pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SyncAzureDestinationArgs', 'SyncAzureDestination']
@@ -17,7 +22,8 @@ class SyncAzureDestinationArgs:
17
22
  client_id: Optional[pulumi.Input[str]] = None,
18
23
  client_secret: Optional[pulumi.Input[str]] = None,
19
24
  cloud: Optional[pulumi.Input[str]] = None,
20
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
25
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
26
+ granularity: Optional[pulumi.Input[str]] = None,
21
27
  key_vault_uri: Optional[pulumi.Input[str]] = None,
22
28
  name: Optional[pulumi.Input[str]] = None,
23
29
  namespace: Optional[pulumi.Input[str]] = None,
@@ -32,14 +38,16 @@ class SyncAzureDestinationArgs:
32
38
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
33
39
  variable.
34
40
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
35
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
41
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
42
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
43
+ at the destination. Supports `secret-path` and `secret-key`.
36
44
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
37
45
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
38
46
  variable.
39
47
  :param pulumi.Input[str] name: Unique name of the Azure destination.
40
48
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
41
49
  The value should not contain leading or trailing forward slashes.
42
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
50
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
43
51
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
44
52
  Supports a subset of the Go Template syntax.
45
53
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -54,6 +62,8 @@ class SyncAzureDestinationArgs:
54
62
  pulumi.set(__self__, "cloud", cloud)
55
63
  if custom_tags is not None:
56
64
  pulumi.set(__self__, "custom_tags", custom_tags)
65
+ if granularity is not None:
66
+ pulumi.set(__self__, "granularity", granularity)
57
67
  if key_vault_uri is not None:
58
68
  pulumi.set(__self__, "key_vault_uri", key_vault_uri)
59
69
  if name is not None:
@@ -107,16 +117,29 @@ class SyncAzureDestinationArgs:
107
117
 
108
118
  @property
109
119
  @pulumi.getter(name="customTags")
110
- def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
120
+ def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
111
121
  """
112
122
  Custom tags to set on the secret managed at the destination.
113
123
  """
114
124
  return pulumi.get(self, "custom_tags")
115
125
 
116
126
  @custom_tags.setter
117
- def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
127
+ def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
118
128
  pulumi.set(self, "custom_tags", value)
119
129
 
130
+ @property
131
+ @pulumi.getter
132
+ def granularity(self) -> Optional[pulumi.Input[str]]:
133
+ """
134
+ Determines what level of information is synced as a distinct resource
135
+ at the destination. Supports `secret-path` and `secret-key`.
136
+ """
137
+ return pulumi.get(self, "granularity")
138
+
139
+ @granularity.setter
140
+ def granularity(self, value: Optional[pulumi.Input[str]]):
141
+ pulumi.set(self, "granularity", value)
142
+
120
143
  @property
121
144
  @pulumi.getter(name="keyVaultUri")
122
145
  def key_vault_uri(self) -> Optional[pulumi.Input[str]]:
@@ -149,7 +172,7 @@ class SyncAzureDestinationArgs:
149
172
  """
150
173
  The namespace to provision the resource in.
151
174
  The value should not contain leading or trailing forward slashes.
152
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
175
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
153
176
  """
154
177
  return pulumi.get(self, "namespace")
155
178
 
