pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['AuthBackendClientArgs', 'AuthBackendClient']
@@ -19,7 +24,11 @@ class AuthBackendClientArgs:
19
24
  ec2_endpoint: Optional[pulumi.Input[str]] = None,
20
25
  iam_endpoint: Optional[pulumi.Input[str]] = None,
21
26
  iam_server_id_header_value: Optional[pulumi.Input[str]] = None,
27
+ identity_token_audience: Optional[pulumi.Input[str]] = None,
28
+ identity_token_ttl: Optional[pulumi.Input[int]] = None,
29
+ max_retries: Optional[pulumi.Input[int]] = None,
22
30
  namespace: Optional[pulumi.Input[str]] = None,
31
+ role_arn: Optional[pulumi.Input[str]] = None,
23
32
  secret_key: Optional[pulumi.Input[str]] = None,
24
33
  sts_endpoint: Optional[pulumi.Input[str]] = None,
25
34
  sts_region: Optional[pulumi.Input[str]] = None,
@@ -27,7 +36,7 @@ class AuthBackendClientArgs:
27
36
  """
28
37
  The set of arguments for constructing a AuthBackendClient resource.
29
38
  :param pulumi.Input[str] access_key: The AWS access key that Vault should use for the
30
- auth backend.
39
+ auth backend. Mutually exclusive with `identity_token_audience`.
31
40
  :param pulumi.Input[str] backend: The path the AWS auth backend being configured was
32
41
  mounted at. Defaults to `aws`.
33
42
  :param pulumi.Input[str] ec2_endpoint: Override the URL Vault uses when making EC2 API
@@ -37,10 +46,18 @@ class AuthBackendClientArgs:
37
46
  :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
38
47
  `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
39
48
  that are used in the IAM auth method.
49
+ :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
50
+ Requires Vault 1.17+. *Available only for Vault Enterprise*
51
+ :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
52
+ *Available only for Vault Enterprise*
53
+ :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
54
+ The default `-1` falls back to the AWS SDK's default behavior.
40
55
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
41
56
  The value should not contain leading or trailing forward slashes.
42
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
57
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
43
58
  *Available only for Vault Enterprise*.
59
+ :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.17+.
60
+ *Available only for Vault Enterprise*
44
61
  :param pulumi.Input[str] secret_key: The AWS secret key that Vault should use for the
45
62
  auth backend.
46
63
  :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
@@ -63,8 +80,16 @@ class AuthBackendClientArgs:
63
80
  pulumi.set(__self__, "iam_endpoint", iam_endpoint)
64
81
  if iam_server_id_header_value is not None:
65
82
  pulumi.set(__self__, "iam_server_id_header_value", iam_server_id_header_value)
83
+ if identity_token_audience is not None:
84
+ pulumi.set(__self__, "identity_token_audience", identity_token_audience)
85
+ if identity_token_ttl is not None:
86
+ pulumi.set(__self__, "identity_token_ttl", identity_token_ttl)
87
+ if max_retries is not None:
88
+ pulumi.set(__self__, "max_retries", max_retries)
66
89
  if namespace is not None:
67
90
  pulumi.set(__self__, "namespace", namespace)
91
+ if role_arn is not None:
92
+ pulumi.set(__self__, "role_arn", role_arn)
68
93
  if secret_key is not None:
69
94
  pulumi.set(__self__, "secret_key", secret_key)
70
95
  if sts_endpoint is not None:
@@ -79,7 +104,7 @@ class AuthBackendClientArgs:
79
104
  def access_key(self) -> Optional[pulumi.Input[str]]:
80
105
  """
81
106
  The AWS access key that Vault should use for the
82
- auth backend.
107
+ auth backend. Mutually exclusive with `identity_token_audience`.
83
108
  """
84
109
  return pulumi.get(self, "access_key")
85
110
 
