pulumi-vault 6.6.0a1741329548__py3-none-any.whl → 6.6.0a1741836364__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. pulumi_vault/__init__.py +8 -0
  2. pulumi_vault/aws/auth_backend_client.py +228 -4
  3. pulumi_vault/aws/secret_backend.py +266 -50
  4. pulumi_vault/aws/secret_backend_static_role.py +217 -0
  5. pulumi_vault/azure/auth_backend_config.py +257 -5
  6. pulumi_vault/azure/backend.py +249 -4
  7. pulumi_vault/database/_inputs.py +1692 -36
  8. pulumi_vault/database/outputs.py +1170 -18
  9. pulumi_vault/database/secret_backend_connection.py +220 -0
  10. pulumi_vault/database/secret_backend_static_role.py +143 -1
  11. pulumi_vault/database/secrets_mount.py +8 -0
  12. pulumi_vault/gcp/auth_backend.py +222 -2
  13. pulumi_vault/gcp/secret_backend.py +244 -4
  14. pulumi_vault/ldap/auth_backend.py +222 -2
  15. pulumi_vault/ldap/secret_backend.py +222 -2
  16. pulumi_vault/pkisecret/__init__.py +2 -0
  17. pulumi_vault/pkisecret/_inputs.py +0 -6
  18. pulumi_vault/pkisecret/backend_config_acme.py +47 -0
  19. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
  20. pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
  21. pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
  22. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
  23. pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
  24. pulumi_vault/pkisecret/outputs.py +0 -4
  25. pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
  26. pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
  27. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
  28. pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
  29. pulumi_vault/pkisecret/secret_backend_role.py +252 -3
  30. pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
  31. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
  32. pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
  33. pulumi_vault/pulumi-plugin.json +1 -1
  34. pulumi_vault/ssh/__init__.py +1 -0
  35. pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
  36. pulumi_vault/terraformcloud/secret_role.py +7 -7
  37. pulumi_vault/transit/__init__.py +2 -0
  38. pulumi_vault/transit/get_sign.py +324 -0
  39. pulumi_vault/transit/get_verify.py +354 -0
  40. pulumi_vault/transit/secret_backend_key.py +162 -0
  41. {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/METADATA +1 -1
  42. {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/RECORD +44 -39
  43. {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/WHEEL +1 -1
  44. {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/top_level.txt +0 -0
@@ -34,7 +34,7 @@ class SecretRoleArgs:
34
34
  The value should not contain leading or trailing forward slashes.
35
35
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
36
36
  *Available only for Vault Enterprise*.
37
- :param pulumi.Input[int] ttl: Specifies the TTL for this role.
37
+ :param pulumi.Input[int] ttl: Specifies the TTL for this role, in seconds.
38
38
  """
39
39
  if backend is not None:
40
40
  pulumi.set(__self__, "backend", backend)
@@ -120,7 +120,7 @@ class SecretRoleArgs:
120
120
  @pulumi.getter
121
121
  def ttl(self) -> Optional[pulumi.Input[int]]:
122
122
  """
123
- Specifies the TTL for this role.
123
+ Specifies the TTL for this role, in seconds.
124
124
  """
125
125
  return pulumi.get(self, "ttl")
126
126
 
@@ -156,7 +156,7 @@ class _SecretRoleState:
156
156
  The value should not contain leading or trailing forward slashes.
157
157
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
158
158
  *Available only for Vault Enterprise*.
159
- :param pulumi.Input[int] ttl: Specifies the TTL for this role.
159
+ :param pulumi.Input[int] ttl: Specifies the TTL for this role, in seconds.
160
160
  """
161
161
  if backend is not None:
162
162
  pulumi.set(__self__, "backend", backend)
@@ -242,7 +242,7 @@ class _SecretRoleState:
242
242
  @pulumi.getter
243
243
  def ttl(self) -> Optional[pulumi.Input[int]]:
244
244
  """
245
- Specifies the TTL for this role.
245
+ Specifies the TTL for this role, in seconds.
246
246
  """
247
247
  return pulumi.get(self, "ttl")
248
248
 
@@ -307,7 +307,7 @@ class SecretRole(pulumi.CustomResource):
307
307
  The value should not contain leading or trailing forward slashes.
308
308
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
309
309
  *Available only for Vault Enterprise*.
