pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SecretRoleArgs', 'SecretRole']
@@ -28,20 +33,20 @@ class SecretRoleArgs:
28
33
  """
29
34
  The set of arguments for constructing a SecretRole resource.
30
35
  :param pulumi.Input[str] mount: Path where the MongoDB Atlas Secrets Engine is mounted.
31
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
36
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
32
37
  :param pulumi.Input[Sequence[pulumi.Input[str]]] cidr_blocks: Whitelist entry in CIDR notation to be added for the API key.
33
38
  :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: IP address to be added to the whitelist for the API key.
34
39
  :param pulumi.Input[str] max_ttl: The maximum allowed lifetime of credentials issued using this role.
35
40
  :param pulumi.Input[str] name: The name of the role.
36
41
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
37
42
  The value should not contain leading or trailing forward slashes.
38
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
43
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
39
44
  *Available only for Vault Enterprise*.
40
45
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
41
46
  Required if `project_id` is not set.
42
47
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
43
- Required if `organization_id is` not set.
44
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
48
+ Required if `organization_id` is not set.
49
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
45
50
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
46
51
  """
47
52
  pulumi.set(__self__, "mount", mount)
@@ -81,7 +86,7 @@ class SecretRoleArgs:
81
86
  @pulumi.getter
82
87
  def roles(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
83
88
  """
84
- List of roles that the API Key needs to have.
89
+ List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
85
90
  """
86
91
  return pulumi.get(self, "roles")
87
92
 
@@ -143,7 +148,7 @@ class SecretRoleArgs:
143
148
  """
144
149
  The namespace to provision the resource in.
145
150
  The value should not contain leading or trailing forward slashes.
146
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
151
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
147
152
  *Available only for Vault Enterprise*.
148
153
  """
149
154
  return pulumi.get(self, "namespace")
@@ -170,7 +175,7 @@ class SecretRoleArgs:
170
175
  def project_id(self) -> Optional[pulumi.Input[str]]:
171
176
  """
172
177
  Unique identifier for the project to which the target API Key belongs.
173
- Required if `organization_id is` not set.
178
+ Required if `organization_id` is not set.
174
179
  """
175
180
  return pulumi.get(self, "project_id")
176
181
 
@@ -182,7 +187,7 @@ class SecretRoleArgs:
182
187
  @pulumi.getter(name="projectRoles")
183
188
  def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
184
189
  """
185
- Roles assigned when an org API key is assigned to a project API key.
190
+ Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
186
191
  """
187
192
  return pulumi.get(self, "project_roles")
188
193
 
@@ -226,14 +231,14 @@ class _SecretRoleState:
226
231
  :param pulumi.Input[str] name: The name of the role.
227
232
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
228
233
  The value should not contain leading or trailing forward slashes.
229
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
234
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
230
235
  *Available only for Vault Enterprise*.
231
236
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
232
237
  Required if `project_id` is not set.
233
238
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
234
- Required if `organization_id is` not set.
235
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
236
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
239
+ Required if `organization_id` is not set.
240
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
241
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
237
242
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
238
243
  """
239
244
  if cidr_blocks is not None:
@@ -325,7 +330,7 @@ class _SecretRoleState:
325
330
  """
326
331
  The namespace to provision the resource in.
327
332
  The value should not contain leading or trailing forward slashes.
328
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
333
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
329
334
  *Available only for Vault Enterprise*.
330
335
  """
331
336
  return pulumi.get(self, "namespace")
@@ -352,7 +357,7 @@ class _SecretRoleState:
352
357
  def project_id(self) -> Optional[pulumi.Input[str]]:
353
358
  """
354
359
  Unique identifier for the project to which the target API Key belongs.
355
- Required if `organization_id is` not set.
360
+ Required if `organization_id` is not set.
356
361
  """
357
362
  return pulumi.get(self, "project_id")
358
363
 
@@ -364,7 +369,7 @@ class _SecretRoleState:
364
369
  @pulumi.getter(name="projectRoles")
365
370
  def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
366
371
  """
367
- Roles assigned when an org API key is assigned to a project API key.
372
+ Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
368
373
  """
369
374
  return pulumi.get(self, "project_roles")
370
375
 
@@ -376,7 +381,7 @@ class _SecretRoleState:
376
381
  @pulumi.getter
377
382
  def roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
378
383
  """
379
- List of roles that the API Key needs to have.
384
+ List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
380
385
  """
381
386
  return pulumi.get(self, "roles")
382
387
 
@@ -417,7 +422,6 @@ class SecretRole(pulumi.CustomResource):
417
422
  """
418
423
  ## Example Usage
419
424
 
