pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']
|
@@ -56,34 +61,17 @@ class AuthBackendRoleArgs:
|
|
56
61
|
field.
|
57
62
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
58
63
|
The value should not contain leading or trailing forward slashes.
|
59
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
64
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
60
65
|
*Available only for Vault Enterprise*.
|
61
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs:
|
62
|
-
|
63
|
-
|
64
|
-
:param pulumi.Input[
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
:param pulumi.Input[int]
|
69
|
-
|
70
|
-
:param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
|
71
|
-
generated tokens; otherwise it will be added to the policies set in token_policies.
|
72
|
-
:param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/azure#token_num_uses)
|
73
|
-
of times a generated token may be used (within its lifetime); 0 means unlimited.
|
74
|
-
:param pulumi.Input[int] token_period: If set, indicates that the
|
75
|
-
token generated using this role should never expire. The token should be renewed within the
|
76
|
-
duration specified by this value. At each renewal, the token's TTL will be set to the
|
77
|
-
value of this field. Specified in seconds.
|
78
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
|
79
|
-
on the auth method, this list may be supplemented by user/group/other values.
|
80
|
-
:param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
|
81
|
-
Its current value will be referenced at renewal time.
|
82
|
-
:param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
|
83
|
-
`batch`, or `default` to use the mount's tuned default (which unless changed will be
|
84
|
-
`service` tokens). For token store roles, there are two additional possibilities:
|
85
|
-
`default-service` and `default-batch` which specify the type to return unless the client
|
86
|
-
requests a different type at generation time.
|
66
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
67
|
+
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
68
|
+
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
69
|
+
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
70
|
+
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
71
|
+
:param pulumi.Input[int] token_period: Generated Token's Period
|
72
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
73
|
+
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
74
|
+
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
87
75
|
"""
|
88
76
|
pulumi.set(__self__, "role", role)
|
89
77
|
if backend is not None:
|
@@ -235,7 +223,7 @@ class AuthBackendRoleArgs:
|
|
235
223
|
"""
|
236
224
|
The namespace to provision the resource in.
|
237
225
|
The value should not contain leading or trailing forward slashes.
|
238
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
226
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
239
227
|
*Available only for Vault Enterprise*.
|
240
228
|
"""
|
241
229
|
return pulumi.get(self, "namespace")
|
@@ -248,9 +236,7 @@ class AuthBackendRoleArgs:
|
|
248
236
|
@pulumi.getter(name="tokenBoundCidrs")
|
249
237
|
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
250
238
|
"""
|
251
|
-
|
252
|
-
addresses which can authenticate successfully, and ties the resulting token to these blocks
|
253
|
-
as well.
|
239
|
+
Specifies the blocks of IP addresses which are allowed to use the generated token
|
254
240
|
"""
|
255
241
|
return pulumi.get(self, "token_bound_cidrs")
|
256
242
|
|
@@ -262,10 +248,7 @@ class AuthBackendRoleArgs:
|
|
262
248
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
263
249
|
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
264
250
|
"""
|
265
|
-
|
266
|
-
[explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
|
267
|
-
onto the token in number of seconds. This is a hard cap even if `token_ttl` and
|
268
|
-
`token_max_ttl` would otherwise allow a renewal.
|
251
|
+
Generated Token's Explicit Maximum TTL in seconds
|
269
252
|
"""
|
270
253
|
return pulumi.get(self, "token_explicit_max_ttl")
|
271
254
|
|
@@ -277,8 +260,7 @@ class AuthBackendRoleArgs:
|
|
277
260
|
@pulumi.getter(name="tokenMaxTtl")
|
278
261
|
def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
279
262
|
"""
|
280
|
-
The maximum lifetime
|
281
|
-
Its current value will be referenced at renewal time.
|
263
|
+
The maximum lifetime of the generated token
|
282
264
|
"""
|
283
265
|
return pulumi.get(self, "token_max_ttl")
|
284
266
|
|
@@ -290,8 +272,7 @@ class AuthBackendRoleArgs:
|
|
290
272
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
291
273
|
def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
|
292
274
|
"""
|
293
|
-
If
|
294
|
-
generated tokens; otherwise it will be added to the policies set in token_policies.
