pulumi-vault 6.6.0a1741329548__py3-none-any.whl → 6.6.0a1741836364__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +8 -0
- pulumi_vault/aws/auth_backend_client.py +228 -4
- pulumi_vault/aws/secret_backend.py +266 -50
- pulumi_vault/aws/secret_backend_static_role.py +217 -0
- pulumi_vault/azure/auth_backend_config.py +257 -5
- pulumi_vault/azure/backend.py +249 -4
- pulumi_vault/database/_inputs.py +1692 -36
- pulumi_vault/database/outputs.py +1170 -18
- pulumi_vault/database/secret_backend_connection.py +220 -0
- pulumi_vault/database/secret_backend_static_role.py +143 -1
- pulumi_vault/database/secrets_mount.py +8 -0
- pulumi_vault/gcp/auth_backend.py +222 -2
- pulumi_vault/gcp/secret_backend.py +244 -4
- pulumi_vault/ldap/auth_backend.py +222 -2
- pulumi_vault/ldap/secret_backend.py +222 -2
- pulumi_vault/pkisecret/__init__.py +2 -0
- pulumi_vault/pkisecret/_inputs.py +0 -6
- pulumi_vault/pkisecret/backend_config_acme.py +47 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
- pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
- pulumi_vault/pkisecret/outputs.py +0 -4
- pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
- pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
- pulumi_vault/pkisecret/secret_backend_role.py +252 -3
- pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
- pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/terraformcloud/secret_role.py +7 -7
- pulumi_vault/transit/__init__.py +2 -0
- pulumi_vault/transit/get_sign.py +324 -0
- pulumi_vault/transit/get_verify.py +354 -0
- pulumi_vault/transit/secret_backend_key.py +162 -0
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/METADATA +1 -1
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/RECORD +44 -39
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/WHEEL +1 -1
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/top_level.txt +0 -0
@@ -55,6 +55,8 @@ class SecretBackendRoleArgs:
|
|
55
55
|
name: Optional[pulumi.Input[str]] = None,
|
56
56
|
namespace: Optional[pulumi.Input[str]] = None,
|
57
57
|
no_store: Optional[pulumi.Input[bool]] = None,
|
58
|
+
no_store_metadata: Optional[pulumi.Input[bool]] = None,
|
59
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
58
60
|
not_before_duration: Optional[pulumi.Input[str]] = None,
|
59
61
|
organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
60
62
|
organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -63,11 +65,14 @@ class SecretBackendRoleArgs:
|
|
63
65
|
postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
64
66
|
provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
65
67
|
require_cn: Optional[pulumi.Input[bool]] = None,
|
68
|
+
serial_number_source: Optional[pulumi.Input[str]] = None,
|
66
69
|
server_flag: Optional[pulumi.Input[bool]] = None,
|
70
|
+
signature_bits: Optional[pulumi.Input[int]] = None,
|
67
71
|
street_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
68
72
|
ttl: Optional[pulumi.Input[str]] = None,
|
69
73
|
use_csr_common_name: Optional[pulumi.Input[bool]] = None,
|
70
|
-
use_csr_sans: Optional[pulumi.Input[bool]] = None
|
74
|
+
use_csr_sans: Optional[pulumi.Input[bool]] = None,
|
75
|
+
use_pss: Optional[pulumi.Input[bool]] = None):
|
71
76
|
"""
|
72
77
|
The set of arguments for constructing a SecretBackendRole resource.
|
73
78
|
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
@@ -113,6 +118,8 @@ class SecretBackendRoleArgs:
|
|
113
118
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
114
119
|
*Available only for Vault Enterprise*.
|
115
120
|
:param pulumi.Input[bool] no_store: Flag to not store certificates in the storage backend
|
121
|
+
:param pulumi.Input[bool] no_store_metadata: Allows metadata to be stored keyed on the certificate's serial number. The field is independent of no_store, allowing metadata storage regardless of whether certificates are stored. If true, metadata is not stored and an error is returned if the metadata field is specified on issuance APIs
|
122
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
116
123
|
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
117
124
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates
|
118
125
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates
|
@@ -121,11 +128,16 @@ class SecretBackendRoleArgs:
|
|
121
128
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates
|
122
129
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates
|
123
130
|
:param pulumi.Input[bool] require_cn: Flag to force CN usage
|
131
|
+
:param pulumi.Input[str] serial_number_source: Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior.
|
132
|
+
|
133
|
+
Example usage:
|
124
134
|
:param pulumi.Input[bool] server_flag: Flag to specify certificates for server use
|
135
|
+
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
125
136
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] street_addresses: The street address of generated certificates
|
126
137
|
:param pulumi.Input[str] ttl: The TTL, in seconds, for any certificate issued against this role.
