pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from . import _utilities
11
16
 
12
17
  __all__ = ['RaftSnapshotAgentConfigArgs', 'RaftSnapshotAgentConfig']
@@ -53,60 +58,33 @@ class RaftSnapshotAgentConfigArgs:
53
58
  or "google-gcs". The remaining parameters described below are all specific to
54
59
  the selected `storage_type` and prefixed accordingly.
55
60
  :param pulumi.Input[str] aws_access_key_id: AWS access key ID.
56
- :param pulumi.Input[str] aws_s3_bucket: `<required>` - S3 bucket to write snapshots to.
57
- :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This
58
- should only be used for testing purposes, typically in conjunction with
59
- `aws_s3_endpoint`.
61
+ :param pulumi.Input[str] aws_s3_bucket: S3 bucket to write snapshots to.
62
+ :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This should only be used for testing purposes.
60
63
  :param pulumi.Input[bool] aws_s3_enable_kms: Use KMS to encrypt bucket contents.
61
- :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when
62
- using a non-AWS S3 implementation like Minio.
63
- :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style
64
- instead of bucket.endpoint. May be needed when setting `aws_s3_endpoint`.
65
- :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when `aws_s3_enable_kms = true`
66
- :param pulumi.Input[str] aws_s3_region: `<required>` - AWS region bucket is in.
64
+ :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when using a non-AWS S3 implementation like Minio.
65
+ :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style instead of bucket.endpoint.
66
+ :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when aws_s3_enable_kms=true
67
+ :param pulumi.Input[str] aws_s3_region: AWS region bucket is in.
67
68
  :param pulumi.Input[bool] aws_s3_server_side_encryption: Use AES256 to encrypt bucket contents.
68
69
  :param pulumi.Input[str] aws_secret_access_key: AWS secret access key.
69
70
  :param pulumi.Input[str] aws_session_token: AWS session token.
70
71
  :param pulumi.Input[str] azure_account_key: Azure account key.
71
72
  :param pulumi.Input[str] azure_account_name: Azure account name.
72
73
  :param pulumi.Input[str] azure_blob_environment: Azure blob environment.
73
- :param pulumi.Input[str] azure_container_name: `<required>` - Azure container name to write
74
- snapshots to.
75
- :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically
76
- only set when using a non-Azure implementation like Azurite.
74
+ :param pulumi.Input[str] azure_container_name: Azure container name to write snapshots to.
75
+ :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically only set when using a non-Azure implementation like Azurite.
77
76
  :param pulumi.Input[str] file_prefix: Within the directory or bucket
78
77
  prefix given by `path_prefix`, the file or object name of snapshot files
79
78
  will start with this string.
80
- :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint. This
81
- should only be used for testing purposes, typically in conjunction with
82
- `google_endpoint`.
83
- :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when
84
- using a non-Google GCS implementation like fake-gcs-server.
85
- :param pulumi.Input[str] google_gcs_bucket: `<required>` - GCS bucket to write snapshots to.
86
- :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
87
- The raw value looks like this:
88
-
89
- ```json
90
- {
91
- "type": "service_account",
92
- "project_id": "project-id",
93
- "private_key_id": "key-id",
94
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\\nMIIEpQ ... /WZs=\\n-----END RSA PRIVATE KEY-----\\n",
95
- "client_email": "service-account-email",
96
- "client_id": "client-id",
97
- "auth_uri": "https://accounts.google.com/o/oauth2/auth",
98
- "token_uri": "https://accounts.google.com/o/oauth2/token",
99
- "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
100
- "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
101
- }
102
- ```
103
- :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum
104
- space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough
105
- space left in this allowance.
79
+ :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint.
80
+ :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when using a non-Google GCS implementation like fake-gcs-server.
81
+ :param pulumi.Input[str] google_gcs_bucket: GCS bucket to write snapshots to.
82
+ :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
83
+ :param pulumi.Input[int] local_max_space: The maximum space, in bytes, to use for snapshots.
106
84
  :param pulumi.Input[str] name: `<required>` – Name of the configuration to modify.
107
85
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
108
86
  The value should not contain leading or trailing forward slashes.
109
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
87
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
110
88
  *Available only for Vault Enterprise*.
111
89
  :param pulumi.Input[int] retain: How many snapshots are to be kept; when writing a
112
90
  snapshot, if there are more snapshots already stored than this number, the
@@ -223,7 +201,7 @@ class RaftSnapshotAgentConfigArgs:
223
201
  @pulumi.getter(name="awsS3Bucket")
224
202
  def aws_s3_bucket(self) -> Optional[pulumi.Input[str]]:
225
203
  """
226
- `<required>` - S3 bucket to write snapshots to.
204
+ S3 bucket to write snapshots to.
227
205
  """
228
206
  return pulumi.get(self, "aws_s3_bucket")
229
207
 
@@ -235,9 +213,7 @@ class RaftSnapshotAgentConfigArgs:
235
213
  @pulumi.getter(name="awsS3DisableTls")
236
214
  def aws_s3_disable_tls(self) -> Optional[pulumi.Input[bool]]:
237
215
  """
238
- Disable TLS for the S3 endpoint. This
239
- should only be used for testing purposes, typically in conjunction with
240
- `aws_s3_endpoint`.
216
+ Disable TLS for the S3 endpoint. This should only be used for testing purposes.
241
217
  """
242
218
  return pulumi.get(self, "aws_s3_disable_tls")
243
219
 
@@ -261,8 +237,7 @@ class RaftSnapshotAgentConfigArgs:
261
237
  @pulumi.getter(name="awsS3Endpoint")
262
238
  def aws_s3_endpoint(self) -> Optional[pulumi.Input[str]]:
263
239
  """
264
- AWS endpoint. This is typically only set when
265
- using a non-AWS S3 implementation like Minio.
240
+ AWS endpoint. This is typically only set when using a non-AWS S3 implementation like Minio.
266
241
  """
267
242
  return pulumi.get(self, "aws_s3_endpoint")
268
243
 
