pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
pulumi_vault/_utilities.py
CHANGED
@@ -4,6 +4,7 @@
|
|
4
4
|
|
5
5
|
|
6
6
|
import asyncio
|
7
|
+
import functools
|
7
8
|
import importlib.metadata
|
8
9
|
import importlib.util
|
9
10
|
import inspect
|
@@ -11,14 +12,19 @@ import json
|
|
11
12
|
import os
|
12
13
|
import sys
|
13
14
|
import typing
|
15
|
+
import warnings
|
16
|
+
import base64
|
14
17
|
|
15
18
|
import pulumi
|
16
19
|
import pulumi.runtime
|
17
20
|
from pulumi.runtime.sync_await import _sync_await
|
21
|
+
from pulumi.runtime.proto import resource_pb2
|
18
22
|
|
19
23
|
from semver import VersionInfo as SemverVersion
|
20
24
|
from parver import Version as PEP440Version
|
21
25
|
|
26
|
+
C = typing.TypeVar("C", bound=typing.Callable)
|
27
|
+
|
22
28
|
|
23
29
|
def get_env(*args):
|
24
30
|
for v in args:
|
@@ -96,10 +102,6 @@ def _get_semver_version():
|
|
96
102
|
_version = _get_semver_version()
|
97
103
|
_version_str = str(_version)
|
98
104
|
|
99
|
-
|
100
|
-
def get_version():
|
101
|
-
return _version_str
|
102
|
-
|
103
105
|
def get_resource_opts_defaults() -> pulumi.ResourceOptions:
|
104
106
|
return pulumi.ResourceOptions(
|
105
107
|
version=get_version(),
|
@@ -262,7 +264,7 @@ def call_plain(
|
|
262
264
|
output = pulumi.runtime.call(tok, props, res, typ)
|
263
265
|
|
264
266
|
# Ingoring deps silently. They are typically non-empty, r.f() calls include r as a dependency.
|
265
|
-
result, known, secret, _ = _sync_await(asyncio.
|
267
|
+
result, known, secret, _ = _sync_await(asyncio.create_task(_await_output(output)))
|
266
268
|
|
267
269
|
problem = None
|
268
270
|
if not known:
|
@@ -287,5 +289,39 @@ async def _await_output(o: pulumi.Output[typing.Any]) -> typing.Tuple[object, bo
|
|
287
289
|
await o._resources,
|
288
290
|
)
|
289
291
|
|
292
|
+
|
293
|
+
# This is included to provide an upgrade path for users who are using a version
|
294
|
+
# of the Pulumi SDK (<3.121.0) that does not include the `deprecated` decorator.
|
295
|
+
def deprecated(message: str) -> typing.Callable[[C], C]:
|
296
|
+
"""
|
297
|
+
Decorator to indicate a function is deprecated.
|
298
|
+
|
299
|
+
As well as inserting appropriate statements to indicate that the function is
|
300
|
+
deprecated, this decorator also tags the function with a special attribute
|
301
|
+
so that Pulumi code can detect that it is deprecated and react appropriately
|
302
|
+
in certain situations.
|
303
|
+
|
304
|
+
message is the deprecation message that should be printed if the function is called.
|
305
|
+
"""
|
306
|
+
|
307
|
+
def decorator(fn: C) -> C:
|
308
|
+
if not callable(fn):
|
309
|
+
raise TypeError("Expected fn to be callable")
|
310
|
+
|
311
|
+
@functools.wraps(fn)
|
312
|
+
def deprecated_fn(*args, **kwargs):
|
313
|
+
warnings.warn(message)
|
314
|
+
pulumi.warn(f"{fn.__name__} is deprecated: {message}")
|
315
|
+
|
316
|
+
return fn(*args, **kwargs)
|
317
|
+
|
318
|
+
deprecated_fn.__dict__["_pulumi_deprecated_callable"] = fn
|
319
|
+
return typing.cast(C, deprecated_fn)
|
320
|
+
|
321
|
+
return decorator
|
322
|
+
|
290
323
|
def get_plugin_download_url():
|
291
324
|
return None
|
325
|
+
|
326
|
+
def get_version():
|
327
|
+
return _version_str
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -119,7 +124,7 @@ def get_access_credentials(backend: Optional[str] = None,
|
|
119
124
|
read credentials from, with no leading or trailing `/`s.
