pulumi-vault 5.21.0a1711033014__py3-none-any.whl → 6.0.0__py3-none-any.whl

pulumi_vault/secrets/sync_gcp_destination.py

@@ -18,6 +18,7 @@ class SyncGcpDestinationArgs:
                  custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
+                 project_id: Optional[pulumi.Input[str]] = None,
                  secret_name_template: Optional[pulumi.Input[str]] = None):
         """
         The set of arguments for constructing a SyncGcpDestination resource.
@@ -28,7 +29,11 @@ class SyncGcpDestinationArgs:
         :param pulumi.Input[str] name: Unique name of the GCP destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        :param pulumi.Input[str] project_id: The target project to manage secrets in. If set,
+               overrides the project ID derived from the service account JSON credentials or application
+               default credentials. The service account must be [authorized](https://cloud.google.com/iam/docs/service-account-overview#locations)
+               to perform Secret Manager actions in the target project.
         :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
                Supports a subset of the Go Template syntax.
         """
@@ -40,6 +45,8 @@ class SyncGcpDestinationArgs:
             pulumi.set(__self__, "name", name)
         if namespace is not None:
             pulumi.set(__self__, "namespace", namespace)
+        if project_id is not None:
+            pulumi.set(__self__, "project_id", project_id)
         if secret_name_template is not None:
             pulumi.set(__self__, "secret_name_template", secret_name_template)
 
@@ -87,7 +94,7 @@ class SyncGcpDestinationArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
 
@@ -95,6 +102,21 @@ class SyncGcpDestinationArgs:
     def namespace(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "namespace", value)
 
+    @property
+    @pulumi.getter(name="projectId")
+    def project_id(self) -> Optional[pulumi.Input[str]]:
+        """
+        The target project to manage secrets in. If set,
+        overrides the project ID derived from the service account JSON credentials or application
+        default credentials. The service account must be [authorized](https://cloud.google.com/iam/docs/service-account-overview#locations)
+        to perform Secret Manager actions in the target project.
+        """
+        return pulumi.get(self, "project_id")
+
+    @project_id.setter
+    def project_id(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "project_id", value)
+
     @property
     @pulumi.getter(name="secretNameTemplate")
     def secret_name_template(self) -> Optional[pulumi.Input[str]]:
@@ -116,6 +138,7 @@ class _SyncGcpDestinationState:
                  custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
+                 project_id: Optional[pulumi.Input[str]] = None,
                  secret_name_template: Optional[pulumi.Input[str]] = None,
                  type: Optional[pulumi.Input[str]] = None):
         """
@@ -127,7 +150,11 @@ class _SyncGcpDestinationState:
         :param pulumi.Input[str] name: Unique name of the GCP destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        :param pulumi.Input[str] project_id: The target project to manage secrets in. If set,
+               overrides the project ID derived from the service account JSON credentials or application
+               default credentials. The service account must be [authorized](https://cloud.google.com/iam/docs/service-account-overview#locations)
+               to perform Secret Manager actions in the target project.
         :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
                Supports a subset of the Go Template syntax.
         :param pulumi.Input[str] type: The type of the secrets destination (`gcp-sm`).
@@ -140,6 +167,8 @@ class _SyncGcpDestinationState:
             pulumi.set(__self__, "name", name)
         if namespace is not None:
             pulumi.set(__self__, "namespace", namespace)
+        if project_id is not None:
+            pulumi.set(__self__, "project_id", project_id)
         if secret_name_template is not None:
             pulumi.set(__self__, "secret_name_template", secret_name_template)
         if type is not None:
@@ -189,7 +218,7 @@ class _SyncGcpDestinationState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
 
@@ -197,6 +226,21 @@ class _SyncGcpDestinationState:
     def namespace(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "namespace", value)
 
