PyPI - pulumi-vault - Versions diffs - 6.3.0a1723010642__py3-none-any.whl → 6.3.1__py3-none-any.whl - Mend

pulumi-vault 6.3.0a1723010642py3-none-any.whl → 6.3.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (226) hide show

pulumi_vault/_inputs.py +560 -0
pulumi_vault/_utilities.py +1 -1
pulumi_vault/ad/get_access_credentials.py +19 -4
pulumi_vault/ad/secret_backend.py +5 -0
pulumi_vault/ad/secret_library.py +5 -0
pulumi_vault/ad/secret_role.py +5 -0
pulumi_vault/alicloud/auth_backend_role.py +5 -0
pulumi_vault/approle/auth_backend_login.py +5 -0
pulumi_vault/approle/auth_backend_role.py +5 -0
pulumi_vault/approle/auth_backend_role_secret_id.py +5 -0
pulumi_vault/approle/get_auth_backend_role_id.py +17 -4
pulumi_vault/audit.py +5 -0
pulumi_vault/audit_request_header.py +5 -0
pulumi_vault/auth_backend.py +10 -5
pulumi_vault/aws/auth_backend_cert.py +5 -0
pulumi_vault/aws/auth_backend_client.py +5 -0
pulumi_vault/aws/auth_backend_config_identity.py +5 -0
pulumi_vault/aws/auth_backend_identity_whitelist.py +5 -0
pulumi_vault/aws/auth_backend_login.py +12 -7
pulumi_vault/aws/auth_backend_role.py +5 -0
pulumi_vault/aws/auth_backend_role_tag.py +5 -0
pulumi_vault/aws/auth_backend_roletag_blacklist.py +5 -0
pulumi_vault/aws/auth_backend_sts_role.py +5 -0
pulumi_vault/aws/get_access_credentials.py +31 -4
pulumi_vault/aws/get_static_access_credentials.py +18 -4
pulumi_vault/aws/secret_backend.py +5 -0
pulumi_vault/aws/secret_backend_role.py +120 -0
pulumi_vault/aws/secret_backend_static_role.py +5 -0
pulumi_vault/azure/_inputs.py +24 -0
pulumi_vault/azure/auth_backend_config.py +5 -0
pulumi_vault/azure/auth_backend_role.py +5 -0
pulumi_vault/azure/backend.py +5 -0
pulumi_vault/azure/backend_role.py +23 -18
pulumi_vault/azure/get_access_credentials.py +36 -4
pulumi_vault/azure/outputs.py +5 -0
pulumi_vault/cert_auth_backend_role.py +5 -0
pulumi_vault/config/__init__.pyi +5 -0
pulumi_vault/config/_inputs.py +21 -0
pulumi_vault/config/outputs.py +5 -0
pulumi_vault/config/ui_custom_message.py +24 -19
pulumi_vault/config/vars.py +5 -0
pulumi_vault/consul/secret_backend.py +5 -0
pulumi_vault/consul/secret_backend_role.py +5 -0
pulumi_vault/database/_inputs.py +2091 -140
pulumi_vault/database/outputs.py +59 -54
pulumi_vault/database/secret_backend_connection.py +115 -110
pulumi_vault/database/secret_backend_role.py +25 -20
pulumi_vault/database/secret_backend_static_role.py +11 -6
pulumi_vault/database/secrets_mount.py +139 -134
pulumi_vault/egp_policy.py +5 -0
pulumi_vault/gcp/_inputs.py +111 -0
pulumi_vault/gcp/auth_backend.py +15 -10
pulumi_vault/gcp/auth_backend_role.py +5 -0
pulumi_vault/gcp/get_auth_backend_role.py +42 -4
pulumi_vault/gcp/outputs.py +5 -0
pulumi_vault/gcp/secret_backend.py +5 -0
pulumi_vault/gcp/secret_impersonated_account.py +5 -0
pulumi_vault/gcp/secret_roleset.py +18 -13
pulumi_vault/gcp/secret_static_account.py +18 -13
pulumi_vault/generic/endpoint.py +5 -0
pulumi_vault/generic/get_secret.py +25 -5
pulumi_vault/generic/secret.py +12 -7
pulumi_vault/get_auth_backend.py +21 -4
pulumi_vault/get_auth_backends.py +16 -4
pulumi_vault/get_namespace.py +18 -5
pulumi_vault/get_namespaces.py +13 -4
pulumi_vault/get_nomad_access_token.py +28 -8
pulumi_vault/get_policy_document.py +27 -16
pulumi_vault/get_raft_autopilot_state.py +26 -7
pulumi_vault/github/_inputs.py +55 -0
pulumi_vault/github/auth_backend.py +10 -5
pulumi_vault/github/outputs.py +5 -0
pulumi_vault/github/team.py +5 -0
pulumi_vault/github/user.py +5 -0