|
127
138
|
:param pulumi.Input[bool] use_csr_common_name: Flag to use the CN in the CSR
|
128
139
|
:param pulumi.Input[bool] use_csr_sans: Flag to use the SANs in the CSR
|
140
|
+
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used. Ignored for ECDSA/Ed25519 issuers.
|
129
141
|
"""
|
130
142
|
pulumi.set(__self__, "backend", backend)
|
131
143
|
if allow_any_name is not None:
|
@@ -194,6 +206,10 @@ class SecretBackendRoleArgs:
|
|
194
206
|
pulumi.set(__self__, "namespace", namespace)
|
195
207
|
if no_store is not None:
|
196
208
|
pulumi.set(__self__, "no_store", no_store)
|
209
|
+
if no_store_metadata is not None:
|
210
|
+
pulumi.set(__self__, "no_store_metadata", no_store_metadata)
|
211
|
+
if not_after is not None:
|
212
|
+
pulumi.set(__self__, "not_after", not_after)
|
197
213
|
if not_before_duration is not None:
|
198
214
|
pulumi.set(__self__, "not_before_duration", not_before_duration)
|
199
215
|
if organization_unit is not None:
|
@@ -210,8 +226,12 @@ class SecretBackendRoleArgs:
|
|
210
226
|
pulumi.set(__self__, "provinces", provinces)
|
211
227
|
if require_cn is not None:
|
212
228
|
pulumi.set(__self__, "require_cn", require_cn)
|
229
|
+
if serial_number_source is not None:
|
230
|
+
pulumi.set(__self__, "serial_number_source", serial_number_source)
|
213
231
|
if server_flag is not None:
|
214
232
|
pulumi.set(__self__, "server_flag", server_flag)
|
233
|
+
if signature_bits is not None:
|
234
|
+
pulumi.set(__self__, "signature_bits", signature_bits)
|
215
235
|
if street_addresses is not None:
|
216
236
|
pulumi.set(__self__, "street_addresses", street_addresses)
|
217
237
|
if ttl is not None:
|
@@ -220,6 +240,8 @@ class SecretBackendRoleArgs:
|
|
220
240
|
pulumi.set(__self__, "use_csr_common_name", use_csr_common_name)
|
221
241
|
if use_csr_sans is not None:
|
222
242
|
pulumi.set(__self__, "use_csr_sans", use_csr_sans)
|
243
|
+
if use_pss is not None:
|
244
|
+
pulumi.set(__self__, "use_pss", use_pss)
|
223
245
|
|
224
246
|
@property
|
225
247
|
@pulumi.getter
|
@@ -638,6 +660,30 @@ class SecretBackendRoleArgs:
|
|
638
660
|
def no_store(self, value: Optional[pulumi.Input[bool]]):
|
639
661
|
pulumi.set(self, "no_store", value)
|
640
662
|
|
663
|
+
@property
|
664
|
+
@pulumi.getter(name="noStoreMetadata")
|
665
|
+
def no_store_metadata(self) -> Optional[pulumi.Input[bool]]:
|
666
|
+
"""
|
667
|
+
Allows metadata to be stored keyed on the certificate's serial number. The field is independent of no_store, allowing metadata storage regardless of whether certificates are stored. If true, metadata is not stored and an error is returned if the metadata field is specified on issuance APIs
|
668
|
+
"""
|
669
|
+
return pulumi.get(self, "no_store_metadata")
|
670
|
+
|
671
|
+
@no_store_metadata.setter
|
672
|
+
def no_store_metadata(self, value: Optional[pulumi.Input[bool]]):
|
673
|
+
pulumi.set(self, "no_store_metadata", value)
|
674
|
+
|
675
|
+
@property
|
676
|
+
@pulumi.getter(name="notAfter")
|
677
|
+
def not_after(self) -> Optional[pulumi.Input[str]]:
|
678
|
+
"""
|
679
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
680
|
+
"""
|
681
|
+
return pulumi.get(self, "not_after")
|
682
|
+
|
683
|
+
@not_after.setter
|
684
|
+
def not_after(self, value: Optional[pulumi.Input[str]]):
|
685
|
+
pulumi.set(self, "not_after", value)
|
686
|
+
|
641
687
|
@property
|
642
688
|
@pulumi.getter(name="notBeforeDuration")
|
643
689
|
def not_before_duration(self) -> Optional[pulumi.Input[str]]:
|
@@ -734,6 +780,20 @@ class SecretBackendRoleArgs:
|
|
734
780
|
def require_cn(self, value: Optional[pulumi.Input[bool]]):
|
735
781
|
pulumi.set(self, "require_cn", value)
|
736
782
|
|
783
|
+
@property
|
784
|
+
@pulumi.getter(name="serialNumberSource")
|
785
|
+
def serial_number_source(self) -> Optional[pulumi.Input[str]]:
|
786
|
+
"""
|
787
|
+
Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior.