|
120
125
|
:param str namespace: The namespace of the target resource.
|
121
126
|
The value should not contain leading or trailing forward slashes.
|
122
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
127
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
123
128
|
*Available only for Vault Enterprise*.
|
124
129
|
:param str role: The name of the AD secret backend role to read
|
125
130
|
credentials from, with no leading or trailing `/`s.
|
@@ -139,13 +144,10 @@ def get_access_credentials(backend: Optional[str] = None,
|
|
139
144
|
namespace=pulumi.get(__ret__, 'namespace'),
|
140
145
|
role=pulumi.get(__ret__, 'role'),
|
141
146
|
username=pulumi.get(__ret__, 'username'))
|
142
|
-
|
143
|
-
|
144
|
-
@_utilities.lift_output_func(get_access_credentials)
|
145
147
|
def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
|
146
148
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
147
149
|
role: Optional[pulumi.Input[str]] = None,
|
148
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessCredentialsResult]:
|
150
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetAccessCredentialsResult]:
|
149
151
|
"""
|
150
152
|
## Example Usage
|
151
153
|
|
@@ -154,9 +156,22 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
|
|
154
156
|
read credentials from, with no leading or trailing `/`s.
|
155
157
|
:param str namespace: The namespace of the target resource.
|
156
158
|
The value should not contain leading or trailing forward slashes.
|
157
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
159
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
158
160
|
*Available only for Vault Enterprise*.
|
159
161
|
:param str role: The name of the AD secret backend role to read
|
160
162
|
credentials from, with no leading or trailing `/`s.
|
161
163
|
"""
|
162
|
-
|
164
|
+
__args__ = dict()
|
165
|
+
__args__['backend'] = backend
|
166
|
+
__args__['namespace'] = namespace
|
167
|
+
__args__['role'] = role
|
168
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
169
|
+
__ret__ = pulumi.runtime.invoke_output('vault:ad/getAccessCredentials:getAccessCredentials', __args__, opts=opts, typ=GetAccessCredentialsResult)
|
170
|
+
return __ret__.apply(lambda __response__: GetAccessCredentialsResult(
|
171
|
+
backend=pulumi.get(__response__, 'backend'),
|
172
|
+
current_password=pulumi.get(__response__, 'current_password'),
|
173
|
+
id=pulumi.get(__response__, 'id'),
|
174
|
+
last_password=pulumi.get(__response__, 'last_password'),
|
175
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
176
|
+
role=pulumi.get(__response__, 'role'),
|
177
|
+
username=pulumi.get(__response__, 'username')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendArgs', 'SecretBackend']
|
@@ -27,13 +32,11 @@ class SecretBackendArgs:
|
|
27
32
|
description: Optional[pulumi.Input[str]] = None,
|
28
33
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
29
34
|
discoverdn: Optional[pulumi.Input[bool]] = None,
|
30
|
-
formatter: Optional[pulumi.Input[str]] = None,
|
31
35
|
groupattr: Optional[pulumi.Input[str]] = None,
|
32
36
|
groupdn: Optional[pulumi.Input[str]] = None,
|
33
37
|
groupfilter: Optional[pulumi.Input[str]] = None,
|
34
38
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
35
39
|
last_rotation_tolerance: Optional[pulumi.Input[int]] = None,
|
36
|
-
length: Optional[pulumi.Input[int]] = None,
|
37
40
|
local: Optional[pulumi.Input[bool]] = None,
|
38
41
|
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
39
42
|
max_ttl: Optional[pulumi.Input[int]] = None,
|
@@ -71,7 +74,6 @@ class SecretBackendArgs:
|
|
71
74
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
72
75
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
73
76
|
:param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind Distinguished Name of a user.
|
74
|
-
:param pulumi.Input[str] formatter: **Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".