pulumi_vault/identity/entity.py +5 -0
pulumi_vault/identity/entity_alias.py +5 -0
pulumi_vault/identity/entity_policies.py +5 -0
pulumi_vault/identity/get_entity.py +37 -7
pulumi_vault/identity/get_group.py +42 -6
pulumi_vault/identity/get_oidc_client_creds.py +16 -4
pulumi_vault/identity/get_oidc_openid_config.py +26 -4
pulumi_vault/identity/get_oidc_public_keys.py +16 -5
pulumi_vault/identity/group.py +5 -0
pulumi_vault/identity/group_alias.py +5 -0
pulumi_vault/identity/group_member_entity_ids.py +5 -0
pulumi_vault/identity/group_member_group_ids.py +5 -0
pulumi_vault/identity/group_policies.py +5 -0
pulumi_vault/identity/mfa_duo.py +5 -0
pulumi_vault/identity/mfa_login_enforcement.py +5 -0
pulumi_vault/identity/mfa_okta.py +5 -0
pulumi_vault/identity/mfa_pingid.py +5 -0
pulumi_vault/identity/mfa_totp.py +5 -0
pulumi_vault/identity/oidc.py +5 -0
pulumi_vault/identity/oidc_assignment.py +5 -0
pulumi_vault/identity/oidc_client.py +5 -0
pulumi_vault/identity/oidc_key.py +5 -0
pulumi_vault/identity/oidc_key_allowed_client_id.py +5 -0
pulumi_vault/identity/oidc_provider.py +5 -0
pulumi_vault/identity/oidc_role.py +5 -0
pulumi_vault/identity/oidc_scope.py +5 -0
pulumi_vault/identity/outputs.py +8 -3
pulumi_vault/jwt/_inputs.py +55 -0
pulumi_vault/jwt/auth_backend.py +14 -9
pulumi_vault/jwt/auth_backend_role.py +33 -28
pulumi_vault/jwt/outputs.py +5 -0
pulumi_vault/kmip/secret_backend.py +5 -0
pulumi_vault/kmip/secret_role.py +5 -0
pulumi_vault/kmip/secret_scope.py +5 -0
pulumi_vault/kubernetes/auth_backend_config.py +5 -0
pulumi_vault/kubernetes/auth_backend_role.py +5 -0
pulumi_vault/kubernetes/get_auth_backend_config.py +26 -4
pulumi_vault/kubernetes/get_auth_backend_role.py +39 -4
pulumi_vault/kubernetes/get_service_account_token.py +28 -4
pulumi_vault/kubernetes/secret_backend.py +19 -14
pulumi_vault/kubernetes/secret_backend_role.py +5 -0
pulumi_vault/kv/_inputs.py +36 -4
pulumi_vault/kv/get_secret.py +20 -5
pulumi_vault/kv/get_secret_subkeys_v2.py +24 -5
pulumi_vault/kv/get_secret_v2.py +27 -6
pulumi_vault/kv/get_secrets_list.py +15 -4
pulumi_vault/kv/get_secrets_list_v2.py +18 -4
pulumi_vault/kv/outputs.py +8 -3
pulumi_vault/kv/secret.py +12 -7
pulumi_vault/kv/secret_backend_v2.py +5 -0
pulumi_vault/kv/secret_v2.py +46 -41
pulumi_vault/ldap/auth_backend.py +5 -0
pulumi_vault/ldap/auth_backend_group.py +5 -0
pulumi_vault/ldap/auth_backend_user.py +5 -0
pulumi_vault/ldap/get_dynamic_credentials.py +22 -4
pulumi_vault/ldap/get_static_credentials.py +23 -4
pulumi_vault/ldap/secret_backend.py +19 -14
pulumi_vault/ldap/secret_backend_dynamic_role.py +5 -0
pulumi_vault/ldap/secret_backend_library_set.py +5 -0
pulumi_vault/ldap/secret_backend_static_role.py +5 -0
pulumi_vault/managed/_inputs.py +205 -0
pulumi_vault/managed/keys.py +20 -15
pulumi_vault/managed/outputs.py +5 -0
pulumi_vault/mfa_duo.py +5 -0
pulumi_vault/mfa_okta.py +5 -0
pulumi_vault/mfa_pingid.py +5 -0
pulumi_vault/mfa_totp.py +5 -0
pulumi_vault/mongodbatlas/secret_backend.py +5 -0
pulumi_vault/mongodbatlas/secret_role.py +5 -0
pulumi_vault/mount.py +35 -23
pulumi_vault/namespace.py +19 -14
pulumi_vault/nomad_secret_backend.py +5 -0
pulumi_vault/nomad_secret_role.py +5 -0
pulumi_vault/okta/_inputs.py +39 -0
pulumi_vault/okta/auth_backend.py +31 -26
pulumi_vault/okta/auth_backend_group.py +5 -0
pulumi_vault/okta/auth_backend_user.py +5 -0
pulumi_vault/okta/outputs.py +5 -0
pulumi_vault/outputs.py +5 -0
pulumi_vault/password_policy.py +5 -0
