pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -11,4 +11,7 @@ from .sync_azure_destination import *
11
11
  from .sync_config import *
12
12
  from .sync_gcp_destination import *
13
13
  from .sync_gh_destination import *
14
+ from .sync_github_apps import *
14
15
  from .sync_vercel_destination import *
16
+ from ._inputs import *
17
+ from . import outputs
@@ -0,0 +1,110 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import copy
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+
17
+ __all__ = [
18
+ 'SyncAssociationMetadataArgs',
19
+ 'SyncAssociationMetadataArgsDict',
20
+ ]
21
+
22
+ MYPY = False
23
+
24
+ if not MYPY:
25
+ class SyncAssociationMetadataArgsDict(TypedDict):
26
+ sub_key: NotRequired[pulumi.Input[str]]
27
+ """
28
+ Subkey of the associated secret.
29
+ """
30
+ sync_status: NotRequired[pulumi.Input[str]]
31
+ """
32
+ A map of sync statuses for each subkey of the associated secret
33
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
34
+ """
35
+ updated_at: NotRequired[pulumi.Input[str]]
36
+ """
37
+ A map of duration strings specifying when each subkey of the associated
38
+ secret was last updated.
39
+ (for ex.
40
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
41
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
42
+ """
43
+ elif False:
44
+ SyncAssociationMetadataArgsDict: TypeAlias = Mapping[str, Any]
45
+
46
+ @pulumi.input_type
47
+ class SyncAssociationMetadataArgs:
48
+ def __init__(__self__, *,
49
+ sub_key: Optional[pulumi.Input[str]] = None,
50
+ sync_status: Optional[pulumi.Input[str]] = None,
51
+ updated_at: Optional[pulumi.Input[str]] = None):
52
+ """
53
+ :param pulumi.Input[str] sub_key: Subkey of the associated secret.
54
+ :param pulumi.Input[str] sync_status: A map of sync statuses for each subkey of the associated secret
55
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
56
+ :param pulumi.Input[str] updated_at: A map of duration strings specifying when each subkey of the associated
57
+ secret was last updated.
58
+ (for ex.
59
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
60
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
61
+ """
62
+ if sub_key is not None:
63
+ pulumi.set(__self__, "sub_key", sub_key)
64
+ if sync_status is not None:
65
+ pulumi.set(__self__, "sync_status", sync_status)
66
+ if updated_at is not None:
67
+ pulumi.set(__self__, "updated_at", updated_at)
68
+
69
+ @property
70
+ @pulumi.getter(name="subKey")
71
+ def sub_key(self) -> Optional[pulumi.Input[str]]:
72
+ """
73
+ Subkey of the associated secret.
74
+ """
75
+ return pulumi.get(self, "sub_key")
76
+
77
+ @sub_key.setter
78
+ def sub_key(self, value: Optional[pulumi.Input[str]]):
79
+ pulumi.set(self, "sub_key", value)
80
+
81
+ @property
82
+ @pulumi.getter(name="syncStatus")
83
+ def sync_status(self) -> Optional[pulumi.Input[str]]:
84
+ """
85
+ A map of sync statuses for each subkey of the associated secret
86
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
87
+ """
88
+ return pulumi.get(self, "sync_status")
89
+
90
+ @sync_status.setter
91
+ def sync_status(self, value: Optional[pulumi.Input[str]]):
92
+ pulumi.set(self, "sync_status", value)
93
+
94
+ @property
95
+ @pulumi.getter(name="updatedAt")
96
+ def updated_at(self) -> Optional[pulumi.Input[str]]:
97
+ """
98