|
788
|
+
|
789
|
+
Example usage:
|
790
|
+
"""
|
791
|
+
return pulumi.get(self, "serial_number_source")
|
792
|
+
|
793
|
+
@serial_number_source.setter
|
794
|
+
def serial_number_source(self, value: Optional[pulumi.Input[str]]):
|
795
|
+
pulumi.set(self, "serial_number_source", value)
|
796
|
+
|
737
797
|
@property
|
738
798
|
@pulumi.getter(name="serverFlag")
|
739
799
|
def server_flag(self) -> Optional[pulumi.Input[bool]]:
|
@@ -746,6 +806,18 @@ class SecretBackendRoleArgs:
|
|
746
806
|
def server_flag(self, value: Optional[pulumi.Input[bool]]):
|
747
807
|
pulumi.set(self, "server_flag", value)
|
748
808
|
|
809
|
+
@property
|
810
|
+
@pulumi.getter(name="signatureBits")
|
811
|
+
def signature_bits(self) -> Optional[pulumi.Input[int]]:
|
812
|
+
"""
|
813
|
+
The number of bits to use in the signature algorithm
|
814
|
+
"""
|
815
|
+
return pulumi.get(self, "signature_bits")
|
816
|
+
|
817
|
+
@signature_bits.setter
|
818
|
+
def signature_bits(self, value: Optional[pulumi.Input[int]]):
|
819
|
+
pulumi.set(self, "signature_bits", value)
|
820
|
+
|
749
821
|
@property
|
750
822
|
@pulumi.getter(name="streetAddresses")
|
751
823
|
def street_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
@@ -794,6 +866,18 @@ class SecretBackendRoleArgs:
|
|
794
866
|
def use_csr_sans(self, value: Optional[pulumi.Input[bool]]):
|
795
867
|
pulumi.set(self, "use_csr_sans", value)
|
796
868
|
|
869
|
+
@property
|
870
|
+
@pulumi.getter(name="usePss")
|
871
|
+
def use_pss(self) -> Optional[pulumi.Input[bool]]:
|
872
|
+
"""
|
873
|
+
Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used. Ignored for ECDSA/Ed25519 issuers.
|
874
|
+
"""
|
875
|
+
return pulumi.get(self, "use_pss")
|
876
|
+
|
877
|
+
@use_pss.setter
|
878
|
+
def use_pss(self, value: Optional[pulumi.Input[bool]]):
|
879
|
+
pulumi.set(self, "use_pss", value)
|
880
|
+
|
797
881
|
|
798
882
|
@pulumi.input_type
|
799
883
|
class _SecretBackendRoleState:
|
@@ -832,6 +916,8 @@ class _SecretBackendRoleState:
|
|
832
916
|
name: Optional[pulumi.Input[str]] = None,
|
833
917
|
namespace: Optional[pulumi.Input[str]] = None,
|
834
918
|
no_store: Optional[pulumi.Input[bool]] = None,
|
919
|
+
no_store_metadata: Optional[pulumi.Input[bool]] = None,
|
920
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
835
921
|
not_before_duration: Optional[pulumi.Input[str]] = None,
|
836
922
|
organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
837
923
|
organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -840,11 +926,14 @@ class _SecretBackendRoleState:
|
|
840
926
|
postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
841
927
|
provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
842
928
|
require_cn: Optional[pulumi.Input[bool]] = None,
|
929
|
+
serial_number_source: Optional[pulumi.Input[str]] = None,
|
843
930
|
server_flag: Optional[pulumi.Input[bool]] = None,
|
931
|
+
signature_bits: Optional[pulumi.Input[int]] = None,
|
844
932
|
street_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
845
933
|
ttl: Optional[pulumi.Input[str]] = None,
|
846
934
|
use_csr_common_name: Optional[pulumi.Input[bool]] = None,
|
847
|
-
use_csr_sans: Optional[pulumi.Input[bool]] = None
|
935
|
+
use_csr_sans: Optional[pulumi.Input[bool]] = None,
|
936
|
+
use_pss: Optional[pulumi.Input[bool]] = None):
|
848
937
|
"""
|
849
938
|
Input properties used for looking up and filtering SecretBackendRole resources.
|
850
939
|
:param pulumi.Input[bool] allow_any_name: Flag to allow any name
|
@@ -890,6 +979,8 @@ class _SecretBackendRoleState:
|
|
890
979
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
891
980
|
*Available only for Vault Enterprise*.