+    @property
+    @pulumi.getter(name="projectId")
+    def project_id(self) -> Optional[pulumi.Input[str]]:
+        """
+        The target project to manage secrets in. If set,
+        overrides the project ID derived from the service account JSON credentials or application
+        default credentials. The service account must be [authorized](https://cloud.google.com/iam/docs/service-account-overview#locations)
+        to perform Secret Manager actions in the target project.
+        """
+        return pulumi.get(self, "project_id")
+
+    @project_id.setter
+    def project_id(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "project_id", value)
+
     @property
     @pulumi.getter(name="secretNameTemplate")
     def secret_name_template(self) -> Optional[pulumi.Input[str]]:
@@ -232,6 +276,7 @@ class SyncGcpDestination(pulumi.CustomResource):
                  custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
+                 project_id: Optional[pulumi.Input[str]] = None,
                  secret_name_template: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
@@ -243,6 +288,7 @@ class SyncGcpDestination(pulumi.CustomResource):
         import pulumi_vault as vault
 
         gcp = vault.secrets.SyncGcpDestination("gcp",
+            project_id="gcp-project-id",
             credentials=(lambda path: open(path).read())(var["credentials_file"]),
             secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
             custom_tags={
@@ -268,7 +314,11 @@ class SyncGcpDestination(pulumi.CustomResource):
         :param pulumi.Input[str] name: Unique name of the GCP destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        :param pulumi.Input[str] project_id: The target project to manage secrets in. If set,
+               overrides the project ID derived from the service account JSON credentials or application
+               default credentials. The service account must be [authorized](https://cloud.google.com/iam/docs/service-account-overview#locations)
+               to perform Secret Manager actions in the target project.
         :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
                Supports a subset of the Go Template syntax.
         """
@@ -287,6 +337,7 @@ class SyncGcpDestination(pulumi.CustomResource):
         import pulumi_vault as vault
 
         gcp = vault.secrets.SyncGcpDestination("gcp",
+            project_id="gcp-project-id",
             credentials=(lambda path: open(path).read())(var["credentials_file"]),
             secret_name_template="vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}",
             custom_tags={
@@ -322,6 +373,7 @@ class SyncGcpDestination(pulumi.CustomResource):
                  custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
+                 project_id: Optional[pulumi.Input[str]] = None,
                  secret_name_template: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -336,6 +388,7 @@ class SyncGcpDestination(pulumi.CustomResource):
             __props__.__dict__["custom_tags"] = custom_tags
             __props__.__dict__["name"] = name
             __props__.__dict__["namespace"] = namespace
+            __props__.__dict__["project_id"] = project_id
             __props__.__dict__["secret_name_template"] = secret_name_template
             __props__.__dict__["type"] = None
         secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["credentials"])
@@ -354,6 +407,7 @@ class SyncGcpDestination(pulumi.CustomResource):
             custom_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
             name: Optional[pulumi.Input[str]] = None,
             namespace: Optional[pulumi.Input[str]] = None,
+            project_id: Optional[pulumi.Input[str]] = None,
             secret_name_template: Optional[pulumi.Input[str]] = None,
             type: Optional[pulumi.Input[str]] = None) -> 'SyncGcpDestination':
         """
@@ -370,7 +424,11 @@ class SyncGcpDestination(pulumi.CustomResource):
         :param pulumi.Input[str] name: Unique name of the GCP destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        :param pulumi.Input[str] project_id: The target project to manage secrets in. If set,
+               overrides the project ID derived from the service account JSON credentials or application
+               default credentials. The service account must be [authorized](https://cloud.google.com/iam/docs/service-account-overview#locations)
+               to perform Secret Manager actions in the target project.
         :param pulumi.Input[str] secret_name_template: Template describing how to generate external secret names.
                Supports a subset of the Go Template syntax.
         :param pulumi.Input[str] type: The type of the secrets destination (`gcp-sm`).
@@ -383,6 +441,7 @@ class SyncGcpDestination(pulumi.CustomResource):
         __props__.__dict__["custom_tags"] = custom_tags
         __props__.__dict__["name"] = name
         __props__.__dict__["namespace"] = namespace
+        __props__.__dict__["project_id"] = project_id
         __props__.__dict__["secret_name_template"] = secret_name_template
         __props__.__dict__["type"] = type
         return SyncGcpDestination(resource_name, opts=opts, __props__=__props__)
@@ -419,10 +478,21 @@ class SyncGcpDestination(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
 