|
275
|
+
If true, the 'default' policy will not automatically be added to generated tokens
|
295
276
|
"""
|
296
277
|
return pulumi.get(self, "token_no_default_policy")
|
297
278
|
|
@@ -303,8 +284,7 @@ class AuthBackendRoleArgs:
|
|
303
284
|
@pulumi.getter(name="tokenNumUses")
|
304
285
|
def token_num_uses(self) -> Optional[pulumi.Input[int]]:
|
305
286
|
"""
|
306
|
-
The
|
307
|
-
of times a generated token may be used (within its lifetime); 0 means unlimited.
|
287
|
+
The maximum number of times a token may be used, a value of zero means unlimited
|
308
288
|
"""
|
309
289
|
return pulumi.get(self, "token_num_uses")
|
310
290
|
|
@@ -316,10 +296,7 @@ class AuthBackendRoleArgs:
|
|
316
296
|
@pulumi.getter(name="tokenPeriod")
|
317
297
|
def token_period(self) -> Optional[pulumi.Input[int]]:
|
318
298
|
"""
|
319
|
-
|
320
|
-
token generated using this role should never expire. The token should be renewed within the
|
321
|
-
duration specified by this value. At each renewal, the token's TTL will be set to the
|
322
|
-
value of this field. Specified in seconds.
|
299
|
+
Generated Token's Period
|
323
300
|
"""
|
324
301
|
return pulumi.get(self, "token_period")
|
325
302
|
|
@@ -331,8 +308,7 @@ class AuthBackendRoleArgs:
|
|
331
308
|
@pulumi.getter(name="tokenPolicies")
|
332
309
|
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
333
310
|
"""
|
334
|
-
|
335
|
-
on the auth method, this list may be supplemented by user/group/other values.
|
311
|
+
Generated Token's Policies
|
336
312
|
"""
|
337
313
|
return pulumi.get(self, "token_policies")
|
338
314
|
|
@@ -344,8 +320,7 @@ class AuthBackendRoleArgs:
|
|
344
320
|
@pulumi.getter(name="tokenTtl")
|
345
321
|
def token_ttl(self) -> Optional[pulumi.Input[int]]:
|
346
322
|
"""
|
347
|
-
The
|
348
|
-
Its current value will be referenced at renewal time.
|
323
|
+
The initial ttl of the token to generate in seconds
|
349
324
|
"""
|
350
325
|
return pulumi.get(self, "token_ttl")
|
351
326
|
|
@@ -357,11 +332,7 @@ class AuthBackendRoleArgs:
|
|
357
332
|
@pulumi.getter(name="tokenType")
|
358
333
|
def token_type(self) -> Optional[pulumi.Input[str]]:
|
359
334
|
"""
|
360
|
-
The type of token
|
361
|
-
`batch`, or `default` to use the mount's tuned default (which unless changed will be
|
362
|
-
`service` tokens). For token store roles, there are two additional possibilities:
|
363
|
-
`default-service` and `default-batch` which specify the type to return unless the client
|
364
|
-
requests a different type at generation time.
|
335
|
+
The type of token to generate, service or batch
|
365
336
|
"""
|
366
337
|
return pulumi.get(self, "token_type")
|
367
338
|
|
@@ -414,35 +385,18 @@ class _AuthBackendRoleState:
|
|
414
385
|
field.
|
415
386
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
416
387
|
The value should not contain leading or trailing forward slashes.
|
417
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
388
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
418
389
|
*Available only for Vault Enterprise*.
|
419
390
|
:param pulumi.Input[str] role: The name of the role.
|
420
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs:
|
421
|
-
|
422
|
-
|
423
|
-
:param pulumi.Input[
|
424
|
-
|
425
|
-
|
426
|
-
|
427
|
-
:param pulumi.Input[int]
|
428
|
-
|
429
|
-
:param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
|
430
|
-
generated tokens; otherwise it will be added to the policies set in token_policies.
|
431
|
-
:param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/azure#token_num_uses)
|
432
|
-
of times a generated token may be used (within its lifetime); 0 means unlimited.
|
433
|
-
:param pulumi.Input[int] token_period: If set, indicates that the
|
434
|
-
token generated using this role should never expire. The token should be renewed within the
|
435
|
-
duration specified by this value. At each renewal, the token's TTL will be set to the
|
436
|
-
value of this field. Specified in seconds.
