pulumi-vault 6.5.0a1736836139__py3-none-any.whl → 6.5.0a1737047276__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,209 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import copy
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+ from . import outputs
17
+
18
+ __all__ = [
19
+ 'GetBackendConfigCmpv2Result',
20
+ 'AwaitableGetBackendConfigCmpv2Result',
21
+ 'get_backend_config_cmpv2',
22
+ 'get_backend_config_cmpv2_output',
23
+ ]
24
+
25
+ @pulumi.output_type
26
+ class GetBackendConfigCmpv2Result:
27
+ """
28
+ A collection of values returned by getBackendConfigCmpv2.
29
+ """
30
+ def __init__(__self__, audit_fields=None, authenticators=None, backend=None, default_path_policy=None, enable_sentinel_parsing=None, enabled=None, id=None, last_updated=None, namespace=None):
31
+ if audit_fields and not isinstance(audit_fields, list):
32
+ raise TypeError("Expected argument 'audit_fields' to be a list")
33
+ pulumi.set(__self__, "audit_fields", audit_fields)
34
+ if authenticators and not isinstance(authenticators, list):
35
+ raise TypeError("Expected argument 'authenticators' to be a list")
36
+ pulumi.set(__self__, "authenticators", authenticators)
37
+ if backend and not isinstance(backend, str):
38
+ raise TypeError("Expected argument 'backend' to be a str")
39
+ pulumi.set(__self__, "backend", backend)
40
+ if default_path_policy and not isinstance(default_path_policy, str):
41
+ raise TypeError("Expected argument 'default_path_policy' to be a str")
42
+ pulumi.set(__self__, "default_path_policy", default_path_policy)
43
+ if enable_sentinel_parsing and not isinstance(enable_sentinel_parsing, bool):
44
+ raise TypeError("Expected argument 'enable_sentinel_parsing' to be a bool")
45
+ pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
46
+ if enabled and not isinstance(enabled, bool):
47
+ raise TypeError("Expected argument 'enabled' to be a bool")
48
+ pulumi.set(__self__, "enabled", enabled)
49
+ if id and not isinstance(id, str):
50
+ raise TypeError("Expected argument 'id' to be a str")
51
+ pulumi.set(__self__, "id", id)
52
+ if last_updated and not isinstance(last_updated, str):
53
+ raise TypeError("Expected argument 'last_updated' to be a str")
54
+ pulumi.set(__self__, "last_updated", last_updated)
55
+ if namespace and not isinstance(namespace, str):
56
+ raise TypeError("Expected argument 'namespace' to be a str")
57
+ pulumi.set(__self__, "namespace", namespace)
58
+
59
+ @property
60
+ @pulumi.getter(name="auditFields")
61
+ def audit_fields(self) -> Sequence[str]:
62
+ return pulumi.get(self, "audit_fields")
63
+
64
+ @property
65
+ @pulumi.getter
66
+ def authenticators(self) -> Sequence['outputs.GetBackendConfigCmpv2AuthenticatorResult']:
67
+ return pulumi.get(self, "authenticators")
68
+
69
+ @property
70
+ @pulumi.getter
71
+ def backend(self) -> str:
72
+ return pulumi.get(self, "backend")
73
+
74
+ @property
75
+ @pulumi.getter(name="defaultPathPolicy")
76
+ def default_path_policy(self) -> str:
77
+ return pulumi.get(self, "default_path_policy")
78
+
79
+ @property
80
+ @pulumi.getter(name="enableSentinelParsing")
81
+ def enable_sentinel_parsing(self) -> bool:
82
+ return pulumi.get(self, "enable_sentinel_parsing")
83
+
84
+ @property
85
+ @pulumi.getter
86
+ def enabled(self) -> bool:
87
+ return pulumi.get(self, "enabled")
88
+
89
+ @property
90
+ @pulumi.getter
91
+ def id(self) -> str:
92
+ """
93
+ The provider-assigned unique ID for this managed resource.
94
+ """
95
+ return pulumi.get(self, "id")
96
+
97
+ @property
98
+ @pulumi.getter(name="lastUpdated")
99
+ def last_updated(self) -> str:
100
+ return pulumi.get(self, "last_updated")
101
+
102
+ @property
103
+ @pulumi.getter
104
+ def namespace(self) -> Optional[str]:
105
+ return pulumi.get(self, "namespace")
106
+
107
+
108
+ class AwaitableGetBackendConfigCmpv2Result(GetBackendConfigCmpv2Result):
109
+ # pylint: disable=using-constant-test
110
+ def __await__(self):
111
+ if False:
112
+ yield self
113
+ return GetBackendConfigCmpv2Result(
114
+ audit_fields=self.audit_fields,
115
+ authenticators=self.authenticators,
116
+ backend=self.backend,
117
+ default_path_policy=self.default_path_policy,
118
+ enable_sentinel_parsing=self.enable_sentinel_parsing,
119
+ enabled=self.enabled,
120
+ id=self.id,
121
+ last_updated=self.last_updated,
122
+ namespace=self.namespace)
123
+
124
+
125
+ def get_backend_config_cmpv2(backend: Optional[str] = None,
126
+ namespace: Optional[str] = None,
127
+ opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendConfigCmpv2Result:
128
+ """
129
+ ## Example Usage
130
+
131
+ ```python
132
+ import pulumi
133
+ import pulumi_vault as vault
134
+
135
+ pki = vault.Mount("pki",
136
+ path="pki",
137
+ type="pki",
138
+ description="PKI secret engine mount")
139
+ cmpv2_config = vault.pkiSecret.get_backend_config_cmpv2_output(backend=pki.path)
140
+ ```
141
+
142
+
143
+ :param str backend: The path to the PKI secret backend to
144
+ read the CMPv2 configuration from, with no leading or trailing `/`s.
