pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from . import _utilities
11
16
  from . import outputs
12
17
  from ._inputs import *
@@ -19,6 +24,7 @@ class AuthBackendArgs:
19
24
  type: pulumi.Input[str],
20
25
  description: Optional[pulumi.Input[str]] = None,
21
26
  disable_remount: Optional[pulumi.Input[bool]] = None,
27
+ identity_token_key: Optional[pulumi.Input[str]] = None,
22
28
  local: Optional[pulumi.Input[bool]] = None,
23
29
  namespace: Optional[pulumi.Input[str]] = None,
24
30
  path: Optional[pulumi.Input[str]] = None,
@@ -29,10 +35,11 @@ class AuthBackendArgs:
29
35
  :param pulumi.Input[str] description: A description of the auth method.
30
36
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
31
37
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
38
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
32
39
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
33
40
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
34
41
  The value should not contain leading or trailing forward slashes.
35
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
42
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
36
43
  *Available only for Vault Enterprise*.
37
44
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
38
45
  :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
@@ -44,6 +51,8 @@ class AuthBackendArgs:
44
51
  pulumi.set(__self__, "description", description)
45
52
  if disable_remount is not None:
46
53
  pulumi.set(__self__, "disable_remount", disable_remount)
54
+ if identity_token_key is not None:
55
+ pulumi.set(__self__, "identity_token_key", identity_token_key)
47
56
  if local is not None:
48
57
  pulumi.set(__self__, "local", local)
49
58
  if namespace is not None:
@@ -90,6 +99,18 @@ class AuthBackendArgs:
90
99
  def disable_remount(self, value: Optional[pulumi.Input[bool]]):
91
100
  pulumi.set(self, "disable_remount", value)
92
101
 
102
+ @property
103
+ @pulumi.getter(name="identityTokenKey")
104
+ def identity_token_key(self) -> Optional[pulumi.Input[str]]:
105
+ """
106
+ The key to use for signing identity tokens.
107
+ """
108
+ return pulumi.get(self, "identity_token_key")
109
+
110
+ @identity_token_key.setter
111
+ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
112
+ pulumi.set(self, "identity_token_key", value)
113
+
93
114
  @property
94
115
  @pulumi.getter
95
116
  def local(self) -> Optional[pulumi.Input[bool]]:
@@ -108,7 +129,7 @@ class AuthBackendArgs:
108
129
  """
109
130
  The namespace to provision the resource in.
110
131
  The value should not contain leading or trailing forward slashes.
111
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
132
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
112
133
  *Available only for Vault Enterprise*.
113
134
  """
114
135
  return pulumi.get(self, "namespace")
@@ -150,6 +171,7 @@ class _AuthBackendState:
150
171
  accessor: Optional[pulumi.Input[str]] = None,
151
172
  description: Optional[pulumi.Input[str]] = None,
152
173
  disable_remount: Optional[pulumi.Input[bool]] = None,
174
+ identity_token_key: Optional[pulumi.Input[str]] = None,
153
175
  local: Optional[pulumi.Input[bool]] = None,
154
176
  namespace: Optional[pulumi.Input[str]] = None,
155
177
  path: Optional[pulumi.Input[str]] = None,
@@ -161,10 +183,11 @@ class _AuthBackendState:
161
183
  :param pulumi.Input[str] description: A description of the auth method.
162
184
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
163
185
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
186
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
164
187
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
165
188
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
166
189
  The value should not contain leading or trailing forward slashes.
167
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
190
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
168
191
  *Available only for Vault Enterprise*.
169
192
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
170
193
  :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
@@ -178,6 +201,8 @@ class _AuthBackendState:
178
201
  pulumi.set(__self__, "description", description)
179
202
  if disable_remount is not None:
180
203
  pulumi.set(__self__, "disable_remount", disable_remount)
204
+ if identity_token_key is not None:
205
+ pulumi.set(__self__, "identity_token_key", identity_token_key)
181
206
  if local is not None:
182
207
  pulumi.set(__self__, "local", local)
183
208
  if namespace is not None:
@@ -226,6 +251,18 @@ class _AuthBackendState:
226
251
  def disable_remount(self, value: Optional[pulumi.Input[bool]]):
227
252
  pulumi.set(self, "disable_remount", value)
228
253
 