+ A map of duration strings specifying when each subkey of the associated
99
+ secret was last updated.
100
+ (for ex.
101
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
102
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
103
+ """
104
+ return pulumi.get(self, "updated_at")
105
+
106
+ @updated_at.setter
107
+ def updated_at(self, value: Optional[pulumi.Input[str]]):
108
+ pulumi.set(self, "updated_at", value)
109
+
110
+
@@ -0,0 +1,94 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import copy
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+
17
+ __all__ = [
18
+ 'SyncAssociationMetadata',
19
+ ]
20
+
21
+ @pulumi.output_type
22
+ class SyncAssociationMetadata(dict):
23
+ @staticmethod
24
+ def __key_warning(key: str):
25
+ suggest = None
26
+ if key == "subKey":
27
+ suggest = "sub_key"
28
+ elif key == "syncStatus":
29
+ suggest = "sync_status"
30
+ elif key == "updatedAt":
31
+ suggest = "updated_at"
32
+
33
+ if suggest:
34
+ pulumi.log.warn(f"Key '{key}' not found in SyncAssociationMetadata. Access the value via the '{suggest}' property getter instead.")
35
+
36
+ def __getitem__(self, key: str) -> Any:
37
+ SyncAssociationMetadata.__key_warning(key)
38
+ return super().__getitem__(key)
39
+
40
+ def get(self, key: str, default = None) -> Any:
41
+ SyncAssociationMetadata.__key_warning(key)
42
+ return super().get(key, default)
43
+
44
+ def __init__(__self__, *,
45
+ sub_key: Optional[str] = None,
46
+ sync_status: Optional[str] = None,
47
+ updated_at: Optional[str] = None):
48
+ """
49
+ :param str sub_key: Subkey of the associated secret.
50
+ :param str sync_status: A map of sync statuses for each subkey of the associated secret
51
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
52
+ :param str updated_at: A map of duration strings specifying when each subkey of the associated
53
+ secret was last updated.
54
+ (for ex.
55
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
56
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
57
+ """
58
+ if sub_key is not None:
59
+ pulumi.set(__self__, "sub_key", sub_key)
60
+ if sync_status is not None:
61
+ pulumi.set(__self__, "sync_status", sync_status)
62
+ if updated_at is not None:
63
+ pulumi.set(__self__, "updated_at", updated_at)
64
+
65
+ @property
66
+ @pulumi.getter(name="subKey")
67
+ def sub_key(self) -> Optional[str]:
68
+ """
69
+ Subkey of the associated secret.
70
+ """
71
+ return pulumi.get(self, "sub_key")
72
+
73
+ @property
74
+ @pulumi.getter(name="syncStatus")
75
+ def sync_status(self) -> Optional[str]:
76
+ """
77
+ A map of sync statuses for each subkey of the associated secret
78
+ (for ex. `{kv_624bea/aws-token/dev: "SYNCED", kv_624bea/aws-token/prod: "SYNCED"}`).
79
+ """
80
+ return pulumi.get(self, "sync_status")
81
+
82
+ @property
83
+ @pulumi.getter(name="updatedAt")
84
+ def updated_at(self) -> Optional[str]:
85
+ """
86
+ A map of duration strings specifying when each subkey of the associated
87
+ secret was last updated.
88
+ (for ex.
89
+ `{kv_624bea/aws-token/dev: "2024-03-21T12:42:02.558533-07:00",
90
+ kv_624bea/aws-token/prod: "2024-03-21T12:42:02.558533-07:00"}`).
91
+ """
92
+ return pulumi.get(self, "updated_at")
93
+
94
+
@@ -4,10 +4,17 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
16
+ from . import outputs
17
+ from ._inputs import *
11
18
 