145
+
146
+ # Attributes Reference
147
+ :param str namespace: The namespace of the target resource.
148
+ The value should not contain leading or trailing forward slashes.
149
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
150
+ *Available only for Vault Enterprise*.
151
+ """
152
+ __args__ = dict()
153
+ __args__['backend'] = backend
154
+ __args__['namespace'] = namespace
155
+ opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
156
+ __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendConfigCmpv2:getBackendConfigCmpv2', __args__, opts=opts, typ=GetBackendConfigCmpv2Result).value
157
+
158
+ return AwaitableGetBackendConfigCmpv2Result(
159
+ audit_fields=pulumi.get(__ret__, 'audit_fields'),
160
+ authenticators=pulumi.get(__ret__, 'authenticators'),
161
+ backend=pulumi.get(__ret__, 'backend'),
162
+ default_path_policy=pulumi.get(__ret__, 'default_path_policy'),
163
+ enable_sentinel_parsing=pulumi.get(__ret__, 'enable_sentinel_parsing'),
164
+ enabled=pulumi.get(__ret__, 'enabled'),
165
+ id=pulumi.get(__ret__, 'id'),
166
+ last_updated=pulumi.get(__ret__, 'last_updated'),
167
+ namespace=pulumi.get(__ret__, 'namespace'))
168
+ def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
169
+ namespace: Optional[pulumi.Input[Optional[str]]] = None,
170
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetBackendConfigCmpv2Result]:
171
+ """
172
+ ## Example Usage
173
+
174
+ ```python
175
+ import pulumi
176
+ import pulumi_vault as vault
177
+
178
+ pki = vault.Mount("pki",
179
+ path="pki",
180
+ type="pki",
181
+ description="PKI secret engine mount")
182
+ cmpv2_config = vault.pkiSecret.get_backend_config_cmpv2_output(backend=pki.path)
183
+ ```
184
+
185
+
186
+ :param str backend: The path to the PKI secret backend to
187
+ read the CMPv2 configuration from, with no leading or trailing `/`s.
188
+
189
+ # Attributes Reference
190
+ :param str namespace: The namespace of the target resource.
191
+ The value should not contain leading or trailing forward slashes.
192
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
193
+ *Available only for Vault Enterprise*.
194
+ """
195
+ __args__ = dict()
196
+ __args__['backend'] = backend
197
+ __args__['namespace'] = namespace
198
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
199
+ __ret__ = pulumi.runtime.invoke_output('vault:pkiSecret/getBackendConfigCmpv2:getBackendConfigCmpv2', __args__, opts=opts, typ=GetBackendConfigCmpv2Result)
200
+ return __ret__.apply(lambda __response__: GetBackendConfigCmpv2Result(
201
+ audit_fields=pulumi.get(__response__, 'audit_fields'),
202
+ authenticators=pulumi.get(__response__, 'authenticators'),
203
+ backend=pulumi.get(__response__, 'backend'),
204
+ default_path_policy=pulumi.get(__response__, 'default_path_policy'),
205
+ enable_sentinel_parsing=pulumi.get(__response__, 'enable_sentinel_parsing'),
206
+ enabled=pulumi.get(__response__, 'enabled'),
207
+ id=pulumi.get(__response__, 'id'),
208
+ last_updated=pulumi.get(__response__, 'last_updated'),
209
+ namespace=pulumi.get(__response__, 'namespace')))
@@ -15,11 +15,32 @@ else:
15
15
  from .. import _utilities
16
16
 
17
17
  __all__ = [
18
+ 'BackendConfigCmpv2Authenticators',
18
19
  'BackendConfigEstAuthenticators',
19
20
  'SecretBackendRolePolicyIdentifier',
21
+ 'GetBackendConfigCmpv2AuthenticatorResult',
20
22
  'GetBackendConfigEstAuthenticatorResult',
21
23
  ]
22
24
 
25
+ @pulumi.output_type
26
+ class BackendConfigCmpv2Authenticators(dict):
27
+ def __init__(__self__, *,
28
+ cert: Optional[Mapping[str, str]] = None):
29
+ """
30
+ :param Mapping[str, str] cert: "The accessor (required) and cert_role (optional) properties for cert auth backends".
31
+ """
32
+ if cert is not None:
33
+ pulumi.set(__self__, "cert", cert)
34
+
35
+ @property
36
+ @pulumi.getter
37
+ def cert(self) -> Optional[Mapping[str, str]]:
38
+ """
39
+ "The accessor (required) and cert_role (optional) properties for cert auth backends".
