pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SyncAzureDestinationArgs', 'SyncAzureDestination']
|
@@ -17,7 +22,8 @@ class SyncAzureDestinationArgs:
|
|
17
22
|
client_id: Optional[pulumi.Input[str]] = None,
|
18
23
|
client_secret: Optional[pulumi.Input[str]] = None,
|
19
24
|
cloud: Optional[pulumi.Input[str]] = None,
|
20
|
-
custom_tags: Optional[pulumi.Input[Mapping[str,
|
25
|
+
custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
26
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
21
27
|
key_vault_uri: Optional[pulumi.Input[str]] = None,
|
22
28
|
name: Optional[pulumi.Input[str]] = None,
|
23
29
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -32,14 +38,16 @@ class SyncAzureDestinationArgs:
|
|
32
38
|
Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
|
33
39
|
variable.
|
34
40
|
:param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
|
35
|
-
:param pulumi.Input[Mapping[str,
|
41
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
|
42
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
43
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
36
44
|
:param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
|
37
45
|
Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
|
38
46
|
variable.
|
39
47
|
:param pulumi.Input[str] name: Unique name of the Azure destination.
|
40
48
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
41
49
|
The value should not contain leading or trailing forward slashes.
|
42
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
50
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
43
51
|
:param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
|
44
52
|
Supports a subset of the Go Template syntax.
|
45
53
|
:param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
|
@@ -54,6 +62,8 @@ class SyncAzureDestinationArgs:
|
|
54
62
|
pulumi.set(__self__, "cloud", cloud)
|
55
63
|
if custom_tags is not None:
|
56
64
|
pulumi.set(__self__, "custom_tags", custom_tags)
|
65
|
+
if granularity is not None:
|
66
|
+
pulumi.set(__self__, "granularity", granularity)
|
57
67
|
if key_vault_uri is not None:
|
58
68
|
pulumi.set(__self__, "key_vault_uri", key_vault_uri)
|
59
69
|
if name is not None:
|
@@ -107,16 +117,29 @@ class SyncAzureDestinationArgs:
|
|
107
117
|
|
108
118
|
@property
|
109
119
|
@pulumi.getter(name="customTags")
|
110
|
-
def custom_tags(self) -> Optional[pulumi.Input[Mapping[str,
|
120
|
+
def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
111
121
|
"""
|
112
122
|
Custom tags to set on the secret managed at the destination.
|
113
123
|
"""
|
114
124
|
return pulumi.get(self, "custom_tags")
|
115
125
|
|
116
126
|
@custom_tags.setter
|
117
|
-
def custom_tags(self, value: Optional[pulumi.Input[Mapping[str,
|
127
|
+
def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
118
128
|
pulumi.set(self, "custom_tags", value)
|
119
129
|
|
130
|
+
@property
|
131
|
+
@pulumi.getter
|
132
|
+
def granularity(self) -> Optional[pulumi.Input[str]]:
|
133
|
+
"""
|
134
|
+
Determines what level of information is synced as a distinct resource
|
135
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
136
|
+
"""
|
137
|
+
return pulumi.get(self, "granularity")
|
138
|
+
|
139
|
+
@granularity.setter
|
140
|
+
def granularity(self, value: Optional[pulumi.Input[str]]):
|
141
|
+
pulumi.set(self, "granularity", value)
|
142
|
+
|
120
143
|
@property
|
121
144
|
@pulumi.getter(name="keyVaultUri")
|
122
145
|
def key_vault_uri(self) -> Optional[pulumi.Input[str]]:
|
@@ -149,7 +172,7 @@ class SyncAzureDestinationArgs:
|
|
149
172
|
"""
|
150
173
|
The namespace to provision the resource in.
|
151
174
|
The value should not contain leading or trailing forward slashes.
|
152
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
175
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
153
176
|
"""
|
154
177
|
return pulumi.get(self, "namespace")
|
155
178
|
|
@@ -191,7 +214,8 @@ class _SyncAzureDestinationState:
|
|
191
214
|
client_id: Optional[pulumi.Input[str]] = None,
|
192
215
|
client_secret: Optional[pulumi.Input[str]] = None,
|
193
216
|
cloud: Optional[pulumi.Input[str]] = None,
|
194
|
-
custom_tags: Optional[pulumi.Input[Mapping[str,
|
217
|
+
custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
218
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
195
219
|
key_vault_uri: Optional[pulumi.Input[str]] = None,
|
196
220
|
name: Optional[pulumi.Input[str]] = None,
|
197
221
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -207,14 +231,16 @@ class _SyncAzureDestinationState:
|
|
207
231
|
Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
|
208
232
|
variable.