310
- :param pulumi.Input[int] ttl: Specifies the TTL for this role.
310
+ :param pulumi.Input[int] ttl: Specifies the TTL for this role, in seconds.
311
311
  """
312
312
  ...
313
313
  @overload
@@ -411,7 +411,7 @@ class SecretRole(pulumi.CustomResource):
411
411
  The value should not contain leading or trailing forward slashes.
412
412
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
413
413
  *Available only for Vault Enterprise*.
414
- :param pulumi.Input[int] ttl: Specifies the TTL for this role.
414
+ :param pulumi.Input[int] ttl: Specifies the TTL for this role, in seconds.
415
415
  """
416
416
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
417
417
 
@@ -470,7 +470,7 @@ class SecretRole(pulumi.CustomResource):
470
470
  @pulumi.getter
471
471
  def ttl(self) -> pulumi.Output[Optional[int]]:
472
472
  """
473
- Specifies the TTL for this role.
473
+ Specifies the TTL for this role, in seconds.
474
474
  """
475
475
  return pulumi.get(self, "ttl")
476
476
 
@@ -7,5 +7,7 @@ import typing
7
7
  # Export this package's modules as members:
8
8
  from .get_decrypt import *
9
9
  from .get_encrypt import *
10
+ from .get_sign import *
11
+ from .get_verify import *
10
12
  from .secret_backend_key import *
11
13
  from .secret_cache_config import *
@@ -0,0 +1,324 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import copy
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+
17
+ __all__ = [
18
+ 'GetSignResult',
19
+ 'AwaitableGetSignResult',
20
+ 'get_sign',
21
+ 'get_sign_output',
22
+ ]
23
+
24
+ @pulumi.output_type
25
+ class GetSignResult:
26
+ """
27
+ A collection of values returned by getSign.
28
+ """
29
+ def __init__(__self__, batch_inputs=None, batch_results=None, context=None, hash_algorithm=None, id=None, input=None, key_version=None, marshaling_algorithm=None, name=None, namespace=None, path=None, prehashed=None, reference=None, salt_length=None, signature=None, signature_algorithm=None, signature_context=None):
30
+ if batch_inputs and not isinstance(batch_inputs, list):
31
+ raise TypeError("Expected argument 'batch_inputs' to be a list")
32
+ pulumi.set(__self__, "batch_inputs", batch_inputs)
33
+ if batch_results and not isinstance(batch_results, list):
34
+ raise TypeError("Expected argument 'batch_results' to be a list")
35
+ pulumi.set(__self__, "batch_results", batch_results)
36
+ if context and not isinstance(context, str):
37
+ raise TypeError("Expected argument 'context' to be a str")
38
+ pulumi.set(__self__, "context", context)
39
+ if hash_algorithm and not isinstance(hash_algorithm, str):
40
+ raise TypeError("Expected argument 'hash_algorithm' to be a str")
41
+ pulumi.set(__self__, "hash_algorithm", hash_algorithm)
42
+ if id and not isinstance(id, str):
43
+ raise TypeError("Expected argument 'id' to be a str")
44
+ pulumi.set(__self__, "id", id)
45
+ if input and not isinstance(input, str):
46
+ raise TypeError("Expected argument 'input' to be a str")
47
+ pulumi.set(__self__, "input", input)
48
+ if key_version and not isinstance(key_version, int):
49
+ raise TypeError("Expected argument 'key_version' to be a int")
50
+ pulumi.set(__self__, "key_version", key_version)
51
+ if marshaling_algorithm and not isinstance(marshaling_algorithm, str):
52
+ raise TypeError("Expected argument 'marshaling_algorithm' to be a str")
53
+ pulumi.set(__self__, "marshaling_algorithm", marshaling_algorithm)
54
+ if name and not isinstance(name, str):
55
+ raise TypeError("Expected argument 'name' to be a str")
56
+ pulumi.set(__self__, "name", name)
57
+ if namespace and not isinstance(namespace, str):
58
+ raise TypeError("Expected argument 'namespace' to be a str")
59