|
75
77
|
:param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate
|
76
78
|
user group membership. Examples: `cn` or `memberOf`, etc. Defaults to `cn`.
|
77
79
|
:param pulumi.Input[str] groupdn: LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
|
@@ -81,15 +83,13 @@ class SecretBackendArgs:
|
|
81
83
|
Defaults to `false`.
|
82
84
|
:param pulumi.Input[int] last_rotation_tolerance: The number of seconds after a Vault rotation where, if Active Directory
|
83
85
|
shows a later rotation, it should be considered out-of-band
|
84
|
-
:param pulumi.Input[int] length: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates.
|
85
|
-
*Mutually exclusive with `password_policy` on vault-1.11+*
|
86
86
|
:param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
|
87
87
|
replication.Tolerance duration to use when checking the last rotation time.
|
88
88
|
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
|
89
89
|
:param pulumi.Input[int] max_ttl: In seconds, the maximum password time-to-live.
|
90
90
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
91
91
|
The value should not contain leading or trailing forward slashes.
|
92
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
92
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
93
93
|
*Available only for Vault Enterprise*.
|
94
94
|
:param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
|
95
95
|
:param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
|
@@ -138,11 +138,6 @@ class SecretBackendArgs:
|
|
138
138
|
pulumi.set(__self__, "disable_remount", disable_remount)
|
139
139
|
if discoverdn is not None:
|
140
140
|
pulumi.set(__self__, "discoverdn", discoverdn)
|
141
|
-
if formatter is not None:
|
142
|
-
warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
143
|
-
pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""")
|
144
|
-
if formatter is not None:
|
145
|
-
pulumi.set(__self__, "formatter", formatter)
|
146
141
|
if groupattr is not None:
|
147
142
|
pulumi.set(__self__, "groupattr", groupattr)
|
148
143
|
if groupdn is not None:
|
@@ -153,11 +148,6 @@ class SecretBackendArgs:
|
|
153
148
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
154
149
|
if last_rotation_tolerance is not None:
|
155
150
|
pulumi.set(__self__, "last_rotation_tolerance", last_rotation_tolerance)
|
156
|
-
if length is not None:
|
157
|
-
warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
158
|
-
pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""")
|
159
|
-
if length is not None:
|
160
|
-
pulumi.set(__self__, "length", length)
|
161
151
|
if local is not None:
|
162
152
|
pulumi.set(__self__, "local", local)
|
163
153
|
if max_lease_ttl_seconds is not None:
|
@@ -353,21 +343,6 @@ class SecretBackendArgs:
|
|
353
343
|
def discoverdn(self, value: Optional[pulumi.Input[bool]]):
|
354
344
|
pulumi.set(self, "discoverdn", value)
|
355
345
|
|
356
|
-
@property
|
357
|
-
@pulumi.getter
|
358
|
-
def formatter(self) -> Optional[pulumi.Input[str]]:
|
359
|
-
"""
|
360
|
-
**Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".
|
361
|
-
"""
|
362
|
-
warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
363
|
-
pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""")
|
364
|
-
|
365
|
-
return pulumi.get(self, "formatter")
|
366
|
-
|
367
|
-
@formatter.setter
|
368
|
-
def formatter(self, value: Optional[pulumi.Input[str]]):
|
369
|
-
pulumi.set(self, "formatter", value)
|
370
|
-
|
371
346
|
@property
|
372
347
|
@pulumi.getter
|
373
348
|
def groupattr(self) -> Optional[pulumi.Input[str]]:
|
@@ -432,22 +407,6 @@ class SecretBackendArgs:
|
|
432
407
|
def last_rotation_tolerance(self, value: Optional[pulumi.Input[int]]):
|
433
408
|
pulumi.set(self, "last_rotation_tolerance", value)
|
434
409
|
|
435
|
-
@property
|
436
|
-
@pulumi.getter
|
437
|
-
def length(self) -> Optional[pulumi.Input[int]]:
|
438
|
-
"""
