pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
pulumi_vault/kv/get_secret.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -49,7 +54,7 @@ class GetSecretResult:
|
|
49
54
|
|
50
55
|
@property
|
51
56
|
@pulumi.getter
|
52
|
-
def data(self) -> Mapping[str,
|
57
|
+
def data(self) -> Mapping[str, str]:
|
53
58
|
"""
|
54
59
|
A mapping whose keys are the top-level data keys returned from
|
55
60
|
Vault and whose values are the corresponding values. This map can only
|
@@ -134,7 +139,6 @@ def get_secret(namespace: Optional[str] = None,
|
|
134
139
|
"""
|
135
140
|
## Example Usage
|
136
141
|
|
137
|
-
<!--Start PulumiCodeChooser -->
|
138
142
|
```python
|
139
143
|
import pulumi
|
140
144
|
import json
|
@@ -155,7 +159,6 @@ def get_secret(namespace: Optional[str] = None,
|
|
155
159
|
}))
|
156
160
|
secret_data = vault.kv.get_secret_output(path=secret.path)
|
157
161
|
```
|
158
|
-
<!--End PulumiCodeChooser -->
|
159
162
|
|
160
163
|
## Required Vault Capabilities
|
161
164
|
|
@@ -164,7 +167,7 @@ def get_secret(namespace: Optional[str] = None,
|
|
164
167
|
|
165
168
|
:param str namespace: The namespace of the target resource.
|
166
169
|
The value should not contain leading or trailing forward slashes.
|
167
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
170
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
168
171
|
*Available only for Vault Enterprise*.
|
169
172
|
:param str path: Full path of the KV-V1 secret.
|
170
173
|
"""
|
@@ -183,16 +186,12 @@ def get_secret(namespace: Optional[str] = None,
|
|
183
186
|
lease_renewable=pulumi.get(__ret__, 'lease_renewable'),
|
184
187
|
namespace=pulumi.get(__ret__, 'namespace'),
|
185
188
|
path=pulumi.get(__ret__, 'path'))
|
186
|
-
|
187
|
-
|
188
|
-
@_utilities.lift_output_func(get_secret)
|
189
189
|
def get_secret_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
190
190
|
path: Optional[pulumi.Input[str]] = None,
|
191
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretResult]:
|
191
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretResult]:
|
192
192
|
"""
|
193
193
|
## Example Usage
|
194
194
|
|
195
|
-
<!--Start PulumiCodeChooser -->
|
196
195
|
```python
|
197
196
|
import pulumi
|
198
197
|
import json
|
@@ -213,7 +212,6 @@ def get_secret_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
|
213
212
|
}))
|
214
213
|
secret_data = vault.kv.get_secret_output(path=secret.path)
|
215
214
|
```
|
216
|
-
<!--End PulumiCodeChooser -->
|
217
215
|
|
218
216
|
## Required Vault Capabilities
|
219
217
|
|
@@ -222,8 +220,21 @@ def get_secret_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
|
222
220
|
|
223
221
|
:param str namespace: The namespace of the target resource.
|
224
222
|
The value should not contain leading or trailing forward slashes.
|
225
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
223
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
226
224
|
*Available only for Vault Enterprise*.
|
227
225
|
:param str path: Full path of the KV-V1 secret.
|
228
226
|
"""
|
229
|
-
|
227
|
+
__args__ = dict()
|
228
|
+
__args__['namespace'] = namespace
|
229
|
+
__args__['path'] = path
|
230
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
231
|
+
__ret__ = pulumi.runtime.invoke_output('vault:kv/getSecret:getSecret', __args__, opts=opts, typ=GetSecretResult)
|
232
|
+
return __ret__.apply(lambda __response__: GetSecretResult(
|
233
|
+
data=pulumi.get(__response__, 'data'),
|
234
|
+
data_json=pulumi.get(__response__, 'data_json'),
|
235
|
+
id=pulumi.get(__response__, 'id'),
|
236
|
+
lease_duration=pulumi.get(__response__, 'lease_duration'),
|
237
|
+
lease_id=pulumi.get(__response__, 'lease_id'),
|
238
|
+
lease_renewable=pulumi.get(__response__, 'lease_renewable'),
|
239
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
240
|
+
path=pulumi.get(__response__, 'path')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -52,7 +57,7 @@ class GetSecretSubkeysV2Result:
|
|
52
57
|
|
53
58
|
@property
|
54
59
|
@pulumi.getter
|
55
|
-
def data(self) -> Mapping[str,
|
60
|
+
def data(self) -> Mapping[str, str]:
|
56
61
|
"""
|
57
62
|
Subkeys for the KV-V2 secret stored as a serialized map of strings.
