pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -0,0 +1,226 @@
|
|
1
|
+
# coding=utf-8
|
2
|
+
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
|
+
|
5
|
+
import copy
|
6
|
+
import warnings
|
7
|
+
import sys
|
8
|
+
import pulumi
|
9
|
+
import pulumi.runtime
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
15
|
+
from . import _utilities
|
16
|
+
|
17
|
+
__all__ = [
|
18
|
+
'GetNamespaceResult',
|
19
|
+
'AwaitableGetNamespaceResult',
|
20
|
+
'get_namespace',
|
21
|
+
'get_namespace_output',
|
22
|
+
]
|
23
|
+
|
24
|
+
@pulumi.output_type
|
25
|
+
class GetNamespaceResult:
|
26
|
+
"""
|
27
|
+
A collection of values returned by getNamespace.
|
28
|
+
"""
|
29
|
+
def __init__(__self__, custom_metadata=None, id=None, namespace=None, namespace_id=None, path=None, path_fq=None):
|
30
|
+
if custom_metadata and not isinstance(custom_metadata, dict):
|
31
|
+
raise TypeError("Expected argument 'custom_metadata' to be a dict")
|
32
|
+
pulumi.set(__self__, "custom_metadata", custom_metadata)
|
33
|
+
if id and not isinstance(id, str):
|
34
|
+
raise TypeError("Expected argument 'id' to be a str")
|
35
|
+
pulumi.set(__self__, "id", id)
|
36
|
+
if namespace and not isinstance(namespace, str):
|
37
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
38
|
+
pulumi.set(__self__, "namespace", namespace)
|
39
|
+
if namespace_id and not isinstance(namespace_id, str):
|
40
|
+
raise TypeError("Expected argument 'namespace_id' to be a str")
|
41
|
+
pulumi.set(__self__, "namespace_id", namespace_id)
|
42
|
+
if path and not isinstance(path, str):
|
43
|
+
raise TypeError("Expected argument 'path' to be a str")
|
44
|
+
pulumi.set(__self__, "path", path)
|
45
|
+
if path_fq and not isinstance(path_fq, str):
|
46
|
+
raise TypeError("Expected argument 'path_fq' to be a str")
|
47
|
+
pulumi.set(__self__, "path_fq", path_fq)
|
48
|
+
|
49
|
+
@property
|
50
|
+
@pulumi.getter(name="customMetadata")
|
51
|
+
def custom_metadata(self) -> Mapping[str, str]:
|
52
|
+
"""
|
53
|
+
(Optional) A map of strings containing arbitrary metadata for the namespace.
|
54
|
+
Only fetched if `path` is specified.
|
55
|
+
*Requires Vault 1.12+.*
|
56
|
+
"""
|
57
|
+
return pulumi.get(self, "custom_metadata")
|
58
|
+
|
59
|
+
@property
|
60
|
+
@pulumi.getter
|
61
|
+
def id(self) -> str:
|
62
|
+
"""
|
63
|
+
The provider-assigned unique ID for this managed resource.
|
64
|
+
"""
|
65
|
+
return pulumi.get(self, "id")
|
66
|
+
|
67
|
+
@property
|
68
|
+
@pulumi.getter
|
69
|
+
def namespace(self) -> Optional[str]:
|
70
|
+
return pulumi.get(self, "namespace")
|
71
|
+
|
72
|
+
@property
|
73
|
+
@pulumi.getter(name="namespaceId")
|
74
|
+
def namespace_id(self) -> str:
|
75
|
+
"""
|
76
|
+
Vault server's internal ID of the namespace.
|
77
|
+
Only fetched if `path` is specified.
|
78
|
+
"""
|
79
|
+
return pulumi.get(self, "namespace_id")
|
80
|
+
|
81
|
+
@property
|
82
|
+
@pulumi.getter
|
83
|
+
def path(self) -> Optional[str]:
|
84
|
+
return pulumi.get(self, "path")
|
85
|
+
|
86
|
+
@property
|
87
|
+
@pulumi.getter(name="pathFq")
|
88
|
+
def path_fq(self) -> str:
|
89
|
+
"""
|
90
|
+
The fully qualified path to the namespace. Useful when provisioning resources in a child `namespace`.
|
91
|
+
The path is relative to the provider's `namespace` argument.
