pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +26 -9
- pulumi_vault/ad/secret_backend.py +16 -142
- pulumi_vault/ad/secret_library.py +16 -9
- pulumi_vault/ad/secret_role.py +14 -9
- pulumi_vault/alicloud/auth_backend_role.py +76 -190
- pulumi_vault/approle/auth_backend_login.py +12 -7
- pulumi_vault/approle/auth_backend_role.py +77 -191
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
- pulumi_vault/audit.py +30 -21
- pulumi_vault/audit_request_header.py +11 -2
- pulumi_vault/auth_backend.py +66 -14
- pulumi_vault/aws/auth_backend_cert.py +18 -9
- pulumi_vault/aws/auth_backend_client.py +267 -22
- pulumi_vault/aws/auth_backend_config_identity.py +14 -9
- pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +77 -191
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
- pulumi_vault/aws/auth_backend_sts_role.py +14 -9
- pulumi_vault/aws/get_access_credentials.py +38 -9
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +77 -9
- pulumi_vault/aws/secret_backend_role.py +185 -9
- pulumi_vault/aws/secret_backend_static_role.py +20 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +153 -15
- pulumi_vault/azure/auth_backend_role.py +77 -191
- pulumi_vault/azure/backend.py +227 -21
- pulumi_vault/azure/backend_role.py +42 -37
- pulumi_vault/azure/get_access_credentials.py +41 -7
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -267
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +28 -19
- pulumi_vault/consul/secret_backend_role.py +18 -78
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +119 -112
- pulumi_vault/database/secret_backend_role.py +31 -22
- pulumi_vault/database/secret_backend_static_role.py +87 -13
- pulumi_vault/database/secrets_mount.py +427 -136
- pulumi_vault/egp_policy.py +16 -11
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +250 -33
- pulumi_vault/gcp/auth_backend_role.py +77 -269
- pulumi_vault/gcp/get_auth_backend_role.py +43 -5
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -12
- pulumi_vault/gcp/secret_impersonated_account.py +76 -15
- pulumi_vault/gcp/secret_roleset.py +31 -24
- pulumi_vault/gcp/secret_static_account.py +39 -32
- pulumi_vault/generic/endpoint.py +24 -17
- pulumi_vault/generic/get_secret.py +64 -8
- pulumi_vault/generic/secret.py +21 -16
- pulumi_vault/get_auth_backend.py +24 -7
- pulumi_vault/get_auth_backends.py +51 -9
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -11
- pulumi_vault/get_policy_document.py +34 -19
- pulumi_vault/get_raft_autopilot_state.py +29 -10
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +19 -14
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +16 -11
- pulumi_vault/github/user.py +16 -11
- pulumi_vault/identity/entity.py +20 -13
- pulumi_vault/identity/entity_alias.py +20 -13
- pulumi_vault/identity/entity_policies.py +28 -11
- pulumi_vault/identity/get_entity.py +42 -10
- pulumi_vault/identity/get_group.py +47 -9
- pulumi_vault/identity/get_oidc_client_creds.py +21 -7
- pulumi_vault/identity/get_oidc_openid_config.py +39 -9
- pulumi_vault/identity/get_oidc_public_keys.py +29 -10
- pulumi_vault/identity/group.py +58 -39
- pulumi_vault/identity/group_alias.py +16 -9
- pulumi_vault/identity/group_member_entity_ids.py +28 -66
- pulumi_vault/identity/group_member_group_ids.py +40 -19
- pulumi_vault/identity/group_policies.py +20 -7
- pulumi_vault/identity/mfa_duo.py +11 -6
- pulumi_vault/identity/mfa_login_enforcement.py +15 -6
- pulumi_vault/identity/mfa_okta.py +11 -6
- pulumi_vault/identity/mfa_pingid.py +7 -2
- pulumi_vault/identity/mfa_totp.py +7 -2
- pulumi_vault/identity/oidc.py +12 -7
- pulumi_vault/identity/oidc_assignment.py +24 -11
- pulumi_vault/identity/oidc_client.py +36 -23
- pulumi_vault/identity/oidc_key.py +30 -17
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
- pulumi_vault/identity/oidc_provider.py +36 -21
- pulumi_vault/identity/oidc_role.py +42 -21
- pulumi_vault/identity/oidc_scope.py +20 -13
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +45 -40
- pulumi_vault/jwt/auth_backend_role.py +133 -254
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +24 -19
- pulumi_vault/kmip/secret_role.py +14 -9
- pulumi_vault/kmip/secret_scope.py +14 -9
- pulumi_vault/kubernetes/auth_backend_config.py +57 -5
- pulumi_vault/kubernetes/auth_backend_role.py +70 -177
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -11
- pulumi_vault/kubernetes/secret_backend.py +316 -27
