pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendRootSignIntermediateArgs', 'SecretBackendRootSignIntermediate']
|
@@ -55,7 +60,7 @@ class SecretBackendRootSignIntermediateArgs:
|
|
55
60
|
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
56
61
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
57
62
|
The value should not contain leading or trailing forward slashes.
|
58
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
63
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
59
64
|
*Available only for Vault Enterprise*.
|
60
65
|
:param pulumi.Input[str] organization: The organization
|
61
66
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
@@ -254,7 +259,7 @@ class SecretBackendRootSignIntermediateArgs:
|
|
254
259
|
"""
|
255
260
|
The namespace to provision the resource in.
|
256
261
|
The value should not contain leading or trailing forward slashes.
|
257
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
262
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
258
263
|
*Available only for Vault Enterprise*.
|
259
264
|
"""
|
260
265
|
return pulumi.get(self, "namespace")
|
@@ -422,7 +427,6 @@ class _SecretBackendRootSignIntermediateState:
|
|
422
427
|
postal_code: Optional[pulumi.Input[str]] = None,
|
423
428
|
province: Optional[pulumi.Input[str]] = None,
|
424
429
|
revoke: Optional[pulumi.Input[bool]] = None,
|
425
|
-
serial: Optional[pulumi.Input[str]] = None,
|
426
430
|
serial_number: Optional[pulumi.Input[str]] = None,
|
427
431
|
street_address: Optional[pulumi.Input[str]] = None,
|
428
432
|
ttl: Optional[pulumi.Input[str]] = None,
|
@@ -451,7 +455,7 @@ class _SecretBackendRootSignIntermediateState:
|
|
451
455
|
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
452
456
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
453
457
|
The value should not contain leading or trailing forward slashes.
|
454
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
458
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
455
459
|
*Available only for Vault Enterprise*.
|
456
460
|
:param pulumi.Input[str] organization: The organization
|
457
461
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
@@ -460,7 +464,6 @@ class _SecretBackendRootSignIntermediateState:
|
|
460
464
|
:param pulumi.Input[str] postal_code: The postal code
|
461
465
|
:param pulumi.Input[str] province: The province
|
462
466
|
:param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
463
|
-
:param pulumi.Input[str] serial: The serial number.
|
464
467
|
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
465
468
|
:param pulumi.Input[str] street_address: The street address
|
466
469
|
:param pulumi.Input[str] ttl: Time to live
|
@@ -513,11 +516,6 @@ class _SecretBackendRootSignIntermediateState:
|
|
513
516
|
pulumi.set(__self__, "province", province)
|
514
517
|
if revoke is not None:
|
515
518
|
pulumi.set(__self__, "revoke", revoke)
|
516
|
-
if serial is not None:
|
517
|
-
warnings.warn("""Use serial_number instead""", DeprecationWarning)
|
518
|
-
pulumi.log.warn("""serial is deprecated: Use serial_number instead""")
|
519
|
-
if serial is not None:
|
520
|
-
pulumi.set(__self__, "serial", serial)
|
521
519
|
if serial_number is not None:
|
522
520
|
pulumi.set(__self__, "serial_number", serial_number)
|
523
521
|
if street_address is not None:
|
@@ -719,7 +717,7 @@ class _SecretBackendRootSignIntermediateState:
|
|
719
717
|
"""
|
720
718
|
The namespace to provision the resource in.
|
721
719
|
The value should not contain leading or trailing forward slashes.
|
722
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
720
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
723
721
|
*Available only for Vault Enterprise*.
|
724
722
|
"""
|
725
723
|
return pulumi.get(self, "namespace")
|
@@ -812,21 +810,6 @@ class _SecretBackendRootSignIntermediateState:
|
|
812
810
|
def revoke(self, value: Optional[pulumi.Input[bool]]):
|
813
811
|
pulumi.set(self, "revoke", value)
|
814
812
|
|
815
|
-
@property
|
816
|
-
@pulumi.getter
|
817
|
-
def serial(self) -> Optional[pulumi.Input[str]]:
|
818
|
-
"""
|
819
|
-
The serial number.
|
820
|
-
"""
|
821
|
-
warnings.warn("""Use serial_number instead""", DeprecationWarning)
|
822
|
-
pulumi.log.warn("""serial is deprecated: Use serial_number instead""")
|
823
|
-
|
824
|
-
return pulumi.get(self, "serial")
|
825
|
-
|
826
|
-
@serial.setter
|
827
|
-
def serial(self, value: Optional[pulumi.Input[str]]):
|
828
|
-
pulumi.set(self, "serial", value)
|
829
|
-
|
830
813
|
@property
|
831
814
|
@pulumi.getter(name="serialNumber")
|
832
815
|
def serial_number(self) -> Optional[pulumi.Input[str]]:
|
@@ -922,25 +905,19 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
922
905
|
|
923
906
|
## Example Usage
|
924
907
|
|
925
|
-
<!--Start PulumiCodeChooser -->
|
926
908
|
```python
|
927
909
|
import pulumi
|
928
910
|
import pulumi_vault as vault
|
929
911
|
|
930
912
|
root = vault.pki_secret.SecretBackendRootSignIntermediate("root",
|
931
|
-
backend=
|
932
|
-
csr=
|
913
|
+
backend=root_vault_mount["path"],
|
914
|
+
csr=intermediate["csr"],
|
933
915
|
common_name="Intermediate CA",
|
934
916
|
exclude_cn_from_sans=True,
|
935
917
|
ou="My OU",
|
936
918
|
organization="My organization",
|
937
|
-
opts=pulumi.ResourceOptions(depends_on=[
|
919
|
+
opts = pulumi.ResourceOptions(depends_on=[intermediate]))
|
938
920
|
```
|
939
|
-
<!--End PulumiCodeChooser -->
|
940
|
-
|
941
|
-
## Deprecations
|
942
|
-
|
943
|
-
* `serial` - Use `serial_number` instead.
|
944
921
|
|
945
922
|
:param str resource_name: The name of the resource.
|
946
923
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
@@ -960,7 +937,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
960
937
|
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
961
938
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
962
939
|
The value should not contain leading or trailing forward slashes.
|
963
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
940
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
964
941
|
*Available only for Vault Enterprise*.
|
965
942
|
:param pulumi.Input[str] organization: The organization
|
966
943
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
@@ -985,25 +962,19 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
985
962
|
|
986
963
|
## Example Usage
|
987
964
|
|
988
|
-
<!--Start PulumiCodeChooser -->
|
989
965
|
```python
|
990
966
|
import pulumi
|
991
967
|
import pulumi_vault as vault
|
992
968
|
|
993
969
|
root = vault.pki_secret.SecretBackendRootSignIntermediate("root",
|
994
|
-
backend=
|
995
|
-
csr=
|
970
|
+
backend=root_vault_mount["path"],
|
971
|
+
csr=intermediate["csr"],
|
996
972
|
common_name="Intermediate CA",
|
997
973
|
exclude_cn_from_sans=True,
|
998
974
|
ou="My OU",
|
999
975
|
organization="My organization",
|
1000
|
-
opts=pulumi.ResourceOptions(depends_on=[
|
976
|
+
opts = pulumi.ResourceOptions(depends_on=[intermediate]))
|
1001
977
|
```
|
1002
|
-
<!--End PulumiCodeChooser -->
|
1003
|
-
|
1004
|
-
## Deprecations
|
1005
|
-
|
1006
|
-
* `serial` - Use `serial_number` instead.
|
1007
978
|
|
1008
979
|
:param str resource_name: The name of the resource.
|
1009
980
|
:param SecretBackendRootSignIntermediateArgs args: The arguments to use to populate this resource's properties.
|
@@ -1085,7 +1056,6 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1085
1056
|
__props__.__dict__["certificate"] = None
|
1086
1057
|
__props__.__dict__["certificate_bundle"] = None
|
1087
1058
|
__props__.__dict__["issuing_ca"] = None
|
1088
|
-
__props__.__dict__["serial"] = None
|
1089
1059
|
__props__.__dict__["serial_number"] = None
|
1090
1060
|
super(SecretBackendRootSignIntermediate, __self__).__init__(
|
1091
1061
|
'vault:pkiSecret/secretBackendRootSignIntermediate:SecretBackendRootSignIntermediate',
|
@@ -1120,7 +1090,6 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1120
1090
|
postal_code: Optional[pulumi.Input[str]] = None,
|
1121
1091
|
province: Optional[pulumi.Input[str]] = None,
|
1122
1092
|
revoke: Optional[pulumi.Input[bool]] = None,
|
1123
|
-
serial: Optional[pulumi.Input[str]] = None,
|
1124
1093
|
serial_number: Optional[pulumi.Input[str]] = None,
|
1125
1094
|
street_address: Optional[pulumi.Input[str]] = None,
|
1126
1095
|
ttl: Optional[pulumi.Input[str]] = None,
|
@@ -1154,7 +1123,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1154
1123
|
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
1155
1124
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
1156
1125
|
The value should not contain leading or trailing forward slashes.
|
1157
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1126
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1158
1127
|
*Available only for Vault Enterprise*.
|
1159
1128
|
:param pulumi.Input[str] organization: The organization
|
1160
1129
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
@@ -1163,7 +1132,6 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1163
1132
|
:param pulumi.Input[str] postal_code: The postal code
|
1164
1133
|
:param pulumi.Input[str] province: The province
|
1165
1134
|
:param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
1166
|
-
:param pulumi.Input[str] serial: The serial number.
|
1167
1135
|
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
1168
1136
|
:param pulumi.Input[str] street_address: The street address
|
1169
1137
|
:param pulumi.Input[str] ttl: Time to live
|
@@ -1197,7 +1165,6 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1197
1165
|
__props__.__dict__["postal_code"] = postal_code
|
1198
1166
|
__props__.__dict__["province"] = province
|
1199
1167
|
__props__.__dict__["revoke"] = revoke
|
1200
|
-
__props__.__dict__["serial"] = serial
|
1201
1168
|
__props__.__dict__["serial_number"] = serial_number
|
1202
1169
|
__props__.__dict__["street_address"] = street_address
|
1203
1170
|
__props__.__dict__["ttl"] = ttl
|
@@ -1335,7 +1302,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1335
1302
|
"""
|
1336
1303
|
The namespace to provision the resource in.
|
1337
1304
|
The value should not contain leading or trailing forward slashes.
|
1338
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1305
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1339
1306
|
*Available only for Vault Enterprise*.
|
1340
1307
|
"""
|
1341
1308
|
return pulumi.get(self, "namespace")
|
@@ -1396,17 +1363,6 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1396
1363
|
"""
|
1397
1364
|
return pulumi.get(self, "revoke")
|
1398
1365
|
|
1399
|
-
@property
|
1400
|
-
@pulumi.getter
|
1401
|
-
def serial(self) -> pulumi.Output[str]:
|
1402
|
-
"""
|
1403
|
-
The serial number.
|
1404
|
-
"""
|
1405
|
-
warnings.warn("""Use serial_number instead""", DeprecationWarning)
|
1406
|
-
pulumi.log.warn("""serial is deprecated: Use serial_number instead""")
|
1407
|
-
|
1408
|
-
return pulumi.get(self, "serial")
|
1409
|
-
|
1410
1366
|
@property
|
1411
1367
|
@pulumi.getter(name="serialNumber")
|
1412
1368
|
def serial_number(self) -> pulumi.Output[str]:
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendSignArgs', 'SecretBackendSign']
|
@@ -47,7 +52,7 @@ class SecretBackendSignArgs:
|
|
47
52
|
:param pulumi.Input[str] name: Name of the role to create the certificate against
|
48
53
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
49
54
|
The value should not contain leading or trailing forward slashes.
|
50
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
55
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
51
56
|
*Available only for Vault Enterprise*.
|
52
57
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
53
58
|
:param pulumi.Input[str] ttl: Time to live
|
@@ -222,7 +227,7 @@ class SecretBackendSignArgs:
|
|
222
227
|
"""
|
223
228
|
The namespace to provision the resource in.
|
224
229
|
The value should not contain leading or trailing forward slashes.
|
225
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
230
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
226
231
|
*Available only for Vault Enterprise*.
|
227
232
|
"""
|
228
233
|
return pulumi.get(self, "namespace")
|
@@ -289,7 +294,6 @@ class _SecretBackendSignState:
|
|
289
294
|
namespace: Optional[pulumi.Input[str]] = None,
|
290
295
|
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
291
296
|
renew_pending: Optional[pulumi.Input[bool]] = None,
|
292
|
-
serial: Optional[pulumi.Input[str]] = None,
|
293
297
|
serial_number: Optional[pulumi.Input[str]] = None,
|
294
298
|
ttl: Optional[pulumi.Input[str]] = None,
|
295
299
|
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
|
@@ -315,11 +319,10 @@ class _SecretBackendSignState:
|
|
315
319
|
:param pulumi.Input[str] name: Name of the role to create the certificate against
|
316
320
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
317
321
|
The value should not contain leading or trailing forward slashes.
|
318
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
322
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
319
323
|
*Available only for Vault Enterprise*.
|
320
324
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
321
325
|
:param pulumi.Input[bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
322
|
-
:param pulumi.Input[str] serial: The serial number.
|
323
326
|
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
324
327
|
:param pulumi.Input[str] ttl: Time to live
|
325
328
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
@@ -360,11 +363,6 @@ class _SecretBackendSignState:
|
|
360
363
|
pulumi.set(__self__, "other_sans", other_sans)
|
361
364
|
if renew_pending is not None:
|
362
365
|
pulumi.set(__self__, "renew_pending", renew_pending)
|
363
|
-
if serial is not None:
|
364
|
-
warnings.warn("""Use serial_number instead""", DeprecationWarning)
|
365
|
-
pulumi.log.warn("""serial is deprecated: Use serial_number instead""")
|
366
|
-
if serial is not None:
|
367
|
-
pulumi.set(__self__, "serial", serial)
|
368
366
|
if serial_number is not None:
|
369
367
|
pulumi.set(__self__, "serial_number", serial_number)
|
370
368
|
if ttl is not None:
|
@@ -561,7 +559,7 @@ class _SecretBackendSignState:
|
|
561
559
|
"""
|
562
560
|
The namespace to provision the resource in.
|
563
561
|
The value should not contain leading or trailing forward slashes.
|
564
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
562
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
565
563
|
*Available only for Vault Enterprise*.
|
566
564
|
"""
|
567
565
|
return pulumi.get(self, "namespace")
|
@@ -594,21 +592,6 @@ class _SecretBackendSignState:
|
|
594
592
|
def renew_pending(self, value: Optional[pulumi.Input[bool]]):
|
595
593
|
pulumi.set(self, "renew_pending", value)
|
596
594
|
|
597
|
-
@property
|
598
|
-
@pulumi.getter
|
599
|
-
def serial(self) -> Optional[pulumi.Input[str]]:
|
600
|
-
"""
|
601
|
-
The serial number.
|
602
|
-
"""
|
603
|
-
warnings.warn("""Use serial_number instead""", DeprecationWarning)
|
604
|
-
pulumi.log.warn("""serial is deprecated: Use serial_number instead""")
|
605
|
-
|
606
|
-
return pulumi.get(self, "serial")
|
607
|
-
|
608
|
-
@serial.setter
|
609
|
-
def serial(self, value: Optional[pulumi.Input[str]]):
|
610
|
-
pulumi.set(self, "serial", value)
|
611
|
-
|
612
595
|
@property
|
613
596
|
@pulumi.getter(name="serialNumber")
|
614
597
|
def serial_number(self) -> Optional[pulumi.Input[str]]:
|
@@ -670,13 +653,13 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
670
653
|
"""
|
671
654
|
## Example Usage
|
672
655
|
|
673
|
-
<!--Start PulumiCodeChooser -->
|
674
656
|
```python
|
675
657
|
import pulumi
|
676
658
|
import pulumi_vault as vault
|
677
659
|
|
678
660
|
test = vault.pki_secret.SecretBackendSign("test",
|
679
|
-
backend=
|
661
|
+
backend=pki["path"],
|
662
|
+
name=admin["name"],
|
680
663
|
csr=\"\"\"-----BEGIN CERTIFICATE REQUEST-----
|
681
664
|
MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
|
682
665
|
ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
|
@@ -706,13 +689,8 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
706
689
|
-----END CERTIFICATE REQUEST-----
|
707
690
|
\"\"\",
|
708
691
|
common_name="test.my.domain",
|
709
|
-
opts=pulumi.ResourceOptions(depends_on=[
|
692
|
+
opts = pulumi.ResourceOptions(depends_on=[admin]))
|
710
693
|
```
|
711
|
-
<!--End PulumiCodeChooser -->
|
712
|
-
|
713
|
-
## Deprecations
|
714
|
-
|
715
|
-
* `serial` - Use `serial_number` instead.
|
716
694
|
|
717
695
|
:param str resource_name: The name of the resource.
|
718
696
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
@@ -732,7 +710,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
732
710
|
:param pulumi.Input[str] name: Name of the role to create the certificate against
|
733
711
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
734
712
|
The value should not contain leading or trailing forward slashes.
|
735
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
713
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
736
714
|
*Available only for Vault Enterprise*.