|
92
|
+
"""
|
93
|
+
return pulumi.get(self, "path_fq")
|
94
|
+
|
95
|
+
|
96
|
+
class AwaitableGetNamespaceResult(GetNamespaceResult):
|
97
|
+
# pylint: disable=using-constant-test
|
98
|
+
def __await__(self):
|
99
|
+
if False:
|
100
|
+
yield self
|
101
|
+
return GetNamespaceResult(
|
102
|
+
custom_metadata=self.custom_metadata,
|
103
|
+
id=self.id,
|
104
|
+
namespace=self.namespace,
|
105
|
+
namespace_id=self.namespace_id,
|
106
|
+
path=self.path,
|
107
|
+
path_fq=self.path_fq)
|
108
|
+
|
109
|
+
|
110
|
+
def get_namespace(namespace: Optional[str] = None,
|
111
|
+
path: Optional[str] = None,
|
112
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetNamespaceResult:
|
113
|
+
"""
|
114
|
+
## Example Usage
|
115
|
+
|
116
|
+
### Current namespace
|
117
|
+
|
118
|
+
```python
|
119
|
+
import pulumi
|
120
|
+
import pulumi_vault as vault
|
121
|
+
|
122
|
+
current = vault.get_namespace()
|
123
|
+
```
|
124
|
+
|
125
|
+
### Single namespace
|
126
|
+
|
127
|
+
```python
|
128
|
+
import pulumi
|
129
|
+
import pulumi_vault as vault
|
130
|
+
|
131
|
+
ns1 = vault.get_namespace(path="ns1")
|
132
|
+
```
|
133
|
+
|
134
|
+
### Nested namespace
|
135
|
+
|
136
|
+
```python
|
137
|
+
import pulumi
|
138
|
+
import pulumi_vault as vault
|
139
|
+
|
140
|
+
child = vault.get_namespace(namespace="parent",
|
141
|
+
path="child")
|
142
|
+
full_path = child.id
|
143
|
+
# -> foo/parent/child/
|
144
|
+
path_fq = child.path_fq
|
145
|
+
```
|
146
|
+
|
147
|
+
|
148
|
+
:param str namespace: The namespace to provision the resource in.
|
149
|
+
The value should not contain leading or trailing forward slashes.
|
150
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
151
|
+
:param str path: The path of the namespace. Must not have a trailing `/`.
|
152
|
+
If not specified or empty, path attributes are set for the current namespace
|
153
|
+
based on the `namespace` arguments of the provider and this data source.
|
154
|
+
Other path related attributes will be empty in this case.
|
155
|
+
"""
|
156
|
+
__args__ = dict()
|
157
|
+
__args__['namespace'] = namespace
|
158
|
+
__args__['path'] = path
|
159
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
160
|
+
__ret__ = pulumi.runtime.invoke('vault:index/getNamespace:getNamespace', __args__, opts=opts, typ=GetNamespaceResult).value
|
161
|
+
|
162
|
+
return AwaitableGetNamespaceResult(
|
163
|
+
custom_metadata=pulumi.get(__ret__, 'custom_metadata'),
|
164
|
+
id=pulumi.get(__ret__, 'id'),
|
165
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
166
|
+
namespace_id=pulumi.get(__ret__, 'namespace_id'),
|
167
|
+
path=pulumi.get(__ret__, 'path'),
|
168
|
+
path_fq=pulumi.get(__ret__, 'path_fq'))
|
169
|
+
def get_namespace_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
170
|
+
path: Optional[pulumi.Input[Optional[str]]] = None,
|
171
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetNamespaceResult]:
|
172
|
+
"""
|
173
|
+
## Example Usage
|
174
|
+
|
175
|
+
### Current namespace
|
176
|
+
|
177
|
+
```python
|
178
|
+
import pulumi
|
179
|
+
import pulumi_vault as vault
|
180
|
+
|
181
|
+
current = vault.get_namespace()
|
182
|
+
```
|
183
|
+
|
184
|
+
### Single namespace
|
185
|
+
|
186
|
+
```python
|
187
|
+
import pulumi
|
188
|
+
import pulumi_vault as vault
|
189
|
+
|
190
|
+
ns1 = vault.get_namespace(path="ns1")
|
191
|
+
```
|
192
|
+
|
193
|
+
### Nested namespace
|
194
|
+
|
195
|
+
```python
|
196
|
+
import pulumi
|
197
|
+
import pulumi_vault as vault
|
198
|
+
|
199
|
+
child = vault.get_namespace(namespace="parent",
|
200
|
+
path="child")
|
201
|
+
full_path = child.id
|
202
|
+
# -> foo/parent/child/
|
203
|
+
path_fq = child.path_fq
|
204
|
+
```
|
205
|
+
|
206
|
+
|
207
|
+
:param str namespace: The namespace to provision the resource in.
