pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
  from . import outputs
12
17
  from ._inputs import *
@@ -41,7 +46,7 @@ class BackendRoleArgs:
41
46
  suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
42
47
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
43
48
  The value should not contain leading or trailing forward slashes.
44
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
49
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
45
50
  *Available only for Vault Enterprise*.
46
51
  :param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
47
52
  deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
@@ -167,7 +172,7 @@ class BackendRoleArgs:
167
172
  """
168
173
  The namespace to provision the resource in.
169
174
  The value should not contain leading or trailing forward slashes.
170
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
175
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
171
176
  *Available only for Vault Enterprise*.
172
177
  """
173
178
  return pulumi.get(self, "namespace")
@@ -255,7 +260,7 @@ class _BackendRoleState:
255
260
  suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
256
261
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
257
262
  The value should not contain leading or trailing forward slashes.
258
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
263
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
259
264
  *Available only for Vault Enterprise*.
260
265
  :param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
261
266
  deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
@@ -371,7 +376,7 @@ class _BackendRoleState:
371
376
  """
372
377
  The namespace to provision the resource in.
373
378
  The value should not contain leading or trailing forward slashes.
374
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
379
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
375
380
  *Available only for Vault Enterprise*.
376
381
  """
377
382
  return pulumi.get(self, "namespace")
@@ -450,8 +455,8 @@ class BackendRole(pulumi.CustomResource):
450
455
  resource_name: str,
451
456
  opts: Optional[pulumi.ResourceOptions] = None,
452
457
  application_object_id: Optional[pulumi.Input[str]] = None,
453
- azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureGroupArgs']]]]] = None,
454
- azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureRoleArgs']]]]] = None,
458
+ azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]]] = None,
459
+ azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]]] = None,
455
460
  backend: Optional[pulumi.Input[str]] = None,
456
461
  description: Optional[pulumi.Input[str]] = None,
457
462
  max_ttl: Optional[pulumi.Input[str]] = None,
@@ -465,17 +470,16 @@ class BackendRole(pulumi.CustomResource):
465
470
  """
466
471
  ## Example Usage
467
472
 
468
- <!--Start PulumiCodeChooser -->
469
473
  ```python
470
474
  import pulumi
471
475
  import pulumi_vault as vault
472
476
 
473
477
  azure = vault.azure.Backend("azure",
474
- subscription_id=var["subscription_id"],
475
- tenant_id=var["tenant_id"],
476
- client_secret=var["client_secret"],
477
- client_id=var["client_id"])
478
- generated_role = vault.azure.BackendRole("generatedRole",
478
+ subscription_id=subscription_id,
479
+ tenant_id=tenant_id,
480
+ client_secret=client_secret,
481
+ client_id=client_id)
482
+ generated_role = vault.azure.BackendRole("generated_role",
479
483
  backend=azure.path,
480
484
  role="generated_role",
481
485
  sign_in_audience="AzureADMyOrg",
@@ -485,32 +489,31 @@ class BackendRole(pulumi.CustomResource):
485
489
  ],
486
490
  ttl="300",
487
491
  max_ttl="600",
488
- azure_roles=[vault.azure.BackendRoleAzureRoleArgs(
489
- role_name="Reader",
490
- scope=f"/subscriptions/{var['subscription_id']}/resourceGroups/azure-vault-group",
491
- )])
492
- existing_object_id = vault.azure.BackendRole("existingObjectId",
492
+ azure_roles=[{
493
+ "role_name": "Reader",
494
+ "scope": f"/subscriptions/{subscription_id}/resourceGroups/azure-vault-group",
495
+ }])
496
+ existing_object_id = vault.azure.BackendRole("existing_object_id",
493
497
  backend=azure.path,
494
498
  role="existing_object_id",
495
499
  application_object_id="11111111-2222-3333-4444-44444444444",
496
500
  ttl="300",
497
501
  max_ttl="600")
498
502
  ```
499
- <!--End PulumiCodeChooser -->
500
503
 
501
504
  :param str resource_name: The name of the resource.
502
505
  :param pulumi.ResourceOptions opts: Options for the resource.
503
506
  :param pulumi.Input[str] application_object_id: Application Object ID for an existing service principal that will
504
507
  be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
505
- :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureGroupArgs']]]] azure_groups: List of Azure groups to be assigned to the generated service principal.
506
- :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureRoleArgs']]]] azure_roles: List of Azure roles to be assigned to the generated service principal.
508
+ :param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]] azure_groups: List of Azure groups to be assigned to the generated service principal.
509
+ :param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]] azure_roles: List of Azure roles to be assigned to the generated service principal.
507
510
  :param pulumi.Input[str] backend: Path to the mounted Azure auth backend
508
511
  :param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
509
512
  :param pulumi.Input[str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
510
513
  suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
511
514
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
512
515
  The value should not contain leading or trailing forward slashes.
513
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
516
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
514
517
  *Available only for Vault Enterprise*.
515
518
  :param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
516
519
  deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
@@ -530,17 +533,16 @@ class BackendRole(pulumi.CustomResource):
530
533
  """
531
534
  ## Example Usage
532
535
 