- pulumi_vault/kubernetes/secret_backend_role.py +137 -46
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +25 -8
- pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
- pulumi_vault/kv/get_secret_v2.py +85 -9
- pulumi_vault/kv/get_secrets_list.py +24 -11
- pulumi_vault/kv/get_secrets_list_v2.py +37 -15
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +23 -16
- pulumi_vault/kv/secret_backend_v2.py +20 -11
- pulumi_vault/kv/secret_v2.py +59 -50
- pulumi_vault/ldap/auth_backend.py +127 -166
- pulumi_vault/ldap/auth_backend_group.py +14 -9
- pulumi_vault/ldap/auth_backend_user.py +14 -9
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +354 -82
- pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
- pulumi_vault/ldap/secret_backend_library_set.py +16 -9
- pulumi_vault/ldap/secret_backend_static_role.py +73 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +29 -57
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +18 -11
- pulumi_vault/mfa_okta.py +18 -11
- pulumi_vault/mfa_pingid.py +18 -11
- pulumi_vault/mfa_totp.py +24 -17
- pulumi_vault/mongodbatlas/secret_backend.py +20 -15
- pulumi_vault/mongodbatlas/secret_role.py +47 -38
- pulumi_vault/mount.py +391 -51
- pulumi_vault/namespace.py +68 -83
- pulumi_vault/nomad_secret_backend.py +18 -13
- pulumi_vault/nomad_secret_role.py +14 -9
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +485 -39
- pulumi_vault/okta/auth_backend_group.py +14 -9
- pulumi_vault/okta/auth_backend_user.py +14 -9
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +20 -13
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
- pulumi_vault/pkisecret/get_backend_key.py +24 -9
- pulumi_vault/pkisecret/get_backend_keys.py +21 -8
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
- pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
- pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
- pulumi_vault/pkisecret/secret_backend_key.py +14 -9
- pulumi_vault/pkisecret/secret_backend_role.py +21 -14
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +14 -9
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +60 -6
- pulumi_vault/quota_rate_limit.py +56 -2
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +18 -13
- pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
- pulumi_vault/raft_autopilot.py +14 -9
- pulumi_vault/raft_snapshot_agent_config.py +129 -224
- pulumi_vault/rgp_policy.py +14 -9
- pulumi_vault/saml/auth_backend.py +22 -17
- pulumi_vault/saml/auth_backend_role.py +92 -197
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -71
- pulumi_vault/secrets/sync_aws_destination.py +242 -27
- pulumi_vault/secrets/sync_azure_destination.py +92 -31
- pulumi_vault/secrets/sync_config.py +9 -4
- pulumi_vault/secrets/sync_gcp_destination.py +158 -25
- pulumi_vault/secrets/sync_gh_destination.py +189 -13
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +74 -13
- pulumi_vault/ssh/_inputs.py +28 -28
- pulumi_vault/ssh/outputs.py +11 -28
- pulumi_vault/ssh/secret_backend_ca.py +108 -9
- pulumi_vault/ssh/secret_backend_role.py +85 -118
- pulumi_vault/terraformcloud/secret_backend.py +7 -54
- pulumi_vault/terraformcloud/secret_creds.py +14 -20
- pulumi_vault/terraformcloud/secret_role.py +16 -74
- pulumi_vault/token.py +28 -23
- pulumi_vault/tokenauth/auth_backend_role.py +78 -199
- pulumi_vault/transform/alphabet.py +16 -9
- pulumi_vault/transform/get_decode.py +45 -17
- pulumi_vault/transform/get_encode.py +45 -17
- pulumi_vault/transform/role.py +16 -9
- pulumi_vault/transform/template.py +30 -21
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -21
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +27 -93
- pulumi_vault/transit/secret_cache_config.py +12 -7
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['TemplateArgs', 'Template']
|
@@ -16,7 +21,7 @@ class TemplateArgs:
|
|
16
21
|
def __init__(__self__, *,
|
17
22
|
path: pulumi.Input[str],
|
18
23
|
alphabet: Optional[pulumi.Input[str]] = None,
|
19
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
24
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
20
25
|
encode_format: Optional[pulumi.Input[str]] = None,
|
21
26
|
name: Optional[pulumi.Input[str]] = None,
|
22
27
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -26,14 +31,14 @@ class TemplateArgs:
|
|
26
31
|
The set of arguments for constructing a Template resource.