|
58
63
|
"""
|
@@ -134,7 +139,6 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
|
|
134
139
|
"""
|
135
140
|
## Example Usage
|
136
141
|
|
137
|
-
<!--Start PulumiCodeChooser -->
|
138
142
|
```python
|
139
143
|
import pulumi
|
140
144
|
import json
|
@@ -147,8 +151,9 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
|
|
147
151
|
"version": "2",
|
148
152
|
},
|
149
153
|
description="KV Version 2 secret engine mount")
|
150
|
-
aws_secret = vault.kv.SecretV2("
|
154
|
+
aws_secret = vault.kv.SecretV2("aws_secret",
|
151
155
|
mount=kvv2.path,
|
156
|
+
name="aws_secret",
|
152
157
|
data_json=json.dumps({
|
153
158
|
"zip": "zap",
|
154
159
|
"foo": "bar",
|
@@ -156,7 +161,6 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
|
|
156
161
|
test = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,
|
157
162
|
name=aws_secret.name)
|
158
163
|
```
|
159
|
-
<!--End PulumiCodeChooser -->
|
160
164
|
|
161
165
|
## Required Vault Capabilities
|
162
166
|
|
@@ -174,7 +178,7 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
|
|
174
178
|
the name is `foo/bar/baz`.
|
175
179
|
:param str namespace: The namespace of the target resource.
|
176
180
|
The value should not contain leading or trailing forward slashes.
|
177
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
181
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
178
182
|
*Available only for Vault Enterprise*.
|
179
183
|
:param int version: Specifies the version to return. If not
|
180
184
|
set the latest version is returned.
|
@@ -198,19 +202,15 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
|
|
198
202
|
namespace=pulumi.get(__ret__, 'namespace'),
|
199
203
|
path=pulumi.get(__ret__, 'path'),
|
200
204
|
version=pulumi.get(__ret__, 'version'))
|
201
|
-
|
202
|
-
|
203
|
-
@_utilities.lift_output_func(get_secret_subkeys_v2)
|
204
205
|
def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] = None,
|
205
206
|
mount: Optional[pulumi.Input[str]] = None,
|
206
207
|
name: Optional[pulumi.Input[str]] = None,
|
207
208
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
208
209
|
version: Optional[pulumi.Input[Optional[int]]] = None,
|
209
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretSubkeysV2Result]:
|
210
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretSubkeysV2Result]:
|
210
211
|
"""
|
211
212
|
## Example Usage
|
212
213
|
|
213
|
-
<!--Start PulumiCodeChooser -->
|
214
214
|
```python
|
215
215
|
import pulumi
|
216
216
|
import json
|
@@ -223,8 +223,9 @@ def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] =
|
|
223
223
|
"version": "2",
|
224
224
|
},
|
225
225
|
description="KV Version 2 secret engine mount")
|
226
|
-
aws_secret = vault.kv.SecretV2("
|
226
|
+
aws_secret = vault.kv.SecretV2("aws_secret",
|
227
227
|
mount=kvv2.path,
|
228
|
+
name="aws_secret",
|
228
229
|
data_json=json.dumps({
|
229
230
|
"zip": "zap",
|
230
231
|
"foo": "bar",
|
@@ -232,7 +233,6 @@ def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] =
|
|
232
233
|
test = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,
|
233
234
|
name=aws_secret.name)
|
234
235
|
```
|
235
|
-
<!--End PulumiCodeChooser -->
|
236
236
|
|
237
237
|
## Required Vault Capabilities
|
238
238
|
|
@@ -250,9 +250,26 @@ def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] =
|
|
250
250
|
the name is `foo/bar/baz`.
|
251
251
|
:param str namespace: The namespace of the target resource.
|
252
252
|
The value should not contain leading or trailing forward slashes.
|
253
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
253
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
254
254
|
*Available only for Vault Enterprise*.
|
255
255
|
:param int version: Specifies the version to return. If not
|
256
256
|
set the latest version is returned.