@@ -140,13 +165,52 @@ class AuthBackendClientArgs:
140
165
  def iam_server_id_header_value(self, value: Optional[pulumi.Input[str]]):
141
166
  pulumi.set(self, "iam_server_id_header_value", value)
142
167
 
168
+ @property
169
+ @pulumi.getter(name="identityTokenAudience")
170
+ def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
171
+ """
172
+ The audience claim value. Mutually exclusive with `access_key`.
173
+ Requires Vault 1.17+. *Available only for Vault Enterprise*
174
+ """
175
+ return pulumi.get(self, "identity_token_audience")
176
+
177
+ @identity_token_audience.setter
178
+ def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
179
+ pulumi.set(self, "identity_token_audience", value)
180
+
181
+ @property
182
+ @pulumi.getter(name="identityTokenTtl")
183
+ def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
184
+ """
185
+ The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
186
+ *Available only for Vault Enterprise*
187
+ """
188
+ return pulumi.get(self, "identity_token_ttl")
189
+
190
+ @identity_token_ttl.setter
191
+ def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
192
+ pulumi.set(self, "identity_token_ttl", value)
193
+
194
+ @property
195
+ @pulumi.getter(name="maxRetries")
196
+ def max_retries(self) -> Optional[pulumi.Input[int]]:
197
+ """
198
+ Number of max retries the client should use for recoverable errors.
199
+ The default `-1` falls back to the AWS SDK's default behavior.
200
+ """
201
+ return pulumi.get(self, "max_retries")
202
+
203
+ @max_retries.setter
204
+ def max_retries(self, value: Optional[pulumi.Input[int]]):
205
+ pulumi.set(self, "max_retries", value)
206
+
143
207
  @property
144
208
  @pulumi.getter
145
209
  def namespace(self) -> Optional[pulumi.Input[str]]:
146
210
  """
147
211
  The namespace to provision the resource in.
148
212
  The value should not contain leading or trailing forward slashes.
149
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
213
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
150
214
  *Available only for Vault Enterprise*.
151
215
  """
152
216
  return pulumi.get(self, "namespace")
@@ -155,6 +219,19 @@ class AuthBackendClientArgs:
155
219
  def namespace(self, value: Optional[pulumi.Input[str]]):
156
220
  pulumi.set(self, "namespace", value)
157
221
 