+ pulumi.set(__self__, "namespace", namespace)
60
+ if path and not isinstance(path, str):
61
+ raise TypeError("Expected argument 'path' to be a str")
62
+ pulumi.set(__self__, "path", path)
63
+ if prehashed and not isinstance(prehashed, bool):
64
+ raise TypeError("Expected argument 'prehashed' to be a bool")
65
+ pulumi.set(__self__, "prehashed", prehashed)
66
+ if reference and not isinstance(reference, str):
67
+ raise TypeError("Expected argument 'reference' to be a str")
68
+ pulumi.set(__self__, "reference", reference)
69
+ if salt_length and not isinstance(salt_length, str):
70
+ raise TypeError("Expected argument 'salt_length' to be a str")
71
+ pulumi.set(__self__, "salt_length", salt_length)
72
+ if signature and not isinstance(signature, str):
73
+ raise TypeError("Expected argument 'signature' to be a str")
74
+ pulumi.set(__self__, "signature", signature)
75
+ if signature_algorithm and not isinstance(signature_algorithm, str):
76
+ raise TypeError("Expected argument 'signature_algorithm' to be a str")
77
+ pulumi.set(__self__, "signature_algorithm", signature_algorithm)
78
+ if signature_context and not isinstance(signature_context, str):
79
+ raise TypeError("Expected argument 'signature_context' to be a str")
80
+ pulumi.set(__self__, "signature_context", signature_context)
81
+
82
+ @property
83
+ @pulumi.getter(name="batchInputs")
84
+ def batch_inputs(self) -> Optional[Sequence[Mapping[str, str]]]:
85
+ return pulumi.get(self, "batch_inputs")
86
+
87
+ @property
88
+ @pulumi.getter(name="batchResults")
89
+ def batch_results(self) -> Sequence[Mapping[str, str]]:
90
+ """
91
+ The results returned from Vault if using `batch_input`
92
+ """
93
+ return pulumi.get(self, "batch_results")
94
+
95
+ @property
96
+ @pulumi.getter
97
+ def context(self) -> Optional[str]:
98
+ return pulumi.get(self, "context")
99
+
100
+ @property
101
+ @pulumi.getter(name="hashAlgorithm")
102
+ def hash_algorithm(self) -> Optional[str]:
103
+ return pulumi.get(self, "hash_algorithm")
104
+
105
+ @property
106
+ @pulumi.getter
107
+ def id(self) -> str:
108
+ """
109
+ The provider-assigned unique ID for this managed resource.
110
+ """
111
+ return pulumi.get(self, "id")
112
+
113
+ @property
114
+ @pulumi.getter
115
+ def input(self) -> Optional[str]:
116
+ return pulumi.get(self, "input")
117
+
118
+ @property
119
+ @pulumi.getter(name="keyVersion")
120
+ def key_version(self) -> Optional[int]:
121
+ return pulumi.get(self, "key_version")
122
+
123
+ @property
124
+ @pulumi.getter(name="marshalingAlgorithm")
125
+ def marshaling_algorithm(self) -> Optional[str]:
126
+ return pulumi.get(self, "marshaling_algorithm")
127
+
128
+ @property
129
+ @pulumi.getter
130
+ def name(self) -> str:
131
+ return pulumi.get(self, "name")
132
+
133
+ @property
134
+ @pulumi.getter
135
+ def namespace(self) -> Optional[str]:
136
+ return pulumi.get(self, "namespace")
137
+
138
+ @property
139
+ @pulumi.getter
140
+ def path(self) -> str:
141
+ return pulumi.get(self, "path")
142
+
143
+ @property
144
+ @pulumi.getter
145
+ def prehashed(self) -> Optional[bool]:
146
+ return pulumi.get(self, "prehashed")
147
+
148
+ @property
149
+ @pulumi.getter
150
+ def reference(self) -> Optional[str]:
151
+ return pulumi.get(self, "reference")
152
+
153
+ @property
154
+ @pulumi.getter(name="saltLength")
155
+ def salt_length(self) -> Optional[str]:
156
+ return pulumi.get(self, "salt_length")
157
+
158
+ @property
159
+ @pulumi.getter
160
+ def signature(self) -> str:
161
+ """
162
+ The signature returned from Vault if using `input`
163
+ """
164
+ return pulumi.get(self, "signature")
165
+
166
+ @property
167
+ @pulumi.getter(name="signatureAlgorithm")
168
+ def signature_algorithm(self) -> Optional[str]:
169
+ return pulumi.get(self, "signature_algorithm")
170
+
171
+ @property
172
+ @pulumi.getter(name="signatureContext")
173
+ def signature_context(self) -> Optional[str]:
174
+ return pulumi.get(self, "signature_context")
175
+
176
+
177
+ class AwaitableGetSignResult(GetSignResult):
178
+ # pylint: disable=using-constant-test
179
+ def __await__(self):
180
+ if False:
181
+ yield self
182
+ return GetSignResult(
183
+ batch_inputs=self.batch_inputs,
184
+ batch_results=self.batch_results,
185
+ context=self.context,
186
+ hash_algorithm=self.hash_algorithm,
187
+ id=self.id,
188
+ input=self.input,
189
+ key_version=self.key_version,
190
+ marshaling_algorithm=self.marshaling_algorithm,
191
+ name=self.name,
192
+ namespace=self.namespace,
193
+ path=self.path,
194
+ prehashed=self.prehashed,
195
+ reference=self.reference,
196
+ salt_length=self.salt_length,
197
+ signature=self.signature,
198
+ signature_algorithm=self.signature_algorithm,
199
+ signature_context=self.signature_context)
200
+
201
+
202
+ def get_sign(batch_inputs: Optional[Sequence[Mapping[str, str]]] = None,
203
+ batch_results: Optional[Sequence[Mapping[str, str]]] = None,
204
+ context: Optional[str] = None,
205
+ hash_algorithm: Optional[str] = None,
206
+ input: Optional[str] = None,
207
+ key_version: Optional[int] = None,
208
+ marshaling_algorithm: Optional[str] = None,
209
+ name: Optional[str] = None,
210
+ namespace: Optional[str] = None,
211
+ path: Optional[str] = None,
212
+ prehashed: Optional[bool] = None,
213
+ reference: Optional[str] = None,
214
+ salt_length: Optional[str] = None,
215
+ signature: Optional[str] = None,
216
+ signature_algorithm: Optional[str] = None,
217
+ signature_context: Optional[str] = None,
218
+ opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSignResult:
219
+ """
220
+ This is a data source which can be used to generate a signature using a Vault Transit key.
221
+
222
+
223
+ :param Sequence[Mapping[str, str]] batch_results: The results returned from Vault if using `batch_input`
224
+ :param str signature: The signature returned from Vault if using `input`
225
+ """
226
+ __args__ = dict()
227
+ __args__['batchInputs'] = batch_inputs
228
+ __args__['batchResults'] = batch_results
229
+ __args__['context'] = context
230
+ __args__['hashAlgorithm'] = hash_algorithm
231
+ __args__['input'] = input
232
+ __args__['keyVersion'] = key_version
233
+ __args__['marshalingAlgorithm'] = marshaling_algorithm
234
+ __args__['name'] = name
235
+ __args__['namespace'] = namespace
236
+ __args__['path'] = path
237
+ __args__['prehashed'] = prehashed
238
+ __args__['reference'] = reference
239
+ __args__['saltLength'] = salt_length
240
+ __args__['signature'] = signature
241
+ __args__['signatureAlgorithm'] = signature_algorithm
242
+ __args__['signatureContext'] = signature_context
243
+ opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
244
+ __ret__ = pulumi.runtime.invoke('vault:transit/getSign:getSign', __args__, opts=opts, typ=GetSignResult).value
245
+
246
+ return AwaitableGetSignResult(
247
+ batch_inputs=pulumi.get(__ret__, 'batch_inputs'),
248
+ batch_results=pulumi.get(__ret__, 'batch_results'),
249
+ context=pulumi.get(__ret__, 'context'),
250
+ hash_algorithm=pulumi.get(__ret__, 'hash_algorithm'),
251
+ id=pulumi.get(__ret__, 'id'),
252
+ input=pulumi.get(__ret__, 'input'),
253
+ key_version=pulumi.get(__ret__, 'key_version'),
254
+ marshaling_algorithm=pulumi.get(__ret__, 'marshaling_algorithm'),
255
+ name=pulumi.get(__ret__, 'name'),
256
+ namespace=pulumi.get(__ret__, 'namespace'),
257
+ path=pulumi.get(__ret__, 'path'),
258
+ prehashed=pulumi.get(__ret__, 'prehashed'),
259
+ reference=pulumi.get(__ret__, 'reference'),
260
+ salt_length=pulumi.get(__ret__, 'salt_length'),
261
+ signature=pulumi.get(__ret__, 'signature'),
262
+ signature_algorithm=pulumi.get(__ret__, 'signature_algorithm'),
263
+ signature_context=pulumi.get(__ret__, 'signature_context'))
264
+ def get_sign_output(batch_inputs: Optional[pulumi.Input[Optional[Sequence[Mapping[str, str]]]]] = None,
265
+ batch_results: Optional[pulumi.Input[Optional[Sequence[Mapping[str, str]]]]] = None,
266
+ context: Optional[pulumi.Input[Optional[str]]] = None,
267
+ hash_algorithm: Optional[pulumi.Input[Optional[str]]] = None,
268
+ input: Optional[pulumi.Input[Optional[str]]] = None,
269
+ key_version: Optional[pulumi.Input[Optional[int]]] = None,
270
+ marshaling_algorithm: Optional[pulumi.Input[Optional[str]]] = None,
271
+ name: Optional[pulumi.Input[str]] = None,
272
+ namespace: Optional[pulumi.Input[Optional[str]]] = None,
273
+ path: Optional[pulumi.Input[str]] = None,
274
+ prehashed: Optional[pulumi.Input[Optional[bool]]] = None,
275
+ reference: Optional[pulumi.Input[Optional[str]]] = None,
276
+ salt_length: Optional[pulumi.Input[Optional[str]]] = None,
277
+ signature: Optional[pulumi.Input[Optional[str]]] = None,
278
+ signature_algorithm: Optional[pulumi.Input[Optional[str]]] = None,
279
+ signature_context: Optional[pulumi.Input[Optional[str]]] = None,
280
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSignResult]:
281
+ """
282
+ This is a data source which can be used to generate a signature using a Vault Transit key.
283
+
284
+
285
+ :param Sequence[Mapping[str, str]] batch_results: The results returned from Vault if using `batch_input`
286
+ :param str signature: The signature returned from Vault if using `input`
287
+ """
288
+ __args__ = dict()
289
+ __args__['batchInputs'] = batch_inputs
290
+ __args__['batchResults'] = batch_results
291
+ __args__['context'] = context
292
+ __args__['hashAlgorithm'] = hash_algorithm
293
+ __args__['input'] = input
294
+ __args__['keyVersion'] = key_version
295
+ __args__['marshalingAlgorithm'] = marshaling_algorithm
296
+ __args__['name'] = name
297
+ __args__['namespace'] = namespace
298
+ __args__['path'] = path
299
+ __args__['prehashed'] = prehashed
300
+ __args__['reference'] = reference
301
+ __args__['saltLength'] = salt_length
302
+ __args__['signature'] = signature
303
+ __args__['signatureAlgorithm'] = signature_algorithm
304
+ __args__['signatureContext'] = signature_context
305
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
306
+ __ret__ = pulumi.runtime.invoke_output('vault:transit/getSign:getSign', __args__, opts=opts, typ=GetSignResult)
307
+ return __ret__.apply(lambda __response__: GetSignResult(
308
+ batch_inputs=pulumi.get(__response__, 'batch_inputs'),
309
+ batch_results=pulumi.get(__response__, 'batch_results'),
310
+ context=pulumi.get(__response__, 'context'),
311
+ hash_algorithm=pulumi.get(__response__, 'hash_algorithm'),
312
+ id=pulumi.get(__response__, 'id'),
313
+ input=pulumi.get(__response__, 'input'),
314
+ key_version=pulumi.get(__response__, 'key_version'),
315
+ marshaling_algorithm=pulumi.get(__response__, 'marshaling_algorithm'),
316
+ name=pulumi.get(__response__, 'name'),
317
+ namespace=pulumi.get(__response__, 'namespace'),
318
+ path=pulumi.get(__response__, 'path'),
319
+ prehashed=pulumi.get(__response__, 'prehashed'),
320
+ reference=pulumi.get(__response__, 'reference'),
321
+ salt_length=pulumi.get(__response__, 'salt_length'),
322
+ signature=pulumi.get(__response__, 'signature'),
323
+ signature_algorithm=pulumi.get(__response__, 'signature_algorithm'),
324
+ signature_context=pulumi.get(__response__, 'signature_context')))