|
27
32
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
28
33
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
29
|
-
:param pulumi.Input[Mapping[str,
|
34
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
30
35
|
the decoded output. (requires Vault Enterprise 1.9+)
|
31
36
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
32
37
|
(requires Vault Enterprise 1.9+)
|
33
38
|
:param pulumi.Input[str] name: The name of the template.
|
34
39
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
35
40
|
The value should not contain leading or trailing forward slashes.
|
36
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
41
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
37
42
|
*Available only for Vault Enterprise*.
|
38
43
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
39
44
|
:param pulumi.Input[str] type: The pattern type to use for match detection. Currently, only regex is supported.
|
@@ -80,7 +85,7 @@ class TemplateArgs:
|
|
80
85
|
|
81
86
|
@property
|
82
87
|
@pulumi.getter(name="decodeFormats")
|
83
|
-
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str,
|
88
|
+
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
84
89
|
"""
|
85
90
|
Optional mapping of name to regular expression template, used to customize
|
86
91
|
the decoded output. (requires Vault Enterprise 1.9+)
|
@@ -88,7 +93,7 @@ class TemplateArgs:
|
|
88
93
|
return pulumi.get(self, "decode_formats")
|
89
94
|
|
90
95
|
@decode_formats.setter
|
91
|
-
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str,
|
96
|
+
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
92
97
|
pulumi.set(self, "decode_formats", value)
|
93
98
|
|
94
99
|
@property
|
@@ -122,7 +127,7 @@ class TemplateArgs:
|
|
122
127
|
"""
|
123
128
|
The namespace to provision the resource in.
|
124
129
|
The value should not contain leading or trailing forward slashes.
|
125
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
130
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
126
131
|
*Available only for Vault Enterprise*.
|
127
132
|
"""
|
128
133
|
return pulumi.get(self, "namespace")
|
@@ -160,7 +165,7 @@ class TemplateArgs:
|
|
160
165
|
class _TemplateState:
|
161
166
|
def __init__(__self__, *,
|
162
167
|
alphabet: Optional[pulumi.Input[str]] = None,
|
163
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
168
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
164
169
|
encode_format: Optional[pulumi.Input[str]] = None,
|
165
170
|
name: Optional[pulumi.Input[str]] = None,
|
166
171
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -170,14 +175,14 @@ class _TemplateState:
|
|
170
175
|
"""
|
171
176
|
Input properties used for looking up and filtering Template resources.
|
172
177
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
173
|
-
:param pulumi.Input[Mapping[str,
|
178
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
174
179
|
the decoded output. (requires Vault Enterprise 1.9+)
|
175
180
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
176
181
|
(requires Vault Enterprise 1.9+)
|
177
182
|
:param pulumi.Input[str] name: The name of the template.
|
178
183
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
179
184
|
The value should not contain leading or trailing forward slashes.
