pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +52 -0
- pulumi_vault/_inputs.py +560 -0
- pulumi_vault/_utilities.py +41 -5
- pulumi_vault/ad/get_access_credentials.py +22 -7
- pulumi_vault/ad/secret_backend.py +14 -144
- pulumi_vault/ad/secret_library.py +14 -11
- pulumi_vault/ad/secret_role.py +12 -11
- pulumi_vault/alicloud/auth_backend_role.py +74 -192
- pulumi_vault/approle/auth_backend_login.py +12 -11
- pulumi_vault/approle/auth_backend_role.py +75 -193
- pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
- pulumi_vault/audit.py +24 -27
- pulumi_vault/audit_request_header.py +11 -6
- pulumi_vault/auth_backend.py +64 -12
- pulumi_vault/aws/auth_backend_cert.py +12 -7
- pulumi_vault/aws/auth_backend_client.py +265 -24
- pulumi_vault/aws/auth_backend_config_identity.py +12 -11
- pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
- pulumi_vault/aws/auth_backend_login.py +19 -22
- pulumi_vault/aws/auth_backend_role.py +75 -193
- pulumi_vault/aws/auth_backend_role_tag.py +12 -7
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
- pulumi_vault/aws/auth_backend_sts_role.py +12 -11
- pulumi_vault/aws/get_access_credentials.py +34 -7
- pulumi_vault/aws/get_static_access_credentials.py +19 -5
- pulumi_vault/aws/secret_backend.py +75 -7
- pulumi_vault/aws/secret_backend_role.py +183 -11
- pulumi_vault/aws/secret_backend_static_role.py +14 -11
- pulumi_vault/azure/_inputs.py +24 -0
- pulumi_vault/azure/auth_backend_config.py +151 -17
- pulumi_vault/azure/auth_backend_role.py +75 -193
- pulumi_vault/azure/backend.py +223 -29
- pulumi_vault/azure/backend_role.py +42 -41
- pulumi_vault/azure/get_access_credentials.py +39 -11
- pulumi_vault/azure/outputs.py +5 -0
- pulumi_vault/cert_auth_backend_role.py +87 -271
- pulumi_vault/config/__init__.pyi +5 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +35 -0
- pulumi_vault/config/ui_custom_message.py +529 -0
- pulumi_vault/config/vars.py +5 -0
- pulumi_vault/consul/secret_backend.py +22 -25
- pulumi_vault/consul/secret_backend_role.py +14 -80
- pulumi_vault/database/_inputs.py +2770 -881
- pulumi_vault/database/outputs.py +721 -838
- pulumi_vault/database/secret_backend_connection.py +117 -114
- pulumi_vault/database/secret_backend_role.py +29 -24
- pulumi_vault/database/secret_backend_static_role.py +85 -15
- pulumi_vault/database/secrets_mount.py +425 -138
- pulumi_vault/egp_policy.py +16 -15
- pulumi_vault/gcp/_inputs.py +111 -0
- pulumi_vault/gcp/auth_backend.py +248 -35
- pulumi_vault/gcp/auth_backend_role.py +75 -271
- pulumi_vault/gcp/get_auth_backend_role.py +43 -9
- pulumi_vault/gcp/outputs.py +5 -0
- pulumi_vault/gcp/secret_backend.py +287 -16
- pulumi_vault/gcp/secret_impersonated_account.py +74 -17
- pulumi_vault/gcp/secret_roleset.py +29 -26
- pulumi_vault/gcp/secret_static_account.py +37 -34
- pulumi_vault/generic/endpoint.py +22 -21
- pulumi_vault/generic/get_secret.py +68 -12
- pulumi_vault/generic/secret.py +19 -14
- pulumi_vault/get_auth_backend.py +24 -11
- pulumi_vault/get_auth_backends.py +33 -11
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +153 -0
- pulumi_vault/get_nomad_access_token.py +31 -15
- pulumi_vault/get_policy_document.py +34 -23
- pulumi_vault/get_raft_autopilot_state.py +29 -14
- pulumi_vault/github/_inputs.py +55 -0
- pulumi_vault/github/auth_backend.py +17 -16
- pulumi_vault/github/outputs.py +5 -0
- pulumi_vault/github/team.py +14 -13
- pulumi_vault/github/user.py +14 -13