40
+ """
41
+ return pulumi.get(self, "cert")
42
+
43
+
23
44
  @pulumi.output_type
24
45
  class BackendConfigEstAuthenticators(dict):
25
46
  def __init__(__self__, *,
@@ -97,6 +118,25 @@ class SecretBackendRolePolicyIdentifier(dict):
97
118
  return pulumi.get(self, "notice")
98
119
 
99
120
 
121
+ @pulumi.output_type
122
+ class GetBackendConfigCmpv2AuthenticatorResult(dict):
123
+ def __init__(__self__, *,
124
+ cert: Optional[Mapping[str, str]] = None):
125
+ """
126
+ :param Mapping[str, str] cert: The accessor and cert_role properties for cert auth backends
127
+ """
128
+ if cert is not None:
129
+ pulumi.set(__self__, "cert", cert)
130
+
131
+ @property
132
+ @pulumi.getter
133
+ def cert(self) -> Optional[Mapping[str, str]]:
134
+ """
135
+ The accessor and cert_role properties for cert auth backends
136
+ """
137
+ return pulumi.get(self, "cert")
138
+
139
+
100
140
  @pulumi.output_type
101
141
  class GetBackendConfigEstAuthenticatorResult(dict):
102
142
  def __init__(__self__, *,
@@ -38,6 +38,7 @@ class SecretBackendRoleArgs:
38
38
  allowed_user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
39
39
  basic_constraints_valid_for_non_ca: Optional[pulumi.Input[bool]] = None,
40
40
  client_flag: Optional[pulumi.Input[bool]] = None,
41
+ cn_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
41
42
  code_signing_flag: Optional[pulumi.Input[bool]] = None,
42
43
  countries: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
43
44
  email_protection_flag: Optional[pulumi.Input[bool]] = None,
@@ -86,6 +87,7 @@ class SecretBackendRoleArgs:
86
87
  :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_user_ids: Defines allowed User IDs
87
88
  :param pulumi.Input[bool] basic_constraints_valid_for_non_ca: Flag to mark basic constraints valid when issuing non-CA certificates
88
89
  :param pulumi.Input[bool] client_flag: Flag to specify certificates for client use
90
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] cn_validations: Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
89
91
  :param pulumi.Input[bool] code_signing_flag: Flag to specify certificates for code signing use
90
92
  :param pulumi.Input[Sequence[pulumi.Input[str]]] countries: The country of generated certificates
91
93
  :param pulumi.Input[bool] email_protection_flag: Flag to specify certificates for email protection use
@@ -158,6 +160,8 @@ class SecretBackendRoleArgs:
158
160
  pulumi.set(__self__, "basic_constraints_valid_for_non_ca", basic_constraints_valid_for_non_ca)
159
161
  if client_flag is not None:
160
162
  pulumi.set(__self__, "client_flag", client_flag)
163
+ if cn_validations is not None:
164
+ pulumi.set(__self__, "cn_validations", cn_validations)
161
165
  if code_signing_flag is not None:
162
166
  pulumi.set(__self__, "code_signing_flag", code_signing_flag)
163
167
  if countries is not None:
@@ -421,6 +425,18 @@ class SecretBackendRoleArgs:
421
425
  def client_flag(self, value: Optional[pulumi.Input[bool]]):
422
426
  pulumi.set(self, "client_flag", value)
423
427
 
428
+ @property
429
+ @pulumi.getter(name="cnValidations")
430
+ def cn_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
431
+ """
432
+ Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
433
+ """
434
+ return pulumi.get(self, "cn_validations")
435
+
436
+ @cn_validations.setter
437
+ def cn_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
438
+ pulumi.set(self, "cn_validations", value)
439
+
424
440
  @property
425
441
  @pulumi.getter(name="codeSigningFlag")
426
442
  def code_signing_flag(self) -> Optional[pulumi.Input[bool]]:
@@ -799,6 +815,7 @@ class _SecretBackendRoleState:
799
815
  backend: Optional[pulumi.Input[str]] = None,
800
816
  basic_constraints_valid_for_non_ca: Optional[pulumi.Input[bool]] = None,
801
817
  client_flag: Optional[pulumi.Input[bool]] = None,
818
+ cn_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
802
819
  code_signing_flag: Optional[pulumi.Input[bool]] = None,
803
820
  countries: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
804
821
  email_protection_flag: Optional[pulumi.Input[bool]] = None,
@@ -847,6 +864,7 @@ class _SecretBackendRoleState:
847
864
  :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
848
865
  :param pulumi.Input[bool] basic_constraints_valid_for_non_ca: Flag to mark basic constraints valid when issuing non-CA certificates
849
866
  :param pulumi.Input[bool] client_flag: Flag to specify certificates for client use
867
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] cn_validations: Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
850
868
  :param pulumi.Input[bool] code_signing_flag: Flag to specify certificates for code signing use
851
869
  :param pulumi.Input[Sequence[pulumi.Input[str]]] countries: The country of generated certificates
852
870
  :param pulumi.Input[bool] email_protection_flag: Flag to specify certificates for email protection use
@@ -920,6 +938,8 @@ class _SecretBackendRoleState:
920
938
  pulumi.set(__self__, "basic_constraints_valid_for_non_ca", basic_constraints_valid_for_non_ca)
921
939
  if client_flag is not None:
922
940
  pulumi.set(__self__, "client_flag", client_flag)
941
+ if cn_validations is not None:
942
+ pulumi.set(__self__, "cn_validations", cn_validations)
923
943
  if code_signing_flag is not None:
924
944
  pulumi.set(__self__, "code_signing_flag", code_signing_flag)
925
945
  if countries is not None:
@@ -1183,6 +1203,18 @@ class _SecretBackendRoleState:
1183
1203
  def client_flag(self, value: Optional[pulumi.Input[bool]]):
1184
1204
  pulumi.set(self, "client_flag", value)
1185
1205
 
1206
+ @property
1207
+ @pulumi.getter(name="cnValidations")
1208
+ def cn_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
1209
+ """
1210
+ Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
1211
+ """
1212
+ return pulumi.get(self, "cn_validations")
1213
+
1214
+ @cn_validations.setter
1215
