
pulumi_vault/azure/outputs.py +5 -0
pulumi_vault/cert_auth_backend_role.py +87 -267
pulumi_vault/config/__init__.pyi +5 -0
pulumi_vault/config/_inputs.py +73 -0
pulumi_vault/config/outputs.py +35 -0
pulumi_vault/config/ui_custom_message.py +529 -0
pulumi_vault/config/vars.py +5 -0
pulumi_vault/consul/secret_backend.py +28 -19
pulumi_vault/consul/secret_backend_role.py +18 -78
pulumi_vault/database/_inputs.py +2770 -881
pulumi_vault/database/outputs.py +721 -838
pulumi_vault/database/secret_backend_connection.py +119 -112
pulumi_vault/database/secret_backend_role.py +31 -22
pulumi_vault/database/secret_backend_static_role.py +87 -13
pulumi_vault/database/secrets_mount.py +427 -136
pulumi_vault/egp_policy.py +16 -11
pulumi_vault/gcp/_inputs.py +111 -0
pulumi_vault/gcp/auth_backend.py +250 -33
pulumi_vault/gcp/auth_backend_role.py +77 -269
pulumi_vault/gcp/get_auth_backend_role.py +43 -5
pulumi_vault/gcp/outputs.py +5 -0
pulumi_vault/gcp/secret_backend.py +287 -12
pulumi_vault/gcp/secret_impersonated_account.py +76 -15
pulumi_vault/gcp/secret_roleset.py +31 -24
pulumi_vault/gcp/secret_static_account.py +39 -32
pulumi_vault/generic/endpoint.py +24 -17
pulumi_vault/generic/get_secret.py +64 -8
pulumi_vault/generic/secret.py +21 -16
pulumi_vault/get_auth_backend.py +24 -7
pulumi_vault/get_auth_backends.py +51 -9
pulumi_vault/get_namespace.py +226 -0
pulumi_vault/get_namespaces.py +153 -0
pulumi_vault/get_nomad_access_token.py +31 -11
pulumi_vault/get_policy_document.py +34 -19
pulumi_vault/get_raft_autopilot_state.py +29 -10
pulumi_vault/github/_inputs.py +55 -0
pulumi_vault/github/auth_backend.py +19 -14
pulumi_vault/github/outputs.py +5 -0
pulumi_vault/github/team.py +16 -11
pulumi_vault/github/user.py +16 -11
pulumi_vault/identity/entity.py +20 -13
pulumi_vault/identity/entity_alias.py +20 -13
pulumi_vault/identity/entity_policies.py +28 -11
pulumi_vault/identity/get_entity.py +42 -10
pulumi_vault/identity/get_group.py +47 -9
pulumi_vault/identity/get_oidc_client_creds.py +21 -7
pulumi_vault/identity/get_oidc_openid_config.py +39 -9
pulumi_vault/identity/get_oidc_public_keys.py +29 -10
pulumi_vault/identity/group.py +58 -39
pulumi_vault/identity/group_alias.py +16 -9
pulumi_vault/identity/group_member_entity_ids.py +28 -66
pulumi_vault/identity/group_member_group_ids.py +40 -19
pulumi_vault/identity/group_policies.py +20 -7
pulumi_vault/identity/mfa_duo.py +11 -6
pulumi_vault/identity/mfa_login_enforcement.py +15 -6
pulumi_vault/identity/mfa_okta.py +11 -6
pulumi_vault/identity/mfa_pingid.py +7 -2
pulumi_vault/identity/mfa_totp.py +7 -2
pulumi_vault/identity/oidc.py +12 -7
pulumi_vault/identity/oidc_assignment.py +24 -11
pulumi_vault/identity/oidc_client.py +36 -23
pulumi_vault/identity/oidc_key.py +30 -17
pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
pulumi_vault/identity/oidc_provider.py +36 -21
pulumi_vault/identity/oidc_role.py +42 -21
pulumi_vault/identity/oidc_scope.py +20 -13
pulumi_vault/identity/outputs.py +8 -3
pulumi_vault/jwt/_inputs.py +55 -0
pulumi_vault/jwt/auth_backend.py +45 -40
pulumi_vault/jwt/auth_backend_role.py +133 -254
pulumi_vault/jwt/outputs.py +5 -0
pulumi_vault/kmip/secret_backend.py +24 -19
pulumi_vault/kmip/secret_role.py +14 -9
pulumi_vault/kmip/secret_scope.py +14 -9
pulumi_vault/kubernetes/auth_backend_config.py +57 -5
pulumi_vault/kubernetes/auth_backend_role.py +70 -177
pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
pulumi_vault/kubernetes/get_service_account_token.py +39 -11
pulumi_vault/kubernetes/secret_backend.py +316 -27
pulumi_vault/kubernetes/secret_backend_role.py +137 -46
pulumi_vault/kv/_inputs.py +36 -4
pulumi_vault/kv/get_secret.py +25 -8
pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
pulumi_vault/kv/get_secret_v2.py +85 -9
pulumi_vault/kv/get_secrets_list.py +24 -11
pulumi_vault/kv/get_secrets_list_v2.py +37 -15
pulumi_vault/kv/outputs.py +8 -3
pulumi_vault/kv/secret.py +23 -16
pulumi_vault/kv/secret_backend_v2.py +20 -11
pulumi_vault/kv/secret_v2.py +59 -50
pulumi_vault/ldap/auth_backend.py +127 -166
pulumi_vault/ldap/auth_backend_group.py +14 -9
pulumi_vault/ldap/auth_backend_user.py +14 -9
pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
