pulumi-vault 6.6.0a1741329548__py3-none-any.whl → 6.6.0a1741836364__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +8 -0
- pulumi_vault/aws/auth_backend_client.py +228 -4
- pulumi_vault/aws/secret_backend.py +266 -50
- pulumi_vault/aws/secret_backend_static_role.py +217 -0
- pulumi_vault/azure/auth_backend_config.py +257 -5
- pulumi_vault/azure/backend.py +249 -4
- pulumi_vault/database/_inputs.py +1692 -36
- pulumi_vault/database/outputs.py +1170 -18
- pulumi_vault/database/secret_backend_connection.py +220 -0
- pulumi_vault/database/secret_backend_static_role.py +143 -1
- pulumi_vault/database/secrets_mount.py +8 -0
- pulumi_vault/gcp/auth_backend.py +222 -2
- pulumi_vault/gcp/secret_backend.py +244 -4
- pulumi_vault/ldap/auth_backend.py +222 -2
- pulumi_vault/ldap/secret_backend.py +222 -2
- pulumi_vault/pkisecret/__init__.py +2 -0
- pulumi_vault/pkisecret/_inputs.py +0 -6
- pulumi_vault/pkisecret/backend_config_acme.py +47 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
- pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
- pulumi_vault/pkisecret/outputs.py +0 -4
- pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
- pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
- pulumi_vault/pkisecret/secret_backend_role.py +252 -3
- pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
- pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/terraformcloud/secret_role.py +7 -7
- pulumi_vault/transit/__init__.py +2 -0
- pulumi_vault/transit/get_sign.py +324 -0
- pulumi_vault/transit/get_verify.py +354 -0
- pulumi_vault/transit/secret_backend_key.py +162 -0
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/METADATA +1 -1
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/RECORD +44 -39
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/WHEEL +1 -1
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/top_level.txt +0 -0
pulumi_vault/database/outputs.py
CHANGED
@@ -2555,6 +2555,8 @@ class SecretsMountCassandra(dict):
|
|
2555
2555
|
suggest = "allowed_roles"
|
2556
2556
|
elif key == "connectTimeout":
|
2557
2557
|
suggest = "connect_timeout"
|
2558
|
+
elif key == "disableAutomatedRotation":
|
2559
|
+
suggest = "disable_automated_rotation"
|
2558
2560
|
elif key == "insecureTls":
|
2559
2561
|
suggest = "insecure_tls"
|
2560
2562
|
elif key == "pemBundle":
|
@@ -2567,6 +2569,12 @@ class SecretsMountCassandra(dict):
|
|
2567
2569
|
suggest = "protocol_version"
|
2568
2570
|
elif key == "rootRotationStatements":
|
2569
2571
|
suggest = "root_rotation_statements"
|
2572
|
+
elif key == "rotationPeriod":
|
2573
|
+
suggest = "rotation_period"
|
2574
|
+
elif key == "rotationSchedule":
|
2575
|
+
suggest = "rotation_schedule"
|
2576
|
+
elif key == "rotationWindow":
|
2577
|
+
suggest = "rotation_window"
|
2570
2578
|
elif key == "skipVerification":
|
2571
2579
|
suggest = "skip_verification"
|
2572
2580
|
elif key == "verifyConnection":
|
@@ -2588,6 +2596,7 @@ class SecretsMountCassandra(dict):
|
|
2588
2596
|
allowed_roles: Optional[Sequence[str]] = None,
|
2589
2597
|
connect_timeout: Optional[int] = None,
|
2590
2598
|
data: Optional[Mapping[str, str]] = None,
|
2599
|
+
disable_automated_rotation: Optional[bool] = None,
|
2591
2600
|
hosts: Optional[Sequence[str]] = None,
|
2592
2601
|
insecure_tls: Optional[bool] = None,
|
2593
2602
|
password: Optional[str] = None,
|
@@ -2597,6 +2606,9 @@ class SecretsMountCassandra(dict):
|
|
2597
2606
|
port: Optional[int] = None,
|
2598
2607
|
protocol_version: Optional[int] = None,
|
2599
2608
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
2609
|
+
rotation_period: Optional[int] = None,
|
2610
|
+
rotation_schedule: Optional[str] = None,
|
2611
|
+
rotation_window: Optional[int] = None,
|
2600
2612
|
skip_verification: Optional[bool] = None,
|
2601
2613
|
tls: Optional[bool] = None,
|
2602
2614
|
username: Optional[str] = None,
|
@@ -2607,6 +2619,7 @@ class SecretsMountCassandra(dict):
|
|
2607
2619
|
connection.
|
2608
2620
|
:param int connect_timeout: The number of seconds to use as a connection timeout.
|
2609
2621
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
2622
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
2610
2623
|
|
2611
2624
|
Supported list of database secrets engines that can be configured:
|
2612
2625
|
:param Sequence[str] hosts: Cassandra hosts to connect to.
|
@@ -2618,6 +2631,13 @@ class SecretsMountCassandra(dict):
|
|
2618
2631
|
:param int port: The transport port to use to connect to Cassandra.
|
2619
2632
|
:param int protocol_version: The CQL protocol version to use.
|
2620
2633
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
2634
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
2635
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
2636
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
2637
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
2638
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
2639
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
2640
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
2621
2641
|
:param bool skip_verification: Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
|
2622
2642
|
:param bool tls: Whether to use TLS when connecting to Cassandra.
|
2623
2643
|
:param str username: The username to use when authenticating with Cassandra.
|
@@ -2631,6 +2651,8 @@ class SecretsMountCassandra(dict):
|
|
2631
2651
|
pulumi.set(__self__, "connect_timeout", connect_timeout)
|
2632
2652
|
if data is not None:
|
2633
2653
|
pulumi.set(__self__, "data", data)
|
2654
|
+
if disable_automated_rotation is not None:
|
2655
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
2634
2656
|
if hosts is not None:
|
2635
2657
|
pulumi.set(__self__, "hosts", hosts)
|
2636
2658
|
if insecure_tls is not None:
|
@@ -2649,6 +2671,12 @@ class SecretsMountCassandra(dict):
|
|
2649
2671
|
pulumi.set(__self__, "protocol_version", protocol_version)
|
2650
2672
|
if root_rotation_statements is not None:
|
2651
2673
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
2674
|
+
if rotation_period is not None:
|
2675
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
2676
|
+
if rotation_schedule is not None:
|
2677
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
2678
|
+
if rotation_window is not None:
|
2679
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
2652
2680
|
if skip_verification is not None:
|
2653
2681
|
pulumi.set(__self__, "skip_verification", skip_verification)
|
2654
2682
|
if tls is not None:
|
@@ -2688,10 +2716,18 @@ class SecretsMountCassandra(dict):
|
|
2688
2716
|
def data(self) -> Optional[Mapping[str, str]]:
|
2689
2717
|
"""
|
2690
2718
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
2719
|
+
"""
|
2720
|
+
return pulumi.get(self, "data")
|
2721
|
+
|
2722
|
+
@property
|
2723
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
2724
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
2725
|
+
"""
|
2726
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
2691
2727
|
|
2692
2728
|
Supported list of database secrets engines that can be configured:
|
2693
2729
|
"""
|
2694
|
-
return pulumi.get(self, "
|
2730
|
+
return pulumi.get(self, "disable_automated_rotation")
|
2695
2731
|
|
2696
2732
|
@property
|
2697
2733
|
@pulumi.getter
|
@@ -2765,6 +2801,34 @@ class SecretsMountCassandra(dict):
|
|
2765
2801
|
"""
|
2766
2802
|
return pulumi.get(self, "root_rotation_statements")
|
2767
2803
|
|
2804
|
+
@property
|
2805
|
+
@pulumi.getter(name="rotationPeriod")
|
2806
|
+
def rotation_period(self) -> Optional[int]:
|
2807
|
+
"""
|
2808
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
2809
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
2810
|
+
"""
|
2811
|
+
return pulumi.get(self, "rotation_period")
|
2812
|
+
|
2813
|
+
@property
|
2814
|
+
@pulumi.getter(name="rotationSchedule")
|
2815
|
+
def rotation_schedule(self) -> Optional[str]:
|
2816
|
+
"""
|
2817
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
2818
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
2819
|
+
"""
|
2820
|
+
return pulumi.get(self, "rotation_schedule")
|
2821
|
+
|
2822
|
+
@property
|
2823
|
+
@pulumi.getter(name="rotationWindow")
|
2824
|
+
def rotation_window(self) -> Optional[int]:
|
2825
|
+
"""
|
2826
|
+
The maximum amount of time in seconds allowed to complete
|
2827
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
2828
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
2829
|
+
"""
|
2830
|
+
return pulumi.get(self, "rotation_window")
|
2831
|
+
|
2768
2832
|
@property
|
2769
2833
|
@pulumi.getter(name="skipVerification")
|
2770
2834
|
def skip_verification(self) -> Optional[bool]:
|
@@ -2810,12 +2874,20 @@ class SecretsMountCouchbase(dict):
|
|
2810
2874
|
suggest = "base64_pem"
|
2811
2875
|
elif key == "bucketName":
|
2812
2876
|
suggest = "bucket_name"
|
2877
|
+
elif key == "disableAutomatedRotation":
|
2878
|
+
suggest = "disable_automated_rotation"
|
2813
2879
|
elif key == "insecureTls":
|
2814
2880
|
suggest = "insecure_tls"
|
2815
2881
|
elif key == "pluginName":
|
2816
2882
|
suggest = "plugin_name"
|
2817
2883
|
elif key == "rootRotationStatements":
|
2818
2884
|
suggest = "root_rotation_statements"
|
2885
|
+
elif key == "rotationPeriod":
|
2886
|
+
suggest = "rotation_period"
|
2887
|
+
elif key == "rotationSchedule":
|
2888
|
+
suggest = "rotation_schedule"
|
2889
|
+
elif key == "rotationWindow":
|
2890
|
+
suggest = "rotation_window"
|
2819
2891
|
elif key == "usernameTemplate":
|
2820
2892
|
suggest = "username_template"
|
2821
2893
|
elif key == "verifyConnection":
|
@@ -2841,9 +2913,13 @@ class SecretsMountCouchbase(dict):
|
|
2841
2913
|
base64_pem: Optional[str] = None,
|
2842
2914
|
bucket_name: Optional[str] = None,
|
2843
2915
|
data: Optional[Mapping[str, str]] = None,
|
2916
|
+
disable_automated_rotation: Optional[bool] = None,
|
2844
2917
|
insecure_tls: Optional[bool] = None,
|
2845
2918
|
plugin_name: Optional[str] = None,
|
2846
2919
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
2920
|
+
rotation_period: Optional[int] = None,
|
2921
|
+
rotation_schedule: Optional[str] = None,
|
2922
|
+
rotation_window: Optional[int] = None,
|
2847
2923
|
tls: Optional[bool] = None,
|
2848
2924
|
username_template: Optional[str] = None,
|
2849
2925
|
verify_connection: Optional[bool] = None):
|
@@ -2857,11 +2933,19 @@ class SecretsMountCouchbase(dict):
|
|
2857
2933
|
:param str base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
|
2858
2934
|
:param str bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
|
2859
2935
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
2936
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
2860
2937
|
|
2861
2938
|
Supported list of database secrets engines that can be configured:
|
2862
2939
|
:param bool insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
|
2863
2940
|
:param str plugin_name: Specifies the name of the plugin to use.
