pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +26 -9
- pulumi_vault/ad/secret_backend.py +16 -142
- pulumi_vault/ad/secret_library.py +16 -9
- pulumi_vault/ad/secret_role.py +14 -9
- pulumi_vault/alicloud/auth_backend_role.py +76 -190
- pulumi_vault/approle/auth_backend_login.py +12 -7
- pulumi_vault/approle/auth_backend_role.py +77 -191
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
- pulumi_vault/audit.py +30 -21
- pulumi_vault/audit_request_header.py +11 -2
- pulumi_vault/auth_backend.py +66 -14
- pulumi_vault/aws/auth_backend_cert.py +18 -9
- pulumi_vault/aws/auth_backend_client.py +267 -22
- pulumi_vault/aws/auth_backend_config_identity.py +14 -9
- pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +77 -191
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
- pulumi_vault/aws/auth_backend_sts_role.py +14 -9
- pulumi_vault/aws/get_access_credentials.py +38 -9
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +77 -9
- pulumi_vault/aws/secret_backend_role.py +185 -9
- pulumi_vault/aws/secret_backend_static_role.py +20 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +153 -15
- pulumi_vault/azure/auth_backend_role.py +77 -191
- pulumi_vault/azure/backend.py +227 -21
- pulumi_vault/azure/backend_role.py +42 -37
- pulumi_vault/azure/get_access_credentials.py +41 -7
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -267
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +28 -19
- pulumi_vault/consul/secret_backend_role.py +18 -78
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +119 -112
- pulumi_vault/database/secret_backend_role.py +31 -22
- pulumi_vault/database/secret_backend_static_role.py +87 -13
- pulumi_vault/database/secrets_mount.py +427 -136
- pulumi_vault/egp_policy.py +16 -11
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +250 -33
- pulumi_vault/gcp/auth_backend_role.py +77 -269
- pulumi_vault/gcp/get_auth_backend_role.py +43 -5
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -12
- pulumi_vault/gcp/secret_impersonated_account.py +76 -15
- pulumi_vault/gcp/secret_roleset.py +31 -24
- pulumi_vault/gcp/secret_static_account.py +39 -32
- pulumi_vault/generic/endpoint.py +24 -17
- pulumi_vault/generic/get_secret.py +64 -8
- pulumi_vault/generic/secret.py +21 -16
- pulumi_vault/get_auth_backend.py +24 -7
- pulumi_vault/get_auth_backends.py +51 -9
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -11
- pulumi_vault/get_policy_document.py +34 -19
- pulumi_vault/get_raft_autopilot_state.py +29 -10
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +19 -14
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +16 -11
- pulumi_vault/github/user.py +16 -11
- pulumi_vault/identity/entity.py +20 -13
- pulumi_vault/identity/entity_alias.py +20 -13
- pulumi_vault/identity/entity_policies.py +28 -11
- pulumi_vault/identity/get_entity.py +42 -10
- pulumi_vault/identity/get_group.py +47 -9
- pulumi_vault/identity/get_oidc_client_creds.py +21 -7
- pulumi_vault/identity/get_oidc_openid_config.py +39 -9
- pulumi_vault/identity/get_oidc_public_keys.py +29 -10
- pulumi_vault/identity/group.py +58 -39
- pulumi_vault/identity/group_alias.py +16 -9
- pulumi_vault/identity/group_member_entity_ids.py +28 -66
- pulumi_vault/identity/group_member_group_ids.py +40 -19
- pulumi_vault/identity/group_policies.py +20 -7
- pulumi_vault/identity/mfa_duo.py +11 -6
- pulumi_vault/identity/mfa_login_enforcement.py +15 -6
- pulumi_vault/identity/mfa_okta.py +11 -6
- pulumi_vault/identity/mfa_pingid.py +7 -2
- pulumi_vault/identity/mfa_totp.py +7 -2
- pulumi_vault/identity/oidc.py +12 -7
- pulumi_vault/identity/oidc_assignment.py +24 -11
- pulumi_vault/identity/oidc_client.py +36 -23
- pulumi_vault/identity/oidc_key.py +30 -17
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
- pulumi_vault/identity/oidc_provider.py +36 -21
- pulumi_vault/identity/oidc_role.py +42 -21
- pulumi_vault/identity/oidc_scope.py +20 -13
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +45 -40
- pulumi_vault/jwt/auth_backend_role.py +133 -254
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +24 -19
- pulumi_vault/kmip/secret_role.py +14 -9
- pulumi_vault/kmip/secret_scope.py +14 -9
- pulumi_vault/kubernetes/auth_backend_config.py +57 -5
- pulumi_vault/kubernetes/auth_backend_role.py +70 -177
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -11
- pulumi_vault/kubernetes/secret_backend.py +316 -27
- pulumi_vault/kubernetes/secret_backend_role.py +137 -46
