PyPI - pulumi-vault - Versions diffs - 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl - Mend

pulumi-vault 5.21.0a1710160723py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (229) hide show

pulumi_vault/__init__.py +52 -0
pulumi_vault/_inputs.py +560 -0
pulumi_vault/_utilities.py +41 -5
pulumi_vault/ad/get_access_credentials.py +22 -7
pulumi_vault/ad/secret_backend.py +14 -144
pulumi_vault/ad/secret_library.py +14 -11
pulumi_vault/ad/secret_role.py +12 -11
pulumi_vault/alicloud/auth_backend_role.py +74 -192
pulumi_vault/approle/auth_backend_login.py +12 -11
pulumi_vault/approle/auth_backend_role.py +75 -193
pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
pulumi_vault/audit.py +24 -27
pulumi_vault/audit_request_header.py +11 -6
pulumi_vault/auth_backend.py +64 -12
pulumi_vault/aws/auth_backend_cert.py +12 -7
pulumi_vault/aws/auth_backend_client.py +265 -24
pulumi_vault/aws/auth_backend_config_identity.py +12 -11
pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
pulumi_vault/aws/auth_backend_login.py +19 -22
pulumi_vault/aws/auth_backend_role.py +75 -193
pulumi_vault/aws/auth_backend_role_tag.py +12 -7
pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
pulumi_vault/aws/auth_backend_sts_role.py +12 -11
pulumi_vault/aws/get_access_credentials.py +34 -7
pulumi_vault/aws/get_static_access_credentials.py +19 -5
pulumi_vault/aws/secret_backend.py +75 -7
pulumi_vault/aws/secret_backend_role.py +183 -11
pulumi_vault/aws/secret_backend_static_role.py +14 -11
pulumi_vault/azure/_inputs.py +24 -0
pulumi_vault/azure/auth_backend_config.py +151 -17
pulumi_vault/azure/auth_backend_role.py +75 -193
pulumi_vault/azure/backend.py +223 -29
pulumi_vault/azure/backend_role.py +42 -41
pulumi_vault/azure/get_access_credentials.py +39 -11
pulumi_vault/azure/outputs.py +5 -0
pulumi_vault/cert_auth_backend_role.py +87 -271
pulumi_vault/config/__init__.pyi +5 -0
pulumi_vault/config/_inputs.py +73 -0
pulumi_vault/config/outputs.py +35 -0
pulumi_vault/config/ui_custom_message.py +529 -0
pulumi_vault/config/vars.py +5 -0
pulumi_vault/consul/secret_backend.py +22 -25
pulumi_vault/consul/secret_backend_role.py +14 -80
pulumi_vault/database/_inputs.py +2770 -881
pulumi_vault/database/outputs.py +721 -838
pulumi_vault/database/secret_backend_connection.py +117 -114
pulumi_vault/database/secret_backend_role.py +29 -24
pulumi_vault/database/secret_backend_static_role.py +85 -15
pulumi_vault/database/secrets_mount.py +425 -138
pulumi_vault/egp_policy.py +16 -15
pulumi_vault/gcp/_inputs.py +111 -0
pulumi_vault/gcp/auth_backend.py +248 -35
pulumi_vault/gcp/auth_backend_role.py +75 -271
pulumi_vault/gcp/get_auth_backend_role.py +43 -9
pulumi_vault/gcp/outputs.py +5 -0
pulumi_vault/gcp/secret_backend.py +287 -16
pulumi_vault/gcp/secret_impersonated_account.py +74 -17
pulumi_vault/gcp/secret_roleset.py +29 -26
pulumi_vault/gcp/secret_static_account.py +37 -34
pulumi_vault/generic/endpoint.py +22 -21
pulumi_vault/generic/get_secret.py +68 -12
pulumi_vault/generic/secret.py +19 -14
pulumi_vault/get_auth_backend.py +24 -11
pulumi_vault/get_auth_backends.py +33 -11
pulumi_vault/get_namespace.py +226 -0
pulumi_vault/get_namespaces.py +153 -0
pulumi_vault/get_nomad_access_token.py +31 -15
pulumi_vault/get_policy_document.py +34 -23
pulumi_vault/get_raft_autopilot_state.py +29 -14
pulumi_vault/github/_inputs.py +55 -0
pulumi_vault/github/auth_backend.py +17 -16
pulumi_vault/github/outputs.py +5 -0
pulumi_vault/github/team.py +14 -13
pulumi_vault/github/user.py +14 -13
pulumi_vault/identity/entity.py +18 -15
pulumi_vault/identity/entity_alias.py +18 -15
pulumi_vault/identity/entity_policies.py +24 -19
pulumi_vault/identity/get_entity.py +40 -14
pulumi_vault/identity/get_group.py +45 -13
pulumi_vault/identity/get_oidc_client_creds.py +21 -11
pulumi_vault/identity/get_oidc_openid_config.py +39 -13
pulumi_vault/identity/get_oidc_public_keys.py +29 -14
pulumi_vault/identity/group.py +50 -49
pulumi_vault/identity/group_alias.py +14 -11
pulumi_vault/identity/group_member_entity_ids.py +24 -74