|
180
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
185
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
181
186
|
*Available only for Vault Enterprise*.
|
182
187
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
183
188
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
@@ -214,7 +219,7 @@ class _TemplateState:
|
|
214
219
|
|
215
220
|
@property
|
216
221
|
@pulumi.getter(name="decodeFormats")
|
217
|
-
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str,
|
222
|
+
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
218
223
|
"""
|
219
224
|
Optional mapping of name to regular expression template, used to customize
|
220
225
|
the decoded output. (requires Vault Enterprise 1.9+)
|
@@ -222,7 +227,7 @@ class _TemplateState:
|
|
222
227
|
return pulumi.get(self, "decode_formats")
|
223
228
|
|
224
229
|
@decode_formats.setter
|
225
|
-
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str,
|
230
|
+
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
226
231
|
pulumi.set(self, "decode_formats", value)
|
227
232
|
|
228
233
|
@property
|
@@ -256,7 +261,7 @@ class _TemplateState:
|
|
256
261
|
"""
|
257
262
|
The namespace to provision the resource in.
|
258
263
|
The value should not contain leading or trailing forward slashes.
|
259
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
264
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
260
265
|
*Available only for Vault Enterprise*.
|
261
266
|
"""
|
262
267
|
return pulumi.get(self, "namespace")
|
@@ -308,7 +313,7 @@ class Template(pulumi.CustomResource):
|
|
308
313
|
resource_name: str,
|
309
314
|
opts: Optional[pulumi.ResourceOptions] = None,
|
310
315
|
alphabet: Optional[pulumi.Input[str]] = None,
|
311
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
316
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
312
317
|
encode_format: Optional[pulumi.Input[str]] = None,
|
313
318
|
name: Optional[pulumi.Input[str]] = None,
|
314
319
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -343,9 +348,11 @@ class Template(pulumi.CustomResource):
|
|
343
348
|
type="transform")
|
344
349
|
numerics = vault.transform.Alphabet("numerics",
|
345
350
|
path=transform.path,
|
351
|
+
name="numerics",
|
346
352
|
alphabet="0123456789")
|
347
353
|
test = vault.transform.Template("test",
|
348
354
|
path=numerics.path,
|
355
|
+
name="ccn",
|
349
356
|
type="regex",
|
350
357
|
pattern="(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})",
|
351
358
|
alphabet="numerics",
|
@@ -358,14 +365,14 @@ class Template(pulumi.CustomResource):
|
|
358
365
|
:param str resource_name: The name of the resource.
|
359
366
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
360
367
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
361
|
-
:param pulumi.Input[Mapping[str,
|
368
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
362
369
|
the decoded output. (requires Vault Enterprise 1.9+)
|
363
370
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
364
371
|
(requires Vault Enterprise 1.9+)
|
365
372
|
:param pulumi.Input[str] name: The name of the template.
|
366
373
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
367
374
|
The value should not contain leading or trailing forward slashes.
|
368
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
375
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
369
376
|
*Available only for Vault Enterprise*.