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +25 -8
- pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
- pulumi_vault/kv/get_secret_v2.py +85 -9
- pulumi_vault/kv/get_secrets_list.py +24 -11
- pulumi_vault/kv/get_secrets_list_v2.py +37 -15
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +23 -16
- pulumi_vault/kv/secret_backend_v2.py +20 -11
- pulumi_vault/kv/secret_v2.py +59 -50
- pulumi_vault/ldap/auth_backend.py +127 -166
- pulumi_vault/ldap/auth_backend_group.py +14 -9
- pulumi_vault/ldap/auth_backend_user.py +14 -9
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +354 -82
- pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
- pulumi_vault/ldap/secret_backend_library_set.py +16 -9
- pulumi_vault/ldap/secret_backend_static_role.py +73 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +29 -57
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +18 -11
- pulumi_vault/mfa_okta.py +18 -11
- pulumi_vault/mfa_pingid.py +18 -11
- pulumi_vault/mfa_totp.py +24 -17
- pulumi_vault/mongodbatlas/secret_backend.py +20 -15
- pulumi_vault/mongodbatlas/secret_role.py +47 -38
- pulumi_vault/mount.py +391 -51
- pulumi_vault/namespace.py +68 -83
- pulumi_vault/nomad_secret_backend.py +18 -13
- pulumi_vault/nomad_secret_role.py +14 -9
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +485 -39
- pulumi_vault/okta/auth_backend_group.py +14 -9
- pulumi_vault/okta/auth_backend_user.py +14 -9
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +20 -13
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
- pulumi_vault/pkisecret/get_backend_key.py +24 -9
- pulumi_vault/pkisecret/get_backend_keys.py +21 -8
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
- pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
- pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
- pulumi_vault/pkisecret/secret_backend_key.py +14 -9
- pulumi_vault/pkisecret/secret_backend_role.py +21 -14
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +14 -9
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +60 -6
- pulumi_vault/quota_rate_limit.py +56 -2
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +18 -13
- pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
- pulumi_vault/raft_autopilot.py +14 -9
- pulumi_vault/raft_snapshot_agent_config.py +129 -224
- pulumi_vault/rgp_policy.py +14 -9
- pulumi_vault/saml/auth_backend.py +22 -17
- pulumi_vault/saml/auth_backend_role.py +92 -197
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -71
- pulumi_vault/secrets/sync_aws_destination.py +242 -27
- pulumi_vault/secrets/sync_azure_destination.py +92 -31
- pulumi_vault/secrets/sync_config.py +9 -4
- pulumi_vault/secrets/sync_gcp_destination.py +158 -25
- pulumi_vault/secrets/sync_gh_destination.py +189 -13
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +74 -13
- pulumi_vault/ssh/_inputs.py +28 -28
- pulumi_vault/ssh/outputs.py +11 -28
- pulumi_vault/ssh/secret_backend_ca.py +108 -9
- pulumi_vault/ssh/secret_backend_role.py +85 -118
- pulumi_vault/terraformcloud/secret_backend.py +7 -54
- pulumi_vault/terraformcloud/secret_creds.py +14 -20
- pulumi_vault/terraformcloud/secret_role.py +16 -74
- pulumi_vault/token.py +28 -23
- pulumi_vault/tokenauth/auth_backend_role.py +78 -199
- pulumi_vault/transform/alphabet.py +16 -9
- pulumi_vault/transform/get_decode.py +45 -17
- pulumi_vault/transform/get_encode.py +45 -17
- pulumi_vault/transform/role.py +16 -9
- pulumi_vault/transform/template.py +30 -21
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -21
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +27 -93
- pulumi_vault/transit/secret_cache_config.py +12 -7
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SyncGhDestinationArgs', 'SyncGhDestination']
|
@@ -15,6 +20,9 @@ __all__ = ['SyncGhDestinationArgs', 'SyncGhDestination']
|
|
15
20
|
class SyncGhDestinationArgs:
|
16
21
|
def __init__(__self__, *,
|
17
22
|
access_token: Optional[pulumi.Input[str]] = None,
|
23
|
+
app_name: Optional[pulumi.Input[str]] = None,
|
24
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
25
|
+
installation_id: Optional[pulumi.Input[int]] = None,
|
18
26
|
name: Optional[pulumi.Input[str]] = None,
|
19
27
|
namespace: Optional[pulumi.Input[str]] = None,
|
20
28
|
repository_name: Optional[pulumi.Input[str]] = None,
|
@@ -25,10 +33,17 @@ class SyncGhDestinationArgs:
|
|
25
33
|
:param pulumi.Input[str] access_token: Fine-grained or personal access token.