@@ -274,8 +249,7 @@ class RaftSnapshotAgentConfigArgs:
274
249
  @pulumi.getter(name="awsS3ForcePathStyle")
275
250
  def aws_s3_force_path_style(self) -> Optional[pulumi.Input[bool]]:
276
251
  """
277
- Use the endpoint/bucket URL style
278
- instead of bucket.endpoint. May be needed when setting `aws_s3_endpoint`.
252
+ Use the endpoint/bucket URL style instead of bucket.endpoint.
279
253
  """
280
254
  return pulumi.get(self, "aws_s3_force_path_style")
281
255
 
@@ -287,7 +261,7 @@ class RaftSnapshotAgentConfigArgs:
287
261
  @pulumi.getter(name="awsS3KmsKey")
288
262
  def aws_s3_kms_key(self) -> Optional[pulumi.Input[str]]:
289
263
  """
290
- Use named KMS key, when `aws_s3_enable_kms = true`
264
+ Use named KMS key, when aws_s3_enable_kms=true
291
265
  """
292
266
  return pulumi.get(self, "aws_s3_kms_key")
293
267
 
@@ -299,7 +273,7 @@ class RaftSnapshotAgentConfigArgs:
299
273
  @pulumi.getter(name="awsS3Region")
300
274
  def aws_s3_region(self) -> Optional[pulumi.Input[str]]:
301
275
  """
302
- `<required>` - AWS region bucket is in.
276
+ AWS region bucket is in.
303
277
  """
304
278
  return pulumi.get(self, "aws_s3_region")
305
279
 
@@ -383,8 +357,7 @@ class RaftSnapshotAgentConfigArgs:
383
357
  @pulumi.getter(name="azureContainerName")
384
358
  def azure_container_name(self) -> Optional[pulumi.Input[str]]:
385
359
  """
386
- `<required>` - Azure container name to write
387
- snapshots to.
360
+ Azure container name to write snapshots to.
388
361
  """
389
362
  return pulumi.get(self, "azure_container_name")
390
363
 
@@ -396,8 +369,7 @@ class RaftSnapshotAgentConfigArgs:
396
369
  @pulumi.getter(name="azureEndpoint")
397
370
  def azure_endpoint(self) -> Optional[pulumi.Input[str]]:
398
371
  """
399
- Azure blob storage endpoint. This is typically
400
- only set when using a non-Azure implementation like Azurite.
372
+ Azure blob storage endpoint. This is typically only set when using a non-Azure implementation like Azurite.
401
373
  """
402
374
  return pulumi.get(self, "azure_endpoint")
403
375
 
@@ -423,9 +395,7 @@ class RaftSnapshotAgentConfigArgs:
423
395
  @pulumi.getter(name="googleDisableTls")
424
396
  def google_disable_tls(self) -> Optional[pulumi.Input[bool]]:
425
397
  """
426
- Disable TLS for the GCS endpoint. This
427
- should only be used for testing purposes, typically in conjunction with
428
- `google_endpoint`.
398
+ Disable TLS for the GCS endpoint.
429
399
  """
430
400
  return pulumi.get(self, "google_disable_tls")
431
401
 
@@ -437,8 +407,7 @@ class RaftSnapshotAgentConfigArgs:
437
407
  @pulumi.getter(name="googleEndpoint")
438
408
  def google_endpoint(self) -> Optional[pulumi.Input[str]]:
439
409
  """
440
- GCS endpoint. This is typically only set when
441
- using a non-Google GCS implementation like fake-gcs-server.
410
+ GCS endpoint. This is typically only set when using a non-Google GCS implementation like fake-gcs-server.
442
411
  """
443
412
  return pulumi.get(self, "google_endpoint")
444
413
 
@@ -450,7 +419,7 @@ class RaftSnapshotAgentConfigArgs:
450
419
  @pulumi.getter(name="googleGcsBucket")
451
420
  def google_gcs_bucket(self) -> Optional[pulumi.Input[str]]:
452
421
  """
453
- `<required>` - GCS bucket to write snapshots to.
422
+ GCS bucket to write snapshots to.
454
423
  """
455
424
  return pulumi.get(self, "google_gcs_bucket")
456
425
 
@@ -462,23 +431,7 @@ class RaftSnapshotAgentConfigArgs:
462
431
  @pulumi.getter(name="googleServiceAccountKey")
463
432
  def google_service_account_key(self) -> Optional[pulumi.Input[str]]:
464
433
  """
465
- Google service account key in JSON format.
466
- The raw value looks like this:
467
-
468
- ```json
469
- {
470
- "type": "service_account",
471
- "project_id": "project-id",
472
- "private_key_id": "key-id",
473
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\\nMIIEpQ ... /WZs=\\n-----END RSA PRIVATE KEY-----\\n",
474
- "client_email": "service-account-email",
475
- "client_id": "client-id",
476
- "auth_uri": "https://accounts.google.com/o/oauth2/auth",
477
- "token_uri": "https://accounts.google.com/o/oauth2/token",
478
- "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
479
- "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
480
- }
481
- ```
434
+ Google service account key in JSON format.
482
435
  """
483
436
  return pulumi.get(self, "google_service_account_key")
484
437
 
@@ -490,9 +443,7 @@ class RaftSnapshotAgentConfigArgs:
490
443
  @pulumi.getter(name="localMaxSpace")
491
444
  def local_max_space(self) -> Optional[pulumi.Input[int]]:
492
445
  """
493
- For `storage_type = local`, the maximum
494
- space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough
495
- space left in this allowance.
446
+ The maximum space, in bytes, to use for snapshots.
496
447
  """
497
448
  return pulumi.get(self, "local_max_space")
498
449
 