254
+ @property
255
+ @pulumi.getter(name="identityTokenKey")
256
+ def identity_token_key(self) -> Optional[pulumi.Input[str]]:
257
+ """
258
+ The key to use for signing identity tokens.
259
+ """
260
+ return pulumi.get(self, "identity_token_key")
261
+
262
+ @identity_token_key.setter
263
+ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
264
+ pulumi.set(self, "identity_token_key", value)
265
+
229
266
  @property
230
267
  @pulumi.getter
231
268
  def local(self) -> Optional[pulumi.Input[bool]]:
@@ -244,7 +281,7 @@ class _AuthBackendState:
244
281
  """
245
282
  The namespace to provision the resource in.
246
283
  The value should not contain leading or trailing forward slashes.
247
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
284
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
248
285
  *Available only for Vault Enterprise*.
249
286
  """
250
287
  return pulumi.get(self, "namespace")
@@ -299,10 +336,11 @@ class AuthBackend(pulumi.CustomResource):
299
336
  opts: Optional[pulumi.ResourceOptions] = None,
300
337
  description: Optional[pulumi.Input[str]] = None,
301
338
  disable_remount: Optional[pulumi.Input[bool]] = None,
339
+ identity_token_key: Optional[pulumi.Input[str]] = None,
302
340
  local: Optional[pulumi.Input[bool]] = None,
303
341
  namespace: Optional[pulumi.Input[str]] = None,
304
342
  path: Optional[pulumi.Input[str]] = None,
305
- tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
343
+ tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
306
344
  type: Optional[pulumi.Input[str]] = None,
307
345
  __props__=None):
308
346
  """
@@ -311,7 +349,7 @@ class AuthBackend(pulumi.CustomResource):
311
349
  Auth methods can be imported using the `path`, e.g.
312
350
 
313
351
  ```sh
314
- $ pulumi import vault:index/authBackend:AuthBackend example github
352
+ $ pulumi import vault:index/authBackend:AuthBackend example github
315
353
  ```
316
354
 
317
355
  :param str resource_name: The name of the resource.
@@ -319,13 +357,14 @@ class AuthBackend(pulumi.CustomResource):
319
357
  :param pulumi.Input[str] description: A description of the auth method.
320
358
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
321
359
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
360
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
322
361
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
323
362
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
324
363
  The value should not contain leading or trailing forward slashes.
325
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
364
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
326
365
  *Available only for Vault Enterprise*.
327
366
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
328
- :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below.
367
+ :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
329
368
 
330
369
  The `tune` block is used to tune the auth backend:
331
370
  :param pulumi.Input[str] type: The name of the auth method type.
@@ -342,7 +381,7 @@ class AuthBackend(pulumi.CustomResource):
342
381
  Auth methods can be imported using the `path`, e.g.
343
382
 
344
383
  ```sh
345
- $ pulumi import vault:index/authBackend:AuthBackend example github
384
+ $ pulumi import vault:index/authBackend:AuthBackend example github
346
385
  ```
347
386
 
348
387
  :param str resource_name: The name of the resource.
@@ -362,10 +401,11 @@ class AuthBackend(pulumi.CustomResource):
362
401
  opts: Optional[pulumi.ResourceOptions] = None,
363
402
  description: Optional[pulumi.Input[str]] = None,
364
403
  disable_remount: Optional[pulumi.Input[bool]] = None,
404
+ identity_token_key: Optional[pulumi.Input[str]] = None,
365
405
  local: Optional[pulumi.Input[bool]] = None,
366
406
  namespace: Optional[pulumi.Input[str]] = None,
367
407
  path: Optional[pulumi.Input[str]] = None,
368
- tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
408
+ tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
369
409
  type: Optional[pulumi.Input[str]] = None,
370
410
  __props__=None):
371
411
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -378,6 +418,7 @@ class AuthBackend(pulumi.CustomResource):
378
418
 
379
419
  __props__.__dict__["description"] = description
380
420
  __props__.__dict__["disable_remount"] = disable_remount
421
+ __props__.__dict__["identity_token_key"] = identity_token_key
381
422
  __props__.__dict__["local"] = local
382
423
  __props__.__dict__["namespace"] = namespace
383
424
  __props__.__dict__["path"] = path
@@ -399,10 +440,11 @@ class AuthBackend(pulumi.CustomResource):
399
440
  accessor: Optional[pulumi.Input[str]] = None,
400
441
  description: Optional[pulumi.Input[str]] = None,
401
442
  disable_remount: Optional[pulumi.Input[bool]] = None,
443
+ identity_token_key: Optional[pulumi.Input[str]] = None,
402
444
  local: Optional[pulumi.Input[bool]] = None,
403
445
  namespace: Optional[pulumi.Input[str]] = None,
404
446
  path: Optional[pulumi.Input[str]] = None,
405
- tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
447
+ tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
406
448
  type: Optional[pulumi.Input[str]] = None) -> 'AuthBackend':
407
449
  """
408
450
  Get an existing AuthBackend resource's state with the given name, id, and optional extra
@@ -415,13 +457,14 @@ class AuthBackend(pulumi.CustomResource):
415
457
  :param pulumi.Input[str] description: A description of the auth method.
416
458
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
417
459
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
460
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
418
461
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
419
462
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
420
463
  The value should not contain leading or trailing forward slashes.
421
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
464
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
422
465
  *Available only for Vault Enterprise*.
423
466
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
424
- :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below.
467
+ :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
425
468
 
