pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['TemplateArgs', 'Template']
|
@@ -16,7 +21,7 @@ class TemplateArgs:
|
|
16
21
|
def __init__(__self__, *,
|
17
22
|
path: pulumi.Input[str],
|
18
23
|
alphabet: Optional[pulumi.Input[str]] = None,
|
19
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
24
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
20
25
|
encode_format: Optional[pulumi.Input[str]] = None,
|
21
26
|
name: Optional[pulumi.Input[str]] = None,
|
22
27
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -26,14 +31,14 @@ class TemplateArgs:
|
|
26
31
|
The set of arguments for constructing a Template resource.
|
27
32
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
28
33
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
29
|
-
:param pulumi.Input[Mapping[str,
|
34
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
30
35
|
the decoded output. (requires Vault Enterprise 1.9+)
|
31
36
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
32
37
|
(requires Vault Enterprise 1.9+)
|
33
38
|
:param pulumi.Input[str] name: The name of the template.
|
34
39
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
35
40
|
The value should not contain leading or trailing forward slashes.
|
36
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
41
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
37
42
|
*Available only for Vault Enterprise*.
|
38
43
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
39
44
|
:param pulumi.Input[str] type: The pattern type to use for match detection. Currently, only regex is supported.
|
@@ -80,7 +85,7 @@ class TemplateArgs:
|
|
80
85
|
|
81
86
|
@property
|
82
87
|
@pulumi.getter(name="decodeFormats")
|
83
|
-
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str,
|
88
|
+
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
84
89
|
"""
|
85
90
|
Optional mapping of name to regular expression template, used to customize
|
86
91
|
the decoded output. (requires Vault Enterprise 1.9+)
|
@@ -88,7 +93,7 @@ class TemplateArgs:
|
|
88
93
|
return pulumi.get(self, "decode_formats")
|
89
94
|
|
90
95
|
@decode_formats.setter
|
91
|
-
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str,
|
96
|
+
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
92
97
|
pulumi.set(self, "decode_formats", value)
|
93
98
|
|
94
99
|
@property
|
@@ -122,7 +127,7 @@ class TemplateArgs:
|
|
122
127
|
"""
|
123
128
|
The namespace to provision the resource in.
|
124
129
|
The value should not contain leading or trailing forward slashes.
|
125
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
130
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
126
131
|
*Available only for Vault Enterprise*.
|
127
132
|
"""
|
128
133
|
return pulumi.get(self, "namespace")
|
@@ -160,7 +165,7 @@ class TemplateArgs:
|
|
160
165
|
class _TemplateState:
|
161
166
|
def __init__(__self__, *,
|
162
167
|
alphabet: Optional[pulumi.Input[str]] = None,
|
163
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
168
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
164
169
|
encode_format: Optional[pulumi.Input[str]] = None,
|
165
170
|
name: Optional[pulumi.Input[str]] = None,
|
166
171
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -170,14 +175,14 @@ class _TemplateState:
|
|
170
175
|
"""
|
171
176
|
Input properties used for looking up and filtering Template resources.
|
172
177
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
173
|
-
:param pulumi.Input[Mapping[str,
|
178
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
174
179
|
the decoded output. (requires Vault Enterprise 1.9+)
|
175
180
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
176
181
|
(requires Vault Enterprise 1.9+)
|
177
182
|
:param pulumi.Input[str] name: The name of the template.
|
178
183
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
179
184
|
The value should not contain leading or trailing forward slashes.
|
180
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
185
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
181
186
|
*Available only for Vault Enterprise*.
|
182
187
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
183
188
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
@@ -214,7 +219,7 @@ class _TemplateState:
|
|
214
219
|
|
215
220
|
@property
|
216
221
|
@pulumi.getter(name="decodeFormats")
|
217
|
-
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str,
|
222
|
+
def decode_formats(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
218
223
|
"""
|
219
224
|
Optional mapping of name to regular expression template, used to customize
|
220
225
|
the decoded output. (requires Vault Enterprise 1.9+)
|
@@ -222,7 +227,7 @@ class _TemplateState:
|
|
222
227
|
return pulumi.get(self, "decode_formats")
|
223
228
|
|
224
229
|
@decode_formats.setter
|
225
|
-
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str,
|
230
|
+
def decode_formats(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
226
231
|
pulumi.set(self, "decode_formats", value)
|
227
232
|
|
228
233
|
@property
|
@@ -256,7 +261,7 @@ class _TemplateState:
|
|
256
261
|
"""
|
257
262
|
The namespace to provision the resource in.