pulumi_vault/identity/group_member_group_ids.py +36 -27
pulumi_vault/identity/group_policies.py +16 -15
pulumi_vault/identity/mfa_duo.py +9 -8
pulumi_vault/identity/mfa_login_enforcement.py +13 -8
pulumi_vault/identity/mfa_okta.py +9 -8
pulumi_vault/identity/mfa_pingid.py +5 -4
pulumi_vault/identity/mfa_totp.py +5 -4
pulumi_vault/identity/oidc.py +12 -11
pulumi_vault/identity/oidc_assignment.py +22 -13
pulumi_vault/identity/oidc_client.py +34 -25
pulumi_vault/identity/oidc_key.py +28 -19
pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
pulumi_vault/identity/oidc_provider.py +34 -23
pulumi_vault/identity/oidc_role.py +40 -27
pulumi_vault/identity/oidc_scope.py +18 -15
pulumi_vault/identity/outputs.py +8 -3
pulumi_vault/jwt/_inputs.py +55 -0
pulumi_vault/jwt/auth_backend.py +39 -46
pulumi_vault/jwt/auth_backend_role.py +131 -260
pulumi_vault/jwt/outputs.py +5 -0
pulumi_vault/kmip/secret_backend.py +22 -21
pulumi_vault/kmip/secret_role.py +12 -11
pulumi_vault/kmip/secret_scope.py +12 -11
pulumi_vault/kubernetes/auth_backend_config.py +55 -7
pulumi_vault/kubernetes/auth_backend_role.py +68 -179
pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
pulumi_vault/kubernetes/get_service_account_token.py +39 -15
pulumi_vault/kubernetes/secret_backend.py +314 -29
pulumi_vault/kubernetes/secret_backend_role.py +135 -56
pulumi_vault/kv/_inputs.py +36 -4
pulumi_vault/kv/get_secret.py +23 -12
pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
pulumi_vault/kv/get_secret_v2.py +89 -9
pulumi_vault/kv/get_secrets_list.py +22 -15
pulumi_vault/kv/get_secrets_list_v2.py +35 -19
pulumi_vault/kv/outputs.py +8 -3
pulumi_vault/kv/secret.py +19 -18
pulumi_vault/kv/secret_backend_v2.py +12 -11
pulumi_vault/kv/secret_v2.py +55 -52
pulumi_vault/ldap/auth_backend.py +125 -168
pulumi_vault/ldap/auth_backend_group.py +12 -11
pulumi_vault/ldap/auth_backend_user.py +12 -11
pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
pulumi_vault/ldap/get_static_credentials.py +24 -5
pulumi_vault/ldap/secret_backend.py +352 -84
pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
pulumi_vault/ldap/secret_backend_library_set.py +14 -11
pulumi_vault/ldap/secret_backend_static_role.py +67 -12
pulumi_vault/managed/_inputs.py +289 -132
pulumi_vault/managed/keys.py +27 -43
pulumi_vault/managed/outputs.py +89 -132
pulumi_vault/mfa_duo.py +16 -13
pulumi_vault/mfa_okta.py +16 -13
pulumi_vault/mfa_pingid.py +16 -13
pulumi_vault/mfa_totp.py +22 -19
pulumi_vault/mongodbatlas/secret_backend.py +18 -17
pulumi_vault/mongodbatlas/secret_role.py +41 -38
pulumi_vault/mount.py +389 -65
pulumi_vault/namespace.py +26 -21
pulumi_vault/nomad_secret_backend.py +16 -15
pulumi_vault/nomad_secret_role.py +12 -11
pulumi_vault/okta/_inputs.py +47 -8
pulumi_vault/okta/auth_backend.py +483 -41
pulumi_vault/okta/auth_backend_group.py +12 -11
pulumi_vault/okta/auth_backend_user.py +12 -11
pulumi_vault/okta/outputs.py +13 -8
pulumi_vault/outputs.py +5 -0
pulumi_vault/password_policy.py +18 -15
pulumi_vault/pkisecret/__init__.py +3 -0
pulumi_vault/pkisecret/_inputs.py +81 -0
pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
pulumi_vault/pkisecret/backend_config_est.py +619 -0
pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
pulumi_vault/pkisecret/get_backend_key.py +24 -13
pulumi_vault/pkisecret/get_backend_keys.py +21 -12
pulumi_vault/pkisecret/outputs.py +69 -0
pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
pulumi_vault/pkisecret/secret_backend_key.py +12 -7
pulumi_vault/pkisecret/secret_backend_role.py +19 -16
pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
pulumi_vault/plugin.py +595 -0
pulumi_vault/plugin_pinned_version.py +298 -0
pulumi_vault/policy.py +12 -7
pulumi_vault/provider.py +48 -53
pulumi_vault/pulumi-plugin.json +2 -1
pulumi_vault/quota_lease_count.py +58 -8
pulumi_vault/quota_rate_limit.py +54 -4
pulumi_vault/rabbitmq/_inputs.py +61 -0
pulumi_vault/rabbitmq/outputs.py +5 -0
pulumi_vault/rabbitmq/secret_backend.py +16 -15
pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
pulumi_vault/raft_autopilot.py +12 -11