+    @property
+    @pulumi.getter(name="projectId")
+    def project_id(self) -> pulumi.Output[Optional[str]]:
+        """
+        The target project to manage secrets in. If set,
+        overrides the project ID derived from the service account JSON credentials or application
+        default credentials. The service account must be [authorized](https://cloud.google.com/iam/docs/service-account-overview#locations)
+        to perform Secret Manager actions in the target project.
+        """
+        return pulumi.get(self, "project_id")
+
     @property
     @pulumi.getter(name="secretNameTemplate")
     def secret_name_template(self) -> pulumi.Output[str]:

pulumi_vault/secrets/sync_gh_destination.py

@@ -15,6 +15,8 @@ __all__ = ['SyncGhDestinationArgs', 'SyncGhDestination']
 class SyncGhDestinationArgs:
     def __init__(__self__, *,
                  access_token: Optional[pulumi.Input[str]] = None,
+                 app_name: Optional[pulumi.Input[str]] = None,
+                 installation_id: Optional[pulumi.Input[int]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  repository_name: Optional[pulumi.Input[str]] = None,
@@ -25,10 +27,15 @@ class SyncGhDestinationArgs:
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
+               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+               Takes precedence over the `access_token` field.
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+               was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         :param pulumi.Input[str] repository_name: Name of the repository.
                Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
                variable.
@@ -40,6 +47,10 @@ class SyncGhDestinationArgs:
         """
         if access_token is not None:
             pulumi.set(__self__, "access_token", access_token)
+        if app_name is not None:
+            pulumi.set(__self__, "app_name", app_name)
+        if installation_id is not None:
+            pulumi.set(__self__, "installation_id", installation_id)
         if name is not None:
             pulumi.set(__self__, "name", name)
         if namespace is not None:
@@ -65,6 +76,33 @@ class SyncGhDestinationArgs:
     def access_token(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "access_token", value)
 
+    @property
+    @pulumi.getter(name="appName")
+    def app_name(self) -> Optional[pulumi.Input[str]]:
+        """
+        The user-defined name of the GitHub App configuration. This is a reference to the name used   
+        on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        Takes precedence over the `access_token` field.
+        """
+        return pulumi.get(self, "app_name")
+
+    @app_name.setter
+    def app_name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "app_name", value)
+
+    @property
+    @pulumi.getter(name="installationId")
+    def installation_id(self) -> Optional[pulumi.Input[int]]:
+        """
+        The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
+        """
+        return pulumi.get(self, "installation_id")
+
+    @installation_id.setter
+    def installation_id(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "installation_id", value)
+
     @property
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
@@ -83,7 +121,7 @@ class SyncGhDestinationArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
 
@@ -137,6 +175,8 @@ class SyncGhDestinationArgs:
 class _SyncGhDestinationState:
     def __init__(__self__, *,
                  access_token: Optional[pulumi.Input[str]] = None,
+                 app_name: Optional[pulumi.Input[str]] = None,
+                 installation_id: Optional[pulumi.Input[int]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  repository_name: Optional[pulumi.Input[str]] = None,
@@ -148,10 +188,15 @@ class _SyncGhDestinationState:
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
+               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+               Takes precedence over the `access_token` field.
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+               was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         :param pulumi.Input[str] repository_name: Name of the repository.
                Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
                variable.
@@ -164,6 +209,10 @@ class _SyncGhDestinationState:
         """
         if access_token is not None:
             pulumi.set(__self__, "access_token", access_token)
+        if app_name is not None:
+            pulumi.set(__self__, "app_name", app_name)
+        if installation_id is not None:
+            pulumi.set(__self__, "installation_id", installation_id)
         if name is not None:
             pulumi.set(__self__, "name", name)
         if namespace is not None:
@@ -191,6 +240,33 @@ class _SyncGhDestinationState:
     def access_token(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "access_token", value)
 
