pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,37 +4,46 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
13
18
  'SecretBackendRoleAllowedUserKeyConfigArgs',
19
+ 'SecretBackendRoleAllowedUserKeyConfigArgsDict',
14
20
  ]
15
21
 
22
+ MYPY = False
23
+
24
+ if not MYPY:
25
+ class SecretBackendRoleAllowedUserKeyConfigArgsDict(TypedDict):
26
+ lengths: pulumi.Input[Sequence[pulumi.Input[int]]]
27
+ """
28
+ List of allowed key lengths, vault-1.10 and above
29
+ """
30
+ type: pulumi.Input[str]
31
+ """
32
+ Key type, choices:
33
+ rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
34
+ """
35
+ elif False:
36
+ SecretBackendRoleAllowedUserKeyConfigArgsDict: TypeAlias = Mapping[str, Any]
37
+
16
38
  @pulumi.input_type
17
39
  class SecretBackendRoleAllowedUserKeyConfigArgs:
18
40
  def __init__(__self__, *,
19
41
  lengths: pulumi.Input[Sequence[pulumi.Input[int]]],
20
42
  type: pulumi.Input[str]):
21
43
  """
22
- :param pulumi.Input[Sequence[pulumi.Input[int]]] lengths: A list of allowed key lengths as integers.
23
- For key types that do not support setting the length a value of `[0]` should be used.
24
- Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
25
- must be set to a single element list.
26
-
27
- Example configuration blocks that might be included in the `ssh.SecretBackendRole`
28
-
29
- <!--Start PulumiCodeChooser -->
30
- ```python
31
- import pulumi
32
- ```
33
- <!--End PulumiCodeChooser -->
34
- :param pulumi.Input[str] type: The SSH public key type.
35
- *Supported key types are:*
36
- `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
37
- `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
44
+ :param pulumi.Input[Sequence[pulumi.Input[int]]] lengths: List of allowed key lengths, vault-1.10 and above
45
+ :param pulumi.Input[str] type: Key type, choices:
46
+ rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
38
47
  """
39
48
  pulumi.set(__self__, "lengths", lengths)
40
49
  pulumi.set(__self__, "type", type)
@@ -43,18 +52,7 @@ class SecretBackendRoleAllowedUserKeyConfigArgs:
43
52
  @pulumi.getter
44
53
  def lengths(self) -> pulumi.Input[Sequence[pulumi.Input[int]]]:
45
54
  """
46
- A list of allowed key lengths as integers.
47
- For key types that do not support setting the length a value of `[0]` should be used.
48
- Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
49
- must be set to a single element list.
50
-
51
- Example configuration blocks that might be included in the `ssh.SecretBackendRole`
52
-
53
- <!--Start PulumiCodeChooser -->
54
- ```python
55
- import pulumi
56
- ```
57
- <!--End PulumiCodeChooser -->
55
+ List of allowed key lengths, vault-1.10 and above
58
56
  """
59
57
  return pulumi.get(self, "lengths")
60
58
 
@@ -66,10 +64,8 @@ class SecretBackendRoleAllowedUserKeyConfigArgs:
66
64
  @pulumi.getter
67
65
  def type(self) -> pulumi.Input[str]:
68
66
  """
69
- The SSH public key type.
70
- *Supported key types are:*
71
- `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
72
- `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
67
+ Key type, choices:
68
+ rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
73
69
  """
74
70
  return pulumi.get(self, "type")
75
71
 
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -19,22 +24,9 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
19
24
  lengths: Sequence[int],
20
25
  type: str):
21
26
  """
22
- :param Sequence[int] lengths: A list of allowed key lengths as integers.
23
- For key types that do not support setting the length a value of `[0]` should be used.
24
- Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
25
- must be set to a single element list.
26
-
27
- Example configuration blocks that might be included in the `ssh.SecretBackendRole`
28
-
29
- <!--Start PulumiCodeChooser -->
30
- ```python
31
- import pulumi
32
- ```
33
- <!--End PulumiCodeChooser -->
34
- :param str type: The SSH public key type.
35
- *Supported key types are:*
36
- `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
37
- `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
27
+ :param Sequence[int] lengths: List of allowed key lengths, vault-1.10 and above
28
+ :param str type: Key type, choices:
29
+ rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
38
30
  """
39
31
  pulumi.set(__self__, "lengths", lengths)
40
32
  pulumi.set(__self__, "type", type)
@@ -43,18 +35,7 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
43
35
  @pulumi.getter
44
36
  def lengths(self) -> Sequence[int]:
45
37
  """
46
- A list of allowed key lengths as integers.
47
- For key types that do not support setting the length a value of `[0]` should be used.
48
- Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
49
- must be set to a single element list.
50
-
51
- Example configuration blocks that might be included in the `ssh.SecretBackendRole`
52
-
53
- <!--Start PulumiCodeChooser -->
54
- ```python
55
- import pulumi
56
- ```
57
- <!--End PulumiCodeChooser -->
38
+ List of allowed key lengths, vault-1.10 and above
58
39
  """
59
40
  return pulumi.get(self, "lengths")
60
41
 