426
469
  The `tune` block is used to tune the auth backend:
427
470
  :param pulumi.Input[str] type: The name of the auth method type.
@@ -433,6 +476,7 @@ class AuthBackend(pulumi.CustomResource):
433
476
  __props__.__dict__["accessor"] = accessor
434
477
  __props__.__dict__["description"] = description
435
478
  __props__.__dict__["disable_remount"] = disable_remount
479
+ __props__.__dict__["identity_token_key"] = identity_token_key
436
480
  __props__.__dict__["local"] = local
437
481
  __props__.__dict__["namespace"] = namespace
438
482
  __props__.__dict__["path"] = path
@@ -465,6 +509,14 @@ class AuthBackend(pulumi.CustomResource):
465
509
  """
466
510
  return pulumi.get(self, "disable_remount")
467
511
 
512
+ @property
513
+ @pulumi.getter(name="identityTokenKey")
514
+ def identity_token_key(self) -> pulumi.Output[Optional[str]]:
515
+ """
516
+ The key to use for signing identity tokens.
517
+ """
518
+ return pulumi.get(self, "identity_token_key")
519
+
468
520
  @property
469
521
  @pulumi.getter
470
522
  def local(self) -> pulumi.Output[Optional[bool]]:
@@ -479,7 +531,7 @@ class AuthBackend(pulumi.CustomResource):
479
531
  """
480
532
  The namespace to provision the resource in.
481
533
  The value should not contain leading or trailing forward slashes.
482
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
534
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
483
535
  *Available only for Vault Enterprise*.
484
536
  """
485
537
  return pulumi.get(self, "namespace")
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['AuthBackendCertArgs', 'AuthBackendCert']
@@ -30,7 +35,7 @@ class AuthBackendCertArgs:
30
35
  mounted at. Defaults to `aws`.
31
36
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
32
37
  The value should not contain leading or trailing forward slashes.
33
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
38
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
34
39
  *Available only for Vault Enterprise*.
35
40
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
36
41
  document which can be verified using the given certificate. Defaults to
@@ -91,7 +96,7 @@ class AuthBackendCertArgs:
91
96
  """
92
97
  The namespace to provision the resource in.
93
98
  The value should not contain leading or trailing forward slashes.
94
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
99
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
95
100
  *Available only for Vault Enterprise*.
96
101
  """
97
102
  return pulumi.get(self, "namespace")
@@ -134,7 +139,7 @@ class _AuthBackendCertState:
134
139
  :param pulumi.Input[str] cert_name: The name of the certificate.
135
140
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
136
141
  The value should not contain leading or trailing forward slashes.
137
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
142
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
138
143
  *Available only for Vault Enterprise*.
139
144
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
140
145
  document which can be verified using the given certificate. Defaults to
@@ -197,7 +202,7 @@ class _AuthBackendCertState:
197
202
  """
198
203
  The namespace to provision the resource in.
199
204
  The value should not contain leading or trailing forward slashes.
200
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
205
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
201
206
  *Available only for Vault Enterprise*.
202
207
  """
203
208
  return pulumi.get(self, "namespace")
@@ -233,12 +238,14 @@ class AuthBackendCert(pulumi.CustomResource):
233
238
  type: Optional[pulumi.Input[str]] = None,
234
239
  __props__=None):
235
240
  """
241
+ ## Example Usage
242
+
236
243
  ## Import
237
244
 
238
245
  AWS auth backend certificates can be imported using `auth/`, the `backend` path, `/config/certificate/`, and the `cert_name` e.g.
239
246
 
240
247
  ```sh
241
- $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
248
+ $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
242
249
  ```
243
250
 
244
251
  :param str resource_name: The name of the resource.
@@ -252,7 +259,7 @@ class AuthBackendCert(pulumi.CustomResource):
252
259
  :param pulumi.Input[str] cert_name: The name of the certificate.
253
260
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
254
261
  The value should not contain leading or trailing forward slashes.
255
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
262
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
256
263
  *Available only for Vault Enterprise*.
257
264
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
258
265
  document which can be verified using the given certificate. Defaults to
@@ -265,12 +272,14 @@ class AuthBackendCert(pulumi.CustomResource):
265
272
  args: AuthBackendCertArgs,
266
273
  opts: Optional[pulumi.ResourceOptions] = None):
267
274
  """
275
+ ## Example Usage
276
+
268
277
  ## Import
269
278
 
270
279
  AWS auth backend certificates can be imported using `auth/`, the `backend` path, `/config/certificate/`, and the `cert_name` e.g.
271
280
 
272
281
  ```sh
273
- $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
282
+ $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert
274
283
  ```
275
284
 
276
285
  :param str resource_name: The name of the resource.
@@ -342,7 +351,7 @@ class AuthBackendCert(pulumi.CustomResource):
342
351
  :param pulumi.Input[str] cert_name: The name of the certificate.
343
352
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
344
353
  The value should not contain leading or trailing forward slashes.
345
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
354
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
346
355
  *Available only for Vault Enterprise*.
347
356
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
348
357
  document which can be verified using the given certificate. Defaults to
@@ -393,7 +402,7 @@ class AuthBackendCert(pulumi.CustomResource):
393
402
  """
394
403
  The namespace to provision the resource in.
395
404
  The value should not contain leading or trailing forward slashes.
396
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
405
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
397
406
  *Available only for Vault Enterprise*.
398
407
  """
399
408
  return pulumi.get(self, "namespace")