|
892
981
|
:param pulumi.Input[bool] no_store: Flag to not store certificates in the storage backend
|
982
|
+
:param pulumi.Input[bool] no_store_metadata: Allows metadata to be stored keyed on the certificate's serial number. The field is independent of no_store, allowing metadata storage regardless of whether certificates are stored. If true, metadata is not stored and an error is returned if the metadata field is specified on issuance APIs
|
983
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
893
984
|
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
894
985
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates
|
895
986
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates
|
@@ -898,11 +989,16 @@ class _SecretBackendRoleState:
|
|
898
989
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates
|
899
990
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates
|
900
991
|
:param pulumi.Input[bool] require_cn: Flag to force CN usage
|
992
|
+
:param pulumi.Input[str] serial_number_source: Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior.
|
993
|
+
|
994
|
+
Example usage:
|
901
995
|
:param pulumi.Input[bool] server_flag: Flag to specify certificates for server use
|
996
|
+
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
902
997
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] street_addresses: The street address of generated certificates
|
903
998
|
:param pulumi.Input[str] ttl: The TTL, in seconds, for any certificate issued against this role.
|
904
999
|
:param pulumi.Input[bool] use_csr_common_name: Flag to use the CN in the CSR
|
905
1000
|
:param pulumi.Input[bool] use_csr_sans: Flag to use the SANs in the CSR
|
1001
|
+
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used. Ignored for ECDSA/Ed25519 issuers.
|
906
1002
|
"""
|
907
1003
|
if allow_any_name is not None:
|
908
1004
|
pulumi.set(__self__, "allow_any_name", allow_any_name)
|
@@ -972,6 +1068,10 @@ class _SecretBackendRoleState:
|
|
972
1068
|
pulumi.set(__self__, "namespace", namespace)
|
973
1069
|
if no_store is not None:
|
974
1070
|
pulumi.set(__self__, "no_store", no_store)
|
1071
|
+
if no_store_metadata is not None:
|
1072
|
+
pulumi.set(__self__, "no_store_metadata", no_store_metadata)
|
1073
|
+
if not_after is not None:
|
1074
|
+
pulumi.set(__self__, "not_after", not_after)
|
975
1075
|
if not_before_duration is not None:
|
976
1076
|
pulumi.set(__self__, "not_before_duration", not_before_duration)
|
977
1077
|
if organization_unit is not None:
|
@@ -988,8 +1088,12 @@ class _SecretBackendRoleState:
|
|
988
1088
|
pulumi.set(__self__, "provinces", provinces)
|
989
1089
|
if require_cn is not None:
|
990
1090
|
pulumi.set(__self__, "require_cn", require_cn)
|
1091
|
+
if serial_number_source is not None:
|
1092
|
+
pulumi.set(__self__, "serial_number_source", serial_number_source)
|
991
1093
|
if server_flag is not None:
|
992
1094
|
pulumi.set(__self__, "server_flag", server_flag)
|
1095
|
+
if signature_bits is not None:
|
1096
|
+
pulumi.set(__self__, "signature_bits", signature_bits)
|
993
1097
|
if street_addresses is not None:
|
994
1098
|
pulumi.set(__self__, "street_addresses", street_addresses)
|
995
1099
|
if ttl is not None:
|
@@ -998,6 +1102,8 @@ class _SecretBackendRoleState:
|
|
998
1102
|
pulumi.set(__self__, "use_csr_common_name", use_csr_common_name)
|
999
1103
|
if use_csr_sans is not None:
|
1000
1104
|
pulumi.set(__self__, "use_csr_sans", use_csr_sans)
|
1105
|
+
if use_pss is not None:
|
1106
|
+
pulumi.set(__self__, "use_pss", use_pss)
|
1001
1107
|
|
1002
1108
|
@property
|
1003
1109
|
@pulumi.getter(name="allowAnyName")
|
@@ -1416,6 +1522,30 @@ class _SecretBackendRoleState:
|
|
1416
1522
|
def no_store(self, value: Optional[pulumi.Input[bool]]):
|
1417
1523
|
pulumi.set(self, "no_store", value)
|
1418
1524
|
|
1525
|
+
@property
|
1526
|
+
@pulumi.getter(name="noStoreMetadata")
|
1527
|
+
def no_store_metadata(self) -> Optional[pulumi.Input[bool]]:
|
1528
|
+
"""
|
1529
|
+
Allows metadata to be stored keyed on the certificate's serial number. The field is independent of no_store, allowing metadata storage regardless of whether certificates are stored. If true, metadata is not stored and an error is returned if the metadata field is specified on issuance APIs
|
1530
|
+
"""
|
1531
|
+
return pulumi.get(self, "no_store_metadata")
|
1532
|
+
|
1533
|
+
@no_store_metadata.setter
|
1534
|
+
def no_store_metadata(self, value: Optional[pulumi.Input[bool]]):
|
1535
|
+
pulumi.set(self, "no_store_metadata", value)
|
1536
|
+
|
1537
|
+
@property
|
1538
|
+
@pulumi.getter(name="notAfter")
|
1539
|
+
def not_after(self) -> Optional[pulumi.Input[str]]:
|
1540
|
+
"""
|
1541
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1542
|
+
"""
|
1543
|
+
return pulumi.get(self, "not_after")
|
1544
|
+
|
1545
|
+
@not_after.setter
|
1546
|
+
def not_after(self, value: Optional[pulumi.Input[str]]):
|
1547
|
+
pulumi.set(self, "not_after", value)
|
1548
|
+
|
1419
1549
|
@property
|
1420
1550
|
@pulumi.getter(name="notBeforeDuration")
|
1421
1551
|
def not_before_duration(self) -> Optional[pulumi.Input[str]]:
|
@@ -1512,6 +1642,20 @@ class _SecretBackendRoleState:
|
|
1512
1642
|
def require_cn(self, value: Optional[pulumi.Input[bool]]):
|
1513
1643
|
pulumi.set(self, "require_cn", value)
|
1514
1644
|
|
1645
|
+
@property
|
1646
|
+
@pulumi.getter(name="serialNumberSource")
|
1647
|
+
def serial_number_source(self) -> Optional[pulumi.Input[str]]:
|
1648
|
+
"""
|
1649
|
+
Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior.