@@ -518,7 +469,7 @@ class RaftSnapshotAgentConfigArgs:
518
469
  """
519
470
  The namespace to provision the resource in.
520
471
  The value should not contain leading or trailing forward slashes.
521
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
472
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
522
473
  *Available only for Vault Enterprise*.
523
474
  """
524
475
  return pulumi.get(self, "namespace")
@@ -576,61 +527,34 @@ class _RaftSnapshotAgentConfigState:
576
527
  """
577
528
  Input properties used for looking up and filtering RaftSnapshotAgentConfig resources.
578
529
  :param pulumi.Input[str] aws_access_key_id: AWS access key ID.
579
- :param pulumi.Input[str] aws_s3_bucket: `<required>` - S3 bucket to write snapshots to.
580
- :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This
581
- should only be used for testing purposes, typically in conjunction with
582
- `aws_s3_endpoint`.
530
+ :param pulumi.Input[str] aws_s3_bucket: S3 bucket to write snapshots to.
531
+ :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This should only be used for testing purposes.
583
532
  :param pulumi.Input[bool] aws_s3_enable_kms: Use KMS to encrypt bucket contents.
584
- :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when
585
- using a non-AWS S3 implementation like Minio.
586
- :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style
587
- instead of bucket.endpoint. May be needed when setting `aws_s3_endpoint`.
588
- :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when `aws_s3_enable_kms = true`
589
- :param pulumi.Input[str] aws_s3_region: `<required>` - AWS region bucket is in.
533
+ :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when using a non-AWS S3 implementation like Minio.
534
+ :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style instead of bucket.endpoint.
535
+ :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when aws_s3_enable_kms=true
536
+ :param pulumi.Input[str] aws_s3_region: AWS region bucket is in.
590
537
  :param pulumi.Input[bool] aws_s3_server_side_encryption: Use AES256 to encrypt bucket contents.
591
538
  :param pulumi.Input[str] aws_secret_access_key: AWS secret access key.
592
539
  :param pulumi.Input[str] aws_session_token: AWS session token.
593
540
  :param pulumi.Input[str] azure_account_key: Azure account key.
594
541
  :param pulumi.Input[str] azure_account_name: Azure account name.
595
542
  :param pulumi.Input[str] azure_blob_environment: Azure blob environment.
596
- :param pulumi.Input[str] azure_container_name: `<required>` - Azure container name to write
597
- snapshots to.
598
- :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically
599
- only set when using a non-Azure implementation like Azurite.
543
+ :param pulumi.Input[str] azure_container_name: Azure container name to write snapshots to.
544
+ :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically only set when using a non-Azure implementation like Azurite.
600
545
  :param pulumi.Input[str] file_prefix: Within the directory or bucket
601
546
  prefix given by `path_prefix`, the file or object name of snapshot files
602
547
  will start with this string.
603
- :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint. This
604
- should only be used for testing purposes, typically in conjunction with
605
- `google_endpoint`.
606
- :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when
607
- using a non-Google GCS implementation like fake-gcs-server.
608
- :param pulumi.Input[str] google_gcs_bucket: `<required>` - GCS bucket to write snapshots to.
609
- :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
610
- The raw value looks like this:
611
-
612
- ```json
613
- {
614
- "type": "service_account",
615
- "project_id": "project-id",
616
- "private_key_id": "key-id",
617
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\\nMIIEpQ ... /WZs=\\n-----END RSA PRIVATE KEY-----\\n",
618
- "client_email": "service-account-email",
619
- "client_id": "client-id",
620
- "auth_uri": "https://accounts.google.com/o/oauth2/auth",
621
- "token_uri": "https://accounts.google.com/o/oauth2/token",
622
- "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
623
- "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
624
- }
625
- ```
548
+ :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint.
549
+ :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when using a non-Google GCS implementation like fake-gcs-server.
550
+ :param pulumi.Input[str] google_gcs_bucket: GCS bucket to write snapshots to.
551
+ :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
626
552
  :param pulumi.Input[int] interval_seconds: `<required>` - Time (in seconds) between snapshots.
627
- :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum
628
- space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough
629
- space left in this allowance.
553
+ :param pulumi.Input[int] local_max_space: The maximum space, in bytes, to use for snapshots.
630
554
  :param pulumi.Input[str] name: `<required>` – Name of the configuration to modify.
631
555
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
632
556
  The value should not contain leading or trailing forward slashes.
633
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
557
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
634
558
  *Available only for Vault Enterprise*.
635
559
  :param pulumi.Input[str] path_prefix: `<required>` - For `storage_type = "local"`, the directory to
636
560
  write the snapshots in. For cloud storage types, the bucket prefix to use.
@@ -716,7 +640,7 @@ class _RaftSnapshotAgentConfigState:
716
640
  @pulumi.getter(name="awsS3Bucket")
717
641
  def aws_s3_bucket(self) -> Optional[pulumi.Input[str]]:
718
642
  """
719
- `<required>` - S3 bucket to write snapshots to.
643
+ S3 bucket to write snapshots to.
720
644
  """
721
645
  return pulumi.get(self, "aws_s3_bucket")
722
646
 
@@ -728,9 +652,7 @@ class _RaftSnapshotAgentConfigState:
728
652
  @pulumi.getter(name="awsS3DisableTls")
729
653
  def aws_s3_disable_tls(self) -> Optional[pulumi.Input[bool]]:
730
654
  """
731
- Disable TLS for the S3 endpoint. This
732
- should only be used for testing purposes, typically in conjunction with
733
- `aws_s3_endpoint`.
655
+ Disable TLS for the S3 endpoint. This should only be used for testing purposes.
734
656
  """
735
657
  return pulumi.get(self, "aws_s3_disable_tls")
736
658
 
@@ -754,8 +676,7 @@ class _RaftSnapshotAgentConfigState:
754
676
  @pulumi.getter(name="awsS3Endpoint")
755
677
  def aws_s3_endpoint(self) -> Optional[pulumi.Input[str]]:
756
678
  """
757
- AWS endpoint. This is typically only set when
758
- using a non-AWS S3 implementation like Minio.
679
+ AWS endpoint. This is typically only set when using a non-AWS S3 implementation like Minio.
759
680
  """
760
681
  return pulumi.get(self, "aws_s3_endpoint")
761
682
 