|
26
34
|
Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
|
27
35
|
variable.
|
36
|
+
:param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
|
37
|
+
on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
|
38
|
+
Takes precedence over the `access_token` field.
|
39
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
40
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
41
|
+
:param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
|
42
|
+
was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
|
28
43
|
:param pulumi.Input[str] name: Unique name of the GitHub destination.
|
29
44
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
30
45
|
The value should not contain leading or trailing forward slashes.
|
31
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
46
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
32
47
|
:param pulumi.Input[str] repository_name: Name of the repository.
|
33
48
|
Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
|
34
49
|
variable.
|
@@ -40,6 +55,12 @@ class SyncGhDestinationArgs:
|
|
40
55
|
"""
|
41
56
|
if access_token is not None:
|
42
57
|
pulumi.set(__self__, "access_token", access_token)
|
58
|
+
if app_name is not None:
|
59
|
+
pulumi.set(__self__, "app_name", app_name)
|
60
|
+
if granularity is not None:
|
61
|
+
pulumi.set(__self__, "granularity", granularity)
|
62
|
+
if installation_id is not None:
|
63
|
+
pulumi.set(__self__, "installation_id", installation_id)
|
43
64
|
if name is not None:
|
44
65
|
pulumi.set(__self__, "name", name)
|
45
66
|
if namespace is not None:
|
@@ -65,6 +86,46 @@ class SyncGhDestinationArgs:
|
|
65
86
|
def access_token(self, value: Optional[pulumi.Input[str]]):
|
66
87
|
pulumi.set(self, "access_token", value)
|
67
88
|
|
89
|
+
@property
|
90
|
+
@pulumi.getter(name="appName")
|
91
|
+
def app_name(self) -> Optional[pulumi.Input[str]]:
|
92
|
+
"""
|
93
|
+
The user-defined name of the GitHub App configuration. This is a reference to the name used
|
94
|
+
on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
|
95
|
+
Takes precedence over the `access_token` field.
|
96
|
+
"""
|
97
|
+
return pulumi.get(self, "app_name")
|
98
|
+
|
99
|
+
@app_name.setter
|
100
|
+
def app_name(self, value: Optional[pulumi.Input[str]]):
|
101
|
+
pulumi.set(self, "app_name", value)
|
102
|
+
|
103
|
+
@property
|
104
|
+
@pulumi.getter
|
105
|
+
def granularity(self) -> Optional[pulumi.Input[str]]:
|
106
|
+
"""
|
107
|
+
Determines what level of information is synced as a distinct resource
|
108
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
109
|
+
"""
|
110
|
+
return pulumi.get(self, "granularity")
|
111
|
+
|
112
|
+
@granularity.setter
|
113
|
+
def granularity(self, value: Optional[pulumi.Input[str]]):
|
114
|
+
pulumi.set(self, "granularity", value)
|
115
|
+
|
116
|
+
@property
|
117
|
+
@pulumi.getter(name="installationId")
|
118
|
+
def installation_id(self) -> Optional[pulumi.Input[int]]:
|
119
|
+
"""
|
120
|
+
The ID of the installation generated by GitHub when the app referenced by the `app_name`
|
121
|
+
was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
|
122
|
+
"""
|
123
|
+
return pulumi.get(self, "installation_id")
|
124
|
+
|
125
|
+
@installation_id.setter
|
126
|
+
def installation_id(self, value: Optional[pulumi.Input[int]]):
|
127
|
+
pulumi.set(self, "installation_id", value)
|
128
|
+
|
68
129
|
@property
|
69
130
|
@pulumi.getter
|
70
131
|
def name(self) -> Optional[pulumi.Input[str]]:
|
@@ -83,7 +144,7 @@ class SyncGhDestinationArgs:
|
|
83
144
|
"""
|
84
145
|
The namespace to provision the resource in.
|
85
146
|
The value should not contain leading or trailing forward slashes.
