pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
pulumi_vault/kv/secret.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretArgs', 'Secret']
|
@@ -24,7 +29,7 @@ class SecretArgs:
|
|
24
29
|
:param pulumi.Input[str] path: Full path of the KV-V1 secret.
|
25
30
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
26
31
|
The value should not contain leading or trailing forward slashes.
|
27
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
32
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
28
33
|
*Available only for Vault Enterprise*.
|
29
34
|
"""
|
30
35
|
pulumi.set(__self__, "data_json", data_json)
|
@@ -63,7 +68,7 @@ class SecretArgs:
|
|
63
68
|
"""
|
64
69
|
The namespace to provision the resource in.
|
65
70
|
The value should not contain leading or trailing forward slashes.
|
66
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
71
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
67
72
|
*Available only for Vault Enterprise*.
|
68
73
|
"""
|
69
74
|
return pulumi.get(self, "namespace")
|
@@ -76,13 +81,13 @@ class SecretArgs:
|
|
76
81
|
@pulumi.input_type
|
77
82
|
class _SecretState:
|
78
83
|
def __init__(__self__, *,
|
79
|
-
data: Optional[pulumi.Input[Mapping[str,
|
84
|
+
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
80
85
|
data_json: Optional[pulumi.Input[str]] = None,
|
81
86
|
namespace: Optional[pulumi.Input[str]] = None,
|
82
87
|
path: Optional[pulumi.Input[str]] = None):
|
83
88
|
"""
|
84
89
|
Input properties used for looking up and filtering Secret resources.
|
85
|
-
:param pulumi.Input[Mapping[str,
|
90
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
|
86
91
|
Vault and whose values are the corresponding values. This map can only
|
87
92
|
represent string data, so any non-string values returned from Vault are
|
88
93
|
serialized as JSON.
|
@@ -90,7 +95,7 @@ class _SecretState:
|
|
90
95
|
written as the secret data at the given path.
|
91
96
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
92
97
|
The value should not contain leading or trailing forward slashes.
|
93
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
98
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
94
99
|
*Available only for Vault Enterprise*.
|
95
100
|
:param pulumi.Input[str] path: Full path of the KV-V1 secret.
|
96
101
|
"""
|
@@ -105,7 +110,7 @@ class _SecretState:
|
|
105
110
|
|
106
111
|
@property
|
107
112
|
@pulumi.getter
|
108
|
-
def data(self) -> Optional[pulumi.Input[Mapping[str,
|
113
|
+
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
109
114
|
"""
|
110
115
|
A mapping whose keys are the top-level data keys returned from
|
111
116
|
Vault and whose values are the corresponding values. This map can only
|
@@ -115,7 +120,7 @@ class _SecretState:
|
|
115
120
|
return pulumi.get(self, "data")
|
116
121
|
|
117
122
|
@data.setter
|
118
|
-
def data(self, value: Optional[pulumi.Input[Mapping[str,
|
123
|
+
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
119
124
|
pulumi.set(self, "data", value)
|
120
125
|
|
121
126
|
@property
|
@@ -137,7 +142,7 @@ class _SecretState:
|
|
137
142
|
"""
|
138
143
|
The namespace to provision the resource in.
|
139
144
|
The value should not contain leading or trailing forward slashes.
|
140
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
145
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
141
146
|
*Available only for Vault Enterprise*.
|
142
147
|
"""
|
143
148
|
return pulumi.get(self, "namespace")
|
@@ -176,7 +181,6 @@ class Secret(pulumi.CustomResource):
|
|
176
181
|
|
177
182
|
## Example Usage
|
178
183
|
|
179
|
-
<!--Start PulumiCodeChooser -->
|
180
184
|
```python
|
181
185
|
import pulumi
|
182
186
|
import json
|
@@ -196,7 +200,6 @@ class Secret(pulumi.CustomResource):
|
|
196
200
|
"foo": "bar",
|
197
201
|
}))
|
198
202
|
```
|
199
|
-
<!--End PulumiCodeChooser -->
|
200
203
|
|
201
204
|
## Required Vault Capabilities
|
202
205
|
|
@@ -219,7 +222,7 @@ class Secret(pulumi.CustomResource):
|
|
219
222
|
written as the secret data at the given path.
|
220
223
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
221
224
|
The value should not contain leading or trailing forward slashes.
|
222
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
225
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
223
226
|
*Available only for Vault Enterprise*.