533
- <!--Start PulumiCodeChooser -->
534
536
  ```python
535
537
  import pulumi
536
538
  import pulumi_vault as vault
537
539
 
538
540
  azure = vault.azure.Backend("azure",
539
- subscription_id=var["subscription_id"],
540
- tenant_id=var["tenant_id"],
541
- client_secret=var["client_secret"],
542
- client_id=var["client_id"])
543
- generated_role = vault.azure.BackendRole("generatedRole",
541
+ subscription_id=subscription_id,
542
+ tenant_id=tenant_id,
543
+ client_secret=client_secret,
544
+ client_id=client_id)
545
+ generated_role = vault.azure.BackendRole("generated_role",
544
546
  backend=azure.path,
545
547
  role="generated_role",
546
548
  sign_in_audience="AzureADMyOrg",
@@ -550,18 +552,17 @@ class BackendRole(pulumi.CustomResource):
550
552
  ],
551
553
  ttl="300",
552
554
  max_ttl="600",
553
- azure_roles=[vault.azure.BackendRoleAzureRoleArgs(
554
- role_name="Reader",
555
- scope=f"/subscriptions/{var['subscription_id']}/resourceGroups/azure-vault-group",
556
- )])
557
- existing_object_id = vault.azure.BackendRole("existingObjectId",
555
+ azure_roles=[{
556
+ "role_name": "Reader",
557
+ "scope": f"/subscriptions/{subscription_id}/resourceGroups/azure-vault-group",
558
+ }])
559
+ existing_object_id = vault.azure.BackendRole("existing_object_id",
558
560
  backend=azure.path,
559
561
  role="existing_object_id",
560
562
  application_object_id="11111111-2222-3333-4444-44444444444",
561
563
  ttl="300",
562
564
  max_ttl="600")
563
565
  ```
564
- <!--End PulumiCodeChooser -->
565
566
 
566
567
  :param str resource_name: The name of the resource.
567
568
  :param BackendRoleArgs args: The arguments to use to populate this resource's properties.
@@ -579,8 +580,8 @@ class BackendRole(pulumi.CustomResource):
579
580
  resource_name: str,
580
581
  opts: Optional[pulumi.ResourceOptions] = None,
581
582
  application_object_id: Optional[pulumi.Input[str]] = None,
582
- azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureGroupArgs']]]]] = None,
583
- azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureRoleArgs']]]]] = None,
583
+ azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]]] = None,
584
+ azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]]] = None,
584
585
  backend: Optional[pulumi.Input[str]] = None,
585
586
  description: Optional[pulumi.Input[str]] = None,
586
587
  max_ttl: Optional[pulumi.Input[str]] = None,
@@ -624,8 +625,8 @@ class BackendRole(pulumi.CustomResource):
624
625
  id: pulumi.Input[str],
625
626
  opts: Optional[pulumi.ResourceOptions] = None,
626
627
  application_object_id: Optional[pulumi.Input[str]] = None,
627
- azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureGroupArgs']]]]] = None,
628
- azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureRoleArgs']]]]] = None,
628
+ azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]]] = None,
629
+ azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]]] = None,
629
630
  backend: Optional[pulumi.Input[str]] = None,
630
631
  description: Optional[pulumi.Input[str]] = None,
631
632
  max_ttl: Optional[pulumi.Input[str]] = None,
@@ -644,15 +645,15 @@ class BackendRole(pulumi.CustomResource):
644
645
  :param pulumi.ResourceOptions opts: Options for the resource.
645
646
  :param pulumi.Input[str] application_object_id: Application Object ID for an existing service principal that will
646
647
  be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
647
- :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureGroupArgs']]]] azure_groups: List of Azure groups to be assigned to the generated service principal.
648
- :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['BackendRoleAzureRoleArgs']]]] azure_roles: List of Azure roles to be assigned to the generated service principal.
648
+ :param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]] azure_groups: List of Azure groups to be assigned to the generated service principal.
649
+ :param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]] azure_roles: List of Azure roles to be assigned to the generated service principal.
649
650
  :param pulumi.Input[str] backend: Path to the mounted Azure auth backend
650
651
  :param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
651
652
  :param pulumi.Input[str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
652
653
  suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
653
654
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
654
655
  The value should not contain leading or trailing forward slashes.
655
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
656
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
656
657
  *Available only for Vault Enterprise*.
657
658
  :param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
658
659
  deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
@@ -737,7 +738,7 @@ class BackendRole(pulumi.CustomResource):
737
738
  """
738
739
  The namespace to provision the resource in.
739
740
  The value should not contain leading or trailing forward slashes.
740
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
741
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
741
742
  *Available only for Vault Enterprise*.
742
743
  """
743
744
  return pulumi.get(self, "namespace")
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [
@@ -216,7 +221,6 @@ def get_access_credentials(backend: Optional[str] = None,
216
221
  """
217
222
  ## Example Usage
218
223
 