|
258
263
|
The value should not contain leading or trailing forward slashes.
|
259
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
264
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
260
265
|
*Available only for Vault Enterprise*.
|
261
266
|
"""
|
262
267
|
return pulumi.get(self, "namespace")
|
@@ -308,7 +313,7 @@ class Template(pulumi.CustomResource):
|
|
308
313
|
resource_name: str,
|
309
314
|
opts: Optional[pulumi.ResourceOptions] = None,
|
310
315
|
alphabet: Optional[pulumi.Input[str]] = None,
|
311
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
316
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
312
317
|
encode_format: Optional[pulumi.Input[str]] = None,
|
313
318
|
name: Optional[pulumi.Input[str]] = None,
|
314
319
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -334,7 +339,6 @@ class Template(pulumi.CustomResource):
|
|
334
339
|
backslashes must be escaped to appear correctly in Vault. For further
|
335
340
|
assistance escaping your own custom regex, see String Literals.
|
336
341
|
|
337
|
-
<!--Start PulumiCodeChooser -->
|
338
342
|
```python
|
339
343
|
import pulumi
|
340
344
|
import pulumi_vault as vault
|
@@ -344,9 +348,11 @@ class Template(pulumi.CustomResource):
|
|
344
348
|
type="transform")
|
345
349
|
numerics = vault.transform.Alphabet("numerics",
|
346
350
|
path=transform.path,
|
351
|
+
name="numerics",
|
347
352
|
alphabet="0123456789")
|
348
353
|
test = vault.transform.Template("test",
|
349
354
|
path=numerics.path,
|
355
|
+
name="ccn",
|
350
356
|
type="regex",
|
351
357
|
pattern="(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})",
|
352
358
|
alphabet="numerics",
|
@@ -355,19 +361,18 @@ class Template(pulumi.CustomResource):
|
|
355
361
|
"last-four-digits": "$4",
|
356
362
|
})
|
357
363
|
```
|
358
|
-
<!--End PulumiCodeChooser -->
|
359
364
|
|
360
365
|
:param str resource_name: The name of the resource.
|
361
366
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
362
367
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
363
|
-
:param pulumi.Input[Mapping[str,
|
368
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
364
369
|
the decoded output. (requires Vault Enterprise 1.9+)
|
365
370
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
366
371
|
(requires Vault Enterprise 1.9+)
|
367
372
|
:param pulumi.Input[str] name: The name of the template.
|
368
373
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
369
374
|
The value should not contain leading or trailing forward slashes.
|
370
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
375
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
371
376
|
*Available only for Vault Enterprise*.
|
372
377
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
373
378
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
@@ -397,7 +402,6 @@ class Template(pulumi.CustomResource):
|
|
397
402
|
backslashes must be escaped to appear correctly in Vault. For further
|
398
403
|
assistance escaping your own custom regex, see String Literals.
|
399
404
|
|
400
|
-
<!--Start PulumiCodeChooser -->
|
401
405
|
```python
|
402
406
|
import pulumi
|
403
407
|
import pulumi_vault as vault
|
@@ -407,9 +411,11 @@ class Template(pulumi.CustomResource):
|
|
407
411
|
type="transform")
|
408
412
|
numerics = vault.transform.Alphabet("numerics",
|
409
413
|
path=transform.path,
|
414
|
+
name="numerics",
|
410
415
|
alphabet="0123456789")
|
411
416
|
test = vault.transform.Template("test",
|
412
417
|
path=numerics.path,
|
418
|
+
name="ccn",
|
413
419
|
type="regex",
|
414
420
|
pattern="(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})",
|
415
421
|
alphabet="numerics",
|
@@ -418,7 +424,6 @@ class Template(pulumi.CustomResource):
|
|
418
424
|
"last-four-digits": "$4",
|
419
425
|
})
|
420
426
|
```
|
421
|
-
<!--End PulumiCodeChooser -->
|
422
427
|
|
423
428
|
:param str resource_name: The name of the resource.
|
424
429
|
:param TemplateArgs args: The arguments to use to populate this resource's properties.
