pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +26 -9
- pulumi_vault/ad/secret_backend.py +16 -142
- pulumi_vault/ad/secret_library.py +16 -9
- pulumi_vault/ad/secret_role.py +14 -9
- pulumi_vault/alicloud/auth_backend_role.py +76 -190
- pulumi_vault/approle/auth_backend_login.py +12 -7
- pulumi_vault/approle/auth_backend_role.py +77 -191
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
- pulumi_vault/audit.py +30 -21
- pulumi_vault/audit_request_header.py +11 -2
- pulumi_vault/auth_backend.py +66 -14
- pulumi_vault/aws/auth_backend_cert.py +18 -9
- pulumi_vault/aws/auth_backend_client.py +267 -22
- pulumi_vault/aws/auth_backend_config_identity.py +14 -9
- pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +77 -191
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
- pulumi_vault/aws/auth_backend_sts_role.py +14 -9
- pulumi_vault/aws/get_access_credentials.py +38 -9
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +77 -9
- pulumi_vault/aws/secret_backend_role.py +185 -9
- pulumi_vault/aws/secret_backend_static_role.py +20 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +153 -15
- pulumi_vault/azure/auth_backend_role.py +77 -191
- pulumi_vault/azure/backend.py +227 -21
- pulumi_vault/azure/backend_role.py +42 -37
- pulumi_vault/azure/get_access_credentials.py +41 -7
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -267
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +28 -19
- pulumi_vault/consul/secret_backend_role.py +18 -78
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +119 -112
- pulumi_vault/database/secret_backend_role.py +31 -22
- pulumi_vault/database/secret_backend_static_role.py +87 -13
- pulumi_vault/database/secrets_mount.py +427 -136
- pulumi_vault/egp_policy.py +16 -11
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +250 -33
- pulumi_vault/gcp/auth_backend_role.py +77 -269
- pulumi_vault/gcp/get_auth_backend_role.py +43 -5
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -12
- pulumi_vault/gcp/secret_impersonated_account.py +76 -15
- pulumi_vault/gcp/secret_roleset.py +31 -24
- pulumi_vault/gcp/secret_static_account.py +39 -32
- pulumi_vault/generic/endpoint.py +24 -17
- pulumi_vault/generic/get_secret.py +64 -8
- pulumi_vault/generic/secret.py +21 -16
- pulumi_vault/get_auth_backend.py +24 -7
- pulumi_vault/get_auth_backends.py +51 -9
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -11
- pulumi_vault/get_policy_document.py +34 -19
- pulumi_vault/get_raft_autopilot_state.py +29 -10
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +19 -14
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +16 -11
- pulumi_vault/github/user.py +16 -11
- pulumi_vault/identity/entity.py +20 -13
- pulumi_vault/identity/entity_alias.py +20 -13
- pulumi_vault/identity/entity_policies.py +28 -11
- pulumi_vault/identity/get_entity.py +42 -10
- pulumi_vault/identity/get_group.py +47 -9
- pulumi_vault/identity/get_oidc_client_creds.py +21 -7
- pulumi_vault/identity/get_oidc_openid_config.py +39 -9
- pulumi_vault/identity/get_oidc_public_keys.py +29 -10
- pulumi_vault/identity/group.py +58 -39
- pulumi_vault/identity/group_alias.py +16 -9
- pulumi_vault/identity/group_member_entity_ids.py +28 -66
- pulumi_vault/identity/group_member_group_ids.py +40 -19
- pulumi_vault/identity/group_policies.py +20 -7
- pulumi_vault/identity/mfa_duo.py +11 -6
- pulumi_vault/identity/mfa_login_enforcement.py +15 -6
- pulumi_vault/identity/mfa_okta.py +11 -6
- pulumi_vault/identity/mfa_pingid.py +7 -2
- pulumi_vault/identity/mfa_totp.py +7 -2
- pulumi_vault/identity/oidc.py +12 -7
- pulumi_vault/identity/oidc_assignment.py +24 -11
- pulumi_vault/identity/oidc_client.py +36 -23
- pulumi_vault/identity/oidc_key.py +30 -17
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
- pulumi_vault/identity/oidc_provider.py +36 -21
- pulumi_vault/identity/oidc_role.py +42 -21
- pulumi_vault/identity/oidc_scope.py +20 -13
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +45 -40
- pulumi_vault/jwt/auth_backend_role.py +133 -254
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +24 -19