|
2864
2941
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
2942
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
2943
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
2944
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
2945
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
2946
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
2947
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
2948
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
2865
2949
|
:param bool tls: Specifies whether to use TLS when connecting to Couchbase.
|
2866
2950
|
:param str username_template: Template describing how dynamic usernames are generated.
|
2867
2951
|
:param bool verify_connection: Whether the connection should be verified on
|
@@ -2879,12 +2963,20 @@ class SecretsMountCouchbase(dict):
|
|
2879
2963
|
pulumi.set(__self__, "bucket_name", bucket_name)
|
2880
2964
|
if data is not None:
|
2881
2965
|
pulumi.set(__self__, "data", data)
|
2966
|
+
if disable_automated_rotation is not None:
|
2967
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
2882
2968
|
if insecure_tls is not None:
|
2883
2969
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
2884
2970
|
if plugin_name is not None:
|
2885
2971
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
2886
2972
|
if root_rotation_statements is not None:
|
2887
2973
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
2974
|
+
if rotation_period is not None:
|
2975
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
2976
|
+
if rotation_schedule is not None:
|
2977
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
2978
|
+
if rotation_window is not None:
|
2979
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
2888
2980
|
if tls is not None:
|
2889
2981
|
pulumi.set(__self__, "tls", tls)
|
2890
2982
|
if username_template is not None:
|
@@ -2954,10 +3046,18 @@ class SecretsMountCouchbase(dict):
|
|
2954
3046
|
def data(self) -> Optional[Mapping[str, str]]:
|
2955
3047
|
"""
|
2956
3048
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
3049
|
+
"""
|
3050
|
+
return pulumi.get(self, "data")
|
3051
|
+
|
3052
|
+
@property
|
3053
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
3054
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
3055
|
+
"""
|
3056
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
2957
3057
|
|
2958
3058
|
Supported list of database secrets engines that can be configured:
|
2959
3059
|
"""
|
2960
|
-
return pulumi.get(self, "
|
3060
|
+
return pulumi.get(self, "disable_automated_rotation")
|
2961
3061
|
|
2962
3062
|
@property
|
2963
3063
|
@pulumi.getter(name="insecureTls")
|
@@ -2983,6 +3083,34 @@ class SecretsMountCouchbase(dict):
|
|
2983
3083
|
"""
|
2984
3084
|
return pulumi.get(self, "root_rotation_statements")
|
2985
3085
|
|
3086
|
+
@property
|
3087
|
+
@pulumi.getter(name="rotationPeriod")
|
3088
|
+
def rotation_period(self) -> Optional[int]:
|
3089
|
+
"""
|
3090
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
3091
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
3092
|
+
"""
|
3093
|
+
return pulumi.get(self, "rotation_period")
|
3094
|
+
|
3095
|
+
@property
|
3096
|
+
@pulumi.getter(name="rotationSchedule")
|
3097
|
+
def rotation_schedule(self) -> Optional[str]:
|
3098
|
+
"""
|
3099
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
3100
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
3101
|
+
"""
|
3102
|
+
return pulumi.get(self, "rotation_schedule")
|
3103
|
+
|
3104
|
+
@property
|
3105
|
+
@pulumi.getter(name="rotationWindow")
|
3106
|
+
def rotation_window(self) -> Optional[int]:
|
3107
|
+
"""
|
3108
|
+
The maximum amount of time in seconds allowed to complete
|
3109
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
3110
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3111
|
+
"""
|
3112
|
+
return pulumi.get(self, "rotation_window")
|
3113
|
+
|
2986
3114
|
@property
|
2987
3115
|
@pulumi.getter
|
2988
3116
|
def tls(self) -> Optional[bool]:
|
@@ -3024,10 +3152,18 @@ class SecretsMountElasticsearch(dict):
|
|
3024
3152
|
suggest = "client_cert"
|
3025
3153
|
elif key == "clientKey":
|
3026
3154
|
suggest = "client_key"
|
3155
|
+
elif key == "disableAutomatedRotation":
|
3156
|
+
suggest = "disable_automated_rotation"
|
3027
3157
|
elif key == "pluginName":
|
3028
3158
|
suggest = "plugin_name"
|
3029
3159
|
elif key == "rootRotationStatements":
|
3030
3160
|
suggest = "root_rotation_statements"
|
3161
|
+
elif key == "rotationPeriod":
|
3162
|
+
suggest = "rotation_period"
|
3163
|
+
elif key == "rotationSchedule":
|
3164
|
+
suggest = "rotation_schedule"
|
3165
|
+
elif key == "rotationWindow":
|
3166
|
+
suggest = "rotation_window"
|
3031
3167
|
elif key == "tlsServerName":
|
3032
3168
|
suggest = "tls_server_name"
|
3033
3169
|
elif key == "usernameTemplate":
|
@@ -3057,9 +3193,13 @@ class SecretsMountElasticsearch(dict):
|
|
3057
3193
|
client_cert: Optional[str] = None,
|
3058
3194
|
client_key: Optional[str] = None,
|
3059
3195
|
data: Optional[Mapping[str, str]] = None,
|
3196
|
+
disable_automated_rotation: Optional[bool] = None,
|
3060
3197
|
insecure: Optional[bool] = None,
|
3061
3198
|
plugin_name: Optional[str] = None,
|
3062
3199
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
3200
|
+
rotation_period: Optional[int] = None,
|
3201
|
+
rotation_schedule: Optional[str] = None,
|
3202
|
+
rotation_window: Optional[int] = None,
|
3063
3203
|
tls_server_name: Optional[str] = None,
|
3064
3204
|
username_template: Optional[str] = None,
|
3065
3205
|
verify_connection: Optional[bool] = None):
|
@@ -3075,11 +3215,19 @@ class SecretsMountElasticsearch(dict):
|
|
3075
3215
|
:param str client_cert: The path to the certificate for the Elasticsearch client to present for communication
|
3076
3216
|
:param str client_key: The path to the key for the Elasticsearch client to use for communication
|
3077
3217
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
3218
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3078
3219
|
|
3079
3220
|
Supported list of database secrets engines that can be configured:
|
3080
3221
|
:param bool insecure: Whether to disable certificate verification
|
3081
3222
|
:param str plugin_name: Specifies the name of the plugin to use.
|
3082
3223
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
3224
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
3225
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
3226
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
3227
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
3228
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
3229
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
3230
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3083
3231
|
:param str tls_server_name: This, if set, is used to set the SNI host when connecting via TLS
|
3084
3232
|
:param str username_template: Template describing how dynamic usernames are generated.