|
439
|
-
**Deprecated** use `password_policy`. The desired length of passwords that Vault generates.
|
440
|
-
*Mutually exclusive with `password_policy` on vault-1.11+*
|
441
|
-
"""
|
442
|
-
warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
443
|
-
pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""")
|
444
|
-
|
445
|
-
return pulumi.get(self, "length")
|
446
|
-
|
447
|
-
@length.setter
|
448
|
-
def length(self, value: Optional[pulumi.Input[int]]):
|
449
|
-
pulumi.set(self, "length", value)
|
450
|
-
|
451
410
|
@property
|
452
411
|
@pulumi.getter
|
453
412
|
def local(self) -> Optional[pulumi.Input[bool]]:
|
@@ -491,7 +450,7 @@ class SecretBackendArgs:
|
|
491
450
|
"""
|
492
451
|
The namespace to provision the resource in.
|
493
452
|
The value should not contain leading or trailing forward slashes.
|
494
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
453
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
495
454
|
*Available only for Vault Enterprise*.
|
496
455
|
"""
|
497
456
|
return pulumi.get(self, "namespace")
|
@@ -671,13 +630,11 @@ class _SecretBackendState:
|
|
671
630
|
description: Optional[pulumi.Input[str]] = None,
|
672
631
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
673
632
|
discoverdn: Optional[pulumi.Input[bool]] = None,
|
674
|
-
formatter: Optional[pulumi.Input[str]] = None,
|
675
633
|
groupattr: Optional[pulumi.Input[str]] = None,
|
676
634
|
groupdn: Optional[pulumi.Input[str]] = None,
|
677
635
|
groupfilter: Optional[pulumi.Input[str]] = None,
|
678
636
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
679
637
|
last_rotation_tolerance: Optional[pulumi.Input[int]] = None,
|
680
|
-
length: Optional[pulumi.Input[int]] = None,
|
681
638
|
local: Optional[pulumi.Input[bool]] = None,
|
682
639
|
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
683
640
|
max_ttl: Optional[pulumi.Input[int]] = None,
|
@@ -715,7 +672,6 @@ class _SecretBackendState:
|
|
715
672
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
716
673
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
717
674
|
:param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind Distinguished Name of a user.
|
718
|
-
:param pulumi.Input[str] formatter: **Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".
|
719
675
|
:param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate
|
720
676
|
user group membership. Examples: `cn` or `memberOf`, etc. Defaults to `cn`.
|
721
677
|
:param pulumi.Input[str] groupdn: LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
|
@@ -725,15 +681,13 @@ class _SecretBackendState:
|
|
725
681
|
Defaults to `false`.
|
726
682
|
:param pulumi.Input[int] last_rotation_tolerance: The number of seconds after a Vault rotation where, if Active Directory
|
727
683
|
shows a later rotation, it should be considered out-of-band
|
728
|
-
:param pulumi.Input[int] length: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates.
|
729
|
-
*Mutually exclusive with `password_policy` on vault-1.11+*
|
730
684
|
:param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
|
731
685
|
replication.Tolerance duration to use when checking the last rotation time.
|
732
686
|
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
|
733
687
|
:param pulumi.Input[int] max_ttl: In seconds, the maximum password time-to-live.
|
734
688
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
735
689
|
The value should not contain leading or trailing forward slashes.
|
736
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
690
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
737
691
|
*Available only for Vault Enterprise*.