12
19
  __all__ = ['SyncAssociationArgs', 'SyncAssociation']
13
20
 
@@ -27,7 +34,7 @@ class SyncAssociationArgs:
27
34
  :param pulumi.Input[str] name: Specifies the name of the destination.
28
35
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
29
36
  The value should not contain leading or trailing forward slashes.
30
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
37
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
31
38
  """
32
39
  pulumi.set(__self__, "mount", mount)
33
40
  pulumi.set(__self__, "secret_name", secret_name)
@@ -91,7 +98,7 @@ class SyncAssociationArgs:
91
98
  """
92
99
  The namespace to provision the resource in.
93
100
  The value should not contain leading or trailing forward slashes.
94
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
101
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
95
102
  """
96
103
  return pulumi.get(self, "namespace")
97
104
 
@@ -103,25 +110,25 @@ class SyncAssociationArgs:
103
110
  @pulumi.input_type
104
111
  class _SyncAssociationState:
105
112
  def __init__(__self__, *,
113
+ metadatas: Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]] = None,
106
114
  mount: Optional[pulumi.Input[str]] = None,
107
115
  name: Optional[pulumi.Input[str]] = None,
108
116
  namespace: Optional[pulumi.Input[str]] = None,
109
117
  secret_name: Optional[pulumi.Input[str]] = None,
110
- sync_status: Optional[pulumi.Input[str]] = None,
111
- type: Optional[pulumi.Input[str]] = None,
112
- updated_at: Optional[pulumi.Input[str]] = None):
118
+ type: Optional[pulumi.Input[str]] = None):
113
119
  """
114
120
  Input properties used for looking up and filtering SyncAssociation resources.
121
+ :param pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]] metadatas: Metadata for each subkey of the associated secret.
115
122
  :param pulumi.Input[str] mount: Specifies the mount where the secret is located.
116
123
  :param pulumi.Input[str] name: Specifies the name of the destination.
117
124
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
118
125
  The value should not contain leading or trailing forward slashes.
119
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
126
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
120
127
  :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
121
- :param pulumi.Input[str] sync_status: Specifies the status of the association (for eg. `SYNCED`).
122
128
  :param pulumi.Input[str] type: Specifies the destination type.
123
- :param pulumi.Input[str] updated_at: Duration string specifying when the secret was last updated.
124
129
  """
130
+ if metadatas is not None:
131
+ pulumi.set(__self__, "metadatas", metadatas)
125
132
  if mount is not None:
126
133
  pulumi.set(__self__, "mount", mount)
127
134
  if name is not None:
@@ -130,12 +137,20 @@ class _SyncAssociationState:
130
137
  pulumi.set(__self__, "namespace", namespace)
131
138
  if secret_name is not None:
132
139
  pulumi.set(__self__, "secret_name", secret_name)
133
- if sync_status is not None:
134
- pulumi.set(__self__, "sync_status", sync_status)
135
140
  if type is not None:
136
141
  pulumi.set(__self__, "type", type)
137
- if updated_at is not None:
138
- pulumi.set(__self__, "updated_at", updated_at)
142
+
143
+ @property
144
+ @pulumi.getter
145
+ def metadatas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]]:
146
+ """
147
+ Metadata for each subkey of the associated secret.
148
+ """
149
+ return pulumi.get(self, "metadatas")
150
+
151
+ @metadatas.setter
152
+ def metadatas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SyncAssociationMetadataArgs']]]]):
153
+ pulumi.set(self, "metadatas", value)
139
154
 
140
155
  @property
141
156
  @pulumi.getter
@@ -167,7 +182,7 @@ class _SyncAssociationState:
167
182
  """
168
183
  The namespace to provision the resource in.
169
184
  The value should not contain leading or trailing forward slashes.
170
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
185
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
171
186
  """
172
187
  return pulumi.get(self, "namespace")
173
188
 
@@ -187,18 +202,6 @@ class _SyncAssociationState:
187
202
  def secret_name(self, value: Optional[pulumi.Input[str]]):
188
203
  pulumi.set(self, "secret_name", value)
189
204
 
190
- @property
191
- @pulumi.getter(name="syncStatus")
192
- def sync_status(self) -> Optional[pulumi.Input[str]]:
193
- """
194
- Specifies the status of the association (for eg. `SYNCED`).
195
- """
196
- return pulumi.get(self, "sync_status")
197
-
198
- @sync_status.setter
199
- def sync_status(self, value: Optional[pulumi.Input[str]]):
200
- pulumi.set(self, "sync_status", value)
201
-
202
205
  @property
203
206
  @pulumi.getter
204
207
  def type(self) -> Optional[pulumi.Input[str]]:
@@ -211,18 +214,6 @@ class _SyncAssociationState:
211
214
  def type(self, value: Optional[pulumi.Input[str]]):
212
215
  pulumi.set(self, "type", value)
213
216
 
214
- @property
215
- @pulumi.getter(name="updatedAt")
216
- def updated_at(self) -> Optional[pulumi.Input[str]]:
217
- """
218
- Duration string specifying when the secret was last updated.
219
- """
220
- return pulumi.get(self, "updated_at")
221
-
222
- @updated_at.setter
223
- def updated_at(self, value: Optional[pulumi.Input[str]]):
224
- pulumi.set(self, "updated_at", value)
225
-
226
217
 
227
218
  class SyncAssociation(pulumi.CustomResource):
228
219
  @overload
@@ -238,7 +229,6 @@ class SyncAssociation(pulumi.CustomResource):
238
229
  """
239
230
  ## Example Usage
240
231
 