@@ -62,10 +43,8 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
62
43
  @pulumi.getter
63
44
  def type(self) -> str:
64
45
  """
65
- The SSH public key type.
66
- *Supported key types are:*
67
- `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
68
- `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
46
+ Key type, choices:
47
+ rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
69
48
  """
70
49
  return pulumi.get(self, "type")
71
50
 
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['SecretBackendCaArgs', 'SecretBackendCa']
@@ -16,6 +21,8 @@ class SecretBackendCaArgs:
16
21
  def __init__(__self__, *,
17
22
  backend: Optional[pulumi.Input[str]] = None,
18
23
  generate_signing_key: Optional[pulumi.Input[bool]] = None,
24
+ key_bits: Optional[pulumi.Input[int]] = None,
25
+ key_type: Optional[pulumi.Input[str]] = None,
19
26
  namespace: Optional[pulumi.Input[str]] = None,
20
27
  private_key: Optional[pulumi.Input[str]] = None,
21
28
  public_key: Optional[pulumi.Input[str]] = None):
@@ -23,9 +30,11 @@ class SecretBackendCaArgs:
23
30
  The set of arguments for constructing a SecretBackendCa resource.
24
31
  :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
25
32
  :param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
33
+ :param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
34
+ :param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
26
35
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
27
36
  The value should not contain leading or trailing forward slashes.
28
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
37
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
29
38
  *Available only for Vault Enterprise*.
30
39
  :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
31
40
  :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
@@ -34,6 +43,10 @@ class SecretBackendCaArgs:
34
43
  pulumi.set(__self__, "backend", backend)
35
44
  if generate_signing_key is not None:
36
45
  pulumi.set(__self__, "generate_signing_key", generate_signing_key)
46
+ if key_bits is not None:
47
+ pulumi.set(__self__, "key_bits", key_bits)
48
+ if key_type is not None:
49
+ pulumi.set(__self__, "key_type", key_type)
37
50
  if namespace is not None:
38
51
  pulumi.set(__self__, "namespace", namespace)
39
52
  if private_key is not None:
@@ -65,13 +78,37 @@ class SecretBackendCaArgs:
65
78
  def generate_signing_key(self, value: Optional[pulumi.Input[bool]]):
66
79
  pulumi.set(self, "generate_signing_key", value)
67
80
 
81
+ @property
82
+ @pulumi.getter(name="keyBits")
83
+ def key_bits(self) -> Optional[pulumi.Input[int]]:
84
+ """
85
+ Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
86
+ """
87
+ return pulumi.get(self, "key_bits")
88
+
89
+ @key_bits.setter
90
+ def key_bits(self, value: Optional[pulumi.Input[int]]):
91
+ pulumi.set(self, "key_bits", value)
92
+
93
+ @property
94
+ @pulumi.getter(name="keyType")
95
+ def key_type(self) -> Optional[pulumi.Input[str]]:
96
+ """
97
+ Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
98
+ """
99
+ return pulumi.get(self, "key_type")
100
+
101
+ @key_type.setter
102
+ def key_type(self, value: Optional[pulumi.Input[str]]):
103
+ pulumi.set(self, "key_type", value)
104
+
68
105
  @property
69
106
  @pulumi.getter
70
107
  def namespace(self) -> Optional[pulumi.Input[str]]:
71
108
  """
72
109
  The namespace to provision the resource in.
73
110
  The value should not contain leading or trailing forward slashes.
74
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
111
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
75
112
  *Available only for Vault Enterprise*.
76
113
  """
77
114
  return pulumi.get(self, "namespace")
@@ -110,6 +147,8 @@ class _SecretBackendCaState:
110
147
  def __init__(__self__, *,
111
148
  backend: Optional[pulumi.Input[str]] = None,
112
149
  generate_signing_key: Optional[pulumi.Input[bool]] = None,
150
+ key_bits: Optional[pulumi.Input[int]] = None,
151
+ key_type: Optional[pulumi.Input[str]] = None,
113
152
  namespace: Optional[pulumi.Input[str]] = None,
114
153
  private_key: Optional[pulumi.Input[str]] = None,
115
154
  public_key: Optional[pulumi.Input[str]] = None):
@@ -117,9 +156,11 @@ class _SecretBackendCaState:
117
156
  Input properties used for looking up and filtering SecretBackendCa resources.
118
157
  :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
119
158
  :param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
159
+ :param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
160
+ :param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
120
161
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
121
162
  The value should not contain leading or trailing forward slashes.
122
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
163
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
123
164
  *Available only for Vault Enterprise*.
124
165
  :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
125
166
  :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
@@ -128,6 +169,10 @@ class _SecretBackendCaState:
128
169
  pulumi.set(__self__, "backend", backend)
129
170
  if generate_signing_key is not None:
130
171
  pulumi.set(__self__, "generate_signing_key", generate_signing_key)
172
+ if key_bits is not None:
173
+ pulumi.set(__self__, "key_bits", key_bits)
174
+ if key_type is not None:
175
+ pulumi.set(__self__, "key_type", key_type)
131
176
  if namespace is not None:
132
177
  pulumi.set(__self__, "namespace", namespace)
133
178
  if private_key is not None:
@@ -159,13 +204,37 @@ class _SecretBackendCaState:
159
204
  def generate_signing_key(self, value: Optional[pulumi.Input[bool]]):
160
205
  pulumi.set(self, "generate_signing_key", value)
161
206
 