|
208
|
+
The value should not contain leading or trailing forward slashes.
|
209
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
210
|
+
:param str path: The path of the namespace. Must not have a trailing `/`.
|
211
|
+
If not specified or empty, path attributes are set for the current namespace
|
212
|
+
based on the `namespace` arguments of the provider and this data source.
|
213
|
+
Other path related attributes will be empty in this case.
|
214
|
+
"""
|
215
|
+
__args__ = dict()
|
216
|
+
__args__['namespace'] = namespace
|
217
|
+
__args__['path'] = path
|
218
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
219
|
+
__ret__ = pulumi.runtime.invoke_output('vault:index/getNamespace:getNamespace', __args__, opts=opts, typ=GetNamespaceResult)
|
220
|
+
return __ret__.apply(lambda __response__: GetNamespaceResult(
|
221
|
+
custom_metadata=pulumi.get(__response__, 'custom_metadata'),
|
222
|
+
id=pulumi.get(__response__, 'id'),
|
223
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
224
|
+
namespace_id=pulumi.get(__response__, 'namespace_id'),
|
225
|
+
path=pulumi.get(__response__, 'path'),
|
226
|
+
path_fq=pulumi.get(__response__, 'path_fq')))
|
@@ -0,0 +1,153 @@
|
|
1
|
+
# coding=utf-8
|
2
|
+
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
|
+
|
5
|
+
import copy
|
6
|
+
import warnings
|
7
|
+
import sys
|
8
|
+
import pulumi
|
9
|
+
import pulumi.runtime
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
15
|
+
from . import _utilities
|
16
|
+
|
17
|
+
__all__ = [
|
18
|
+
'GetNamespacesResult',
|
19
|
+
'AwaitableGetNamespacesResult',
|
20
|
+
'get_namespaces',
|
21
|
+
'get_namespaces_output',
|
22
|
+
]
|
23
|
+
|
24
|
+
@pulumi.output_type
|
25
|
+
class GetNamespacesResult:
|
26
|
+
"""
|
27
|
+
A collection of values returned by getNamespaces.
|
28
|
+
"""
|
29
|
+
def __init__(__self__, id=None, namespace=None, paths=None):
|
30
|
+
if id and not isinstance(id, str):
|
31
|
+
raise TypeError("Expected argument 'id' to be a str")
|
32
|
+
pulumi.set(__self__, "id", id)
|
33
|
+
if namespace and not isinstance(namespace, str):
|
34
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
35
|
+
pulumi.set(__self__, "namespace", namespace)
|
36
|
+
if paths and not isinstance(paths, list):
|
37
|
+
raise TypeError("Expected argument 'paths' to be a list")
|
38
|
+
pulumi.set(__self__, "paths", paths)
|
39
|
+
|
40
|
+
@property
|
41
|
+
@pulumi.getter
|
42
|
+
def id(self) -> str:
|
43
|
+
"""
|
44
|
+
The provider-assigned unique ID for this managed resource.
|
45
|
+
"""
|
46
|
+
return pulumi.get(self, "id")
|
47
|
+
|
48
|
+
@property
|
49
|
+
@pulumi.getter
|
50
|
+
def namespace(self) -> Optional[str]:
|
51
|
+
return pulumi.get(self, "namespace")
|
52
|
+
|
53
|
+
@property
|
54
|
+
@pulumi.getter
|
55
|
+
def paths(self) -> Sequence[str]:
|
56
|
+
"""
|
57
|
+
Set of the paths of direct child namespaces.