@@ -767,8 +688,7 @@ class _RaftSnapshotAgentConfigState:
767
688
  @pulumi.getter(name="awsS3ForcePathStyle")
768
689
  def aws_s3_force_path_style(self) -> Optional[pulumi.Input[bool]]:
769
690
  """
770
- Use the endpoint/bucket URL style
771
- instead of bucket.endpoint. May be needed when setting `aws_s3_endpoint`.
691
+ Use the endpoint/bucket URL style instead of bucket.endpoint.
772
692
  """
773
693
  return pulumi.get(self, "aws_s3_force_path_style")
774
694
 
@@ -780,7 +700,7 @@ class _RaftSnapshotAgentConfigState:
780
700
  @pulumi.getter(name="awsS3KmsKey")
781
701
  def aws_s3_kms_key(self) -> Optional[pulumi.Input[str]]:
782
702
  """
783
- Use named KMS key, when `aws_s3_enable_kms = true`
703
+ Use named KMS key, when aws_s3_enable_kms=true
784
704
  """
785
705
  return pulumi.get(self, "aws_s3_kms_key")
786
706
 
@@ -792,7 +712,7 @@ class _RaftSnapshotAgentConfigState:
792
712
  @pulumi.getter(name="awsS3Region")
793
713
  def aws_s3_region(self) -> Optional[pulumi.Input[str]]:
794
714
  """
795
- `<required>` - AWS region bucket is in.
715
+ AWS region bucket is in.
796
716
  """
797
717
  return pulumi.get(self, "aws_s3_region")
798
718
 
@@ -876,8 +796,7 @@ class _RaftSnapshotAgentConfigState:
876
796
  @pulumi.getter(name="azureContainerName")
877
797
  def azure_container_name(self) -> Optional[pulumi.Input[str]]:
878
798
  """
879
- `<required>` - Azure container name to write
880
- snapshots to.
799
+ Azure container name to write snapshots to.
881
800
  """
882
801
  return pulumi.get(self, "azure_container_name")
883
802
 
@@ -889,8 +808,7 @@ class _RaftSnapshotAgentConfigState:
889
808
  @pulumi.getter(name="azureEndpoint")
890
809
  def azure_endpoint(self) -> Optional[pulumi.Input[str]]:
891
810
  """
892
- Azure blob storage endpoint. This is typically
893
- only set when using a non-Azure implementation like Azurite.
811
+ Azure blob storage endpoint. This is typically only set when using a non-Azure implementation like Azurite.
894
812
  """
895
813
  return pulumi.get(self, "azure_endpoint")
896
814
 
@@ -916,9 +834,7 @@ class _RaftSnapshotAgentConfigState:
916
834
  @pulumi.getter(name="googleDisableTls")
917
835
  def google_disable_tls(self) -> Optional[pulumi.Input[bool]]:
918
836
  """
919
- Disable TLS for the GCS endpoint. This
920
- should only be used for testing purposes, typically in conjunction with
921
- `google_endpoint`.
837
+ Disable TLS for the GCS endpoint.
922
838
  """
923
839
  return pulumi.get(self, "google_disable_tls")
924
840
 
@@ -930,8 +846,7 @@ class _RaftSnapshotAgentConfigState:
930
846
  @pulumi.getter(name="googleEndpoint")
931
847
  def google_endpoint(self) -> Optional[pulumi.Input[str]]:
932
848
  """
933
- GCS endpoint. This is typically only set when
934
- using a non-Google GCS implementation like fake-gcs-server.
849
+ GCS endpoint. This is typically only set when using a non-Google GCS implementation like fake-gcs-server.
935
850
  """
936
851
  return pulumi.get(self, "google_endpoint")
937
852
 
@@ -943,7 +858,7 @@ class _RaftSnapshotAgentConfigState:
943
858
  @pulumi.getter(name="googleGcsBucket")
944
859
  def google_gcs_bucket(self) -> Optional[pulumi.Input[str]]:
945
860
  """
946
- `<required>` - GCS bucket to write snapshots to.
861
+ GCS bucket to write snapshots to.
947
862
  """
948
863
  return pulumi.get(self, "google_gcs_bucket")
949
864
 
@@ -955,23 +870,7 @@ class _RaftSnapshotAgentConfigState:
955
870
  @pulumi.getter(name="googleServiceAccountKey")
956
871
  def google_service_account_key(self) -> Optional[pulumi.Input[str]]:
957
872
  """
958
- Google service account key in JSON format.
959
- The raw value looks like this:
960
-
961
- ```json
962
- {
963
- "type": "service_account",
964
- "project_id": "project-id",
965
- "private_key_id": "key-id",
966
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\\nMIIEpQ ... /WZs=\\n-----END RSA PRIVATE KEY-----\\n",
967
- "client_email": "service-account-email",
968
- "client_id": "client-id",
969
- "auth_uri": "https://accounts.google.com/o/oauth2/auth",
970
- "token_uri": "https://accounts.google.com/o/oauth2/token",
971
- "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
972
- "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
973
- }
974
- ```
873
+ Google service account key in JSON format.
975
874
  """
976
875
  return pulumi.get(self, "google_service_account_key")
977
876
 
@@ -995,9 +894,7 @@ class _RaftSnapshotAgentConfigState:
995
894
  @pulumi.getter(name="localMaxSpace")
996
895
  def local_max_space(self) -> Optional[pulumi.Input[int]]:
997
896
  """
998
- For `storage_type = local`, the maximum
999
- space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough
1000
- space left in this allowance.
897
+ The maximum space, in bytes, to use for snapshots.
1001
898
  """
1002
899
  return pulumi.get(self, "local_max_space")
1003
900
 