|
@@ -436,7 +441,7 @@ class Template(pulumi.CustomResource):
|
|
436
441
|
resource_name: str,
|
437
442
|
opts: Optional[pulumi.ResourceOptions] = None,
|
438
443
|
alphabet: Optional[pulumi.Input[str]] = None,
|
439
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
444
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
440
445
|
encode_format: Optional[pulumi.Input[str]] = None,
|
441
446
|
name: Optional[pulumi.Input[str]] = None,
|
442
447
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -473,7 +478,7 @@ class Template(pulumi.CustomResource):
|
|
473
478
|
id: pulumi.Input[str],
|
474
479
|
opts: Optional[pulumi.ResourceOptions] = None,
|
475
480
|
alphabet: Optional[pulumi.Input[str]] = None,
|
476
|
-
decode_formats: Optional[pulumi.Input[Mapping[str,
|
481
|
+
decode_formats: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
477
482
|
encode_format: Optional[pulumi.Input[str]] = None,
|
478
483
|
name: Optional[pulumi.Input[str]] = None,
|
479
484
|
namespace: Optional[pulumi.Input[str]] = None,
|
@@ -488,14 +493,14 @@ class Template(pulumi.CustomResource):
|
|
488
493
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
489
494
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
490
495
|
:param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations.
|
491
|
-
:param pulumi.Input[Mapping[str,
|
496
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] decode_formats: Optional mapping of name to regular expression template, used to customize
|
492
497
|
the decoded output. (requires Vault Enterprise 1.9+)
|
493
498
|
:param pulumi.Input[str] encode_format: The regular expression template used to format encoded values.
|
494
499
|
(requires Vault Enterprise 1.9+)
|
495
500
|
:param pulumi.Input[str] name: The name of the template.
|
496
501
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
497
502
|
The value should not contain leading or trailing forward slashes.
|
498
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
503
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
499
504
|
*Available only for Vault Enterprise*.
|
500
505
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
501
506
|
:param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported.
|
@@ -525,7 +530,7 @@ class Template(pulumi.CustomResource):
|
|
525
530
|
|
526
531
|
@property
|
527
532
|
@pulumi.getter(name="decodeFormats")
|
528
|
-
def decode_formats(self) -> pulumi.Output[Optional[Mapping[str,
|
533
|
+
def decode_formats(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
|
529
534
|
"""
|
530
535
|
Optional mapping of name to regular expression template, used to customize
|
531
536
|
the decoded output. (requires Vault Enterprise 1.9+)
|
@@ -555,7 +560,7 @@ class Template(pulumi.CustomResource):
|
|
555
560
|
"""
|
556
561
|
The namespace to provision the resource in.
|
557
562
|
The value should not contain leading or trailing forward slashes.
|
558
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
563
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
559
564
|
*Available only for Vault Enterprise*.
|
560
565
|
"""
|
561
566
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['TransformationArgs', 'Transformation']
|
@@ -35,7 +40,7 @@ class TransformationArgs:
|
|
35
40
|
:param pulumi.Input[str] name: The name of the transformation.
|
36
41
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
37
42
|
The value should not contain leading or trailing forward slashes.
|
38
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
43
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
39
44
|
*Available only for Vault Enterprise*.
|
40
45
|
:param pulumi.Input[str] template: The name of the template to use.
|
41
46
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] templates: Templates configured for transformation.
|
@@ -130,7 +135,7 @@ class TransformationArgs:
|
|
130
135
|
"""
|
131
136
|
The namespace to provision the resource in.
|
132
137
|
The value should not contain leading or trailing forward slashes.
|
133
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
138
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
134
139
|
*Available only for Vault Enterprise*.
|
135
140
|
"""
|
136
141
|
return pulumi.get(self, "namespace")
|
@@ -211,7 +216,7 @@ class _TransformationState:
|
|
211
216
|
:param pulumi.Input[str] name: The name of the transformation.
|
212
217
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
213
218
|
The value should not contain leading or trailing forward slashes.
|
214
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
219
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
215
220
|
*Available only for Vault Enterprise*.
|
216
221
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
217
222
|
:param pulumi.Input[str] template: The name of the template to use.
|
@@ -296,7 +301,7 @@ class _TransformationState:
|
|
296
301
|
"""
|
297
302
|
The namespace to provision the resource in.
|
298
303
|
The value should not contain leading or trailing forward slashes.
|
299
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
304
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
300
305
|
*Available only for Vault Enterprise*.