pulumi_vault/ldap/get_static_credentials.py +24 -5
pulumi_vault/ldap/secret_backend.py +354 -82
pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
pulumi_vault/ldap/secret_backend_library_set.py +16 -9
pulumi_vault/ldap/secret_backend_static_role.py +73 -12
pulumi_vault/managed/_inputs.py +289 -132
pulumi_vault/managed/keys.py +29 -57
pulumi_vault/managed/outputs.py +89 -132
pulumi_vault/mfa_duo.py +18 -11
pulumi_vault/mfa_okta.py +18 -11
pulumi_vault/mfa_pingid.py +18 -11
pulumi_vault/mfa_totp.py +24 -17
pulumi_vault/mongodbatlas/secret_backend.py +20 -15
pulumi_vault/mongodbatlas/secret_role.py +47 -38
pulumi_vault/mount.py +391 -51
pulumi_vault/namespace.py +68 -83
pulumi_vault/nomad_secret_backend.py +18 -13
pulumi_vault/nomad_secret_role.py +14 -9
pulumi_vault/okta/_inputs.py +47 -8
pulumi_vault/okta/auth_backend.py +485 -39
pulumi_vault/okta/auth_backend_group.py +14 -9
pulumi_vault/okta/auth_backend_user.py +14 -9
pulumi_vault/okta/outputs.py +13 -8
pulumi_vault/outputs.py +5 -0
pulumi_vault/password_policy.py +20 -13
pulumi_vault/pkisecret/__init__.py +3 -0
pulumi_vault/pkisecret/_inputs.py +81 -0
pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
pulumi_vault/pkisecret/backend_config_est.py +619 -0
pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
pulumi_vault/pkisecret/get_backend_key.py +24 -9
pulumi_vault/pkisecret/get_backend_keys.py +21 -8
pulumi_vault/pkisecret/outputs.py +69 -0
pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
pulumi_vault/pkisecret/secret_backend_key.py +14 -9
pulumi_vault/pkisecret/secret_backend_role.py +21 -14
pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
pulumi_vault/plugin.py +595 -0
pulumi_vault/plugin_pinned_version.py +298 -0
pulumi_vault/policy.py +14 -9
pulumi_vault/provider.py +48 -53
pulumi_vault/pulumi-plugin.json +2 -1
pulumi_vault/quota_lease_count.py +60 -6
pulumi_vault/quota_rate_limit.py +56 -2
pulumi_vault/rabbitmq/_inputs.py +61 -0
pulumi_vault/rabbitmq/outputs.py +5 -0
pulumi_vault/rabbitmq/secret_backend.py +18 -13
pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
pulumi_vault/raft_autopilot.py +14 -9
pulumi_vault/raft_snapshot_agent_config.py +129 -224
pulumi_vault/rgp_policy.py +14 -9
pulumi_vault/saml/auth_backend.py +22 -17
pulumi_vault/saml/auth_backend_role.py +92 -197
pulumi_vault/secrets/__init__.py +3 -0
pulumi_vault/secrets/_inputs.py +110 -0
pulumi_vault/secrets/outputs.py +94 -0
pulumi_vault/secrets/sync_association.py +56 -71
pulumi_vault/secrets/sync_aws_destination.py +242 -27
pulumi_vault/secrets/sync_azure_destination.py +92 -31
pulumi_vault/secrets/sync_config.py +9 -4
pulumi_vault/secrets/sync_gcp_destination.py +158 -25
pulumi_vault/secrets/sync_gh_destination.py +189 -13
pulumi_vault/secrets/sync_github_apps.py +375 -0
pulumi_vault/secrets/sync_vercel_destination.py +74 -13
pulumi_vault/ssh/_inputs.py +28 -28
pulumi_vault/ssh/outputs.py +11 -28
pulumi_vault/ssh/secret_backend_ca.py +108 -9
pulumi_vault/ssh/secret_backend_role.py +85 -118
pulumi_vault/terraformcloud/secret_backend.py +7 -54
pulumi_vault/terraformcloud/secret_creds.py +14 -20
pulumi_vault/terraformcloud/secret_role.py +16 -74
pulumi_vault/token.py +28 -23
pulumi_vault/tokenauth/auth_backend_role.py +78 -199
pulumi_vault/transform/alphabet.py +16 -9
pulumi_vault/transform/get_decode.py +45 -17
pulumi_vault/transform/get_encode.py +45 -17
pulumi_vault/transform/role.py +16 -9
pulumi_vault/transform/template.py +30 -21
pulumi_vault/transform/transformation.py +12 -7
pulumi_vault/transit/get_decrypt.py +26 -21
pulumi_vault/transit/get_encrypt.py +24 -19
pulumi_vault/transit/secret_backend_key.py +27 -93
pulumi_vault/transit/secret_cache_config.py +12 -7
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
{pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0

pulumi_vault/auth_backend.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
 from . import outputs
 from ._inputs import *
@@ -19,6 +24,7 @@ class AuthBackendArgs:
                  type: pulumi.Input[str],
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
@@ -29,10 +35,11 @@ class AuthBackendArgs:
         :param pulumi.Input[str] description: A description of the auth method.