420
- <!--Start PulumiCodeChooser -->
421
425
  ```python
422
426
  import pulumi
423
427
  import pulumi_vault as vault
@@ -427,21 +431,21 @@ class SecretRole(pulumi.CustomResource):
427
431
  type="mongodbatlas",
428
432
  description="MongoDB Atlas secret engine mount")
429
433
  config = vault.mongodbatlas.SecretBackend("config",
430
- mount="vault_mount.mongo.path",
434
+ mount=mongo.path,
431
435
  private_key="privateKey",
432
436
  public_key="publicKey")
433
437
  role = vault.mongodbatlas.SecretRole("role",
434
438
  mount=mongo.path,
439
+ name="tf-test-role",
435
440
  organization_id="7cf5a45a9ccf6400e60981b7",
436
441
  project_id="5cf5a45a9ccf6400e60981b6",
437
- roles="ORG_READ_ONLY",
442
+ roles=["ORG_READ_ONLY"],
438
443
  ip_addresses="192.168.1.5, 192.168.1.6",
439
444
  cidr_blocks="192.168.1.3/35",
440
- project_roles="GROUP_READ_ONLY",
445
+ project_roles=["GROUP_READ_ONLY"],
441
446
  ttl="60",
442
447
  max_ttl="120")
443
448
  ```
444
- <!--End PulumiCodeChooser -->
445
449
 
446
450
  ## Import
447
451
 
@@ -461,14 +465,14 @@ class SecretRole(pulumi.CustomResource):
461
465
  :param pulumi.Input[str] name: The name of the role.
462
466
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
463
467
  The value should not contain leading or trailing forward slashes.
464
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
468
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
465
469
  *Available only for Vault Enterprise*.
466
470
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
467
471
  Required if `project_id` is not set.
468
472
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
469
- Required if `organization_id is` not set.
470
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
471
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
473
+ Required if `organization_id` is not set.
474
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
475
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
472
476
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
473
477
  """
474
478
  ...
@@ -480,7 +484,6 @@ class SecretRole(pulumi.CustomResource):
480
484
  """
481
485
  ## Example Usage
482
486
 
483
- <!--Start PulumiCodeChooser -->
484
487
  ```python
485
488
  import pulumi
486
489
  import pulumi_vault as vault
@@ -490,21 +493,21 @@ class SecretRole(pulumi.CustomResource):
490
493
  type="mongodbatlas",
491
494
  description="MongoDB Atlas secret engine mount")
492
495
  config = vault.mongodbatlas.SecretBackend("config",
493
- mount="vault_mount.mongo.path",
496
+ mount=mongo.path,
494
497
  private_key="privateKey",
495
498
  public_key="publicKey")
496
499
  role = vault.mongodbatlas.SecretRole("role",
497
500
  mount=mongo.path,
501
+ name="tf-test-role",
498
502
  organization_id="7cf5a45a9ccf6400e60981b7",
499
503
  project_id="5cf5a45a9ccf6400e60981b6",
500
- roles="ORG_READ_ONLY",
504
+ roles=["ORG_READ_ONLY"],
501
505
  ip_addresses="192.168.1.5, 192.168.1.6",
502
506
  cidr_blocks="192.168.1.3/35",
503
- project_roles="GROUP_READ_ONLY",
507
+ project_roles=["GROUP_READ_ONLY"],
504
508
  ttl="60",
505
509
  max_ttl="120")
506
510
  ```
507
- <!--End PulumiCodeChooser -->
508
511
 
509
512
  ## Import
510
513
 
@@ -600,14 +603,14 @@ class SecretRole(pulumi.CustomResource):
600
603
  :param pulumi.Input[str] name: The name of the role.
601
604
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
602
605
  The value should not contain leading or trailing forward slashes.
603
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
606
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
604
607
  *Available only for Vault Enterprise*.
605
608
  :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
606
609
  Required if `project_id` is not set.
607
610
  :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
608
- Required if `organization_id is` not set.
609
- :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
610
- :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
611
+ Required if `organization_id` is not set.
612
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
613
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
611
614
  :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
612
615
  """
613
616
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -673,7 +676,7 @@ class SecretRole(pulumi.CustomResource):
673
676
  """
674
677
  The namespace to provision the resource in.
675
678
  The value should not contain leading or trailing forward slashes.
676
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
679
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
677
680
  *Available only for Vault Enterprise*.
678
681
  """
679
682
  return pulumi.get(self, "namespace")
@@ -692,7 +695,7 @@ class SecretRole(pulumi.CustomResource):
692
695
  def project_id(self) -> pulumi.Output[Optional[str]]:
693
696
  """
694
697
  Unique identifier for the project to which the target API Key belongs.
695
- Required if `organization_id is` not set.
698
+ Required if `organization_id` is not set.
696
699
  """
697
700
  return pulumi.get(self, "project_id")
698
701
 
@@ -700,7 +703,7 @@ class SecretRole(pulumi.CustomResource):
700
703
  @pulumi.getter(name="projectRoles")
701
704
  def project_roles(self) -> pulumi.Output[Optional[Sequence[str]]]:
702
705
  """
703
- Roles assigned when an org API key is assigned to a project API key.
706
+ Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
704
707
  """
705
708
  return pulumi.get(self, "project_roles")
706
709
 
@@ -708,7 +711,7 @@ class SecretRole(pulumi.CustomResource):
708
711
  @pulumi.getter
709
712
  def roles(self) -> pulumi.Output[Sequence[str]]:
710
713
  """
711
- List of roles that the API Key needs to have.
714
+ List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
712
715
  """
713
716
  return pulumi.get(self, "roles")
714
717