@@ -1023,7 +920,7 @@ class _RaftSnapshotAgentConfigState:
1023
920
  """
1024
921
  The namespace to provision the resource in.
1025
922
  The value should not contain leading or trailing forward slashes.
1026
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
923
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1027
924
  *Available only for Vault Enterprise*.
1028
925
  """
1029
926
  return pulumi.get(self, "namespace")
@@ -1114,22 +1011,20 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1114
1011
  ## Example Usage
1115
1012
 
1116
1013
  ### Local Storage
1117
- <!--Start PulumiCodeChooser -->
1118
1014
  ```python
1119
1015
  import pulumi
1120
1016
  import pulumi_vault as vault
1121
1017
 
1122
- local_backups = vault.RaftSnapshotAgentConfig("localBackups",
1018
+ local_backups = vault.RaftSnapshotAgentConfig("local_backups",
1019
+ name="local",
1123
1020
  interval_seconds=86400,
1124
- local_max_space=10000000,
1125
- path_prefix="/opt/vault/snapshots/",
1126
1021
  retain=7,
1127
- storage_type="local")
1022
+ path_prefix="/opt/vault/snapshots/",
1023
+ storage_type="local",
1024
+ local_max_space=10000000)
1128
1025
  ```
1129
- <!--End PulumiCodeChooser -->
1130
1026
 
1131
1027
  ### AWS S3
1132
- <!--Start PulumiCodeChooser -->
1133
1028
  ```python
1134
1029
  import pulumi
1135
1030
  import pulumi_aws as aws
@@ -1139,7 +1034,8 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1139
1034
  aws_access_key_id = config.require_object("awsAccessKeyId")
1140
1035
  aws_secret_access_key = config.require_object("awsSecretAccessKey")
1141
1036
  current = aws.get_region()
1142
- s3_backups = vault.RaftSnapshotAgentConfig("s3Backups",
1037
+ s3_backups = vault.RaftSnapshotAgentConfig("s3_backups",
1038
+ name="s3",
1143
1039
  interval_seconds=86400,
1144
1040
  retain=7,
1145
1041
  path_prefix="/path/in/bucket",
@@ -1150,11 +1046,9 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1150
1046
  aws_secret_access_key=aws_secret_access_key,
1151
1047
  aws_s3_enable_kms=True)
1152
1048
  ```
1153
- <!--End PulumiCodeChooser -->
1154
1049
 
1155
1050
  ### Azure BLOB
1156
1051
 
1157
- <!--Start PulumiCodeChooser -->
1158
1052
  ```python
1159
1053
  import pulumi
1160
1054
  import pulumi_vault as vault
@@ -1162,7 +1056,8 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1162
1056
  config = pulumi.Config()
1163
1057
  azure_account_name = config.require_object("azureAccountName")
1164
1058
  azure_account_key = config.require_object("azureAccountKey")
1165
- azure_backups = vault.RaftSnapshotAgentConfig("azureBackups",
1059
+ azure_backups = vault.RaftSnapshotAgentConfig("azure_backups",
1060
+ name="azure_backup",
1166
1061
  interval_seconds=86400,
1167
1062
  retain=7,
1168
1063
  path_prefix="/",
@@ -1171,7 +1066,6 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1171
1066
  azure_account_name=azure_account_name,
1172
1067
  azure_account_key=azure_account_key)
1173
1068
  ```
1174
- <!--End PulumiCodeChooser -->
1175
1069
 
1176
1070
  ## Import
1177
1071
 
@@ -1184,61 +1078,34 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1184
1078
  :param str resource_name: The name of the resource.
1185
1079
  :param pulumi.ResourceOptions opts: Options for the resource.
1186
1080
  :param pulumi.Input[str] aws_access_key_id: AWS access key ID.
1187
- :param pulumi.Input[str] aws_s3_bucket: `<required>` - S3 bucket to write snapshots to.
1188
- :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This
1189
- should only be used for testing purposes, typically in conjunction with
1190
- `aws_s3_endpoint`.
1081
+ :param pulumi.Input[str] aws_s3_bucket: S3 bucket to write snapshots to.
1082
+ :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This should only be used for testing purposes.
1191
1083
  :param pulumi.Input[bool] aws_s3_enable_kms: Use KMS to encrypt bucket contents.
1192
- :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when
1193
- using a non-AWS S3 implementation like Minio.
1194
- :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style
1195
- instead of bucket.endpoint. May be needed when setting `aws_s3_endpoint`.
1196
- :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when `aws_s3_enable_kms = true`
1197
- :param pulumi.Input[str] aws_s3_region: `<required>` - AWS region bucket is in.
1084
+ :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when using a non-AWS S3 implementation like Minio.
1085
+ :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style instead of bucket.endpoint.
1086
+ :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when aws_s3_enable_kms=true
1087
+ :param pulumi.Input[str] aws_s3_region: AWS region bucket is in.
1198
1088
  :param pulumi.Input[bool] aws_s3_server_side_encryption: Use AES256 to encrypt bucket contents.
1199
1089
  :param pulumi.Input[str] aws_secret_access_key: AWS secret access key.
1200
1090
  :param pulumi.Input[str] aws_session_token: AWS session token.
1201
1091
  :param pulumi.Input[str] azure_account_key: Azure account key.
1202
1092
  :param pulumi.Input[str] azure_account_name: Azure account name.
1203
1093
  :param pulumi.Input[str] azure_blob_environment: Azure blob environment.
1204
- :param pulumi.Input[str] azure_container_name: `<required>` - Azure container name to write
1205
- snapshots to.
1206
- :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically
1207
- only set when using a non-Azure implementation like Azurite.
1094
+ :param pulumi.Input[str] azure_container_name: Azure container name to write snapshots to.
1095
+ :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically only set when using a non-Azure implementation like Azurite.
1208
1096
  :param pulumi.Input[str] file_prefix: Within the directory or bucket
1209
1097
  prefix given by `path_prefix`, the file or object name of snapshot files
1210
1098
  will start with this string.
1211
- :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint. This
1212
- should only be used for testing purposes, typically in conjunction with
1213
- `google_endpoint`.
1214
- :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when
1215
- using a non-Google GCS implementation like fake-gcs-server.
1216
- :param pulumi.Input[str] google_gcs_bucket: `<required>` - GCS bucket to write snapshots to.
1217
- :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
1218
- The raw value looks like this:
1219
-
1220
- ```json
1221
- {
1222
- "type": "service_account",
1223
- "project_id": "project-id",
1224
- "private_key_id": "key-id",
1225
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\\nMIIEpQ ... /WZs=\\n-----END RSA PRIVATE KEY-----\\n",
1226
- "client_email": "service-account-email",
1227
- "client_id": "client-id",
1228
- "auth_uri": "https://accounts.google.com/o/oauth2/auth",
1229
- "token_uri": "https://accounts.google.com/o/oauth2/token",
1230
- "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
1231
- "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
1232
- }
1233
- ```
1099
+ :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint.
1100
+ :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when using a non-Google GCS implementation like fake-gcs-server.
1101
+ :param pulumi.Input[str] google_gcs_bucket: GCS bucket to write snapshots to.
1102
+ :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
1234
1103
  :param pulumi.Input[int] interval_seconds: `<required>` - Time (in seconds) between snapshots.
1235
- :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum
1236
- space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough
1237
- space left in this allowance.
1104
+ :param pulumi.Input[int] local_max_space: The maximum space, in bytes, to use for snapshots.
1238
1105
  :param pulumi.Input[str] name: `<required>` – Name of the configuration to modify.
1239
1106
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1240
1107
  The value should not contain leading or trailing forward slashes.
1241
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
1108
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1242
1109
  *Available only for Vault Enterprise*.
1243
1110
  :param pulumi.Input[str] path_prefix: `<required>` - For `storage_type = "local"`, the directory to
1244
1111
  write the snapshots in. For cloud storage types, the bucket prefix to use.
@@ -1261,22 +1128,20 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1261
1128
  ## Example Usage
1262
1129
 