+ def cn_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
1216
+ pulumi.set(self, "cn_validations", value)
1217
+
1186
1218
  @property
1187
1219
  @pulumi.getter(name="codeSigningFlag")
1188
1220
  def code_signing_flag(self) -> Optional[pulumi.Input[bool]]:
@@ -1563,6 +1595,7 @@ class SecretBackendRole(pulumi.CustomResource):
1563
1595
  backend: Optional[pulumi.Input[str]] = None,
1564
1596
  basic_constraints_valid_for_non_ca: Optional[pulumi.Input[bool]] = None,
1565
1597
  client_flag: Optional[pulumi.Input[bool]] = None,
1598
+ cn_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1566
1599
  code_signing_flag: Optional[pulumi.Input[bool]] = None,
1567
1600
  countries: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1568
1601
  email_protection_flag: Optional[pulumi.Input[bool]] = None,
@@ -1648,6 +1681,7 @@ class SecretBackendRole(pulumi.CustomResource):
1648
1681
  :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
1649
1682
  :param pulumi.Input[bool] basic_constraints_valid_for_non_ca: Flag to mark basic constraints valid when issuing non-CA certificates
1650
1683
  :param pulumi.Input[bool] client_flag: Flag to specify certificates for client use
1684
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] cn_validations: Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
1651
1685
  :param pulumi.Input[bool] code_signing_flag: Flag to specify certificates for code signing use
1652
1686
  :param pulumi.Input[Sequence[pulumi.Input[str]]] countries: The country of generated certificates
1653
1687
  :param pulumi.Input[bool] email_protection_flag: Flag to specify certificates for email protection use
@@ -1761,6 +1795,7 @@ class SecretBackendRole(pulumi.CustomResource):
1761
1795
  backend: Optional[pulumi.Input[str]] = None,
1762
1796
  basic_constraints_valid_for_non_ca: Optional[pulumi.Input[bool]] = None,
1763
1797
  client_flag: Optional[pulumi.Input[bool]] = None,
1798
+ cn_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1764
1799
  code_signing_flag: Optional[pulumi.Input[bool]] = None,
1765
1800
  countries: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1766
1801
  email_protection_flag: Optional[pulumi.Input[bool]] = None,
@@ -1818,6 +1853,7 @@ class SecretBackendRole(pulumi.CustomResource):
1818
1853
  __props__.__dict__["backend"] = backend
1819
1854
  __props__.__dict__["basic_constraints_valid_for_non_ca"] = basic_constraints_valid_for_non_ca
1820
1855
  __props__.__dict__["client_flag"] = client_flag
1856
+ __props__.__dict__["cn_validations"] = cn_validations
1821
1857
  __props__.__dict__["code_signing_flag"] = code_signing_flag
1822
1858
  __props__.__dict__["countries"] = countries
1823
1859
  __props__.__dict__["email_protection_flag"] = email_protection_flag
@@ -1874,6 +1910,7 @@ class SecretBackendRole(pulumi.CustomResource):
1874
1910
  backend: Optional[pulumi.Input[str]] = None,
1875
1911
  basic_constraints_valid_for_non_ca: Optional[pulumi.Input[bool]] = None,
1876
1912
  client_flag: Optional[pulumi.Input[bool]] = None,
1913
+ cn_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1877
1914
  code_signing_flag: Optional[pulumi.Input[bool]] = None,
1878
1915
  countries: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1879
1916
  email_protection_flag: Optional[pulumi.Input[bool]] = None,
@@ -1927,6 +1964,7 @@ class SecretBackendRole(pulumi.CustomResource):
1927
1964
  :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
1928
1965
  :param pulumi.Input[bool] basic_constraints_valid_for_non_ca: Flag to mark basic constraints valid when issuing non-CA certificates
1929
1966
  :param pulumi.Input[bool] client_flag: Flag to specify certificates for client use
1967
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] cn_validations: Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
1930
1968
  :param pulumi.Input[bool] code_signing_flag: Flag to specify certificates for code signing use
1931
1969
  :param pulumi.Input[Sequence[pulumi.Input[str]]] countries: The country of generated certificates
1932
1970
  :param pulumi.Input[bool] email_protection_flag: Flag to specify certificates for email protection use
@@ -1987,6 +2025,7 @@ class SecretBackendRole(pulumi.CustomResource):
1987
2025
  __props__.__dict__["backend"] = backend
1988
2026
  __props__.__dict__["basic_constraints_valid_for_non_ca"] = basic_constraints_valid_for_non_ca
1989
2027
  __props__.__dict__["client_flag"] = client_flag
2028
+ __props__.__dict__["cn_validations"] = cn_validations
1990
2029
  __props__.__dict__["code_signing_flag"] = code_signing_flag
1991
2030
  __props__.__dict__["countries"] = countries
1992
2031
  __props__.__dict__["email_protection_flag"] = email_protection_flag
@@ -2154,6 +2193,14 @@ class SecretBackendRole(pulumi.CustomResource):
2154
2193
  """
2155
2194
  return pulumi.get(self, "client_flag")
2156
2195
 
2196
+ @property
2197
+ @pulumi.getter(name="cnValidations")
2198
+ def cn_validations(self) -> pulumi.Output[Sequence[str]]:
2199
+ """
2200
+ Validations to run on the Common Name field of the certificate, choices: `email`, `hostname`, `disabled`
2201
+ """
2202
+ return pulumi.get(self, "cn_validations")
2203
+
2157
2204
  @property
2158
2205
  @pulumi.getter(name="codeSigningFlag")
2159
2206
  def code_signing_flag(self) -> pulumi.Output[Optional[bool]]:
@@ -1,5 +1,5 @@
1
1
  {
2
2
  "resource": true,
3
3
  "name": "vault",
4
- "version": "6.5.0-alpha.1736836139"
4
+ "version": "6.5.0-alpha.1737047276"
5
5
  }
@@ -54,6 +54,9 @@ class SecretBackendRoleArgs:
54
54
  :param pulumi.Input[str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
55
55
  :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
56
56
  :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
57
+ :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
58
+ valid principals (e.g. any valid principal). For backwards compatibility
59
+ only. The default of false is highly recommended.