|
224
227
|
:param pulumi.Input[str] path: Full path of the KV-V1 secret.
|
225
228
|
"""
|
@@ -237,7 +240,6 @@ class Secret(pulumi.CustomResource):
|
|
237
240
|
|
238
241
|
## Example Usage
|
239
242
|
|
240
|
-
<!--Start PulumiCodeChooser -->
|
241
243
|
```python
|
242
244
|
import pulumi
|
243
245
|
import json
|
@@ -257,7 +259,6 @@ class Secret(pulumi.CustomResource):
|
|
257
259
|
"foo": "bar",
|
258
260
|
}))
|
259
261
|
```
|
260
|
-
<!--End PulumiCodeChooser -->
|
261
262
|
|
262
263
|
## Required Vault Capabilities
|
263
264
|
|
@@ -321,7 +322,7 @@ class Secret(pulumi.CustomResource):
|
|
321
322
|
def get(resource_name: str,
|
322
323
|
id: pulumi.Input[str],
|
323
324
|
opts: Optional[pulumi.ResourceOptions] = None,
|
324
|
-
data: Optional[pulumi.Input[Mapping[str,
|
325
|
+
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
325
326
|
data_json: Optional[pulumi.Input[str]] = None,
|
326
327
|
namespace: Optional[pulumi.Input[str]] = None,
|
327
328
|
path: Optional[pulumi.Input[str]] = None) -> 'Secret':
|
@@ -332,7 +333,7 @@ class Secret(pulumi.CustomResource):
|
|
332
333
|
:param str resource_name: The unique name of the resulting resource.
|
333
334
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
334
335
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
335
|
-
:param pulumi.Input[Mapping[str,
|
336
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
|
336
337
|
Vault and whose values are the corresponding values. This map can only
|
337
338
|
represent string data, so any non-string values returned from Vault are
|
338
339
|
serialized as JSON.
|
@@ -340,7 +341,7 @@ class Secret(pulumi.CustomResource):
|
|
340
341
|
written as the secret data at the given path.
|
341
342
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
342
343
|
The value should not contain leading or trailing forward slashes.
|
343
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
344
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
344
345
|
*Available only for Vault Enterprise*.
|
345
346
|
:param pulumi.Input[str] path: Full path of the KV-V1 secret.
|
346
347
|
"""
|
@@ -356,7 +357,7 @@ class Secret(pulumi.CustomResource):
|
|
356
357
|
|
357
358
|
@property
|
358
359
|
@pulumi.getter
|
359
|
-
def data(self) -> pulumi.Output[Mapping[str,
|
360
|
+
def data(self) -> pulumi.Output[Mapping[str, str]]:
|
360
361
|
"""
|
361
362
|
A mapping whose keys are the top-level data keys returned from
|
362
363
|
Vault and whose values are the corresponding values. This map can only
|
@@ -380,7 +381,7 @@ class Secret(pulumi.CustomResource):
|
|
380
381
|
"""
|
381
382
|
The namespace to provision the resource in.
|
382
383
|
The value should not contain leading or trailing forward slashes.
|
383
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
384
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
384
385
|
*Available only for Vault Enterprise*.
|
385
386
|
"""
|
386
387
|
return pulumi.get(self, "namespace")
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendV2Args', 'SecretBackendV2']
|
@@ -29,7 +34,7 @@ class SecretBackendV2Args:
|
|
29
34
|
:param pulumi.Input[int] max_versions: The number of versions to keep per key.
|
30
35
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
31
36
|
The value should not contain leading or trailing forward slashes.
|
32
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
37
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
33
38
|
*Available only for Vault Enterprise*.
|
34
39
|
"""
|
35
40
|
pulumi.set(__self__, "mount", mount)
|
@@ -98,7 +103,7 @@ class SecretBackendV2Args:
|
|
98
103
|
"""
|
99
104
|
The namespace to provision the resource in.
|
100
105
|
The value should not contain leading or trailing forward slashes.
|
101
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
106
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
102
107
|
*Available only for Vault Enterprise*.
|
103
108
|
"""
|
104
109
|
return pulumi.get(self, "namespace")
|
@@ -126,7 +131,7 @@ class _SecretBackendV2State:
|
|
126
131
|
:param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
|
127
132
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
128
133
|
The value should not contain leading or trailing forward slashes.
|
129
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
134
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
130
135
|
*Available only for Vault Enterprise*.
