pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl

pulumi_vault/aws/auth_backend_role_tag.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['AuthBackendRoleTagArgs', 'AuthBackendRoleTag']
@@ -34,7 +39,7 @@ class AuthBackendRoleTagArgs:
         :param pulumi.Input[str] max_ttl: The maximum TTL of the tokens issued using this role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: The policies to be associated with the tag. Must be a subset of the policies associated with the role.
         """
@@ -134,7 +139,7 @@ class AuthBackendRoleTagArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -179,7 +184,7 @@ class _AuthBackendRoleTagState:
         :param pulumi.Input[str] max_ttl: The maximum TTL of the tokens issued using this role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: The policies to be associated with the tag. Must be a subset of the policies associated with the role.
         :param pulumi.Input[str] role: The name of the AWS auth backend role to read
@@ -275,7 +280,7 @@ class _AuthBackendRoleTagState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -361,7 +366,7 @@ class AuthBackendRoleTag(pulumi.CustomResource):
         :param pulumi.Input[str] max_ttl: The maximum TTL of the tokens issued using this role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: The policies to be associated with the tag. Must be a subset of the policies associated with the role.
         :param pulumi.Input[str] role: The name of the AWS auth backend role to read
@@ -455,7 +460,7 @@ class AuthBackendRoleTag(pulumi.CustomResource):
         :param pulumi.Input[str] max_ttl: The maximum TTL of the tokens issued using this role.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: The policies to be associated with the tag. Must be a subset of the policies associated with the role.
         :param pulumi.Input[str] role: The name of the AWS auth backend role to read
@@ -526,7 +531,7 @@ class AuthBackendRoleTag(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")

pulumi_vault/aws/auth_backend_roletag_blacklist.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['AuthBackendRoletagBlacklistArgs', 'AuthBackendRoletagBlacklist']
@@ -26,7 +31,7 @@ class AuthBackendRoletagBlacklistArgs:
                tidying of the roletag blacklist entries. Defaults to false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[int] safety_buffer: The amount of extra time that must have passed
                beyond the roletag expiration, before it is removed from the backend storage.
@@ -72,7 +77,7 @@ class AuthBackendRoletagBlacklistArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -111,7 +116,7 @@ class _AuthBackendRoletagBlacklistState:
                tidying of the roletag blacklist entries. Defaults to false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[int] safety_buffer: The amount of extra time that must have passed
                beyond the roletag expiration, before it is removed from the backend storage.
@@ -158,7 +163,7 @@ class _AuthBackendRoletagBlacklistState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -197,17 +202,15 @@ class AuthBackendRoletagBlacklist(pulumi.CustomResource):
 
         ## Example Usage
 
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
 
-        example_auth_backend = vault.AuthBackend("exampleAuthBackend", type="aws")
-        example_auth_backend_roletag_blacklist = vault.aws.AuthBackendRoletagBlacklist("exampleAuthBackendRoletagBlacklist",
-            backend=example_auth_backend.path,
+        example = vault.AuthBackend("example", type="aws")
+        example_auth_backend_roletag_blacklist = vault.aws.AuthBackendRoletagBlacklist("example",
+            backend=example.path,
             safety_buffer=360)
         ```
-        <!--End PulumiCodeChooser -->
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
@@ -217,7 +220,7 @@ class AuthBackendRoletagBlacklist(pulumi.CustomResource):
                tidying of the roletag blacklist entries. Defaults to false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[int] safety_buffer: The amount of extra time that must have passed
                beyond the roletag expiration, before it is removed from the backend storage.
@@ -234,17 +237,15 @@ class AuthBackendRoletagBlacklist(pulumi.CustomResource):
 
         ## Example Usage
 
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
 
-        example_auth_backend = vault.AuthBackend("exampleAuthBackend", type="aws")
-        example_auth_backend_roletag_blacklist = vault.aws.AuthBackendRoletagBlacklist("exampleAuthBackendRoletagBlacklist",
-            backend=example_auth_backend.path,
+        example = vault.AuthBackend("example", type="aws")
+        example_auth_backend_roletag_blacklist = vault.aws.AuthBackendRoletagBlacklist("example",
+            backend=example.path,
             safety_buffer=360)
         ```
-        <!--End PulumiCodeChooser -->
 
         :param str resource_name: The name of the resource.
         :param AuthBackendRoletagBlacklistArgs args: The arguments to use to populate this resource's properties.
@@ -307,7 +308,7 @@ class AuthBackendRoletagBlacklist(pulumi.CustomResource):
                tidying of the roletag blacklist entries. Defaults to false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[int] safety_buffer: The amount of extra time that must have passed
                beyond the roletag expiration, before it is removed from the backend storage.
@@ -347,7 +348,7 @@ class AuthBackendRoletagBlacklist(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")

pulumi_vault/aws/auth_backend_sts_role.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['AuthBackendStsRoleArgs', 'AuthBackendStsRole']
@@ -27,7 +32,7 @@ class AuthBackendStsRoleArgs:
                mounted at.  Defaults to `aws`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         """
         pulumi.set(__self__, "account_id", account_id)
@@ -81,7 +86,7 @@ class AuthBackendStsRoleArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -105,7 +110,7 @@ class _AuthBackendStsRoleState:
                mounted at.  Defaults to `aws`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] sts_role: The STS role to assume when verifying requests made
                by EC2 instances in the account specified by `account_id`.
@@ -150,7 +155,7 @@ class _AuthBackendStsRoleState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -186,7 +191,6 @@ class AuthBackendStsRole(pulumi.CustomResource):
         """
         ## Example Usage
 
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -197,7 +201,6 @@ class AuthBackendStsRole(pulumi.CustomResource):
             account_id="1234567890",
             sts_role="arn:aws:iam::1234567890:role/my-role")
         ```
-        <!--End PulumiCodeChooser -->
 
         ## Import
 
@@ -214,7 +217,7 @@ class AuthBackendStsRole(pulumi.CustomResource):
                mounted at.  Defaults to `aws`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] sts_role: The STS role to assume when verifying requests made
                by EC2 instances in the account specified by `account_id`.
@@ -228,7 +231,6 @@ class AuthBackendStsRole(pulumi.CustomResource):
         """
         ## Example Usage
 
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -239,7 +241,6 @@ class AuthBackendStsRole(pulumi.CustomResource):
             account_id="1234567890",
             sts_role="arn:aws:iam::1234567890:role/my-role")
         ```
-        <!--End PulumiCodeChooser -->
 
         ## Import
 
@@ -311,7 +312,7 @@ class AuthBackendStsRole(pulumi.CustomResource):
                mounted at.  Defaults to `aws`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] sts_role: The STS role to assume when verifying requests made
                by EC2 instances in the account specified by `account_id`.
@@ -349,7 +350,7 @@ class AuthBackendStsRole(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")

pulumi_vault/aws/get_access_credentials.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [
@@ -203,7 +208,7 @@ def get_access_credentials(backend: Optional[str] = None,
            read credentials from, with no leading or trailing `/`s.
     :param str namespace: The namespace of the target resource.
            The value should not contain leading or trailing forward slashes.
-           The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+           The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
     :param str region: The region the read credentials belong to.
     :param str role: The name of the AWS secret backend role to read
@@ -246,9 +251,6 @@ def get_access_credentials(backend: Optional[str] = None,
         security_token=pulumi.get(__ret__, 'security_token'),
         ttl=pulumi.get(__ret__, 'ttl'),
         type=pulumi.get(__ret__, 'type'))
-
-
-@_utilities.lift_output_func(get_access_credentials)
 def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
                                   namespace: Optional[pulumi.Input[Optional[str]]] = None,
                                   region: Optional[pulumi.Input[Optional[str]]] = None,
@@ -256,7 +258,7 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
                                   role_arn: Optional[pulumi.Input[Optional[str]]] = None,
                                   ttl: Optional[pulumi.Input[Optional[str]]] = None,
                                   type: Optional[pulumi.Input[Optional[str]]] = None,
-                                  opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessCredentialsResult]:
+                                  opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetAccessCredentialsResult]:
     """
     ## Example Usage
 
@@ -265,7 +267,7 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
            read credentials from, with no leading or trailing `/`s.
     :param str namespace: The namespace of the target resource.
            The value should not contain leading or trailing forward slashes.
-           The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+           The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
     :param str region: The region the read credentials belong to.
     :param str role: The name of the AWS secret backend role to read
@@ -281,4 +283,29 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
            Key. Can also be set to `"sts"`, which will return a security token
            in addition to the keys.
     """
-    ...
+    __args__ = dict()
+    __args__['backend'] = backend
+    __args__['namespace'] = namespace
+    __args__['region'] = region
+    __args__['role'] = role
+    __args__['roleArn'] = role_arn
+    __args__['ttl'] = ttl
+    __args__['type'] = type
+    opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke_output('vault:aws/getAccessCredentials:getAccessCredentials', __args__, opts=opts, typ=GetAccessCredentialsResult)
+    return __ret__.apply(lambda __response__: GetAccessCredentialsResult(
+        access_key=pulumi.get(__response__, 'access_key'),
+        backend=pulumi.get(__response__, 'backend'),
+        id=pulumi.get(__response__, 'id'),
+        lease_duration=pulumi.get(__response__, 'lease_duration'),
+        lease_id=pulumi.get(__response__, 'lease_id'),
+        lease_renewable=pulumi.get(__response__, 'lease_renewable'),
+        lease_start_time=pulumi.get(__response__, 'lease_start_time'),
+        namespace=pulumi.get(__response__, 'namespace'),
+        region=pulumi.get(__response__, 'region'),
+        role=pulumi.get(__response__, 'role'),
+        role_arn=pulumi.get(__response__, 'role_arn'),
+        secret_key=pulumi.get(__response__, 'secret_key'),
+        security_token=pulumi.get(__response__, 'security_token'),
+        ttl=pulumi.get(__response__, 'ttl'),
+        type=pulumi.get(__response__, 'type')))