|
58
|
+
"""
|
59
|
+
return pulumi.get(self, "paths")
|
60
|
+
|
61
|
+
|
62
|
+
class AwaitableGetNamespacesResult(GetNamespacesResult):
|
63
|
+
# pylint: disable=using-constant-test
|
64
|
+
def __await__(self):
|
65
|
+
if False:
|
66
|
+
yield self
|
67
|
+
return GetNamespacesResult(
|
68
|
+
id=self.id,
|
69
|
+
namespace=self.namespace,
|
70
|
+
paths=self.paths)
|
71
|
+
|
72
|
+
|
73
|
+
def get_namespaces(namespace: Optional[str] = None,
|
74
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetNamespacesResult:
|
75
|
+
"""
|
76
|
+
## Example Usage
|
77
|
+
|
78
|
+
### Child namespaces
|
79
|
+
|
80
|
+
```python
|
81
|
+
import pulumi
|
82
|
+
import pulumi_vault as vault
|
83
|
+
|
84
|
+
children = vault.get_namespaces()
|
85
|
+
```
|
86
|
+
|
87
|
+
### Nested namespace
|
88
|
+
|
89
|
+
To fetch the details of nested namespaces:
|
90
|
+
|
91
|
+
```python
|
92
|
+
import pulumi
|
93
|
+
import pulumi_vault as vault
|
94
|
+
|
95
|
+
children = vault.get_namespaces(namespace="parent")
|
96
|
+
child = {__key: vault.get_namespace(namespace=children.namespace,
|
97
|
+
path=__key) for __key, __value in children.paths}
|
98
|
+
```
|
99
|
+
|
100
|
+
|
101
|
+
:param str namespace: The namespace to provision the resource in.
|
102
|
+
The value should not contain leading or trailing forward slashes.
|
103
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
104
|
+
"""
|
105
|
+
__args__ = dict()
|
106
|
+
__args__['namespace'] = namespace
|
107
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
108
|
+
__ret__ = pulumi.runtime.invoke('vault:index/getNamespaces:getNamespaces', __args__, opts=opts, typ=GetNamespacesResult).value
|
109
|
+
|
110
|
+
return AwaitableGetNamespacesResult(
|
111
|
+
id=pulumi.get(__ret__, 'id'),
|
112
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
113
|
+
paths=pulumi.get(__ret__, 'paths'))
|
114
|
+
def get_namespaces_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
115
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetNamespacesResult]:
|
116
|
+
"""
|
117
|
+
## Example Usage
|
118
|
+
|
119
|
+
### Child namespaces
|
120
|
+
|
121
|
+
```python
|
122
|
+
import pulumi
|
123
|
+
import pulumi_vault as vault
|
124
|
+
|
125
|
+
children = vault.get_namespaces()
|
126
|
+
```
|
127
|
+
|
128
|
+
### Nested namespace
|
129
|
+
|
130
|
+
To fetch the details of nested namespaces:
|
131
|
+
|
132
|
+
```python
|
133
|
+
import pulumi
|
134
|
+
import pulumi_vault as vault
|
135
|
+
|
136
|
+
children = vault.get_namespaces(namespace="parent")
|
137
|
+
child = {__key: vault.get_namespace(namespace=children.namespace,
|
138
|
+
path=__key) for __key, __value in children.paths}
|
139
|
+
```
|
140
|
+
|
141
|
+
|
142
|
+
:param str namespace: The namespace to provision the resource in.
|
143
|
+
The value should not contain leading or trailing forward slashes.
|
144
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
145
|
+
"""
|
146
|
+
__args__ = dict()
|
147
|
+
__args__['namespace'] = namespace
|
148
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
149
|
+
__ret__ = pulumi.runtime.invoke_output('vault:index/getNamespaces:getNamespaces', __args__, opts=opts, typ=GetNamespacesResult)
|
150
|
+
return __ret__.apply(lambda __response__: GetNamespacesResult(
|
151
|
+
id=pulumi.get(__response__, 'id'),
|
152
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
153
|
+
paths=pulumi.get(__response__, 'paths')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from . import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -103,7 +108,6 @@ def get_nomad_access_token(backend: Optional[str] = None,
|
|
103
108
|
"""
|
104
109
|
## Example Usage
|
105
110
|
|
106
|
-
<!--Start PulumiCodeChooser -->
|
107
111
|
```python
|
108
112
|
import pulumi
|
109
113
|
import pulumi_vault as vault
|
@@ -120,17 +124,19 @@ def get_nomad_access_token(backend: Optional[str] = None,
|
|
120
124
|
role="test",
|
121
125
|
type="client",
|
122
126
|
policies=["readonly"])
|
123
|
-
token = pulumi.Output.all(
|
124
|
-
|
127
|
+
token = pulumi.Output.all(
|
128
|
+
backend=config.backend,
|
129
|
+
role=test.role
|
130
|
+
).apply(lambda resolved_outputs: vault.get_nomad_access_token_output(backend=resolved_outputs['backend'],
|
131
|
+
role=resolved_outputs['role']))
|
125
132
|
```
|
126
|
-
<!--End PulumiCodeChooser -->
|
127
133
|
|
128
134
|
|
129
135
|
:param str backend: The path to the Nomad secret backend to
|
130
136
|
read credentials from, with no leading or trailing `/`s.