- pulumi_vault/identity/entity.py +18 -15
- pulumi_vault/identity/entity_alias.py +18 -15
- pulumi_vault/identity/entity_policies.py +24 -19
- pulumi_vault/identity/get_entity.py +40 -14
- pulumi_vault/identity/get_group.py +45 -13
- pulumi_vault/identity/get_oidc_client_creds.py +21 -11
- pulumi_vault/identity/get_oidc_openid_config.py +39 -13
- pulumi_vault/identity/get_oidc_public_keys.py +29 -14
- pulumi_vault/identity/group.py +50 -49
- pulumi_vault/identity/group_alias.py +14 -11
- pulumi_vault/identity/group_member_entity_ids.py +24 -74
- pulumi_vault/identity/group_member_group_ids.py +36 -27
- pulumi_vault/identity/group_policies.py +16 -15
- pulumi_vault/identity/mfa_duo.py +9 -8
- pulumi_vault/identity/mfa_login_enforcement.py +13 -8
- pulumi_vault/identity/mfa_okta.py +9 -8
- pulumi_vault/identity/mfa_pingid.py +5 -4
- pulumi_vault/identity/mfa_totp.py +5 -4
- pulumi_vault/identity/oidc.py +12 -11
- pulumi_vault/identity/oidc_assignment.py +22 -13
- pulumi_vault/identity/oidc_client.py +34 -25
- pulumi_vault/identity/oidc_key.py +28 -19
- pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
- pulumi_vault/identity/oidc_provider.py +34 -23
- pulumi_vault/identity/oidc_role.py +40 -27
- pulumi_vault/identity/oidc_scope.py +18 -15
- pulumi_vault/identity/outputs.py +8 -3
- pulumi_vault/jwt/_inputs.py +55 -0
- pulumi_vault/jwt/auth_backend.py +39 -46
- pulumi_vault/jwt/auth_backend_role.py +131 -260
- pulumi_vault/jwt/outputs.py +5 -0
- pulumi_vault/kmip/secret_backend.py +22 -21
- pulumi_vault/kmip/secret_role.py +12 -11
- pulumi_vault/kmip/secret_scope.py +12 -11
- pulumi_vault/kubernetes/auth_backend_config.py +55 -7
- pulumi_vault/kubernetes/auth_backend_role.py +68 -179
- pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
- pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
- pulumi_vault/kubernetes/get_service_account_token.py +39 -15
- pulumi_vault/kubernetes/secret_backend.py +314 -29
- pulumi_vault/kubernetes/secret_backend_role.py +135 -56
- pulumi_vault/kv/_inputs.py +36 -4
- pulumi_vault/kv/get_secret.py +23 -12
- pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
- pulumi_vault/kv/get_secret_v2.py +89 -9
- pulumi_vault/kv/get_secrets_list.py +22 -15
- pulumi_vault/kv/get_secrets_list_v2.py +35 -19
- pulumi_vault/kv/outputs.py +8 -3
- pulumi_vault/kv/secret.py +19 -18
- pulumi_vault/kv/secret_backend_v2.py +12 -11
- pulumi_vault/kv/secret_v2.py +55 -52
- pulumi_vault/ldap/auth_backend.py +125 -168
- pulumi_vault/ldap/auth_backend_group.py +12 -11
- pulumi_vault/ldap/auth_backend_user.py +12 -11
- pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
- pulumi_vault/ldap/get_static_credentials.py +24 -5
- pulumi_vault/ldap/secret_backend.py +352 -84
- pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
- pulumi_vault/ldap/secret_backend_library_set.py +14 -11
- pulumi_vault/ldap/secret_backend_static_role.py +67 -12
- pulumi_vault/managed/_inputs.py +289 -132
- pulumi_vault/managed/keys.py +27 -43
- pulumi_vault/managed/outputs.py +89 -132
- pulumi_vault/mfa_duo.py +16 -13
- pulumi_vault/mfa_okta.py +16 -13
- pulumi_vault/mfa_pingid.py +16 -13
- pulumi_vault/mfa_totp.py +22 -19
- pulumi_vault/mongodbatlas/secret_backend.py +18 -17
- pulumi_vault/mongodbatlas/secret_role.py +41 -38
- pulumi_vault/mount.py +389 -65
- pulumi_vault/namespace.py +26 -21
- pulumi_vault/nomad_secret_backend.py +16 -15
- pulumi_vault/nomad_secret_role.py +12 -11
- pulumi_vault/okta/_inputs.py +47 -8