- pulumi_vault/kmip/secret_role.py +14 -9
- pulumi_vault/kmip/secret_scope.py +14 -9
- pulumi_vault/kubernetes/auth_backend_config.py +57 -5
- pulumi_vault/kubernetes/auth_backend_role.py +70 -177
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -11
- pulumi_vault/kubernetes/secret_backend.py +316 -27
- pulumi_vault/kubernetes/secret_backend_role.py +137 -46
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +25 -8
- pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
- pulumi_vault/kv/get_secret_v2.py +85 -9
- pulumi_vault/kv/get_secrets_list.py +24 -11
- pulumi_vault/kv/get_secrets_list_v2.py +37 -15
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +23 -16
- pulumi_vault/kv/secret_backend_v2.py +20 -11
- pulumi_vault/kv/secret_v2.py +59 -50
- pulumi_vault/ldap/auth_backend.py +127 -166
- pulumi_vault/ldap/auth_backend_group.py +14 -9
- pulumi_vault/ldap/auth_backend_user.py +14 -9
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +354 -82
- pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
- pulumi_vault/ldap/secret_backend_library_set.py +16 -9
- pulumi_vault/ldap/secret_backend_static_role.py +73 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +29 -57
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +18 -11
- pulumi_vault/mfa_okta.py +18 -11
- pulumi_vault/mfa_pingid.py +18 -11
- pulumi_vault/mfa_totp.py +24 -17
- pulumi_vault/mongodbatlas/secret_backend.py +20 -15
- pulumi_vault/mongodbatlas/secret_role.py +47 -38
- pulumi_vault/mount.py +391 -51
- pulumi_vault/namespace.py +68 -83
- pulumi_vault/nomad_secret_backend.py +18 -13
- pulumi_vault/nomad_secret_role.py +14 -9
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +485 -39
- pulumi_vault/okta/auth_backend_group.py +14 -9
- pulumi_vault/okta/auth_backend_user.py +14 -9
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +20 -13
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
- pulumi_vault/pkisecret/get_backend_key.py +24 -9
- pulumi_vault/pkisecret/get_backend_keys.py +21 -8
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
- pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
- pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
- pulumi_vault/pkisecret/secret_backend_key.py +14 -9
- pulumi_vault/pkisecret/secret_backend_role.py +21 -14
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +14 -9
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +60 -6
- pulumi_vault/quota_rate_limit.py +56 -2
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +18 -13
- pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
- pulumi_vault/raft_autopilot.py +14 -9
- pulumi_vault/raft_snapshot_agent_config.py +129 -224
- pulumi_vault/rgp_policy.py +14 -9
- pulumi_vault/saml/auth_backend.py +22 -17
- pulumi_vault/saml/auth_backend_role.py +92 -197
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -71
- pulumi_vault/secrets/sync_aws_destination.py +242 -27
- pulumi_vault/secrets/sync_azure_destination.py +92 -31
- pulumi_vault/secrets/sync_config.py +9 -4
- pulumi_vault/secrets/sync_gcp_destination.py +158 -25
- pulumi_vault/secrets/sync_gh_destination.py +189 -13
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +74 -13
- pulumi_vault/ssh/_inputs.py +28 -28
- pulumi_vault/ssh/outputs.py +11 -28
- pulumi_vault/ssh/secret_backend_ca.py +108 -9
- pulumi_vault/ssh/secret_backend_role.py +85 -118
- pulumi_vault/terraformcloud/secret_backend.py +7 -54
- pulumi_vault/terraformcloud/secret_creds.py +14 -20
- pulumi_vault/terraformcloud/secret_role.py +16 -74
- pulumi_vault/token.py +28 -23
- pulumi_vault/tokenauth/auth_backend_role.py +78 -199
- pulumi_vault/transform/alphabet.py +16 -9
- pulumi_vault/transform/get_decode.py +45 -17
- pulumi_vault/transform/get_encode.py +45 -17
- pulumi_vault/transform/role.py +16 -9
- pulumi_vault/transform/template.py +30 -21
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -21
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +27 -93
- pulumi_vault/transit/secret_cache_config.py +12 -7
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
pulumi_vault/ssh/_inputs.py
CHANGED