207
+ @property
208
+ @pulumi.getter(name="keyBits")
209
+ def key_bits(self) -> Optional[pulumi.Input[int]]:
210
+ """
211
+ Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
212
+ """
213
+ return pulumi.get(self, "key_bits")
214
+
215
+ @key_bits.setter
216
+ def key_bits(self, value: Optional[pulumi.Input[int]]):
217
+ pulumi.set(self, "key_bits", value)
218
+
219
+ @property
220
+ @pulumi.getter(name="keyType")
221
+ def key_type(self) -> Optional[pulumi.Input[str]]:
222
+ """
223
+ Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
224
+ """
225
+ return pulumi.get(self, "key_type")
226
+
227
+ @key_type.setter
228
+ def key_type(self, value: Optional[pulumi.Input[str]]):
229
+ pulumi.set(self, "key_type", value)
230
+
162
231
  @property
163
232
  @pulumi.getter
164
233
  def namespace(self) -> Optional[pulumi.Input[str]]:
165
234
  """
166
235
  The namespace to provision the resource in.
167
236
  The value should not contain leading or trailing forward slashes.
168
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
237
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
169
238
  *Available only for Vault Enterprise*.
170
239
  """
171
240
  return pulumi.get(self, "namespace")
@@ -206,6 +275,8 @@ class SecretBackendCa(pulumi.CustomResource):
206
275
  opts: Optional[pulumi.ResourceOptions] = None,
207
276
  backend: Optional[pulumi.Input[str]] = None,
208
277
  generate_signing_key: Optional[pulumi.Input[bool]] = None,
278
+ key_bits: Optional[pulumi.Input[int]] = None,
279
+ key_type: Optional[pulumi.Input[str]] = None,
209
280
  namespace: Optional[pulumi.Input[str]] = None,
210
281
  private_key: Optional[pulumi.Input[str]] = None,
211
282
  public_key: Optional[pulumi.Input[str]] = None,
@@ -216,7 +287,6 @@ class SecretBackendCa(pulumi.CustomResource):
216
287
 
217
288
  ## Example Usage
218
289
 
219
- <!--Start PulumiCodeChooser -->
220
290
  ```python
221
291
  import pulumi
222
292
  import pulumi_vault as vault
@@ -224,7 +294,6 @@ class SecretBackendCa(pulumi.CustomResource):
224
294
  example = vault.Mount("example", type="ssh")
225
295
  foo = vault.ssh.SecretBackendCa("foo", backend=example.path)
226
296
  ```
227
- <!--End PulumiCodeChooser -->
228
297
 
229
298
  ## Import
230
299
 
@@ -238,9 +307,11 @@ class SecretBackendCa(pulumi.CustomResource):
238
307
  :param pulumi.ResourceOptions opts: Options for the resource.
239
308
  :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
240
309
  :param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
310
+ :param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
311
+ :param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
241
312
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
242
313
  The value should not contain leading or trailing forward slashes.
243
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
314
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
244
315
  *Available only for Vault Enterprise*.
245
316
  :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
246
317
  :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
@@ -257,7 +328,6 @@ class SecretBackendCa(pulumi.CustomResource):
257
328
 