pulumi_vault/pkisecret/_inputs.py +49 -8
pulumi_vault/pkisecret/backend_config_cluster.py +5 -0
pulumi_vault/pkisecret/backend_config_est.py +24 -19
pulumi_vault/pkisecret/get_backend_config_est.py +23 -5
pulumi_vault/pkisecret/get_backend_issuer.py +24 -4
pulumi_vault/pkisecret/get_backend_issuers.py +18 -5
pulumi_vault/pkisecret/get_backend_key.py +19 -4
pulumi_vault/pkisecret/get_backend_keys.py +18 -5
pulumi_vault/pkisecret/outputs.py +17 -12
pulumi_vault/pkisecret/secret_backend_cert.py +5 -0
pulumi_vault/pkisecret/secret_backend_config_ca.py +5 -0
pulumi_vault/pkisecret/secret_backend_config_issuers.py +5 -0
pulumi_vault/pkisecret/secret_backend_config_urls.py +5 -0
pulumi_vault/pkisecret/secret_backend_crl_config.py +5 -0
pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +5 -0
pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +5 -0
pulumi_vault/pkisecret/secret_backend_issuer.py +5 -0
pulumi_vault/pkisecret/secret_backend_key.py +5 -0
pulumi_vault/pkisecret/secret_backend_role.py +10 -5
pulumi_vault/pkisecret/secret_backend_root_cert.py +5 -0
pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +5 -0
pulumi_vault/pkisecret/secret_backend_sign.py +5 -0
pulumi_vault/plugin.py +5 -0
pulumi_vault/plugin_pinned_version.py +5 -0
pulumi_vault/policy.py +5 -0
pulumi_vault/provider.py +47 -42
pulumi_vault/pulumi-plugin.json +1 -1
pulumi_vault/quota_lease_count.py +5 -0
pulumi_vault/quota_rate_limit.py +5 -0
pulumi_vault/rabbitmq/_inputs.py +61 -0
pulumi_vault/rabbitmq/outputs.py +5 -0
pulumi_vault/rabbitmq/secret_backend.py +5 -0
pulumi_vault/rabbitmq/secret_backend_role.py +43 -38
pulumi_vault/raft_autopilot.py +5 -0
pulumi_vault/raft_snapshot_agent_config.py +5 -0
pulumi_vault/rgp_policy.py +5 -0
pulumi_vault/saml/auth_backend.py +5 -0
pulumi_vault/saml/auth_backend_role.py +19 -14
pulumi_vault/secrets/_inputs.py +30 -0
pulumi_vault/secrets/outputs.py +5 -0
pulumi_vault/secrets/sync_association.py +7 -2
pulumi_vault/secrets/sync_aws_destination.py +19 -14
pulumi_vault/secrets/sync_azure_destination.py +19 -14
pulumi_vault/secrets/sync_config.py +5 -0
pulumi_vault/secrets/sync_gcp_destination.py +19 -14
pulumi_vault/secrets/sync_gh_destination.py +5 -0
pulumi_vault/secrets/sync_github_apps.py +5 -0
pulumi_vault/secrets/sync_vercel_destination.py +5 -0
pulumi_vault/ssh/_inputs.py +22 -0
pulumi_vault/ssh/outputs.py +5 -0
pulumi_vault/ssh/secret_backend_ca.py +5 -0
pulumi_vault/ssh/secret_backend_role.py +38 -33
pulumi_vault/terraformcloud/secret_backend.py +5 -0
pulumi_vault/terraformcloud/secret_creds.py +5 -0
pulumi_vault/terraformcloud/secret_role.py +5 -0
pulumi_vault/token.py +5 -0
pulumi_vault/tokenauth/auth_backend_role.py +5 -14
pulumi_vault/transform/alphabet.py +5 -0
pulumi_vault/transform/get_decode.py +38 -14
pulumi_vault/transform/get_encode.py +38 -14
pulumi_vault/transform/role.py +5 -0
pulumi_vault/transform/template.py +19 -14
pulumi_vault/transform/transformation.py +5 -0
pulumi_vault/transit/get_decrypt.py +21 -4
pulumi_vault/transit/get_encrypt.py +23 -4
pulumi_vault/transit/secret_backend_key.py +12 -7
pulumi_vault/transit/secret_cache_config.py +5 -0
{pulumi_vault-6.3.0a1723010642.dist-info → pulumi_vault-6.3.1.dist-info}/METADATA +3 -2
pulumi_vault-6.3.1.dist-info/RECORD +256 -0
{pulumi_vault-6.3.0a1723010642.dist-info → pulumi_vault-6.3.1.dist-info}/WHEEL +1 -1
pulumi_vault-6.3.0a1723010642.dist-info/RECORD +0 -256
{pulumi_vault-6.3.0a1723010642.dist-info → pulumi_vault-6.3.1.dist-info}/top_level.txt +0 -0