- pulumi_vault/okta/auth_backend.py +483 -41
- pulumi_vault/okta/auth_backend_group.py +12 -11
- pulumi_vault/okta/auth_backend_user.py +12 -11
- pulumi_vault/okta/outputs.py +13 -8
- pulumi_vault/outputs.py +5 -0
- pulumi_vault/password_policy.py +18 -15
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +81 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
- pulumi_vault/pkisecret/backend_config_est.py +619 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
- pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
- pulumi_vault/pkisecret/get_backend_key.py +24 -13
- pulumi_vault/pkisecret/get_backend_keys.py +21 -12
- pulumi_vault/pkisecret/outputs.py +69 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
- pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
- pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
- pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
- pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
- pulumi_vault/pkisecret/secret_backend_key.py +12 -7
- pulumi_vault/pkisecret/secret_backend_role.py +19 -16
- pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
- pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
- pulumi_vault/plugin.py +595 -0
- pulumi_vault/plugin_pinned_version.py +298 -0
- pulumi_vault/policy.py +12 -7
- pulumi_vault/provider.py +48 -53
- pulumi_vault/pulumi-plugin.json +2 -1
- pulumi_vault/quota_lease_count.py +58 -8
- pulumi_vault/quota_rate_limit.py +54 -4
- pulumi_vault/rabbitmq/_inputs.py +61 -0
- pulumi_vault/rabbitmq/outputs.py +5 -0
- pulumi_vault/rabbitmq/secret_backend.py +16 -15
- pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
- pulumi_vault/raft_autopilot.py +12 -11
- pulumi_vault/raft_snapshot_agent_config.py +121 -311
- pulumi_vault/rgp_policy.py +14 -13
- pulumi_vault/saml/auth_backend.py +20 -19
- pulumi_vault/saml/auth_backend_role.py +90 -199
- pulumi_vault/secrets/__init__.py +3 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +56 -75
- pulumi_vault/secrets/sync_aws_destination.py +240 -29
- pulumi_vault/secrets/sync_azure_destination.py +90 -33
- pulumi_vault/secrets/sync_config.py +7 -6
- pulumi_vault/secrets/sync_gcp_destination.py +156 -27
- pulumi_vault/secrets/sync_gh_destination.py +187 -15
- pulumi_vault/secrets/sync_github_apps.py +375 -0
- pulumi_vault/secrets/sync_vercel_destination.py +72 -15
- pulumi_vault/ssh/_inputs.py +28 -32
- pulumi_vault/ssh/outputs.py +11 -32
- pulumi_vault/ssh/secret_backend_ca.py +106 -11
- pulumi_vault/ssh/secret_backend_role.py +83 -120
- pulumi_vault/terraformcloud/secret_backend.py +5 -56
- pulumi_vault/terraformcloud/secret_creds.py +14 -24
- pulumi_vault/terraformcloud/secret_role.py +14 -76
- pulumi_vault/token.py +26 -25
- pulumi_vault/tokenauth/auth_backend_role.py +76 -201
- pulumi_vault/transform/alphabet.py +16 -13
- pulumi_vault/transform/get_decode.py +45 -21
- pulumi_vault/transform/get_encode.py +45 -21
- pulumi_vault/transform/role.py +16 -13
- pulumi_vault/transform/template.py +30 -25
- pulumi_vault/transform/transformation.py +12 -7
- pulumi_vault/transit/get_decrypt.py +26 -25
- pulumi_vault/transit/get_encrypt.py +24 -19
- pulumi_vault/transit/secret_backend_key.py +25 -97
- pulumi_vault/transit/secret_cache_config.py +12 -11
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
- pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
- pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