|
301
306
|
"""
|
302
307
|
return pulumi.get(self, "namespace")
|
@@ -394,7 +399,7 @@ class Transformation(pulumi.CustomResource):
|
|
394
399
|
:param pulumi.Input[str] name: The name of the transformation.
|
395
400
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
396
401
|
The value should not contain leading or trailing forward slashes.
|
397
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
402
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
398
403
|
*Available only for Vault Enterprise*.
|
399
404
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
400
405
|
:param pulumi.Input[str] template: The name of the template to use.
|
@@ -491,7 +496,7 @@ class Transformation(pulumi.CustomResource):
|
|
491
496
|
:param pulumi.Input[str] name: The name of the transformation.
|
492
497
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
493
498
|
The value should not contain leading or trailing forward slashes.
|
494
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
499
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
495
500
|
*Available only for Vault Enterprise*.
|
496
501
|
:param pulumi.Input[str] path: Path to where the back-end is mounted within Vault.
|
497
502
|
:param pulumi.Input[str] template: The name of the template to use.
|
@@ -555,7 +560,7 @@ class Transformation(pulumi.CustomResource):
|
|
555
560
|
"""
|
556
561
|
The namespace to provision the resource in.
|
557
562
|
The value should not contain leading or trailing forward slashes.
|
558
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
563
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
559
564
|
*Available only for Vault Enterprise*.
|
560
565
|
"""
|
561
566
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -112,22 +117,14 @@ def get_decrypt(backend: Optional[str] = None,
|
|
112
117
|
|
113
118
|
## Example Usage
|
114
119
|
|
115
|
-
<!--Start PulumiCodeChooser -->
|
116
120
|
```python
|
117
121
|
import pulumi
|
118
122
|
import pulumi_vault as vault
|
119
123
|
|
120
124
|
test = vault.transit.get_decrypt(backend="transit",
|
121
|
-
|
122
|
-
|
125
|
+
key="test",
|
126
|
+
ciphertext="vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==")
|
123
127
|
```
|
124
|
-
<!--End PulumiCodeChooser -->
|
125
|
-
|
126
|
-
|
127
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
128
|
-
:param str ciphertext: Ciphertext to be decoded.
|
129
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
130
|
-
:param str key: Specifies the name of the transit key to decrypt against.
|
131
128
|
"""
|
132
129
|
__args__ = dict()
|
133
130
|
__args__['backend'] = backend
|
@@ -146,35 +143,39 @@ def get_decrypt(backend: Optional[str] = None,
|
|
146
143
|
key=pulumi.get(__ret__, 'key'),
|
147
144
|
namespace=pulumi.get(__ret__, 'namespace'),
|
148
145
|
plaintext=pulumi.get(__ret__, 'plaintext'))
|
149
|
-
|
150
|
-
|
151
|
-
@_utilities.lift_output_func(get_decrypt)
|
152
146
|
def get_decrypt_output(backend: Optional[pulumi.Input[str]] = None,
|
153
147
|
ciphertext: Optional[pulumi.Input[str]] = None,
|
154
148
|
context: Optional[pulumi.Input[Optional[str]]] = None,
|
155
149
|
key: Optional[pulumi.Input[str]] = None,
|
156
150
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
157
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetDecryptResult]:
|
151
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetDecryptResult]:
|
158
152
|
"""
|
159
153
|
This is a data source which can be used to decrypt ciphertext using a Vault Transit key.
|
160
154
|
|
161
155
|
## Example Usage
|
162
156
|
|
163
|
-
<!--Start PulumiCodeChooser -->
|
164
157
|
```python
|
165
158
|
import pulumi
|
166
159
|
import pulumi_vault as vault
|
167
160
|
|
168
161
|
test = vault.transit.get_decrypt(backend="transit",
|
169
|
-
|
170
|
-
|
162
|
+
key="test",
|
163
|
+
ciphertext="vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==")
|
171
164
|
```
|
172
|
-
<!--End PulumiCodeChooser -->
|
173
|
-
|
174
|
-
|
175
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
176
|
-
:param str ciphertext: Ciphertext to be decoded.
|
177
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
178
|
-
:param str key: Specifies the name of the transit key to decrypt against.