|
437
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
|
438
|
-
on the auth method, this list may be supplemented by user/group/other values.
|
439
|
-
:param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
|
440
|
-
Its current value will be referenced at renewal time.
|
441
|
-
:param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
|
442
|
-
`batch`, or `default` to use the mount's tuned default (which unless changed will be
|
443
|
-
`service` tokens). For token store roles, there are two additional possibilities:
|
444
|
-
`default-service` and `default-batch` which specify the type to return unless the client
|
445
|
-
requests a different type at generation time.
|
391
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
392
|
+
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
393
|
+
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
394
|
+
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
395
|
+
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
396
|
+
:param pulumi.Input[int] token_period: Generated Token's Period
|
397
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
398
|
+
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
399
|
+
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
446
400
|
"""
|
447
401
|
if backend is not None:
|
448
402
|
pulumi.set(__self__, "backend", backend)
|
@@ -583,7 +537,7 @@ class _AuthBackendRoleState:
|
|
583
537
|
"""
|
584
538
|
The namespace to provision the resource in.
|
585
539
|
The value should not contain leading or trailing forward slashes.
|
586
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
540
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
587
541
|
*Available only for Vault Enterprise*.
|
588
542
|
"""
|
589
543
|
return pulumi.get(self, "namespace")
|
@@ -608,9 +562,7 @@ class _AuthBackendRoleState:
|
|
608
562
|
@pulumi.getter(name="tokenBoundCidrs")
|
609
563
|
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
610
564
|
"""
|
611
|
-
|
612
|
-
addresses which can authenticate successfully, and ties the resulting token to these blocks
|
613
|
-
as well.
|
565
|
+
Specifies the blocks of IP addresses which are allowed to use the generated token
|
614
566
|
"""
|
615
567
|
return pulumi.get(self, "token_bound_cidrs")
|
616
568
|
|
@@ -622,10 +574,7 @@ class _AuthBackendRoleState:
|
|
622
574
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
623
575
|
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
624
576
|
"""
|
625
|
-
|
626
|
-
[explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
|
627
|
-
onto the token in number of seconds. This is a hard cap even if `token_ttl` and
|
628
|
-
`token_max_ttl` would otherwise allow a renewal.
|
577
|
+
Generated Token's Explicit Maximum TTL in seconds
|
629
578
|
"""
|
630
579
|
return pulumi.get(self, "token_explicit_max_ttl")
|
631
580
|
|
@@ -637,8 +586,7 @@ class _AuthBackendRoleState:
|
|
637
586
|
@pulumi.getter(name="tokenMaxTtl")
|
638
587
|
def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
639
588
|
"""
|
640
|
-
The maximum lifetime
|
641
|
-
Its current value will be referenced at renewal time.
|
589
|
+
The maximum lifetime of the generated token
|
642
590
|
"""
|
643
591
|
return pulumi.get(self, "token_max_ttl")
|
644
592
|
|
@@ -650,8 +598,7 @@ class _AuthBackendRoleState:
|
|
650
598
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
651
599
|
def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
|
652
600
|
"""
|
653
|
-
If
|
654
|
-
generated tokens; otherwise it will be added to the policies set in token_policies.
|
601
|
+
If true, the 'default' policy will not automatically be added to generated tokens
|
655
602
|
"""
|
656
603
|
return pulumi.get(self, "token_no_default_policy")
|
657
604
|
|
@@ -663,8 +610,7 @@ class _AuthBackendRoleState:
|
|
663
610
|
@pulumi.getter(name="tokenNumUses")
|
664
611
|
def token_num_uses(self) -> Optional[pulumi.Input[int]]:
|
665
612
|
"""
|
666
|
-
The
|
667
|
-
of times a generated token may be used (within its lifetime); 0 means unlimited.
|
613
|
+
The maximum number of times a token may be used, a value of zero means unlimited
|
668
614
|
"""
|
669
615
|
return pulumi.get(self, "token_num_uses")
|
670
616
|
|
@@ -676,10 +622,7 @@ class _AuthBackendRoleState:
|
|
676
622
|
@pulumi.getter(name="tokenPeriod")
|
677
623
|
def token_period(self) -> Optional[pulumi.Input[int]]:
|
678
624
|
"""
|
679
|
-
|
680
|
-
token generated using this role should never expire. The token should be renewed within the
|
681
|
-
duration specified by this value. At each renewal, the token's TTL will be set to the
|
682
|
-
value of this field. Specified in seconds.
