pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from . import _utilities
11
16
  from . import outputs
12
17
  from ._inputs import *
@@ -19,6 +24,7 @@ class AuthBackendArgs:
19
24
  type: pulumi.Input[str],
20
25
  description: Optional[pulumi.Input[str]] = None,
21
26
  disable_remount: Optional[pulumi.Input[bool]] = None,
27
+ identity_token_key: Optional[pulumi.Input[str]] = None,
22
28
  local: Optional[pulumi.Input[bool]] = None,
23
29
  namespace: Optional[pulumi.Input[str]] = None,
24
30
  path: Optional[pulumi.Input[str]] = None,
@@ -29,10 +35,11 @@ class AuthBackendArgs:
29
35
  :param pulumi.Input[str] description: A description of the auth method.
30
36
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
31
37
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
38
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
32
39
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
33
40
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
34
41
  The value should not contain leading or trailing forward slashes.
35
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
42
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
36
43
  *Available only for Vault Enterprise*.
37
44
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
38
45
  :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
@@ -44,6 +51,8 @@ class AuthBackendArgs:
44
51
  pulumi.set(__self__, "description", description)
45
52
  if disable_remount is not None:
46
53
  pulumi.set(__self__, "disable_remount", disable_remount)
54
+ if identity_token_key is not None:
55
+ pulumi.set(__self__, "identity_token_key", identity_token_key)
47
56
  if local is not None:
48
57
  pulumi.set(__self__, "local", local)
49
58
  if namespace is not None:
@@ -90,6 +99,18 @@ class AuthBackendArgs:
90
99
  def disable_remount(self, value: Optional[pulumi.Input[bool]]):
91
100
  pulumi.set(self, "disable_remount", value)
92
101
 
102
+ @property
103
+ @pulumi.getter(name="identityTokenKey")
104
+ def identity_token_key(self) -> Optional[pulumi.Input[str]]:
105
+ """
106
+ The key to use for signing identity tokens.
107
+ """
108
+ return pulumi.get(self, "identity_token_key")
109
+
110
+ @identity_token_key.setter
111
+ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
112
+ pulumi.set(self, "identity_token_key", value)
113
+
93
114
  @property
94
115
  @pulumi.getter
95
116
  def local(self) -> Optional[pulumi.Input[bool]]:
@@ -108,7 +129,7 @@ class AuthBackendArgs:
108
129
  """
109
130
  The namespace to provision the resource in.
110
131
  The value should not contain leading or trailing forward slashes.
111
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
132
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
112
133
  *Available only for Vault Enterprise*.
113
134
  """
114
135
  return pulumi.get(self, "namespace")
@@ -150,6 +171,7 @@ class _AuthBackendState:
150
171
  accessor: Optional[pulumi.Input[str]] = None,
151
172
  description: Optional[pulumi.Input[str]] = None,
152
173
  disable_remount: Optional[pulumi.Input[bool]] = None,
174
+ identity_token_key: Optional[pulumi.Input[str]] = None,
153
175
  local: Optional[pulumi.Input[bool]] = None,
154
176
  namespace: Optional[pulumi.Input[str]] = None,
155
177
  path: Optional[pulumi.Input[str]] = None,
@@ -161,10 +183,11 @@ class _AuthBackendState:
161
183
  :param pulumi.Input[str] description: A description of the auth method.
162
184
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
163
185
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
186
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
164
187
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
165
188
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
166
189
  The value should not contain leading or trailing forward slashes.
167
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
190
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
168
191
  *Available only for Vault Enterprise*.
169
192
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
170
193
  :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
@@ -178,6 +201,8 @@ class _AuthBackendState:
178
201
  pulumi.set(__self__, "description", description)
179
202
  if disable_remount is not None:
180
203
  pulumi.set(__self__, "disable_remount", disable_remount)
204
+ if identity_token_key is not None:
205
+ pulumi.set(__self__, "identity_token_key", identity_token_key)
181
206
  if local is not None:
182
207
  pulumi.set(__self__, "local", local)
183
208
  if namespace is not None:
@@ -226,6 +251,18 @@ class _AuthBackendState:
226
251
  def disable_remount(self, value: Optional[pulumi.Input[bool]]):
227
252
  pulumi.set(self, "disable_remount", value)
228
253
 