|
3085
3233
|
:param bool verify_connection: Whether the connection should be verified on
|
@@ -3101,12 +3249,20 @@ class SecretsMountElasticsearch(dict):
|
|
3101
3249
|
pulumi.set(__self__, "client_key", client_key)
|
3102
3250
|
if data is not None:
|
3103
3251
|
pulumi.set(__self__, "data", data)
|
3252
|
+
if disable_automated_rotation is not None:
|
3253
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
3104
3254
|
if insecure is not None:
|
3105
3255
|
pulumi.set(__self__, "insecure", insecure)
|
3106
3256
|
if plugin_name is not None:
|
3107
3257
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
3108
3258
|
if root_rotation_statements is not None:
|
3109
3259
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
3260
|
+
if rotation_period is not None:
|
3261
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
3262
|
+
if rotation_schedule is not None:
|
3263
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
3264
|
+
if rotation_window is not None:
|
3265
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
3110
3266
|
if tls_server_name is not None:
|
3111
3267
|
pulumi.set(__self__, "tls_server_name", tls_server_name)
|
3112
3268
|
if username_template is not None:
|
@@ -3192,10 +3348,18 @@ class SecretsMountElasticsearch(dict):
|
|
3192
3348
|
def data(self) -> Optional[Mapping[str, str]]:
|
3193
3349
|
"""
|
3194
3350
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
3351
|
+
"""
|
3352
|
+
return pulumi.get(self, "data")
|
3353
|
+
|
3354
|
+
@property
|
3355
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
3356
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
3357
|
+
"""
|
3358
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3195
3359
|
|
3196
3360
|
Supported list of database secrets engines that can be configured:
|
3197
3361
|
"""
|
3198
|
-
return pulumi.get(self, "
|
3362
|
+
return pulumi.get(self, "disable_automated_rotation")
|
3199
3363
|
|
3200
3364
|
@property
|
3201
3365
|
@pulumi.getter
|
@@ -3221,6 +3385,34 @@ class SecretsMountElasticsearch(dict):
|
|
3221
3385
|
"""
|
3222
3386
|
return pulumi.get(self, "root_rotation_statements")
|
3223
3387
|
|
3388
|
+
@property
|
3389
|
+
@pulumi.getter(name="rotationPeriod")
|
3390
|
+
def rotation_period(self) -> Optional[int]:
|
3391
|
+
"""
|
3392
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
3393
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
3394
|
+
"""
|
3395
|
+
return pulumi.get(self, "rotation_period")
|
3396
|
+
|
3397
|
+
@property
|
3398
|
+
@pulumi.getter(name="rotationSchedule")
|
3399
|
+
def rotation_schedule(self) -> Optional[str]:
|
3400
|
+
"""
|
3401
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
3402
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
3403
|
+
"""
|
3404
|
+
return pulumi.get(self, "rotation_schedule")
|
3405
|
+
|
3406
|
+
@property
|
3407
|
+
@pulumi.getter(name="rotationWindow")
|
3408
|
+
def rotation_window(self) -> Optional[int]:
|
3409
|
+
"""
|
3410
|
+
The maximum amount of time in seconds allowed to complete
|
3411
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
3412
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3413
|
+
"""
|
3414
|
+
return pulumi.get(self, "rotation_window")
|
3415
|
+
|
3224
3416
|
@property
|
3225
3417
|
@pulumi.getter(name="tlsServerName")
|
3226
3418
|
def tls_server_name(self) -> Optional[str]:
|
@@ -3256,6 +3448,8 @@ class SecretsMountHana(dict):
|
|
3256
3448
|
suggest = "allowed_roles"
|
3257
3449
|
elif key == "connectionUrl":
|
3258
3450
|
suggest = "connection_url"
|
3451
|
+
elif key == "disableAutomatedRotation":
|
3452
|
+
suggest = "disable_automated_rotation"
|
3259
3453
|
elif key == "disableEscaping":
|
3260
3454
|
suggest = "disable_escaping"
|
3261
3455
|
elif key == "maxConnectionLifetime":
|
@@ -3268,6 +3462,12 @@ class SecretsMountHana(dict):
|
|
3268
3462
|
suggest = "plugin_name"
|
3269
3463
|
elif key == "rootRotationStatements":
|
3270
3464
|
suggest = "root_rotation_statements"
|
3465
|
+
elif key == "rotationPeriod":
|
3466
|
+
suggest = "rotation_period"
|
3467
|
+
elif key == "rotationSchedule":
|
3468
|
+
suggest = "rotation_schedule"
|
3469
|
+
elif key == "rotationWindow":
|
3470
|
+
suggest = "rotation_window"
|
3271
3471
|
elif key == "verifyConnection":
|
3272
3472
|
suggest = "verify_connection"
|
3273
3473
|
|
@@ -3287,6 +3487,7 @@ class SecretsMountHana(dict):
|
|
3287
3487
|
allowed_roles: Optional[Sequence[str]] = None,
|
3288
3488
|
connection_url: Optional[str] = None,
|
3289
3489
|
data: Optional[Mapping[str, str]] = None,
|
3490
|
+
disable_automated_rotation: Optional[bool] = None,
|
3290
3491
|
disable_escaping: Optional[bool] = None,
|
3291
3492
|
max_connection_lifetime: Optional[int] = None,
|
3292
3493
|
max_idle_connections: Optional[int] = None,
|
@@ -3294,6 +3495,9 @@ class SecretsMountHana(dict):
|
|
3294
3495
|
password: Optional[str] = None,
|
3295
3496
|
plugin_name: Optional[str] = None,
|
3296
3497
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
3498
|
+
rotation_period: Optional[int] = None,
|
3499
|
+
rotation_schedule: Optional[str] = None,
|
3500
|
+
rotation_window: Optional[int] = None,
|
3297
3501
|
username: Optional[str] = None,
|
3298
3502
|
verify_connection: Optional[bool] = None):
|
3299
3503
|
"""
|
@@ -3302,6 +3506,7 @@ class SecretsMountHana(dict):
|
|
3302
3506
|
connection.
|
3303
3507
|
:param str connection_url: Connection string to use to connect to the database.
|
3304
3508
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
3509
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3305
3510
|
|
3306
3511
|
Supported list of database secrets engines that can be configured:
|
3307
3512
|
:param bool disable_escaping: Disable special character escaping in username and password
|
@@ -3311,6 +3516,13 @@ class SecretsMountHana(dict):
|
|
3311
3516
|
:param str password: The root credential password used in the connection URL
|
3312
3517
|
:param str plugin_name: Specifies the name of the plugin to use.
|
3313
3518
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
3519
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
3520
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
3521
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
3522
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
3523
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
3524
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
3525
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3314
3526
|
:param str username: The root credential username used in the connection URL
|
3315
3527
|
:param bool verify_connection: Whether the connection should be verified on
|
3316
3528
|
initial configuration or not.
|
@@ -3322,6 +3534,8 @@ class SecretsMountHana(dict):
|
|
3322
3534
|
pulumi.set(__self__, "connection_url", connection_url)
|
3323
3535
|
if data is not None:
|
3324
3536
|
pulumi.set(__self__, "data", data)
|
3537
|
+
if disable_automated_rotation is not None:
|
3538
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
3325
3539
|
if disable_escaping is not None:
|
3326
3540
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
3327
3541
|
if max_connection_lifetime is not None:
|
@@ -3336,6 +3550,12 @@ class SecretsMountHana(dict):
|
|
3336
3550
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
3337
3551
|
if root_rotation_statements is not None:
|
3338
3552
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
3553
|
+
if rotation_period is not None:
|
3554
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
3555
|
+
if rotation_schedule is not None:
|
3556
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
3557
|
+
if rotation_window is not None:
|
3558
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
3339
3559
|
if username is not None:
|
3340
3560
|
pulumi.set(__self__, "username", username)
|
3341
3561
|
if verify_connection is not None:
|
@@ -3371,10 +3591,18 @@ class SecretsMountHana(dict):
|
|
3371
3591
|
def data(self) -> Optional[Mapping[str, str]]:
|
3372
3592
|
"""
|
3373
3593
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
3594
|
+
"""
|
3595
|
+
return pulumi.get(self, "data")
|
3596
|
+
|
3597
|
+
@property
|
3598
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
3599
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
3600
|
+
"""
|
3601
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3374
3602
|
|
3375
3603
|
Supported list of database secrets engines that can be configured:
|
3376
3604
|
"""
|
3377
|
-
return pulumi.get(self, "
|
3605
|
+
return pulumi.get(self, "disable_automated_rotation")
|
3378
3606
|
|
3379
3607
|
@property
|
3380
3608
|
@pulumi.getter(name="disableEscaping")
|
@@ -3432,6 +3660,34 @@ class SecretsMountHana(dict):
|
|
3432
3660
|
"""
|
3433
3661
|
return pulumi.get(self, "root_rotation_statements")
|
3434
3662
|
|
3663
|
+
@property
|
3664
|
+
@pulumi.getter(name="rotationPeriod")
|
3665
|
+
def rotation_period(self) -> Optional[int]:
|
3666
|
+
"""
|
3667
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
3668
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
3669
|
+
"""
|
3670
|
+
return pulumi.get(self, "rotation_period")
|
3671
|
+
|
3672
|
+
@property
|
3673
|
+
@pulumi.getter(name="rotationSchedule")
|
3674
|
+
def rotation_schedule(self) -> Optional[str]:
|
3675
|
+
"""
|
3676
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
3677
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
3678
|
+
"""
|
3679
|
+
return pulumi.get(self, "rotation_schedule")
|
3680
|
+
|
3681
|
+
@property
|
3682
|
+
@pulumi.getter(name="rotationWindow")
|
3683
|
+
def rotation_window(self) -> Optional[int]:
|
3684
|
+
"""
|
3685
|
+
The maximum amount of time in seconds allowed to complete
|
3686
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
3687
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3688
|
+
"""
|
3689
|
+
return pulumi.get(self, "rotation_window")
|
3690
|
+
|
3435
3691
|
@property
|
3436
3692
|
@pulumi.getter
|
3437
3693
|
def username(self) -> Optional[str]:
|
@@ -3459,6 +3715,8 @@ class SecretsMountInfluxdb(dict):
|
|
3459
3715
|
suggest = "allowed_roles"
|
3460
3716
|
elif key == "connectTimeout":
|
3461
3717
|
suggest = "connect_timeout"
|
3718
|
+
elif key == "disableAutomatedRotation":
|
3719
|
+
suggest = "disable_automated_rotation"
|
3462
3720
|
elif key == "insecureTls":
|
3463
3721
|
suggest = "insecure_tls"
|
3464
3722
|
elif key == "pemBundle":
|
@@ -3469,6 +3727,12 @@ class SecretsMountInfluxdb(dict):
|
|
3469
3727
|
suggest = "plugin_name"
|
3470
3728
|
elif key == "rootRotationStatements":
|
3471
3729
|
suggest = "root_rotation_statements"
|
3730
|
+
elif key == "rotationPeriod":
|
3731
|
+
suggest = "rotation_period"
|
3732
|
+
elif key == "rotationSchedule":
|
3733
|
+
suggest = "rotation_schedule"
|
3734
|
+
elif key == "rotationWindow":
|
3735
|
+
suggest = "rotation_window"
|
3472
3736
|
elif key == "usernameTemplate":
|
3473
3737
|
suggest = "username_template"
|
3474
3738
|
elif key == "verifyConnection":
|
@@ -3493,12 +3757,16 @@ class SecretsMountInfluxdb(dict):
|
|
3493
3757
|
allowed_roles: Optional[Sequence[str]] = None,
|
3494
3758
|
connect_timeout: Optional[int] = None,
|
3495
3759
|
data: Optional[Mapping[str, str]] = None,
|
3760
|
+
disable_automated_rotation: Optional[bool] = None,
|
3496
3761
|
insecure_tls: Optional[bool] = None,
|
3497
3762
|
pem_bundle: Optional[str] = None,
|
3498
3763
|
pem_json: Optional[str] = None,
|
3499
3764
|
plugin_name: Optional[str] = None,
|
3500
3765
|
port: Optional[int] = None,
|
3501
3766
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
3767
|
+
rotation_period: Optional[int] = None,
|
3768
|
+
rotation_schedule: Optional[str] = None,
|
3769
|
+
rotation_window: Optional[int] = None,
|
3502
3770
|
tls: Optional[bool] = None,
|
3503
3771
|
username_template: Optional[str] = None,
|
3504
3772
|
verify_connection: Optional[bool] = None):
|
@@ -3511,6 +3779,7 @@ class SecretsMountInfluxdb(dict):
|
|
3511
3779
|
connection.
|
3512
3780
|
:param int connect_timeout: The number of seconds to use as a connection timeout.
|
3513
3781
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
3782
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3514
3783
|
|
3515
3784
|
Supported list of database secrets engines that can be configured:
|
3516
3785
|
:param bool insecure_tls: Whether to skip verification of the server certificate when using TLS.
|
@@ -3519,6 +3788,13 @@ class SecretsMountInfluxdb(dict):
|
|
3519
3788
|
:param str plugin_name: Specifies the name of the plugin to use.
|
3520
3789
|
:param int port: The transport port to use to connect to Influxdb.