|
86
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
147
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
87
148
|
"""
|
88
149
|
return pulumi.get(self, "namespace")
|
89
150
|
|
@@ -137,6 +198,9 @@ class SyncGhDestinationArgs:
|
|
137
198
|
class _SyncGhDestinationState:
|
138
199
|
def __init__(__self__, *,
|
139
200
|
access_token: Optional[pulumi.Input[str]] = None,
|
201
|
+
app_name: Optional[pulumi.Input[str]] = None,
|
202
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
203
|
+
installation_id: Optional[pulumi.Input[int]] = None,
|
140
204
|
name: Optional[pulumi.Input[str]] = None,
|
141
205
|
namespace: Optional[pulumi.Input[str]] = None,
|
142
206
|
repository_name: Optional[pulumi.Input[str]] = None,
|
@@ -148,10 +212,17 @@ class _SyncGhDestinationState:
|
|
148
212
|
:param pulumi.Input[str] access_token: Fine-grained or personal access token.
|
149
213
|
Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
|
150
214
|
variable.
|
215
|
+
:param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
|
216
|
+
on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
|
217
|
+
Takes precedence over the `access_token` field.
|
218
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
219
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
220
|
+
:param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
|
221
|
+
was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
|
151
222
|
:param pulumi.Input[str] name: Unique name of the GitHub destination.
|
152
223
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
153
224
|
The value should not contain leading or trailing forward slashes.
|
154
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
225
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
155
226
|
:param pulumi.Input[str] repository_name: Name of the repository.
|
156
227
|
Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
|
157
228
|
variable.
|
@@ -164,6 +235,12 @@ class _SyncGhDestinationState:
|
|
164
235
|
"""
|
165
236
|
if access_token is not None:
|
166
237
|
pulumi.set(__self__, "access_token", access_token)
|
238
|
+
if app_name is not None:
|
239
|
+
pulumi.set(__self__, "app_name", app_name)
|
240
|
+
if granularity is not None:
|
241
|
+
pulumi.set(__self__, "granularity", granularity)
|
242
|
+
if installation_id is not None:
|
243
|
+
pulumi.set(__self__, "installation_id", installation_id)
|
167
244
|
if name is not None:
|
168
245
|
pulumi.set(__self__, "name", name)
|
169
246
|
if namespace is not None:
|
@@ -191,6 +268,46 @@ class _SyncGhDestinationState:
|
|
191
268
|
def access_token(self, value: Optional[pulumi.Input[str]]):
|
192
269
|
pulumi.set(self, "access_token", value)
|
193
270
|
|
271
|
+
@property
|
272
|
+
@pulumi.getter(name="appName")
|
273
|
+
def app_name(self) -> Optional[pulumi.Input[str]]:
|
274
|
+
"""
|
275
|
+
The user-defined name of the GitHub App configuration. This is a reference to the name used
|
276
|
+
on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
|
277
|
+
Takes precedence over the `access_token` field.
|
278
|
+
"""
|
279
|
+
return pulumi.get(self, "app_name")
|
280
|
+
|
281
|
+
@app_name.setter
|
282
|
+
def app_name(self, value: Optional[pulumi.Input[str]]):
|
283
|
+
pulumi.set(self, "app_name", value)
|
284
|
+
|
285
|
+
@property
|
286
|
+
@pulumi.getter
|
287
|
+
def granularity(self) -> Optional[pulumi.Input[str]]:
|
288
|
+
"""
|
289
|
+
Determines what level of information is synced as a distinct resource
|
290
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
291
|
+
"""
|
292
|
+
return pulumi.get(self, "granularity")
|
293
|
+
|
294
|
+
@granularity.setter
|
295
|
+
def granularity(self, value: Optional[pulumi.Input[str]]):
|
296
|
+
pulumi.set(self, "granularity", value)
|
297
|
+
|
298
|
+
@property
|
299
|
+
@pulumi.getter(name="installationId")
|
300
|
+
def installation_id(self) -> Optional[pulumi.Input[int]]:
|
301
|
+
"""
|
302
|
+
The ID of the installation generated by GitHub when the app referenced by the `app_name`
|
303
|
+
was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
|
304
|
+
"""
|
305
|
+
return pulumi.get(self, "installation_id")
|
306
|
+
|
307
|
+
@installation_id.setter
|
308
|
+
def installation_id(self, value: Optional[pulumi.Input[int]]):
|
309
|
+
pulumi.set(self, "installation_id", value)
|
310
|
+
|
194
311
|
@property
|
195
312
|
@pulumi.getter
|
196
313
|
def name(self) -> Optional[pulumi.Input[str]]:
|
@@ -209,7 +326,7 @@ class _SyncGhDestinationState:
|
|
209
326
|
"""
|
210
327
|
The namespace to provision the resource in.