|
257
257
|
"""
|
258
|
-
|
258
|
+
__args__ = dict()
|
259
|
+
__args__['depth'] = depth
|
260
|
+
__args__['mount'] = mount
|
261
|
+
__args__['name'] = name
|
262
|
+
__args__['namespace'] = namespace
|
263
|
+
__args__['version'] = version
|
264
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
265
|
+
__ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretSubkeysV2:getSecretSubkeysV2', __args__, opts=opts, typ=GetSecretSubkeysV2Result)
|
266
|
+
return __ret__.apply(lambda __response__: GetSecretSubkeysV2Result(
|
267
|
+
data=pulumi.get(__response__, 'data'),
|
268
|
+
data_json=pulumi.get(__response__, 'data_json'),
|
269
|
+
depth=pulumi.get(__response__, 'depth'),
|
270
|
+
id=pulumi.get(__response__, 'id'),
|
271
|
+
mount=pulumi.get(__response__, 'mount'),
|
272
|
+
name=pulumi.get(__response__, 'name'),
|
273
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
274
|
+
path=pulumi.get(__response__, 'path'),
|
275
|
+
version=pulumi.get(__response__, 'version')))
|
pulumi_vault/kv/get_secret_v2.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -69,7 +74,7 @@ class GetSecretV2Result:
|
|
69
74
|
|
70
75
|
@property
|
71
76
|
@pulumi.getter(name="customMetadata")
|
72
|
-
def custom_metadata(self) -> Mapping[str,
|
77
|
+
def custom_metadata(self) -> Mapping[str, str]:
|
73
78
|
"""
|
74
79
|
Custom metadata for the secret.
|
75
80
|
"""
|
@@ -77,7 +82,7 @@ class GetSecretV2Result:
|
|
77
82
|
|
78
83
|
@property
|
79
84
|
@pulumi.getter
|
80
|
-
def data(self) -> Mapping[str,
|
85
|
+
def data(self) -> Mapping[str, str]:
|
81
86
|
"""
|
82
87
|
A mapping whose keys are the top-level data keys returned from
|
83
88
|
Vault and whose values are the corresponding values. This map can only
|
@@ -145,6 +150,9 @@ class GetSecretV2Result:
|
|
145
150
|
@property
|
146
151
|
@pulumi.getter
|
147
152
|
def version(self) -> Optional[int]:
|
153
|
+
"""
|
154
|
+
Version of the secret.
|
155
|
+
"""
|
148
156
|
return pulumi.get(self, "version")
|
149
157
|
|
150
158
|
|
@@ -176,6 +184,34 @@ def get_secret_v2(mount: Optional[str] = None,
|
|
176
184
|
"""
|
177
185
|
## Example Usage
|
178
186
|
|
187
|
+
```python
|
188
|
+
import pulumi
|
189
|
+
import json
|
190
|
+
import pulumi_vault as vault
|
191
|
+
|
192
|
+
kvv2 = vault.Mount("kvv2",
|
193
|
+
path="kvv2",
|
194
|
+
type="kv",
|
195
|
+
options={
|
196
|
+
"version": "2",
|
197
|
+
},
|
198
|
+
description="KV Version 2 secret engine mount")
|
199
|
+
example_secret_v2 = vault.kv.SecretV2("example",
|
200
|
+
mount=kvv2.path,
|
201
|
+
name="secret",
|
202
|
+
delete_all_versions=True,
|
203
|
+
data_json=json.dumps({
|
204
|
+
"zip": "zap",
|
205
|
+
"foo": "bar",
|
206
|
+
}))
|
207
|
+
example = vault.kv.get_secret_v2_output(mount=kvv2.path,
|
208
|
+
name=example_secret_v2.name)
|
209
|
+
```
|
210
|
+
|
211
|
+
## Required Vault Capabilities
|
212
|
+
|
213
|
+
Use of this resource requires the `read` capability on the given path.
|
214
|
+
|
179
215
|
|
180
216
|
:param str mount: Path where KV-V2 engine is mounted.
|
181
217
|
:param str name: Full name of the secret. For a nested secret
|
@@ -184,7 +220,7 @@ def get_secret_v2(mount: Optional[str] = None,
|
|
184
220
|
the name is `foo/bar/baz`.
|
185
221
|
:param str namespace: The namespace of the target resource.
|
186
222
|
The value should not contain leading or trailing forward slashes.