|
209
233
|
:param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
|
210
|
-
:param pulumi.Input[Mapping[str,
|
234
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
|
235
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
236
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
211
237
|
:param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
|
212
238
|
Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
|
213
239
|
variable.
|
214
240
|
:param pulumi.Input[str] name: Unique name of the Azure destination.
|
215
241
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
216
242
|
The value should not contain leading or trailing forward slashes.
|
217
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
243
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
218
244
|
:param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
|
219
245
|
Supports a subset of the Go Template syntax.
|
220
246
|
:param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
|
@@ -230,6 +256,8 @@ class _SyncAzureDestinationState:
|
|
230
256
|
pulumi.set(__self__, "cloud", cloud)
|
231
257
|
if custom_tags is not None:
|
232
258
|
pulumi.set(__self__, "custom_tags", custom_tags)
|
259
|
+
if granularity is not None:
|
260
|
+
pulumi.set(__self__, "granularity", granularity)
|
233
261
|
if key_vault_uri is not None:
|
234
262
|
pulumi.set(__self__, "key_vault_uri", key_vault_uri)
|
235
263
|
if name is not None:
|
@@ -285,16 +313,29 @@ class _SyncAzureDestinationState:
|
|
285
313
|
|
286
314
|
@property
|
287
315
|
@pulumi.getter(name="customTags")
|
288
|
-
def custom_tags(self) -> Optional[pulumi.Input[Mapping[str,
|
316
|
+
def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
289
317
|
"""
|
290
318
|
Custom tags to set on the secret managed at the destination.
|
291
319
|
"""
|
292
320
|
return pulumi.get(self, "custom_tags")
|
293
321
|
|
294
322
|
@custom_tags.setter
|
295
|
-
def custom_tags(self, value: Optional[pulumi.Input[Mapping[str,
|
323
|
+
def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
296
324
|
pulumi.set(self, "custom_tags", value)
|
297
325
|
|
326
|
+
@property
|
327
|
+
@pulumi.getter
|
328
|
+
def granularity(self) -> Optional[pulumi.Input[str]]:
|
329
|
+
"""
|
330
|
+
Determines what level of information is synced as a distinct resource
|
331
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
332
|
+
"""
|
333
|
+
return pulumi.get(self, "granularity")
|
334
|
+
|
335
|
+
@granularity.setter
|
336
|
+
def granularity(self, value: Optional[pulumi.Input[str]]):
|
337
|
+
pulumi.set(self, "granularity", value)
|
338
|
+
|
298
339
|
@property
|
299
340
|
@pulumi.getter(name="keyVaultUri")
|
300
341
|
def key_vault_uri(self) -> Optional[pulumi.Input[str]]:
|
@@ -327,7 +368,7 @@ class _SyncAzureDestinationState:
|
|
327
368
|
"""
|
328
369
|
The namespace to provision the resource in.
|
329
370
|
The value should not contain leading or trailing forward slashes.
|
330
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
371
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
331
372
|
"""
|
332
373
|
return pulumi.get(self, "namespace")
|
333
374
|
|
@@ -383,7 +424,8 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
383
424
|
client_id: Optional[pulumi.Input[str]] = None,
|
384
425
|
client_secret: Optional[pulumi.Input[str]] = None,
|
385
426
|
cloud: Optional[pulumi.Input[str]] = None,
|
386
|
-
custom_tags: Optional[pulumi.Input[Mapping[str,
|
427
|
+
custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
428
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
387
429
|
key_vault_uri: Optional[pulumi.Input[str]] = None,
|
388
430
|
name: Optional[pulumi.Input[str]] = None,
|
389
431
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -393,22 +435,21 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
393
435
|
"""
|
394
436
|
## Example Usage
|
395
437
|
|
396
|
-
<!--Start PulumiCodeChooser -->
|
397
438
|
```python
|
398
439
|
import pulumi
|
399
440
|
import pulumi_vault as vault
|
400
441
|
|
401
442
|
az = vault.secrets.SyncAzureDestination("az",
|
402
|
-
|
403
|
-
|
404
|
-
|
405
|
-
|
443
|
+
name="az-dest",
|
444
|
+
key_vault_uri=key_vault_uri,
|
445
|
+
client_id=client_id,
|
446
|
+
client_secret=client_secret,
|
447
|
+
tenant_id=tenant_id,
|
406
448
|
secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
|
407
449
|
custom_tags={
|
408
450
|
"foo": "bar",
|
409
451
|
})
|
410
452
|
```
|
411
|
-
<!--End PulumiCodeChooser -->
|
412
453
|
|
413
454
|
## Import
|
414
455
|
|
@@ -427,14 +468,16 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
427
468
|
Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
|
428
469
|
variable.