57
60
  :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
58
61
  :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
59
62
  :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
@@ -187,6 +190,11 @@ class SecretBackendRoleArgs:
187
190
  @property
188
191
  @pulumi.getter(name="allowEmptyPrincipals")
189
192
  def allow_empty_principals(self) -> Optional[pulumi.Input[bool]]:
193
+ """
194
+ Allow signing certificates with no
195
+ valid principals (e.g. any valid principal). For backwards compatibility
196
+ only. The default of false is highly recommended.
197
+ """
190
198
  return pulumi.get(self, "allow_empty_principals")
191
199
 
192
200
  @allow_empty_principals.setter
@@ -498,6 +506,9 @@ class _SecretBackendRoleState:
498
506
  Input properties used for looking up and filtering SecretBackendRole resources.
499
507
  :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
500
508
  :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
509
+ :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
510
+ valid principals (e.g. any valid principal). For backwards compatibility
511
+ only. The default of false is highly recommended.
501
512
  :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
502
513
  :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
503
514
  :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
@@ -611,6 +622,11 @@ class _SecretBackendRoleState:
611
622
  @property
612
623
  @pulumi.getter(name="allowEmptyPrincipals")
613
624
  def allow_empty_principals(self) -> Optional[pulumi.Input[bool]]:
625
+ """
626
+ Allow signing certificates with no
627
+ valid principals (e.g. any valid principal). For backwards compatibility
628
+ only. The default of false is highly recommended.
629
+ """
614
630
  return pulumi.get(self, "allow_empty_principals")
615
631
 
616
632
  @allow_empty_principals.setter
@@ -982,6 +998,9 @@ class SecretBackendRole(pulumi.CustomResource):
982
998
  :param pulumi.ResourceOptions opts: Options for the resource.
983
999
  :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
984
1000
  :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
1001
+ :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
1002
+ valid principals (e.g. any valid principal). For backwards compatibility
1003
+ only. The default of false is highly recommended.
985
1004
  :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
986
1005
  :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
987
1006
  :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
@@ -1180,6 +1199,9 @@ class SecretBackendRole(pulumi.CustomResource):
1180
1199
  :param pulumi.ResourceOptions opts: Options for the resource.
1181
1200
  :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
1182
1201
  :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
1202
+ :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
1203
+ valid principals (e.g. any valid principal). For backwards compatibility
1204
+ only. The default of false is highly recommended.
1183
1205
  :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
1184
1206
  :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
1185
1207
  :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
@@ -1263,6 +1285,11 @@ class SecretBackendRole(pulumi.CustomResource):
1263
1285
  @property
1264
1286
  @pulumi.getter(name="allowEmptyPrincipals")
1265
1287
  def allow_empty_principals(self) -> pulumi.Output[Optional[bool]]:
1288
+ """
1289
+ Allow signing certificates with no
1290
+ valid principals (e.g. any valid principal). For backwards compatibility
1291
+ only. The default of false is highly recommended.
1292
+ """
1266
1293
  return pulumi.get(self, "allow_empty_principals")
1267
1294
 
1268
1295
  @property
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.2
2
2
  Name: pulumi_vault
3
- Version: 6.5.0a1736836139
3
+ Version: 6.5.0a1737047276
4
4
  Summary: A Pulumi package for creating and managing HashiCorp Vault cloud resources.