|
187
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
223
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
188
224
|
*Available only for Vault Enterprise*.
|
189
225
|
:param int version: Version of the secret to retrieve.
|
190
226
|
"""
|
@@ -209,17 +245,42 @@ def get_secret_v2(mount: Optional[str] = None,
|
|
209
245
|
namespace=pulumi.get(__ret__, 'namespace'),
|
210
246
|
path=pulumi.get(__ret__, 'path'),
|
211
247
|
version=pulumi.get(__ret__, 'version'))
|
212
|
-
|
213
|
-
|
214
|
-
@_utilities.lift_output_func(get_secret_v2)
|
215
248
|
def get_secret_v2_output(mount: Optional[pulumi.Input[str]] = None,
|
216
249
|
name: Optional[pulumi.Input[str]] = None,
|
217
250
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
218
251
|
version: Optional[pulumi.Input[Optional[int]]] = None,
|
219
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretV2Result]:
|
252
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretV2Result]:
|
220
253
|
"""
|
221
254
|
## Example Usage
|
222
255
|
|
256
|
+
```python
|
257
|
+
import pulumi
|
258
|
+
import json
|
259
|
+
import pulumi_vault as vault
|
260
|
+
|
261
|
+
kvv2 = vault.Mount("kvv2",
|
262
|
+
path="kvv2",
|
263
|
+
type="kv",
|
264
|
+
options={
|
265
|
+
"version": "2",
|
266
|
+
},
|
267
|
+
description="KV Version 2 secret engine mount")
|
268
|
+
example_secret_v2 = vault.kv.SecretV2("example",
|
269
|
+
mount=kvv2.path,
|
270
|
+
name="secret",
|
271
|
+
delete_all_versions=True,
|
272
|
+
data_json=json.dumps({
|
273
|
+
"zip": "zap",
|
274
|
+
"foo": "bar",
|
275
|
+
}))
|
276
|
+
example = vault.kv.get_secret_v2_output(mount=kvv2.path,
|
277
|
+
name=example_secret_v2.name)
|
278
|
+
```
|
279
|
+
|
280
|
+
## Required Vault Capabilities
|
281
|
+
|
282
|
+
Use of this resource requires the `read` capability on the given path.
|
283
|
+
|
223
284
|
|
224
285
|
:param str mount: Path where KV-V2 engine is mounted.
|
225
286
|
:param str name: Full name of the secret. For a nested secret
|
@@ -228,8 +289,27 @@ def get_secret_v2_output(mount: Optional[pulumi.Input[str]] = None,
|
|
228
289
|
the name is `foo/bar/baz`.
|
229
290
|
:param str namespace: The namespace of the target resource.
|
230
291
|
The value should not contain leading or trailing forward slashes.
|
231
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
292
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
232
293
|
*Available only for Vault Enterprise*.
|
233
294
|
:param int version: Version of the secret to retrieve.
|
234
295
|
"""
|
235
|
-
|
296
|
+
__args__ = dict()
|
297
|
+
__args__['mount'] = mount
|
298
|
+
__args__['name'] = name
|
299
|
+
__args__['namespace'] = namespace
|
300
|
+
__args__['version'] = version
|
301
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
302
|
+
__ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretV2:getSecretV2', __args__, opts=opts, typ=GetSecretV2Result)
|
303
|
+
return __ret__.apply(lambda __response__: GetSecretV2Result(
|
304
|
+
created_time=pulumi.get(__response__, 'created_time'),
|
305
|
+
custom_metadata=pulumi.get(__response__, 'custom_metadata'),
|
306
|
+
data=pulumi.get(__response__, 'data'),
|
307
|
+
data_json=pulumi.get(__response__, 'data_json'),
|
308
|
+
deletion_time=pulumi.get(__response__, 'deletion_time'),
|
309
|
+
destroyed=pulumi.get(__response__, 'destroyed'),
|
310
|
+
id=pulumi.get(__response__, 'id'),
|
311
|
+
mount=pulumi.get(__response__, 'mount'),
|
312
|
+
name=pulumi.get(__response__, 'name'),
|
313
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
314
|
+
path=pulumi.get(__response__, 'path'),
|
315
|