@@ -4,35 +4,46 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
13
18
|
'SecretBackendRoleAllowedUserKeyConfigArgs',
|
19
|
+
'SecretBackendRoleAllowedUserKeyConfigArgsDict',
|
14
20
|
]
|
15
21
|
|
22
|
+
MYPY = False
|
23
|
+
|
24
|
+
if not MYPY:
|
25
|
+
class SecretBackendRoleAllowedUserKeyConfigArgsDict(TypedDict):
|
26
|
+
lengths: pulumi.Input[Sequence[pulumi.Input[int]]]
|
27
|
+
"""
|
28
|
+
List of allowed key lengths, vault-1.10 and above
|
29
|
+
"""
|
30
|
+
type: pulumi.Input[str]
|
31
|
+
"""
|
32
|
+
Key type, choices:
|
33
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
34
|
+
"""
|
35
|
+
elif False:
|
36
|
+
SecretBackendRoleAllowedUserKeyConfigArgsDict: TypeAlias = Mapping[str, Any]
|
37
|
+
|
16
38
|
@pulumi.input_type
|
17
39
|
class SecretBackendRoleAllowedUserKeyConfigArgs:
|
18
40
|
def __init__(__self__, *,
|
19
41
|
lengths: pulumi.Input[Sequence[pulumi.Input[int]]],
|
20
42
|
type: pulumi.Input[str]):
|
21
43
|
"""
|
22
|
-
:param pulumi.Input[Sequence[pulumi.Input[int]]] lengths:
|
23
|
-
|
24
|
-
|
25
|
-
must be set to a single element list.
|
26
|
-
|
27
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
28
|
-
|
29
|
-
```python
|
30
|
-
import pulumi
|
31
|
-
```
|
32
|
-
:param pulumi.Input[str] type: The SSH public key type.
|
33
|
-
*Supported key types are:*
|
34
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
35
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
44
|
+
:param pulumi.Input[Sequence[pulumi.Input[int]]] lengths: List of allowed key lengths, vault-1.10 and above
|
45
|
+
:param pulumi.Input[str] type: Key type, choices:
|
46
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
36
47
|
"""
|
37
48
|
pulumi.set(__self__, "lengths", lengths)
|
38
49
|
pulumi.set(__self__, "type", type)
|
@@ -41,16 +52,7 @@ class SecretBackendRoleAllowedUserKeyConfigArgs:
|
|
41
52
|
@pulumi.getter
|
42
53
|
def lengths(self) -> pulumi.Input[Sequence[pulumi.Input[int]]]:
|
43
54
|
"""
|
44
|
-
|
45
|
-
For key types that do not support setting the length a value of `[0]` should be used.
|
46
|
-
Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
|
47
|
-
must be set to a single element list.
|
48
|
-
|
49
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
50
|
-
|
51
|
-
```python
|
52
|
-
import pulumi
|
53
|
-
```
|
55
|
+
List of allowed key lengths, vault-1.10 and above
|
54
56
|
"""
|
55
57
|
return pulumi.get(self, "lengths")
|
56
58
|
|
@@ -62,10 +64,8 @@ class SecretBackendRoleAllowedUserKeyConfigArgs:
|
|
62
64
|
@pulumi.getter
|
63
65
|
def type(self) -> pulumi.Input[str]:
|
64
66
|
"""
|
65
|
-
|
66
|
-
|
67
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
68
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
67
|
+
Key type, choices:
|
68
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
69
69
|
"""
|
70
70
|
return pulumi.get(self, "type")
|
71
71
|
|
pulumi_vault/ssh/outputs.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -19,20 +24,9 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
19
24
|
lengths: Sequence[int],
|
20
25
|
type: str):
|
21
26
|
"""
|
22
|
-
:param Sequence[int] lengths:
|
23
|
-
|
24
|
-
|
25
|
-
must be set to a single element list.
|
26
|
-
|
27
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
28
|
-
|
29
|
-
```python
|
30
|
-
import pulumi
|
31
|
-
```
|
32
|
-
:param str type: The SSH public key type.
|
33
|
-
*Supported key types are:*
|
34
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
35
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
27
|
+
:param Sequence[int] lengths: List of allowed key lengths, vault-1.10 and above
|
28
|
+
:param str type: Key type, choices:
|
29
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
36
30
|
"""
|
37
31
|
pulumi.set(__self__, "lengths", lengths)
|
38
32
|
pulumi.set(__self__, "type", type)
|
@@ -41,16 +35,7 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
41
35
|
@pulumi.getter
|
42
36
|
def lengths(self) -> Sequence[int]:
|
43
37
|
"""
|
44
|
-
|
45
|
-
For key types that do not support setting the length a value of `[0]` should be used.