- {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
pulumi_vault/ssh/_inputs.py
CHANGED
@@ -4,37 +4,46 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
13
18
|
'SecretBackendRoleAllowedUserKeyConfigArgs',
|
19
|
+
'SecretBackendRoleAllowedUserKeyConfigArgsDict',
|
14
20
|
]
|
15
21
|
|
22
|
+
MYPY = False
|
23
|
+
|
24
|
+
if not MYPY:
|
25
|
+
class SecretBackendRoleAllowedUserKeyConfigArgsDict(TypedDict):
|
26
|
+
lengths: pulumi.Input[Sequence[pulumi.Input[int]]]
|
27
|
+
"""
|
28
|
+
List of allowed key lengths, vault-1.10 and above
|
29
|
+
"""
|
30
|
+
type: pulumi.Input[str]
|
31
|
+
"""
|
32
|
+
Key type, choices:
|
33
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
34
|
+
"""
|
35
|
+
elif False:
|
36
|
+
SecretBackendRoleAllowedUserKeyConfigArgsDict: TypeAlias = Mapping[str, Any]
|
37
|
+
|
16
38
|
@pulumi.input_type
|
17
39
|
class SecretBackendRoleAllowedUserKeyConfigArgs:
|
18
40
|
def __init__(__self__, *,
|
19
41
|
lengths: pulumi.Input[Sequence[pulumi.Input[int]]],
|
20
42
|
type: pulumi.Input[str]):
|
21
43
|
"""
|
22
|
-
:param pulumi.Input[Sequence[pulumi.Input[int]]] lengths:
|
23
|
-
|
24
|
-
|
25
|
-
must be set to a single element list.
|
26
|
-
|
27
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
28
|
-
|
29
|
-
<!--Start PulumiCodeChooser -->
|
30
|
-
```python
|
31
|
-
import pulumi
|
32
|
-
```
|
33
|
-
<!--End PulumiCodeChooser -->
|
34
|
-
:param pulumi.Input[str] type: The SSH public key type.
|
35
|
-
*Supported key types are:*
|
36
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
37
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
44
|
+
:param pulumi.Input[Sequence[pulumi.Input[int]]] lengths: List of allowed key lengths, vault-1.10 and above
|
45
|
+
:param pulumi.Input[str] type: Key type, choices:
|
46
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
38
47
|
"""
|
39
48
|
pulumi.set(__self__, "lengths", lengths)
|
40
49
|
pulumi.set(__self__, "type", type)
|
@@ -43,18 +52,7 @@ class SecretBackendRoleAllowedUserKeyConfigArgs:
|
|
43
52
|
@pulumi.getter
|
44
53
|
def lengths(self) -> pulumi.Input[Sequence[pulumi.Input[int]]]:
|
45
54
|
"""
|
46
|
-
|
47
|
-
For key types that do not support setting the length a value of `[0]` should be used.
|
48
|
-
Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
|
49
|
-
must be set to a single element list.
|
50
|
-
|
51
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
52
|
-
|
53
|
-
<!--Start PulumiCodeChooser -->
|
54
|
-
```python
|
55
|
-
import pulumi
|
56
|
-
```
|
57
|
-
<!--End PulumiCodeChooser -->
|
55
|
+
List of allowed key lengths, vault-1.10 and above
|
58
56
|
"""
|
59
57
|
return pulumi.get(self, "lengths")
|
60
58
|
|
@@ -66,10 +64,8 @@ class SecretBackendRoleAllowedUserKeyConfigArgs:
|
|
66
64
|
@pulumi.getter
|
67
65
|
def type(self) -> pulumi.Input[str]:
|
68
66
|
"""
|
69
|
-
|
70
|
-
|
71
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
72
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
67
|
+
Key type, choices:
|
68
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
73
69
|
"""
|
74
70
|
return pulumi.get(self, "type")
|
75
71
|
|
pulumi_vault/ssh/outputs.py
CHANGED
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = [
|
@@ -19,22 +24,9 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
19
24
|
lengths: Sequence[int],
|
20
25
|
type: str):
|
21
26
|
"""
|
22
|
-
:param Sequence[int] lengths:
|
23
|
-
|
24
|
-
|
25
|
-
must be set to a single element list.