|
3521
3790
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
3791
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
3792
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
3793
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
3794
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
3795
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
3796
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
3797
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3522
3798
|
:param bool tls: Whether to use TLS when connecting to Influxdb.
|
3523
3799
|
:param str username_template: Template describing how dynamic usernames are generated.
|
3524
3800
|
:param bool verify_connection: Whether the connection should be verified on
|
@@ -3534,6 +3810,8 @@ class SecretsMountInfluxdb(dict):
|
|
3534
3810
|
pulumi.set(__self__, "connect_timeout", connect_timeout)
|
3535
3811
|
if data is not None:
|
3536
3812
|
pulumi.set(__self__, "data", data)
|
3813
|
+
if disable_automated_rotation is not None:
|
3814
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
3537
3815
|
if insecure_tls is not None:
|
3538
3816
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
3539
3817
|
if pem_bundle is not None:
|
@@ -3546,6 +3824,12 @@ class SecretsMountInfluxdb(dict):
|
|
3546
3824
|
pulumi.set(__self__, "port", port)
|
3547
3825
|
if root_rotation_statements is not None:
|
3548
3826
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
3827
|
+
if rotation_period is not None:
|
3828
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
3829
|
+
if rotation_schedule is not None:
|
3830
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
3831
|
+
if rotation_window is not None:
|
3832
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
3549
3833
|
if tls is not None:
|
3550
3834
|
pulumi.set(__self__, "tls", tls)
|
3551
3835
|
if username_template is not None:
|
@@ -3607,10 +3891,18 @@ class SecretsMountInfluxdb(dict):
|
|
3607
3891
|
def data(self) -> Optional[Mapping[str, str]]:
|
3608
3892
|
"""
|
3609
3893
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
3894
|
+
"""
|
3895
|
+
return pulumi.get(self, "data")
|
3896
|
+
|
3897
|
+
@property
|
3898
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
3899
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
3900
|
+
"""
|
3901
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3610
3902
|
|
3611
3903
|
Supported list of database secrets engines that can be configured:
|
3612
3904
|
"""
|
3613
|
-
return pulumi.get(self, "
|
3905
|
+
return pulumi.get(self, "disable_automated_rotation")
|
3614
3906
|
|
3615
3907
|
@property
|
3616
3908
|
@pulumi.getter(name="insecureTls")
|
@@ -3660,6 +3952,34 @@ class SecretsMountInfluxdb(dict):
|
|
3660
3952
|
"""
|
3661
3953
|
return pulumi.get(self, "root_rotation_statements")
|
3662
3954
|
|
3955
|
+
@property
|
3956
|
+
@pulumi.getter(name="rotationPeriod")
|
3957
|
+
def rotation_period(self) -> Optional[int]:
|
3958
|
+
"""
|
3959
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
3960
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
3961
|
+
"""
|
3962
|
+
return pulumi.get(self, "rotation_period")
|
3963
|
+
|
3964
|
+
@property
|
3965
|
+
@pulumi.getter(name="rotationSchedule")
|
3966
|
+
def rotation_schedule(self) -> Optional[str]:
|
3967
|
+
"""
|
3968
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
3969
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
3970
|
+
"""
|
3971
|
+
return pulumi.get(self, "rotation_schedule")
|
3972
|
+
|
3973
|
+
@property
|
3974
|
+
@pulumi.getter(name="rotationWindow")
|
3975
|
+
def rotation_window(self) -> Optional[int]:
|
3976
|
+
"""
|
3977
|
+
The maximum amount of time in seconds allowed to complete
|
3978
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
3979
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3980
|
+
"""
|
3981
|
+
return pulumi.get(self, "rotation_window")
|
3982
|
+
|
3663
3983
|
@property
|
3664
3984
|
@pulumi.getter
|
3665
3985
|
def tls(self) -> Optional[bool]:
|
@@ -3695,6 +4015,8 @@ class SecretsMountMongodb(dict):
|
|
3695
4015
|
suggest = "allowed_roles"
|
3696
4016
|
elif key == "connectionUrl":
|
3697
4017
|
suggest = "connection_url"
|
4018
|
+
elif key == "disableAutomatedRotation":
|
4019
|
+
suggest = "disable_automated_rotation"
|
3698
4020
|
elif key == "maxConnectionLifetime":
|
3699
4021
|
suggest = "max_connection_lifetime"
|
3700
4022
|
elif key == "maxIdleConnections":
|
@@ -3705,6 +4027,12 @@ class SecretsMountMongodb(dict):
|
|
3705
4027
|
suggest = "plugin_name"
|
3706
4028
|
elif key == "rootRotationStatements":
|
3707
4029
|
suggest = "root_rotation_statements"
|
4030
|
+
elif key == "rotationPeriod":
|
4031
|
+
suggest = "rotation_period"
|
4032
|
+
elif key == "rotationSchedule":
|
4033
|
+
suggest = "rotation_schedule"
|
4034
|
+
elif key == "rotationWindow":
|
4035
|
+
suggest = "rotation_window"
|
3708
4036
|
elif key == "usernameTemplate":
|
3709
4037
|
suggest = "username_template"
|
3710
4038
|
elif key == "verifyConnection":
|
@@ -3726,12 +4054,16 @@ class SecretsMountMongodb(dict):
|
|
3726
4054
|
allowed_roles: Optional[Sequence[str]] = None,
|
3727
4055
|
connection_url: Optional[str] = None,
|
3728
4056
|
data: Optional[Mapping[str, str]] = None,
|
4057
|
+
disable_automated_rotation: Optional[bool] = None,
|
3729
4058
|
max_connection_lifetime: Optional[int] = None,
|
3730
4059
|
max_idle_connections: Optional[int] = None,
|
3731
4060
|
max_open_connections: Optional[int] = None,
|
3732
4061
|
password: Optional[str] = None,
|
3733
4062
|
plugin_name: Optional[str] = None,
|
3734
4063
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
4064
|
+
rotation_period: Optional[int] = None,
|
4065
|
+
rotation_schedule: Optional[str] = None,
|
4066
|
+
rotation_window: Optional[int] = None,
|
3735
4067
|
username: Optional[str] = None,
|
3736
4068
|
username_template: Optional[str] = None,
|
3737
4069
|
verify_connection: Optional[bool] = None):
|
@@ -3741,6 +4073,7 @@ class SecretsMountMongodb(dict):
|
|
3741
4073
|
connection.
|
3742
4074
|
:param str connection_url: Connection string to use to connect to the database.
|
3743
4075
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4076
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3744
4077
|
|
3745
4078
|
Supported list of database secrets engines that can be configured:
|
3746
4079
|
:param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
@@ -3749,6 +4082,13 @@ class SecretsMountMongodb(dict):
|
|
3749
4082
|
:param str password: The root credential password used in the connection URL
|
3750
4083
|
:param str plugin_name: Specifies the name of the plugin to use.
|
3751
4084
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
4085
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
4086
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
4087
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
4088
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
4089
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
4090
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
4091
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3752
4092
|
:param str username: The root credential username used in the connection URL
|
3753
4093
|
:param str username_template: Username generation template.
|
3754
4094
|
:param bool verify_connection: Whether the connection should be verified on
|
@@ -3761,6 +4101,8 @@ class SecretsMountMongodb(dict):
|
|
3761
4101
|
pulumi.set(__self__, "connection_url", connection_url)
|
3762
4102
|
if data is not None:
|
3763
4103
|
pulumi.set(__self__, "data", data)
|
4104
|
+
if disable_automated_rotation is not None:
|
4105
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
3764
4106
|
if max_connection_lifetime is not None:
|
3765
4107
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
3766
4108
|
if max_idle_connections is not None:
|
@@ -3773,6 +4115,12 @@ class SecretsMountMongodb(dict):
|
|
3773
4115
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
3774
4116
|
if root_rotation_statements is not None:
|
3775
4117
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
4118
|
+
if rotation_period is not None:
|
4119
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
4120
|
+
if rotation_schedule is not None:
|
4121
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
4122
|
+
if rotation_window is not None:
|
4123
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
3776
4124
|
if username is not None:
|
3777
4125
|
pulumi.set(__self__, "username", username)
|
3778
4126
|
if username_template is not None:
|
@@ -3810,10 +4158,18 @@ class SecretsMountMongodb(dict):
|
|
3810
4158
|
def data(self) -> Optional[Mapping[str, str]]:
|
3811
4159
|
"""
|
3812
4160
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4161
|
+
"""
|
4162
|
+
return pulumi.get(self, "data")
|
4163
|
+
|
4164
|
+
@property
|
4165
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
4166
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
4167
|
+
"""
|
4168
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3813
4169
|
|
3814
4170
|
Supported list of database secrets engines that can be configured:
|
3815
4171
|
"""
|
3816
|
-
return pulumi.get(self, "
|
4172
|
+
return pulumi.get(self, "disable_automated_rotation")
|
3817
4173
|
|
3818
4174
|
@property
|
3819
4175
|
@pulumi.getter(name="maxConnectionLifetime")
|
@@ -3863,6 +4219,34 @@ class SecretsMountMongodb(dict):
|
|
3863
4219
|
"""
|
3864
4220
|
return pulumi.get(self, "root_rotation_statements")
|
3865
4221
|
|
4222
|
+
@property
|
4223
|
+
@pulumi.getter(name="rotationPeriod")
|
4224
|
+
def rotation_period(self) -> Optional[int]:
|
4225
|
+
"""
|
4226
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
4227
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
4228
|
+
"""
|
4229
|
+
return pulumi.get(self, "rotation_period")
|
4230
|
+
|
4231
|
+
@property
|
4232
|
+
@pulumi.getter(name="rotationSchedule")
|
4233
|
+
def rotation_schedule(self) -> Optional[str]:
|
4234
|
+
"""
|
4235
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
4236
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
4237
|
+
"""
|
4238
|
+
return pulumi.get(self, "rotation_schedule")
|
4239
|
+
|
4240
|
+
@property
|
4241
|
+
@pulumi.getter(name="rotationWindow")
|
4242
|
+
def rotation_window(self) -> Optional[int]:
|
4243
|
+
"""
|
4244
|
+
The maximum amount of time in seconds allowed to complete
|
4245
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
4246
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
4247
|
+
"""
|
4248
|
+
return pulumi.get(self, "rotation_window")
|
4249
|
+
|
3866
4250
|
@property
|
3867
4251
|
@pulumi.getter
|
3868
4252
|
def username(self) -> Optional[str]:
|
@@ -3902,10 +4286,18 @@ class SecretsMountMongodbatla(dict):
|
|
3902
4286
|
suggest = "public_key"
|
3903
4287
|
elif key == "allowedRoles":
|
3904
4288
|
suggest = "allowed_roles"
|
4289
|
+
elif key == "disableAutomatedRotation":
|
4290
|
+
suggest = "disable_automated_rotation"
|
3905
4291
|
elif key == "pluginName":
|
3906
4292
|
suggest = "plugin_name"
|
3907
4293
|
elif key == "rootRotationStatements":
|
3908
4294
|
suggest = "root_rotation_statements"
|
4295
|
+
elif key == "rotationPeriod":
|
4296
|
+
suggest = "rotation_period"
|
4297
|
+
elif key == "rotationSchedule":
|
4298
|
+
suggest = "rotation_schedule"
|
4299
|
+
elif key == "rotationWindow":
|
4300
|
+
suggest = "rotation_window"
|
3909
4301
|
elif key == "verifyConnection":
|
3910
4302
|
suggest = "verify_connection"
|
3911
4303
|
|
@@ -3927,8 +4319,12 @@ class SecretsMountMongodbatla(dict):
|
|
3927
4319
|
public_key: str,
|
3928
4320
|
allowed_roles: Optional[Sequence[str]] = None,
|
3929
4321
|
data: Optional[Mapping[str, str]] = None,
|
4322
|
+
disable_automated_rotation: Optional[bool] = None,
|
3930
4323
|
plugin_name: Optional[str] = None,
|
3931
4324
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
4325
|
+
rotation_period: Optional[int] = None,
|
4326
|
+
rotation_schedule: Optional[str] = None,
|
4327
|
+
rotation_window: Optional[int] = None,
|
3932
4328
|
verify_connection: Optional[bool] = None):
|
3933
4329
|
"""
|
3934
4330
|
:param str name: Name of the database connection.