|
46
|
-
Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
|
47
|
-
must be set to a single element list.
|
48
|
-
|
49
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
50
|
-
|
51
|
-
```python
|
52
|
-
import pulumi
|
53
|
-
```
|
38
|
+
List of allowed key lengths, vault-1.10 and above
|
54
39
|
"""
|
55
40
|
return pulumi.get(self, "lengths")
|
56
41
|
|
@@ -58,10 +43,8 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
58
43
|
@pulumi.getter
|
59
44
|
def type(self) -> str:
|
60
45
|
"""
|
61
|
-
|
62
|
-
|
63
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
64
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
46
|
+
Key type, choices:
|
47
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
65
48
|
"""
|
66
49
|
return pulumi.get(self, "type")
|
67
50
|
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendCaArgs', 'SecretBackendCa']
|
@@ -16,6 +21,8 @@ class SecretBackendCaArgs:
|
|
16
21
|
def __init__(__self__, *,
|
17
22
|
backend: Optional[pulumi.Input[str]] = None,
|
18
23
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
24
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
25
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
19
26
|
namespace: Optional[pulumi.Input[str]] = None,
|
20
27
|
private_key: Optional[pulumi.Input[str]] = None,
|
21
28
|
public_key: Optional[pulumi.Input[str]] = None):
|
@@ -23,9 +30,11 @@ class SecretBackendCaArgs:
|
|
23
30
|
The set of arguments for constructing a SecretBackendCa resource.
|
24
31
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
25
32
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
33
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
34
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
26
35
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
27
36
|
The value should not contain leading or trailing forward slashes.
|
28
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
37
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
29
38
|
*Available only for Vault Enterprise*.
|
30
39
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
31
40
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -34,6 +43,10 @@ class SecretBackendCaArgs:
|
|
34
43
|
pulumi.set(__self__, "backend", backend)
|
35
44
|
if generate_signing_key is not None:
|
36
45
|
pulumi.set(__self__, "generate_signing_key", generate_signing_key)
|
46
|
+
if key_bits is not None:
|
47
|
+
pulumi.set(__self__, "key_bits", key_bits)
|
48
|
+
if key_type is not None:
|
49
|
+
pulumi.set(__self__, "key_type", key_type)
|
37
50
|
if namespace is not None:
|
38
51
|
pulumi.set(__self__, "namespace", namespace)
|
39
52
|
if private_key is not None:
|
@@ -65,13 +78,37 @@ class SecretBackendCaArgs:
|
|
65
78
|
def generate_signing_key(self, value: Optional[pulumi.Input[bool]]):
|
66
79
|
pulumi.set(self, "generate_signing_key", value)
|
67
80
|
|
81
|
+
@property
|
82
|
+
@pulumi.getter(name="keyBits")
|
83
|
+
def key_bits(self) -> Optional[pulumi.Input[int]]:
|
84
|
+
"""
|
85
|
+
Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
86
|
+
"""
|
87
|
+
return pulumi.get(self, "key_bits")
|
88
|
+
|
89
|
+
@key_bits.setter
|
90
|
+
def key_bits(self, value: Optional[pulumi.Input[int]]):
|
91
|
+
pulumi.set(self, "key_bits", value)
|
92
|
+
|
93
|
+
@property
|
94
|
+
@pulumi.getter(name="keyType")
|
95
|
+
def key_type(self) -> Optional[pulumi.Input[str]]:
|
96
|
+
"""
|
97
|
+
Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
98
|
+
"""
|
99
|
+
return pulumi.get(self, "key_type")
|
100
|
+
|
101
|
+
@key_type.setter
|
102
|
+
def key_type(self, value: Optional[pulumi.Input[str]]):
|
103
|
+
pulumi.set(self, "key_type", value)
|
104
|
+
|
68
105
|
@property
|
69
106
|
@pulumi.getter
|
70
107
|
def namespace(self) -> Optional[pulumi.Input[str]]:
|
71
108
|
"""
|
72
109
|
The namespace to provision the resource in.
|
73
110
|
The value should not contain leading or trailing forward slashes.
|
74
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
111
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
75
112
|
*Available only for Vault Enterprise*.