|
737
715
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
738
716
|
:param pulumi.Input[str] ttl: Time to live
|
@@ -747,13 +725,13 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
747
725
|
"""
|
748
726
|
## Example Usage
|
749
727
|
|
750
|
-
<!--Start PulumiCodeChooser -->
|
751
728
|
```python
|
752
729
|
import pulumi
|
753
730
|
import pulumi_vault as vault
|
754
731
|
|
755
732
|
test = vault.pki_secret.SecretBackendSign("test",
|
756
|
-
backend=
|
733
|
+
backend=pki["path"],
|
734
|
+
name=admin["name"],
|
757
735
|
csr=\"\"\"-----BEGIN CERTIFICATE REQUEST-----
|
758
736
|
MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
|
759
737
|
ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy
|
@@ -783,13 +761,8 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
783
761
|
-----END CERTIFICATE REQUEST-----
|
784
762
|
\"\"\",
|
785
763
|
common_name="test.my.domain",
|
786
|
-
opts=pulumi.ResourceOptions(depends_on=[
|
764
|
+
opts = pulumi.ResourceOptions(depends_on=[admin]))
|
787
765
|
```
|
788
|
-
<!--End PulumiCodeChooser -->
|
789
|
-
|
790
|
-
## Deprecations
|
791
|
-
|
792
|
-
* `serial` - Use `serial_number` instead.
|
793
766
|
|
794
767
|
:param str resource_name: The name of the resource.
|
795
768
|
:param SecretBackendSignArgs args: The arguments to use to populate this resource's properties.
|
@@ -856,7 +829,6 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
856
829
|
__props__.__dict__["expiration"] = None
|
857
830
|
__props__.__dict__["issuing_ca"] = None
|
858
831
|
__props__.__dict__["renew_pending"] = None
|
859
|
-
__props__.__dict__["serial"] = None
|
860
832
|
__props__.__dict__["serial_number"] = None
|
861
833
|
super(SecretBackendSign, __self__).__init__(
|
862
834
|
'vault:pkiSecret/secretBackendSign:SecretBackendSign',
|
@@ -886,7 +858,6 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
886
858
|
namespace: Optional[pulumi.Input[str]] = None,
|
887
859
|
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
888
860
|
renew_pending: Optional[pulumi.Input[bool]] = None,
|
889
|
-
serial: Optional[pulumi.Input[str]] = None,
|
890
861
|
serial_number: Optional[pulumi.Input[str]] = None,
|
891
862
|
ttl: Optional[pulumi.Input[str]] = None,
|
892
863
|
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None) -> 'SecretBackendSign':
|
@@ -917,11 +888,10 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
917
888
|
:param pulumi.Input[str] name: Name of the role to create the certificate against
|
918
889
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
919
890
|
The value should not contain leading or trailing forward slashes.
|
920
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
891
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
921
892
|
*Available only for Vault Enterprise*.
|
922
893
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
923
894
|
:param pulumi.Input[bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
924
|
-
:param pulumi.Input[str] serial: The serial number.
|
925
895
|
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
926
896
|
:param pulumi.Input[str] ttl: Time to live
|
927
897
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
@@ -948,7 +918,6 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
948
918
|
__props__.__dict__["namespace"] = namespace
|
949
919
|
__props__.__dict__["other_sans"] = other_sans
|
950
920
|
__props__.__dict__["renew_pending"] = renew_pending
|
951
|
-
__props__.__dict__["serial"] = serial
|
952
921
|
__props__.__dict__["serial_number"] = serial_number
|
953
922
|
__props__.__dict__["ttl"] = ttl
|
954
923
|
__props__.__dict__["uri_sans"] = uri_sans
|
@@ -1083,7 +1052,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
1083
1052
|
"""
|
1084
1053
|
The namespace to provision the resource in.
|
1085
1054
|
The value should not contain leading or trailing forward slashes.
|
1086
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
1055
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1087
1056
|
*Available only for Vault Enterprise*.
|
1088
1057
|
"""
|
1089
1058
|
return pulumi.get(self, "namespace")
|
@@ -1104,17 +1073,6 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
1104
1073
|
"""
|
1105
1074
|
return pulumi.get(self, "renew_pending")
|
1106
1075
|
|
1107
|
-
@property
|
1108
|
-
@pulumi.getter
|
1109
|
-
def serial(self) -> pulumi.Output[str]:
|
1110
|
-
"""
|
1111
|
-
The serial number.
|
1112
|
-
"""
|
1113
|
-
warnings.warn("""Use serial_number instead""", DeprecationWarning)
|
1114
|
-
pulumi.log.warn("""serial is deprecated: Use serial_number instead""")
|
1115
|
-
|
1116
|
-
return pulumi.get(self, "serial")
|
1117
|
-
|
1118
1076
|
@property
|
1119
1077
|
@pulumi.getter(name="serialNumber")
|
1120
1078
|
def serial_number(self) -> pulumi.Output[str]:
|