+
version=pulumi.get(__response__, 'version')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -80,7 +85,6 @@ def get_secrets_list(namespace: Optional[str] = None,
|
|
80
85
|
"""
|
81
86
|
## Example Usage
|
82
87
|
|
83
|
-
<!--Start PulumiCodeChooser -->
|
84
88
|
```python
|
85
89
|
import pulumi
|
86
90
|
import json
|
@@ -93,19 +97,18 @@ def get_secrets_list(namespace: Optional[str] = None,
|
|
93
97
|
"version": "1",
|
94
98
|
},
|
95
99
|
description="KV Version 1 secret engine mount")
|
96
|
-
aws_secret = vault.kv.Secret("
|
100
|
+
aws_secret = vault.kv.Secret("aws_secret",
|
97
101
|
path=kvv1.path.apply(lambda path: f"{path}/aws-secret"),
|
98
102
|
data_json=json.dumps({
|
99
103
|
"zip": "zap",
|
100
104
|
}))
|
101
|
-
azure_secret = vault.kv.Secret("
|
105
|
+
azure_secret = vault.kv.Secret("azure_secret",
|
102
106
|
path=kvv1.path.apply(lambda path: f"{path}/azure-secret"),
|
103
107
|
data_json=json.dumps({
|
104
108
|
"foo": "bar",
|
105
109
|
}))
|
106
110
|
secrets = vault.kv.get_secrets_list_output(path=kvv1.path)
|
107
111
|
```
|
108
|
-
<!--End PulumiCodeChooser -->
|
109
112
|
|
110
113
|
## Required Vault Capabilities
|
111
114
|
|
@@ -114,7 +117,7 @@ def get_secrets_list(namespace: Optional[str] = None,
|
|
114
117
|
|
115
118
|
:param str namespace: The namespace of the target resource.
|
116
119
|
The value should not contain leading or trailing forward slashes.
|
117
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
120
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
118
121
|
*Available only for Vault Enterprise*.
|
119
122
|
:param str path: Full KV-V1 path where secrets will be listed.
|
120
123
|
"""
|
@@ -129,16 +132,12 @@ def get_secrets_list(namespace: Optional[str] = None,
|
|
129
132
|
names=pulumi.get(__ret__, 'names'),
|
130
133
|
namespace=pulumi.get(__ret__, 'namespace'),
|
131
134
|
path=pulumi.get(__ret__, 'path'))
|
132
|
-
|
133
|
-
|
134
|
-
@_utilities.lift_output_func(get_secrets_list)
|
135
135
|
def get_secrets_list_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
136
136
|
path: Optional[pulumi.Input[str]] = None,
|
137
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretsListResult]:
|
137
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretsListResult]:
|
138
138
|
"""
|
139
139
|
## Example Usage
|
140
140
|
|
141
|
-
<!--Start PulumiCodeChooser -->
|
142
141
|
```python
|
143
142
|
import pulumi
|
144
143
|
import json
|
@@ -151,19 +150,18 @@ def get_secrets_list_output(namespace: Optional[pulumi.Input[Optional[str]]] = N
|
|
151
150
|
"version": "1",
|
152
151
|
},
|
153
152
|
description="KV Version 1 secret engine mount")
|
154
|
-
aws_secret = vault.kv.Secret("
|
153
|
+
aws_secret = vault.kv.Secret("aws_secret",
|
155
154
|
path=kvv1.path.apply(lambda path: f"{path}/aws-secret"),
|
156
155
|
data_json=json.dumps({
|
157
156
|
"zip": "zap",
|
158
157
|
}))
|
159
|
-
azure_secret = vault.kv.Secret("
|
158
|
+
azure_secret = vault.kv.Secret("azure_secret",
|
160
159
|
path=kvv1.path.apply(lambda path: f"{path}/azure-secret"),
|
161
160
|
data_json=json.dumps({
|
162
161
|
"foo": "bar",
|
163
162
|
}))
|
164
163
|
secrets = vault.kv.get_secrets_list_output(path=kvv1.path)
|
165
164
|
```
|
166
|
-
<!--End PulumiCodeChooser -->
|
167
165
|
|
168
166
|
## Required Vault Capabilities
|
169
167
|
|
@@ -172,8 +170,17 @@ def get_secrets_list_output(namespace: Optional[pulumi.Input[Optional[str]]] = N
|
|
172
170
|
|
173
171
|
:param str namespace: The namespace of the target resource.
|
174
172
|
The value should not contain leading or trailing forward slashes.