|
@@ -3938,10 +4334,18 @@ class SecretsMountMongodbatla(dict):
|
|
3938
4334
|
:param Sequence[str] allowed_roles: A list of roles that are allowed to use this
|
3939
4335
|
connection.
|
3940
4336
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4337
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
3941
4338
|
|
3942
4339
|
Supported list of database secrets engines that can be configured:
|
3943
4340
|
:param str plugin_name: Specifies the name of the plugin to use.
|
3944
4341
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
4342
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
4343
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
4344
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
4345
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
4346
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
4347
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
4348
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
3945
4349
|
:param bool verify_connection: Whether the connection should be verified on
|
3946
4350
|
initial configuration or not.
|
3947
4351
|
"""
|
@@ -3953,10 +4357,18 @@ class SecretsMountMongodbatla(dict):
|
|
3953
4357
|
pulumi.set(__self__, "allowed_roles", allowed_roles)
|
3954
4358
|
if data is not None:
|
3955
4359
|
pulumi.set(__self__, "data", data)
|
4360
|
+
if disable_automated_rotation is not None:
|
4361
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
3956
4362
|
if plugin_name is not None:
|
3957
4363
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
3958
4364
|
if root_rotation_statements is not None:
|
3959
4365
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
4366
|
+
if rotation_period is not None:
|
4367
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
4368
|
+
if rotation_schedule is not None:
|
4369
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
4370
|
+
if rotation_window is not None:
|
4371
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
3960
4372
|
if verify_connection is not None:
|
3961
4373
|
pulumi.set(__self__, "verify_connection", verify_connection)
|
3962
4374
|
|
@@ -4006,10 +4418,18 @@ class SecretsMountMongodbatla(dict):
|
|
4006
4418
|
def data(self) -> Optional[Mapping[str, str]]:
|
4007
4419
|
"""
|
4008
4420
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4421
|
+
"""
|
4422
|
+
return pulumi.get(self, "data")
|
4423
|
+
|
4424
|
+
@property
|
4425
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
4426
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
4427
|
+
"""
|
4428
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4009
4429
|
|
4010
4430
|
Supported list of database secrets engines that can be configured:
|
4011
4431
|
"""
|
4012
|
-
return pulumi.get(self, "
|
4432
|
+
return pulumi.get(self, "disable_automated_rotation")
|
4013
4433
|
|
4014
4434
|
@property
|
4015
4435
|
@pulumi.getter(name="pluginName")
|
@@ -4027,6 +4447,34 @@ class SecretsMountMongodbatla(dict):
|
|
4027
4447
|
"""
|
4028
4448
|
return pulumi.get(self, "root_rotation_statements")
|
4029
4449
|
|
4450
|
+
@property
|
4451
|
+
@pulumi.getter(name="rotationPeriod")
|
4452
|
+
def rotation_period(self) -> Optional[int]:
|
4453
|
+
"""
|
4454
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
4455
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
4456
|
+
"""
|
4457
|
+
return pulumi.get(self, "rotation_period")
|
4458
|
+
|
4459
|
+
@property
|
4460
|
+
@pulumi.getter(name="rotationSchedule")
|
4461
|
+
def rotation_schedule(self) -> Optional[str]:
|
4462
|
+
"""
|
4463
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
4464
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
4465
|
+
"""
|
4466
|
+
return pulumi.get(self, "rotation_schedule")
|
4467
|
+
|
4468
|
+
@property
|
4469
|
+
@pulumi.getter(name="rotationWindow")
|
4470
|
+
def rotation_window(self) -> Optional[int]:
|
4471
|
+
"""
|
4472
|
+
The maximum amount of time in seconds allowed to complete
|
4473
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
4474
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
4475
|
+
"""
|
4476
|
+
return pulumi.get(self, "rotation_window")
|
4477
|
+
|
4030
4478
|
@property
|
4031
4479
|
@pulumi.getter(name="verifyConnection")
|
4032
4480
|
def verify_connection(self) -> Optional[bool]:
|
@@ -4048,6 +4496,8 @@ class SecretsMountMssql(dict):
|
|
4048
4496
|
suggest = "connection_url"
|
4049
4497
|
elif key == "containedDb":
|
4050
4498
|
suggest = "contained_db"
|
4499
|
+
elif key == "disableAutomatedRotation":
|
4500
|
+
suggest = "disable_automated_rotation"
|
4051
4501
|
elif key == "disableEscaping":
|
4052
4502
|
suggest = "disable_escaping"
|
4053
4503
|
elif key == "maxConnectionLifetime":
|
@@ -4060,6 +4510,12 @@ class SecretsMountMssql(dict):
|
|
4060
4510
|
suggest = "plugin_name"
|
4061
4511
|
elif key == "rootRotationStatements":
|
4062
4512
|
suggest = "root_rotation_statements"
|
4513
|
+
elif key == "rotationPeriod":
|
4514
|
+
suggest = "rotation_period"
|
4515
|
+
elif key == "rotationSchedule":
|
4516
|
+
suggest = "rotation_schedule"
|
4517
|
+
elif key == "rotationWindow":
|
4518
|
+
suggest = "rotation_window"
|
4063
4519
|
elif key == "usernameTemplate":
|
4064
4520
|
suggest = "username_template"
|
4065
4521
|
elif key == "verifyConnection":
|
@@ -4082,6 +4538,7 @@ class SecretsMountMssql(dict):
|
|
4082
4538
|
connection_url: Optional[str] = None,
|
4083
4539
|
contained_db: Optional[bool] = None,
|
4084
4540
|
data: Optional[Mapping[str, str]] = None,
|
4541
|
+
disable_automated_rotation: Optional[bool] = None,
|
4085
4542
|
disable_escaping: Optional[bool] = None,
|
4086
4543
|
max_connection_lifetime: Optional[int] = None,
|
4087
4544
|
max_idle_connections: Optional[int] = None,
|
@@ -4089,6 +4546,9 @@ class SecretsMountMssql(dict):
|
|
4089
4546
|
password: Optional[str] = None,
|
4090
4547
|
plugin_name: Optional[str] = None,
|
4091
4548
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
4549
|
+
rotation_period: Optional[int] = None,
|
4550
|
+
rotation_schedule: Optional[str] = None,
|
4551
|
+
rotation_window: Optional[int] = None,
|
4092
4552
|
username: Optional[str] = None,
|
4093
4553
|
username_template: Optional[str] = None,
|
4094
4554
|
verify_connection: Optional[bool] = None):
|
@@ -4099,6 +4559,7 @@ class SecretsMountMssql(dict):
|
|
4099
4559
|
:param str connection_url: Connection string to use to connect to the database.
|
4100
4560
|
:param bool contained_db: Set to true when the target is a Contained Database, e.g. AzureSQL.
|
4101
4561
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4562
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4102
4563
|
|
4103
4564
|
Supported list of database secrets engines that can be configured:
|
4104
4565
|
:param bool disable_escaping: Disable special character escaping in username and password
|
@@ -4108,6 +4569,13 @@ class SecretsMountMssql(dict):
|
|
4108
4569
|
:param str password: The root credential password used in the connection URL
|
4109
4570
|
:param str plugin_name: Specifies the name of the plugin to use.
|
4110
4571
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
4572
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
4573
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
4574
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
4575
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
4576
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
4577
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
4578
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
4111
4579
|
:param str username: The root credential username used in the connection URL
|
4112
4580
|
:param str username_template: Username generation template.