|
26
|
-
|
27
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
28
|
-
|
29
|
-
<!--Start PulumiCodeChooser -->
|
30
|
-
```python
|
31
|
-
import pulumi
|
32
|
-
```
|
33
|
-
<!--End PulumiCodeChooser -->
|
34
|
-
:param str type: The SSH public key type.
|
35
|
-
*Supported key types are:*
|
36
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
37
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
27
|
+
:param Sequence[int] lengths: List of allowed key lengths, vault-1.10 and above
|
28
|
+
:param str type: Key type, choices:
|
29
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
38
30
|
"""
|
39
31
|
pulumi.set(__self__, "lengths", lengths)
|
40
32
|
pulumi.set(__self__, "type", type)
|
@@ -43,18 +35,7 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
43
35
|
@pulumi.getter
|
44
36
|
def lengths(self) -> Sequence[int]:
|
45
37
|
"""
|
46
|
-
|
47
|
-
For key types that do not support setting the length a value of `[0]` should be used.
|
48
|
-
Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length`
|
49
|
-
must be set to a single element list.
|
50
|
-
|
51
|
-
Example configuration blocks that might be included in the `ssh.SecretBackendRole`
|
52
|
-
|
53
|
-
<!--Start PulumiCodeChooser -->
|
54
|
-
```python
|
55
|
-
import pulumi
|
56
|
-
```
|
57
|
-
<!--End PulumiCodeChooser -->
|
38
|
+
List of allowed key lengths, vault-1.10 and above
|
58
39
|
"""
|
59
40
|
return pulumi.get(self, "lengths")
|
60
41
|
|
@@ -62,10 +43,8 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
62
43
|
@pulumi.getter
|
63
44
|
def type(self) -> str:
|
64
45
|
"""
|
65
|
-
|
66
|
-
|
67
|
-
`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,
|
68
|
-
`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`
|
46
|
+
Key type, choices:
|
47
|
+
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
69
48
|
"""
|
70
49
|
return pulumi.get(self, "type")
|
71
50
|
|
@@ -4,9 +4,14 @@
|
|
4
4
|
|
5
5
|
import copy
|
6
6
|
import warnings
|
7
|
+
import sys
|
7
8
|
import pulumi
|
8
9
|
import pulumi.runtime
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
10
15
|
from .. import _utilities
|
11
16
|
|
12
17
|
__all__ = ['SecretBackendCaArgs', 'SecretBackendCa']
|
@@ -16,6 +21,8 @@ class SecretBackendCaArgs:
|
|
16
21
|
def __init__(__self__, *,
|
17
22
|
backend: Optional[pulumi.Input[str]] = None,
|
18
23
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
24
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
25
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
19
26
|
namespace: Optional[pulumi.Input[str]] = None,
|
20
27
|
private_key: Optional[pulumi.Input[str]] = None,
|
21
28
|
public_key: Optional[pulumi.Input[str]] = None):
|
@@ -23,9 +30,11 @@ class SecretBackendCaArgs:
|
|
23
30
|
The set of arguments for constructing a SecretBackendCa resource.
|
24
31
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
25
32
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
33
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
34
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
26
35
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
27
36
|
The value should not contain leading or trailing forward slashes.
|
28
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
37
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
29
38
|
*Available only for Vault Enterprise*.