|
625
|
+
Generated Token's Period
|
683
626
|
"""
|
684
627
|
return pulumi.get(self, "token_period")
|
685
628
|
|
@@ -691,8 +634,7 @@ class _AuthBackendRoleState:
|
|
691
634
|
@pulumi.getter(name="tokenPolicies")
|
692
635
|
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
693
636
|
"""
|
694
|
-
|
695
|
-
on the auth method, this list may be supplemented by user/group/other values.
|
637
|
+
Generated Token's Policies
|
696
638
|
"""
|
697
639
|
return pulumi.get(self, "token_policies")
|
698
640
|
|
@@ -704,8 +646,7 @@ class _AuthBackendRoleState:
|
|
704
646
|
@pulumi.getter(name="tokenTtl")
|
705
647
|
def token_ttl(self) -> Optional[pulumi.Input[int]]:
|
706
648
|
"""
|
707
|
-
The
|
708
|
-
Its current value will be referenced at renewal time.
|
649
|
+
The initial ttl of the token to generate in seconds
|
709
650
|
"""
|
710
651
|
return pulumi.get(self, "token_ttl")
|
711
652
|
|
@@ -717,11 +658,7 @@ class _AuthBackendRoleState:
|
|
717
658
|
@pulumi.getter(name="tokenType")
|
718
659
|
def token_type(self) -> Optional[pulumi.Input[str]]:
|
719
660
|
"""
|
720
|
-
The type of token
|
721
|
-
`batch`, or `default` to use the mount's tuned default (which unless changed will be
|
722
|
-
`service` tokens). For token store roles, there are two additional possibilities:
|
723
|
-
`default-service` and `default-batch` which specify the type to return unless the client
|
724
|
-
requests a different type at generation time.
|
661
|
+
The type of token to generate, service or batch
|
725
662
|
"""
|
726
663
|
return pulumi.get(self, "token_type")
|
727
664
|
|
@@ -763,7 +700,6 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
763
700
|
|
764
701
|
## Example Usage
|
765
702
|
|
766
|
-
<!--Start PulumiCodeChooser -->
|
767
703
|
```python
|
768
704
|
import pulumi
|
769
705
|
import pulumi_vault as vault
|
@@ -782,7 +718,6 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
782
718
|
"prod",
|
783
719
|
])
|
784
720
|
```
|
785
|
-
<!--End PulumiCodeChooser -->
|
786
721
|
|
787
722
|
## Import
|
788
723
|
|
@@ -815,35 +750,18 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
815
750
|
field.
|
816
751
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
817
752
|
The value should not contain leading or trailing forward slashes.
|
818
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
753
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
819
754
|
*Available only for Vault Enterprise*.
|
820
755
|
:param pulumi.Input[str] role: The name of the role.
|
821
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs:
|
822
|
-
|
823
|
-
|
824
|
-
:param pulumi.Input[
|
825
|
-
|
826
|
-
|
827
|
-
|
828
|
-
:param pulumi.Input[int]
|
829
|
-
|
830
|
-
:param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
|
831
|
-
generated tokens; otherwise it will be added to the policies set in token_policies.
|
832
|
-
:param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/azure#token_num_uses)
|
833
|
-
of times a generated token may be used (within its lifetime); 0 means unlimited.
|
834
|
-
:param pulumi.Input[int] token_period: If set, indicates that the
|
835
|
-
token generated using this role should never expire. The token should be renewed within the
|
836
|
-
duration specified by this value. At each renewal, the token's TTL will be set to the
|
837
|
-
value of this field. Specified in seconds.
|
838
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
|
839
|
-
on the auth method, this list may be supplemented by user/group/other values.
|
840
|
-
:param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
|
841
|
-
Its current value will be referenced at renewal time.
|
842
|
-
:param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
|
843
|
-
`batch`, or `default` to use the mount's tuned default (which unless changed will be
|
844
|
-
`service` tokens). For token store roles, there are two additional possibilities:
|
845
|
-
`default-service` and `default-batch` which specify the type to return unless the client
|
846
|
-
requests a different type at generation time.