|
738
692
|
:param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
|
739
693
|
:param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
|
@@ -784,11 +738,6 @@ class _SecretBackendState:
|
|
784
738
|
pulumi.set(__self__, "disable_remount", disable_remount)
|
785
739
|
if discoverdn is not None:
|
786
740
|
pulumi.set(__self__, "discoverdn", discoverdn)
|
787
|
-
if formatter is not None:
|
788
|
-
warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
789
|
-
pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""")
|
790
|
-
if formatter is not None:
|
791
|
-
pulumi.set(__self__, "formatter", formatter)
|
792
741
|
if groupattr is not None:
|
793
742
|
pulumi.set(__self__, "groupattr", groupattr)
|
794
743
|
if groupdn is not None:
|
@@ -799,11 +748,6 @@ class _SecretBackendState:
|
|
799
748
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
800
749
|
if last_rotation_tolerance is not None:
|
801
750
|
pulumi.set(__self__, "last_rotation_tolerance", last_rotation_tolerance)
|
802
|
-
if length is not None:
|
803
|
-
warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
804
|
-
pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""")
|
805
|
-
if length is not None:
|
806
|
-
pulumi.set(__self__, "length", length)
|
807
751
|
if local is not None:
|
808
752
|
pulumi.set(__self__, "local", local)
|
809
753
|
if max_lease_ttl_seconds is not None:
|
@@ -999,21 +943,6 @@ class _SecretBackendState:
|
|
999
943
|
def discoverdn(self, value: Optional[pulumi.Input[bool]]):
|
1000
944
|
pulumi.set(self, "discoverdn", value)
|
1001
945
|
|
1002
|
-
@property
|
1003
|
-
@pulumi.getter
|
1004
|
-
def formatter(self) -> Optional[pulumi.Input[str]]:
|
1005
|
-
"""
|
1006
|
-
**Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".
|
1007
|
-
"""
|
1008
|
-
warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
1009
|
-
pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""")
|
1010
|
-
|
1011
|
-
return pulumi.get(self, "formatter")
|
1012
|
-
|
1013
|
-
@formatter.setter
|
1014
|
-
def formatter(self, value: Optional[pulumi.Input[str]]):
|
1015
|
-
pulumi.set(self, "formatter", value)
|
1016
|
-
|
1017
946
|
@property
|
1018
947
|
@pulumi.getter
|
1019
948
|
def groupattr(self) -> Optional[pulumi.Input[str]]:
|
@@ -1078,22 +1007,6 @@ class _SecretBackendState:
|
|
1078
1007
|
def last_rotation_tolerance(self, value: Optional[pulumi.Input[int]]):
|
1079
1008
|
pulumi.set(self, "last_rotation_tolerance", value)
|
1080
1009
|
|
1081
|
-
@property
|
1082
|
-
@pulumi.getter
|
1083
|
-
def length(self) -> Optional[pulumi.Input[int]]:
|
1084
|
-
"""
|
1085
|
-
**Deprecated** use `password_policy`. The desired length of passwords that Vault generates.
|
1086
|
-
*Mutually exclusive with `password_policy` on vault-1.11+*
|
1087
|
-
"""
|
1088
|
-
warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
1089
|
-
pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""")
|
1090
|
-
|
1091
|
-
return pulumi.get(self, "length")
|
1092
|
-
|
1093
|
-
@length.setter
|
1094
|
-
def length(self, value: Optional[pulumi.Input[int]]):
|
1095
|
-
pulumi.set(self, "length", value)
|
1096
|
-
|
1097
1010
|
@property
|
1098
1011
|
@pulumi.getter
|
1099
1012
|
def local(self) -> Optional[pulumi.Input[bool]]:
|
@@ -1137,7 +1050,7 @@ class _SecretBackendState:
|
|
1137
1050
|
"""
|
1138
1051
|
The namespace to provision the resource in.
|
1139
1052
|
The value should not contain leading or trailing forward slashes.
|
1140
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1053
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1141
1054
|
*Available only for Vault Enterprise*.