222
+ @property
223
+ @pulumi.getter(name="roleArn")
224
+ def role_arn(self) -> Optional[pulumi.Input[str]]:
225
+ """
226
+ Role ARN to assume for plugin identity token federation. Requires Vault 1.17+.
227
+ *Available only for Vault Enterprise*
228
+ """
229
+ return pulumi.get(self, "role_arn")
230
+
231
+ @role_arn.setter
232
+ def role_arn(self, value: Optional[pulumi.Input[str]]):
233
+ pulumi.set(self, "role_arn", value)
234
+
158
235
  @property
159
236
  @pulumi.getter(name="secretKey")
160
237
  def secret_key(self) -> Optional[pulumi.Input[str]]:
@@ -219,7 +296,11 @@ class _AuthBackendClientState:
219
296
  ec2_endpoint: Optional[pulumi.Input[str]] = None,
220
297
  iam_endpoint: Optional[pulumi.Input[str]] = None,
221
298
  iam_server_id_header_value: Optional[pulumi.Input[str]] = None,
299
+ identity_token_audience: Optional[pulumi.Input[str]] = None,
300
+ identity_token_ttl: Optional[pulumi.Input[int]] = None,
301
+ max_retries: Optional[pulumi.Input[int]] = None,
222
302
  namespace: Optional[pulumi.Input[str]] = None,
303
+ role_arn: Optional[pulumi.Input[str]] = None,
223
304
  secret_key: Optional[pulumi.Input[str]] = None,
224
305
  sts_endpoint: Optional[pulumi.Input[str]] = None,
225
306
  sts_region: Optional[pulumi.Input[str]] = None,
@@ -227,7 +308,7 @@ class _AuthBackendClientState:
227
308
  """
228
309
  Input properties used for looking up and filtering AuthBackendClient resources.
229
310
  :param pulumi.Input[str] access_key: The AWS access key that Vault should use for the
230
- auth backend.
311
+ auth backend. Mutually exclusive with `identity_token_audience`.
231
312
  :param pulumi.Input[str] backend: The path the AWS auth backend being configured was
232
313
  mounted at. Defaults to `aws`.
233
314
  :param pulumi.Input[str] ec2_endpoint: Override the URL Vault uses when making EC2 API
@@ -237,10 +318,18 @@ class _AuthBackendClientState:
237
318
  :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
238
319
  `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
239
320
  that are used in the IAM auth method.
321
+ :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
322
+ Requires Vault 1.17+. *Available only for Vault Enterprise*
323
+ :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
324
+ *Available only for Vault Enterprise*
325
+ :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
326
+ The default `-1` falls back to the AWS SDK's default behavior.
240
327
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
241
328
  The value should not contain leading or trailing forward slashes.
242
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
329
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
243
330
  *Available only for Vault Enterprise*.
331
+ :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.17+.
332
+ *Available only for Vault Enterprise*
244
333
  :param pulumi.Input[str] secret_key: The AWS secret key that Vault should use for the
245
334
  auth backend.
246
335
  :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
@@ -263,8 +352,16 @@ class _AuthBackendClientState:
263
352
  pulumi.set(__self__, "iam_endpoint", iam_endpoint)
264
353
  if iam_server_id_header_value is not None:
265
354
  pulumi.set(__self__, "iam_server_id_header_value", iam_server_id_header_value)
355
+ if identity_token_audience is not None:
356
+ pulumi.set(__self__, "identity_token_audience", identity_token_audience)
357
+ if identity_token_ttl is not None:
358
+ pulumi.set(__self__, "identity_token_ttl", identity_token_ttl)
359
+ if max_retries is not None:
360
+ pulumi.set(__self__, "max_retries", max_retries)
266
361
  if namespace is not None:
267
362
  pulumi.set(__self__, "namespace", namespace)
363
+ if role_arn is not None:
364
+ pulumi.set(__self__, "role_arn", role_arn)
268
365
  if secret_key is not None:
269
366
  pulumi.set(__self__, "secret_key", secret_key)
270
367
  if sts_endpoint is not None:
@@ -279,7 +376,7 @@ class _AuthBackendClientState:
279
376
  def access_key(self) -> Optional[pulumi.Input[str]]:
280
377
  """
281
378
  The AWS access key that Vault should use for the
282
- auth backend.
379
+ auth backend. Mutually exclusive with `identity_token_audience`.
283
380
  """
284
381
  return pulumi.get(self, "access_key")
285
382
 
@@ -340,13 +437,52 @@ class _AuthBackendClientState:
340
437
  def iam_server_id_header_value(self, value: Optional[pulumi.Input[str]]):
341
438
  pulumi.set(self, "iam_server_id_header_value", value)
342
439
 