|
30
39
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
31
40
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -34,6 +43,10 @@ class SecretBackendCaArgs:
|
|
34
43
|
pulumi.set(__self__, "backend", backend)
|
35
44
|
if generate_signing_key is not None:
|
36
45
|
pulumi.set(__self__, "generate_signing_key", generate_signing_key)
|
46
|
+
if key_bits is not None:
|
47
|
+
pulumi.set(__self__, "key_bits", key_bits)
|
48
|
+
if key_type is not None:
|
49
|
+
pulumi.set(__self__, "key_type", key_type)
|
37
50
|
if namespace is not None:
|
38
51
|
pulumi.set(__self__, "namespace", namespace)
|
39
52
|
if private_key is not None:
|
@@ -65,13 +78,37 @@ class SecretBackendCaArgs:
|
|
65
78
|
def generate_signing_key(self, value: Optional[pulumi.Input[bool]]):
|
66
79
|
pulumi.set(self, "generate_signing_key", value)
|
67
80
|
|
81
|
+
@property
|
82
|
+
@pulumi.getter(name="keyBits")
|
83
|
+
def key_bits(self) -> Optional[pulumi.Input[int]]:
|
84
|
+
"""
|
85
|
+
Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
86
|
+
"""
|
87
|
+
return pulumi.get(self, "key_bits")
|
88
|
+
|
89
|
+
@key_bits.setter
|
90
|
+
def key_bits(self, value: Optional[pulumi.Input[int]]):
|
91
|
+
pulumi.set(self, "key_bits", value)
|
92
|
+
|
93
|
+
@property
|
94
|
+
@pulumi.getter(name="keyType")
|
95
|
+
def key_type(self) -> Optional[pulumi.Input[str]]:
|
96
|
+
"""
|
97
|
+
Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
98
|
+
"""
|
99
|
+
return pulumi.get(self, "key_type")
|
100
|
+
|
101
|
+
@key_type.setter
|
102
|
+
def key_type(self, value: Optional[pulumi.Input[str]]):
|
103
|
+
pulumi.set(self, "key_type", value)
|
104
|
+
|
68
105
|
@property
|
69
106
|
@pulumi.getter
|
70
107
|
def namespace(self) -> Optional[pulumi.Input[str]]:
|
71
108
|
"""
|
72
109
|
The namespace to provision the resource in.
|
73
110
|
The value should not contain leading or trailing forward slashes.
|
74
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
111
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
75
112
|
*Available only for Vault Enterprise*.
|
76
113
|
"""
|
77
114
|
return pulumi.get(self, "namespace")
|
@@ -110,6 +147,8 @@ class _SecretBackendCaState:
|
|
110
147
|
def __init__(__self__, *,
|
111
148
|
backend: Optional[pulumi.Input[str]] = None,
|
112
149
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
150
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
151
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
113
152
|
namespace: Optional[pulumi.Input[str]] = None,
|
114
153
|
private_key: Optional[pulumi.Input[str]] = None,
|
115
154
|
public_key: Optional[pulumi.Input[str]] = None):
|
@@ -117,9 +156,11 @@ class _SecretBackendCaState:
|
|
117
156
|
Input properties used for looking up and filtering SecretBackendCa resources.
|
118
157
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
119
158
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
159
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
160
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
120
161
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
121
162
|
The value should not contain leading or trailing forward slashes.
|
122
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
163
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
123
164
|
*Available only for Vault Enterprise*.