5
5
  License: Apache-2.0
6
6
  Project-URL: Homepage, https://pulumi.io
@@ -1,4 +1,4 @@
1
- pulumi_vault/__init__.py,sha256=YyUZ3AwssRd84-MFiLiMsKlEs0Gl5dnqjoRlDWbWe70,31607
1
+ pulumi_vault/__init__.py,sha256=FcjjMuSTS8ketXMRJIhsXOIitbOr26gL3988G__itco,32190
2
2
  pulumi_vault/_inputs.py,sha256=SF9ssDW-1LueES-snz-lfjgpbVI0bldHW0yL4qeh7N0,92747
3
3
  pulumi_vault/_utilities.py,sha256=-gxwnD6__OYdSf8jJgJijNuu-UHUwi5pJ1H7-eIHDhg,10504
4
4
  pulumi_vault/audit.py,sha256=qeLdEPUPWtIcJsnba2V6_uicJEVC5yMvwSLZi0DSqWw,20517
@@ -27,7 +27,7 @@ pulumi_vault/plugin.py,sha256=wsHI-O03QoIMQB4ni-MOBjXNz2xloYRHiqx9mk5dZq8,23656
27
27
  pulumi_vault/plugin_pinned_version.py,sha256=FRBwnJxAYtleO9MoM2juvwBpCk-Um-hmELLAj7kJvLo,10757
28
28
  pulumi_vault/policy.py,sha256=jhgtVabSBI5Z69EXKUJxlidTsNLzN-A9NsKkbnGX8n8,11109
29
29
  pulumi_vault/provider.py,sha256=KnBSEL3D7S8eRWQlc-oOGh1lKqtrPnQbdpPwfQdYZxg,42800
30
- pulumi_vault/pulumi-plugin.json,sha256=xrvgMnij97dJqDV4TdRt8ZZPeJqGg6KOfCiEiwFcnjY,81
30
+ pulumi_vault/pulumi-plugin.json,sha256=TPBWIsc75OnsGeq3LtsBIHxVPbx62_irZI7U7b7uvmA,81
31
31
  pulumi_vault/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
32
32
  pulumi_vault/quota_lease_count.py,sha256=KkTKOgxZwkjLgFMKK1zy4qD7VMxKPahIs1E6EQkMxT8,25072
33
33
  pulumi_vault/quota_rate_limit.py,sha256=5XXedC8Orsgqq0LSHMaW-J_d0ht9Th_Hr7h8BSOC_Ik,29677
@@ -56,10 +56,10 @@ pulumi_vault/aws/auth_backend_login.py,sha256=yq2ujRVX4WrHH7YuhsTpPxZxTKi4VzgCzd
56
56
  pulumi_vault/aws/auth_backend_role.py,sha256=zXLc9AhVAWyM6TsL4dJLBuWeA9PCvE5fl62dqVqlFo4,100654
57
57
  pulumi_vault/aws/auth_backend_role_tag.py,sha256=MLoS5jckMcQ17aReToR-3NoZkuqMxt2xOskPRrgg3DQ,26766
58
58
  pulumi_vault/aws/auth_backend_roletag_blacklist.py,sha256=d6OxN_pjgLpw_Zzm5d21PYDEsoo9eS9JpUwtlo0UO3I,16684
59
- pulumi_vault/aws/auth_backend_sts_role.py,sha256=KqhCBCyHkf7ZCixxyTMuNIPdjn-uAgozAIijEHpzoRc,15641
59
+ pulumi_vault/aws/auth_backend_sts_role.py,sha256=VRn2perU4FIlmaxWyFkN6kJb7WNMFVB0PVw4sYCBkKU,18218
60
60
  pulumi_vault/aws/get_access_credentials.py,sha256=zQrWdGYD3yeddCvIID1X7qflXwX3xyDS9cYWUAs1SRg,13831
61
61
  pulumi_vault/aws/get_static_access_credentials.py,sha256=tlKvd3yYt58urxZnQe9LPaE0DVW8c_soJcCcV9VJgvA,5660
62
- pulumi_vault/aws/secret_backend.py,sha256=PxLyciI9GEt_-bbYYJ0vKZYH9GWI2he2tMsatq8Ma_M,49603
62
+ pulumi_vault/aws/secret_backend.py,sha256=-FqxHnwYK0hblN3J07S4AFmJu7edsE7nSoUdagDNdsA,58191
63
63
  pulumi_vault/aws/secret_backend_role.py,sha256=d8TJj99dXlj9yIBr3hUx8WuV5meBLgCetakaOF5AQ_0,56898
64
64
  pulumi_vault/aws/secret_backend_static_role.py,sha256=FUIPjsAjM-SOmVFMK1r4Mk3KPXxQYLIiY5XC__GsNe8,17995
65
65
  pulumi_vault/azure/__init__.py,sha256=Ip6GcRxEn43qDXL93F4Jm2uYqW7HJlPK_dg1WrfwXBg,471
@@ -80,8 +80,8 @@ pulumi_vault/consul/__init__.py,sha256=MYNOUNqNi49Gsivdn3pOzEa_z-y9NF69sasXX1K0Y
80
80
  pulumi_vault/consul/secret_backend.py,sha256=zBN37oAaROpMYqQaK7OZdBRNUi84kAFGYnkUoBwMNlY,39690
81
81
  pulumi_vault/consul/secret_backend_role.py,sha256=CSEWiICBmW3uQogwVPyP9WIws_eGNwd7uHbk4UzJQ1I,41693
82
82
  pulumi_vault/database/__init__.py,sha256=tYq_SkLBBJ3LzcjTNj5KSt92p2t595IcZ_5Qbe-Gz2g,461
83
- pulumi_vault/database/_inputs.py,sha256=IniAaoYiBtoAOnWk5VpET3WinT7KpHH55YIByWHaZuM,372620