pulumi_vault/raft_snapshot_agent_config.py +121 -311
pulumi_vault/rgp_policy.py +14 -13
pulumi_vault/saml/auth_backend.py +20 -19
pulumi_vault/saml/auth_backend_role.py +90 -199
pulumi_vault/secrets/__init__.py +3 -0
pulumi_vault/secrets/_inputs.py +110 -0
pulumi_vault/secrets/outputs.py +94 -0
pulumi_vault/secrets/sync_association.py +56 -75
pulumi_vault/secrets/sync_aws_destination.py +240 -29
pulumi_vault/secrets/sync_azure_destination.py +90 -33
pulumi_vault/secrets/sync_config.py +7 -6
pulumi_vault/secrets/sync_gcp_destination.py +156 -27
pulumi_vault/secrets/sync_gh_destination.py +187 -15
pulumi_vault/secrets/sync_github_apps.py +375 -0
pulumi_vault/secrets/sync_vercel_destination.py +72 -15
pulumi_vault/ssh/_inputs.py +28 -32
pulumi_vault/ssh/outputs.py +11 -32
pulumi_vault/ssh/secret_backend_ca.py +106 -11
pulumi_vault/ssh/secret_backend_role.py +83 -120
pulumi_vault/terraformcloud/secret_backend.py +5 -56
pulumi_vault/terraformcloud/secret_creds.py +14 -24
pulumi_vault/terraformcloud/secret_role.py +14 -76
pulumi_vault/token.py +26 -25
pulumi_vault/tokenauth/auth_backend_role.py +76 -201
pulumi_vault/transform/alphabet.py +16 -13
pulumi_vault/transform/get_decode.py +45 -21
pulumi_vault/transform/get_encode.py +45 -21
pulumi_vault/transform/role.py +16 -13
pulumi_vault/transform/template.py +30 -25
pulumi_vault/transform/transformation.py +12 -7
pulumi_vault/transit/get_decrypt.py +26 -25
pulumi_vault/transit/get_encrypt.py +24 -19
pulumi_vault/transit/secret_backend_key.py +25 -97
pulumi_vault/transit/secret_cache_config.py +12 -11
{pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
{pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
{pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0

pulumi_vault/mongodbatlas/secret_role.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['SecretRoleArgs', 'SecretRole']
@@ -28,20 +33,20 @@ class SecretRoleArgs:
         """
         The set of arguments for constructing a SecretRole resource.
         :param pulumi.Input[str] mount: Path where the MongoDB Atlas Secrets Engine is mounted.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] cidr_blocks: Whitelist entry in CIDR notation to be added for the API key.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_addresses: IP address to be added to the whitelist for the API key.
         :param pulumi.Input[str] max_ttl: The maximum allowed lifetime of credentials issued using this role.
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         pulumi.set(__self__, "mount", mount)
@@ -81,7 +86,7 @@ class SecretRoleArgs:
     @pulumi.getter
     def roles(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
         """
-        List of roles that the API Key needs to have.
+        List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         """
         return pulumi.get(self, "roles")
@@ -143,7 +148,7 @@ class SecretRoleArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -170,7 +175,7 @@ class SecretRoleArgs:
     def project_id(self) -> Optional[pulumi.Input[str]]:
         """
         Unique identifier for the project to which the target API Key belongs.
-        Required if `organization_id is` not set.
+        Required if `organization_id` is not set.
         """
         return pulumi.get(self, "project_id")
@@ -182,7 +187,7 @@ class SecretRoleArgs:
     @pulumi.getter(name="projectRoles")
     def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Roles assigned when an org API key is assigned to a project API key.
+        Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         """
         return pulumi.get(self, "project_roles")
@@ -226,14 +231,14 @@ class _SecretRoleState:
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         if cidr_blocks is not None:
@@ -325,7 +330,7 @@ class _SecretRoleState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -352,7 +357,7 @@ class _SecretRoleState:
     def project_id(self) -> Optional[pulumi.Input[str]]:
         """
         Unique identifier for the project to which the target API Key belongs.