254
+ @property
255
+ @pulumi.getter(name="identityTokenKey")
256
+ def identity_token_key(self) -> Optional[pulumi.Input[str]]:
257
+ """
258
+ The key to use for signing identity tokens.
259
+ """
260
+ return pulumi.get(self, "identity_token_key")
261
+
262
+ @identity_token_key.setter
263
+ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
264
+ pulumi.set(self, "identity_token_key", value)
265
+
229
266
  @property
230
267
  @pulumi.getter
231
268
  def local(self) -> Optional[pulumi.Input[bool]]:
@@ -244,7 +281,7 @@ class _AuthBackendState:
244
281
  """
245
282
  The namespace to provision the resource in.
246
283
  The value should not contain leading or trailing forward slashes.
247
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
284
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
248
285
  *Available only for Vault Enterprise*.
249
286
  """
250
287
  return pulumi.get(self, "namespace")
@@ -299,10 +336,11 @@ class AuthBackend(pulumi.CustomResource):
299
336
  opts: Optional[pulumi.ResourceOptions] = None,
300
337
  description: Optional[pulumi.Input[str]] = None,
301
338
  disable_remount: Optional[pulumi.Input[bool]] = None,
339
+ identity_token_key: Optional[pulumi.Input[str]] = None,
302
340
  local: Optional[pulumi.Input[bool]] = None,
303
341
  namespace: Optional[pulumi.Input[str]] = None,
304
342
  path: Optional[pulumi.Input[str]] = None,
305
- tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
343
+ tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
306
344
  type: Optional[pulumi.Input[str]] = None,
307
345
  __props__=None):
308
346
  """
@@ -319,13 +357,14 @@ class AuthBackend(pulumi.CustomResource):
319
357
  :param pulumi.Input[str] description: A description of the auth method.
320
358
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
321
359
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
360
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
322
361
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
323
362
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
324
363
  The value should not contain leading or trailing forward slashes.
325
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
364
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
326
365
  *Available only for Vault Enterprise*.
327
366
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
328
- :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below.
367
+ :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
329
368
 
330
369
  The `tune` block is used to tune the auth backend:
331
370
  :param pulumi.Input[str] type: The name of the auth method type.
@@ -362,10 +401,11 @@ class AuthBackend(pulumi.CustomResource):
362
401
  opts: Optional[pulumi.ResourceOptions] = None,
363
402
  description: Optional[pulumi.Input[str]] = None,
364
403
  disable_remount: Optional[pulumi.Input[bool]] = None,
404
+ identity_token_key: Optional[pulumi.Input[str]] = None,
365
405
  local: Optional[pulumi.Input[bool]] = None,
366
406
  namespace: Optional[pulumi.Input[str]] = None,
367
407
  path: Optional[pulumi.Input[str]] = None,
368
- tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
408
+ tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
369
409
  type: Optional[pulumi.Input[str]] = None,
370
410
  __props__=None):
371
411
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -378,6 +418,7 @@ class AuthBackend(pulumi.CustomResource):
378
418
 
379
419
  __props__.__dict__["description"] = description
380
420
  __props__.__dict__["disable_remount"] = disable_remount
421
+ __props__.__dict__["identity_token_key"] = identity_token_key
381
422
  __props__.__dict__["local"] = local
382
423
  __props__.__dict__["namespace"] = namespace
383
424
  __props__.__dict__["path"] = path
@@ -399,10 +440,11 @@ class AuthBackend(pulumi.CustomResource):
399
440
  accessor: Optional[pulumi.Input[str]] = None,
400
441
  description: Optional[pulumi.Input[str]] = None,
401
442
  disable_remount: Optional[pulumi.Input[bool]] = None,
443
+ identity_token_key: Optional[pulumi.Input[str]] = None,
402
444
  local: Optional[pulumi.Input[bool]] = None,
403
445
  namespace: Optional[pulumi.Input[str]] = None,
404
446
  path: Optional[pulumi.Input[str]] = None,
405
- tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
447
+ tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
406
448
  type: Optional[pulumi.Input[str]] = None) -> 'AuthBackend':
407
449
  """
408
450
  Get an existing AuthBackend resource's state with the given name, id, and optional extra
@@ -415,13 +457,14 @@ class AuthBackend(pulumi.CustomResource):
415
457
  :param pulumi.Input[str] description: A description of the auth method.
416
458
  :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
417
459
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
460
+ :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens.
418
461
  :param pulumi.Input[bool] local: Specifies if the auth method is local only.
419
462
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
420
463
  The value should not contain leading or trailing forward slashes.
421
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
464
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
422
465
  *Available only for Vault Enterprise*.
423
466
  :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type.
424
- :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below.
467
+ :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
425
468
 