440
+ @property
441
+ @pulumi.getter(name="identityTokenAudience")
442
+ def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
443
+ """
444
+ The audience claim value. Mutually exclusive with `access_key`.
445
+ Requires Vault 1.17+. *Available only for Vault Enterprise*
446
+ """
447
+ return pulumi.get(self, "identity_token_audience")
448
+
449
+ @identity_token_audience.setter
450
+ def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
451
+ pulumi.set(self, "identity_token_audience", value)
452
+
453
+ @property
454
+ @pulumi.getter(name="identityTokenTtl")
455
+ def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
456
+ """
457
+ The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
458
+ *Available only for Vault Enterprise*
459
+ """
460
+ return pulumi.get(self, "identity_token_ttl")
461
+
462
+ @identity_token_ttl.setter
463
+ def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
464
+ pulumi.set(self, "identity_token_ttl", value)
465
+
466
+ @property
467
+ @pulumi.getter(name="maxRetries")
468
+ def max_retries(self) -> Optional[pulumi.Input[int]]:
469
+ """
470
+ Number of max retries the client should use for recoverable errors.
471
+ The default `-1` falls back to the AWS SDK's default behavior.
472
+ """
473
+ return pulumi.get(self, "max_retries")
474
+
475
+ @max_retries.setter
476
+ def max_retries(self, value: Optional[pulumi.Input[int]]):
477
+ pulumi.set(self, "max_retries", value)
478
+
343
479
  @property
344
480
  @pulumi.getter
345
481
  def namespace(self) -> Optional[pulumi.Input[str]]:
346
482
  """
347
483
  The namespace to provision the resource in.
348
484
  The value should not contain leading or trailing forward slashes.
349
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
485
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
350
486
  *Available only for Vault Enterprise*.
351
487
  """
352
488
  return pulumi.get(self, "namespace")
@@ -355,6 +491,19 @@ class _AuthBackendClientState:
355
491
  def namespace(self, value: Optional[pulumi.Input[str]]):
356
492
  pulumi.set(self, "namespace", value)
357
493
 
494
+ @property
495
+ @pulumi.getter(name="roleArn")
496
+ def role_arn(self) -> Optional[pulumi.Input[str]]:
497
+ """
498
+ Role ARN to assume for plugin identity token federation. Requires Vault 1.17+.
499
+ *Available only for Vault Enterprise*
500
+ """
501
+ return pulumi.get(self, "role_arn")
502
+
503
+ @role_arn.setter
504
+ def role_arn(self, value: Optional[pulumi.Input[str]]):
505
+ pulumi.set(self, "role_arn", value)
506
+
358
507
  @property
359
508
  @pulumi.getter(name="secretKey")
360
509
  def secret_key(self) -> Optional[pulumi.Input[str]]:
@@ -421,7 +570,11 @@ class AuthBackendClient(pulumi.CustomResource):
421
570
  ec2_endpoint: Optional[pulumi.Input[str]] = None,
422
571
  iam_endpoint: Optional[pulumi.Input[str]] = None,
423
572
  iam_server_id_header_value: Optional[pulumi.Input[str]] = None,
573
+ identity_token_audience: Optional[pulumi.Input[str]] = None,
574
+ identity_token_ttl: Optional[pulumi.Input[int]] = None,
575
+ max_retries: Optional[pulumi.Input[int]] = None,
424
576
  namespace: Optional[pulumi.Input[str]] = None,
577
+ role_arn: Optional[pulumi.Input[str]] = None,
425
578
  secret_key: Optional[pulumi.Input[str]] = None,
426
579
  sts_endpoint: Optional[pulumi.Input[str]] = None,
427
580
  sts_region: Optional[pulumi.Input[str]] = None,
@@ -430,13 +583,25 @@ class AuthBackendClient(pulumi.CustomResource):
430
583
  """
431
584
  ## Example Usage
432
585
 
586
+ You can setup the AWS auth engine with Workload Identity Federation (WIF) for a secret-less configuration:
433
587
  ```python
434
588
  import pulumi
435
589
  import pulumi_vault as vault
436
590
 
437
- example_auth_backend = vault.AuthBackend("exampleAuthBackend", type="aws")
438
- example_auth_backend_client = vault.aws.AuthBackendClient("exampleAuthBackendClient",
439
- backend=example_auth_backend.path,
591
+ example = vault.AuthBackend("example", type="aws")
592
+ example_auth_backend_client = vault.aws.AuthBackendClient("example",
593
+ identity_token_audience="<TOKEN_AUDIENCE>",
594
+ identity_token_ttl="<TOKEN_TTL>",
595
+ role_arn="<AWS_ROLE_ARN>")
596
+ ```
597
+
598
+ ```python
599
+ import pulumi
600
+ import pulumi_vault as vault
601
+
602
+ example = vault.AuthBackend("example", type="aws")
603
+ example_auth_backend_client = vault.aws.AuthBackendClient("example",
604
+ backend=example.path,
440
605
  access_key="INSERT_AWS_ACCESS_KEY",
441
606
  secret_key="INSERT_AWS_SECRET_KEY")
442
607
  ```
@@ -446,13 +611,13 @@ class AuthBackendClient(pulumi.CustomResource):
446
611
  AWS auth backend clients can be imported using `auth/`, the `backend` path, and `/config/client` e.g.
447
612
 