|
756
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
757
|
+
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
758
|
+
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
759
|
+
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
760
|
+
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
761
|
+
:param pulumi.Input[int] token_period: Generated Token's Period
|
762
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
763
|
+
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
764
|
+
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
847
765
|
"""
|
848
766
|
...
|
849
767
|
@overload
|
@@ -860,7 +778,6 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
860
778
|
|
861
779
|
## Example Usage
|
862
780
|
|
863
|
-
<!--Start PulumiCodeChooser -->
|
864
781
|
```python
|
865
782
|
import pulumi
|
866
783
|
import pulumi_vault as vault
|
@@ -879,7 +796,6 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
879
796
|
"prod",
|
880
797
|
])
|
881
798
|
```
|
882
|
-
<!--End PulumiCodeChooser -->
|
883
799
|
|
884
800
|
## Import
|
885
801
|
|
@@ -1007,35 +923,18 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1007
923
|
field.
|
1008
924
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
1009
925
|
The value should not contain leading or trailing forward slashes.
|
1010
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
926
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1011
927
|
*Available only for Vault Enterprise*.
|
1012
928
|
:param pulumi.Input[str] role: The name of the role.
|
1013
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs:
|
1014
|
-
|
1015
|
-
|
1016
|
-
:param pulumi.Input[
|
1017
|
-
|
1018
|
-
|
1019
|
-
|
1020
|
-
:param pulumi.Input[int]
|
1021
|
-
|
1022
|
-
:param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
|
1023
|
-
generated tokens; otherwise it will be added to the policies set in token_policies.
|
1024
|
-
:param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/azure#token_num_uses)
|
1025
|
-
of times a generated token may be used (within its lifetime); 0 means unlimited.
|
1026
|
-
:param pulumi.Input[int] token_period: If set, indicates that the
|
1027
|
-
token generated using this role should never expire. The token should be renewed within the
|
1028
|
-
duration specified by this value. At each renewal, the token's TTL will be set to the
|
1029
|
-
value of this field. Specified in seconds.
|
1030
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
|
1031
|
-
on the auth method, this list may be supplemented by user/group/other values.
|
1032
|
-
:param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
|
1033
|
-
Its current value will be referenced at renewal time.
|
1034
|
-
:param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
|
1035
|
-
`batch`, or `default` to use the mount's tuned default (which unless changed will be
|
1036
|
-
`service` tokens). For token store roles, there are two additional possibilities:
|
1037
|
-
`default-service` and `default-batch` which specify the type to return unless the client
|
1038
|
-
requests a different type at generation time.
|
929
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
930
|
+
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
931
|
+
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
932
|
+
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
933
|
+
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
934
|
+
:param pulumi.Input[int] token_period: Generated Token's Period
|
935
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
936
|
+
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
937
|
+
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
1039
938
|
"""
|
1040
939
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
1041
940
|
|
@@ -1135,7 +1034,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1135
1034
|
"""
|
1136
1035
|
The namespace to provision the resource in.
|
1137
1036
|
The value should not contain leading or trailing forward slashes.
|
1138
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1037
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1139
1038
|
*Available only for Vault Enterprise*.
|
1140
1039
|
"""
|
1141
1040
|
return pulumi.get(self, "namespace")
|
@@ -1152,9 +1051,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1152
1051
|
@pulumi.getter(name="tokenBoundCidrs")
|
1153
1052
|
def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1154
1053
|
"""
|
1155
|
-
|
1156
|
-
addresses which can authenticate successfully, and ties the resulting token to these blocks
|
1157
|
-
as well.
|
1054
|
+
Specifies the blocks of IP addresses which are allowed to use the generated token
|
1158
1055
|
"""
|
1159
1056
|
return pulumi.get(self, "token_bound_cidrs")
|
1160
1057
|
|
@@ -1162,10 +1059,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1162
1059
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
1163
1060
|
def token_explicit_max_ttl(self) -> pulumi.Output[Optional[int]]:
|
1164
1061
|
"""
|
1165
|
-
|
1166
|
-
[explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
|
1167
|
-
onto the token in number of seconds. This is a hard cap even if `token_ttl` and
|
1168
|
-
`token_max_ttl` would otherwise allow a renewal.