241
- <!--Start PulumiCodeChooser -->
242
232
  ```python
243
233
  import pulumi
244
234
  import json
@@ -253,21 +243,23 @@ class SyncAssociation(pulumi.CustomResource):
253
243
  description="KV Version 2 secret engine mount")
254
244
  token = vault.kv.SecretV2("token",
255
245
  mount=kvv2.path,
246
+ name="token",
256
247
  data_json=json.dumps({
257
248
  "dev": "B!gS3cr3t",
258
249
  "prod": "S3cureP4$$",
259
250
  }))
260
251
  gh = vault.secrets.SyncGhDestination("gh",
261
- access_token=var["access_token"],
262
- repository_owner=var["repo_owner"],
252
+ name="gh-dest",
253
+ access_token=access_token,
254
+ repository_owner=repo_owner,
263
255
  repository_name="repo-name-example",
264
256
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
265
- gh_token = vault.secrets.SyncAssociation("ghToken",
257
+ gh_token = vault.secrets.SyncAssociation("gh_token",
258
+ name=gh.name,
266
259
  type=gh.type,
267
260
  mount=kvv2.path,
268
261
  secret_name=token.name)
269
262
  ```
270
- <!--End PulumiCodeChooser -->
271
263
 
272
264
  :param str resource_name: The name of the resource.
273
265
  :param pulumi.ResourceOptions opts: Options for the resource.
@@ -275,7 +267,7 @@ class SyncAssociation(pulumi.CustomResource):
275
267
  :param pulumi.Input[str] name: Specifies the name of the destination.
276
268
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
277
269
  The value should not contain leading or trailing forward slashes.
278
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
270
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
279
271
  :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
280
272
  :param pulumi.Input[str] type: Specifies the destination type.
281
273
  """
@@ -288,7 +280,6 @@ class SyncAssociation(pulumi.CustomResource):
288
280
  """
289
281
  ## Example Usage
290
282
 
291
- <!--Start PulumiCodeChooser -->
292
283
  ```python
293
284
  import pulumi
294
285
  import json
@@ -303,21 +294,23 @@ class SyncAssociation(pulumi.CustomResource):
303
294
  description="KV Version 2 secret engine mount")
304
295
  token = vault.kv.SecretV2("token",
305
296
  mount=kvv2.path,
297
+ name="token",
306
298
  data_json=json.dumps({
307
299
  "dev": "B!gS3cr3t",
308
300
  "prod": "S3cureP4$$",
309
301
  }))
310
302
  gh = vault.secrets.SyncGhDestination("gh",
311
- access_token=var["access_token"],
312
- repository_owner=var["repo_owner"],
303
+ name="gh-dest",
304
+ access_token=access_token,
305
+ repository_owner=repo_owner,
313
306
  repository_name="repo-name-example",
314
307
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}")
315
- gh_token = vault.secrets.SyncAssociation("ghToken",
308
+ gh_token = vault.secrets.SyncAssociation("gh_token",
309
+ name=gh.name,
316
310
  type=gh.type,
317
311
  mount=kvv2.path,
318
312
  secret_name=token.name)
319
313
  ```
320
- <!--End PulumiCodeChooser -->
321
314
 