|
370
377
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
371
378
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
@@ -404,9 +411,11 @@ class Template(pulumi.CustomResource):
|
|
404
411
|
type="transform")
|
405
412
|
numerics = vault.transform.Alphabet("numerics",
|
406
413
|
path=transform.path,
|
414
|
+
name="numerics",
|
407
415
|
alphabet="0123456789")
|
408
416
|
test = vault.transform.Template("test",
|
409
417
|
path=numerics.path,
|
418
|
+
name="ccn",
|
410
419
|
type="regex",
|
411
420
|
pattern="(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})",
|
412
421
|
alphabet="numerics",
|
@@ -432,7 +441,7 @@ class Template(pulumi.CustomResource):
|
|
432
441
|
resource_name: str,
|
433
442
|
opts: Optional[pulumi.ResourceOptions] = None,
|
434
443
|
alphabet: Optional[pulumi.Input[str]] = None,
|
435
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
444
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
436
445
|
encode_format: Optional[pulumi.Input[str]] = None,
|
437
446
|
name: Optional[pulumi.Input[str]] = None,
|
438
447
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -469,7 +478,7 @@ class Template(pulumi.CustomResource):
|
|
469
478
|
id: pulumi.Input[str],
|
470
479
|
opts: Optional[pulumi.ResourceOptions] = None,
|
471
480
|
alphabet: Optional[pulumi.Input[str]] = None,
|
472
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
481
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
473
482
|
encode_format: Optional[pulumi.Input[str]] = None,
|
474
483
|
name: Optional[pulumi.Input[str]] = None,
|
475
484
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -484,14 +493,14 @@ class Template(pulumi.CustomResource):
|
|
484
493
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
485
494
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
486
495
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
487
|
-
:param pulumi.Input[Mapping[str,
|
496
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
488
497
|
the decoded output. (requires Vault Enterprise 1.9+)
|
489
498
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
490
499
|
(requires Vault Enterprise 1.9+)
|
491
500
|
:param pulumi.Input[str] name: The name of the template.
|
492
501
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
493
502
|
The value should not contain leading or trailing forward slashes.
|
494
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
503
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
495
504
|
*Available only for Vault Enterprise*.
|
496
505
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
497
506
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
@@ -521,7 +530,7 @@ class Template(pulumi.CustomResource):
|
|
521
530
|
|
522
531
|
@property
|
523
532
|
@pulumi.getter(name="decodeFormats")
|
524
|
-
def decode_formats(self) -> pulumi.Output[Optional[Mapping[str,
|
533
|
+
def decode_formats(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
|
525
534
|
"""
|
526
535
|
Optional mapping of name to regular expression template, used to customize
|
527
536
|
the decoded output. (requires Vault Enterprise 1.9+)
|
@@ -551,7 +560,7 @@ class Template(pulumi.CustomResource):
|
|
551
560
|
"""
|
552
561
|
The namespace to provision the resource in.
|
553
562
|
The value should not contain leading or trailing forward slashes.
|
554
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
563
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
555
564
|
*Available only for Vault Enterprise*.
|
556
565
|
"""
|
557
566
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['TransformationArgs', 'Transformation']
|
@@ -35,7 +40,7 @@ class TransformationArgs:
|
|
35
40
|
:param pulumi.Input[str] name: The name of the transformation.
|
36
41
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
37
42
|
The value should not contain leading or trailing forward slashes.
|
38
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
43
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
39
44
|
*Available only for Vault Enterprise*.
|
40
45
|
:param pulumi.Input[str] template: The name of the template to use.
|
41
46
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] templates: Templates configured for transformation.
|
@@ -130,7 +135,7 @@ class TransformationArgs:
|
|
130
135
|
"""
|
131
136
|
The namespace to provision the resource in.
|
132
137
|
The value should not contain leading or trailing forward slashes.
|
133
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
138
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
134
139
|
*Available only for Vault Enterprise*.
|
135
140
|
"""
|
136
141
|
return pulumi.get(self, "namespace")
|
@@ -211,7 +216,7 @@ class _TransformationState:
|
|
211
216
|
:param pulumi.Input[str] name: The name of the transformation.
|
212
217
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
213
218
|
The value should not contain leading or trailing forward slashes.
|
214
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
219
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
215
220
|
*Available only for Vault Enterprise*.
|
216
221
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
217
222
|
:param pulumi.Input[str] template: The name of the template to use.
|
@@ -296,7 +301,7 @@ class _TransformationState:
|
|
296
301
|
"""
|
297
302
|
The namespace to provision the resource in.
|
298
303
|
The value should not contain leading or trailing forward slashes.
|
299
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
304
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
300
305
|
*Available only for Vault Enterprise*.
|
301
306
|
"""
|
302
307
|
return pulumi.get(self, "namespace")
|
@@ -394,7 +399,7 @@ class Transformation(pulumi.CustomResource):
|
|
394
399
|
:param pulumi.Input[str] name: The name of the transformation.