@@ -191,7 +214,8 @@ class _SyncAzureDestinationState:
191
214
  client_id: Optional[pulumi.Input[str]] = None,
192
215
  client_secret: Optional[pulumi.Input[str]] = None,
193
216
  cloud: Optional[pulumi.Input[str]] = None,
194
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
217
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
218
+ granularity: Optional[pulumi.Input[str]] = None,
195
219
  key_vault_uri: Optional[pulumi.Input[str]] = None,
196
220
  name: Optional[pulumi.Input[str]] = None,
197
221
  namespace: Optional[pulumi.Input[str]] = None,
@@ -207,14 +231,16 @@ class _SyncAzureDestinationState:
207
231
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
208
232
  variable.
209
233
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
210
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
234
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
235
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
236
+ at the destination. Supports `secret-path` and `secret-key`.
211
237
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
212
238
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
213
239
  variable.
214
240
  :param pulumi.Input[str] name: Unique name of the Azure destination.
215
241
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
216
242
  The value should not contain leading or trailing forward slashes.
217
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
243
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
218
244
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
219
245
  Supports a subset of the Go Template syntax.
220
246
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -230,6 +256,8 @@ class _SyncAzureDestinationState:
230
256
  pulumi.set(__self__, "cloud", cloud)
231
257
  if custom_tags is not None:
232
258
  pulumi.set(__self__, "custom_tags", custom_tags)
259
+ if granularity is not None:
260
+ pulumi.set(__self__, "granularity", granularity)
233
261
  if key_vault_uri is not None:
234
262
  pulumi.set(__self__, "key_vault_uri", key_vault_uri)
235
263
  if name is not None:
@@ -285,16 +313,29 @@ class _SyncAzureDestinationState:
285
313
 
286
314
  @property
287
315
  @pulumi.getter(name="customTags")
288
- def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
316
+ def custom_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
289
317
  """
290
318
  Custom tags to set on the secret managed at the destination.
291
319
  """
292
320
  return pulumi.get(self, "custom_tags")
293
321
 
294
322
  @custom_tags.setter
295
- def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
323
+ def custom_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
296
324
  pulumi.set(self, "custom_tags", value)
297
325
 
326
+ @property
327
+ @pulumi.getter
328
+ def granularity(self) -> Optional[pulumi.Input[str]]:
329
+ """
330
+ Determines what level of information is synced as a distinct resource
331
+ at the destination. Supports `secret-path` and `secret-key`.
332
+ """
333
+ return pulumi.get(self, "granularity")
334
+
335
+ @granularity.setter
336
+ def granularity(self, value: Optional[pulumi.Input[str]]):
337
+ pulumi.set(self, "granularity", value)
338
+
298
339
  @property
299
340
  @pulumi.getter(name="keyVaultUri")
300
341
  def key_vault_uri(self) -> Optional[pulumi.Input[str]]:
@@ -327,7 +368,7 @@ class _SyncAzureDestinationState:
327
368
  """
328
369
  The namespace to provision the resource in.
329
370
  The value should not contain leading or trailing forward slashes.
330
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
371
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
331
372
  """
332
373
  return pulumi.get(self, "namespace")
333
374
 
@@ -383,7 +424,8 @@ class SyncAzureDestination(pulumi.CustomResource):
383
424
  client_id: Optional[pulumi.Input[str]] = None,
384
425
  client_secret: Optional[pulumi.Input[str]] = None,
385
426
  cloud: Optional[pulumi.Input[str]] = None,
386
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
427
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
428
+ granularity: Optional[pulumi.Input[str]] = None,
387
429
  key_vault_uri: Optional[pulumi.Input[str]] = None,
388
430
  name: Optional[pulumi.Input[str]] = None,
389
431
  namespace: Optional[pulumi.Input[str]] = None,
@@ -393,22 +435,21 @@ class SyncAzureDestination(pulumi.CustomResource):
393
435
  """
394
436
  ## Example Usage
395
437
 
396
- <!--Start PulumiCodeChooser -->
397
438
  ```python
398
439
  import pulumi
399
440
  import pulumi_vault as vault
400
441
 
401
442
  az = vault.secrets.SyncAzureDestination("az",
402
- key_vault_uri=var["key_vault_uri"],
403
- client_id=var["client_id"],
404
- client_secret=var["client_secret"],
405
- tenant_id=var["tenant_id"],
443
+ name="az-dest",
444
+ key_vault_uri=key_vault_uri,
445
+ client_id=client_id,
446
+ client_secret=client_secret,
447
+ tenant_id=tenant_id,
406
448
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
407
449
  custom_tags={
408
450
  "foo": "bar",
409
451
  })
410
452
  ```
411
- <!--End PulumiCodeChooser -->
412
453
 