pulumi_vault/identity/outputs.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = [
@@ -21,7 +26,7 @@ class GetEntityAliasResult(dict):
                  id: str,
                  last_update_time: str,
                  merged_from_canonical_ids: Sequence[str],
-                 metadata: Mapping[str, Any],
+                 metadata: Mapping[str, str],
                  mount_accessor: str,
                  mount_path: str,
                  mount_type: str,
@@ -32,7 +37,7 @@ class GetEntityAliasResult(dict):
         :param str id: ID of the alias
         :param str last_update_time: Last update time of the alias
         :param Sequence[str] merged_from_canonical_ids: List of canonical IDs merged with this alias
-        :param Mapping[str, Any] metadata: Arbitrary metadata
+        :param Mapping[str, str] metadata: Arbitrary metadata
         :param str mount_accessor: Authentication mount acccessor which this alias belongs to
         :param str mount_path: Authentication mount path which this alias belongs to
         :param str mount_type: Authentication mount type which this alias belongs to
@@ -91,7 +96,7 @@ class GetEntityAliasResult(dict):
     @property
     @pulumi.getter
-    def metadata(self) -> Mapping[str, Any]:
+    def metadata(self) -> Mapping[str, str]:
         """
         Arbitrary metadata
         """

pulumi_vault/jwt/_inputs.py CHANGED Viewed

@@ -4,15 +4,70 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = [
     'AuthBackendTuneArgs',
+    'AuthBackendTuneArgsDict',
 ]
+MYPY = False
+if not MYPY:
+    class AuthBackendTuneArgsDict(TypedDict):
+        allowed_response_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        """
+        List of headers to whitelist and allowing
+        a plugin to include them in the response.
+        """
+        audit_non_hmac_request_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        """
+        Specifies the list of keys that will
+        not be HMAC'd by audit devices in the request data object.
+        """
+        audit_non_hmac_response_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        """
+        Specifies the list of keys that will
+        not be HMAC'd by audit devices in the response data object.
+        """
+        default_lease_ttl: NotRequired[pulumi.Input[str]]
+        """
+        Specifies the default time-to-live.
+        If set, this overrides the global default.
+        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        """
+        listing_visibility: NotRequired[pulumi.Input[str]]
+        """
+        Specifies whether to show this mount in
+        the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
+        """
+        max_lease_ttl: NotRequired[pulumi.Input[str]]
+        """
+        Specifies the maximum time-to-live.
+        If set, this overrides the global default.
+        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        """
+        passthrough_request_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        """
+        List of headers to whitelist and
+        pass from the request to the backend.
+        """
+        token_type: NotRequired[pulumi.Input[str]]
+        """
+        Specifies the type of tokens that should be returned by
+        the mount. Valid values are "default-service", "default-batch", "service", "batch".
+        """
+elif False:
+    AuthBackendTuneArgsDict: TypeAlias = Mapping[str, Any]
 @pulumi.input_type
 class AuthBackendTuneArgs:
     def __init__(__self__, *,

pulumi_vault/jwt/auth_backend.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 from . import outputs
 from ._inputs import *
@@ -765,7 +770,7 @@ class AuthBackend(pulumi.CustomResource):
                  oidc_response_types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  path: Optional[pulumi.Input[str]] = None,
                  provider_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
+                 tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
                  type: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
@@ -801,9 +806,9 @@ class AuthBackend(pulumi.CustomResource):
             oidc_client_id="1234567890",
             oidc_client_secret="secret123456",
             bound_issuer="https://myco.auth0.com/",
-            tune=vault.jwt.AuthBackendTuneArgs(
-                listing_visibility="unauth",
-            ))
+            tune={
+                "listing_visibility": "unauth",
+            })
         ```
         Configuring the auth backend with a `provider_config:
@@ -908,9 +913,9 @@ class AuthBackend(pulumi.CustomResource):
             oidc_client_id="1234567890",
             oidc_client_secret="secret123456",
             bound_issuer="https://myco.auth0.com/",
-            tune=vault.jwt.AuthBackendTuneArgs(
-                listing_visibility="unauth",
-            ))
+            tune={
+                "listing_visibility": "unauth",
+            })
         ```
         Configuring the auth backend with a `provider_config:
@@ -979,7 +984,7 @@ class AuthBackend(pulumi.CustomResource):
                  oidc_response_types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  path: Optional[pulumi.Input[str]] = None,
                  provider_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
+                 tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
                  type: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -1044,7 +1049,7 @@ class AuthBackend(pulumi.CustomResource):
             oidc_response_types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             path: Optional[pulumi.Input[str]] = None,
             provider_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-            tune: Optional[pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']]] = None,
+            tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
             type: Optional[pulumi.Input[str]] = None) -> 'AuthBackend':
         """
         Get an existing AuthBackend resource's state with the given name, id, and optional extra