|
131
137
|
:param str namespace: The namespace of the target resource.
|
132
138
|
The value should not contain leading or trailing forward slashes.
|
133
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
139
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
134
140
|
*Available only for Vault Enterprise*.
|
135
141
|
:param str role: The name of the Nomad secret backend role to generate
|
136
142
|
a token for, with no leading or trailing `/`s.
|
@@ -149,17 +155,13 @@ def get_nomad_access_token(backend: Optional[str] = None,
|
|
149
155
|
namespace=pulumi.get(__ret__, 'namespace'),
|
150
156
|
role=pulumi.get(__ret__, 'role'),
|
151
157
|
secret_id=pulumi.get(__ret__, 'secret_id'))
|
152
|
-
|
153
|
-
|
154
|
-
@_utilities.lift_output_func(get_nomad_access_token)
|
155
158
|
def get_nomad_access_token_output(backend: Optional[pulumi.Input[str]] = None,
|
156
159
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
157
160
|
role: Optional[pulumi.Input[str]] = None,
|
158
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetNomadAccessTokenResult]:
|
161
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetNomadAccessTokenResult]:
|
159
162
|
"""
|
160
163
|
## Example Usage
|
161
164
|
|
162
|
-
<!--Start PulumiCodeChooser -->
|
163
165
|
```python
|
164
166
|
import pulumi
|
165
167
|
import pulumi_vault as vault
|
@@ -176,19 +178,33 @@ def get_nomad_access_token_output(backend: Optional[pulumi.Input[str]] = None,
|
|
176
178
|
role="test",
|
177
179
|
type="client",
|
178
180
|
policies=["readonly"])
|
179
|
-
token = pulumi.Output.all(
|
180
|
-
|
181
|
+
token = pulumi.Output.all(
|
182
|
+
backend=config.backend,
|
183
|
+
role=test.role
|
184
|
+
).apply(lambda resolved_outputs: vault.get_nomad_access_token_output(backend=resolved_outputs['backend'],
|
185
|
+
role=resolved_outputs['role']))
|
181
186
|
```
|
182
|
-
<!--End PulumiCodeChooser -->
|
183
187
|
|
184
188
|
|
185
189
|
:param str backend: The path to the Nomad secret backend to
|
186
190
|
read credentials from, with no leading or trailing `/`s.
|
187
191
|
:param str namespace: The namespace of the target resource.
|
188
192
|
The value should not contain leading or trailing forward slashes.
|
189
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
193
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
190
194
|
*Available only for Vault Enterprise*.
|
191
195
|
:param str role: The name of the Nomad secret backend role to generate
|
192
196
|
a token for, with no leading or trailing `/`s.
|
193
197
|
"""
|
194
|
-
|
198
|
+
__args__ = dict()
|
199
|
+
__args__['backend'] = backend
|
200
|
+
__args__['namespace'] = namespace
|
201
|
+
__args__['role'] = role
|
202
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
203
|
+
__ret__ = pulumi.runtime.invoke_output('vault:index/getNomadAccessToken:getNomadAccessToken', __args__, opts=opts, typ=GetNomadAccessTokenResult)
|
204
|
+
return __ret__.apply(lambda __response__: GetNomadAccessTokenResult(
|
205
|
+
accessor_id=pulumi.get(__response__, 'accessor_id'),
|
206
|
+
backend=pulumi.get(__response__, 'backend'),
|
207
|
+
id=pulumi.get(__response__, 'id'),
|
208
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
209
|
+
role=pulumi.get(__response__, 'role'),
|
210
|
+
secret_id=pulumi.get(__response__, 'secret_id')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from . import _utilities
|
11
16
|
from . import outputs
|
12
17
|
from ._inputs import *
|
@@ -77,32 +82,32 @@ class AwaitableGetPolicyDocumentResult(GetPolicyDocumentResult):
|
|
77
82
|
|
78
83
|
|
79
84
|
def get_policy_document(namespace: Optional[str] = None,
|
80
|
-
rules: Optional[Sequence[
|
85
|
+
rules: Optional[Sequence[Union['GetPolicyDocumentRuleArgs', 'GetPolicyDocumentRuleArgsDict']]] = None,
|
81
86
|
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetPolicyDocumentResult:
|
82
87
|
"""
|
83
88
|
This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `Policy` resource.