1263
1130
  ### Local Storage
1264
- <!--Start PulumiCodeChooser -->
1265
1131
  ```python
1266
1132
  import pulumi
1267
1133
  import pulumi_vault as vault
1268
1134
 
1269
- local_backups = vault.RaftSnapshotAgentConfig("localBackups",
1135
+ local_backups = vault.RaftSnapshotAgentConfig("local_backups",
1136
+ name="local",
1270
1137
  interval_seconds=86400,
1271
- local_max_space=10000000,
1272
- path_prefix="/opt/vault/snapshots/",
1273
1138
  retain=7,
1274
- storage_type="local")
1139
+ path_prefix="/opt/vault/snapshots/",
1140
+ storage_type="local",
1141
+ local_max_space=10000000)
1275
1142
  ```
1276
- <!--End PulumiCodeChooser -->
1277
1143
 
1278
1144
  ### AWS S3
1279
- <!--Start PulumiCodeChooser -->
1280
1145
  ```python
1281
1146
  import pulumi
1282
1147
  import pulumi_aws as aws
@@ -1286,7 +1151,8 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1286
1151
  aws_access_key_id = config.require_object("awsAccessKeyId")
1287
1152
  aws_secret_access_key = config.require_object("awsSecretAccessKey")
1288
1153
  current = aws.get_region()
1289
- s3_backups = vault.RaftSnapshotAgentConfig("s3Backups",
1154
+ s3_backups = vault.RaftSnapshotAgentConfig("s3_backups",
1155
+ name="s3",
1290
1156
  interval_seconds=86400,
1291
1157
  retain=7,
1292
1158
  path_prefix="/path/in/bucket",
@@ -1297,11 +1163,9 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1297
1163
  aws_secret_access_key=aws_secret_access_key,
1298
1164
  aws_s3_enable_kms=True)
1299
1165
  ```
1300
- <!--End PulumiCodeChooser -->
1301
1166
 
1302
1167
  ### Azure BLOB
1303
1168
 
1304
- <!--Start PulumiCodeChooser -->
1305
1169
  ```python
1306
1170
  import pulumi
1307
1171
  import pulumi_vault as vault
@@ -1309,7 +1173,8 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1309
1173
  config = pulumi.Config()
1310
1174
  azure_account_name = config.require_object("azureAccountName")
1311
1175
  azure_account_key = config.require_object("azureAccountKey")
1312
- azure_backups = vault.RaftSnapshotAgentConfig("azureBackups",
1176
+ azure_backups = vault.RaftSnapshotAgentConfig("azure_backups",
1177
+ name="azure_backup",
1313
1178
  interval_seconds=86400,
1314
1179
  retain=7,
1315
1180
  path_prefix="/",
@@ -1318,7 +1183,6 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1318
1183
  azure_account_name=azure_account_name,
1319
1184
  azure_account_key=azure_account_key)
1320
1185
  ```
1321
- <!--End PulumiCodeChooser -->
1322
1186
 