413
454
  ## Import
414
455
 
@@ -427,14 +468,16 @@ class SyncAzureDestination(pulumi.CustomResource):
427
468
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
428
469
  variable.
429
470
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
430
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
471
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
472
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
473
+ at the destination. Supports `secret-path` and `secret-key`.
431
474
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
432
475
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
433
476
  variable.
434
477
  :param pulumi.Input[str] name: Unique name of the Azure destination.
435
478
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
436
479
  The value should not contain leading or trailing forward slashes.
437
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
480
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
438
481
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
439
482
  Supports a subset of the Go Template syntax.
440
483
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -450,22 +493,21 @@ class SyncAzureDestination(pulumi.CustomResource):
450
493
  """
451
494
  ## Example Usage
452
495
 
453
- <!--Start PulumiCodeChooser -->
454
496
  ```python
455
497
  import pulumi
456
498
  import pulumi_vault as vault
457
499
 
458
500
  az = vault.secrets.SyncAzureDestination("az",
459
- key_vault_uri=var["key_vault_uri"],
460
- client_id=var["client_id"],
461
- client_secret=var["client_secret"],
462
- tenant_id=var["tenant_id"],
501
+ name="az-dest",
502
+ key_vault_uri=key_vault_uri,
503
+ client_id=client_id,
504
+ client_secret=client_secret,
505
+ tenant_id=tenant_id,
463
506
  secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
464
507
  custom_tags={
465
508
  "foo": "bar",
466
509
  })
467
510
  ```
468
- <!--End PulumiCodeChooser -->
469
511
 
470
512
  ## Import
471
513
 
@@ -493,7 +535,8 @@ class SyncAzureDestination(pulumi.CustomResource):
493
535
  client_id: Optional[pulumi.Input[str]] = None,
494
536
  client_secret: Optional[pulumi.Input[str]] = None,
495
537
  cloud: Optional[pulumi.Input[str]] = None,
496
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
538
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
539
+ granularity: Optional[pulumi.Input[str]] = None,
497
540
  key_vault_uri: Optional[pulumi.Input[str]] = None,
498
541
  name: Optional[pulumi.Input[str]] = None,
499
542
  namespace: Optional[pulumi.Input[str]] = None,
@@ -512,6 +555,7 @@ class SyncAzureDestination(pulumi.CustomResource):
512
555
  __props__.__dict__["client_secret"] = None if client_secret is None else pulumi.Output.secret(client_secret)
513
556
  __props__.__dict__["cloud"] = cloud
514
557
  __props__.__dict__["custom_tags"] = custom_tags
558
+ __props__.__dict__["granularity"] = granularity
515
559
  __props__.__dict__["key_vault_uri"] = key_vault_uri
516
560
  __props__.__dict__["name"] = name
517
561
  __props__.__dict__["namespace"] = namespace
@@ -533,7 +577,8 @@ class SyncAzureDestination(pulumi.CustomResource):
533
577
  client_id: Optional[pulumi.Input[str]] = None,
534
578
  client_secret: Optional[pulumi.Input[str]] = None,
535
579
  cloud: Optional[pulumi.Input[str]] = None,
536
- custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
580
+ custom_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
581
+ granularity: Optional[pulumi.Input[str]] = None,
537
582
  key_vault_uri: Optional[pulumi.Input[str]] = None,
538
583
  name: Optional[pulumi.Input[str]] = None,
539
584
  namespace: Optional[pulumi.Input[str]] = None,
@@ -554,14 +599,16 @@ class SyncAzureDestination(pulumi.CustomResource):
554
599
  Can be omitted and directly provided to Vault using the `AZURE_CLIENT_SECRET` environment
555
600
  variable.
556
601
  :param pulumi.Input[str] cloud: Specifies a cloud for the client. The default is Azure Public Cloud.
557
- :param pulumi.Input[Mapping[str, Any]] custom_tags: Custom tags to set on the secret managed at the destination.
602
+ :param pulumi.Input[Mapping[str, pulumi.Input[str]]] custom_tags: Custom tags to set on the secret managed at the destination.
603
+ :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
604
+ at the destination. Supports `secret-path` and `secret-key`.
558
605
  :param pulumi.Input[str] key_vault_uri: URI of an existing Azure Key Vault instance.
559
606
  Can be omitted and directly provided to Vault using the `KEY_VAULT_URI` environment
560
607
  variable.
561
608
  :param pulumi.Input[str] name: Unique name of the Azure destination.
562
609
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
563
610
  The value should not contain leading or trailing forward slashes.
564
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
611
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
565
612
  :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
566
613
  Supports a subset of the Go Template syntax.
567
614
  :param pulumi.Input[str] tenant_id: ID of the target Azure tenant.
@@ -577,6 +624,7 @@ class SyncAzureDestination(pulumi.CustomResource):
577
624
  __props__.__dict__["client_secret"] = client_secret
578
625
  __props__.__dict__["cloud"] = cloud
579
626
  __props__.__dict__["custom_tags"] = custom_tags
627
+ __props__.__dict__["granularity"] = granularity
580
628
  __props__.__dict__["key_vault_uri"] = key_vault_uri
581
629
  __props__.__dict__["name"] = name
582
630
  __props__.__dict__["namespace"] = namespace
@@ -615,12 +663,21 @@ class SyncAzureDestination(pulumi.CustomResource):
615
663
 
