pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
pulumi_vault/auth_backend.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from . import _utilities
|
11
16
|
from . import outputs
|
12
17
|
from ._inputs import *
|
@@ -19,6 +24,7 @@ class AuthBackendArgs:
|
|
19
24
|
type: pulumi.Input[str],
|
20
25
|
description: Optional[pulumi.Input[str]] = None,
|
21
26
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
27
|
+
identity_token_key: Optional[pulumi.Input[str]] = None,
|
22
28
|
local: Optional[pulumi.Input[bool]] = None,
|
23
29
|
namespace: Optional[pulumi.Input[str]] = None,
|
24
30
|
path: Optional[pulumi.Input[str]] = None,
|
@@ -29,10 +35,11 @@ class AuthBackendArgs:
|
|
29
35
|
:param pulumi.Input[str] description: A description of the auth method.
|
30
36
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
31
37
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
38
|
+
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
|
32
39
|
:param pulumi.Input[bool] local: Specifies if the auth method is local only.
|
33
40
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
34
41
|
The value should not contain leading or trailing forward slashes.
|
35
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
42
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
36
43
|
*Available only for Vault Enterprise*.
|
37
44
|
:param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
|
38
45
|
:param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
|
@@ -44,6 +51,8 @@ class AuthBackendArgs:
|
|
44
51
|
pulumi.set(__self__, "description", description)
|
45
52
|
if disable_remount is not None:
|
46
53
|
pulumi.set(__self__, "disable_remount", disable_remount)
|
54
|
+
if identity_token_key is not None:
|
55
|
+
pulumi.set(__self__, "identity_token_key", identity_token_key)
|
47
56
|
if local is not None:
|
48
57
|
pulumi.set(__self__, "local", local)
|
49
58
|
if namespace is not None:
|
@@ -90,6 +99,18 @@ class AuthBackendArgs:
|
|
90
99
|
def disable_remount(self, value: Optional[pulumi.Input[bool]]):
|
91
100
|
pulumi.set(self, "disable_remount", value)
|
92
101
|
|
102
|
+
@property
|
103
|
+
@pulumi.getter(name="identityTokenKey")
|
104
|
+
def identity_token_key(self) -> Optional[pulumi.Input[str]]:
|
105
|
+
"""
|
106
|
+
The key to use for signing identity tokens.
|
107
|
+
"""
|
108
|
+
return pulumi.get(self, "identity_token_key")
|
109
|
+
|
110
|
+
@identity_token_key.setter
|
111
|
+
def identity_token_key(self, value: Optional[pulumi.Input[str]]):
|
112
|
+
pulumi.set(self, "identity_token_key", value)
|
113
|
+
|
93
114
|
@property
|
94
115
|
@pulumi.getter
|
95
116
|
def local(self) -> Optional[pulumi.Input[bool]]:
|
@@ -108,7 +129,7 @@ class AuthBackendArgs:
|
|
108
129
|
"""
|
109
130
|
The namespace to provision the resource in.
|
110
131
|
The value should not contain leading or trailing forward slashes.
|
111
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
132
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
112
133
|
*Available only for Vault Enterprise*.
|
113
134
|
"""
|
114
135
|
return pulumi.get(self, "namespace")
|
@@ -150,6 +171,7 @@ class _AuthBackendState:
|
|
150
171
|
accessor: Optional[pulumi.Input[str]] = None,
|
151
172
|
description: Optional[pulumi.Input[str]] = None,
|
152
173
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
174
|
+
identity_token_key: Optional[pulumi.Input[str]] = None,
|
153
175
|
local: Optional[pulumi.Input[bool]] = None,
|
154
176
|
namespace: Optional[pulumi.Input[str]] = None,
|
155
177
|
path: Optional[pulumi.Input[str]] = None,
|
@@ -161,10 +183,11 @@ class _AuthBackendState:
|
|
161
183
|
:param pulumi.Input[str] description: A description of the auth method.
|
162
184
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
163
185
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
186
|
+
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
|
164
187
|
:param pulumi.Input[bool] local: Specifies if the auth method is local only.
|
165
188
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
166
189
|
The value should not contain leading or trailing forward slashes.
|
167
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
190
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
168
191
|
*Available only for Vault Enterprise*.
|
169
192
|
:param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
|
170
193
|
:param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
|
@@ -178,6 +201,8 @@ class _AuthBackendState:
|
|
178
201
|
pulumi.set(__self__, "description", description)
|
179
202
|
if disable_remount is not None:
|
180
203
|
pulumi.set(__self__, "disable_remount", disable_remount)
|
204
|
+
if identity_token_key is not None:
|
205
|
+
pulumi.set(__self__, "identity_token_key", identity_token_key)
|
181
206
|
if local is not None:
|
182
207
|
pulumi.set(__self__, "local", local)
|
183
208
|
if namespace is not None:
|
@@ -226,6 +251,18 @@ class _AuthBackendState:
|
|
226
251
|
def disable_remount(self, value: Optional[pulumi.Input[bool]]):
|
227
252
|
pulumi.set(self, "disable_remount", value)
|
228
253
|
|
254
|
+
@property
|
255
|
+
@pulumi.getter(name="identityTokenKey")
|
256
|
+
def identity_token_key(self) -> Optional[pulumi.Input[str]]:
|
257
|
+
"""
|
258
|
+
The key to use for signing identity tokens.
|
259
|
+
"""
|
260
|
+
return pulumi.get(self, "identity_token_key")
|
261
|
+
|
262
|
+
@identity_token_key.setter
|
263
|
+
def identity_token_key(self, value: Optional[pulumi.Input[str]]):
|
264
|
+
pulumi.set(self, "identity_token_key", value)
|
265
|
+
|
229
266
|
@property
|
230
267
|
@pulumi.getter
|
231
268
|
def local(self) -> Optional[pulumi.Input[bool]]:
|
@@ -244,7 +281,7 @@ class _AuthBackendState:
|
|
244
281
|
"""
|
245
282
|
The namespace to provision the resource in.
|
246
283
|
The value should not contain leading or trailing forward slashes.
|
247
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
284
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
248
285
|
*Available only for Vault Enterprise*.
|
249
286
|
"""
|
250
287
|
return pulumi.get(self, "namespace")
|
@@ -299,10 +336,11 @@ class AuthBackend(pulumi.CustomResource):
|
|
299
336
|
opts: Optional[pulumi.ResourceOptions] = None,
|
300
337
|
description: Optional[pulumi.Input[str]] = None,
|
301
338
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
339
|
+
identity_token_key: Optional[pulumi.Input[str]] = None,
|
302
340
|
local: Optional[pulumi.Input[bool]] = None,
|
303
341
|
namespace: Optional[pulumi.Input[str]] = None,
|
304
342
|
path: Optional[pulumi.Input[str]] = None,
|
305
|
-
tune: Optional[pulumi.Input[
|
343
|
+
tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
|
306
344
|
type: Optional[pulumi.Input[str]] = None,
|
307
345
|
__props__=None):
|
308
346
|
"""
|
@@ -319,13 +357,14 @@ class AuthBackend(pulumi.CustomResource):
|
|
319
357
|
:param pulumi.Input[str] description: A description of the auth method.
|
320
358
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
321
359
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
360
|
+
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
|
322
361
|
:param pulumi.Input[bool] local: Specifies if the auth method is local only.
|
323
362
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
324
363
|
The value should not contain leading or trailing forward slashes.
|
325
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
364
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
326
365
|
*Available only for Vault Enterprise*.
|
327
366
|
:param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
|
328
|
-
:param pulumi.Input[
|
367
|
+
:param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
|
329
368
|
|
330
369
|
The `tune` block is used to tune the auth backend:
|
331
370
|
:param pulumi.Input[str] type: The name of the auth method type.
|
@@ -362,10 +401,11 @@ class AuthBackend(pulumi.CustomResource):
|
|
362
401
|
opts: Optional[pulumi.ResourceOptions] = None,
|
363
402
|
description: Optional[pulumi.Input[str]] = None,
|
364
403
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
404
|
+
identity_token_key: Optional[pulumi.Input[str]] = None,
|
365
405
|
local: Optional[pulumi.Input[bool]] = None,
|
366
406
|
namespace: Optional[pulumi.Input[str]] = None,
|
367
407
|
path: Optional[pulumi.Input[str]] = None,
|
368
|
-
tune: Optional[pulumi.Input[
|
408
|
+
tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
|
369
409
|
type: Optional[pulumi.Input[str]] = None,
|
370
410
|
__props__=None):
|
371
411
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
@@ -378,6 +418,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
378
418
|
|
379
419
|
__props__.__dict__["description"] = description
|
380
420
|
__props__.__dict__["disable_remount"] = disable_remount
|
421
|
+
__props__.__dict__["identity_token_key"] = identity_token_key
|
381
422
|
__props__.__dict__["local"] = local
|
382
423
|
__props__.__dict__["namespace"] = namespace
|
383
424
|
__props__.__dict__["path"] = path
|
@@ -399,10 +440,11 @@ class AuthBackend(pulumi.CustomResource):
|
|
399
440
|
accessor: Optional[pulumi.Input[str]] = None,
|
400
441
|
description: Optional[pulumi.Input[str]] = None,
|
401
442
|
disable_remount: Optional[pulumi.Input[bool]] = None,
|
443
|
+
identity_token_key: Optional[pulumi.Input[str]] = None,
|
402
444
|
local: Optional[pulumi.Input[bool]] = None,
|
403
445
|
namespace: Optional[pulumi.Input[str]] = None,
|
404
446
|
path: Optional[pulumi.Input[str]] = None,
|
405
|
-
tune: Optional[pulumi.Input[
|
447
|
+
tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
|
406
448
|
type: Optional[pulumi.Input[str]] = None) -> 'AuthBackend':
|
407
449
|
"""
|
408
450
|
Get an existing AuthBackend resource's state with the given name, id, and optional extra
|
@@ -415,13 +457,14 @@ class AuthBackend(pulumi.CustomResource):
|
|
415
457
|
:param pulumi.Input[str] description: A description of the auth method.
|
416
458
|
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
417
459
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
460
|
+
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
|
418
461
|
:param pulumi.Input[bool] local: Specifies if the auth method is local only.
|
419
462
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
420
463
|
The value should not contain leading or trailing forward slashes.
|
421
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
464
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
422
465
|
*Available only for Vault Enterprise*.
|
423
466
|
:param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
|
424
|
-
:param pulumi.Input[
|
467
|
+
:param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
|
425
468
|
|
426
469
|
The `tune` block is used to tune the auth backend:
|
427
470
|
:param pulumi.Input[str] type: The name of the auth method type.
|
@@ -433,6 +476,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
433
476
|
__props__.__dict__["accessor"] = accessor
|
434
477
|
__props__.__dict__["description"] = description
|
435
478
|
__props__.__dict__["disable_remount"] = disable_remount
|
479
|
+
__props__.__dict__["identity_token_key"] = identity_token_key
|
436
480
|
__props__.__dict__["local"] = local
|
437
481
|
__props__.__dict__["namespace"] = namespace
|
438
482
|
__props__.__dict__["path"] = path
|
@@ -465,6 +509,14 @@ class AuthBackend(pulumi.CustomResource):
|
|
465
509
|
"""
|
466
510
|
return pulumi.get(self, "disable_remount")
|
467
511
|
|
512
|
+
@property
|
513
|
+
@pulumi.getter(name="identityTokenKey")
|
514
|
+
def identity_token_key(self) -> pulumi.Output[Optional[str]]:
|
515
|
+
"""
|
516
|
+
The key to use for signing identity tokens.
|
517
|
+
"""
|
518
|
+
return pulumi.get(self, "identity_token_key")
|
519
|
+
|
468
520
|
@property
|
469
521
|
@pulumi.getter
|
470
522
|
def local(self) -> pulumi.Output[Optional[bool]]:
|
@@ -479,7 +531,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
479
531
|
"""
|
480
532
|
The namespace to provision the resource in.
|
481
533
|
The value should not contain leading or trailing forward slashes.
|
482
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
534
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
483
535
|
*Available only for Vault Enterprise*.
|
484
536
|
"""
|
485
537
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['AuthBackendCertArgs', 'AuthBackendCert']
|
@@ -30,7 +35,7 @@ class AuthBackendCertArgs:
|
|
30
35
|
mounted at. Defaults to `aws`.
|
31
36
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
32
37
|
The value should not contain leading or trailing forward slashes.
|
33
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
38
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
34
39
|
*Available only for Vault Enterprise*.
|
35
40
|
:param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
|
36
41
|
document which can be verified using the given certificate. Defaults to
|
@@ -91,7 +96,7 @@ class AuthBackendCertArgs:
|
|
91
96
|
"""
|
92
97
|
The namespace to provision the resource in.
|
93
98
|
The value should not contain leading or trailing forward slashes.
|
94
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
99
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
95
100
|
*Available only for Vault Enterprise*.
|
96
101
|
"""
|
97
102
|
return pulumi.get(self, "namespace")
|
@@ -134,7 +139,7 @@ class _AuthBackendCertState:
|
|
134
139
|
:param pulumi.Input[str] cert_name: The name of the certificate.
|
135
140
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
136
141
|
The value should not contain leading or trailing forward slashes.
|
137
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
142
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
138
143
|
*Available only for Vault Enterprise*.
|
139
144
|
:param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
|
140
145
|
document which can be verified using the given certificate. Defaults to
|
@@ -197,7 +202,7 @@ class _AuthBackendCertState:
|
|
197
202
|
"""
|
198
203
|
The namespace to provision the resource in.
|
199
204
|
The value should not contain leading or trailing forward slashes.
|
200
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
205
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
201
206
|
*Available only for Vault Enterprise*.
|
202
207
|
"""
|
203
208
|
return pulumi.get(self, "namespace")
|
@@ -254,7 +259,7 @@ class AuthBackendCert(pulumi.CustomResource):
|
|
254
259
|
:param pulumi.Input[str] cert_name: The name of the certificate.
|
255
260
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
256
261
|
The value should not contain leading or trailing forward slashes.
|
257
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
262
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
258
263
|
*Available only for Vault Enterprise*.
|
259
264
|
:param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
|
260
265
|
document which can be verified using the given certificate. Defaults to
|
@@ -346,7 +351,7 @@ class AuthBackendCert(pulumi.CustomResource):
|
|
346
351
|
:param pulumi.Input[str] cert_name: The name of the certificate.
|
347
352
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
348
353
|
The value should not contain leading or trailing forward slashes.
|
349
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
354
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
350
355
|
*Available only for Vault Enterprise*.
|
351
356
|
:param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
|
352
357
|
document which can be verified using the given certificate. Defaults to
|
@@ -397,7 +402,7 @@ class AuthBackendCert(pulumi.CustomResource):
|
|
397
402
|
"""
|
398
403
|
The namespace to provision the resource in.
|
399
404
|
The value should not contain leading or trailing forward slashes.
|
400
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
405
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
401
406
|
*Available only for Vault Enterprise*.
|
402
407
|
"""
|
403
408
|
return pulumi.get(self, "namespace")
|