448
613
  ```sh
449
- $ pulumi import vault:aws/authBackendClient:AuthBackendClient example auth/aws/config/client
614
+ $ pulumi import vault:aws/authBackendClient:AuthBackendClient example auth/aws/config/client
450
615
  ```
451
616
 
452
617
  :param str resource_name: The name of the resource.
453
618
  :param pulumi.ResourceOptions opts: Options for the resource.
454
619
  :param pulumi.Input[str] access_key: The AWS access key that Vault should use for the
455
- auth backend.
620
+ auth backend. Mutually exclusive with `identity_token_audience`.
456
621
  :param pulumi.Input[str] backend: The path the AWS auth backend being configured was
457
622
  mounted at. Defaults to `aws`.
458
623
  :param pulumi.Input[str] ec2_endpoint: Override the URL Vault uses when making EC2 API
@@ -462,10 +627,18 @@ class AuthBackendClient(pulumi.CustomResource):
462
627
  :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
463
628
  `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
464
629
  that are used in the IAM auth method.
630
+ :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
631
+ Requires Vault 1.17+. *Available only for Vault Enterprise*
632
+ :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
633
+ *Available only for Vault Enterprise*
634
+ :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
635
+ The default `-1` falls back to the AWS SDK's default behavior.
465
636
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
466
637
  The value should not contain leading or trailing forward slashes.
467
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
638
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
468
639
  *Available only for Vault Enterprise*.
640
+ :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.17+.
641
+ *Available only for Vault Enterprise*
469
642
  :param pulumi.Input[str] secret_key: The AWS secret key that Vault should use for the
470
643
  auth backend.
471
644
  :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
@@ -487,13 +660,25 @@ class AuthBackendClient(pulumi.CustomResource):
487
660
  """
488
661
  ## Example Usage
489
662
 
663
+ You can setup the AWS auth engine with Workload Identity Federation (WIF) for a secret-less configuration:
664
+ ```python
665
+ import pulumi
666
+ import pulumi_vault as vault
667
+
668
+ example = vault.AuthBackend("example", type="aws")
669
+ example_auth_backend_client = vault.aws.AuthBackendClient("example",
670
+ identity_token_audience="<TOKEN_AUDIENCE>",
671
+ identity_token_ttl="<TOKEN_TTL>",
672
+ role_arn="<AWS_ROLE_ARN>")
673
+ ```
674
+
490
675
  ```python
491
676
  import pulumi
492
677
  import pulumi_vault as vault
493
678
 
494
- example_auth_backend = vault.AuthBackend("exampleAuthBackend", type="aws")
495
- example_auth_backend_client = vault.aws.AuthBackendClient("exampleAuthBackendClient",
496
- backend=example_auth_backend.path,
679
+ example = vault.AuthBackend("example", type="aws")
680
+ example_auth_backend_client = vault.aws.AuthBackendClient("example",
681
+ backend=example.path,
497
682
  access_key="INSERT_AWS_ACCESS_KEY",
498
683
  secret_key="INSERT_AWS_SECRET_KEY")
499
684
  ```
@@ -503,7 +688,7 @@ class AuthBackendClient(pulumi.CustomResource):
503
688
  AWS auth backend clients can be imported using `auth/`, the `backend` path, and `/config/client` e.g.
504
689
 