|
4113
4581
|
:param bool verify_connection: Whether the connection should be verified on
|
@@ -4122,6 +4590,8 @@ class SecretsMountMssql(dict):
|
|
4122
4590
|
pulumi.set(__self__, "contained_db", contained_db)
|
4123
4591
|
if data is not None:
|
4124
4592
|
pulumi.set(__self__, "data", data)
|
4593
|
+
if disable_automated_rotation is not None:
|
4594
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
4125
4595
|
if disable_escaping is not None:
|
4126
4596
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
4127
4597
|
if max_connection_lifetime is not None:
|
@@ -4136,6 +4606,12 @@ class SecretsMountMssql(dict):
|
|
4136
4606
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
4137
4607
|
if root_rotation_statements is not None:
|
4138
4608
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
4609
|
+
if rotation_period is not None:
|
4610
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
4611
|
+
if rotation_schedule is not None:
|
4612
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
4613
|
+
if rotation_window is not None:
|
4614
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
4139
4615
|
if username is not None:
|
4140
4616
|
pulumi.set(__self__, "username", username)
|
4141
4617
|
if username_template is not None:
|
@@ -4181,10 +4657,18 @@ class SecretsMountMssql(dict):
|
|
4181
4657
|
def data(self) -> Optional[Mapping[str, str]]:
|
4182
4658
|
"""
|
4183
4659
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4660
|
+
"""
|
4661
|
+
return pulumi.get(self, "data")
|
4662
|
+
|
4663
|
+
@property
|
4664
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
4665
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
4666
|
+
"""
|
4667
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4184
4668
|
|
4185
4669
|
Supported list of database secrets engines that can be configured:
|
4186
4670
|
"""
|
4187
|
-
return pulumi.get(self, "
|
4671
|
+
return pulumi.get(self, "disable_automated_rotation")
|
4188
4672
|
|
4189
4673
|
@property
|
4190
4674
|
@pulumi.getter(name="disableEscaping")
|
@@ -4242,6 +4726,34 @@ class SecretsMountMssql(dict):
|
|
4242
4726
|
"""
|
4243
4727
|
return pulumi.get(self, "root_rotation_statements")
|
4244
4728
|
|
4729
|
+
@property
|
4730
|
+
@pulumi.getter(name="rotationPeriod")
|
4731
|
+
def rotation_period(self) -> Optional[int]:
|
4732
|
+
"""
|
4733
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
4734
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
4735
|
+
"""
|
4736
|
+
return pulumi.get(self, "rotation_period")
|
4737
|
+
|
4738
|
+
@property
|
4739
|
+
@pulumi.getter(name="rotationSchedule")
|
4740
|
+
def rotation_schedule(self) -> Optional[str]:
|
4741
|
+
"""
|
4742
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
4743
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
4744
|
+
"""
|
4745
|
+
return pulumi.get(self, "rotation_schedule")
|
4746
|
+
|
4747
|
+
@property
|
4748
|
+
@pulumi.getter(name="rotationWindow")
|
4749
|
+
def rotation_window(self) -> Optional[int]:
|
4750
|
+
"""
|
4751
|
+
The maximum amount of time in seconds allowed to complete
|
4752
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
4753
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
4754
|
+
"""
|
4755
|
+
return pulumi.get(self, "rotation_window")
|
4756
|
+
|
4245
4757
|
@property
|
4246
4758
|
@pulumi.getter
|
4247
4759
|
def username(self) -> Optional[str]:
|
@@ -4279,6 +4791,8 @@ class SecretsMountMysql(dict):
|
|
4279
4791
|
suggest = "auth_type"
|
4280
4792
|
elif key == "connectionUrl":
|
4281
4793
|
suggest = "connection_url"
|
4794
|
+
elif key == "disableAutomatedRotation":
|
4795
|
+
suggest = "disable_automated_rotation"
|
4282
4796
|
elif key == "maxConnectionLifetime":
|
4283
4797
|
suggest = "max_connection_lifetime"
|
4284
4798
|
elif key == "maxIdleConnections":
|
@@ -4289,6 +4803,12 @@ class SecretsMountMysql(dict):
|
|
4289
4803
|
suggest = "plugin_name"
|
4290
4804
|
elif key == "rootRotationStatements":
|
4291
4805
|
suggest = "root_rotation_statements"
|
4806
|
+
elif key == "rotationPeriod":
|
4807
|
+
suggest = "rotation_period"
|
4808
|
+
elif key == "rotationSchedule":
|
4809
|
+
suggest = "rotation_schedule"
|
4810
|
+
elif key == "rotationWindow":
|
4811
|
+
suggest = "rotation_window"
|
4292
4812
|
elif key == "serviceAccountJson":
|
4293
4813
|
suggest = "service_account_json"
|
4294
4814
|
elif key == "tlsCa":
|
@@ -4317,12 +4837,16 @@ class SecretsMountMysql(dict):
|
|
4317
4837
|
auth_type: Optional[str] = None,
|
4318
4838
|
connection_url: Optional[str] = None,
|
4319
4839
|
data: Optional[Mapping[str, str]] = None,
|
4840
|
+
disable_automated_rotation: Optional[bool] = None,
|
4320
4841
|
max_connection_lifetime: Optional[int] = None,
|
4321
4842
|
max_idle_connections: Optional[int] = None,
|
4322
4843
|
max_open_connections: Optional[int] = None,
|
4323
4844
|
password: Optional[str] = None,
|
4324
4845
|
plugin_name: Optional[str] = None,
|
4325
4846
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
4847
|
+
rotation_period: Optional[int] = None,
|
4848
|
+
rotation_schedule: Optional[str] = None,
|
4849
|
+
rotation_window: Optional[int] = None,
|
4326
4850
|
service_account_json: Optional[str] = None,
|
4327
4851
|
tls_ca: Optional[str] = None,
|
4328
4852
|
tls_certificate_key: Optional[str] = None,
|
@@ -4336,6 +4860,7 @@ class SecretsMountMysql(dict):
|
|
4336
4860
|
:param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
4337
4861
|
:param str connection_url: Connection string to use to connect to the database.
|
4338
4862
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4863
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4339
4864
|
|
4340
4865
|
Supported list of database secrets engines that can be configured:
|
4341
4866
|
:param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
@@ -4344,6 +4869,13 @@ class SecretsMountMysql(dict):
|
|
4344
4869
|
:param str password: The root credential password used in the connection URL
|
4345
4870
|
:param str plugin_name: Specifies the name of the plugin to use.
|
4346
4871
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
4872
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
4873
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
4874
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
4875
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
4876
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
4877
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
4878
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
4347
4879
|
:param str service_account_json: A JSON encoded credential for use with IAM authorization
|
4348
4880
|
:param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
4349
4881
|
:param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
@@ -4361,6 +4893,8 @@ class SecretsMountMysql(dict):
|
|
4361
4893
|
pulumi.set(__self__, "connection_url", connection_url)
|
4362
4894
|
if data is not None:
|
4363
4895
|
pulumi.set(__self__, "data", data)
|
4896
|
+
if disable_automated_rotation is not None:
|
4897
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
4364
4898
|
if max_connection_lifetime is not None:
|
4365
4899
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
4366
4900
|
if max_idle_connections is not None:
|
@@ -4373,6 +4907,12 @@ class SecretsMountMysql(dict):
|
|
4373
4907
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
4374
4908
|
if root_rotation_statements is not None:
|
4375
4909
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
4910
|
+
if rotation_period is not None:
|
4911
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
4912
|
+
if rotation_schedule is not None:
|
4913
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
4914
|
+
if rotation_window is not None:
|
4915
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
4376
4916
|
if service_account_json is not None:
|
4377
4917
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
4378
4918
|
if tls_ca is not None:
|
@@ -4424,10 +4964,18 @@ class SecretsMountMysql(dict):
|
|
4424
4964
|
def data(self) -> Optional[Mapping[str, str]]:
|
4425
4965
|
"""
|
4426
4966
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
4967
|
+
"""
|
4968
|
+
return pulumi.get(self, "data")
|
4969
|
+
|
4970
|
+
@property
|
4971
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
4972
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
4973
|
+
"""
|
4974
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4427
4975
|
|
4428
4976
|
Supported list of database secrets engines that can be configured:
|
4429
4977
|
"""
|
4430
|
-
return pulumi.get(self, "
|
4978
|
+
return pulumi.get(self, "disable_automated_rotation")
|
4431
4979
|
|
4432
4980
|
@property
|
4433
4981
|
@pulumi.getter(name="maxConnectionLifetime")
|
@@ -4477,6 +5025,34 @@ class SecretsMountMysql(dict):
|
|
4477
5025
|
"""
|
4478
5026
|
return pulumi.get(self, "root_rotation_statements")
|
4479
5027
|
|
5028
|
+
@property
|
5029
|
+
@pulumi.getter(name="rotationPeriod")
|
5030
|
+
def rotation_period(self) -> Optional[int]:
|
5031
|
+
"""
|
5032
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
5033
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
5034
|
+
"""
|
5035
|
+
return pulumi.get(self, "rotation_period")
|
5036
|
+
|
5037
|
+
@property
|
5038
|
+
@pulumi.getter(name="rotationSchedule")
|
5039
|
+
def rotation_schedule(self) -> Optional[str]:
|
5040
|
+
"""
|
5041
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
5042
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
5043
|
+
"""
|
5044
|
+
return pulumi.get(self, "rotation_schedule")
|
5045
|
+
|
5046
|
+
@property
|
5047
|
+
@pulumi.getter(name="rotationWindow")
|
5048
|
+
def rotation_window(self) -> Optional[int]:
|
5049
|
+
"""
|
5050
|
+
The maximum amount of time in seconds allowed to complete
|
5051
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
5052
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
5053
|
+
"""
|
5054
|
+
return pulumi.get(self, "rotation_window")
|
5055
|
+
|
4480
5056
|
@property
|
4481
5057
|
@pulumi.getter(name="serviceAccountJson")
|
4482
5058
|
def service_account_json(self) -> Optional[str]:
|
@@ -4538,6 +5114,8 @@ class SecretsMountMysqlAurora(dict):
|
|
4538
5114
|
suggest = "auth_type"
|
4539
5115
|
elif key == "connectionUrl":
|
4540
5116
|
suggest = "connection_url"
|
5117
|
+
elif key == "disableAutomatedRotation":
|
5118
|
+
suggest = "disable_automated_rotation"
|
4541
5119
|
elif key == "maxConnectionLifetime":
|
4542
5120
|
suggest = "max_connection_lifetime"
|
4543
5121
|
elif key == "maxIdleConnections":
|
@@ -4548,6 +5126,12 @@ class SecretsMountMysqlAurora(dict):
|
|
4548
5126
|
suggest = "plugin_name"
|
4549
5127
|
elif key == "rootRotationStatements":
|
4550
5128
|
suggest = "root_rotation_statements"
|
5129
|
+
elif key == "rotationPeriod":
|
5130
|
+
suggest = "rotation_period"
|
5131
|
+
elif key == "rotationSchedule":
|
5132
|
+
suggest = "rotation_schedule"
|
5133
|
+
elif key == "rotationWindow":
|
5134
|
+
suggest = "rotation_window"
|
4551
5135
|
elif key == "serviceAccountJson":
|
4552
5136
|
suggest = "service_account_json"
|
4553
5137
|
elif key == "tlsCa":
|
@@ -4576,12 +5160,16 @@ class SecretsMountMysqlAurora(dict):
|
|
4576
5160
|
auth_type: Optional[str] = None,
|
4577
5161
|
connection_url: Optional[str] = None,
|
4578
5162
|
data: Optional[Mapping[str, str]] = None,
|
5163
|
+
disable_automated_rotation: Optional[bool] = None,
|
4579
5164
|
max_connection_lifetime: Optional[int] = None,
|
4580
5165
|
max_idle_connections: Optional[int] = None,
|
4581
5166
|
max_open_connections: Optional[int] = None,
|
4582
5167
|
password: Optional[str] = None,
|
4583
5168
|
plugin_name: Optional[str] = None,
|
4584
5169
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
5170
|
+
rotation_period: Optional[int] = None,
|
5171
|
+
rotation_schedule: Optional[str] = None,
|
5172
|
+
rotation_window: Optional[int] = None,
|
4585
5173
|
service_account_json: Optional[str] = None,
|
4586
5174
|
tls_ca: Optional[str] = None,
|
4587
5175
|
tls_certificate_key: Optional[str] = None,
|
@@ -4595,6 +5183,7 @@ class SecretsMountMysqlAurora(dict):
|
|
4595
5183
|
:param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
4596
5184
|
:param str connection_url: Connection string to use to connect to the database.