|
395
400
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
396
401
|
The value should not contain leading or trailing forward slashes.
|
397
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
402
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
398
403
|
*Available only for Vault Enterprise*.
|
399
404
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
400
405
|
:param pulumi.Input[str] template: The name of the template to use.
|
@@ -491,7 +496,7 @@ class Transformation(pulumi.CustomResource):
|
|
491
496
|
:param pulumi.Input[str] name: The name of the transformation.
|
492
497
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
493
498
|
The value should not contain leading or trailing forward slashes.
|
494
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
499
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
495
500
|
*Available only for Vault Enterprise*.
|
496
501
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
497
502
|
:param pulumi.Input[str] template: The name of the template to use.
|
@@ -555,7 +560,7 @@ class Transformation(pulumi.CustomResource):
|
|
555
560
|
"""
|
556
561
|
The namespace to provision the resource in.
|
557
562
|
The value should not contain leading or trailing forward slashes.
|
558
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
563
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
559
564
|
*Available only for Vault Enterprise*.
|
560
565
|
"""
|
561
566
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -117,15 +122,9 @@ def get_decrypt(backend: Optional[str] = None,
|
|
117
122
|
import pulumi_vault as vault
|
118
123
|
|
119
124
|
test = vault.transit.get_decrypt(backend="transit",
|
120
|
-
|
121
|
-
|
125
|
+
key="test",
|
126
|
+
ciphertext="vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==")
|
122
127
|
```
|
123
|
-
|
124
|
-
|
125
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
126
|
-
:param str ciphertext: Ciphertext to be decoded.
|
127
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
128
|
-
:param str key: Specifies the name of the transit key to decrypt against.
|
129
128
|
"""
|
130
129
|
__args__ = dict()
|
131
130
|
__args__['backend'] = backend
|
@@ -144,15 +143,12 @@ def get_decrypt(backend: Optional[str] = None,
|
|
144
143
|
key=pulumi.get(__ret__, 'key'),
|
145
144
|
namespace=pulumi.get(__ret__, 'namespace'),
|
146
145
|
plaintext=pulumi.get(__ret__, 'plaintext'))
|
147
|
-
|
148
|
-
|
149
|
-
@_utilities.lift_output_func(get_decrypt)
|
150
146
|
def get_decrypt_output(backend: Optional[pulumi.Input[str]] = None,
|
151
147
|
ciphertext: Optional[pulumi.Input[str]] = None,
|
152
148
|
context: Optional[pulumi.Input[Optional[str]]] = None,
|
153
149
|
key: Optional[pulumi.Input[str]] = None,
|
154
150
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
155
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetDecryptResult]:
|
151
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetDecryptResult]:
|
156
152
|
"""
|
157
153
|
This is a data source which can be used to decrypt ciphertext using a Vault Transit key.
|
158
154
|
|
@@ -163,14 +159,23 @@ def get_decrypt_output(backend: Optional[pulumi.Input[str]] = None,
|
|
163
159
|
import pulumi_vault as vault
|
164
160
|
|
165
161
|
test = vault.transit.get_decrypt(backend="transit",
|
166
|
-
|
167
|
-
|
162
|
+
key="test",
|
163
|
+
ciphertext="vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==")
|
168
164
|
```
|
169
|
-
|
170
|
-
|
171
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
172
|
-
:param str ciphertext: Ciphertext to be decoded.
|
173
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
174
|
-
:param str key: Specifies the name of the transit key to decrypt against.