|
1062
|
+
Generated Token's Explicit Maximum TTL in seconds
|
1169
1063
|
"""
|
1170
1064
|
return pulumi.get(self, "token_explicit_max_ttl")
|
1171
1065
|
|
@@ -1173,8 +1067,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1173
1067
|
@pulumi.getter(name="tokenMaxTtl")
|
1174
1068
|
def token_max_ttl(self) -> pulumi.Output[Optional[int]]:
|
1175
1069
|
"""
|
1176
|
-
The maximum lifetime
|
1177
|
-
Its current value will be referenced at renewal time.
|
1070
|
+
The maximum lifetime of the generated token
|
1178
1071
|
"""
|
1179
1072
|
return pulumi.get(self, "token_max_ttl")
|
1180
1073
|
|
@@ -1182,8 +1075,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1182
1075
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
1183
1076
|
def token_no_default_policy(self) -> pulumi.Output[Optional[bool]]:
|
1184
1077
|
"""
|
1185
|
-
If
|
1186
|
-
generated tokens; otherwise it will be added to the policies set in token_policies.
|
1078
|
+
If true, the 'default' policy will not automatically be added to generated tokens
|
1187
1079
|
"""
|
1188
1080
|
return pulumi.get(self, "token_no_default_policy")
|
1189
1081
|
|
@@ -1191,8 +1083,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1191
1083
|
@pulumi.getter(name="tokenNumUses")
|
1192
1084
|
def token_num_uses(self) -> pulumi.Output[Optional[int]]:
|
1193
1085
|
"""
|
1194
|
-
The
|
1195
|
-
of times a generated token may be used (within its lifetime); 0 means unlimited.
|
1086
|
+
The maximum number of times a token may be used, a value of zero means unlimited
|
1196
1087
|
"""
|
1197
1088
|
return pulumi.get(self, "token_num_uses")
|
1198
1089
|
|
@@ -1200,10 +1091,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1200
1091
|
@pulumi.getter(name="tokenPeriod")
|
1201
1092
|
def token_period(self) -> pulumi.Output[Optional[int]]:
|
1202
1093
|
"""
|
1203
|
-
|
1204
|
-
token generated using this role should never expire. The token should be renewed within the
|
1205
|
-
duration specified by this value. At each renewal, the token's TTL will be set to the
|
1206
|
-
value of this field. Specified in seconds.
|
1094
|
+
Generated Token's Period
|
1207
1095
|
"""
|
1208
1096
|
return pulumi.get(self, "token_period")
|
1209
1097
|
|
@@ -1211,8 +1099,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1211
1099
|
@pulumi.getter(name="tokenPolicies")
|
1212
1100
|
def token_policies(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1213
1101
|
"""
|
1214
|
-
|
1215
|
-
on the auth method, this list may be supplemented by user/group/other values.
|
1102
|
+
Generated Token's Policies
|
1216
1103
|
"""
|
1217
1104
|
return pulumi.get(self, "token_policies")
|
1218
1105
|
|
@@ -1220,8 +1107,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1220
1107
|
@pulumi.getter(name="tokenTtl")
|
1221
1108
|
def token_ttl(self) -> pulumi.Output[Optional[int]]:
|
1222
1109
|
"""
|
1223
|
-
The
|
1224
|
-
Its current value will be referenced at renewal time.
|
1110
|
+
The initial ttl of the token to generate in seconds
|
1225
1111
|
"""
|
1226
1112
|
return pulumi.get(self, "token_ttl")
|
1227
1113
|
|
@@ -1229,11 +1115,7 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
1229
1115
|
@pulumi.getter(name="tokenType")
|
1230
1116
|
def token_type(self) -> pulumi.Output[Optional[str]]:
|
1231
1117
|
"""
|
1232
|
-
The type of token
|
1233
|
-
`batch`, or `default` to use the mount's tuned default (which unless changed will be
|
1234
|
-
`service` tokens). For token store roles, there are two additional possibilities:
|
1235
|
-
`default-service` and `default-batch` which specify the type to return unless the client
|
1236
|
-
requests a different type at generation time.
|
1118
|
+
The type of token to generate, service or batch
|
1237
1119
|
"""
|
1238
1120
|
return pulumi.get(self, "token_type")
|
1239
1121
|
|