|
84
89
|
|
85
90
|
## Example Usage
|
86
91
|
|
87
|
-
<!--Start PulumiCodeChooser -->
|
88
92
|
```python
|
89
93
|
import pulumi
|
90
94
|
import pulumi_vault as vault
|
91
95
|
|
92
|
-
|
93
|
-
path
|
94
|
-
capabilities
|
96
|
+
example = vault.get_policy_document(rules=[{
|
97
|
+
"path": "secret/*",
|
98
|
+
"capabilities": [
|
95
99
|
"create",
|
96
100
|
"read",
|
97
101
|
"update",
|
98
102
|
"delete",
|
99
103
|
"list",
|
100
104
|
],
|
101
|
-
description
|
102
|
-
|
103
|
-
example_policy = vault.Policy("
|
105
|
+
"description": "allow all on secrets",
|
106
|
+
}])
|
107
|
+
example_policy = vault.Policy("example",
|
108
|
+
name="example_policy",
|
109
|
+
policy=example.hcl)
|
104
110
|
```
|
105
|
-
<!--End PulumiCodeChooser -->
|
106
111
|
"""
|
107
112
|
__args__ = dict()
|
108
113
|
__args__['namespace'] = namespace
|
@@ -115,35 +120,41 @@ def get_policy_document(namespace: Optional[str] = None,
|
|
115
120
|
id=pulumi.get(__ret__, 'id'),
|
116
121
|
namespace=pulumi.get(__ret__, 'namespace'),
|
117
122
|
rules=pulumi.get(__ret__, 'rules'))
|
118
|
-
|
119
|
-
|
120
|
-
@_utilities.lift_output_func(get_policy_document)
|
121
123
|
def get_policy_document_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
122
|
-
rules: Optional[pulumi.Input[Optional[Sequence[
|
123
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetPolicyDocumentResult]:
|
124
|
+
rules: Optional[pulumi.Input[Optional[Sequence[Union['GetPolicyDocumentRuleArgs', 'GetPolicyDocumentRuleArgsDict']]]]] = None,
|
125
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetPolicyDocumentResult]:
|
124
126
|
"""
|
125
127
|
This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `Policy` resource.
|
126
128
|
|
127
129
|
## Example Usage
|
128
130
|
|
129
|
-
<!--Start PulumiCodeChooser -->
|
130
131
|
```python
|
131
132
|
import pulumi
|
132
133
|
import pulumi_vault as vault
|
133
134
|
|
134
|
-
|
135
|
-
path
|
136
|
-
capabilities
|
135
|
+
example = vault.get_policy_document(rules=[{
|
136
|
+
"path": "secret/*",
|
137
|
+
"capabilities": [
|
137
138
|
"create",
|
138
139
|
"read",
|
139
140
|
"update",
|
140
141
|
"delete",
|
141
142
|
"list",
|
142
143
|
],
|
143
|
-
description
|
144
|
-
|
145
|
-
example_policy = vault.Policy("
|
144
|
+
"description": "allow all on secrets",
|
145
|
+
}])
|
146
|
+
example_policy = vault.Policy("example",
|
147
|
+
name="example_policy",
|
148
|
+
policy=example.hcl)
|
146
149
|
```
|
147
|
-
<!--End PulumiCodeChooser -->
|
148
150
|
"""
|
149
|
-
|
151
|
+
__args__ = dict()
|
152
|
+
__args__['namespace'] = namespace
|
153
|
+
__args__['rules'] = rules
|
154
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
155
|
+
__ret__ = pulumi.runtime.invoke_output('vault:index/getPolicyDocument:getPolicyDocument', __args__, opts=opts, typ=GetPolicyDocumentResult)
|
156
|
+
return __ret__.apply(lambda __response__: GetPolicyDocumentResult(
|
157
|
+
hcl=pulumi.get(__response__, 'hcl'),
|
158
|
+
id=pulumi.get(__response__, 'id'),
|
159
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
160
|
+
rules=pulumi.get(__response__, 'rules')))
|