|
131
136
|
"""
|
132
137
|
if cas_required is not None:
|
@@ -196,7 +201,7 @@ class _SecretBackendV2State:
|
|
196
201
|
"""
|
197
202
|
The namespace to provision the resource in.
|
198
203
|
The value should not contain leading or trailing forward slashes.
|
199
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
204
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
200
205
|
*Available only for Vault Enterprise*.
|
201
206
|
"""
|
202
207
|
return pulumi.get(self, "namespace")
|
@@ -226,7 +231,6 @@ class SecretBackendV2(pulumi.CustomResource):
|
|
226
231
|
|
227
232
|
## Example Usage
|
228
233
|
|
229
|
-
<!--Start PulumiCodeChooser -->
|
230
234
|
```python
|
231
235
|
import pulumi
|
232
236
|
import pulumi_vault as vault
|
@@ -244,7 +248,6 @@ class SecretBackendV2(pulumi.CustomResource):
|
|
244
248
|
delete_version_after=12600,
|
245
249
|
cas_required=True)
|
246
250
|
```
|
247
|
-
<!--End PulumiCodeChooser -->
|
248
251
|
|
249
252
|
## Required Vault Capabilities
|
250
253
|
|
@@ -272,7 +275,7 @@ class SecretBackendV2(pulumi.CustomResource):
|
|
272
275
|
:param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
|
273
276
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
274
277
|
The value should not contain leading or trailing forward slashes.
|
275
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
278
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
276
279
|
*Available only for Vault Enterprise*.
|
277
280
|
"""
|
278
281
|
...
|
@@ -290,7 +293,6 @@ class SecretBackendV2(pulumi.CustomResource):
|
|
290
293
|
|
291
294
|
## Example Usage
|
292
295
|
|
293
|
-
<!--Start PulumiCodeChooser -->
|
294
296
|
```python
|
295
297
|
import pulumi
|
296
298
|
import pulumi_vault as vault
|
@@ -308,7 +310,6 @@ class SecretBackendV2(pulumi.CustomResource):
|
|
308
310
|
delete_version_after=12600,
|
309
311
|
cas_required=True)
|
310
312
|
```
|
311
|
-
<!--End PulumiCodeChooser -->
|
312
313
|
|
313
314
|
## Required Vault Capabilities
|
314
315
|
|
@@ -392,7 +393,7 @@ class SecretBackendV2(pulumi.CustomResource):
|
|
392
393
|
:param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
|
393
394
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
394
395
|
The value should not contain leading or trailing forward slashes.
|
395
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
396
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
396
397
|
*Available only for Vault Enterprise*.
|
397
398
|
"""
|
398
399
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
@@ -446,7 +447,7 @@ class SecretBackendV2(pulumi.CustomResource):
|
|
446
447
|
"""
|
447
448
|
The namespace to provision the resource in.
|
448
449
|
The value should not contain leading or trailing forward slashes.
|
449
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
450
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
450
451
|
*Available only for Vault Enterprise*.
|
451
452
|
"""
|
452
453
|
return pulumi.get(self, "namespace")
|
pulumi_vault/kv/secret_v2.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
from . import outputs
|
12
17
|
from ._inputs import *
|
@@ -24,7 +29,7 @@ class SecretV2Args:
|
|
24
29
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
25
30
|
name: Optional[pulumi.Input[str]] = None,
|
26
31
|
namespace: Optional[pulumi.Input[str]] = None,
|
27
|
-
options: Optional[pulumi.Input[Mapping[str,
|
32
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None):
|
28
33
|
"""
|
29
34
|
The set of arguments for constructing a SecretV2 resource.
|
30
35
|
:param pulumi.Input[str] data_json: JSON-encoded string that will be
|
@@ -47,9 +52,9 @@ class SecretV2Args:
|
|
47
52
|
the name is `foo/bar/baz`.
|
48
53
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
49
54
|
The value should not contain leading or trailing forward slashes.
|
50
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
55
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
51
56
|
*Available only for Vault Enterprise*.
|
52
|
-
:param pulumi.Input[Mapping[str,
|
57
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
53
58
|
"""
|
54
59
|
pulumi.set(__self__, "data_json", data_json)
|
55
60
|
pulumi.set(__self__, "mount", mount)
|
@@ -169,7 +174,7 @@ class SecretV2Args:
|
|
169
174
|
"""
|
170
175
|
The namespace to provision the resource in.
|
171
176
|
The value should not contain leading or trailing forward slashes.
|
172
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
177
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
173
178
|
*Available only for Vault Enterprise*.
|
174
179
|
"""
|
175
180
|
return pulumi.get(self, "namespace")
|
@@ -180,14 +185,14 @@ class SecretV2Args:
|
|
180
185
|
|
181
186
|
@property
|
182
187
|
@pulumi.getter
|
183
|
-
def options(self) -> Optional[pulumi.Input[Mapping[str,
|
188
|
+
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
184
189
|
"""
|
185
190
|
An object that holds option settings.
|
186
191
|
"""
|
187
192
|
return pulumi.get(self, "options")
|
188
193
|
|
189
194
|
@options.setter
|
190
|
-
def options(self, value: Optional[pulumi.Input[Mapping[str,
|
195
|
+
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
191
196
|
pulumi.set(self, "options", value)
|
192
197
|
|
193
198
|
|
@@ -196,15 +201,15 @@ class _SecretV2State:
|
|
196
201
|
def __init__(__self__, *,
|
197
202
|
cas: Optional[pulumi.Input[int]] = None,
|
198
203
|
custom_metadata: Optional[pulumi.Input['SecretV2CustomMetadataArgs']] = None,
|
199
|
-
data: Optional[pulumi.Input[Mapping[str,
|
204
|
+
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
200
205
|
data_json: Optional[pulumi.Input[str]] = None,
|
201
206
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
202
207
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
203
|
-
metadata: Optional[pulumi.Input[Mapping[str,
|
208
|
+
metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
204
209
|
mount: Optional[pulumi.Input[str]] = None,
|
205
210
|
name: Optional[pulumi.Input[str]] = None,
|
206
211
|
namespace: Optional[pulumi.Input[str]] = None,
|
207
|
-
options: Optional[pulumi.Input[Mapping[str,
|
212
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
208
213
|
path: Optional[pulumi.Input[str]] = None):
|
209
214
|
"""
|
210
215
|
Input properties used for looking up and filtering SecretV2 resources.
|
@@ -215,7 +220,7 @@ class _SecretV2State:
|
|
215
220
|
:param pulumi.Input['SecretV2CustomMetadataArgs'] custom_metadata: A nested block that allows configuring metadata for the
|
216
221
|
KV secret. Refer to the
|
217
222
|
Configuration Options for more info.
|
218
|
-
:param pulumi.Input[Mapping[str,
|
223
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
|
219
224
|
Vault and whose values are the corresponding values. This map can only
|
220
225
|
represent string data, so any non-string values returned from Vault are
|
221
226
|
serialized as JSON.
|
@@ -225,7 +230,7 @@ class _SecretV2State:
|
|
225
230
|
versions for the specified key.
|
226
231
|
:param pulumi.Input[bool] disable_read: If set to true, disables reading secret from Vault;
|
227
232
|
note: drift won't be detected.
|
228
|
-
:param pulumi.Input[Mapping[str,
|
233
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] metadata: Metadata associated with this secret read from Vault.
|
229
234
|
:param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
|
230
235
|
:param pulumi.Input[str] name: Full name of the secret. For a nested secret
|
231
236
|
the name is the nested path excluding the mount and data
|
@@ -233,9 +238,9 @@ class _SecretV2State:
|
|
233
238
|
the name is `foo/bar/baz`.
|
234
239
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
235
240
|
The value should not contain leading or trailing forward slashes.
|
236
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
241
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
237
242
|
*Available only for Vault Enterprise*.
|
238
|
-
:param pulumi.Input[Mapping[str,
|
243
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
239
244
|
:param pulumi.Input[str] path: Full path where the KV-V2 secret will be written.
|
240
245
|
"""
|
241
246
|
if cas is not None:
|
@@ -294,7 +299,7 @@ class _SecretV2State:
|
|
294
299
|
|
295
300
|
@property
|
296
301
|
@pulumi.getter
|
297
|
-
def data(self) -> Optional[pulumi.Input[Mapping[str,
|
302
|
+
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
298
303
|
"""
|
299
304
|
A mapping whose keys are the top-level data keys returned from
|
300
305
|
Vault and whose values are the corresponding values. This map can only
|
@@ -304,7 +309,7 @@ class _SecretV2State:
|
|
304
309
|
return pulumi.get(self, "data")
|
305
310
|
|
306
311
|
@data.setter
|
307
|
-
def data(self, value: Optional[pulumi.Input[Mapping[str,
|
312
|
+
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
308
313
|
pulumi.set(self, "data", value)
|
309
314
|
|
310
315
|
@property
|
@@ -348,14 +353,14 @@ class _SecretV2State:
|
|
348
353
|
|
349
354
|
@property
|
350
355
|
@pulumi.getter
|
351
|
-
def metadata(self) -> Optional[pulumi.Input[Mapping[str,
|
356
|
+
def metadata(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
352
357
|
"""
|
353
358
|
Metadata associated with this secret read from Vault.
|
354
359
|
"""
|
355
360
|
return pulumi.get(self, "metadata")
|
356
361
|
|
357
362
|
@metadata.setter
|
358
|
-
def metadata(self, value: Optional[pulumi.Input[Mapping[str,
|
363
|
+
def metadata(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
359
364
|
pulumi.set(self, "metadata", value)
|
360
365
|
|
361
366
|
@property
|
@@ -391,7 +396,7 @@ class _SecretV2State:
|
|
391
396
|
"""
|
392
397
|
The namespace to provision the resource in.
|
393
398
|
The value should not contain leading or trailing forward slashes.
|
394
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
399
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
395
400
|
*Available only for Vault Enterprise*.
|
396
401
|
"""
|
397
402
|
return pulumi.get(self, "namespace")
|
@@ -402,14 +407,14 @@ class _SecretV2State:
|
|
402
407
|
|
403
408
|
@property
|
404
409
|
@pulumi.getter
|
405
|
-
def options(self) -> Optional[pulumi.Input[Mapping[str,
|
410
|
+
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
406
411
|
"""
|
407
412
|
An object that holds option settings.
|
408
413
|
"""
|
409
414
|
return pulumi.get(self, "options")
|
410
415
|
|
411
416
|
@options.setter
|
412
|
-
def options(self, value: Optional[pulumi.Input[Mapping[str,
|
417
|
+
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
413
418
|
pulumi.set(self, "options", value)
|
414
419
|
|
415
420
|
@property
|
@@ -431,14 +436,14 @@ class SecretV2(pulumi.CustomResource):
|
|
431
436
|
resource_name: str,
|
432
437
|
opts: Optional[pulumi.ResourceOptions] = None,
|
433
438
|
cas: Optional[pulumi.Input[int]] = None,
|
434
|
-
custom_metadata: Optional[pulumi.Input[
|
439
|
+
custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
|
435
440
|
data_json: Optional[pulumi.Input[str]] = None,
|
436
441
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
437
442
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
438
443
|
mount: Optional[pulumi.Input[str]] = None,
|
439
444
|
name: Optional[pulumi.Input[str]] = None,
|
440
445
|
namespace: Optional[pulumi.Input[str]] = None,
|
441
|
-
options: Optional[pulumi.Input[Mapping[str,
|
446
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
442
447
|
__props__=None):
|
443
448
|
"""
|
444
449
|
Writes a KV-V2 secret to a given path in Vault.
|
@@ -448,7 +453,6 @@ class SecretV2(pulumi.CustomResource):
|
|
448
453
|
|
449
454
|
## Example Usage
|
450
455
|
|
451
|
-
<!--Start PulumiCodeChooser -->
|
452
456
|
```python
|
453
457
|
import pulumi
|
454
458
|
import json
|
@@ -463,21 +467,21 @@ class SecretV2(pulumi.CustomResource):
|
|
463
467
|
description="KV Version 2 secret engine mount")
|
464
468
|
example = vault.kv.SecretV2("example",
|
465
469
|
mount=kvv2.path,
|
470
|
+
name="secret",
|
466
471
|
cas=1,
|
467
472
|
delete_all_versions=True,
|
468
473
|
data_json=json.dumps({
|
469
474
|
"zip": "zap",
|
470
475
|
"foo": "bar",
|
471
476
|
}),
|
472
|
-
custom_metadata=
|
473
|
-
max_versions
|
474
|
-
data
|
477
|
+
custom_metadata={
|
478
|
+
"max_versions": 5,
|
479
|
+
"data": {
|
475
480
|
"foo": "vault@example.com",
|
476
481
|
"bar": "12345",
|
477
482
|
},
|
478
|
-
)
|
483
|
+
})
|
479
484
|
```
|
480
|
-
<!--End PulumiCodeChooser -->
|
481
485
|
|
482
486
|
## Required Vault Capabilities
|
483
487
|
|
@@ -512,7 +516,7 @@ class SecretV2(pulumi.CustomResource):
|
|
512
516
|
on either the secret or the engine's config. In order for a
|
513
517
|
write operation to be successful, cas must be set to the current version
|
514
518
|
of the secret.
|
515
|
-
:param pulumi.Input[
|
519
|
+
:param pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']] custom_metadata: A nested block that allows configuring metadata for the
|
516
520
|
KV secret. Refer to the
|
517
521
|
Configuration Options for more info.
|
518
522
|
:param pulumi.Input[str] data_json: JSON-encoded string that will be
|
@@ -528,9 +532,9 @@ class SecretV2(pulumi.CustomResource):
|
|
528
532
|
the name is `foo/bar/baz`.
|
529
533
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
530
534
|
The value should not contain leading or trailing forward slashes.
|
531
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
535
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
532
536
|
*Available only for Vault Enterprise*.
|
533
|
-
:param pulumi.Input[Mapping[str,
|
537
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
534
538
|
"""
|
535
539
|
...
|
536
540
|
@overload
|
@@ -546,7 +550,6 @@ class SecretV2(pulumi.CustomResource):
|
|
546
550
|
|
547
551
|
## Example Usage
|
548
552
|
|
549
|
-
<!--Start PulumiCodeChooser -->
|
550
553
|
```python
|
551
554
|
import pulumi
|
552
555
|
import json
|
@@ -561,21 +564,21 @@ class SecretV2(pulumi.CustomResource):
|
|
561
564
|
description="KV Version 2 secret engine mount")
|
562
565
|
example = vault.kv.SecretV2("example",
|
563
566
|
mount=kvv2.path,
|
567
|
+
name="secret",
|
564
568
|
cas=1,
|
565
569
|
delete_all_versions=True,
|
566
570
|
data_json=json.dumps({
|
567
571
|
"zip": "zap",
|
568
572
|
"foo": "bar",
|
569
573
|
}),
|
570
|
-
custom_metadata=
|
571
|
-
max_versions
|
572
|
-
data
|
574
|
+
custom_metadata={
|
575
|
+
"max_versions": 5,
|
576
|
+
"data": {
|
573
577
|
"foo": "vault@example.com",
|
574
578
|
"bar": "12345",
|
575
579
|
},
|
576
|
-
)
|
580
|
+
})
|
577
581
|
```
|
578
|
-
<!--End PulumiCodeChooser -->
|
579
582
|
|
580
583
|
## Required Vault Capabilities
|
581
584
|
|
@@ -620,14 +623,14 @@ class SecretV2(pulumi.CustomResource):
|
|
620
623
|
resource_name: str,
|
621
624
|
opts: Optional[pulumi.ResourceOptions] = None,
|
622
625
|
cas: Optional[pulumi.Input[int]] = None,
|
623
|
-
custom_metadata: Optional[pulumi.Input[
|
626
|
+
custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
|
624
627
|
data_json: Optional[pulumi.Input[str]] = None,
|
625
628
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
626
629
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
627
630
|
mount: Optional[pulumi.Input[str]] = None,
|
628
631
|
name: Optional[pulumi.Input[str]] = None,
|
629
632
|
namespace: Optional[pulumi.Input[str]] = None,
|
630
|
-
options: Optional[pulumi.Input[Mapping[str,
|
633
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
631
634
|
__props__=None):
|
632
635
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
633
636
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -666,16 +669,16 @@ class SecretV2(pulumi.CustomResource):
|
|
666
669
|
id: pulumi.Input[str],
|
667
670
|
opts: Optional[pulumi.ResourceOptions] = None,
|
668
671
|
cas: Optional[pulumi.Input[int]] = None,
|
669
|
-
custom_metadata: Optional[pulumi.Input[
|
670
|
-
data: Optional[pulumi.Input[Mapping[str,
|
672
|
+
custom_metadata: Optional[pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']]] = None,
|
673
|
+
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
671
674
|
data_json: Optional[pulumi.Input[str]] = None,
|
672
675
|
delete_all_versions: Optional[pulumi.Input[bool]] = None,
|
673
676
|
disable_read: Optional[pulumi.Input[bool]] = None,
|
674
|
-
metadata: Optional[pulumi.Input[Mapping[str,
|
677
|
+
metadata: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
675
678
|
mount: Optional[pulumi.Input[str]] = None,
|
676
679
|
name: Optional[pulumi.Input[str]] = None,
|
677
680
|
namespace: Optional[pulumi.Input[str]] = None,
|
678
|
-
options: Optional[pulumi.Input[Mapping[str,
|
681
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
679
682
|
path: Optional[pulumi.Input[str]] = None) -> 'SecretV2':
|
680
683
|
"""
|
681
684
|
Get an existing SecretV2 resource's state with the given name, id, and optional extra
|
@@ -688,10 +691,10 @@ class SecretV2(pulumi.CustomResource):
|
|
688
691
|
on either the secret or the engine's config. In order for a
|
689
692
|
write operation to be successful, cas must be set to the current version
|
690
693
|
of the secret.