pulumi_vault/jwt/auth_backend_role.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']
@@ -19,10 +24,10 @@ class AuthBackendRoleArgs:
                  allowed_redirect_uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  backend: Optional[pulumi.Input[str]] = None,
                  bound_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 bound_claims: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 bound_claims: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  bound_claims_type: Optional[pulumi.Input[str]] = None,
                  bound_subject: Optional[pulumi.Input[str]] = None,
-                 claim_mappings: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 claim_mappings: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  clock_skew_leeway: Optional[pulumi.Input[int]] = None,
                  disable_bound_claims_parsing: Optional[pulumi.Input[bool]] = None,
                  expiration_leeway: Optional[pulumi.Input[int]] = None,
@@ -55,7 +60,7 @@ class AuthBackendRoleArgs:
                Defaults to `jwt`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_audiences: (Required for roles of type `jwt`, optional for roles of
                type `oidc`) List of `aud` claims to match against. Any match is sufficient.
-        :param pulumi.Input[Mapping[str, Any]] bound_claims: If set, a map of claims to values to match against.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] bound_claims: If set, a map of claims to values to match against.
                A claim's value must be a string, which may contain one value or multiple
                comma-separated values, e.g. `"red"` or `"red,green,blue"`.
         :param pulumi.Input[str] bound_claims_type: How to interpret values in the claims/values
@@ -63,7 +68,7 @@ class AuthBackendRoleArgs:
                match). Requires Vault 1.4.0 or above.
         :param pulumi.Input[str] bound_subject: If set, requires that the `sub` claim matches
                this value.
-        :param pulumi.Input[Mapping[str, Any]] claim_mappings: If set, a map of claims (keys) to be copied
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] claim_mappings: If set, a map of claims (keys) to be copied
                to specified metadata fields (values).
         :param pulumi.Input[int] clock_skew_leeway: The amount of leeway to add to all claims to account for clock skew, in
                seconds. Defaults to `60` seconds if set to `0` and can be disabled if set to `-1`.
@@ -229,7 +234,7 @@ class AuthBackendRoleArgs:
     @property
     @pulumi.getter(name="boundClaims")
-    def bound_claims(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def bound_claims(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         If set, a map of claims to values to match against.
         A claim's value must be a string, which may contain one value or multiple
@@ -238,7 +243,7 @@ class AuthBackendRoleArgs:
         return pulumi.get(self, "bound_claims")
     @bound_claims.setter
-    def bound_claims(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def bound_claims(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "bound_claims", value)
     @property
@@ -270,7 +275,7 @@ class AuthBackendRoleArgs:
     @property
     @pulumi.getter(name="claimMappings")
-    def claim_mappings(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def claim_mappings(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         If set, a map of claims (keys) to be copied
         to specified metadata fields (values).
@@ -278,7 +283,7 @@ class AuthBackendRoleArgs:
         return pulumi.get(self, "claim_mappings")
     @claim_mappings.setter
-    def claim_mappings(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def claim_mappings(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "claim_mappings", value)
     @property
@@ -547,10 +552,10 @@ class _AuthBackendRoleState:
                  allowed_redirect_uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  backend: Optional[pulumi.Input[str]] = None,
                  bound_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 bound_claims: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 bound_claims: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  bound_claims_type: Optional[pulumi.Input[str]] = None,
                  bound_subject: Optional[pulumi.Input[str]] = None,
-                 claim_mappings: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 claim_mappings: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  clock_skew_leeway: Optional[pulumi.Input[int]] = None,
                  disable_bound_claims_parsing: Optional[pulumi.Input[bool]] = None,
                  expiration_leeway: Optional[pulumi.Input[int]] = None,
@@ -581,7 +586,7 @@ class _AuthBackendRoleState:
                Defaults to `jwt`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_audiences: (Required for roles of type `jwt`, optional for roles of
                type `oidc`) List of `aud` claims to match against. Any match is sufficient.
-        :param pulumi.Input[Mapping[str, Any]] bound_claims: If set, a map of claims to values to match against.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] bound_claims: If set, a map of claims to values to match against.
                A claim's value must be a string, which may contain one value or multiple
                comma-separated values, e.g. `"red"` or `"red,green,blue"`.
         :param pulumi.Input[str] bound_claims_type: How to interpret values in the claims/values
@@ -589,7 +594,7 @@ class _AuthBackendRoleState:
                match). Requires Vault 1.4.0 or above.
         :param pulumi.Input[str] bound_subject: If set, requires that the `sub` claim matches
                this value.
-        :param pulumi.Input[Mapping[str, Any]] claim_mappings: If set, a map of claims (keys) to be copied
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] claim_mappings: If set, a map of claims (keys) to be copied
                to specified metadata fields (values).
         :param pulumi.Input[int] clock_skew_leeway: The amount of leeway to add to all claims to account for clock skew, in
                seconds. Defaults to `60` seconds if set to `0` and can be disabled if set to `-1`.
@@ -735,7 +740,7 @@ class _AuthBackendRoleState:
     @property
     @pulumi.getter(name="boundClaims")
-    def bound_claims(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def bound_claims(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         If set, a map of claims to values to match against.
         A claim's value must be a string, which may contain one value or multiple
@@ -744,7 +749,7 @@ class _AuthBackendRoleState:
         return pulumi.get(self, "bound_claims")
     @bound_claims.setter
-    def bound_claims(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def bound_claims(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "bound_claims", value)
     @property
@@ -776,7 +781,7 @@ class _AuthBackendRoleState:
     @property
     @pulumi.getter(name="claimMappings")
-    def claim_mappings(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
+    def claim_mappings(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
         If set, a map of claims (keys) to be copied
         to specified metadata fields (values).
@@ -784,7 +789,7 @@ class _AuthBackendRoleState:
         return pulumi.get(self, "claim_mappings")
     @claim_mappings.setter
-    def claim_mappings(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
+    def claim_mappings(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
         pulumi.set(self, "claim_mappings", value)
     @property
@@ -1081,10 +1086,10 @@ class AuthBackendRole(pulumi.CustomResource):
                  allowed_redirect_uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  backend: Optional[pulumi.Input[str]] = None,
                  bound_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 bound_claims: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 bound_claims: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  bound_claims_type: Optional[pulumi.Input[str]] = None,
                  bound_subject: Optional[pulumi.Input[str]] = None,
-                 claim_mappings: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 claim_mappings: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  clock_skew_leeway: Optional[pulumi.Input[int]] = None,
                  disable_bound_claims_parsing: Optional[pulumi.Input[bool]] = None,
                  expiration_leeway: Optional[pulumi.Input[int]] = None,
@@ -1176,7 +1181,7 @@ class AuthBackendRole(pulumi.CustomResource):
                Defaults to `jwt`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_audiences: (Required for roles of type `jwt`, optional for roles of
                type `oidc`) List of `aud` claims to match against. Any match is sufficient.
-        :param pulumi.Input[Mapping[str, Any]] bound_claims: If set, a map of claims to values to match against.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] bound_claims: If set, a map of claims to values to match against.
                A claim's value must be a string, which may contain one value or multiple
                comma-separated values, e.g. `"red"` or `"red,green,blue"`.
         :param pulumi.Input[str] bound_claims_type: How to interpret values in the claims/values
@@ -1184,7 +1189,7 @@ class AuthBackendRole(pulumi.CustomResource):
                match). Requires Vault 1.4.0 or above.
         :param pulumi.Input[str] bound_subject: If set, requires that the `sub` claim matches