|
1142
1055
|
"""
|
1143
1056
|
return pulumi.get(self, "namespace")
|
@@ -1319,13 +1232,11 @@ class SecretBackend(pulumi.CustomResource):
|
|
1319
1232
|
description: Optional[pulumi.Input[str]] = None,
|
1320
1233
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
1321
1234
|
discoverdn: Optional[pulumi.Input[bool]] = None,
|
1322
|
-
formatter: Optional[pulumi.Input[str]] = None,
|
1323
1235
|
groupattr: Optional[pulumi.Input[str]] = None,
|
1324
1236
|
groupdn: Optional[pulumi.Input[str]] = None,
|
1325
1237
|
groupfilter: Optional[pulumi.Input[str]] = None,
|
1326
1238
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
1327
1239
|
last_rotation_tolerance: Optional[pulumi.Input[int]] = None,
|
1328
|
-
length: Optional[pulumi.Input[int]] = None,
|
1329
1240
|
local: Optional[pulumi.Input[bool]] = None,
|
1330
1241
|
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1331
1242
|
max_ttl: Optional[pulumi.Input[int]] = None,
|
@@ -1346,7 +1257,6 @@ class SecretBackend(pulumi.CustomResource):
|
|
1346
1257
|
"""
|
1347
1258
|
## Example Usage
|
1348
1259
|
|
1349
|
-
<!--Start PulumiCodeChooser -->
|
1350
1260
|
```python
|
1351
1261
|
import pulumi
|
1352
1262
|
import pulumi_vault as vault
|
@@ -1355,11 +1265,10 @@ class SecretBackend(pulumi.CustomResource):
|
|
1355
1265
|
backend="ad",
|
1356
1266
|
binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
|
1357
1267
|
bindpass="SuperSecretPassw0rd",
|
1358
|
-
insecure_tls=True,
|
1359
1268
|
url="ldaps://ad",
|
1269
|
+
insecure_tls=True,
|
1360
1270
|
userdn="CN=Users,DC=corp,DC=example,DC=net")
|
1361
1271
|
```
|
1362
|
-
<!--End PulumiCodeChooser -->
|
1363
1272
|
|
1364
1273
|
## Import
|
1365
1274
|
|
@@ -1390,7 +1299,6 @@ class SecretBackend(pulumi.CustomResource):
|
|
1390
1299
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
1391
1300
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
1392
1301
|
:param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind Distinguished Name of a user.
|
1393
|
-
:param pulumi.Input[str] formatter: **Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".
|
1394
1302
|
:param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate
|
1395
1303
|
user group membership. Examples: `cn` or `memberOf`, etc. Defaults to `cn`.
|
1396
1304
|
:param pulumi.Input[str] groupdn: LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
|
@@ -1400,15 +1308,13 @@ class SecretBackend(pulumi.CustomResource):
|
|
1400
1308
|
Defaults to `false`.
|
1401
1309
|
:param pulumi.Input[int] last_rotation_tolerance: The number of seconds after a Vault rotation where, if Active Directory
|
1402
1310
|
shows a later rotation, it should be considered out-of-band
|
1403
|
-
:param pulumi.Input[int] length: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates.
|
1404
|
-
*Mutually exclusive with `password_policy` on vault-1.11+*
|
1405
1311
|
:param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
|
1406
1312
|
replication.Tolerance duration to use when checking the last rotation time.
|
1407
1313
|
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
|
1408
1314
|
:param pulumi.Input[int] max_ttl: In seconds, the maximum password time-to-live.
|
1409
1315
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
1410
1316
|
The value should not contain leading or trailing forward slashes.
|
1411
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1317
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1412
1318
|
*Available only for Vault Enterprise*.
|
1413
1319
|
:param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
|
1414
1320
|
:param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
|
@@ -1442,7 +1348,6 @@ class SecretBackend(pulumi.CustomResource):
|
|
1442
1348
|
"""
|
1443
1349
|
## Example Usage
|
1444
1350
|
|
1445
|
-
<!--Start PulumiCodeChooser -->
|
1446
1351
|
```python
|
1447
1352
|
import pulumi
|
1448
1353
|
import pulumi_vault as vault
|
@@ -1451,11 +1356,10 @@ class SecretBackend(pulumi.CustomResource):
|
|
1451
1356
|
backend="ad",
|
1452
1357
|
binddn="CN=Administrator,CN=Users,DC=corp,DC=example,DC=net",