|
175
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
173
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
176
174
|
*Available only for Vault Enterprise*.
|
177
175
|
:param str path: Full KV-V1 path where secrets will be listed.
|
178
176
|
"""
|
179
|
-
|
177
|
+
__args__ = dict()
|
178
|
+
__args__['namespace'] = namespace
|
179
|
+
__args__['path'] = path
|
180
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
181
|
+
__ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretsList:getSecretsList', __args__, opts=opts, typ=GetSecretsListResult)
|
182
|
+
return __ret__.apply(lambda __response__: GetSecretsListResult(
|
183
|
+
id=pulumi.get(__response__, 'id'),
|
184
|
+
names=pulumi.get(__response__, 'names'),
|
185
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
186
|
+
path=pulumi.get(__response__, 'path')))
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -102,7 +107,6 @@ def get_secrets_list_v2(mount: Optional[str] = None,
|
|
102
107
|
"""
|
103
108
|
## Example Usage
|
104
109
|
|
105
|
-
<!--Start PulumiCodeChooser -->
|
106
110
|
```python
|
107
111
|
import pulumi
|
108
112
|
import json
|
@@ -115,26 +119,28 @@ def get_secrets_list_v2(mount: Optional[str] = None,
|
|
115
119
|
"version": "2",
|
116
120
|
},
|
117
121
|
description="KV Version 2 secret engine mount")
|
118
|
-
aws_secret = vault.kv.SecretV2("
|
122
|
+
aws_secret = vault.kv.SecretV2("aws_secret",
|
119
123
|
mount=kvv2.path,
|
124
|
+
name="aws_secret",
|
120
125
|
data_json=json.dumps({
|
121
126
|
"zip": "zap",
|
122
127
|
}))
|
123
|
-
azure_secret = vault.kv.SecretV2("
|
128
|
+
azure_secret = vault.kv.SecretV2("azure_secret",
|
124
129
|
mount=kvv2.path,
|
130
|
+
name="azure_secret",
|
125
131
|
data_json=json.dumps({
|
126
132
|
"foo": "bar",
|
127
133
|
}))
|
128
|
-
nested_secret = vault.kv.SecretV2("
|
134
|
+
nested_secret = vault.kv.SecretV2("nested_secret",
|
129
135
|
mount=kvv2.path,
|
136
|
+
name=azure_secret.name.apply(lambda name: f"{name}/dev"),
|
130
137
|
data_json=json.dumps({
|
131
138
|
"password": "test",
|
132
139
|
}))
|
133
140
|
secrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)
|
134
141
|
nested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,
|
135
|
-
name=
|
142
|
+
name=test2["name"]))
|
136
143
|
```
|
137
|
-
<!--End PulumiCodeChooser -->
|
138
144
|
|
139
145
|
## Required Vault Capabilities
|
140
146
|
|
@@ -148,7 +154,7 @@ def get_secrets_list_v2(mount: Optional[str] = None,
|
|
148
154
|
the name is `foo/bar/baz`.
|
149
155
|
:param str namespace: The namespace of the target resource.
|
150
156
|
The value should not contain leading or trailing forward slashes.
|
151
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
157
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
152
158
|
*Available only for Vault Enterprise*.