505
690
  ```sh
506
- $ pulumi import vault:aws/authBackendClient:AuthBackendClient example auth/aws/config/client
691
+ $ pulumi import vault:aws/authBackendClient:AuthBackendClient example auth/aws/config/client
507
692
  ```
508
693
 
509
694
  :param str resource_name: The name of the resource.
@@ -526,7 +711,11 @@ class AuthBackendClient(pulumi.CustomResource):
526
711
  ec2_endpoint: Optional[pulumi.Input[str]] = None,
527
712
  iam_endpoint: Optional[pulumi.Input[str]] = None,
528
713
  iam_server_id_header_value: Optional[pulumi.Input[str]] = None,
714
+ identity_token_audience: Optional[pulumi.Input[str]] = None,
715
+ identity_token_ttl: Optional[pulumi.Input[int]] = None,
716
+ max_retries: Optional[pulumi.Input[int]] = None,
529
717
  namespace: Optional[pulumi.Input[str]] = None,
718
+ role_arn: Optional[pulumi.Input[str]] = None,
530
719
  secret_key: Optional[pulumi.Input[str]] = None,
531
720
  sts_endpoint: Optional[pulumi.Input[str]] = None,
532
721
  sts_region: Optional[pulumi.Input[str]] = None,
@@ -545,7 +734,11 @@ class AuthBackendClient(pulumi.CustomResource):
545
734
  __props__.__dict__["ec2_endpoint"] = ec2_endpoint
546
735
  __props__.__dict__["iam_endpoint"] = iam_endpoint
547
736
  __props__.__dict__["iam_server_id_header_value"] = iam_server_id_header_value
737
+ __props__.__dict__["identity_token_audience"] = identity_token_audience
738
+ __props__.__dict__["identity_token_ttl"] = identity_token_ttl
739
+ __props__.__dict__["max_retries"] = max_retries
548
740
  __props__.__dict__["namespace"] = namespace
741
+ __props__.__dict__["role_arn"] = role_arn
549
742
  __props__.__dict__["secret_key"] = None if secret_key is None else pulumi.Output.secret(secret_key)
550
743
  __props__.__dict__["sts_endpoint"] = sts_endpoint
551
744
  __props__.__dict__["sts_region"] = sts_region
@@ -567,7 +760,11 @@ class AuthBackendClient(pulumi.CustomResource):
567
760
  ec2_endpoint: Optional[pulumi.Input[str]] = None,
568
761
  iam_endpoint: Optional[pulumi.Input[str]] = None,
569
762
  iam_server_id_header_value: Optional[pulumi.Input[str]] = None,
763
+ identity_token_audience: Optional[pulumi.Input[str]] = None,
764
+ identity_token_ttl: Optional[pulumi.Input[int]] = None,
765
+ max_retries: Optional[pulumi.Input[int]] = None,
570
766
  namespace: Optional[pulumi.Input[str]] = None,
767
+ role_arn: Optional[pulumi.Input[str]] = None,
571
768
  secret_key: Optional[pulumi.Input[str]] = None,
572
769
  sts_endpoint: Optional[pulumi.Input[str]] = None,
573
770
  sts_region: Optional[pulumi.Input[str]] = None,
@@ -580,7 +777,7 @@ class AuthBackendClient(pulumi.CustomResource):
580
777
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
581
778
  :param pulumi.ResourceOptions opts: Options for the resource.
582
779
  :param pulumi.Input[str] access_key: The AWS access key that Vault should use for the
583
- auth backend.
780
+ auth backend. Mutually exclusive with `identity_token_audience`.
584
781
  :param pulumi.Input[str] backend: The path the AWS auth backend being configured was
585
782
  mounted at. Defaults to `aws`.
586
783
  :param pulumi.Input[str] ec2_endpoint: Override the URL Vault uses when making EC2 API
@@ -590,10 +787,18 @@ class AuthBackendClient(pulumi.CustomResource):
590
787
  :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
591
788
  `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
592
789
  that are used in the IAM auth method.
790
+ :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
791
+ Requires Vault 1.17+. *Available only for Vault Enterprise*
792
+ :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
793
+ *Available only for Vault Enterprise*
794
+ :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
795
+ The default `-1` falls back to the AWS SDK's default behavior.
593
796
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
594
797
  The value should not contain leading or trailing forward slashes.
595
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
798
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
596
799
  *Available only for Vault Enterprise*.
800
+ :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.17+.
801
+ *Available only for Vault Enterprise*
597
802
  :param pulumi.Input[str] secret_key: The AWS secret key that Vault should use for the
598
803
  auth backend.
599
804
  :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
@@ -615,7 +820,11 @@ class AuthBackendClient(pulumi.CustomResource):
615
820
  __props__.__dict__["ec2_endpoint"] = ec2_endpoint
616
821
  __props__.__dict__["iam_endpoint"] = iam_endpoint
617
822
  __props__.__dict__["iam_server_id_header_value"] = iam_server_id_header_value
823
+ __props__.__dict__["identity_token_audience"] = identity_token_audience
824
+ __props__.__dict__["identity_token_ttl"] = identity_token_ttl
825
+ __props__.__dict__["max_retries"] = max_retries
618
826
  __props__.__dict__["namespace"] = namespace
827
+ __props__.__dict__["role_arn"] = role_arn
619
828
  __props__.__dict__["secret_key"] = secret_key
620
829
  __props__.__dict__["sts_endpoint"] = sts_endpoint
621
830
  __props__.__dict__["sts_region"] = sts_region
@@ -627,7 +836,7 @@ class AuthBackendClient(pulumi.CustomResource):
627
836
  def access_key(self) -> pulumi.Output[Optional[str]]:
628
837
  """
629
838
  The AWS access key that Vault should use for the
630
- auth backend.
839
+ auth backend. Mutually exclusive with `identity_token_audience`.
631
840
  """
632
841
  return pulumi.get(self, "access_key")
633
842
 