|
1453
1358
|
bindpass="SuperSecretPassw0rd",
|
1454
|
-
insecure_tls=True,
|
1455
1359
|
url="ldaps://ad",
|
1360
|
+
insecure_tls=True,
|
1456
1361
|
userdn="CN=Users,DC=corp,DC=example,DC=net")
|
1457
1362
|
```
|
1458
|
-
<!--End PulumiCodeChooser -->
|
1459
1363
|
|
1460
1364
|
## Import
|
1461
1365
|
|
@@ -1493,13 +1397,11 @@ class SecretBackend(pulumi.CustomResource):
|
|
1493
1397
|
description: Optional[pulumi.Input[str]] = None,
|
1494
1398
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
1495
1399
|
discoverdn: Optional[pulumi.Input[bool]] = None,
|
1496
|
-
formatter: Optional[pulumi.Input[str]] = None,
|
1497
1400
|
groupattr: Optional[pulumi.Input[str]] = None,
|
1498
1401
|
groupdn: Optional[pulumi.Input[str]] = None,
|
1499
1402
|
groupfilter: Optional[pulumi.Input[str]] = None,
|
1500
1403
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
1501
1404
|
last_rotation_tolerance: Optional[pulumi.Input[int]] = None,
|
1502
|
-
length: Optional[pulumi.Input[int]] = None,
|
1503
1405
|
local: Optional[pulumi.Input[bool]] = None,
|
1504
1406
|
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1505
1407
|
max_ttl: Optional[pulumi.Input[int]] = None,
|
@@ -1542,13 +1444,11 @@ class SecretBackend(pulumi.CustomResource):
|
|
1542
1444
|
__props__.__dict__["description"] = description
|
1543
1445
|
__props__.__dict__["disable_remount"] = disable_remount
|
1544
1446
|
__props__.__dict__["discoverdn"] = discoverdn
|
1545
|
-
__props__.__dict__["formatter"] = formatter
|
1546
1447
|
__props__.__dict__["groupattr"] = groupattr
|
1547
1448
|
__props__.__dict__["groupdn"] = groupdn
|
1548
1449
|
__props__.__dict__["groupfilter"] = groupfilter
|
1549
1450
|
__props__.__dict__["insecure_tls"] = insecure_tls
|
1550
1451
|
__props__.__dict__["last_rotation_tolerance"] = last_rotation_tolerance
|
1551
|
-
__props__.__dict__["length"] = length
|
1552
1452
|
__props__.__dict__["local"] = local
|
1553
1453
|
__props__.__dict__["max_lease_ttl_seconds"] = max_lease_ttl_seconds
|
1554
1454
|
__props__.__dict__["max_ttl"] = max_ttl
|
@@ -1590,13 +1490,11 @@ class SecretBackend(pulumi.CustomResource):
|
|
1590
1490
|
description: Optional[pulumi.Input[str]] = None,
|
1591
1491
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
1592
1492
|
discoverdn: Optional[pulumi.Input[bool]] = None,
|
1593
|
-
formatter: Optional[pulumi.Input[str]] = None,
|
1594
1493
|
groupattr: Optional[pulumi.Input[str]] = None,
|
1595
1494
|
groupdn: Optional[pulumi.Input[str]] = None,
|
1596
1495
|
groupfilter: Optional[pulumi.Input[str]] = None,
|
1597
1496
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
1598
1497
|
last_rotation_tolerance: Optional[pulumi.Input[int]] = None,
|
1599
|
-
length: Optional[pulumi.Input[int]] = None,
|
1600
1498
|
local: Optional[pulumi.Input[bool]] = None,
|
1601
1499
|
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1602
1500
|
max_ttl: Optional[pulumi.Input[int]] = None,
|
@@ -1639,7 +1537,6 @@ class SecretBackend(pulumi.CustomResource):
|
|
1639
1537
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
1640
1538
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
1641
1539
|
:param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind Distinguished Name of a user.
|
1642
|
-
:param pulumi.Input[str] formatter: **Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".
|
1643
1540
|
:param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate
|
1644
1541
|
user group membership. Examples: `cn` or `memberOf`, etc. Defaults to `cn`.
|
1645
1542
|
:param pulumi.Input[str] groupdn: LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
|
@@ -1649,15 +1546,13 @@ class SecretBackend(pulumi.CustomResource):
|
|
1649
1546
|
Defaults to `false`.
|
1650
1547
|
:param pulumi.Input[int] last_rotation_tolerance: The number of seconds after a Vault rotation where, if Active Directory
|
1651
1548
|
shows a later rotation, it should be considered out-of-band
|
1652
|
-
:param pulumi.Input[int] length: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates.