|
1650
|
+
|
1651
|
+
Example usage:
|
1652
|
+
"""
|
1653
|
+
return pulumi.get(self, "serial_number_source")
|
1654
|
+
|
1655
|
+
@serial_number_source.setter
|
1656
|
+
def serial_number_source(self, value: Optional[pulumi.Input[str]]):
|
1657
|
+
pulumi.set(self, "serial_number_source", value)
|
1658
|
+
|
1515
1659
|
@property
|
1516
1660
|
@pulumi.getter(name="serverFlag")
|
1517
1661
|
def server_flag(self) -> Optional[pulumi.Input[bool]]:
|
@@ -1524,6 +1668,18 @@ class _SecretBackendRoleState:
|
|
1524
1668
|
def server_flag(self, value: Optional[pulumi.Input[bool]]):
|
1525
1669
|
pulumi.set(self, "server_flag", value)
|
1526
1670
|
|
1671
|
+
@property
|
1672
|
+
@pulumi.getter(name="signatureBits")
|
1673
|
+
def signature_bits(self) -> Optional[pulumi.Input[int]]:
|
1674
|
+
"""
|
1675
|
+
The number of bits to use in the signature algorithm
|
1676
|
+
"""
|
1677
|
+
return pulumi.get(self, "signature_bits")
|
1678
|
+
|
1679
|
+
@signature_bits.setter
|
1680
|
+
def signature_bits(self, value: Optional[pulumi.Input[int]]):
|
1681
|
+
pulumi.set(self, "signature_bits", value)
|
1682
|
+
|
1527
1683
|
@property
|
1528
1684
|
@pulumi.getter(name="streetAddresses")
|
1529
1685
|
def street_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
@@ -1572,6 +1728,18 @@ class _SecretBackendRoleState:
|
|
1572
1728
|
def use_csr_sans(self, value: Optional[pulumi.Input[bool]]):
|
1573
1729
|
pulumi.set(self, "use_csr_sans", value)
|
1574
1730
|
|
1731
|
+
@property
|
1732
|
+
@pulumi.getter(name="usePss")
|
1733
|
+
def use_pss(self) -> Optional[pulumi.Input[bool]]:
|
1734
|
+
"""
|
1735
|
+
Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used. Ignored for ECDSA/Ed25519 issuers.
|
1736
|
+
"""
|
1737
|
+
return pulumi.get(self, "use_pss")
|
1738
|
+
|
1739
|
+
@use_pss.setter
|
1740
|
+
def use_pss(self, value: Optional[pulumi.Input[bool]]):
|
1741
|
+
pulumi.set(self, "use_pss", value)
|
1742
|
+
|
1575
1743
|
|
1576
1744
|
class SecretBackendRole(pulumi.CustomResource):
|
1577
1745
|
@overload
|
@@ -1612,6 +1780,8 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1612
1780
|
name: Optional[pulumi.Input[str]] = None,
|
1613
1781
|
namespace: Optional[pulumi.Input[str]] = None,
|
1614
1782
|
no_store: Optional[pulumi.Input[bool]] = None,
|
1783
|
+
no_store_metadata: Optional[pulumi.Input[bool]] = None,
|
1784
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
1615
1785
|
not_before_duration: Optional[pulumi.Input[str]] = None,
|
1616
1786
|
organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1617
1787
|
organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -1620,11 +1790,14 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1620
1790
|
postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1621
1791
|
provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1622
1792
|
require_cn: Optional[pulumi.Input[bool]] = None,
|
1793
|
+
serial_number_source: Optional[pulumi.Input[str]] = None,
|
1623
1794
|
server_flag: Optional[pulumi.Input[bool]] = None,
|
1795
|
+
signature_bits: Optional[pulumi.Input[int]] = None,
|
1624
1796
|
street_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1625
1797
|
ttl: Optional[pulumi.Input[str]] = None,
|
1626
1798
|
use_csr_common_name: Optional[pulumi.Input[bool]] = None,
|
1627
1799
|
use_csr_sans: Optional[pulumi.Input[bool]] = None,
|
1800
|
+
use_pss: Optional[pulumi.Input[bool]] = None,
|
1628
1801
|
__props__=None):
|
1629
1802
|
"""
|
1630
1803
|
Creates a role on an PKI Secret Backend for Vault.
|
@@ -1707,6 +1880,8 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1707
1880
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1708
1881
|
*Available only for Vault Enterprise*.
|
1709
1882
|
:param pulumi.Input[bool] no_store: Flag to not store certificates in the storage backend
|
1883
|
+
:param pulumi.Input[bool] no_store_metadata: Allows metadata to be stored keyed on the certificate's serial number. The field is independent of no_store, allowing metadata storage regardless of whether certificates are stored. If true, metadata is not stored and an error is returned if the metadata field is specified on issuance APIs
|
1884
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1710
1885
|
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
1711
1886
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates
|
1712
1887
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates
|
@@ -1715,11 +1890,16 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1715
1890
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates
|
1716
1891
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates
|
1717
1892
|
:param pulumi.Input[bool] require_cn: Flag to force CN usage
|
1893
|
+
:param pulumi.Input[str] serial_number_source: Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior.
|
1894
|
+
|
1895
|
+
Example usage:
|
1718
1896
|
:param pulumi.Input[bool] server_flag: Flag to specify certificates for server use
|
1897
|
+
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
1719
1898
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] street_addresses: The street address of generated certificates
|
1720
1899
|
:param pulumi.Input[str] ttl: The TTL, in seconds, for any certificate issued against this role.
|
1721
1900
|
:param pulumi.Input[bool] use_csr_common_name: Flag to use the CN in the CSR
|
1722
1901
|
:param pulumi.Input[bool] use_csr_sans: Flag to use the SANs in the CSR
|
1902
|
+
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used. Ignored for ECDSA/Ed25519 issuers.
|
1723
1903
|
"""
|
1724
1904
|
...
|
1725
1905
|
@overload
|
@@ -1812,6 +1992,8 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1812
1992
|
name: Optional[pulumi.Input[str]] = None,
|
1813
1993
|
namespace: Optional[pulumi.Input[str]] = None,
|
1814
1994
|
no_store: Optional[pulumi.Input[bool]] = None,
|
1995
|
+
no_store_metadata: Optional[pulumi.Input[bool]] = None,
|
1996
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
1815
1997
|
not_before_duration: Optional[pulumi.Input[str]] = None,
|
1816
1998
|
organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1817
1999
|
organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -1820,11 +2002,14 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1820
2002
|
postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1821
2003
|
provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1822
2004
|
require_cn: Optional[pulumi.Input[bool]] = None,
|
2005
|
+
serial_number_source: Optional[pulumi.Input[str]] = None,
|
1823
2006
|
server_flag: Optional[pulumi.Input[bool]] = None,
|
2007
|
+
signature_bits: Optional[pulumi.Input[int]] = None,
|
1824
2008
|
street_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1825
2009
|
ttl: Optional[pulumi.Input[str]] = None,
|
1826
2010
|
use_csr_common_name: Optional[pulumi.Input[bool]] = None,
|
1827
2011
|
use_csr_sans: Optional[pulumi.Input[bool]] = None,
|
2012
|
+
use_pss: Optional[pulumi.Input[bool]] = None,
|
1828
2013
|
__props__=None):
|
1829
2014
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
1830
2015
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -1870,6 +2055,8 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1870
2055
|
__props__.__dict__["name"] = name
|
1871
2056
|
__props__.__dict__["namespace"] = namespace
|
1872
2057
|
__props__.__dict__["no_store"] = no_store
|
2058
|
+
__props__.__dict__["no_store_metadata"] = no_store_metadata
|
2059
|
+
__props__.__dict__["not_after"] = not_after
|
1873
2060
|
__props__.__dict__["not_before_duration"] = not_before_duration
|
1874
2061
|
__props__.__dict__["organization_unit"] = organization_unit
|
1875
2062
|
__props__.__dict__["organizations"] = organizations
|
@@ -1878,11 +2065,14 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1878
2065
|
__props__.__dict__["postal_codes"] = postal_codes
|
1879
2066
|
__props__.__dict__["provinces"] = provinces
|
1880
2067
|
__props__.__dict__["require_cn"] = require_cn
|
2068
|
+
__props__.__dict__["serial_number_source"] = serial_number_source
|
1881
2069
|
__props__.__dict__["server_flag"] = server_flag
|
2070
|
+
__props__.__dict__["signature_bits"] = signature_bits
|
1882
2071
|
__props__.__dict__["street_addresses"] = street_addresses
|
1883
2072
|
__props__.__dict__["ttl"] = ttl
|
1884
2073
|
__props__.__dict__["use_csr_common_name"] = use_csr_common_name
|
1885
2074
|
__props__.__dict__["use_csr_sans"] = use_csr_sans
|
2075
|
+
__props__.__dict__["use_pss"] = use_pss
|
1886
2076
|
super(SecretBackendRole, __self__).__init__(
|
1887
2077
|
'vault:pkiSecret/secretBackendRole:SecretBackendRole',
|
1888
2078
|
resource_name,
|
@@ -1927,6 +2117,8 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1927
2117
|
name: Optional[pulumi.Input[str]] = None,
|
1928
2118
|
namespace: Optional[pulumi.Input[str]] = None,
|
1929
2119
|
no_store: Optional[pulumi.Input[bool]] = None,
|
2120
|
+
no_store_metadata: Optional[pulumi.Input[bool]] = None,
|
2121
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
1930
2122
|
not_before_duration: Optional[pulumi.Input[str]] = None,
|
1931
2123
|
organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1932
2124
|
organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -1935,11 +2127,14 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1935
2127
|
postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1936
2128
|
provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1937
2129
|
require_cn: Optional[pulumi.Input[bool]] = None,
|
2130
|
+
serial_number_source: Optional[pulumi.Input[str]] = None,
|
1938
2131
|
server_flag: Optional[pulumi.Input[bool]] = None,
|
2132
|
+
signature_bits: Optional[pulumi.Input[int]] = None,
|
1939
2133
|
street_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1940
2134
|
ttl: Optional[pulumi.Input[str]] = None,
|
1941
2135
|
use_csr_common_name: Optional[pulumi.Input[bool]] = None,
|
1942
|
-
use_csr_sans: Optional[pulumi.Input[bool]] = None
|
2136
|
+
use_csr_sans: Optional[pulumi.Input[bool]] = None,
|
2137
|
+
use_pss: Optional[pulumi.Input[bool]] = None) -> 'SecretBackendRole':
|
1943
2138
|
"""
|
1944
2139
|
Get an existing SecretBackendRole resource's state with the given name, id, and optional extra
|
1945
2140
|
properties used to qualify the lookup.
|
@@ -1990,6 +2185,8 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1990
2185
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1991
2186
|
*Available only for Vault Enterprise*.
|
1992
2187
|
:param pulumi.Input[bool] no_store: Flag to not store certificates in the storage backend
|
2188
|
+
:param pulumi.Input[bool] no_store_metadata: Allows metadata to be stored keyed on the certificate's serial number. The field is independent of no_store, allowing metadata storage regardless of whether certificates are stored. If true, metadata is not stored and an error is returned if the metadata field is specified on issuance APIs
|
2189
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1993
2190
|
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
1994
2191
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates
|
1995
2192
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates
|
@@ -1998,11 +2195,16 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
1998
2195
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates
|
1999
2196
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates
|
2000
2197
|
:param pulumi.Input[bool] require_cn: Flag to force CN usage
|
2198
|
+
:param pulumi.Input[str] serial_number_source: Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior.
|
2199
|
+
|
2200
|
+
Example usage:
|
2001
2201
|
:param pulumi.Input[bool] server_flag: Flag to specify certificates for server use
|
2202
|
+
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
2002
2203
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] street_addresses: The street address of generated certificates
|
2003
2204
|
:param pulumi.Input[str] ttl: The TTL, in seconds, for any certificate issued against this role.
|
2004
2205
|
:param pulumi.Input[bool] use_csr_common_name: Flag to use the CN in the CSR
|
2005
2206
|
:param pulumi.Input[bool] use_csr_sans: Flag to use the SANs in the CSR
|
2207
|
+
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used. Ignored for ECDSA/Ed25519 issuers.
|
2006
2208
|
"""
|
2007
2209
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
2008
2210
|
|
@@ -2042,6 +2244,8 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
2042
2244
|
__props__.__dict__["name"] = name
|
2043
2245
|
__props__.__dict__["namespace"] = namespace
|
2044
2246
|
__props__.__dict__["no_store"] = no_store
|
2247
|
+
__props__.__dict__["no_store_metadata"] = no_store_metadata
|
2248
|
+
__props__.__dict__["not_after"] = not_after
|
2045
2249
|
__props__.__dict__["not_before_duration"] = not_before_duration
|
2046
2250
|
__props__.__dict__["organization_unit"] = organization_unit
|
2047
2251
|
__props__.__dict__["organizations"] = organizations
|
@@ -2050,11 +2254,14 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
2050
2254
|
__props__.__dict__["postal_codes"] = postal_codes
|
2051
2255
|
__props__.__dict__["provinces"] = provinces
|
2052
2256
|
__props__.__dict__["require_cn"] = require_cn
|
2257
|
+
__props__.__dict__["serial_number_source"] = serial_number_source
|
2053
2258
|
__props__.__dict__["server_flag"] = server_flag
|
2259
|
+
__props__.__dict__["signature_bits"] = signature_bits
|
2054
2260
|
__props__.__dict__["street_addresses"] = street_addresses
|
2055
2261
|
__props__.__dict__["ttl"] = ttl
|
2056
2262
|
__props__.__dict__["use_csr_common_name"] = use_csr_common_name
|
2057
2263
|
__props__.__dict__["use_csr_sans"] = use_csr_sans
|
2264
|
+
__props__.__dict__["use_pss"] = use_pss
|
2058
2265
|
return SecretBackendRole(resource_name, opts=opts, __props__=__props__)
|
2059
2266
|
|
2060
2267
|
@property
|
@@ -2338,6 +2545,22 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
2338
2545
|
"""
|
2339
2546
|
return pulumi.get(self, "no_store")
|
2340
2547
|
|
2548
|
+
@property
|
2549
|
+
@pulumi.getter(name="noStoreMetadata")
|
2550
|
+
def no_store_metadata(self) -> pulumi.Output[Optional[bool]]:
|
2551
|
+
"""
|
2552
|
+
Allows metadata to be stored keyed on the certificate's serial number. The field is independent of no_store, allowing metadata storage regardless of whether certificates are stored. If true, metadata is not stored and an error is returned if the metadata field is specified on issuance APIs
|
2553
|
+
"""
|
2554
|
+
return pulumi.get(self, "no_store_metadata")
|
2555
|
+
|
2556
|
+
@property
|
2557
|
+
@pulumi.getter(name="notAfter")
|
2558
|
+
def not_after(self) -> pulumi.Output[Optional[str]]:
|
2559
|
+
"""
|
2560
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
2561
|
+
"""
|
2562
|
+
return pulumi.get(self, "not_after")
|
2563
|
+
|
2341
2564
|
@property
|
2342
2565
|
@pulumi.getter(name="notBeforeDuration")
|
2343
2566
|
def not_before_duration(self) -> pulumi.Output[str]:
|
@@ -2402,6 +2625,16 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
2402
2625
|
"""
|
2403
2626
|
return pulumi.get(self, "require_cn")
|
2404
2627
|
|
2628
|
+
@property
|
2629
|
+
@pulumi.getter(name="serialNumberSource")
|
2630
|
+
def serial_number_source(self) -> pulumi.Output[str]:
|
2631
|
+
"""
|
2632
|
+
Specifies the source of the subject serial number. Valid values are json-csr (default) or json. When set to json-csr, the subject serial number is taken from the serial_number parameter and falls back to the serial number in the CSR. When set to json, the subject serial number is taken from the serial_number parameter but will ignore any value in the CSR. For backwards compatibility an empty value for this field will default to the json-csr behavior.
|
2633
|
+
|
2634
|
+
Example usage:
|
2635
|
+
"""
|
2636
|
+
return pulumi.get(self, "serial_number_source")
|
2637
|
+
|
2405
2638
|
@property
|
2406
2639
|
@pulumi.getter(name="serverFlag")
|
2407
2640
|
def server_flag(self) -> pulumi.Output[Optional[bool]]:
|
@@ -2410,6 +2643,14 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
2410
2643
|
"""
|
2411
2644
|
return pulumi.get(self, "server_flag")
|
2412
2645
|
|
2646
|
+
@property
|
2647
|
+
@pulumi.getter(name="signatureBits")
|
2648
|
+
def signature_bits(self) -> pulumi.Output[int]:
|
2649
|
+
"""
|
2650
|
+
The number of bits to use in the signature algorithm
|
2651
|
+
"""
|
2652
|
+
return pulumi.get(self, "signature_bits")
|
2653
|
+
|
2413
2654
|
@property
|
2414
2655
|
@pulumi.getter(name="streetAddresses")
|
2415
2656
|
def street_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
@@ -2442,3 +2683,11 @@ class SecretBackendRole(pulumi.CustomResource):
|
|
2442
2683
|
"""
|
2443
2684
|
return pulumi.get(self, "use_csr_sans")
|
2444
2685
|
|
2686
|
+
@property
|
2687
|
+
@pulumi.getter(name="usePss")
|
2688
|
+
def use_pss(self) -> pulumi.Output[Optional[bool]]:
|
2689
|
+
"""
|
2690
|
+
Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used. Ignored for ECDSA/Ed25519 issuers.
|
2691
|
+
"""
|
2692
|
+
return pulumi.get(self, "use_pss")
|
2693
|
+
|