|
4597
5185
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
5186
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4598
5187
|
|
4599
5188
|
Supported list of database secrets engines that can be configured:
|
4600
5189
|
:param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
@@ -4603,6 +5192,13 @@ class SecretsMountMysqlAurora(dict):
|
|
4603
5192
|
:param str password: The root credential password used in the connection URL
|
4604
5193
|
:param str plugin_name: Specifies the name of the plugin to use.
|
4605
5194
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
5195
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
5196
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
5197
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
5198
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
5199
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
5200
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
5201
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
4606
5202
|
:param str service_account_json: A JSON encoded credential for use with IAM authorization
|
4607
5203
|
:param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
4608
5204
|
:param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
@@ -4620,6 +5216,8 @@ class SecretsMountMysqlAurora(dict):
|
|
4620
5216
|
pulumi.set(__self__, "connection_url", connection_url)
|
4621
5217
|
if data is not None:
|
4622
5218
|
pulumi.set(__self__, "data", data)
|
5219
|
+
if disable_automated_rotation is not None:
|
5220
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
4623
5221
|
if max_connection_lifetime is not None:
|
4624
5222
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
4625
5223
|
if max_idle_connections is not None:
|
@@ -4632,6 +5230,12 @@ class SecretsMountMysqlAurora(dict):
|
|
4632
5230
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
4633
5231
|
if root_rotation_statements is not None:
|
4634
5232
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
5233
|
+
if rotation_period is not None:
|
5234
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
5235
|
+
if rotation_schedule is not None:
|
5236
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
5237
|
+
if rotation_window is not None:
|
5238
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
4635
5239
|
if service_account_json is not None:
|
4636
5240
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
4637
5241
|
if tls_ca is not None:
|
@@ -4683,10 +5287,18 @@ class SecretsMountMysqlAurora(dict):
|
|
4683
5287
|
def data(self) -> Optional[Mapping[str, str]]:
|
4684
5288
|
"""
|
4685
5289
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
5290
|
+
"""
|
5291
|
+
return pulumi.get(self, "data")
|
5292
|
+
|
5293
|
+
@property
|
5294
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
5295
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
5296
|
+
"""
|
5297
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4686
5298
|
|
4687
5299
|
Supported list of database secrets engines that can be configured:
|
4688
5300
|
"""
|
4689
|
-
return pulumi.get(self, "
|
5301
|
+
return pulumi.get(self, "disable_automated_rotation")
|
4690
5302
|
|
4691
5303
|
@property
|
4692
5304
|
@pulumi.getter(name="maxConnectionLifetime")
|
@@ -4736,6 +5348,34 @@ class SecretsMountMysqlAurora(dict):
|
|
4736
5348
|
"""
|
4737
5349
|
return pulumi.get(self, "root_rotation_statements")
|
4738
5350
|
|
5351
|
+
@property
|
5352
|
+
@pulumi.getter(name="rotationPeriod")
|
5353
|
+
def rotation_period(self) -> Optional[int]:
|
5354
|
+
"""
|
5355
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
5356
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
5357
|
+
"""
|
5358
|
+
return pulumi.get(self, "rotation_period")
|
5359
|
+
|
5360
|
+
@property
|
5361
|
+
@pulumi.getter(name="rotationSchedule")
|
5362
|
+
def rotation_schedule(self) -> Optional[str]:
|
5363
|
+
"""
|
5364
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
5365
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
5366
|
+
"""
|
5367
|
+
return pulumi.get(self, "rotation_schedule")
|
5368
|
+
|
5369
|
+
@property
|
5370
|
+
@pulumi.getter(name="rotationWindow")
|
5371
|
+
def rotation_window(self) -> Optional[int]:
|
5372
|
+
"""
|
5373
|
+
The maximum amount of time in seconds allowed to complete
|
5374
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
5375
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
5376
|
+
"""
|
5377
|
+
return pulumi.get(self, "rotation_window")
|
5378
|
+
|
4739
5379
|
@property
|
4740
5380
|
@pulumi.getter(name="serviceAccountJson")
|
4741
5381
|
def service_account_json(self) -> Optional[str]:
|
@@ -4797,6 +5437,8 @@ class SecretsMountMysqlLegacy(dict):
|
|
4797
5437
|
suggest = "auth_type"
|
4798
5438
|
elif key == "connectionUrl":
|
4799
5439
|
suggest = "connection_url"
|
5440
|
+
elif key == "disableAutomatedRotation":
|
5441
|
+
suggest = "disable_automated_rotation"
|
4800
5442
|
elif key == "maxConnectionLifetime":
|
4801
5443
|
suggest = "max_connection_lifetime"
|
4802
5444
|
elif key == "maxIdleConnections":
|
@@ -4807,6 +5449,12 @@ class SecretsMountMysqlLegacy(dict):
|
|
4807
5449
|
suggest = "plugin_name"
|
4808
5450
|
elif key == "rootRotationStatements":
|
4809
5451
|
suggest = "root_rotation_statements"
|
5452
|
+
elif key == "rotationPeriod":
|
5453
|
+
suggest = "rotation_period"
|
5454
|
+
elif key == "rotationSchedule":
|
5455
|
+
suggest = "rotation_schedule"
|
5456
|
+
elif key == "rotationWindow":
|
5457
|
+
suggest = "rotation_window"
|
4810
5458
|
elif key == "serviceAccountJson":
|
4811
5459
|
suggest = "service_account_json"
|
4812
5460
|
elif key == "tlsCa":
|
@@ -4835,12 +5483,16 @@ class SecretsMountMysqlLegacy(dict):
|
|
4835
5483
|
auth_type: Optional[str] = None,
|
4836
5484
|
connection_url: Optional[str] = None,
|
4837
5485
|
data: Optional[Mapping[str, str]] = None,
|
5486
|
+
disable_automated_rotation: Optional[bool] = None,
|
4838
5487
|
max_connection_lifetime: Optional[int] = None,
|
4839
5488
|
max_idle_connections: Optional[int] = None,
|
4840
5489
|
max_open_connections: Optional[int] = None,
|
4841
5490
|
password: Optional[str] = None,
|
4842
5491
|
plugin_name: Optional[str] = None,
|
4843
5492
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
5493
|
+
rotation_period: Optional[int] = None,
|
5494
|
+
rotation_schedule: Optional[str] = None,
|
5495
|
+
rotation_window: Optional[int] = None,
|
4844
5496
|
service_account_json: Optional[str] = None,
|
4845
5497
|
tls_ca: Optional[str] = None,
|
4846
5498
|
tls_certificate_key: Optional[str] = None,
|
@@ -4854,6 +5506,7 @@ class SecretsMountMysqlLegacy(dict):
|
|
4854
5506
|
:param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
4855
5507
|
:param str connection_url: Connection string to use to connect to the database.
|
4856
5508
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
5509
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4857
5510
|
|
4858
5511
|
Supported list of database secrets engines that can be configured:
|
4859
5512
|
:param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
@@ -4862,6 +5515,13 @@ class SecretsMountMysqlLegacy(dict):
|
|
4862
5515
|
:param str password: The root credential password used in the connection URL
|
4863
5516
|
:param str plugin_name: Specifies the name of the plugin to use.