|
429
470
|
:param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
|
430
|
-
:param pulumi.Input[Mapping[str,
|
471
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
|
472
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
473
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
431
474
|
:param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
|
432
475
|
Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
|
433
476
|
variable.
|
434
477
|
:param pulumi.Input[str] name: Unique name of the Azure destination.
|
435
478
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
436
479
|
The value should not contain leading or trailing forward slashes.
|
437
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
480
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
438
481
|
:param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
|
439
482
|
Supports a subset of the Go Template syntax.
|
440
483
|
:param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
|
@@ -450,22 +493,21 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
450
493
|
"""
|
451
494
|
## Example Usage
|
452
495
|
|
453
|
-
<!--Start PulumiCodeChooser -->
|
454
496
|
```python
|
455
497
|
import pulumi
|
456
498
|
import pulumi_vault as vault
|
457
499
|
|
458
500
|
az = vault.secrets.SyncAzureDestination("az",
|
459
|
-
|
460
|
-
|
461
|
-
|
462
|
-
|
501
|
+
name="az-dest",
|
502
|
+
key_vault_uri=key_vault_uri,
|
503
|
+
client_id=client_id,
|
504
|
+
client_secret=client_secret,
|
505
|
+
tenant_id=tenant_id,
|
463
506
|
secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
|
464
507
|
custom_tags={
|
465
508
|
"foo": "bar",
|
466
509
|
})
|
467
510
|
```
|
468
|
-
<!--End PulumiCodeChooser -->
|
469
511
|
|
470
512
|
## Import
|
471
513
|
|
@@ -493,7 +535,8 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
493
535
|
client_id: Optional[pulumi.Input[str]] = None,
|
494
536
|
client_secret: Optional[pulumi.Input[str]] = None,
|
495
537
|
cloud: Optional[pulumi.Input[str]] = None,
|
496
|
-
custom_tags: Optional[pulumi.Input[Mapping[str,
|
538
|
+
custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
539
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
497
540
|
key_vault_uri: Optional[pulumi.Input[str]] = None,
|
498
541
|
name: Optional[pulumi.Input[str]] = None,
|
499
542
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -512,6 +555,7 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
512
555
|
__props__.__dict__["client_secret"] = None if client_secret is None else pulumi.Output.secret(client_secret)
|
513
556
|
__props__.__dict__["cloud"] = cloud
|
514
557
|
__props__.__dict__["custom_tags"] = custom_tags
|
558
|
+
__props__.__dict__["granularity"] = granularity
|
515
559
|
__props__.__dict__["key_vault_uri"] = key_vault_uri
|
516
560
|
__props__.__dict__["name"] = name
|
517
561
|
__props__.__dict__["namespace"] = namespace
|
@@ -533,7 +577,8 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
533
577
|
client_id: Optional[pulumi.Input[str]] = None,
|
534
578
|
client_secret: Optional[pulumi.Input[str]] = None,
|
535
579
|
cloud: Optional[pulumi.Input[str]] = None,
|
536
|
-
custom_tags: Optional[pulumi.Input[Mapping[str,
|
580
|
+
custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
581
|
+
granularity: Optional[pulumi.Input[str]] = None,
|
537
582
|
key_vault_uri: Optional[pulumi.Input[str]] = None,
|
538
583
|
name: Optional[pulumi.Input[str]] = None,
|
539
584
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -554,14 +599,16 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
554
599
|
Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
|
555
600
|
variable.