426
469
  The `tune` block is used to tune the auth backend:
427
470
  :param pulumi.Input[str] type: The name of the auth method type.
@@ -433,6 +476,7 @@ class AuthBackend(pulumi.CustomResource):
433
476
  __props__.__dict__["accessor"] = accessor
434
477
  __props__.__dict__["description"] = description
435
478
  __props__.__dict__["disable_remount"] = disable_remount
479
+ __props__.__dict__["identity_token_key"] = identity_token_key
436
480
  __props__.__dict__["local"] = local
437
481
  __props__.__dict__["namespace"] = namespace
438
482
  __props__.__dict__["path"] = path
@@ -465,6 +509,14 @@ class AuthBackend(pulumi.CustomResource):
465
509
  """
466
510
  return pulumi.get(self, "disable_remount")
467
511
 
512
+ @property
513
+ @pulumi.getter(name="identityTokenKey")
514
+ def identity_token_key(self) -> pulumi.Output[Optional[str]]:
515
+ """
516
+ The key to use for signing identity tokens.
517
+ """
518
+ return pulumi.get(self, "identity_token_key")
519
+
468
520
  @property
469
521
  @pulumi.getter
470
522
  def local(self) -> pulumi.Output[Optional[bool]]:
@@ -479,7 +531,7 @@ class AuthBackend(pulumi.CustomResource):
479
531
  """
480
532
  The namespace to provision the resource in.
481
533
  The value should not contain leading or trailing forward slashes.
482
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
534
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
483
535
  *Available only for Vault Enterprise*.
484
536
  """
485
537
  return pulumi.get(self, "namespace")
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['AuthBackendCertArgs', 'AuthBackendCert']
@@ -30,7 +35,7 @@ class AuthBackendCertArgs:
30
35
  mounted at. Defaults to `aws`.
31
36
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
32
37
  The value should not contain leading or trailing forward slashes.
33
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
38
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
34
39
  *Available only for Vault Enterprise*.
35
40
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
36
41
  document which can be verified using the given certificate. Defaults to
@@ -91,7 +96,7 @@ class AuthBackendCertArgs:
91
96
  """
92
97
  The namespace to provision the resource in.
93
98
  The value should not contain leading or trailing forward slashes.
94
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
99
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
95
100
  *Available only for Vault Enterprise*.
96
101
  """
97
102
  return pulumi.get(self, "namespace")
@@ -134,7 +139,7 @@ class _AuthBackendCertState:
134
139
  :param pulumi.Input[str] cert_name: The name of the certificate.
135
140
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
136
141
  The value should not contain leading or trailing forward slashes.
137
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
142
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
138
143
  *Available only for Vault Enterprise*.
139
144
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
140
145
  document which can be verified using the given certificate. Defaults to
@@ -197,7 +202,7 @@ class _AuthBackendCertState:
197
202
  """
198
203
  The namespace to provision the resource in.
199
204
  The value should not contain leading or trailing forward slashes.
200
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
205
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
201
206
  *Available only for Vault Enterprise*.
202
207
  """
203
208
  return pulumi.get(self, "namespace")
@@ -254,7 +259,7 @@ class AuthBackendCert(pulumi.CustomResource):
254
259
  :param pulumi.Input[str] cert_name: The name of the certificate.
255
260
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
256
261
  The value should not contain leading or trailing forward slashes.
257
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
262
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
258
263
  *Available only for Vault Enterprise*.
259
264
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
260
265
  document which can be verified using the given certificate. Defaults to
@@ -346,7 +351,7 @@ class AuthBackendCert(pulumi.CustomResource):
346
351
  :param pulumi.Input[str] cert_name: The name of the certificate.
347
352
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
348
353
  The value should not contain leading or trailing forward slashes.
349
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
354
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
350
355
  *Available only for Vault Enterprise*.
351
356
  :param pulumi.Input[str] type: Either "pkcs7" or "identity", indicating the type of
352
357
  document which can be verified using the given certificate. Defaults to
@@ -397,7 +402,7 @@ class AuthBackendCert(pulumi.CustomResource):
397
402
  """
398
403
  The namespace to provision the resource in.
399
404
  The value should not contain leading or trailing forward slashes.
400
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
405
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
401
406
  *Available only for Vault Enterprise*.
402
407
  """
403
408
  return pulumi.get(self, "namespace")