|
1653
|
-
*Mutually exclusive with `password_policy` on vault-1.11+*
|
1654
1549
|
:param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
|
1655
1550
|
replication.Tolerance duration to use when checking the last rotation time.
|
1656
1551
|
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
|
1657
1552
|
:param pulumi.Input[int] max_ttl: In seconds, the maximum password time-to-live.
|
1658
1553
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
1659
1554
|
The value should not contain leading or trailing forward slashes.
|
1660
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1555
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1661
1556
|
*Available only for Vault Enterprise*.
|
1662
1557
|
:param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
|
1663
1558
|
:param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
|
@@ -1699,13 +1594,11 @@ class SecretBackend(pulumi.CustomResource):
|
|
1699
1594
|
__props__.__dict__["description"] = description
|
1700
1595
|
__props__.__dict__["disable_remount"] = disable_remount
|
1701
1596
|
__props__.__dict__["discoverdn"] = discoverdn
|
1702
|
-
__props__.__dict__["formatter"] = formatter
|
1703
1597
|
__props__.__dict__["groupattr"] = groupattr
|
1704
1598
|
__props__.__dict__["groupdn"] = groupdn
|
1705
1599
|
__props__.__dict__["groupfilter"] = groupfilter
|
1706
1600
|
__props__.__dict__["insecure_tls"] = insecure_tls
|
1707
1601
|
__props__.__dict__["last_rotation_tolerance"] = last_rotation_tolerance
|
1708
|
-
__props__.__dict__["length"] = length
|
1709
1602
|
__props__.__dict__["local"] = local
|
1710
1603
|
__props__.__dict__["max_lease_ttl_seconds"] = max_lease_ttl_seconds
|
1711
1604
|
__props__.__dict__["max_ttl"] = max_ttl
|
@@ -1834,17 +1727,6 @@ class SecretBackend(pulumi.CustomResource):
|
|
1834
1727
|
"""
|
1835
1728
|
return pulumi.get(self, "discoverdn")
|
1836
1729
|
|
1837
|
-
@property
|
1838
|
-
@pulumi.getter
|
1839
|
-
def formatter(self) -> pulumi.Output[str]:
|
1840
|
-
"""
|
1841
|
-
**Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".
|
1842
|
-
"""
|
1843
|
-
warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
1844
|
-
pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""")
|
1845
|
-
|
1846
|
-
return pulumi.get(self, "formatter")
|
1847
|
-
|
1848
1730
|
@property
|
1849
1731
|
@pulumi.getter
|
1850
1732
|
def groupattr(self) -> pulumi.Output[Optional[str]]:
|
@@ -1889,18 +1771,6 @@ class SecretBackend(pulumi.CustomResource):
|
|
1889
1771
|
"""
|
1890
1772
|
return pulumi.get(self, "last_rotation_tolerance")
|
1891
1773
|
|
1892
|
-
@property
|
1893
|
-
@pulumi.getter
|
1894
|
-
def length(self) -> pulumi.Output[int]:
|
1895
|
-
"""
|
1896
|
-
**Deprecated** use `password_policy`. The desired length of passwords that Vault generates.
|
1897
|
-
*Mutually exclusive with `password_policy` on vault-1.11+*
|
1898
|
-
"""
|
1899
|
-
warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning)
|
1900
|
-
pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""")
|
1901
|
-
|
1902
|
-
return pulumi.get(self, "length")
|
1903
|
-
|
1904
1774
|
@property
|
1905
1775
|
@pulumi.getter
|
1906
1776
|
def local(self) -> pulumi.Output[Optional[bool]]:
|
@@ -1932,7 +1802,7 @@ class SecretBackend(pulumi.CustomResource):
|
|
1932
1802
|
"""
|
1933
1803
|
The namespace to provision the resource in.
|
1934
1804
|
The value should not contain leading or trailing forward slashes.
|
1935
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1805
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1936
1806
|
*Available only for Vault Enterprise*.
|
1937
1807
|
"""
|
1938
1808
|
return pulumi.get(self, "namespace")
|