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
         :param pulumi.Input[bool] local: Specifies if the auth method is local only.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
         :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
@@ -44,6 +51,8 @@ class AuthBackendArgs:
             pulumi.set(__self__, "description", description)
         if disable_remount is not None:
             pulumi.set(__self__, "disable_remount", disable_remount)
+        if identity_token_key is not None:
+            pulumi.set(__self__, "identity_token_key", identity_token_key)
         if local is not None:
             pulumi.set(__self__, "local", local)
         if namespace is not None:
@@ -90,6 +99,18 @@ class AuthBackendArgs:
     def disable_remount(self, value: Optional[pulumi.Input[bool]]):
         pulumi.set(self, "disable_remount", value)
+    @property
+    @pulumi.getter(name="identityTokenKey")
+    def identity_token_key(self) -> Optional[pulumi.Input[str]]:
+        """
+        The key to use for signing identity tokens.
+        """
+        return pulumi.get(self, "identity_token_key")
+    @identity_token_key.setter
+    def identity_token_key(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "identity_token_key", value)
     @property
     @pulumi.getter
     def local(self) -> Optional[pulumi.Input[bool]]:
@@ -108,7 +129,7 @@ class AuthBackendArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -150,6 +171,7 @@ class _AuthBackendState:
                  accessor: Optional[pulumi.Input[str]] = None,
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
@@ -161,10 +183,11 @@ class _AuthBackendState:
         :param pulumi.Input[str] description: A description of the auth method.
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
         :param pulumi.Input[bool] local: Specifies if the auth method is local only.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
         :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
@@ -178,6 +201,8 @@ class _AuthBackendState:
             pulumi.set(__self__, "description", description)
         if disable_remount is not None:
             pulumi.set(__self__, "disable_remount", disable_remount)
+        if identity_token_key is not None:
+            pulumi.set(__self__, "identity_token_key", identity_token_key)
         if local is not None:
             pulumi.set(__self__, "local", local)
         if namespace is not None:
@@ -226,6 +251,18 @@ class _AuthBackendState:
     def disable_remount(self, value: Optional[pulumi.Input[bool]]):
         pulumi.set(self, "disable_remount", value)
+    @property
+    @pulumi.getter(name="identityTokenKey")
+    def identity_token_key(self) -> Optional[pulumi.Input[str]]:
+        """
+        The key to use for signing identity tokens.
+        """
+        return pulumi.get(self, "identity_token_key")
+    @identity_token_key.setter
+    def identity_token_key(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "identity_token_key", value)
     @property
     @pulumi.getter
     def local(self) -> Optional[pulumi.Input[bool]]:
@@ -244,7 +281,7 @@ class _AuthBackendState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -299,10 +336,11 @@ class AuthBackend(pulumi.CustomResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
-                 tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
+                 tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
                  type: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
@@ -311,7 +349,7 @@ class AuthBackend(pulumi.CustomResource):
         Auth methods can be imported using the `path`, e.g.
         ```sh
-         $ pulumi import vault:index/authBackend:AuthBackend example github
+        $ pulumi import vault:index/authBackend:AuthBackend example github
         ```
         :param str resource_name: The name of the resource.
@@ -319,13 +357,14 @@ class AuthBackend(pulumi.CustomResource):
         :param pulumi.Input[str] description: A description of the auth method.
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
         :param pulumi.Input[bool] local: Specifies if the auth method is local only.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
-        :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below.
+        :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
                The `tune` block is used to tune the auth backend:
         :param pulumi.Input[str] type: The name of the auth method type.
@@ -342,7 +381,7 @@ class AuthBackend(pulumi.CustomResource):
         Auth methods can be imported using the `path`, e.g.