pulumi_vault/aws/get_static_access_credentials.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [
@@ -110,14 +115,23 @@ def get_static_access_credentials(backend: Optional[str] = None,
         name=pulumi.get(__ret__, 'name'),
         namespace=pulumi.get(__ret__, 'namespace'),
         secret_key=pulumi.get(__ret__, 'secret_key'))
-
-
-@_utilities.lift_output_func(get_static_access_credentials)
 def get_static_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
                                          name: Optional[pulumi.Input[str]] = None,
                                          namespace: Optional[pulumi.Input[Optional[str]]] = None,
-                                         opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetStaticAccessCredentialsResult]:
+                                         opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetStaticAccessCredentialsResult]:
     """
     Use this data source to access information about an existing resource.
     """
-    ...
+    __args__ = dict()
+    __args__['backend'] = backend
+    __args__['name'] = name
+    __args__['namespace'] = namespace
+    opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke_output('vault:aws/getStaticAccessCredentials:getStaticAccessCredentials', __args__, opts=opts, typ=GetStaticAccessCredentialsResult)
+    return __ret__.apply(lambda __response__: GetStaticAccessCredentialsResult(
+        access_key=pulumi.get(__response__, 'access_key'),
+        backend=pulumi.get(__response__, 'backend'),
+        id=pulumi.get(__response__, 'id'),
+        name=pulumi.get(__response__, 'name'),
+        namespace=pulumi.get(__response__, 'namespace'),
+        secret_key=pulumi.get(__response__, 'secret_key')))

pulumi_vault/aws/secret_backend.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['SecretBackendArgs', 'SecretBackend']
@@ -49,12 +54,21 @@ class SecretBackendArgs:
                for credentials issued by this backend.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
         :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+               
+               ```
+               {{ if (eq .Type "STS") }}
+               {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
+               {{ else }}
+               {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
+               {{ end }}
+               
+               ```
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -224,7 +238,7 @@ class SecretBackendArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -263,6 +277,15 @@ class SecretBackendArgs:
     def role_arn(self) -> Optional[pulumi.Input[str]]:
         """
         Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+
+        ```
+        {{ if (eq .Type "STS") }}
+        {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
+        {{ else }}
+        {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
+        {{ end }}
+
+        ```
         """
         return pulumi.get(self, "role_arn")
 
@@ -345,12 +368,21 @@ class _SecretBackendState:
                for credentials issued by this backend.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
         :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+               
+               ```
+               {{ if (eq .Type "STS") }}
+               {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
+               {{ else }}
+               {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
+               {{ end }}
+               
+               ```
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -520,7 +552,7 @@ class _SecretBackendState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -559,6 +591,15 @@ class _SecretBackendState:
     def role_arn(self) -> Optional[pulumi.Input[str]]:
         """
         Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+
+        ```
+        {{ if (eq .Type "STS") }}
+        {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
+        {{ else }}
+        {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
+        {{ end }}
+
+        ```
         """
         return pulumi.get(self, "role_arn")
 
@@ -653,12 +694,21 @@ class SecretBackend(pulumi.CustomResource):
                for credentials issued by this backend.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
         :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+               
+               ```
+               {{ if (eq .Type "STS") }}
+               {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
+               {{ else }}
+               {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
+               {{ end }}
+               
+               ```
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -788,12 +838,21 @@ class SecretBackend(pulumi.CustomResource):
                for credentials issued by this backend.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
         :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+               
+               ```
+               {{ if (eq .Type "STS") }}
+               {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
+               {{ else }}
+               {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
+               {{ end }}
+               
+               ```
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -911,7 +970,7 @@ class SecretBackend(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -938,6 +997,15 @@ class SecretBackend(pulumi.CustomResource):
     def role_arn(self) -> pulumi.Output[Optional[str]]:
         """
         Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+
+        ```
+        {{ if (eq .Type "STS") }}
+        {{ printf "vault-%s-%s" (unix_time) (random 20) | truncate 32 }}
+        {{ else }}
+        {{ printf "vault-%s-%s-%s" (printf "%s-%s" (.DisplayName) (.PolicyName) | truncate 42) (unix_time) (random 20) | truncate 64 }}
+        {{ end }}
+
+        ```
         """
         return pulumi.get(self, "role_arn")