-        Required if `organization_id is` not set.
+        Required if `organization_id` is not set.
         """
         return pulumi.get(self, "project_id")
@@ -364,7 +369,7 @@ class _SecretRoleState:
     @pulumi.getter(name="projectRoles")
     def project_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Roles assigned when an org API key is assigned to a project API key.
+        Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         """
         return pulumi.get(self, "project_roles")
@@ -376,7 +381,7 @@ class _SecretRoleState:
     @pulumi.getter
     def roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        List of roles that the API Key needs to have.
+        List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         """
         return pulumi.get(self, "roles")
@@ -417,7 +422,6 @@ class SecretRole(pulumi.CustomResource):
         """
         ## Example Usage
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -427,21 +431,21 @@ class SecretRole(pulumi.CustomResource):
             type="mongodbatlas",
             description="MongoDB Atlas secret engine mount")
         config = vault.mongodbatlas.SecretBackend("config",
-            mount="vault_mount.mongo.path",
+            mount=mongo.path,
             private_key="privateKey",
             public_key="publicKey")
         role = vault.mongodbatlas.SecretRole("role",
             mount=mongo.path,
+            name="tf-test-role",
             organization_id="7cf5a45a9ccf6400e60981b7",
             project_id="5cf5a45a9ccf6400e60981b6",
-            roles="ORG_READ_ONLY",
+            roles=["ORG_READ_ONLY"],
             ip_addresses="192.168.1.5, 192.168.1.6",
             cidr_blocks="192.168.1.3/35",
-            project_roles="GROUP_READ_ONLY",
+            project_roles=["GROUP_READ_ONLY"],
             ttl="60",
             max_ttl="120")
         ```
-        <!--End PulumiCodeChooser -->
         ## Import
@@ -461,14 +465,14 @@ class SecretRole(pulumi.CustomResource):
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         ...
@@ -480,7 +484,6 @@ class SecretRole(pulumi.CustomResource):
         """
         ## Example Usage
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -490,21 +493,21 @@ class SecretRole(pulumi.CustomResource):
             type="mongodbatlas",
             description="MongoDB Atlas secret engine mount")
         config = vault.mongodbatlas.SecretBackend("config",
-            mount="vault_mount.mongo.path",
+            mount=mongo.path,
             private_key="privateKey",
             public_key="publicKey")
         role = vault.mongodbatlas.SecretRole("role",
             mount=mongo.path,
+            name="tf-test-role",
             organization_id="7cf5a45a9ccf6400e60981b7",
             project_id="5cf5a45a9ccf6400e60981b6",
-            roles="ORG_READ_ONLY",
+            roles=["ORG_READ_ONLY"],
             ip_addresses="192.168.1.5, 192.168.1.6",
             cidr_blocks="192.168.1.3/35",
-            project_roles="GROUP_READ_ONLY",
+            project_roles=["GROUP_READ_ONLY"],
             ttl="60",
             max_ttl="120")
         ```
-        <!--End PulumiCodeChooser -->
         ## Import
@@ -600,14 +603,14 @@ class SecretRole(pulumi.CustomResource):
         :param pulumi.Input[str] name: The name of the role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
-               Required if `organization_id is` not set.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have.
+               Required if `organization_id` is not set.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] project_roles: Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] roles: List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         :param pulumi.Input[str] ttl: Duration in seconds after which the issued credential should expire.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -673,7 +676,7 @@ class SecretRole(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -692,7 +695,7 @@ class SecretRole(pulumi.CustomResource):
     def project_id(self) -> pulumi.Output[Optional[str]]:
         """
         Unique identifier for the project to which the target API Key belongs.
-        Required if `organization_id is` not set.
+        Required if `organization_id` is not set.
         """
         return pulumi.get(self, "project_id")
@@ -700,7 +703,7 @@ class SecretRole(pulumi.CustomResource):
     @pulumi.getter(name="projectRoles")
     def project_roles(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        Roles assigned when an org API key is assigned to a project API key.
+        Roles assigned when an org API key is assigned to a project API key. Possible values are `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_OWNER` and `GROUP_READ_ONLY`.
         """
         return pulumi.get(self, "project_roles")
@@ -708,7 +711,7 @@ class SecretRole(pulumi.CustomResource):
     @pulumi.getter
     def roles(self) -> pulumi.Output[Sequence[str]]:
         """
-        List of roles that the API Key needs to have.
+        List of roles that the API Key needs to have. Possible values are `ORG_OWNER`, `ORG_MEMBER`, `ORG_GROUP_CREATOR`, `ORG_BILLING_ADMIN` and `ORG_READ_ONLY`.
         """
         return pulumi.get(self, "roles")

pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

pulumi-vault 5.21.0a1710160723py3-none-any.whl → 6.5.0a1736836139py3-none-any.whl