|
179
165
|
"""
|
180
|
-
|
166
|
+
__args__ = dict()
|
167
|
+
__args__['backend'] = backend
|
168
|
+
__args__['ciphertext'] = ciphertext
|
169
|
+
__args__['context'] = context
|
170
|
+
__args__['key'] = key
|
171
|
+
__args__['namespace'] = namespace
|
172
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
173
|
+
__ret__ = pulumi.runtime.invoke_output('vault:transit/getDecrypt:getDecrypt', __args__, opts=opts, typ=GetDecryptResult)
|
174
|
+
return __ret__.apply(lambda __response__: GetDecryptResult(
|
175
|
+
backend=pulumi.get(__response__, 'backend'),
|
176
|
+
ciphertext=pulumi.get(__response__, 'ciphertext'),
|
177
|
+
context=pulumi.get(__response__, 'context'),
|
178
|
+
id=pulumi.get(__response__, 'id'),
|
179
|
+
key=pulumi.get(__response__, 'key'),
|
180
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
181
|
+
plaintext=pulumi.get(__response__, 'plaintext')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -119,13 +124,6 @@ def get_encrypt(backend: Optional[str] = None,
|
|
119
124
|
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetEncryptResult:
|
120
125
|
"""
|
121
126
|
This is a data source which can be used to encrypt plaintext using a Vault Transit key.
|
122
|
-
|
123
|
-
|
124
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
125
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
126
|
-
:param str key: Specifies the name of the transit key to encrypt against.
|
127
|
-
:param int key_version: The version of the key to use for encryption. If not set, uses the latest version. Must be greater than or equal to the key's `min_encryption_version`, if set.
|
128
|
-
:param str plaintext: Plaintext to be encoded.
|
129
127
|
"""
|
130
128
|
__args__ = dict()
|
131
129
|
__args__['backend'] = backend
|
@@ -146,24 +144,31 @@ def get_encrypt(backend: Optional[str] = None,
|
|
146
144
|
key_version=pulumi.get(__ret__, 'key_version'),
|
147
145
|
namespace=pulumi.get(__ret__, 'namespace'),
|
148
146
|
plaintext=pulumi.get(__ret__, 'plaintext'))
|
149
|
-
|
150
|
-
|
151
|
-
@_utilities.lift_output_func(get_encrypt)
|
152
147
|
def get_encrypt_output(backend: Optional[pulumi.Input[str]] = None,
|
153
148
|
context: Optional[pulumi.Input[Optional[str]]] = None,
|
154
149
|
key: Optional[pulumi.Input[str]] = None,
|
155
150
|
key_version: Optional[pulumi.Input[Optional[int]]] = None,
|
156
151
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
157
152
|
plaintext: Optional[pulumi.Input[str]] = None,
|
158
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetEncryptResult]:
|
153
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetEncryptResult]:
|
159
154
|
"""
|
160
155
|
This is a data source which can be used to encrypt plaintext using a Vault Transit key.
|
161
|
-
|
162
|
-
|
163
|
-
:param str backend: The path the transit secret backend is mounted at, with no leading or trailing `/`.
|
164
|
-
:param str context: Context for key derivation. This is required if key derivation is enabled for this key.
|
165
|
-
:param str key: Specifies the name of the transit key to encrypt against.
|
166
|
-
:param int key_version: The version of the key to use for encryption. If not set, uses the latest version. Must be greater than or equal to the key's `min_encryption_version`, if set.
|
167
|
-
:param str plaintext: Plaintext to be encoded.
|
168
156
|
"""
|
169
|
-
|
157
|
+
__args__ = dict()
|
158
|
+
__args__['backend'] = backend
|
159
|
+
__args__['context'] = context
|
160
|
+
__args__['key'] = key
|
161
|
+
__args__['keyVersion'] = key_version
|
162
|
+
__args__['namespace'] = namespace
|
163
|
+
__args__['plaintext'] = plaintext
|
164
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
165
|
+
__ret__ = pulumi.runtime.invoke_output('vault:transit/getEncrypt:getEncrypt', __args__, opts=opts, typ=GetEncryptResult)
|
166
|
+
return __ret__.apply(lambda __response__: GetEncryptResult(
|
167
|
+
backend=pulumi.get(__response__, 'backend'),
|
168
|
+
ciphertext=pulumi.get(__response__, 'ciphertext'),
|
169
|
+
context=pulumi.get(__response__, 'context'),
|
170
|
+
id=pulumi.get(__response__, 'id'),
|
171
|
+
key=pulumi.get(__response__, 'key'),
|
172
|
+
key_version=pulumi.get(__response__, 'key_version'),
|
173
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
174
|
+
plaintext=pulumi.get(__response__, 'plaintext')))
|