|
211
328
|
The value should not contain leading or trailing forward slashes.
|
212
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
329
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
213
330
|
"""
|
214
331
|
return pulumi.get(self, "namespace")
|
215
332
|
|
@@ -277,6 +394,9 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
277
394
|
resource_name: str,
|
278
395
|
opts: Optional[pulumi.ResourceOptions] = None,
|
279
396
|
access_token: Optional[pulumi.Input[str]] = None,
|
397
|
+
app_name: Optional[pulumi.Input[str]] = None,
|
398
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
399
|
+
installation_id: Optional[pulumi.Input[int]] = None,
|
280
400
|
name: Optional[pulumi.Input[str]] = None,
|
281
401
|
namespace: Optional[pulumi.Input[str]] = None,
|
282
402
|
repository_name: Optional[pulumi.Input[str]] = None,
|
@@ -291,8 +411,9 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
291
411
|
import pulumi_vault as vault
|
292
412
|
|
293
413
|
gh = vault.secrets.SyncGhDestination("gh",
|
294
|
-
|
295
|
-
|
414
|
+
name="gh-dest",
|
415
|
+
access_token=access_token,
|
416
|
+
repository_owner=repo_owner,
|
296
417
|
repository_name="repo-name-example",
|
297
418
|
secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
|
298
419
|
```
|
@@ -302,7 +423,7 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
302
423
|
GitHub Secrets sync destinations can be imported using the `name`, e.g.
|
303
424
|
|
304
425
|
```sh
|
305
|
-
|
426
|
+
$ pulumi import vault:secrets/syncGhDestination:SyncGhDestination gh gh-dest
|
306
427
|
```
|
307
428
|
|
308
429
|
:param str resource_name: The name of the resource.
|
@@ -310,10 +431,17 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
310
431
|
:param pulumi.Input[str] access_token: Fine-grained or personal access token.
|
311
432
|
Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
|
312
433
|
variable.
|
434
|
+
:param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
|
435
|
+
on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
|
436
|
+
Takes precedence over the `access_token` field.
|
437
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
438
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
439
|
+
:param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
|
440
|
+
was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
|
313
441
|
:param pulumi.Input[str] name: Unique name of the GitHub destination.
|
314
442
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
315
443
|
The value should not contain leading or trailing forward slashes.
|
316
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
444
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
317
445
|
:param pulumi.Input[str] repository_name: Name of the repository.
|
318
446
|
Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
|
319
447
|
variable.
|
@@ -337,8 +465,9 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
337
465
|
import pulumi_vault as vault
|
338
466
|
|
339
467
|
gh = vault.secrets.SyncGhDestination("gh",
|
340
|
-
|
341
|
-
|
468
|
+
name="gh-dest",
|
469
|
+
access_token=access_token,
|
470
|
+
repository_owner=repo_owner,
|
342
471
|
repository_name="repo-name-example",
|
343
472
|
secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
|
344
473
|
```
|
@@ -348,7 +477,7 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
348
477
|
GitHub Secrets sync destinations can be imported using the `name`, e.g.
|
349
478
|
|
350
479
|
```sh
|
351
|
-
|
480
|
+
$ pulumi import vault:secrets/syncGhDestination:SyncGhDestination gh gh-dest
|
352
481
|
```
|
353
482
|
|
354
483
|
:param str resource_name: The name of the resource.