                this value.
-        :param pulumi.Input[Mapping[str, Any]] claim_mappings: If set, a map of claims (keys) to be copied
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] claim_mappings: If set, a map of claims (keys) to be copied
                to specified metadata fields (values).
         :param pulumi.Input[int] clock_skew_leeway: The amount of leeway to add to all claims to account for clock skew, in
                seconds. Defaults to `60` seconds if set to `0` and can be disabled if set to `-1`.
@@ -1314,10 +1319,10 @@ class AuthBackendRole(pulumi.CustomResource):
                  allowed_redirect_uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  backend: Optional[pulumi.Input[str]] = None,
                  bound_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 bound_claims: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 bound_claims: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  bound_claims_type: Optional[pulumi.Input[str]] = None,
                  bound_subject: Optional[pulumi.Input[str]] = None,
-                 claim_mappings: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+                 claim_mappings: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  clock_skew_leeway: Optional[pulumi.Input[int]] = None,
                  disable_bound_claims_parsing: Optional[pulumi.Input[bool]] = None,
                  expiration_leeway: Optional[pulumi.Input[int]] = None,
@@ -1395,10 +1400,10 @@ class AuthBackendRole(pulumi.CustomResource):
             allowed_redirect_uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             backend: Optional[pulumi.Input[str]] = None,
             bound_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-            bound_claims: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+            bound_claims: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
             bound_claims_type: Optional[pulumi.Input[str]] = None,
             bound_subject: Optional[pulumi.Input[str]] = None,
-            claim_mappings: Optional[pulumi.Input[Mapping[str, Any]]] = None,
+            claim_mappings: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
             clock_skew_leeway: Optional[pulumi.Input[int]] = None,
             disable_bound_claims_parsing: Optional[pulumi.Input[bool]] = None,
             expiration_leeway: Optional[pulumi.Input[int]] = None,
@@ -1434,7 +1439,7 @@ class AuthBackendRole(pulumi.CustomResource):
                Defaults to `jwt`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_audiences: (Required for roles of type `jwt`, optional for roles of
                type `oidc`) List of `aud` claims to match against. Any match is sufficient.
-        :param pulumi.Input[Mapping[str, Any]] bound_claims: If set, a map of claims to values to match against.
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] bound_claims: If set, a map of claims to values to match against.
                A claim's value must be a string, which may contain one value or multiple
                comma-separated values, e.g. `"red"` or `"red,green,blue"`.
         :param pulumi.Input[str] bound_claims_type: How to interpret values in the claims/values
@@ -1442,7 +1447,7 @@ class AuthBackendRole(pulumi.CustomResource):
                match). Requires Vault 1.4.0 or above.
         :param pulumi.Input[str] bound_subject: If set, requires that the `sub` claim matches
                this value.
-        :param pulumi.Input[Mapping[str, Any]] claim_mappings: If set, a map of claims (keys) to be copied
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] claim_mappings: If set, a map of claims (keys) to be copied
                to specified metadata fields (values).
         :param pulumi.Input[int] clock_skew_leeway: The amount of leeway to add to all claims to account for clock skew, in
                seconds. Defaults to `60` seconds if set to `0` and can be disabled if set to `-1`.
@@ -1552,7 +1557,7 @@ class AuthBackendRole(pulumi.CustomResource):
     @property
     @pulumi.getter(name="boundClaims")
-    def bound_claims(self) -> pulumi.Output[Optional[Mapping[str, Any]]]:
+    def bound_claims(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
         """
         If set, a map of claims to values to match against.
         A claim's value must be a string, which may contain one value or multiple
@@ -1581,7 +1586,7 @@ class AuthBackendRole(pulumi.CustomResource):
     @property
     @pulumi.getter(name="claimMappings")
-    def claim_mappings(self) -> pulumi.Output[Optional[Mapping[str, Any]]]:
+    def claim_mappings(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
         """
         If set, a map of claims (keys) to be copied
         to specified metadata fields (values).