@@ -668,17 +877,53 @@ class AuthBackendClient(pulumi.CustomResource):
668
877
  """
669
878
  return pulumi.get(self, "iam_server_id_header_value")
670
879
 
880
+ @property
881
+ @pulumi.getter(name="identityTokenAudience")
882
+ def identity_token_audience(self) -> pulumi.Output[Optional[str]]:
883
+ """
884
+ The audience claim value. Mutually exclusive with `access_key`.
885
+ Requires Vault 1.17+. *Available only for Vault Enterprise*
886
+ """
887
+ return pulumi.get(self, "identity_token_audience")
888
+
889
+ @property
890
+ @pulumi.getter(name="identityTokenTtl")
891
+ def identity_token_ttl(self) -> pulumi.Output[int]:
892
+ """
893
+ The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
894
+ *Available only for Vault Enterprise*
895
+ """
896
+ return pulumi.get(self, "identity_token_ttl")
897
+
898
+ @property
899
+ @pulumi.getter(name="maxRetries")
900
+ def max_retries(self) -> pulumi.Output[Optional[int]]:
901
+ """
902
+ Number of max retries the client should use for recoverable errors.
903
+ The default `-1` falls back to the AWS SDK's default behavior.
904
+ """
905
+ return pulumi.get(self, "max_retries")
906
+
671
907
  @property
672
908
  @pulumi.getter
673
909
  def namespace(self) -> pulumi.Output[Optional[str]]:
674
910
  """
675
911
  The namespace to provision the resource in.
676
912
  The value should not contain leading or trailing forward slashes.
677
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
913
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
678
914
  *Available only for Vault Enterprise*.
679
915
  """
680
916
  return pulumi.get(self, "namespace")
681
917
 