84
- pulumi_vault/database/outputs.py,sha256=mYMdSYFE13OuBqaPopHkt9sM-D3vsxhQpbrX0TEzZSY,260211
83
+ pulumi_vault/database/_inputs.py,sha256=9mzVAKPkUag-WS2Fw9E6wwC85METljswEqY9crETuvc,374720
84
+ pulumi_vault/database/outputs.py,sha256=C8Jbpep0D50ob83PusxYQqg4vKmzM6g701qjwD4W-Zs,261689
85
85
  pulumi_vault/database/secret_backend_connection.py,sha256=_uQTdiuaEws2Il1TJbHv0o_amJT7E6MRf7zFOVjnEPU,76379
86
86
  pulumi_vault/database/secret_backend_role.py,sha256=YmjmE13qoDWAr-yx35z-KqWtWELW2n6sGeQP5ALsBVU,37120
87
87
  pulumi_vault/database/secret_backend_static_role.py,sha256=Xq0-15wL3FCiMG5Izg9rBLUVdTWpSGcQKW4MUbHCVdI,34772
@@ -185,16 +185,20 @@ pulumi_vault/okta/auth_backend.py,sha256=CuQ7-ySllNKdmRJfR1U1_IxIAkXNKKO0tBe552O
185
185
  pulumi_vault/okta/auth_backend_group.py,sha256=_-yxuKaRFmGsE1AX7rTXeDLceU5cyoVJL2jeKm5eTCc,15149
186
186
  pulumi_vault/okta/auth_backend_user.py,sha256=RAQAgkbKikMwgl-eYhKfADahKxuKM-S8fvqv3f2vSFs,17111
187
187
  pulumi_vault/okta/outputs.py,sha256=9oSrWhhmR6ZGu_sdE6Ba46T2IW8w-nLUlZB-5pmg6uk,3241
188
- pulumi_vault/pkisecret/__init__.py,sha256=Lwp_52rZJohEKOGZTENoaHtUcsrMDlAa87JRrMSrXcw,1103
189
- pulumi_vault/pkisecret/_inputs.py,sha256=Shh7rFazSE0ykWtdL5u5UHmUjdmXGiY4WNVCUT3OqoU,5035
188
+ pulumi_vault/pkisecret/__init__.py,sha256=V0UUCT2UNR_N_PB-ZSRx4hz-m7bIY6-peAVaTDUCYsI,1246
189
+ pulumi_vault/pkisecret/_inputs.py,sha256=Bmqq_5ILTQ5up2lKIbttYzMIUvuyQPEjTS8KPfas1JY,6332
190
+ pulumi_vault/pkisecret/backend_acme_eab.py,sha256=DJntVKxVJpxN7UISOINTpnEZAuSopKK0qyxyYcy86po,24256
191
+ pulumi_vault/pkisecret/backend_config_acme.py,sha256=ss724FovdojMUH0jjjvXEPUtWyb2XdAiyUsOs8u5w0Y,30538
190
192
  pulumi_vault/pkisecret/backend_config_cluster.py,sha256=HZKD0_RG3InjJ5KMDhJjVe3v8KNkPo3Wh_8OclZU1vY,16103
193
+ pulumi_vault/pkisecret/backend_config_cmpv2.py,sha256=pH-6aIY2MYfzdiiY1i0gzT0_su_a6ijSCd_HABE8VNY,25942
191
194
  pulumi_vault/pkisecret/backend_config_est.py,sha256=-QFenquNdyHCi-YJJeGnq1o3iQRpfVhI1pWQ1oelsz4,32920
195
+ pulumi_vault/pkisecret/get_backend_config_cmpv2.py,sha256=HSsFTcNbBbVXPXjUKnOexm9K70IbU71gmBaTTKMgpHM,8898
192
196
  pulumi_vault/pkisecret/get_backend_config_est.py,sha256=hQE-leiO65lno8u5_6ektO-c6pfP6xOu7VbmGtGsVas,11158
193
197
  pulumi_vault/pkisecret/get_backend_issuer.py,sha256=iceEn_VYlywWxNmUUTuyFZblZwlDN3lONN1UGsgNL2s,11195
194
198
  pulumi_vault/pkisecret/get_backend_issuers.py,sha256=6jL0FCtQbDRA5HSifYQpDtOaSAyFQoCXwCD3K7GSq70,7270
195
199
  pulumi_vault/pkisecret/get_backend_key.py,sha256=DSl9s_XhYVGFKoa9fJFKV8n6ZTvRk4FkE6OM0DaEhM4,7870
196
200
  pulumi_vault/pkisecret/get_backend_keys.py,sha256=VVDFkEN0xgHSkj7KTl0Pi0CIEmrrAocOkMXs_whZ148,7166
197
- pulumi_vault/pkisecret/outputs.py,sha256=VHd48Sw_YfzzcNP7l9ahU_5CMUYXtZHMLdQA8j9GYZ0,4053
201
+ pulumi_vault/pkisecret/outputs.py,sha256=On7SvbU4OK-TQVDr9aB9Uvl5I1ZfoQNZ9pof_Jrqdeo,5351
198
202
  pulumi_vault/pkisecret/secret_backend_cert.py,sha256=hJk7_aH4pMhtqR5Q_AlP2YF8YrtjfItmKrL31QSqUkw,49873
199
203
  pulumi_vault/pkisecret/secret_backend_config_ca.py,sha256=8M1BLNtbvoV-MNuK-3VWGwJAjyn67KOQsvSgeXOpt1Y,19132
200
204