pulumi_vault/jwt/outputs.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = [

pulumi_vault/kmip/secret_backend.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['SecretBackendArgs', 'SecretBackend']

pulumi_vault/kmip/secret_role.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['SecretRoleArgs', 'SecretRole']

pulumi_vault/kmip/secret_scope.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['SecretScopeArgs', 'SecretScope']

pulumi_vault/kubernetes/auth_backend_config.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['AuthBackendConfigArgs', 'AuthBackendConfig']

pulumi_vault/kubernetes/auth_backend_role.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']

pulumi_vault/kubernetes/get_auth_backend_config.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = [
@@ -176,9 +181,6 @@ def get_auth_backend_config(backend: Optional[str] = None,
         kubernetes_host=pulumi.get(__ret__, 'kubernetes_host'),
         namespace=pulumi.get(__ret__, 'namespace'),
         pem_keys=pulumi.get(__ret__, 'pem_keys'))
-@_utilities.lift_output_func(get_auth_backend_config)
 def get_auth_backend_config_output(backend: Optional[pulumi.Input[Optional[str]]] = None,
                                    disable_iss_validation: Optional[pulumi.Input[Optional[bool]]] = None,
                                    disable_local_ca_jwt: Optional[pulumi.Input[Optional[bool]]] = None,
@@ -205,4 +207,24 @@ def get_auth_backend_config_output(backend: Optional[pulumi.Input[Optional[str]]
            *Available only for Vault Enterprise*.
     :param Sequence[str] pem_keys: Optional list of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
     """
-    ...
+    __args__ = dict()
+    __args__['backend'] = backend
+    __args__['disableIssValidation'] = disable_iss_validation
+    __args__['disableLocalCaJwt'] = disable_local_ca_jwt
+    __args__['issuer'] = issuer
+    __args__['kubernetesCaCert'] = kubernetes_ca_cert
+    __args__['kubernetesHost'] = kubernetes_host
+    __args__['namespace'] = namespace
+    __args__['pemKeys'] = pem_keys
+    opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke_output('vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig', __args__, opts=opts, typ=GetAuthBackendConfigResult)
+    return __ret__.apply(lambda __response__: GetAuthBackendConfigResult(
+        backend=pulumi.get(__response__, 'backend'),
+        disable_iss_validation=pulumi.get(__response__, 'disable_iss_validation'),
+        disable_local_ca_jwt=pulumi.get(__response__, 'disable_local_ca_jwt'),
+        id=pulumi.get(__response__, 'id'),
+        issuer=pulumi.get(__response__, 'issuer'),
+        kubernetes_ca_cert=pulumi.get(__response__, 'kubernetes_ca_cert'),
+        kubernetes_host=pulumi.get(__response__, 'kubernetes_host'),
+        namespace=pulumi.get(__response__, 'namespace'),
+        pem_keys=pulumi.get(__response__, 'pem_keys')))

pulumi_vault/kubernetes/get_auth_backend_role.py CHANGED Viewed

@@ -4,9 +4,14 @@
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 __all__ = [
@@ -336,9 +341,6 @@ def get_auth_backend_role(audience: Optional[str] = None,
         token_policies=pulumi.get(__ret__, 'token_policies'),
         token_ttl=pulumi.get(__ret__, 'token_ttl'),
         token_type=pulumi.get(__ret__, 'token_type'))
-@_utilities.lift_output_func(get_auth_backend_role)
 def get_auth_backend_role_output(audience: Optional[pulumi.Input[Optional[str]]] = None,
                                  backend: Optional[pulumi.Input[Optional[str]]] = None,
                                  namespace: Optional[pulumi.Input[Optional[str]]] = None,
@@ -395,4 +397,37 @@ def get_auth_backend_role_output(audience: Optional[pulumi.Input[Optional[str]]]
            `default-service` and `default-batch` which specify the type to return unless the client
            requests a different type at generation time.
     """
-    ...
+    __args__ = dict()
+    __args__['audience'] = audience
+    __args__['backend'] = backend
+    __args__['namespace'] = namespace
+    __args__['roleName'] = role_name
+    __args__['tokenBoundCidrs'] = token_bound_cidrs
+    __args__['tokenExplicitMaxTtl'] = token_explicit_max_ttl
+    __args__['tokenMaxTtl'] = token_max_ttl
+    __args__['tokenNoDefaultPolicy'] = token_no_default_policy
+    __args__['tokenNumUses'] = token_num_uses
+    __args__['tokenPeriod'] = token_period
+    __args__['tokenPolicies'] = token_policies
+    __args__['tokenTtl'] = token_ttl
+    __args__['tokenType'] = token_type
+    opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke_output('vault:kubernetes/getAuthBackendRole:getAuthBackendRole', __args__, opts=opts, typ=GetAuthBackendRoleResult)
+    return __ret__.apply(lambda __response__: GetAuthBackendRoleResult(
+        alias_name_source=pulumi.get(__response__, 'alias_name_source'),
+        audience=pulumi.get(__response__, 'audience'),
+        backend=pulumi.get(__response__, 'backend'),
+        bound_service_account_names=pulumi.get(__response__, 'bound_service_account_names'),
+        bound_service_account_namespaces=pulumi.get(__response__, 'bound_service_account_namespaces'),
+        id=pulumi.get(__response__, 'id'),
+        namespace=pulumi.get(__response__, 'namespace'),
+        role_name=pulumi.get(__response__, 'role_name'),
+        token_bound_cidrs=pulumi.get(__response__, 'token_bound_cidrs'),
+        token_explicit_max_ttl=pulumi.get(__response__, 'token_explicit_max_ttl'),
+        token_max_ttl=pulumi.get(__response__, 'token_max_ttl'),
+        token_no_default_policy=pulumi.get(__response__, 'token_no_default_policy'),
+        token_num_uses=pulumi.get(__response__, 'token_num_uses'),
+        token_period=pulumi.get(__response__, 'token_period'),
+        token_policies=pulumi.get(__response__, 'token_policies'),
+        token_ttl=pulumi.get(__response__, 'token_ttl'),
+        token_type=pulumi.get(__response__, 'token_type')))

pulumi-vault 6.3.0a1723010642__py3-none-any.whl → 6.3.1__py3-none-any.whl

pulumi-vault 6.3.0a1723010642py3-none-any.whl → 6.3.1py3-none-any.whl