|
124
165
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
125
166
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -128,6 +169,10 @@ class _SecretBackendCaState:
|
|
128
169
|
pulumi.set(__self__, "backend", backend)
|
129
170
|
if generate_signing_key is not None:
|
130
171
|
pulumi.set(__self__, "generate_signing_key", generate_signing_key)
|
172
|
+
if key_bits is not None:
|
173
|
+
pulumi.set(__self__, "key_bits", key_bits)
|
174
|
+
if key_type is not None:
|
175
|
+
pulumi.set(__self__, "key_type", key_type)
|
131
176
|
if namespace is not None:
|
132
177
|
pulumi.set(__self__, "namespace", namespace)
|
133
178
|
if private_key is not None:
|
@@ -159,13 +204,37 @@ class _SecretBackendCaState:
|
|
159
204
|
def generate_signing_key(self, value: Optional[pulumi.Input[bool]]):
|
160
205
|
pulumi.set(self, "generate_signing_key", value)
|
161
206
|
|
207
|
+
@property
|
208
|
+
@pulumi.getter(name="keyBits")
|
209
|
+
def key_bits(self) -> Optional[pulumi.Input[int]]:
|
210
|
+
"""
|
211
|
+
Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
212
|
+
"""
|
213
|
+
return pulumi.get(self, "key_bits")
|
214
|
+
|
215
|
+
@key_bits.setter
|
216
|
+
def key_bits(self, value: Optional[pulumi.Input[int]]):
|
217
|
+
pulumi.set(self, "key_bits", value)
|
218
|
+
|
219
|
+
@property
|
220
|
+
@pulumi.getter(name="keyType")
|
221
|
+
def key_type(self) -> Optional[pulumi.Input[str]]:
|
222
|
+
"""
|
223
|
+
Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
224
|
+
"""
|
225
|
+
return pulumi.get(self, "key_type")
|
226
|
+
|
227
|
+
@key_type.setter
|
228
|
+
def key_type(self, value: Optional[pulumi.Input[str]]):
|
229
|
+
pulumi.set(self, "key_type", value)
|
230
|
+
|
162
231
|
@property
|
163
232
|
@pulumi.getter
|
164
233
|
def namespace(self) -> Optional[pulumi.Input[str]]:
|
165
234
|
"""
|
166
235
|
The namespace to provision the resource in.
|
167
236
|
The value should not contain leading or trailing forward slashes.
|
168
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
237
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
169
238
|
*Available only for Vault Enterprise*.
|
170
239
|
"""
|
171
240
|
return pulumi.get(self, "namespace")
|
@@ -206,6 +275,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
206
275
|
opts: Optional[pulumi.ResourceOptions] = None,
|
207
276
|
backend: Optional[pulumi.Input[str]] = None,
|
208
277
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
278
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
279
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
209
280
|
namespace: Optional[pulumi.Input[str]] = None,
|
210
281
|
private_key: Optional[pulumi.Input[str]] = None,
|
211
282
|
public_key: Optional[pulumi.Input[str]] = None,
|
@@ -216,7 +287,6 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
216
287
|
|
217
288
|
## Example Usage
|
218
289
|
|
219
|
-
<!--Start PulumiCodeChooser -->
|
220
290
|
```python
|
221
291
|
import pulumi
|
222
292
|
import pulumi_vault as vault
|
@@ -224,7 +294,6 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
224
294
|
example = vault.Mount("example", type="ssh")
|
225
295
|
foo = vault.ssh.SecretBackendCa("foo", backend=example.path)
|
226
296
|
```
|
227
|
-
<!--End PulumiCodeChooser -->
|
228
297
|
|
229
298
|
## Import
|
230
299
|
|
@@ -238,9 +307,11 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
238
307
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
239
308
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
240
309
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
310
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
311
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
241
312
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
242
313
|
The value should not contain leading or trailing forward slashes.
|
243
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
314
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
244
315
|
*Available only for Vault Enterprise*.