1323
1187
  ## Import
1324
1188
 
@@ -1460,61 +1324,34 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1460
1324
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
1461
1325
  :param pulumi.ResourceOptions opts: Options for the resource.
1462
1326
  :param pulumi.Input[str] aws_access_key_id: AWS access key ID.
1463
- :param pulumi.Input[str] aws_s3_bucket: `<required>` - S3 bucket to write snapshots to.
1464
- :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This
1465
- should only be used for testing purposes, typically in conjunction with
1466
- `aws_s3_endpoint`.
1327
+ :param pulumi.Input[str] aws_s3_bucket: S3 bucket to write snapshots to.
1328
+ :param pulumi.Input[bool] aws_s3_disable_tls: Disable TLS for the S3 endpoint. This should only be used for testing purposes.
1467
1329
  :param pulumi.Input[bool] aws_s3_enable_kms: Use KMS to encrypt bucket contents.
1468
- :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when
1469
- using a non-AWS S3 implementation like Minio.
1470
- :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style
1471
- instead of bucket.endpoint. May be needed when setting `aws_s3_endpoint`.
1472
- :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when `aws_s3_enable_kms = true`
1473
- :param pulumi.Input[str] aws_s3_region: `<required>` - AWS region bucket is in.
1330
+ :param pulumi.Input[str] aws_s3_endpoint: AWS endpoint. This is typically only set when using a non-AWS S3 implementation like Minio.
1331
+ :param pulumi.Input[bool] aws_s3_force_path_style: Use the endpoint/bucket URL style instead of bucket.endpoint.
1332
+ :param pulumi.Input[str] aws_s3_kms_key: Use named KMS key, when aws_s3_enable_kms=true
1333
+ :param pulumi.Input[str] aws_s3_region: AWS region bucket is in.
1474
1334
  :param pulumi.Input[bool] aws_s3_server_side_encryption: Use AES256 to encrypt bucket contents.
1475
1335
  :param pulumi.Input[str] aws_secret_access_key: AWS secret access key.
1476
1336
  :param pulumi.Input[str] aws_session_token: AWS session token.
1477
1337
  :param pulumi.Input[str] azure_account_key: Azure account key.
1478
1338
  :param pulumi.Input[str] azure_account_name: Azure account name.
1479
1339
  :param pulumi.Input[str] azure_blob_environment: Azure blob environment.
1480
- :param pulumi.Input[str] azure_container_name: `<required>` - Azure container name to write
1481
- snapshots to.
1482
- :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically
1483
- only set when using a non-Azure implementation like Azurite.
1340
+ :param pulumi.Input[str] azure_container_name: Azure container name to write snapshots to.
1341
+ :param pulumi.Input[str] azure_endpoint: Azure blob storage endpoint. This is typically only set when using a non-Azure implementation like Azurite.
1484
1342
  :param pulumi.Input[str] file_prefix: Within the directory or bucket
1485
1343
  prefix given by `path_prefix`, the file or object name of snapshot files
1486
1344
  will start with this string.
1487
- :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint. This
1488
- should only be used for testing purposes, typically in conjunction with
1489
- `google_endpoint`.
1490
- :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when
1491
- using a non-Google GCS implementation like fake-gcs-server.
1492
- :param pulumi.Input[str] google_gcs_bucket: `<required>` - GCS bucket to write snapshots to.
1493
- :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
1494
- The raw value looks like this:
1495
-
1496
- ```json
1497
- {
1498
- "type": "service_account",
1499
- "project_id": "project-id",
1500
- "private_key_id": "key-id",
1501
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\\nMIIEpQ ... /WZs=\\n-----END RSA PRIVATE KEY-----\\n",
1502
- "client_email": "service-account-email",
1503
- "client_id": "client-id",
1504
- "auth_uri": "https://accounts.google.com/o/oauth2/auth",
1505
- "token_uri": "https://accounts.google.com/o/oauth2/token",
1506
- "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
1507
- "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
1508
- }
1509
- ```
1345
+ :param pulumi.Input[bool] google_disable_tls: Disable TLS for the GCS endpoint.
1346
+ :param pulumi.Input[str] google_endpoint: GCS endpoint. This is typically only set when using a non-Google GCS implementation like fake-gcs-server.
1347
+ :param pulumi.Input[str] google_gcs_bucket: GCS bucket to write snapshots to.
1348
+ :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format.
1510
1349
  :param pulumi.Input[int] interval_seconds: `<required>` - Time (in seconds) between snapshots.
1511
- :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum
1512
- space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough
1513
- space left in this allowance.
1350
+ :param pulumi.Input[int] local_max_space: The maximum space, in bytes, to use for snapshots.
1514
1351
  :param pulumi.Input[str] name: `<required>` – Name of the configuration to modify.
1515
1352
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1516
1353
  The value should not contain leading or trailing forward slashes.
1517
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
1354
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1518
1355
  *Available only for Vault Enterprise*.
1519
1356
  :param pulumi.Input[str] path_prefix: `<required>` - For `storage_type = "local"`, the directory to
1520
1357
  write the snapshots in. For cloud storage types, the bucket prefix to use.
@@ -1573,7 +1410,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1573
1410
  @pulumi.getter(name="awsS3Bucket")
1574
1411
  def aws_s3_bucket(self) -> pulumi.Output[Optional[str]]:
1575
1412
  """
1576
- `<required>` - S3 bucket to write snapshots to.
1413
+ S3 bucket to write snapshots to.
1577
1414
  """
1578
1415
  return pulumi.get(self, "aws_s3_bucket")
1579
1416
 
@@ -1581,9 +1418,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1581
1418
  @pulumi.getter(name="awsS3DisableTls")
1582
1419
  def aws_s3_disable_tls(self) -> pulumi.Output[Optional[bool]]:
1583
1420
  """
1584
- Disable TLS for the S3 endpoint. This
1585
- should only be used for testing purposes, typically in conjunction with
1586
- `aws_s3_endpoint`.
1421
+ Disable TLS for the S3 endpoint. This should only be used for testing purposes.
1587
1422
  """
1588
1423
  return pulumi.get(self, "aws_s3_disable_tls")
1589
1424
 
@@ -1599,8 +1434,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1599
1434
  @pulumi.getter(name="awsS3Endpoint")
1600
1435
  def aws_s3_endpoint(self) -> pulumi.Output[Optional[str]]:
1601
1436
  """
1602
- AWS endpoint. This is typically only set when
1603
- using a non-AWS S3 implementation like Minio.
1437
+ AWS endpoint. This is typically only set when using a non-AWS S3 implementation like Minio.
1604
1438
  """
1605
1439
  return pulumi.get(self, "aws_s3_endpoint")
1606
1440
 