|
@@ -367,6 +496,9 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
367
496
|
resource_name: str,
|
368
497
|
opts: Optional[pulumi.ResourceOptions] = None,
|
369
498
|
access_token: Optional[pulumi.Input[str]] = None,
|
499
|
+
app_name: Optional[pulumi.Input[str]] = None,
|
500
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
501
|
+
installation_id: Optional[pulumi.Input[int]] = None,
|
370
502
|
name: Optional[pulumi.Input[str]] = None,
|
371
503
|
namespace: Optional[pulumi.Input[str]] = None,
|
372
504
|
repository_name: Optional[pulumi.Input[str]] = None,
|
@@ -382,6 +514,9 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
382
514
|
__props__ = SyncGhDestinationArgs.__new__(SyncGhDestinationArgs)
|
383
515
|
|
384
516
|
__props__.__dict__["access_token"] = None if access_token is None else pulumi.Output.secret(access_token)
|
517
|
+
__props__.__dict__["app_name"] = app_name
|
518
|
+
__props__.__dict__["granularity"] = granularity
|
519
|
+
__props__.__dict__["installation_id"] = installation_id
|
385
520
|
__props__.__dict__["name"] = name
|
386
521
|
__props__.__dict__["namespace"] = namespace
|
387
522
|
__props__.__dict__["repository_name"] = repository_name
|
@@ -401,6 +536,9 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
401
536
|
id: pulumi.Input[str],
|
402
537
|
opts: Optional[pulumi.ResourceOptions] = None,
|
403
538
|
access_token: Optional[pulumi.Input[str]] = None,
|
539
|
+
app_name: Optional[pulumi.Input[str]] = None,
|
540
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
541
|
+
installation_id: Optional[pulumi.Input[int]] = None,
|
404
542
|
name: Optional[pulumi.Input[str]] = None,
|
405
543
|
namespace: Optional[pulumi.Input[str]] = None,
|
406
544
|
repository_name: Optional[pulumi.Input[str]] = None,
|
@@ -417,10 +555,17 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
417
555
|
:param pulumi.Input[str] access_token: Fine-grained or personal access token.
|
418
556
|
Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
|
419
557
|
variable.
|
558
|
+
:param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
|
559
|
+
on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
|
560
|
+
Takes precedence over the `access_token` field.
|
561
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
562
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
563
|
+
:param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
|
564
|
+
was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
|
420
565
|
:param pulumi.Input[str] name: Unique name of the GitHub destination.
|
421
566
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
422
567
|
The value should not contain leading or trailing forward slashes.
|
423
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
568
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
424
569
|
:param pulumi.Input[str] repository_name: Name of the repository.
|
425
570
|
Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
|
426
571
|
variable.
|
@@ -436,6 +581,9 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
436
581
|
__props__ = _SyncGhDestinationState.__new__(_SyncGhDestinationState)
|
437
582
|
|
438
583
|
__props__.__dict__["access_token"] = access_token
|
584
|
+
__props__.__dict__["app_name"] = app_name
|
585
|
+
__props__.__dict__["granularity"] = granularity
|
586
|
+
__props__.__dict__["installation_id"] = installation_id
|
439
587
|
__props__.__dict__["name"] = name
|
440
588
|
__props__.__dict__["namespace"] = namespace
|
441
589
|
__props__.__dict__["repository_name"] = repository_name
|
@@ -454,6 +602,34 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
454
602
|
"""
|
455
603
|
return pulumi.get(self, "access_token")
|
456
604
|
|
605
|
+
@property
|
606
|
+
@pulumi.getter(name="appName")
|
607
|
+
def app_name(self) -> pulumi.Output[Optional[str]]:
|
608
|
+
"""
|
609
|
+
The user-defined name of the GitHub App configuration. This is a reference to the name used
|
610
|
+
on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
|
611
|
+
Takes precedence over the `access_token` field.
|
612
|
+
"""
|
613
|
+
return pulumi.get(self, "app_name")
|
614
|
+
|
615
|
+
@property
|
616
|
+
@pulumi.getter
|
617
|
+
def granularity(self) -> pulumi.Output[Optional[str]]:
|
618
|
+
"""
|
619
|
+
Determines what level of information is synced as a distinct resource
|
620
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
621
|
+
"""
|
622
|
+
return pulumi.get(self, "granularity")
|
623
|
+
|
624
|
+
@property
|
625
|
+
@pulumi.getter(name="installationId")
|
626
|
+
def installation_id(self) -> pulumi.Output[Optional[int]]:
|
627
|
+
"""
|
628
|
+
The ID of the installation generated by GitHub when the app referenced by the `app_name`
|
629
|
+
was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
|
630
|
+
"""
|
631
|
+
return pulumi.get(self, "installation_id")
|
632
|
+
|
457
633
|
@property
|
458
634
|
@pulumi.getter
|
459
635
|
def name(self) -> pulumi.Output[str]:
|
@@ -468,7 +644,7 @@ class SyncGhDestination(pulumi.CustomResource):
|
|
468
644
|
"""
|
469
645
|
The namespace to provision the resource in.
|
470
646
|
The value should not contain leading or trailing forward slashes.
|
471
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
647
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
472
648
|
"""
|
473
649
|
return pulumi.get(self, "namespace")
|
474
650
|
|