|
76
113
|
"""
|
77
114
|
return pulumi.get(self, "namespace")
|
@@ -110,6 +147,8 @@ class _SecretBackendCaState:
|
|
110
147
|
def __init__(__self__, *,
|
111
148
|
backend: Optional[pulumi.Input[str]] = None,
|
112
149
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
150
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
151
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
113
152
|
namespace: Optional[pulumi.Input[str]] = None,
|
114
153
|
private_key: Optional[pulumi.Input[str]] = None,
|
115
154
|
public_key: Optional[pulumi.Input[str]] = None):
|
@@ -117,9 +156,11 @@ class _SecretBackendCaState:
|
|
117
156
|
Input properties used for looking up and filtering SecretBackendCa resources.
|
118
157
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
119
158
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
159
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
160
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
120
161
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
121
162
|
The value should not contain leading or trailing forward slashes.
|
122
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
163
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
123
164
|
*Available only for Vault Enterprise*.
|
124
165
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
125
166
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -128,6 +169,10 @@ class _SecretBackendCaState:
|
|
128
169
|
pulumi.set(__self__, "backend", backend)
|
129
170
|
if generate_signing_key is not None:
|
130
171
|
pulumi.set(__self__, "generate_signing_key", generate_signing_key)
|
172
|
+
if key_bits is not None:
|
173
|
+
pulumi.set(__self__, "key_bits", key_bits)
|
174
|
+
if key_type is not None:
|
175
|
+
pulumi.set(__self__, "key_type", key_type)
|
131
176
|
if namespace is not None:
|
132
177
|
pulumi.set(__self__, "namespace", namespace)
|
133
178
|
if private_key is not None:
|
@@ -159,13 +204,37 @@ class _SecretBackendCaState:
|
|
159
204
|
def generate_signing_key(self, value: Optional[pulumi.Input[bool]]):
|
160
205
|
pulumi.set(self, "generate_signing_key", value)
|
161
206
|
|
207
|
+
@property
|
208
|
+
@pulumi.getter(name="keyBits")
|
209
|
+
def key_bits(self) -> Optional[pulumi.Input[int]]:
|
210
|
+
"""
|
211
|
+
Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
212
|
+
"""
|
213
|
+
return pulumi.get(self, "key_bits")
|
214
|
+
|
215
|
+
@key_bits.setter
|
216
|
+
def key_bits(self, value: Optional[pulumi.Input[int]]):
|
217
|
+
pulumi.set(self, "key_bits", value)
|
218
|
+
|
219
|
+
@property
|
220
|
+
@pulumi.getter(name="keyType")
|
221
|
+
def key_type(self) -> Optional[pulumi.Input[str]]:
|
222
|
+
"""
|
223
|
+
Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
224
|
+
"""
|
225
|
+
return pulumi.get(self, "key_type")
|
226
|
+
|
227
|
+
@key_type.setter
|
228
|
+
def key_type(self, value: Optional[pulumi.Input[str]]):
|
229
|
+
pulumi.set(self, "key_type", value)
|
230
|
+
|
162
231
|
@property
|
163
232
|
@pulumi.getter
|
164
233
|
def namespace(self) -> Optional[pulumi.Input[str]]:
|
165
234
|
"""
|
166
235
|
The namespace to provision the resource in.
|
167
236
|
The value should not contain leading or trailing forward slashes.
|
168
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
237
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
169
238
|
*Available only for Vault Enterprise*.
|
170
239
|
"""
|
171
240
|
return pulumi.get(self, "namespace")
|
@@ -206,6 +275,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
206
275
|
opts: Optional[pulumi.ResourceOptions] = None,
|
207
276
|
backend: Optional[pulumi.Input[str]] = None,
|
208
277
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
278
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
279
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
209
280
|
namespace: Optional[pulumi.Input[str]] = None,
|
210
281
|
private_key: Optional[pulumi.Input[str]] = None,
|
211
282
|
public_key: Optional[pulumi.Input[str]] = None,
|
@@ -229,16 +300,18 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
229
300
|
SSH secret backend CAs can be imported using the `path`, e.g.
|
230
301
|
|
231
302
|
```sh
|
232
|
-
|
303
|
+
$ pulumi import vault:ssh/secretBackendCa:SecretBackendCa foo ssh
|
233
304
|
```
|
234
305
|
|
235
306
|
:param str resource_name: The name of the resource.
|
236
307
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
237
308
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
238
309
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
310
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
311
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
239
312
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
240
313
|
The value should not contain leading or trailing forward slashes.
|
241
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
314
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
242
315
|
*Available only for Vault Enterprise*.
|
243
316
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
244
317
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -268,7 +341,7 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
268
341
|
SSH secret backend CAs can be imported using the `path`, e.g.
|
269
342
|
|
270
343
|
```sh
|
271
|
-
|
344
|
+
$ pulumi import vault:ssh/secretBackendCa:SecretBackendCa foo ssh
|
272
345
|
```
|
273
346
|
|
274
347
|
:param str resource_name: The name of the resource.
|
@@ -288,6 +361,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
288
361
|
opts: Optional[pulumi.ResourceOptions] = None,
|
289
362
|
backend: Optional[pulumi.Input[str]] = None,
|
290
363
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
364
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
365
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
291
366
|
namespace: Optional[pulumi.Input[str]] = None,
|
292
367
|
private_key: Optional[pulumi.Input[str]] = None,
|
293
368
|
public_key: Optional[pulumi.Input[str]] = None,
|
@@ -302,6 +377,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
302
377
|
|
303
378
|
__props__.__dict__["backend"] = backend
|
304
379
|
__props__.__dict__["generate_signing_key"] = generate_signing_key
|
380
|
+
__props__.__dict__["key_bits"] = key_bits
|
381
|
+
__props__.__dict__["key_type"] = key_type
|
305
382
|
__props__.__dict__["namespace"] = namespace
|
306
383
|
__props__.__dict__["private_key"] = None if private_key is None else pulumi.Output.secret(private_key)
|
307
384
|
__props__.__dict__["public_key"] = public_key
|
@@ -319,6 +396,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
319
396
|
opts: Optional[pulumi.ResourceOptions] = None,
|
320
397
|
backend: Optional[pulumi.Input[str]] = None,
|
321
398
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
399
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
400
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
322
401
|
namespace: Optional[pulumi.Input[str]] = None,
|
323
402
|
private_key: Optional[pulumi.Input[str]] = None,
|
324
403
|
public_key: Optional[pulumi.Input[str]] = None) -> 'SecretBackendCa':
|
@@ -331,9 +410,11 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
331
410
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
332
411
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
333
412
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
413
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
414
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
334
415
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
335
416
|
The value should not contain leading or trailing forward slashes.
|
336
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
417
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
337
418
|
*Available only for Vault Enterprise*.
|
338
419
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
339
420
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -344,6 +425,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
344
425
|
|
345
426
|
__props__.__dict__["backend"] = backend
|
346
427
|
__props__.__dict__["generate_signing_key"] = generate_signing_key
|
428
|
+
__props__.__dict__["key_bits"] = key_bits
|
429
|
+
__props__.__dict__["key_type"] = key_type
|
347
430
|
__props__.__dict__["namespace"] = namespace
|
348
431
|
__props__.__dict__["private_key"] = private_key
|
349
432
|
__props__.__dict__["public_key"] = public_key
|
@@ -365,13 +448,29 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
365
448
|
"""
|
366
449
|
return pulumi.get(self, "generate_signing_key")
|
367
450
|
|
451
|
+
@property
|
452
|
+
@pulumi.getter(name="keyBits")
|
453
|
+
def key_bits(self) -> pulumi.Output[Optional[int]]:
|
454
|
+
"""
|
455
|
+
Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
456
|
+
"""
|
457
|
+
return pulumi.get(self, "key_bits")
|
458
|
+
|
459
|
+
@property
|
460
|
+
@pulumi.getter(name="keyType")
|
461
|
+
def key_type(self) -> pulumi.Output[Optional[str]]:
|
462
|
+
"""
|
463
|
+
Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
464
|
+
"""
|
465
|
+
return pulumi.get(self, "key_type")
|
466
|
+
|
368
467
|
@property
|
369
468
|
@pulumi.getter
|
370
469
|
def namespace(self) -> pulumi.Output[Optional[str]]:
|
371
470
|
"""
|
372
471
|
The namespace to provision the resource in.
|
373
472
|
The value should not contain leading or trailing forward slashes.
|
374
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
473
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
375
474
|
*Available only for Vault Enterprise*.
|
376
475
|
"""
|
377
476
|
return pulumi.get(self, "namespace")
|