@@ -1608,8 +1442,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1608
1442
  @pulumi.getter(name="awsS3ForcePathStyle")
1609
1443
  def aws_s3_force_path_style(self) -> pulumi.Output[Optional[bool]]:
1610
1444
  """
1611
- Use the endpoint/bucket URL style
1612
- instead of bucket.endpoint. May be needed when setting `aws_s3_endpoint`.
1445
+ Use the endpoint/bucket URL style instead of bucket.endpoint.
1613
1446
  """
1614
1447
  return pulumi.get(self, "aws_s3_force_path_style")
1615
1448
 
@@ -1617,7 +1450,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1617
1450
  @pulumi.getter(name="awsS3KmsKey")
1618
1451
  def aws_s3_kms_key(self) -> pulumi.Output[Optional[str]]:
1619
1452
  """
1620
- Use named KMS key, when `aws_s3_enable_kms = true`
1453
+ Use named KMS key, when aws_s3_enable_kms=true
1621
1454
  """
1622
1455
  return pulumi.get(self, "aws_s3_kms_key")
1623
1456
 
@@ -1625,7 +1458,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1625
1458
  @pulumi.getter(name="awsS3Region")
1626
1459
  def aws_s3_region(self) -> pulumi.Output[Optional[str]]:
1627
1460
  """
1628
- `<required>` - AWS region bucket is in.
1461
+ AWS region bucket is in.
1629
1462
  """
1630
1463
  return pulumi.get(self, "aws_s3_region")
1631
1464
 
@@ -1681,8 +1514,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1681
1514
  @pulumi.getter(name="azureContainerName")
1682
1515
  def azure_container_name(self) -> pulumi.Output[Optional[str]]:
1683
1516
  """
1684
- `<required>` - Azure container name to write
1685
- snapshots to.
1517
+ Azure container name to write snapshots to.
1686
1518
  """
1687
1519
  return pulumi.get(self, "azure_container_name")
1688
1520
 
@@ -1690,8 +1522,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1690
1522
  @pulumi.getter(name="azureEndpoint")
1691
1523
  def azure_endpoint(self) -> pulumi.Output[Optional[str]]:
1692
1524
  """
1693
- Azure blob storage endpoint. This is typically
1694
- only set when using a non-Azure implementation like Azurite.
1525
+ Azure blob storage endpoint. This is typically only set when using a non-Azure implementation like Azurite.
1695
1526
  """
1696
1527
  return pulumi.get(self, "azure_endpoint")
1697
1528
 
@@ -1709,9 +1540,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1709
1540
  @pulumi.getter(name="googleDisableTls")
1710
1541
  def google_disable_tls(self) -> pulumi.Output[Optional[bool]]:
1711
1542
  """
1712
- Disable TLS for the GCS endpoint. This
1713
- should only be used for testing purposes, typically in conjunction with
1714
- `google_endpoint`.
1543
+ Disable TLS for the GCS endpoint.
1715
1544
  """
1716
1545
  return pulumi.get(self, "google_disable_tls")
1717
1546
 
@@ -1719,8 +1548,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1719
1548
  @pulumi.getter(name="googleEndpoint")
1720
1549
  def google_endpoint(self) -> pulumi.Output[Optional[str]]:
1721
1550
  """
1722
- GCS endpoint. This is typically only set when
1723
- using a non-Google GCS implementation like fake-gcs-server.
1551
+ GCS endpoint. This is typically only set when using a non-Google GCS implementation like fake-gcs-server.
1724
1552
  """
1725
1553
  return pulumi.get(self, "google_endpoint")
1726
1554
 
@@ -1728,7 +1556,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1728
1556
  @pulumi.getter(name="googleGcsBucket")
1729
1557
  def google_gcs_bucket(self) -> pulumi.Output[Optional[str]]:
1730
1558
  """
1731
- `<required>` - GCS bucket to write snapshots to.
1559
+ GCS bucket to write snapshots to.
1732
1560
  """
1733
1561
  return pulumi.get(self, "google_gcs_bucket")
1734
1562
 
@@ -1736,23 +1564,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1736
1564
  @pulumi.getter(name="googleServiceAccountKey")
1737
1565
  def google_service_account_key(self) -> pulumi.Output[Optional[str]]:
1738
1566
  """
1739
- Google service account key in JSON format.
1740
- The raw value looks like this:
1741
-
1742
- ```json
1743
- {
1744
- "type": "service_account",
1745
- "project_id": "project-id",
1746
- "private_key_id": "key-id",
1747
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\\nMIIEpQ ... /WZs=\\n-----END RSA PRIVATE KEY-----\\n",
1748
- "client_email": "service-account-email",
1749
- "client_id": "client-id",
1750
- "auth_uri": "https://accounts.google.com/o/oauth2/auth",
1751
- "token_uri": "https://accounts.google.com/o/oauth2/token",
1752
- "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
1753
- "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
1754
- }
1755
- ```
1567
+ Google service account key in JSON format.
1756
1568
  """
1757
1569
  return pulumi.get(self, "google_service_account_key")
1758
1570
 
@@ -1768,9 +1580,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1768
1580
  @pulumi.getter(name="localMaxSpace")
1769
1581
  def local_max_space(self) -> pulumi.Output[Optional[int]]:
1770
1582
  """
1771
- For `storage_type = local`, the maximum
1772
- space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough
1773
- space left in this allowance.
1583
+ The maximum space, in bytes, to use for snapshots.
1774
1584
  """
1775
1585
  return pulumi.get(self, "local_max_space")
1776
1586
 
@@ -1788,7 +1598,7 @@ class RaftSnapshotAgentConfig(pulumi.CustomResource):
1788
1598
  """
1789
1599
  The namespace to provision the resource in.
1790
1600
  The value should not contain leading or trailing forward slashes.
1791
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
1601
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1792
1602
  *Available only for Vault Enterprise*.
1793
1603
  """
1794
1604
  return pulumi.get(self, "namespace")