+    @property
+    @pulumi.getter(name="appName")
+    def app_name(self) -> Optional[pulumi.Input[str]]:
+        """
+        The user-defined name of the GitHub App configuration. This is a reference to the name used   
+        on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        Takes precedence over the `access_token` field.
+        """
+        return pulumi.get(self, "app_name")
+
+    @app_name.setter
+    def app_name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "app_name", value)
+
+    @property
+    @pulumi.getter(name="installationId")
+    def installation_id(self) -> Optional[pulumi.Input[int]]:
+        """
+        The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
+        """
+        return pulumi.get(self, "installation_id")
+
+    @installation_id.setter
+    def installation_id(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "installation_id", value)
+
     @property
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
@@ -209,7 +285,7 @@ class _SyncGhDestinationState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")
 
@@ -277,6 +353,8 @@ class SyncGhDestination(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  access_token: Optional[pulumi.Input[str]] = None,
+                 app_name: Optional[pulumi.Input[str]] = None,
+                 installation_id: Optional[pulumi.Input[int]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  repository_name: Optional[pulumi.Input[str]] = None,
@@ -312,10 +390,15 @@ class SyncGhDestination(pulumi.CustomResource):
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
+               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+               Takes precedence over the `access_token` field.
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+               was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         :param pulumi.Input[str] repository_name: Name of the repository.
                Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
                variable.
@@ -371,6 +454,8 @@ class SyncGhDestination(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  access_token: Optional[pulumi.Input[str]] = None,
+                 app_name: Optional[pulumi.Input[str]] = None,
+                 installation_id: Optional[pulumi.Input[int]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  repository_name: Optional[pulumi.Input[str]] = None,
@@ -386,6 +471,8 @@ class SyncGhDestination(pulumi.CustomResource):
             __props__ = SyncGhDestinationArgs.__new__(SyncGhDestinationArgs)
 
             __props__.__dict__["access_token"] = None if access_token is None else pulumi.Output.secret(access_token)
+            __props__.__dict__["app_name"] = app_name
+            __props__.__dict__["installation_id"] = installation_id
             __props__.__dict__["name"] = name
             __props__.__dict__["namespace"] = namespace
             __props__.__dict__["repository_name"] = repository_name
@@ -405,6 +492,8 @@ class SyncGhDestination(pulumi.CustomResource):
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
             access_token: Optional[pulumi.Input[str]] = None,
+            app_name: Optional[pulumi.Input[str]] = None,
+            installation_id: Optional[pulumi.Input[int]] = None,
             name: Optional[pulumi.Input[str]] = None,
             namespace: Optional[pulumi.Input[str]] = None,
             repository_name: Optional[pulumi.Input[str]] = None,
@@ -421,10 +510,15 @@ class SyncGhDestination(pulumi.CustomResource):
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
+               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+               Takes precedence over the `access_token` field.
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+               was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         :param pulumi.Input[str] repository_name: Name of the repository.
                Can be omitted and directly provided to Vault using the `GITHUB_REPOSITORY_NAME` environment
                variable.
@@ -440,6 +534,8 @@ class SyncGhDestination(pulumi.CustomResource):
         __props__ = _SyncGhDestinationState.__new__(_SyncGhDestinationState)
 
         __props__.__dict__["access_token"] = access_token
+        __props__.__dict__["app_name"] = app_name
+        __props__.__dict__["installation_id"] = installation_id
         __props__.__dict__["name"] = name
         __props__.__dict__["namespace"] = namespace
         __props__.__dict__["repository_name"] = repository_name
@@ -458,6 +554,25 @@ class SyncGhDestination(pulumi.CustomResource):
         """
         return pulumi.get(self, "access_token")
 
+    @property
+    @pulumi.getter(name="appName")
+    def app_name(self) -> pulumi.Output[Optional[str]]:
+        """
+        The user-defined name of the GitHub App configuration. This is a reference to the name used   
+        on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        Takes precedence over the `access_token` field.
+        """
+        return pulumi.get(self, "app_name")
+
+    @property
+    @pulumi.getter(name="installationId")
+    def installation_id(self) -> pulumi.Output[Optional[int]]:
+        """
+        The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
+        """
+        return pulumi.get(self, "installation_id")
+
     @property
     @pulumi.getter
     def name(self) -> pulumi.Output[str]:
@@ -472,7 +587,7 @@ class SyncGhDestination(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         """
         return pulumi.get(self, "namespace")