918
+ @property
919
+ @pulumi.getter(name="roleArn")
920
+ def role_arn(self) -> pulumi.Output[Optional[str]]:
921
+ """
922
+ Role ARN to assume for plugin identity token federation. Requires Vault 1.17+.
923
+ *Available only for Vault Enterprise*
924
+ """
925
+ return pulumi.get(self, "role_arn")
926
+
682
927
  @property
683
928
  @pulumi.getter(name="secretKey")
684
929
  def secret_key(self) -> pulumi.Output[Optional[str]]:
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['AuthBackendConfigIdentityArgs', 'AuthBackendConfigIdentity']
@@ -33,7 +38,7 @@ class AuthBackendConfigIdentityArgs:
33
38
  added to both audit logs, and on the `iam_alias`
34
39
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
35
40
  The value should not contain leading or trailing forward slashes.
36
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
41
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
37
42
  *Available only for Vault Enterprise*.
38
43
  """
39
44
  if backend is not None:
@@ -119,7 +124,7 @@ class AuthBackendConfigIdentityArgs:
119
124
  """
120
125
  The namespace to provision the resource in.
121
126
  The value should not contain leading or trailing forward slashes.
122
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
127
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
123
128
  *Available only for Vault Enterprise*.
124
129
  """
125
130
  return pulumi.get(self, "namespace")
@@ -151,7 +156,7 @@ class _AuthBackendConfigIdentityState:
151
156
  added to both audit logs, and on the `iam_alias`
152
157
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
153
158
  The value should not contain leading or trailing forward slashes.
154
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
159
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
155
160
  *Available only for Vault Enterprise*.
156
161
  """
157
162
  if backend is not None:
@@ -237,7 +242,7 @@ class _AuthBackendConfigIdentityState:
237
242
  """
238
243
  The namespace to provision the resource in.
239
244
  The value should not contain leading or trailing forward slashes.
240
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
245
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
241
246
  *Available only for Vault Enterprise*.
242
247
  """
243
248
  return pulumi.get(self, "namespace")
@@ -285,7 +290,7 @@ class AuthBackendConfigIdentity(pulumi.CustomResource):
285
290
  AWS auth backend identity config can be imported using `auth/`, the `backend` path, and `/config/identity` e.g.
286
291
 
287
292
  ```sh
288
- $ pulumi import vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity example auth/aws/config/identity
293
+ $ pulumi import vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity example auth/aws/config/identity
289
294
  ```
290
295
 
291
296
  :param str resource_name: The name of the resource.
@@ -301,7 +306,7 @@ class AuthBackendConfigIdentity(pulumi.CustomResource):
301
306
  added to both audit logs, and on the `iam_alias`
302
307
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
303
308
  The value should not contain leading or trailing forward slashes.
304
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
309
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
305
310
  *Available only for Vault Enterprise*.
306
311
  """
307
312
  ...
@@ -336,7 +341,7 @@ class AuthBackendConfigIdentity(pulumi.CustomResource):
336
341
  AWS auth backend identity config can be imported using `auth/`, the `backend` path, and `/config/identity` e.g.
337
342
 
338
343
  ```sh
339
- $ pulumi import vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity example auth/aws/config/identity
344
+ $ pulumi import vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity example auth/aws/config/identity
340
345
  ```
341
346
 
342
347
  :param str resource_name: The name of the resource.
@@ -409,7 +414,7 @@ class AuthBackendConfigIdentity(pulumi.CustomResource):
409
414
  added to both audit logs, and on the `iam_alias`
410
415
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
411
416
  The value should not contain leading or trailing forward slashes.
412
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
417
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
413
418
  *Available only for Vault Enterprise*.
414
419
  """
415
420
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -474,7 +479,7 @@ class AuthBackendConfigIdentity(pulumi.CustomResource):
474
479
  """
475
480
  The namespace to provision the resource in.
476
481
  The value should not contain leading or trailing forward slashes.
477
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
482
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
478
483
  *Available only for Vault Enterprise*.
479
484
  """
480
485
  return pulumi.get(self, "namespace")