219
- <!--Start PulumiCodeChooser -->
220
224
  ```python
221
225
  import pulumi
222
226
  import pulumi_vault as vault
@@ -227,7 +231,6 @@ def get_access_credentials(backend: Optional[str] = None,
227
231
  num_seconds_between_tests=1,
228
232
  max_cred_validation_seconds=300)
229
233
  ```
230
- <!--End PulumiCodeChooser -->
231
234
 
232
235
  ## Caveats
233
236
 
@@ -247,7 +250,7 @@ def get_access_credentials(backend: Optional[str] = None,
247
250
  to 300.
248
251
  :param str namespace: The namespace of the target resource.
249
252
  The value should not contain leading or trailing forward slashes.
250
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
253
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
251
254
  *Available only for Vault Enterprise*.
252
255
  :param int num_seconds_between_tests: If 'validate_creds' is true,
253
256
  the number of seconds to wait between each test of generated credentials.
@@ -300,9 +303,6 @@ def get_access_credentials(backend: Optional[str] = None,
300
303
  subscription_id=pulumi.get(__ret__, 'subscription_id'),
301
304
  tenant_id=pulumi.get(__ret__, 'tenant_id'),
302
305
  validate_creds=pulumi.get(__ret__, 'validate_creds'))
303
-
304
-
305
- @_utilities.lift_output_func(get_access_credentials)
306
306
  def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
307
307
  environment: Optional[pulumi.Input[Optional[str]]] = None,
308
308
  max_cred_validation_seconds: Optional[pulumi.Input[Optional[int]]] = None,
@@ -313,11 +313,10 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
313
313
  subscription_id: Optional[pulumi.Input[Optional[str]]] = None,
314
314
  tenant_id: Optional[pulumi.Input[Optional[str]]] = None,
315
315
  validate_creds: Optional[pulumi.Input[Optional[bool]]] = None,
316
- opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessCredentialsResult]:
316
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetAccessCredentialsResult]:
317
317
  """
318
318
  ## Example Usage
319
319
 
320
- <!--Start PulumiCodeChooser -->
321
320
  ```python
322
321
  import pulumi
323
322
  import pulumi_vault as vault
@@ -328,7 +327,6 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
328
327
  num_seconds_between_tests=1,
329
328
  max_cred_validation_seconds=300)
330
329
  ```
331
- <!--End PulumiCodeChooser -->
332
330
 
333
331
  ## Caveats
334
332
 
@@ -348,7 +346,7 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
348
346
  to 300.
349
347
  :param str namespace: The namespace of the target resource.
350
348
  The value should not contain leading or trailing forward slashes.
351
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
349
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
352
350
  *Available only for Vault Enterprise*.
353
351
  :param int num_seconds_between_tests: If 'validate_creds' is true,
354
352
  the number of seconds to wait between each test of generated credentials.
@@ -369,4 +367,34 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
369
367
  credentials without checking whether they have fully propagated throughout
370
368
  Azure Active Directory. Designating `true` activates testing.
371
369
  """
372
- ...
370
+ __args__ = dict()
371
+ __args__['backend'] = backend
372
+ __args__['environment'] = environment
373
+ __args__['maxCredValidationSeconds'] = max_cred_validation_seconds
374
+ __args__['namespace'] = namespace
375
+ __args__['numSecondsBetweenTests'] = num_seconds_between_tests
376
+ __args__['numSequentialSuccesses'] = num_sequential_successes
377
+ __args__['role'] = role
378
+ __args__['subscriptionId'] = subscription_id
379
+ __args__['tenantId'] = tenant_id
380
+ __args__['validateCreds'] = validate_creds
381
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
382
+ __ret__ = pulumi.runtime.invoke_output('vault:azure/getAccessCredentials:getAccessCredentials', __args__, opts=opts, typ=GetAccessCredentialsResult)
383
+ return __ret__.apply(lambda __response__: GetAccessCredentialsResult(
384
+ backend=pulumi.get(__response__, 'backend'),
385
+ client_id=pulumi.get(__response__, 'client_id'),
386
+ client_secret=pulumi.get(__response__, 'client_secret'),
387
+ environment=pulumi.get(__response__, 'environment'),
388
+ id=pulumi.get(__response__, 'id'),
389
+ lease_duration=pulumi.get(__response__, 'lease_duration'),
390
+ lease_id=pulumi.get(__response__, 'lease_id'),
391
+ lease_renewable=pulumi.get(__response__, 'lease_renewable'),
392
+ lease_start_time=pulumi.get(__response__, 'lease_start_time'),
393
+ max_cred_validation_seconds=pulumi.get(__response__, 'max_cred_validation_seconds'),
394
+ namespace=pulumi.get(__response__, 'namespace'),
395
+ num_seconds_between_tests=pulumi.get(__response__, 'num_seconds_between_tests'),
396
+ num_sequential_successes=pulumi.get(__response__, 'num_sequential_successes'),
397
+ role=pulumi.get(__response__, 'role'),
398
+ subscription_id=pulumi.get(__response__, 'subscription_id'),
399
+ tenant_id=pulumi.get(__response__, 'tenant_id'),
400
+ validate_creds=pulumi.get(__response__, 'validate_creds')))
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = [