pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
pulumi_vault/managed/outputs.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -66,26 +71,19 @@ class KeysAw(dict):
|
|
66
71
|
region: Optional[str] = None,
|
67
72
|
uuid: Optional[str] = None):
|
68
73
|
"""
|
69
|
-
:param str access_key: The AWS access key to use
|
70
|
-
:param str key_bits: The size in bits for an RSA key.
|
71
|
-
:param str key_type: The type of key to use
|
72
|
-
:param str kms_key: An identifier for the key
|
73
|
-
:param str name: A unique lowercase name that serves as identifying the key
|
74
|
-
:param str secret_key: The AWS
|
75
|
-
:param bool allow_generate_key: If no existing key can be found in
|
76
|
-
|
77
|
-
:param bool
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
:param
|
82
|
-
configured backend, if `false`, those operations will be forbidden.
|
83
|
-
:param bool any_mount: If `true`, allows usage from any mount point within the
|
84
|
-
namespace.
|
85
|
-
:param str curve: The curve to use for an ECDSA key. Used when `key_type`
|
86
|
-
is `ECDSA`. Required if `allow_generate_key` is `true`.
|
87
|
-
:param str endpoint: Used to specify a custom AWS endpoint.
|
88
|
-
:param str region: The AWS region where the keys are stored (or will be stored).
|
74
|
+
:param str access_key: The AWS access key to use
|
75
|
+
:param str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
76
|
+
:param str key_type: The type of key to use
|
77
|
+
:param str kms_key: An identifier for the key
|
78
|
+
:param str name: A unique lowercase name that serves as identifying the key
|
79
|
+
:param str secret_key: The AWS secret key to use
|
80
|
+
:param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
81
|
+
:param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
82
|
+
:param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
83
|
+
:param bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
84
|
+
:param str curve: The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
85
|
+
:param str endpoint: Used to specify a custom AWS endpoint
|
86
|
+
:param str region: The AWS region where the keys are stored (or will be stored)
|
89
87
|
:param str uuid: ID of the managed key read from Vault
|
90
88
|
"""
|
91
89
|
pulumi.set(__self__, "access_key", access_key)
|
@@ -115,7 +113,7 @@ class KeysAw(dict):
|
|
115
113
|
@pulumi.getter(name="accessKey")
|
116
114
|
def access_key(self) -> str:
|
117
115
|
"""
|
118
|
-
The AWS access key to use
|
116
|
+
The AWS access key to use
|
119
117
|
"""
|
120
118
|
return pulumi.get(self, "access_key")
|
121
119
|
|
@@ -123,7 +121,7 @@ class KeysAw(dict):
|
|
123
121
|
@pulumi.getter(name="keyBits")
|
124
122
|
def key_bits(self) -> str:
|
125
123
|
"""
|
126
|
-
The size in bits for an RSA key.
|
124
|
+
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
127
125
|
"""
|
128
126
|
return pulumi.get(self, "key_bits")
|
129
127
|
|
@@ -131,7 +129,7 @@ class KeysAw(dict):
|
|
131
129
|
@pulumi.getter(name="keyType")
|
132
130
|
def key_type(self) -> str:
|
133
131
|
"""
|
134
|
-
The type of key to use
|
132
|
+
The type of key to use
|
135
133
|
"""
|
136
134
|
return pulumi.get(self, "key_type")
|
137
135
|
|
@@ -139,7 +137,7 @@ class KeysAw(dict):
|
|
139
137
|
@pulumi.getter(name="kmsKey")
|
140
138
|
def kms_key(self) -> str:
|
141
139
|
"""
|
142
|
-
An identifier for the key
|
140
|
+
An identifier for the key
|
143
141
|
"""
|
144
142
|
return pulumi.get(self, "kms_key")
|
145
143
|
|
@@ -147,7 +145,7 @@ class KeysAw(dict):
|
|
147
145
|
@pulumi.getter
|
148
146
|
def name(self) -> str:
|
149
147
|
"""
|
150
|
-
A unique lowercase name that serves as identifying the key
|
148
|
+
A unique lowercase name that serves as identifying the key
|
151
149
|
"""
|
152
150
|
return pulumi.get(self, "name")
|
153
151
|
|
@@ -155,7 +153,7 @@ class KeysAw(dict):
|
|
155
153
|
@pulumi.getter(name="secretKey")
|
156
154
|
def secret_key(self) -> str:
|
157
155
|
"""
|
158
|
-
The AWS
|
156
|
+
The AWS secret key to use
|
159
157
|
"""
|
160
158
|
return pulumi.get(self, "secret_key")
|
161
159
|
|
@@ -163,8 +161,7 @@ class KeysAw(dict):
|
|
163
161
|
@pulumi.getter(name="allowGenerateKey")
|
164
162
|
def allow_generate_key(self) -> Optional[bool]:
|
165
163
|
"""
|
166
|
-
If no existing key can be found in
|
167
|
-
the referenced backend, instructs Vault to generate a key within the backend.
|
164
|
+
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
168
165
|
"""
|
169
166
|
return pulumi.get(self, "allow_generate_key")
|
170
167
|
|
@@ -172,10 +169,7 @@ class KeysAw(dict):
|
|
172
169
|
@pulumi.getter(name="allowReplaceKey")
|
173
170
|
def allow_replace_key(self) -> Optional[bool]:
|
174
171
|
"""
|
175
|
-
Controls the ability for Vault to replace through
|
176
|
-
generation or importing a key into the configured backend even
|
177
|
-
if a key is present, if set to `false` those operations are forbidden
|
178
|
-
if a key exists.
|
172
|
+
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
179
173
|
"""
|
180
174
|
return pulumi.get(self, "allow_replace_key")
|
181
175
|
|
@@ -183,8 +177,7 @@ class KeysAw(dict):
|
|
183
177
|
@pulumi.getter(name="allowStoreKey")
|
184
178
|
def allow_store_key(self) -> Optional[bool]:
|
185
179
|
"""
|
186
|
-
Controls the ability for Vault to import a key to the
|
187
|
-
configured backend, if `false`, those operations will be forbidden.
|
180
|
+
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
188
181
|
"""
|
189
182
|
return pulumi.get(self, "allow_store_key")
|
190
183
|
|
@@ -192,8 +185,7 @@ class KeysAw(dict):
|
|
192
185
|
@pulumi.getter(name="anyMount")
|
193
186
|
def any_mount(self) -> Optional[bool]:
|
194
187
|
"""
|
195
|
-
|
196
|
-
namespace.
|
188
|
+
Allow usage from any mount point within the namespace if 'true'
|
197
189
|
"""
|
198
190
|
return pulumi.get(self, "any_mount")
|
199
191
|
|
@@ -201,8 +193,7 @@ class KeysAw(dict):
|
|
201
193
|
@pulumi.getter
|
202
194
|
def curve(self) -> Optional[str]:
|
203
195
|
"""
|
204
|
-
The curve to use for an ECDSA key. Used when
|
205
|
-
is `ECDSA`. Required if `allow_generate_key` is `true`.
|
196
|
+
The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
206
197
|
"""
|
207
198
|
return pulumi.get(self, "curve")
|
208
199
|
|
@@ -210,7 +201,7 @@ class KeysAw(dict):
|
|
210
201
|
@pulumi.getter
|
211
202
|
def endpoint(self) -> Optional[str]:
|
212
203
|
"""
|
213
|
-
Used to specify a custom AWS endpoint
|
204
|
+
Used to specify a custom AWS endpoint
|
214
205
|
"""
|
215
206
|
return pulumi.get(self, "endpoint")
|
216
207
|
|
@@ -218,7 +209,7 @@ class KeysAw(dict):
|
|
218
209
|
@pulumi.getter
|
219
210
|
def region(self) -> Optional[str]:
|
220
211
|
"""
|
221
|
-
The AWS region where the keys are stored (or will be stored)
|
212
|
+
The AWS region where the keys are stored (or will be stored)
|
222
213
|
"""
|
223
214
|
return pulumi.get(self, "region")
|
224
215
|
|
@@ -287,26 +278,20 @@ class KeysAzure(dict):
|
|
287
278
|
resource: Optional[str] = None,
|
288
279
|
uuid: Optional[str] = None):
|
289
280
|
"""
|
290
|
-
:param str client_id: The client id for credentials to query the Azure APIs
|
291
|
-
:param str client_secret: The client secret for credentials to query the Azure APIs
|
292
|
-
:param str key_name: The Key Vault key to use for encryption and decryption
|
293
|
-
:param str key_type: The type of key to use
|
294
|
-
:param str name: A unique lowercase name that serves as identifying the key
|
295
|
-
:param str tenant_id: The tenant id for the Azure Active Directory organization
|
296
|
-
:param str vault_name: The Key Vault vault to use for encryption and decryption
|
297
|
-
:param bool allow_generate_key: If no existing key can be found in
|
298
|
-
|
299
|
-
:param bool
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
:param
|
304
|
-
configured backend, if `false`, those operations will be forbidden.
|
305
|
-
:param bool any_mount: If `true`, allows usage from any mount point within the
|
306
|
-
namespace.
|
307
|
-
:param str environment: The Azure Cloud environment API endpoints to use.
|
308
|
-
:param str key_bits: The size in bits for an RSA key.
|
309
|
-
:param str resource: The Azure Key Vault resource's DNS Suffix to connect to.
|
281
|
+
:param str client_id: The client id for credentials to query the Azure APIs
|
282
|
+
:param str client_secret: The client secret for credentials to query the Azure APIs
|
283
|
+
:param str key_name: The Key Vault key to use for encryption and decryption
|
284
|
+
:param str key_type: The type of key to use
|
285
|
+
:param str name: A unique lowercase name that serves as identifying the key
|
286
|
+
:param str tenant_id: The tenant id for the Azure Active Directory organization
|
287
|
+
:param str vault_name: The Key Vault vault to use the encryption keys for encryption and decryption
|
288
|
+
:param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
289
|
+
:param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
290
|
+
:param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
291
|
+
:param bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
292
|
+
:param str environment: The Azure Cloud environment API endpoints to use
|
293
|
+
:param str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
294
|
+
:param str resource: The Azure Key Vault resource's DNS Suffix to connect to
|
310
295
|
:param str uuid: ID of the managed key read from Vault
|
311
296
|
"""
|
312
297
|
pulumi.set(__self__, "client_id", client_id)
|
@@ -337,7 +322,7 @@ class KeysAzure(dict):
|
|
337
322
|
@pulumi.getter(name="clientId")
|
338
323
|
def client_id(self) -> str:
|
339
324
|
"""
|
340
|
-
The client id for credentials to query the Azure APIs
|
325
|
+
The client id for credentials to query the Azure APIs
|
341
326
|
"""
|
342
327
|
return pulumi.get(self, "client_id")
|
343
328
|
|
@@ -345,7 +330,7 @@ class KeysAzure(dict):
|
|
345
330
|
@pulumi.getter(name="clientSecret")
|
346
331
|
def client_secret(self) -> str:
|
347
332
|
"""
|
348
|
-
The client secret for credentials to query the Azure APIs
|
333
|
+
The client secret for credentials to query the Azure APIs
|
349
334
|
"""
|
350
335
|
return pulumi.get(self, "client_secret")
|
351
336
|
|
@@ -353,7 +338,7 @@ class KeysAzure(dict):
|
|
353
338
|
@pulumi.getter(name="keyName")
|
354
339
|
def key_name(self) -> str:
|
355
340
|
"""
|
356
|
-
The Key Vault key to use for encryption and decryption
|
341
|
+
The Key Vault key to use for encryption and decryption
|
357
342
|
"""
|
358
343
|
return pulumi.get(self, "key_name")
|
359
344
|
|
@@ -361,7 +346,7 @@ class KeysAzure(dict):
|
|
361
346
|
@pulumi.getter(name="keyType")
|
362
347
|
def key_type(self) -> str:
|
363
348
|
"""
|
364
|
-
The type of key to use
|
349
|
+
The type of key to use
|
365
350
|
"""
|
366
351
|
return pulumi.get(self, "key_type")
|
367
352
|
|
@@ -369,7 +354,7 @@ class KeysAzure(dict):
|
|
369
354
|
@pulumi.getter
|
370
355
|
def name(self) -> str:
|
371
356
|
"""
|
372
|
-
A unique lowercase name that serves as identifying the key
|
357
|
+
A unique lowercase name that serves as identifying the key
|
373
358
|
"""
|
374
359
|
return pulumi.get(self, "name")
|
375
360
|
|
@@ -377,7 +362,7 @@ class KeysAzure(dict):
|
|
377
362
|
@pulumi.getter(name="tenantId")
|
378
363
|
def tenant_id(self) -> str:
|
379
364
|
"""
|
380
|
-
The tenant id for the Azure Active Directory organization
|
365
|
+
The tenant id for the Azure Active Directory organization
|
381
366
|
"""
|
382
367
|
return pulumi.get(self, "tenant_id")
|
383
368
|
|
@@ -385,7 +370,7 @@ class KeysAzure(dict):
|
|
385
370
|
@pulumi.getter(name="vaultName")
|
386
371
|
def vault_name(self) -> str:
|
387
372
|
"""
|
388
|
-
The Key Vault vault to use for encryption and decryption
|
373
|
+
The Key Vault vault to use the encryption keys for encryption and decryption
|
389
374
|
"""
|
390
375
|
return pulumi.get(self, "vault_name")
|
391
376
|
|
@@ -393,8 +378,7 @@ class KeysAzure(dict):
|
|
393
378
|
@pulumi.getter(name="allowGenerateKey")
|
394
379
|
def allow_generate_key(self) -> Optional[bool]:
|
395
380
|
"""
|
396
|
-
If no existing key can be found in
|
397
|
-
the referenced backend, instructs Vault to generate a key within the backend.
|
381
|
+
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
398
382
|
"""
|
399
383
|
return pulumi.get(self, "allow_generate_key")
|
400
384
|
|
@@ -402,10 +386,7 @@ class KeysAzure(dict):
|
|
402
386
|
@pulumi.getter(name="allowReplaceKey")
|
403
387
|
def allow_replace_key(self) -> Optional[bool]:
|
404
388
|
"""
|
405
|
-
Controls the ability for Vault to replace through
|
406
|
-
generation or importing a key into the configured backend even
|
407
|
-
if a key is present, if set to `false` those operations are forbidden
|
408
|
-
if a key exists.
|
389
|
+
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
409
390
|
"""
|
410
391
|
return pulumi.get(self, "allow_replace_key")
|
411
392
|
|
@@ -413,8 +394,7 @@ class KeysAzure(dict):
|
|
413
394
|
@pulumi.getter(name="allowStoreKey")
|
414
395
|
def allow_store_key(self) -> Optional[bool]:
|
415
396
|
"""
|
416
|
-
Controls the ability for Vault to import a key to the
|
417
|
-
configured backend, if `false`, those operations will be forbidden.
|
397
|
+
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
418
398
|
"""
|
419
399
|
return pulumi.get(self, "allow_store_key")
|
420
400
|
|
@@ -422,8 +402,7 @@ class KeysAzure(dict):
|
|
422
402
|
@pulumi.getter(name="anyMount")
|
423
403
|
def any_mount(self) -> Optional[bool]:
|
424
404
|
"""
|
425
|
-
|
426
|
-
namespace.
|
405
|
+
Allow usage from any mount point within the namespace if 'true'
|
427
406
|
"""
|
428
407
|
return pulumi.get(self, "any_mount")
|
429
408
|
|
@@ -431,7 +410,7 @@ class KeysAzure(dict):
|
|
431
410
|
@pulumi.getter
|
432
411
|
def environment(self) -> Optional[str]:
|
433
412
|
"""
|
434
|
-
The Azure Cloud environment API endpoints to use
|
413
|
+
The Azure Cloud environment API endpoints to use
|
435
414
|
"""
|
436
415
|
return pulumi.get(self, "environment")
|
437
416
|
|
@@ -439,7 +418,7 @@ class KeysAzure(dict):
|
|
439
418
|
@pulumi.getter(name="keyBits")
|
440
419
|
def key_bits(self) -> Optional[str]:
|
441
420
|
"""
|
442
|
-
The size in bits for an RSA key.
|
421
|
+
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
443
422
|
"""
|
444
423
|
return pulumi.get(self, "key_bits")
|
445
424
|
|
@@ -447,7 +426,7 @@ class KeysAzure(dict):
|
|
447
426
|
@pulumi.getter
|
448
427
|
def resource(self) -> Optional[str]:
|
449
428
|
"""
|
450
|
-
The Azure Key Vault resource's DNS Suffix to connect to
|
429
|
+
The Azure Key Vault resource's DNS Suffix to connect to
|
451
430
|
"""
|
452
431
|
return pulumi.get(self, "resource")
|
453
432
|
|
@@ -513,32 +492,21 @@ class KeysPkc(dict):
|
|
513
492
|
token_label: Optional[str] = None,
|
514
493
|
uuid: Optional[str] = None):
|
515
494
|
"""
|
516
|
-
:param str key_id: The id of a PKCS#11 key to use
|
517
|
-
:param str key_label: The label of the key to use
|
518
|
-
:param str library: The name of the kms_library stanza to use from Vault's config
|
519
|
-
|
520
|
-
:param str
|
521
|
-
|
522
|
-
:param
|
523
|
-
:param
|
524
|
-
:param bool
|
525
|
-
|
526
|
-
:param
|
527
|
-
|
528
|
-
|
529
|
-
|
530
|
-
:param
|
531
|
-
configured backend, if `false`, those operations will be forbidden.
|
532
|
-
:param bool any_mount: If `true`, allows usage from any mount point within the
|
533
|
-
namespace.
|
534
|
-
:param str curve: The curve to use for an ECDSA key. Used when `key_type`
|
535
|
-
is `ECDSA`. Required if `allow_generate_key` is `true`.
|
536
|
-
:param str force_rw_session: Force all operations to open up a read-write session to
|
537
|
-
the HSM.
|
538
|
-
:param str key_bits: The size in bits for an RSA key.
|
539
|
-
:param str slot: The slot number to use, specified as a string in a decimal format
|
540
|
-
(e.g. `2305843009213693953`).
|
541
|
-
:param str token_label: The slot token label to use.
|
495
|
+
:param str key_id: The id of a PKCS#11 key to use
|
496
|
+
:param str key_label: The label of the key to use
|
497
|
+
:param str library: The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
498
|
+
:param str mechanism: The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
499
|
+
:param str name: A unique lowercase name that serves as identifying the key
|
500
|
+
:param str pin: The PIN for login
|
501
|
+
:param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
502
|
+
:param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
503
|
+
:param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
504
|
+
:param bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
505
|
+
:param str curve: Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
506
|
+
:param str force_rw_session: Force all operations to open up a read-write session to the HSM
|
507
|
+
:param str key_bits: Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
508
|
+
:param str slot: The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
509
|
+
:param str token_label: The slot token label to use
|
542
510
|
:param str uuid: ID of the managed key read from Vault
|
543
511
|
"""
|
544
512
|
pulumi.set(__self__, "key_id", key_id)
|
@@ -572,7 +540,7 @@ class KeysPkc(dict):
|
|
572
540
|
@pulumi.getter(name="keyId")
|
573
541
|
def key_id(self) -> str:
|
574
542
|
"""
|
575
|
-
The id of a PKCS#11 key to use
|
543
|
+
The id of a PKCS#11 key to use
|
576
544
|
"""
|
577
545
|
return pulumi.get(self, "key_id")
|
578
546
|
|
@@ -580,7 +548,7 @@ class KeysPkc(dict):
|
|
580
548
|
@pulumi.getter(name="keyLabel")
|
581
549
|
def key_label(self) -> str:
|
582
550
|
"""
|
583
|
-
The label of the key to use
|
551
|
+
The label of the key to use
|
584
552
|
"""
|
585
553
|
return pulumi.get(self, "key_label")
|
586
554
|
|
@@ -588,8 +556,7 @@ class KeysPkc(dict):
|
|
588
556
|
@pulumi.getter
|
589
557
|
def library(self) -> str:
|
590
558
|
"""
|
591
|
-
The name of the kms_library stanza to use from Vault's config
|
592
|
-
to lookup the local library path.
|
559
|
+
The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
593
560
|
"""
|
594
561
|
return pulumi.get(self, "library")
|
595
562
|
|
@@ -597,8 +564,7 @@ class KeysPkc(dict):
|
|
597
564
|
@pulumi.getter
|
598
565
|
def mechanism(self) -> str:
|
599
566
|
"""
|
600
|
-
The encryption/decryption mechanism to use, specified as a
|
601
|
-
hexadecimal (prefixed by 0x) string.
|
567
|
+
The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
602
568
|
"""
|
603
569
|
return pulumi.get(self, "mechanism")
|
604
570
|
|
@@ -606,7 +572,7 @@ class KeysPkc(dict):
|
|
606
572
|
@pulumi.getter
|
607
573
|
def name(self) -> str:
|
608
574
|
"""
|
609
|
-
A unique lowercase name that serves as identifying the key
|
575
|
+
A unique lowercase name that serves as identifying the key
|
610
576
|
"""
|
611
577
|
return pulumi.get(self, "name")
|
612
578
|
|
@@ -614,7 +580,7 @@ class KeysPkc(dict):
|
|
614
580
|
@pulumi.getter
|
615
581
|
def pin(self) -> str:
|
616
582
|
"""
|
617
|
-
The PIN for login
|
583
|
+
The PIN for login
|
618
584
|
"""
|
619
585
|
return pulumi.get(self, "pin")
|
620
586
|
|
@@ -622,8 +588,7 @@ class KeysPkc(dict):
|
|
622
588
|
@pulumi.getter(name="allowGenerateKey")
|
623
589
|
def allow_generate_key(self) -> Optional[bool]:
|
624
590
|
"""
|
625
|
-
If no existing key can be found in
|
626
|
-
the referenced backend, instructs Vault to generate a key within the backend.
|
591
|
+
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
627
592
|
"""
|
628
593
|
return pulumi.get(self, "allow_generate_key")
|
629
594
|
|
@@ -631,10 +596,7 @@ class KeysPkc(dict):
|
|
631
596
|
@pulumi.getter(name="allowReplaceKey")
|
632
597
|
def allow_replace_key(self) -> Optional[bool]:
|
633
598
|
"""
|
634
|
-
Controls the ability for Vault to replace through
|
635
|
-
generation or importing a key into the configured backend even
|
636
|
-
if a key is present, if set to `false` those operations are forbidden
|
637
|
-
if a key exists.
|
599
|
+
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
638
600
|
"""
|
639
601
|
return pulumi.get(self, "allow_replace_key")
|
640
602
|
|
@@ -642,8 +604,7 @@ class KeysPkc(dict):
|
|
642
604
|
@pulumi.getter(name="allowStoreKey")
|
643
605
|
def allow_store_key(self) -> Optional[bool]:
|
644
606
|
"""
|
645
|
-
Controls the ability for Vault to import a key to the
|
646
|
-
configured backend, if `false`, those operations will be forbidden.
|
607
|
+
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
647
608
|
"""
|
648
609
|
return pulumi.get(self, "allow_store_key")
|
649
610
|
|
@@ -651,8 +612,7 @@ class KeysPkc(dict):
|
|
651
612
|
@pulumi.getter(name="anyMount")
|
652
613
|
def any_mount(self) -> Optional[bool]:
|
653
614
|
"""
|
654
|
-
|
655
|
-
namespace.
|
615
|
+
Allow usage from any mount point within the namespace if 'true'
|
656
616
|
"""
|
657
617
|
return pulumi.get(self, "any_mount")
|
658
618
|
|
@@ -660,8 +620,7 @@ class KeysPkc(dict):
|
|
660
620
|
@pulumi.getter
|
661
621
|
def curve(self) -> Optional[str]:
|
662
622
|
"""
|
663
|
-
|
664
|
-
is `ECDSA`. Required if `allow_generate_key` is `true`.
|
623
|
+
Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
665
624
|
"""
|
666
625
|
return pulumi.get(self, "curve")
|
667
626
|
|
@@ -669,8 +628,7 @@ class KeysPkc(dict):
|
|
669
628
|
@pulumi.getter(name="forceRwSession")
|
670
629
|
def force_rw_session(self) -> Optional[str]:
|
671
630
|
"""
|
672
|
-
Force all operations to open up a read-write session to
|
673
|
-
the HSM.
|
631
|
+
Force all operations to open up a read-write session to the HSM
|
674
632
|
"""
|
675
633
|
return pulumi.get(self, "force_rw_session")
|
676
634
|
|
@@ -678,7 +636,7 @@ class KeysPkc(dict):
|
|
678
636
|
@pulumi.getter(name="keyBits")
|
679
637
|
def key_bits(self) -> Optional[str]:
|
680
638
|
"""
|
681
|
-
|
639
|
+
Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
682
640
|
"""
|
683
641
|
return pulumi.get(self, "key_bits")
|
684
642
|
|
@@ -686,8 +644,7 @@ class KeysPkc(dict):
|
|
686
644
|
@pulumi.getter
|
687
645
|
def slot(self) -> Optional[str]:
|
688
646
|
"""
|
689
|
-
The slot number to use, specified as a string in a decimal format
|
690
|
-
(e.g. `2305843009213693953`).
|
647
|
+
The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
691
648
|
"""
|
692
649
|
return pulumi.get(self, "slot")
|
693
650
|
|
@@ -695,7 +652,7 @@ class KeysPkc(dict):
|
|
695
652
|
@pulumi.getter(name="tokenLabel")
|
696
653
|
def token_label(self) -> Optional[str]:
|
697
654
|
"""
|
698
|
-
The slot token label to use
|
655
|
+
The slot token label to use
|
699
656
|
"""
|
700
657
|
return pulumi.get(self, "token_label")
|
701
658
|
|
pulumi_vault/mfa_duo.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from . import _utilities
|
11
16
|
|
12
17
|
__all__ = ['MfaDuoArgs', 'MfaDuo']
|
@@ -31,7 +36,7 @@ class MfaDuoArgs:
|
|
31
36
|
:param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
|
32
37
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
33
38
|
The value should not contain leading or trailing forward slashes.
|
34
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
39
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
35
40
|
*Available only for Vault Enterprise*.
|
36
41
|
:param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
|
37
42
|
:param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
|
@@ -119,7 +124,7 @@ class MfaDuoArgs:
|
|
119
124
|
"""
|
120
125
|
The namespace to provision the resource in.
|
121
126
|
The value should not contain leading or trailing forward slashes.
|
122
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
127
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
123
128
|
*Available only for Vault Enterprise*.
|
124
129
|
"""
|
125
130
|
return pulumi.get(self, "namespace")
|
@@ -176,7 +181,7 @@ class _MfaDuoState:
|
|
176
181
|
:param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
|
177
182
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
178
183
|
The value should not contain leading or trailing forward slashes.
|
179
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
184
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
180
185
|
*Available only for Vault Enterprise*.
|
181
186
|
:param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
|
182
187
|
:param pulumi.Input[str] secret_key: `(string: <required>)` - Secret key for Duo.
|
@@ -257,7 +262,7 @@ class _MfaDuoState:
|
|
257
262
|
"""
|
258
263
|
The namespace to provision the resource in.
|
259
264
|
The value should not contain leading or trailing forward slashes.
|
260
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
265
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
261
266
|
*Available only for Vault Enterprise*.
|
262
267
|
"""
|
263
268
|
return pulumi.get(self, "namespace")
|
@@ -328,7 +333,6 @@ class MfaDuo(pulumi.CustomResource):
|
|
328
333
|
|
329
334
|
## Example Usage
|
330
335
|
|
331
|
-
<!--Start PulumiCodeChooser -->
|
332
336
|
```python
|
333
337
|
import pulumi
|
334
338
|
import pulumi_vault as vault
|
@@ -336,13 +340,13 @@ class MfaDuo(pulumi.CustomResource):
|
|
336
340
|
userpass = vault.AuthBackend("userpass",
|
337
341
|
type="userpass",
|
338
342
|
path="userpass")
|
339
|
-
my_duo = vault.MfaDuo("
|
343
|
+
my_duo = vault.MfaDuo("my_duo",
|
344
|
+
name="my_duo",
|
340
345
|
mount_accessor=userpass.accessor,
|
341
346
|
secret_key="8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz",
|
342
347
|
integration_key="BIACEUEAXI20BNWTEYXT",
|
343
348
|
api_hostname="api-2b5c39f5.duosecurity.com")
|
344
349
|
```
|
345
|
-
<!--End PulumiCodeChooser -->
|
346
350
|
|
347
351
|
## Import
|
348
352
|
|
@@ -360,7 +364,7 @@ class MfaDuo(pulumi.CustomResource):
|
|
360
364
|
:param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
|
361
365
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
362
366
|
The value should not contain leading or trailing forward slashes.
|
363
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
367
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
364
368
|
*Available only for Vault Enterprise*.
|
365
369
|
:param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
|
366
370
|
:param pulumi.Input[str] secret_key: `(string: <required>)` - Secret key for Duo.
|
@@ -383,7 +387,6 @@ class MfaDuo(pulumi.CustomResource):
|
|
383
387
|
|
384
388
|
## Example Usage
|
385
389
|
|
386
|
-
<!--Start PulumiCodeChooser -->
|
387
390
|
```python
|
388
391
|
import pulumi
|
389
392
|
import pulumi_vault as vault
|
@@ -391,13 +394,13 @@ class MfaDuo(pulumi.CustomResource):
|
|
391
394
|
userpass = vault.AuthBackend("userpass",
|
392
395
|
type="userpass",
|
393
396
|
path="userpass")
|
394
|
-
my_duo = vault.MfaDuo("
|
397
|
+
my_duo = vault.MfaDuo("my_duo",
|
398
|
+
name="my_duo",
|
395
399
|
mount_accessor=userpass.accessor,
|
396
400
|
secret_key="8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz",
|
397
401
|
integration_key="BIACEUEAXI20BNWTEYXT",
|
398
402
|
api_hostname="api-2b5c39f5.duosecurity.com")
|
399
403
|
```
|
400
|
-
<!--End PulumiCodeChooser -->
|
401
404
|
|
402
405
|
## Import
|
403
406
|
|
@@ -488,7 +491,7 @@ class MfaDuo(pulumi.CustomResource):
|
|
488
491
|
:param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
|
489
492
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
490
493
|
The value should not contain leading or trailing forward slashes.
|
491
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
494
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
492
495
|
*Available only for Vault Enterprise*.
|
493
496
|
:param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
|
494
497
|
:param pulumi.Input[str] secret_key: `(string: <required>)` - Secret key for Duo.
|
@@ -550,7 +553,7 @@ class MfaDuo(pulumi.CustomResource):
|
|
550
553
|
"""
|
551
554
|
The namespace to provision the resource in.
|
552
555
|
The value should not contain leading or trailing forward slashes.
|
553
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
556
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
554
557
|
*Available only for Vault Enterprise*.
|
555
558
|
"""
|
556
559
|
return pulumi.get(self, "namespace")
|