|
691
|
-
:param pulumi.Input[
|
694
|
+
:param pulumi.Input[Union['SecretV2CustomMetadataArgs', 'SecretV2CustomMetadataArgsDict']] custom_metadata: A nested block that allows configuring metadata for the
|
692
695
|
KV secret. Refer to the
|
693
696
|
Configuration Options for more info.
|
694
|
-
:param pulumi.Input[Mapping[str,
|
697
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A mapping whose keys are the top-level data keys returned from
|
695
698
|
Vault and whose values are the corresponding values. This map can only
|
696
699
|
represent string data, so any non-string values returned from Vault are
|
697
700
|
serialized as JSON.
|
@@ -701,7 +704,7 @@ class SecretV2(pulumi.CustomResource):
|
|
701
704
|
versions for the specified key.
|
702
705
|
:param pulumi.Input[bool] disable_read: If set to true, disables reading secret from Vault;
|
703
706
|
note: drift won't be detected.
|
704
|
-
:param pulumi.Input[Mapping[str,
|
707
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] metadata: Metadata associated with this secret read from Vault.
|
705
708
|
:param pulumi.Input[str] mount: Path where KV-V2 engine is mounted.
|
706
709
|
:param pulumi.Input[str] name: Full name of the secret. For a nested secret
|
707
710
|
the name is the nested path excluding the mount and data
|
@@ -709,9 +712,9 @@ class SecretV2(pulumi.CustomResource):
|
|
709
712
|
the name is `foo/bar/baz`.
|
710
713
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
711
714
|
The value should not contain leading or trailing forward slashes.
|
712
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
715
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
713
716
|
*Available only for Vault Enterprise*.
|
714
|
-
:param pulumi.Input[Mapping[str,
|
717
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: An object that holds option settings.
|
715
718
|
:param pulumi.Input[str] path: Full path where the KV-V2 secret will be written.
|
716
719
|
"""
|
717
720
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
@@ -755,7 +758,7 @@ class SecretV2(pulumi.CustomResource):
|
|
755
758
|
|
756
759
|
@property
|
757
760
|
@pulumi.getter
|
758
|
-
def data(self) -> pulumi.Output[Mapping[str,
|
761
|
+
def data(self) -> pulumi.Output[Mapping[str, str]]:
|
759
762
|
"""
|
760
763
|
A mapping whose keys are the top-level data keys returned from
|
761
764
|
Vault and whose values are the corresponding values. This map can only
|
@@ -793,7 +796,7 @@ class SecretV2(pulumi.CustomResource):
|
|
793
796
|
|
794
797
|
@property
|
795
798
|
@pulumi.getter
|
796
|
-
def metadata(self) -> pulumi.Output[Mapping[str,
|
799
|
+
def metadata(self) -> pulumi.Output[Mapping[str, str]]:
|
797
800
|
"""
|
798
801
|
Metadata associated with this secret read from Vault.
|
799
802
|
"""
|
@@ -824,14 +827,14 @@ class SecretV2(pulumi.CustomResource):
|
|
824
827
|
"""
|
825
828
|
The namespace to provision the resource in.
|
826
829
|
The value should not contain leading or trailing forward slashes.
|
827
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
830
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
828
831
|
*Available only for Vault Enterprise*.
|
829
832
|
"""
|
830
833
|
return pulumi.get(self, "namespace")
|
831
834
|
|
832
835
|
@property
|
833
836
|
@pulumi.getter
|
834
|
-
def options(self) -> pulumi.Output[Optional[Mapping[str,
|
837
|
+
def options(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
|
835
838
|
"""
|
836
839
|
An object that holds option settings.
|
837
840
|
"""
|