|
556
601
|
:param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
|
557
|
-
:param pulumi.Input[Mapping[str,
|
602
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
|
603
|
+
:param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
|
604
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
558
605
|
:param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
|
559
606
|
Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
|
560
607
|
variable.
|
561
608
|
:param pulumi.Input[str] name: Unique name of the Azure destination.
|
562
609
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
563
610
|
The value should not contain leading or trailing forward slashes.
|
564
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
611
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
565
612
|
:param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
|
566
613
|
Supports a subset of the Go Template syntax.
|
567
614
|
:param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
|
@@ -577,6 +624,7 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
577
624
|
__props__.__dict__["client_secret"] = client_secret
|
578
625
|
__props__.__dict__["cloud"] = cloud
|
579
626
|
__props__.__dict__["custom_tags"] = custom_tags
|
627
|
+
__props__.__dict__["granularity"] = granularity
|
580
628
|
__props__.__dict__["key_vault_uri"] = key_vault_uri
|
581
629
|
__props__.__dict__["name"] = name
|
582
630
|
__props__.__dict__["namespace"] = namespace
|
@@ -615,12 +663,21 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
615
663
|
|
616
664
|
@property
|
617
665
|
@pulumi.getter(name="customTags")
|
618
|
-
def custom_tags(self) -> pulumi.Output[Optional[Mapping[str,
|
666
|
+
def custom_tags(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
|
619
667
|
"""
|
620
668
|
Custom tags to set on the secret managed at the destination.
|
621
669
|
"""
|
622
670
|
return pulumi.get(self, "custom_tags")
|
623
671
|
|
672
|
+
@property
|
673
|
+
@pulumi.getter
|
674
|
+
def granularity(self) -> pulumi.Output[Optional[str]]:
|
675
|
+
"""
|
676
|
+
Determines what level of information is synced as a distinct resource
|
677
|
+
at the destination. Supports `secret-path` and `secret-key`.
|
678
|
+
"""
|
679
|
+
return pulumi.get(self, "granularity")
|
680
|
+
|
624
681
|
@property
|
625
682
|
@pulumi.getter(name="keyVaultUri")
|
626
683
|
def key_vault_uri(self) -> pulumi.Output[Optional[str]]:
|
@@ -645,7 +702,7 @@ class SyncAzureDestination(pulumi.CustomResource):
|
|
645
702
|
"""
|
646
703
|
The namespace to provision the resource in.
|
647
704
|
The value should not contain leading or trailing forward slashes.
|
648
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
705
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
649
706
|
"""
|
650
707
|
return pulumi.get(self, "namespace")
|
651
708
|
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SyncConfigArgs', 'SyncConfig']
|
@@ -150,16 +155,14 @@ class SyncConfig(pulumi.CustomResource):
|
|
150
155
|
|
151
156
|
## Example Usage
|
152
157
|
|
153
|
-
<!--Start PulumiCodeChooser -->
|
154
158
|
```python
|
155
159
|
import pulumi
|
156
160
|
import pulumi_vault as vault
|
157
161
|
|
158
|
-
global_config = vault.secrets.SyncConfig("
|
162
|
+
global_config = vault.secrets.SyncConfig("global_config",
|
159
163
|
disabled=True,
|
160
164
|
queue_capacity=500000)
|
161
165
|
```
|
162
|
-
<!--End PulumiCodeChooser -->
|
163
166
|
|
164
167
|
## Import
|
165
168
|
|
@@ -191,16 +194,14 @@ class SyncConfig(pulumi.CustomResource):
|
|
191
194
|
|
192
195
|
## Example Usage
|
193
196
|
|
194
|
-
<!--Start PulumiCodeChooser -->
|
195
197
|
```python
|
196
198
|
import pulumi
|
197
199
|
import pulumi_vault as vault
|
198
200
|
|
199
|
-
global_config = vault.secrets.SyncConfig("
|
201
|
+
global_config = vault.secrets.SyncConfig("global_config",
|
200
202
|
disabled=True,
|
201
203
|
queue_capacity=500000)
|
202
204
|
```
|
203
|
-
<!--End PulumiCodeChooser -->
|
204
205
|
|
205
206
|
## Import
|
206
207
|
|