|
175
165
|
"""
|
176
|
-
|
166
|
+
__args__ = dict()
|
167
|
+
__args__['backend'] = backend
|
168
|
+
__args__['ciphertext'] = ciphertext
|
169
|
+
__args__['context'] = context
|
170
|
+
__args__['key'] = key
|
171
|
+
__args__['namespace'] = namespace
|
172
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
173
|
+
__ret__ = pulumi.runtime.invoke_output('vault:transit/getDecrypt:getDecrypt', __args__, opts=opts, typ=GetDecryptResult)
|
174
|
+
return __ret__.apply(lambda __response__: GetDecryptResult(
|
175
|
+
backend=pulumi.get(__response__, 'backend'),
|
176
|
+
ciphertext=pulumi.get(__response__, 'ciphertext'),
|
177
|
+
context=pulumi.get(__response__, 'context'),
|
178
|
+
id=pulumi.get(__response__, 'id'),
|
179
|
+
key=pulumi.get(__response__, 'key'),
|
180
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
181
|
+
plaintext=pulumi.get(__response__, 'plaintext')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -119,13 +124,6 @@ def get_encrypt(backend: Optional[str] = None,
|
|
119
124
|
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetEncryptResult:
|
120
125
|
"""
|
121
126
|
This is a data source which can be used to encrypt plaintext using a Vault Transit key.
|
122
|
-
|
123
|
-
|
124
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
125
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
126
|
-
:param str key: Specifies the name of the transit key to encrypt against.
|
127
|
-
:param int key_version: The version of the key to use for encryption. If not set, uses the latest version. Must be greater than or equal to the key's `min_encryption_version`, if set.
|
128
|
-
:param str plaintext: Plaintext to be encoded.
|
129
127
|
"""
|
130
128
|
__args__ = dict()
|
131
129
|
__args__['backend'] = backend
|
@@ -146,24 +144,31 @@ def get_encrypt(backend: Optional[str] = None,
|
|
146
144
|
key_version=pulumi.get(__ret__, 'key_version'),
|
147
145
|
namespace=pulumi.get(__ret__, 'namespace'),
|
148
146
|
plaintext=pulumi.get(__ret__, 'plaintext'))
|
149
|
-
|
150
|
-
|
151
|
-
@_utilities.lift_output_func(get_encrypt)
|
152
147
|
def get_encrypt_output(backend: Optional[pulumi.Input[str]] = None,
|
153
148
|
context: Optional[pulumi.Input[Optional[str]]] = None,
|
154
149
|
key: Optional[pulumi.Input[str]] = None,
|
155
150
|
key_version: Optional[pulumi.Input[Optional[int]]] = None,
|
156
151
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
157
152
|
plaintext: Optional[pulumi.Input[str]] = None,
|
158
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetEncryptResult]:
|
153
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetEncryptResult]:
|
159
154
|
"""
|
160
155
|
This is a data source which can be used to encrypt plaintext using a Vault Transit key.
|
161
|
-
|
162
|
-
|
163
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
164
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
165
|
-
:param str key: Specifies the name of the transit key to encrypt against.
|
166
|
-
:param int key_version: The version of the key to use for encryption. If not set, uses the latest version. Must be greater than or equal to the key's `min_encryption_version`, if set.
|
167
|
-
:param str plaintext: Plaintext to be encoded.
|
168
156
|
"""
|
169
|
-
|
157
|
+
__args__ = dict()
|
158
|
+
__args__['backend'] = backend
|
159
|
+
__args__['context'] = context
|
160
|
+
__args__['key'] = key
|
161
|
+
__args__['keyVersion'] = key_version
|
162
|
+
__args__['namespace'] = namespace
|
163
|
+
__args__['plaintext'] = plaintext
|
164
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
165
|
+
__ret__ = pulumi.runtime.invoke_output('vault:transit/getEncrypt:getEncrypt', __args__, opts=opts, typ=GetEncryptResult)
|
166
|
+
return __ret__.apply(lambda __response__: GetEncryptResult(
|
167
|
+
backend=pulumi.get(__response__, 'backend'),
|
168
|
+
ciphertext=pulumi.get(__response__, 'ciphertext'),
|
169
|
+
context=pulumi.get(__response__, 'context'),
|
170
|
+
id=pulumi.get(__response__, 'id'),
|
171
|
+
key=pulumi.get(__response__, 'key'),
|
172
|
+
key_version=pulumi.get(__response__, 'key_version'),
|
173
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
174
|
+
plaintext=pulumi.get(__response__, 'plaintext')))
|