|
153
159
|
"""
|
154
160
|
__args__ = dict()
|
@@ -165,17 +171,13 @@ def get_secrets_list_v2(mount: Optional[str] = None,
|
|
165
171
|
names=pulumi.get(__ret__, 'names'),
|
166
172
|
namespace=pulumi.get(__ret__, 'namespace'),
|
167
173
|
path=pulumi.get(__ret__, 'path'))
|
168
|
-
|
169
|
-
|
170
|
-
@_utilities.lift_output_func(get_secrets_list_v2)
|
171
174
|
def get_secrets_list_v2_output(mount: Optional[pulumi.Input[str]] = None,
|
172
175
|
name: Optional[pulumi.Input[Optional[str]]] = None,
|
173
176
|
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
174
|
-
opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSecretsListV2Result]:
|
177
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretsListV2Result]:
|
175
178
|
"""
|
176
179
|
## Example Usage
|
177
180
|
|
178
|
-
<!--Start PulumiCodeChooser -->
|
179
181
|
```python
|
180
182
|
import pulumi
|
181
183
|
import json
|
@@ -188,26 +190,28 @@ def get_secrets_list_v2_output(mount: Optional[pulumi.Input[str]] = None,
|
|
188
190
|
"version": "2",
|
189
191
|
},
|
190
192
|
description="KV Version 2 secret engine mount")
|
191
|
-
aws_secret = vault.kv.SecretV2("
|
193
|
+
aws_secret = vault.kv.SecretV2("aws_secret",
|
192
194
|
mount=kvv2.path,
|
195
|
+
name="aws_secret",
|
193
196
|
data_json=json.dumps({
|
194
197
|
"zip": "zap",
|
195
198
|
}))
|
196
|
-
azure_secret = vault.kv.SecretV2("
|
199
|
+
azure_secret = vault.kv.SecretV2("azure_secret",
|
197
200
|
mount=kvv2.path,
|
201
|
+
name="azure_secret",
|
198
202
|
data_json=json.dumps({
|
199
203
|
"foo": "bar",
|
200
204
|
}))
|
201
|
-
nested_secret = vault.kv.SecretV2("
|
205
|
+
nested_secret = vault.kv.SecretV2("nested_secret",
|
202
206
|
mount=kvv2.path,
|
207
|
+
name=azure_secret.name.apply(lambda name: f"{name}/dev"),
|
203
208
|
data_json=json.dumps({
|
204
209
|
"password": "test",
|
205
210
|
}))
|
206
211
|
secrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)
|
207
212
|
nested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,
|
208
|
-
name=
|
213
|
+
name=test2["name"]))
|
209
214
|
```
|
210
|
-
<!--End PulumiCodeChooser -->
|
211
215
|
|
212
216
|
## Required Vault Capabilities
|
213
217
|
|
@@ -221,7 +225,19 @@ def get_secrets_list_v2_output(mount: Optional[pulumi.Input[str]] = None,
|
|
221
225
|
the name is `foo/bar/baz`.
|
222
226
|
:param str namespace: The namespace of the target resource.
|
223
227
|
The value should not contain leading or trailing forward slashes.
|
224
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
228
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
225
229
|
*Available only for Vault Enterprise*.
|
226
230
|
"""
|
227
|
-
|
231
|
+
__args__ = dict()
|
232
|
+
__args__['mount'] = mount
|
233
|
+
__args__['name'] = name
|
234
|
+
__args__['namespace'] = namespace
|
235
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
236
|
+
__ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretsListV2:getSecretsListV2', __args__, opts=opts, typ=GetSecretsListV2Result)
|
237
|
+
return __ret__.apply(lambda __response__: GetSecretsListV2Result(
|
238
|
+
id=pulumi.get(__response__, 'id'),
|
239
|
+
mount=pulumi.get(__response__, 'mount'),
|
240
|
+
name=pulumi.get(__response__, 'name'),
|
241
|
+
names=pulumi.get(__response__, 'names'),
|
242
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
243
|
+
path=pulumi.get(__response__, 'path')))
|
pulumi_vault/kv/outputs.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -38,12 +43,12 @@ class SecretV2CustomMetadata(dict):
|
|
38
43
|
|
39
44
|
def __init__(__self__, *,
|
40
45
|
cas_required: Optional[bool] = None,
|
41
|
-
data: Optional[Mapping[str,
|
46
|
+
data: Optional[Mapping[str, str]] = None,
|
42
47
|
delete_version_after: Optional[int] = None,
|
43
48
|
max_versions: Optional[int] = None):
|
44
49
|
"""
|
45
50
|
:param bool cas_required: If true, all keys will require the cas parameter to be set on all write requests.
|
46
|
-
:param Mapping[str,
|
51
|
+
:param Mapping[str, str] data: A mapping whose keys are the top-level data keys returned from
|
47
52
|
Vault and whose values are the corresponding values. This map can only
|
48
53
|
represent string data, so any non-string values returned from Vault are
|
49
54
|
serialized as JSON.
|
@@ -69,7 +74,7 @@ class SecretV2CustomMetadata(dict):
|
|
69
74
|
|
70
75
|
@property
|
71
76
|
@pulumi.getter
|
72
|
-
def data(self) -> Optional[Mapping[str,
|
77
|
+
def data(self) -> Optional[Mapping[str, str]]:
|
73
78
|
"""
|
74
79
|
A mapping whose keys are the top-level data keys returned from
|
75
80
|
Vault and whose values are the corresponding values. This map can only
|