258
329
  ## Example Usage
259
330
 
260
- <!--Start PulumiCodeChooser -->
261
331
  ```python
262
332
  import pulumi
263
333
  import pulumi_vault as vault
@@ -265,7 +335,6 @@ class SecretBackendCa(pulumi.CustomResource):
265
335
  example = vault.Mount("example", type="ssh")
266
336
  foo = vault.ssh.SecretBackendCa("foo", backend=example.path)
267
337
  ```
268
- <!--End PulumiCodeChooser -->
269
338
 
270
339
  ## Import
271
340
 
@@ -292,6 +361,8 @@ class SecretBackendCa(pulumi.CustomResource):
292
361
  opts: Optional[pulumi.ResourceOptions] = None,
293
362
  backend: Optional[pulumi.Input[str]] = None,
294
363
  generate_signing_key: Optional[pulumi.Input[bool]] = None,
364
+ key_bits: Optional[pulumi.Input[int]] = None,
365
+ key_type: Optional[pulumi.Input[str]] = None,
295
366
  namespace: Optional[pulumi.Input[str]] = None,
296
367
  private_key: Optional[pulumi.Input[str]] = None,
297
368
  public_key: Optional[pulumi.Input[str]] = None,
@@ -306,6 +377,8 @@ class SecretBackendCa(pulumi.CustomResource):
306
377
 
307
378
  __props__.__dict__["backend"] = backend
308
379
  __props__.__dict__["generate_signing_key"] = generate_signing_key
380
+ __props__.__dict__["key_bits"] = key_bits
381
+ __props__.__dict__["key_type"] = key_type
309
382
  __props__.__dict__["namespace"] = namespace
310
383
  __props__.__dict__["private_key"] = None if private_key is None else pulumi.Output.secret(private_key)
311
384
  __props__.__dict__["public_key"] = public_key
@@ -323,6 +396,8 @@ class SecretBackendCa(pulumi.CustomResource):
323
396
  opts: Optional[pulumi.ResourceOptions] = None,
324
397
  backend: Optional[pulumi.Input[str]] = None,
325
398
  generate_signing_key: Optional[pulumi.Input[bool]] = None,
399
+ key_bits: Optional[pulumi.Input[int]] = None,
400
+ key_type: Optional[pulumi.Input[str]] = None,
326
401
  namespace: Optional[pulumi.Input[str]] = None,
327
402
  private_key: Optional[pulumi.Input[str]] = None,
328
403
  public_key: Optional[pulumi.Input[str]] = None) -> 'SecretBackendCa':
@@ -335,9 +410,11 @@ class SecretBackendCa(pulumi.CustomResource):
335
410
  :param pulumi.ResourceOptions opts: Options for the resource.
336
411
  :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
337
412
  :param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
413
+ :param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
414
+ :param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
338
415
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
339
416
  The value should not contain leading or trailing forward slashes.
340
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
417
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
341
418
  *Available only for Vault Enterprise*.
342
419
  :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
343
420
  :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
@@ -348,6 +425,8 @@ class SecretBackendCa(pulumi.CustomResource):
348
425
 
349
426
  __props__.__dict__["backend"] = backend
350
427
  __props__.__dict__["generate_signing_key"] = generate_signing_key
428
+ __props__.__dict__["key_bits"] = key_bits
429
+ __props__.__dict__["key_type"] = key_type
351
430
  __props__.__dict__["namespace"] = namespace
352
431
  __props__.__dict__["private_key"] = private_key
353
432
  __props__.__dict__["public_key"] = public_key
@@ -369,13 +448,29 @@ class SecretBackendCa(pulumi.CustomResource):
369
448
  """
370
449
  return pulumi.get(self, "generate_signing_key")
371
450
 
451
+ @property
452
+ @pulumi.getter(name="keyBits")
453
+ def key_bits(self) -> pulumi.Output[Optional[int]]:
454
+ """
455
+ Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
456
+ """
457
+ return pulumi.get(self, "key_bits")
458
+
459
+ @property
460
+ @pulumi.getter(name="keyType")
461
+ def key_type(self) -> pulumi.Output[Optional[str]]:
462
+ """
463
+ Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
464
+ """
465
+ return pulumi.get(self, "key_type")
466
+
372
467
  @property
373
468
  @pulumi.getter
374
469
  def namespace(self) -> pulumi.Output[Optional[str]]:
375
470
  """
376
471
  The namespace to provision the resource in.
377
472
  The value should not contain leading or trailing forward slashes.
378
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
473
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
379
474
  *Available only for Vault Enterprise*.
380
475
  """
381
476
  return pulumi.get(self, "namespace")