322
315
  :param str resource_name: The name of the resource.
323
316
  :param SyncAssociationArgs args: The arguments to use to populate this resource's properties.
@@ -359,8 +352,7 @@ class SyncAssociation(pulumi.CustomResource):
359
352
  if type is None and not opts.urn:
360
353
  raise TypeError("Missing required property 'type'")
361
354
  __props__.__dict__["type"] = type
362
- __props__.__dict__["sync_status"] = None
363
- __props__.__dict__["updated_at"] = None
355
+ __props__.__dict__["metadatas"] = None
364
356
  super(SyncAssociation, __self__).__init__(
365
357
  'vault:secrets/syncAssociation:SyncAssociation',
366
358
  resource_name,
@@ -371,13 +363,12 @@ class SyncAssociation(pulumi.CustomResource):
371
363
  def get(resource_name: str,
372
364
  id: pulumi.Input[str],
373
365
  opts: Optional[pulumi.ResourceOptions] = None,
366
+ metadatas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SyncAssociationMetadataArgs', 'SyncAssociationMetadataArgsDict']]]]] = None,
374
367
  mount: Optional[pulumi.Input[str]] = None,
375
368
  name: Optional[pulumi.Input[str]] = None,
376
369
  namespace: Optional[pulumi.Input[str]] = None,
377
370
  secret_name: Optional[pulumi.Input[str]] = None,
378
- sync_status: Optional[pulumi.Input[str]] = None,
379
- type: Optional[pulumi.Input[str]] = None,
380
- updated_at: Optional[pulumi.Input[str]] = None) -> 'SyncAssociation':
371
+ type: Optional[pulumi.Input[str]] = None) -> 'SyncAssociation':
381
372
  """
382
373
  Get an existing SyncAssociation resource's state with the given name, id, and optional extra
383
374
  properties used to qualify the lookup.
@@ -385,29 +376,35 @@ class SyncAssociation(pulumi.CustomResource):
385
376
  :param str resource_name: The unique name of the resulting resource.
386
377
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
387
378
  :param pulumi.ResourceOptions opts: Options for the resource.
379
+ :param pulumi.Input[Sequence[pulumi.Input[Union['SyncAssociationMetadataArgs', 'SyncAssociationMetadataArgsDict']]]] metadatas: Metadata for each subkey of the associated secret.
388
380
  :param pulumi.Input[str] mount: Specifies the mount where the secret is located.
389
381
  :param pulumi.Input[str] name: Specifies the name of the destination.
390
382
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
391
383
  The value should not contain leading or trailing forward slashes.
392
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
384
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
393
385
  :param pulumi.Input[str] secret_name: Specifies the name of the secret to synchronize.
394
- :param pulumi.Input[str] sync_status: Specifies the status of the association (for eg. `SYNCED`).
395
386
  :param pulumi.Input[str] type: Specifies the destination type.
396
- :param pulumi.Input[str] updated_at: Duration string specifying when the secret was last updated.
397
387
  """
398
388
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
399
389
 
400
390
  __props__ = _SyncAssociationState.__new__(_SyncAssociationState)
401
391
 
392
+ __props__.__dict__["metadatas"] = metadatas
402
393
  __props__.__dict__["mount"] = mount
403
394
  __props__.__dict__["name"] = name
404
395
  __props__.__dict__["namespace"] = namespace
405
396
  __props__.__dict__["secret_name"] = secret_name
406
- __props__.__dict__["sync_status"] = sync_status
407
397
  __props__.__dict__["type"] = type
408
- __props__.__dict__["updated_at"] = updated_at
409
398
  return SyncAssociation(resource_name, opts=opts, __props__=__props__)
410
399
 
400
+ @property
401
+ @pulumi.getter
402
+ def metadatas(self) -> pulumi.Output[Sequence['outputs.SyncAssociationMetadata']]:
403
+ """
404
+ Metadata for each subkey of the associated secret.
405
+ """
406
+ return pulumi.get(self, "metadatas")
407
+
411
408
  @property
412
409
  @pulumi.getter
413
410
  def mount(self) -> pulumi.Output[str]:
@@ -430,7 +427,7 @@ class SyncAssociation(pulumi.CustomResource):
430
427
  """
431
428
  The namespace to provision the resource in.
432
429
  The value should not contain leading or trailing forward slashes.
433
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
430
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
434
431
  """
435
432
  return pulumi.get(self, "namespace")
436
433
 
@@ -442,14 +439,6 @@ class SyncAssociation(pulumi.CustomResource):
442
439
  """
443
440
  return pulumi.get(self, "secret_name")
444
441
 
445
- @property
446
- @pulumi.getter(name="syncStatus")
447
- def sync_status(self) -> pulumi.Output[str]:
448
- """
449
- Specifies the status of the association (for eg. `SYNCED`).
450
- """
451
- return pulumi.get(self, "sync_status")
452
-
453
442
  @property
454
443
  @pulumi.getter
455
444
  def type(self) -> pulumi.Output[str]:
@@ -458,11 +447,3 @@ class SyncAssociation(pulumi.CustomResource):
458
447
  """
459
448
  return pulumi.get(self, "type")
460
449
 
461
- @property
462
- @pulumi.getter(name="updatedAt")
463
- def updated_at(self) -> pulumi.Output[str]:
464
- """
465
- Duration string specifying when the secret was last updated.
466
- """
467
- return pulumi.get(self, "updated_at")
468
-