  pulumi_vault/pkisecret/secret_backend_config_issuers.py,sha256=Uo-dgOdMyI4P4C0wG0GEQhwJGWpmpXuHkoiYceunDjM,17152
@@ -204,7 +208,7 @@ pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py,sha256=IP2NAD
204
208
  pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py,sha256=lFkhI8pO0pR-skKGjMpv2lDxaCQGKTgxO52eTCOsLyI,20222
205
209
  pulumi_vault/pkisecret/secret_backend_issuer.py,sha256=QfxaKVBRRPhdHVVcfFiBnAlx7RNmwQktJWVtHxHCWZI,36799
206
210
  pulumi_vault/pkisecret/secret_backend_key.py,sha256=nD5V_mXwHh_sTZ2N0Zk33M1_wbOHJ5NLlkp-Bb66vGc,25697
207
- pulumi_vault/pkisecret/secret_backend_role.py,sha256=T3vFhBmTmltx3mOmWisvmkwRJ43jtcKXLsOrvGxymcE,116565
211
+ pulumi_vault/pkisecret/secret_backend_role.py,sha256=pOi0XaoYjp-ZbgM2NsUSOz2FZr-4xeB0WrDy96hY_1w,119374
208
212
  pulumi_vault/pkisecret/secret_backend_root_cert.py,sha256=t97B_ERPgwuQ_zN-oTfYXmIKExaXSp5NF0t3hQxz4tM,69011
209
213
  pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py,sha256=rRSgnF9abGx_ABjszkmF3303OlEEOO6grnabo_arg2I,58598
210
214
  pulumi_vault/pkisecret/secret_backend_sign.py,sha256=92aerAXaiVjzdD3QCw3BC4PCh_oX3HOQUN-Pk1KZIxs,48754
@@ -231,7 +235,7 @@ pulumi_vault/ssh/__init__.py,sha256=kSaEW40BMdCU_LlCcy8YIBYROxHLbXfyHdaMRDm76i0,
231
235
  pulumi_vault/ssh/_inputs.py,sha256=vz1nSJIjKJykgA6R44j7XrcbT2SYkfUGYOK-hKFdxRw,2585
232
236
  pulumi_vault/ssh/outputs.py,sha256=-c6dDRsAT71gVJZhORGeJrFwpsIORqhlph6787TGY9U,1620
233
237
  pulumi_vault/ssh/secret_backend_ca.py,sha256=WzqOAfDQe3LnXVysRf-kCny0qlH4-bXwQl83_kTrdPA,22649
234
- pulumi_vault/ssh/secret_backend_role.py,sha256=7nw0JrsU2ek2bY7ga9nrk1q0T4PdBZfmpB_19vO3wI8,74844
238
+ pulumi_vault/ssh/secret_backend_role.py,sha256=PueW8PuPDoQNfsT8G_M9u9di5GnAn8WEPu1NBGeM5zw,76446
235
239
  pulumi_vault/terraformcloud/__init__.py,sha256=sNst-XlgbdicqCgFwaD4FZQ1Qbpf3mMh6Q5Fn1J4Arg,354
236
240
  pulumi_vault/terraformcloud/secret_backend.py,sha256=nWrPaMGfgDWHl8ykHEti8TezastFmgNOqo6F-3gSdMg,23451
237
241
  pulumi_vault/terraformcloud/secret_creds.py,sha256=BANYfjsHHem66Wx6o2_HLWSLNwKS89IJyepFf_E8duU,18041
@@ -250,7 +254,7 @@ pulumi_vault/transit/get_decrypt.py,sha256=I0XLtE5HqX4WULOf80wK9dJFf_J9jBLrzn-A5
250
254
  pulumi_vault/transit/get_encrypt.py,sha256=yP6ftK53qWzA1_dl_B3skv6UsnZUROpVrC7Kc24PvUw,6809
251
255
  pulumi_vault/transit/secret_backend_key.py,sha256=wMEBzwCAc0mp20tJIgEgGvckxQvn_1V-dD-DjbUerlM,53544
252
256
  pulumi_vault/transit/secret_cache_config.py,sha256=Ya9l81qmQuwTpXGKfPVB38ecb0OghkQPc9Qz6rrbzD8,12657
253
- pulumi_vault-6.5.0a1736836139.dist-info/METADATA,sha256=SzshcmNHwI1m2a-QeUOYlXA_i2eVMsvqwazYzhiXuTg,4923
254
- pulumi_vault-6.5.0a1736836139.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
255
- pulumi_vault-6.5.0a1736836139.dist-info/top_level.txt,sha256=J7lAGvfexHc6T1EpDBGNKF0SXWURpmUhyzi9Nr5I61w,13
256
- pulumi_vault-6.5.0a1736836139.dist-info/RECORD,,
257
+ pulumi_vault-6.5.0a1737047276.dist-info/METADATA,sha256=KgrregKjf9xRjFJjR51IT2OcNnAt5WVY9XBWcPXIigg,4923
258
+ pulumi_vault-6.5.0a1737047276.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
259
+ pulumi_vault-6.5.0a1737047276.dist-info/top_level.txt,sha256=J7lAGvfexHc6T1EpDBGNKF0SXWURpmUhyzi9Nr5I61w,13
260
+ pulumi_vault-6.5.0a1737047276.dist-info/RECORD,,