616
664
  @property
617
665
  @pulumi.getter(name="customTags")
618
- def custom_tags(self) -> pulumi.Output[Optional[Mapping[str, Any]]]:
666
+ def custom_tags(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
619
667
  """
620
668
  Custom tags to set on the secret managed at the destination.
621
669
  """
622
670
  return pulumi.get(self, "custom_tags")
623
671
 
672
+ @property
673
+ @pulumi.getter
674
+ def granularity(self) -> pulumi.Output[Optional[str]]:
675
+ """
676
+ Determines what level of information is synced as a distinct resource
677
+ at the destination. Supports `secret-path` and `secret-key`.
678
+ """
679
+ return pulumi.get(self, "granularity")
680
+
624
681
  @property
625
682
  @pulumi.getter(name="keyVaultUri")
626
683
  def key_vault_uri(self) -> pulumi.Output[Optional[str]]:
@@ -645,7 +702,7 @@ class SyncAzureDestination(pulumi.CustomResource):
645
702
  """
646
703
  The namespace to provision the resource in.
647
704
  The value should not contain leading or trailing forward slashes.
648
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
705
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
649
706
  """
650
707
  return pulumi.get(self, "namespace")
651
708
 
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SyncConfigArgs', 'SyncConfig']
@@ -150,16 +155,14 @@ class SyncConfig(pulumi.CustomResource):
150
155
 
151
156
  ## Example Usage
152
157
 
153
- <!--Start PulumiCodeChooser -->
154
158
  ```python
155
159
  import pulumi
156
160
  import pulumi_vault as vault
157
161
 
158
- global_config = vault.secrets.SyncConfig("globalConfig",
162
+ global_config = vault.secrets.SyncConfig("global_config",
159
163
  disabled=True,
160
164
  queue_capacity=500000)
161
165
  ```
162
- <!--End PulumiCodeChooser -->
163
166
 
164
167
  ## Import
165
168
 
@@ -191,16 +194,14 @@ class SyncConfig(pulumi.CustomResource):
191
194
 
192
195
  ## Example Usage
193
196
 
194
- <!--Start PulumiCodeChooser -->
195
197
  ```python
196
198
  import pulumi
197
199
  import pulumi_vault as vault
198
200
 
199
- global_config = vault.secrets.SyncConfig("globalConfig",
201
+ global_config = vault.secrets.SyncConfig("global_config",
200
202
  disabled=True,
201
203
  queue_capacity=500000)
202
204
  ```
203
- <!--End PulumiCodeChooser -->
204
205
 
205
206
  ## Import
206
207