         ```sh
-         $ pulumi import vault:index/authBackend:AuthBackend example github
+        $ pulumi import vault:index/authBackend:AuthBackend example github
         ```
         :param str resource_name: The name of the resource.
@@ -362,10 +401,11 @@ class AuthBackend(pulumi.CustomResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
-                 tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
+                 tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
                  type: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -378,6 +418,7 @@ class AuthBackend(pulumi.CustomResource):
             __props__.__dict__["description"] = description
             __props__.__dict__["disable_remount"] = disable_remount
+            __props__.__dict__["identity_token_key"] = identity_token_key
             __props__.__dict__["local"] = local
             __props__.__dict__["namespace"] = namespace
             __props__.__dict__["path"] = path
@@ -399,10 +440,11 @@ class AuthBackend(pulumi.CustomResource):
             accessor: Optional[pulumi.Input[str]] = None,
             description: Optional[pulumi.Input[str]] = None,
             disable_remount: Optional[pulumi.Input[bool]] = None,
+            identity_token_key: Optional[pulumi.Input[str]] = None,
             local: Optional[pulumi.Input[bool]] = None,
             namespace: Optional[pulumi.Input[str]] = None,
             path: Optional[pulumi.Input[str]] = None,
-            tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
+            tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
             type: Optional[pulumi.Input[str]] = None) -> 'AuthBackend':
         """
         Get an existing AuthBackend resource's state with the given name, id, and optional extra
@@ -415,13 +457,14 @@ class AuthBackend(pulumi.CustomResource):
         :param pulumi.Input[str] description: A description of the auth method.
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
         :param pulumi.Input[bool] local: Specifies if the auth method is local only.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
-        :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below.
+        :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
                The `tune` block is used to tune the auth backend:
         :param pulumi.Input[str] type: The name of the auth method type.
@@ -433,6 +476,7 @@ class AuthBackend(pulumi.CustomResource):
         __props__.__dict__["accessor"] = accessor
         __props__.__dict__["description"] = description
         __props__.__dict__["disable_remount"] = disable_remount
+        __props__.__dict__["identity_token_key"] = identity_token_key
         __props__.__dict__["local"] = local
         __props__.__dict__["namespace"] = namespace
         __props__.__dict__["path"] = path
@@ -465,6 +509,14 @@ class AuthBackend(pulumi.CustomResource):
         """
         return pulumi.get(self, "disable_remount")
+    @property
+    @pulumi.getter(name="identityTokenKey")
+    def identity_token_key(self) -> pulumi.Output[Optional[str]]:
+        """
+        The key to use for signing identity tokens.
+        """
+        return pulumi.get(self, "identity_token_key")
     @property
     @pulumi.getter
     def local(self) -> pulumi.Output[Optional[bool]]:
@@ -479,7 +531,7 @@ class AuthBackend(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")

pulumi_vault/aws/auth_backend_cert.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['AuthBackendCertArgs', 'AuthBackendCert']
@@ -30,7 +35,7 @@ class AuthBackendCertArgs:
                mounted at.  Defaults to `aws`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
                document which can be verified using the given certificate. Defaults to
@@ -91,7 +96,7 @@ class AuthBackendCertArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -134,7 +139,7 @@ class _AuthBackendCertState:
         :param pulumi.Input[str] cert_name: The name of the certificate.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
                document which can be verified using the given certificate. Defaults to
@@ -197,7 +202,7 @@ class _AuthBackendCertState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -233,12 +238,14 @@ class AuthBackendCert(pulumi.CustomResource):
                  type: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
+        ## Example Usage
         ## Import
         AWS auth backend certificates can be imported using `auth/`, the `backend` path, `/config/certificate/`, and the `cert_name` e.g.
         ```sh
-         $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
+        $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
         ```
         :param str resource_name: The name of the resource.
@@ -252,7 +259,7 @@ class AuthBackendCert(pulumi.CustomResource):
         :param pulumi.Input[str] cert_name: The name of the certificate.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
                document which can be verified using the given certificate. Defaults to
@@ -265,12 +272,14 @@ class AuthBackendCert(pulumi.CustomResource):
                  args: AuthBackendCertArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        ## Example Usage
         ## Import
         AWS auth backend certificates can be imported using `auth/`, the `backend` path, `/config/certificate/`, and the `cert_name` e.g.
         ```sh
-         $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
+        $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
         ```
         :param str resource_name: The name of the resource.
@@ -342,7 +351,7 @@ class AuthBackendCert(pulumi.CustomResource):
         :param pulumi.Input[str] cert_name: The name of the certificate.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
                document which can be verified using the given certificate. Defaults to
@@ -393,7 +402,7 @@ class AuthBackendCert(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")

pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

pulumi-vault 5.21.0a1709368526py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl