pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SyncGhDestinationArgs', 'SyncGhDestination']
@@ -15,6 +20,9 @@ __all__ = ['SyncGhDestinationArgs', 'SyncGhDestination']
15
20
  class SyncGhDestinationArgs:
16
21
  def __init__(__self__, *,
17
22
  access_token: Optional[pulumi.Input[str]] = None,
23
+ app_name: Optional[pulumi.Input[str]] = None,
24
+ granularity: Optional[pulumi.Input[str]] = None,
25
+ installation_id: Optional[pulumi.Input[int]] = None,
18
26
  name: Optional[pulumi.Input[str]] = None,
19
27
  namespace: Optional[pulumi.Input[str]] = None,
20
28
  repository_name: Optional[pulumi.Input[str]] = None,
@@ -25,10 +33,17 @@ class SyncGhDestinationArgs:
25
33
  :param pulumi.Input[str] access_token: Fine-grained or personal access token.
26
34
  Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
27
35
  variable.
36
+ :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
37
+ on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
38
+ Takes precedence over the `access_token` field.
39
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
40
+ at the destination. Supports `secret-path` and `secret-key`.
41
+ :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
42
+ was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
28
43
  :param pulumi.Input[str] name: Unique name of the GitHub destination.
29
44
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
30
45
  The value should not contain leading or trailing forward slashes.
31
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
46
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
32
47
  :param pulumi.Input[str] repository_name: Name of the repository.
33
48
  Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
34
49
  variable.
@@ -40,6 +55,12 @@ class SyncGhDestinationArgs:
40
55
  """
41
56
  if access_token is not None:
42
57
  pulumi.set(__self__, "access_token", access_token)
58
+ if app_name is not None:
59
+ pulumi.set(__self__, "app_name", app_name)
60
+ if granularity is not None:
61
+ pulumi.set(__self__, "granularity", granularity)
62
+ if installation_id is not None:
63
+ pulumi.set(__self__, "installation_id", installation_id)
43
64
  if name is not None:
44
65
  pulumi.set(__self__, "name", name)
45
66
  if namespace is not None:
@@ -65,6 +86,46 @@ class SyncGhDestinationArgs:
65
86
  def access_token(self, value: Optional[pulumi.Input[str]]):
66
87
  pulumi.set(self, "access_token", value)
67
88
 
89
+ @property
90
+ @pulumi.getter(name="appName")
91
+ def app_name(self) -> Optional[pulumi.Input[str]]:
92
+ """
93
+ The user-defined name of the GitHub App configuration. This is a reference to the name used
94
+ on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
95
+ Takes precedence over the `access_token` field.
96
+ """
97
+ return pulumi.get(self, "app_name")
98
+
99
+ @app_name.setter
100
+ def app_name(self, value: Optional[pulumi.Input[str]]):
101
+ pulumi.set(self, "app_name", value)
102
+
103
+ @property
104
+ @pulumi.getter
105
+ def granularity(self) -> Optional[pulumi.Input[str]]:
106
+ """
107
+ Determines what level of information is synced as a distinct resource
108
+ at the destination. Supports `secret-path` and `secret-key`.
109
+ """
110
+ return pulumi.get(self, "granularity")
111
+
112
+ @granularity.setter
113
+ def granularity(self, value: Optional[pulumi.Input[str]]):
114
+ pulumi.set(self, "granularity", value)
115
+
116
+ @property
117
+ @pulumi.getter(name="installationId")
118
+ def installation_id(self) -> Optional[pulumi.Input[int]]:
119
+ """
120
+ The ID of the installation generated by GitHub when the app referenced by the `app_name`
121
+ was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
122
+ """
123
+ return pulumi.get(self, "installation_id")
124
+
125
+ @installation_id.setter
126
+ def installation_id(self, value: Optional[pulumi.Input[int]]):
127
+ pulumi.set(self, "installation_id", value)
128
+
68
129
  @property
69
130
  @pulumi.getter
70
131
  def name(self) -> Optional[pulumi.Input[str]]:
@@ -83,7 +144,7 @@ class SyncGhDestinationArgs:
83
144
  """
84
145
  The namespace to provision the resource in.
85
146
  The value should not contain leading or trailing forward slashes.
86
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
147
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
87
148
  """
88
149
  return pulumi.get(self, "namespace")
89
150
 
@@ -137,6 +198,9 @@ class SyncGhDestinationArgs:
137
198
  class _SyncGhDestinationState:
138
199
  def __init__(__self__, *,
139
200
  access_token: Optional[pulumi.Input[str]] = None,
201
+ app_name: Optional[pulumi.Input[str]] = None,
202
+ granularity: Optional[pulumi.Input[str]] = None,
203
+ installation_id: Optional[pulumi.Input[int]] = None,
140
204
  name: Optional[pulumi.Input[str]] = None,
141
205
  namespace: Optional[pulumi.Input[str]] = None,
142
206
  repository_name: Optional[pulumi.Input[str]] = None,
@@ -148,10 +212,17 @@ class _SyncGhDestinationState:
148
212
  :param pulumi.Input[str] access_token: Fine-grained or personal access token.
149
213
  Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
150
214
  variable.
215
+ :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
216
+ on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
217
+ Takes precedence over the `access_token` field.
218
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
219
+ at the destination. Supports `secret-path` and `secret-key`.
220
+ :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
221
+ was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
151
222
  :param pulumi.Input[str] name: Unique name of the GitHub destination.
152
223
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
153
224
  The value should not contain leading or trailing forward slashes.
154
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
225
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
155
226
  :param pulumi.Input[str] repository_name: Name of the repository.
156
227
  Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
157
228
  variable.
@@ -164,6 +235,12 @@ class _SyncGhDestinationState:
164
235
  """
165
236
  if access_token is not None:
166
237
  pulumi.set(__self__, "access_token", access_token)
238
+ if app_name is not None:
239
+ pulumi.set(__self__, "app_name", app_name)
240
+ if granularity is not None:
241
+ pulumi.set(__self__, "granularity", granularity)
242
+ if installation_id is not None:
243
+ pulumi.set(__self__, "installation_id", installation_id)
167
244
  if name is not None:
168
245
  pulumi.set(__self__, "name", name)
169
246
  if namespace is not None:
@@ -191,6 +268,46 @@ class _SyncGhDestinationState:
191
268
  def access_token(self, value: Optional[pulumi.Input[str]]):
192
269
  pulumi.set(self, "access_token", value)
193
270
 
271
+ @property
272
+ @pulumi.getter(name="appName")
273
+ def app_name(self) -> Optional[pulumi.Input[str]]:
274
+ """
275
+ The user-defined name of the GitHub App configuration. This is a reference to the name used
276
+ on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
277
+ Takes precedence over the `access_token` field.
278
+ """
279
+ return pulumi.get(self, "app_name")
280
+
281
+ @app_name.setter
282
+ def app_name(self, value: Optional[pulumi.Input[str]]):
283
+ pulumi.set(self, "app_name", value)
284
+
285
+ @property
286
+ @pulumi.getter
287
+ def granularity(self) -> Optional[pulumi.Input[str]]:
288
+ """
289
+ Determines what level of information is synced as a distinct resource
290
+ at the destination. Supports `secret-path` and `secret-key`.
291
+ """
292
+ return pulumi.get(self, "granularity")
293
+
294
+ @granularity.setter
295
+ def granularity(self, value: Optional[pulumi.Input[str]]):
296
+ pulumi.set(self, "granularity", value)
297
+
298
+ @property
299
+ @pulumi.getter(name="installationId")
300
+ def installation_id(self) -> Optional[pulumi.Input[int]]:
301
+ """
302
+ The ID of the installation generated by GitHub when the app referenced by the `app_name`
303
+ was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
304
+ """
305
+ return pulumi.get(self, "installation_id")
306
+
307
+ @installation_id.setter
308
+ def installation_id(self, value: Optional[pulumi.Input[int]]):
309
+ pulumi.set(self, "installation_id", value)
310
+
194
311
  @property
195
312
  @pulumi.getter
196
313
  def name(self) -> Optional[pulumi.Input[str]]:
@@ -209,7 +326,7 @@ class _SyncGhDestinationState:
209
326
  """
210
327
  The namespace to provision the resource in.
211
328
  The value should not contain leading or trailing forward slashes.
212
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
329
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
213
330
  """
214
331
  return pulumi.get(self, "namespace")
215
332
 
@@ -277,6 +394,9 @@ class SyncGhDestination(pulumi.CustomResource):
277
394
  resource_name: str,
278
395
  opts: Optional[pulumi.ResourceOptions] = None,
279
396
  access_token: Optional[pulumi.Input[str]] = None,
397
+ app_name: Optional[pulumi.Input[str]] = None,
398
+ granularity: Optional[pulumi.Input[str]] = None,
399
+ installation_id: Optional[pulumi.Input[int]] = None,
280
400
  name: Optional[pulumi.Input[str]] = None,
281
401
  namespace: Optional[pulumi.Input[str]] = None,
282
402
  repository_name: Optional[pulumi.Input[str]] = None,
@@ -291,8 +411,9 @@ class SyncGhDestination(pulumi.CustomResource):
291
411
  import pulumi_vault as vault
292
412
 
293
413
  gh = vault.secrets.SyncGhDestination("gh",
294
- access_token=var["access_token"],
295
- repository_owner=var["repo_owner"],
414
+ name="gh-dest",
415
+ access_token=access_token,
416
+ repository_owner=repo_owner,
296
417
  repository_name="repo-name-example",
297
418
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
298
419
  ```
@@ -302,7 +423,7 @@ class SyncGhDestination(pulumi.CustomResource):
302
423
  GitHub Secrets sync destinations can be imported using the `name`, e.g.
303
424
 
304
425
  ```sh
305
- $ pulumi import vault:secrets/syncGhDestination:SyncGhDestination gh gh-dest
426
+ $ pulumi import vault:secrets/syncGhDestination:SyncGhDestination gh gh-dest
306
427
  ```
307
428
 
308
429
  :param str resource_name: The name of the resource.
@@ -310,10 +431,17 @@ class SyncGhDestination(pulumi.CustomResource):
310
431
  :param pulumi.Input[str] access_token: Fine-grained or personal access token.
311
432
  Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
312
433
  variable.
434
+ :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
435
+ on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
436
+ Takes precedence over the `access_token` field.
437
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
438
+ at the destination. Supports `secret-path` and `secret-key`.
439
+ :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
440
+ was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
313
441
  :param pulumi.Input[str] name: Unique name of the GitHub destination.
314
442
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
315
443
  The value should not contain leading or trailing forward slashes.
316
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
444
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
317
445
  :param pulumi.Input[str] repository_name: Name of the repository.
318
446
  Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
319
447
  variable.
@@ -337,8 +465,9 @@ class SyncGhDestination(pulumi.CustomResource):
337
465
  import pulumi_vault as vault
338
466
 
339
467
  gh = vault.secrets.SyncGhDestination("gh",
340
- access_token=var["access_token"],
341
- repository_owner=var["repo_owner"],
468
+ name="gh-dest",
469
+ access_token=access_token,
470
+ repository_owner=repo_owner,
342
471
  repository_name="repo-name-example",
343
472
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
344
473
  ```
@@ -348,7 +477,7 @@ class SyncGhDestination(pulumi.CustomResource):
348
477
  GitHub Secrets sync destinations can be imported using the `name`, e.g.
349
478
 
350
479
  ```sh
351
- $ pulumi import vault:secrets/syncGhDestination:SyncGhDestination gh gh-dest
480
+ $ pulumi import vault:secrets/syncGhDestination:SyncGhDestination gh gh-dest
352
481
  ```
353
482
 
354
483
  :param str resource_name: The name of the resource.
@@ -367,6 +496,9 @@ class SyncGhDestination(pulumi.CustomResource):
367
496
  resource_name: str,
368
497
  opts: Optional[pulumi.ResourceOptions] = None,
369
498
  access_token: Optional[pulumi.Input[str]] = None,
499
+ app_name: Optional[pulumi.Input[str]] = None,
500
+ granularity: Optional[pulumi.Input[str]] = None,
501
+ installation_id: Optional[pulumi.Input[int]] = None,
370
502
  name: Optional[pulumi.Input[str]] = None,
371
503
  namespace: Optional[pulumi.Input[str]] = None,
372
504
  repository_name: Optional[pulumi.Input[str]] = None,
@@ -382,6 +514,9 @@ class SyncGhDestination(pulumi.CustomResource):
382
514
  __props__ = SyncGhDestinationArgs.__new__(SyncGhDestinationArgs)
383
515
 
384
516
  __props__.__dict__["access_token"] = None if access_token is None else pulumi.Output.secret(access_token)
517
+ __props__.__dict__["app_name"] = app_name
518
+ __props__.__dict__["granularity"] = granularity
519
+ __props__.__dict__["installation_id"] = installation_id
385
520
  __props__.__dict__["name"] = name
386
521
  __props__.__dict__["namespace"] = namespace
387
522
  __props__.__dict__["repository_name"] = repository_name
@@ -401,6 +536,9 @@ class SyncGhDestination(pulumi.CustomResource):
401
536
  id: pulumi.Input[str],
402
537
  opts: Optional[pulumi.ResourceOptions] = None,
403
538
  access_token: Optional[pulumi.Input[str]] = None,
539
+ app_name: Optional[pulumi.Input[str]] = None,
540
+ granularity: Optional[pulumi.Input[str]] = None,
541
+ installation_id: Optional[pulumi.Input[int]] = None,
404
542
  name: Optional[pulumi.Input[str]] = None,
405
543
  namespace: Optional[pulumi.Input[str]] = None,
406
544
  repository_name: Optional[pulumi.Input[str]] = None,
@@ -417,10 +555,17 @@ class SyncGhDestination(pulumi.CustomResource):
417
555
  :param pulumi.Input[str] access_token: Fine-grained or personal access token.
418
556
  Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
419
557
  variable.
558
+ :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used
559
+ on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
560
+ Takes precedence over the `access_token` field.
561
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
562
+ at the destination. Supports `secret-path` and `secret-key`.
563
+ :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
564
+ was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
420
565
  :param pulumi.Input[str] name: Unique name of the GitHub destination.
421
566
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
422
567
  The value should not contain leading or trailing forward slashes.
423
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
568
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
424
569
  :param pulumi.Input[str] repository_name: Name of the repository.
425
570
  Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
426
571
  variable.
@@ -436,6 +581,9 @@ class SyncGhDestination(pulumi.CustomResource):
436
581
  __props__ = _SyncGhDestinationState.__new__(_SyncGhDestinationState)
437
582
 
438
583
  __props__.__dict__["access_token"] = access_token
584
+ __props__.__dict__["app_name"] = app_name
585
+ __props__.__dict__["granularity"] = granularity
586
+ __props__.__dict__["installation_id"] = installation_id
439
587
  __props__.__dict__["name"] = name
440
588
  __props__.__dict__["namespace"] = namespace
441
589
  __props__.__dict__["repository_name"] = repository_name
@@ -454,6 +602,34 @@ class SyncGhDestination(pulumi.CustomResource):
454
602
  """
455
603
  return pulumi.get(self, "access_token")
456
604
 
605
+ @property
606
+ @pulumi.getter(name="appName")
607
+ def app_name(self) -> pulumi.Output[Optional[str]]:
608
+ """
609
+ The user-defined name of the GitHub App configuration. This is a reference to the name used
610
+ on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
611
+ Takes precedence over the `access_token` field.
612
+ """
613
+ return pulumi.get(self, "app_name")
614
+
615
+ @property
616
+ @pulumi.getter
617
+ def granularity(self) -> pulumi.Output[Optional[str]]:
618
+ """
619
+ Determines what level of information is synced as a distinct resource
620
+ at the destination. Supports `secret-path` and `secret-key`.
621
+ """
622
+ return pulumi.get(self, "granularity")
623
+
624
+ @property
625
+ @pulumi.getter(name="installationId")
626
+ def installation_id(self) -> pulumi.Output[Optional[int]]:
627
+ """
628
+ The ID of the installation generated by GitHub when the app referenced by the `app_name`
629
+ was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
630
+ """
631
+ return pulumi.get(self, "installation_id")
632
+
457
633
  @property
458
634
  @pulumi.getter
459
635
  def name(self) -> pulumi.Output[str]:
@@ -468,7 +644,7 @@ class SyncGhDestination(pulumi.CustomResource):
468
644
  """
469
645
  The namespace to provision the resource in.
470
646
  The value should not contain leading or trailing forward slashes.
471
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
647
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
472
648
  """
473
649
  return pulumi.get(self, "namespace")
474
650