|
245
316
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
246
317
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -257,7 +328,6 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
257
328
|
|
258
329
|
## Example Usage
|
259
330
|
|
260
|
-
<!--Start PulumiCodeChooser -->
|
261
331
|
```python
|
262
332
|
import pulumi
|
263
333
|
import pulumi_vault as vault
|
@@ -265,7 +335,6 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
265
335
|
example = vault.Mount("example", type="ssh")
|
266
336
|
foo = vault.ssh.SecretBackendCa("foo", backend=example.path)
|
267
337
|
```
|
268
|
-
<!--End PulumiCodeChooser -->
|
269
338
|
|
270
339
|
## Import
|
271
340
|
|
@@ -292,6 +361,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
292
361
|
opts: Optional[pulumi.ResourceOptions] = None,
|
293
362
|
backend: Optional[pulumi.Input[str]] = None,
|
294
363
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
364
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
365
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
295
366
|
namespace: Optional[pulumi.Input[str]] = None,
|
296
367
|
private_key: Optional[pulumi.Input[str]] = None,
|
297
368
|
public_key: Optional[pulumi.Input[str]] = None,
|
@@ -306,6 +377,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
306
377
|
|
307
378
|
__props__.__dict__["backend"] = backend
|
308
379
|
__props__.__dict__["generate_signing_key"] = generate_signing_key
|
380
|
+
__props__.__dict__["key_bits"] = key_bits
|
381
|
+
__props__.__dict__["key_type"] = key_type
|
309
382
|
__props__.__dict__["namespace"] = namespace
|
310
383
|
__props__.__dict__["private_key"] = None if private_key is None else pulumi.Output.secret(private_key)
|
311
384
|
__props__.__dict__["public_key"] = public_key
|
@@ -323,6 +396,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
323
396
|
opts: Optional[pulumi.ResourceOptions] = None,
|
324
397
|
backend: Optional[pulumi.Input[str]] = None,
|
325
398
|
generate_signing_key: Optional[pulumi.Input[bool]] = None,
|
399
|
+
key_bits: Optional[pulumi.Input[int]] = None,
|
400
|
+
key_type: Optional[pulumi.Input[str]] = None,
|
326
401
|
namespace: Optional[pulumi.Input[str]] = None,
|
327
402
|
private_key: Optional[pulumi.Input[str]] = None,
|
328
403
|
public_key: Optional[pulumi.Input[str]] = None) -> 'SecretBackendCa':
|
@@ -335,9 +410,11 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
335
410
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
336
411
|
:param pulumi.Input[str] backend: The path where the SSH secret backend is mounted. Defaults to 'ssh'
|
337
412
|
:param pulumi.Input[bool] generate_signing_key: Whether Vault should generate the signing key pair internally. Defaults to true
|
413
|
+
:param pulumi.Input[int] key_bits: Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
414
|
+
:param pulumi.Input[str] key_type: Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
338
415
|
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
339
416
|
The value should not contain leading or trailing forward slashes.
|
340
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
417
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
341
418
|
*Available only for Vault Enterprise*.
|
342
419
|
:param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false.
|
343
420
|
:param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false.
|
@@ -348,6 +425,8 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
348
425
|
|
349
426
|
__props__.__dict__["backend"] = backend
|
350
427
|
__props__.__dict__["generate_signing_key"] = generate_signing_key
|
428
|
+
__props__.__dict__["key_bits"] = key_bits
|
429
|
+
__props__.__dict__["key_type"] = key_type
|
351
430
|
__props__.__dict__["namespace"] = namespace
|
352
431
|
__props__.__dict__["private_key"] = private_key
|
353
432
|
__props__.__dict__["public_key"] = public_key
|
@@ -369,13 +448,29 @@ class SecretBackendCa(pulumi.CustomResource):
|
|
369
448
|
"""
|
370
449
|
return pulumi.get(self, "generate_signing_key")
|
371
450
|
|
451
|
+
@property
|
452
|
+
@pulumi.getter(name="keyBits")
|
453
|
+
def key_bits(self) -> pulumi.Output[Optional[int]]:
|
454
|
+
"""
|
455
|
+
Specifies the desired key bits for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
456
|
+
"""
|
457
|
+
return pulumi.get(self, "key_bits")
|
458
|
+
|
459
|
+
@property
|
460
|
+
@pulumi.getter(name="keyType")
|
461
|
+
def key_type(self) -> pulumi.Output[Optional[str]]:
|
462
|
+
"""
|
463
|
+
Specifies the desired key type for the generated SSH CA key when `generate_signing_key` is set to `true`.
|
464
|
+
"""
|
465
|
+
return pulumi.get(self, "key_type")
|
466
|
+
|
372
467
|
@property
|
373
468
|
@pulumi.getter
|
374
469
|
def namespace(self) -> pulumi.Output[Optional[str]]:
|
375
470
|
"""
|
376
471
|
The namespace to provision the resource in.
|
377
472
|
The value should not contain leading or trailing forward slashes.
|
378
|
-
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
473
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
379
474
|
*Available only for Vault Enterprise*.
|
380
475
|
"""
|
381
476
|
return pulumi.get(self, "namespace")
|