|
4864
5517
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
5518
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
5519
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
5520
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
5521
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
5522
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
5523
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
5524
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
4865
5525
|
:param str service_account_json: A JSON encoded credential for use with IAM authorization
|
4866
5526
|
:param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
4867
5527
|
:param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
@@ -4879,6 +5539,8 @@ class SecretsMountMysqlLegacy(dict):
|
|
4879
5539
|
pulumi.set(__self__, "connection_url", connection_url)
|
4880
5540
|
if data is not None:
|
4881
5541
|
pulumi.set(__self__, "data", data)
|
5542
|
+
if disable_automated_rotation is not None:
|
5543
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
4882
5544
|
if max_connection_lifetime is not None:
|
4883
5545
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
4884
5546
|
if max_idle_connections is not None:
|
@@ -4891,6 +5553,12 @@ class SecretsMountMysqlLegacy(dict):
|
|
4891
5553
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
4892
5554
|
if root_rotation_statements is not None:
|
4893
5555
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
5556
|
+
if rotation_period is not None:
|
5557
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
5558
|
+
if rotation_schedule is not None:
|
5559
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
5560
|
+
if rotation_window is not None:
|
5561
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
4894
5562
|
if service_account_json is not None:
|
4895
5563
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
4896
5564
|
if tls_ca is not None:
|
@@ -4942,10 +5610,18 @@ class SecretsMountMysqlLegacy(dict):
|
|
4942
5610
|
def data(self) -> Optional[Mapping[str, str]]:
|
4943
5611
|
"""
|
4944
5612
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
5613
|
+
"""
|
5614
|
+
return pulumi.get(self, "data")
|
5615
|
+
|
5616
|
+
@property
|
5617
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
5618
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
5619
|
+
"""
|
5620
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
4945
5621
|
|
4946
5622
|
Supported list of database secrets engines that can be configured:
|
4947
5623
|
"""
|
4948
|
-
return pulumi.get(self, "
|
5624
|
+
return pulumi.get(self, "disable_automated_rotation")
|
4949
5625
|
|
4950
5626
|
@property
|
4951
5627
|
@pulumi.getter(name="maxConnectionLifetime")
|
@@ -4995,6 +5671,34 @@ class SecretsMountMysqlLegacy(dict):
|
|
4995
5671
|
"""
|
4996
5672
|
return pulumi.get(self, "root_rotation_statements")
|
4997
5673
|
|
5674
|
+
@property
|
5675
|
+
@pulumi.getter(name="rotationPeriod")
|
5676
|
+
def rotation_period(self) -> Optional[int]:
|
5677
|
+
"""
|
5678
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
5679
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
5680
|
+
"""
|
5681
|
+
return pulumi.get(self, "rotation_period")
|
5682
|
+
|
5683
|
+
@property
|
5684
|
+
@pulumi.getter(name="rotationSchedule")
|
5685
|
+
def rotation_schedule(self) -> Optional[str]:
|
5686
|
+
"""
|
5687
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
5688
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
5689
|
+
"""
|
5690
|
+
return pulumi.get(self, "rotation_schedule")
|
5691
|
+
|
5692
|
+
@property
|
5693
|
+
@pulumi.getter(name="rotationWindow")
|
5694
|
+
def rotation_window(self) -> Optional[int]:
|
5695
|
+
"""
|
5696
|
+
The maximum amount of time in seconds allowed to complete
|
5697
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
5698
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
5699
|
+
"""
|
5700
|
+
return pulumi.get(self, "rotation_window")
|
5701
|
+
|
4998
5702
|
@property
|
4999
5703
|
@pulumi.getter(name="serviceAccountJson")
|
5000
5704
|
def service_account_json(self) -> Optional[str]:
|
@@ -5056,6 +5760,8 @@ class SecretsMountMysqlRd(dict):
|
|
5056
5760
|
suggest = "auth_type"
|
5057
5761
|
elif key == "connectionUrl":
|
5058
5762
|
suggest = "connection_url"
|
5763
|
+
elif key == "disableAutomatedRotation":
|
5764
|
+
suggest = "disable_automated_rotation"
|
5059
5765
|
elif key == "maxConnectionLifetime":
|
5060
5766
|
suggest = "max_connection_lifetime"
|
5061
5767
|
elif key == "maxIdleConnections":
|
@@ -5066,6 +5772,12 @@ class SecretsMountMysqlRd(dict):
|
|
5066
5772
|
suggest = "plugin_name"
|
5067
5773
|
elif key == "rootRotationStatements":
|
5068
5774
|
suggest = "root_rotation_statements"
|
5775
|
+
elif key == "rotationPeriod":
|
5776
|
+
suggest = "rotation_period"
|
5777
|
+
elif key == "rotationSchedule":
|
5778
|
+
suggest = "rotation_schedule"
|
5779
|
+
elif key == "rotationWindow":
|
5780
|
+
suggest = "rotation_window"
|
5069
5781
|
elif key == "serviceAccountJson":
|
5070
5782
|
suggest = "service_account_json"
|
5071
5783
|
elif key == "tlsCa":
|
@@ -5094,12 +5806,16 @@ class SecretsMountMysqlRd(dict):
|
|
5094
5806
|
auth_type: Optional[str] = None,
|
5095
5807
|
connection_url: Optional[str] = None,
|
5096
5808
|
data: Optional[Mapping[str, str]] = None,
|
5809
|
+
disable_automated_rotation: Optional[bool] = None,
|
5097
5810
|
max_connection_lifetime: Optional[int] = None,
|
5098
5811
|
max_idle_connections: Optional[int] = None,
|
5099
5812
|
max_open_connections: Optional[int] = None,
|
5100
5813
|
password: Optional[str] = None,
|
5101
5814
|
plugin_name: Optional[str] = None,
|
5102
5815
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
5816
|
+
rotation_period: Optional[int] = None,
|
5817
|
+
rotation_schedule: Optional[str] = None,
|
5818
|
+
rotation_window: Optional[int] = None,
|
5103
5819
|
service_account_json: Optional[str] = None,
|
5104
5820
|
tls_ca: Optional[str] = None,
|
5105
5821
|
tls_certificate_key: Optional[str] = None,
|
@@ -5113,6 +5829,7 @@ class SecretsMountMysqlRd(dict):
|
|
5113
5829
|
:param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
5114
5830
|
:param str connection_url: Connection string to use to connect to the database.
|
5115
5831
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
5832
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5116
5833
|
|
5117
5834
|
Supported list of database secrets engines that can be configured:
|
5118
5835
|
:param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
@@ -5121,6 +5838,13 @@ class SecretsMountMysqlRd(dict):
|
|
5121
5838
|
:param str password: The root credential password used in the connection URL
|
5122
5839
|
:param str plugin_name: Specifies the name of the plugin to use.
|
5123
5840
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
5841
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
5842
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
5843
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
5844
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
5845
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
5846
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
5847
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
5124
5848
|
:param str service_account_json: A JSON encoded credential for use with IAM authorization
|
5125
5849
|
:param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
5126
5850
|
:param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
@@ -5138,6 +5862,8 @@ class SecretsMountMysqlRd(dict):
|
|
5138
5862
|
pulumi.set(__self__, "connection_url", connection_url)
|
5139
5863
|
if data is not None:
|
5140
5864
|
pulumi.set(__self__, "data", data)
|
5865
|
+
if disable_automated_rotation is not None:
|
5866
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
5141
5867
|
if max_connection_lifetime is not None:
|
5142
5868
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
5143
5869
|
if max_idle_connections is not None:
|
@@ -5150,6 +5876,12 @@ class SecretsMountMysqlRd(dict):
|
|
5150
5876
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
5151
5877
|
if root_rotation_statements is not None:
|
5152
5878
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
5879
|
+
if rotation_period is not None:
|
5880
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
5881
|
+
if rotation_schedule is not None:
|
5882
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
5883
|
+
if rotation_window is not None:
|
5884
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
5153
5885
|
if service_account_json is not None:
|
5154
5886
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
5155
5887
|
if tls_ca is not None:
|
@@ -5201,10 +5933,18 @@ class SecretsMountMysqlRd(dict):
|
|
5201
5933
|
def data(self) -> Optional[Mapping[str, str]]:
|
5202
5934
|
"""
|
5203
5935
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
5936
|
+
"""
|
5937
|
+
return pulumi.get(self, "data")
|
5938
|
+
|
5939
|
+
@property
|
5940
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
5941
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
5942
|
+
"""
|
5943
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5204
5944
|
|
5205
5945
|
Supported list of database secrets engines that can be configured:
|
5206
5946
|
"""
|
5207
|
-
return pulumi.get(self, "
|
5947
|
+
return pulumi.get(self, "disable_automated_rotation")
|
5208
5948
|
|
5209
5949
|
@property
|
5210
5950
|
@pulumi.getter(name="maxConnectionLifetime")
|
@@ -5254,6 +5994,34 @@ class SecretsMountMysqlRd(dict):
|
|
5254
5994
|
"""
|
5255
5995
|
return pulumi.get(self, "root_rotation_statements")
|
5256
5996
|
|
5997
|
+
@property
|
5998
|
+
@pulumi.getter(name="rotationPeriod")
|
5999
|
+
def rotation_period(self) -> Optional[int]:
|
6000
|
+
"""
|
6001
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
6002
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
6003
|
+
"""
|
6004
|
+
return pulumi.get(self, "rotation_period")
|
6005
|
+
|
6006
|
+
@property
|
6007
|
+
@pulumi.getter(name="rotationSchedule")
|
6008
|
+
def rotation_schedule(self) -> Optional[str]:
|
6009
|
+
"""
|
6010
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
6011
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
6012
|
+
"""
|
6013
|
+
return pulumi.get(self, "rotation_schedule")
|
6014
|
+
|
6015
|
+
@property
|
6016
|
+
@pulumi.getter(name="rotationWindow")
|
6017
|
+
def rotation_window(self) -> Optional[int]:
|
6018
|
+
"""
|
6019
|
+
The maximum amount of time in seconds allowed to complete
|
6020
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
6021
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
6022
|
+
"""
|
6023
|
+
return pulumi.get(self, "rotation_window")
|
6024
|
+
|
5257
6025
|
@property
|
5258
6026
|
@pulumi.getter(name="serviceAccountJson")
|
5259
6027
|
def service_account_json(self) -> Optional[str]:
|
@@ -5313,6 +6081,8 @@ class SecretsMountOracle(dict):
|
|
5313
6081
|
suggest = "allowed_roles"
|
5314
6082
|
elif key == "connectionUrl":
|
5315
6083
|
suggest = "connection_url"
|
6084
|
+
elif key == "disableAutomatedRotation":
|
6085
|
+
suggest = "disable_automated_rotation"
|
5316
6086
|
elif key == "disconnectSessions":
|
5317
6087
|
suggest = "disconnect_sessions"
|
5318
6088
|
elif key == "maxConnectionLifetime":
|
@@ -5325,6 +6095,12 @@ class SecretsMountOracle(dict):
|
|
5325
6095
|
suggest = "plugin_name"
|
5326
6096
|
elif key == "rootRotationStatements":
|
5327
6097
|
suggest = "root_rotation_statements"
|
6098
|
+
elif key == "rotationPeriod":
|
6099
|
+
suggest = "rotation_period"
|
6100
|
+
elif key == "rotationSchedule":
|
6101
|
+
suggest = "rotation_schedule"
|
6102
|
+
elif key == "rotationWindow":
|
6103
|
+
suggest = "rotation_window"
|
5328
6104
|
elif key == "splitStatements":
|
5329
6105
|
suggest = "split_statements"
|
5330
6106
|
elif key == "usernameTemplate":
|
@@ -5348,6 +6124,7 @@ class SecretsMountOracle(dict):
|
|
5348
6124
|
allowed_roles: Optional[Sequence[str]] = None,
|
5349
6125
|
connection_url: Optional[str] = None,
|
5350
6126
|
data: Optional[Mapping[str, str]] = None,
|
6127
|
+
disable_automated_rotation: Optional[bool] = None,
|
5351
6128
|
disconnect_sessions: Optional[bool] = None,
|
5352
6129
|
max_connection_lifetime: Optional[int] = None,
|
5353
6130
|
max_idle_connections: Optional[int] = None,
|
@@ -5355,6 +6132,9 @@ class SecretsMountOracle(dict):
|
|
5355
6132
|
password: Optional[str] = None,
|
5356
6133
|
plugin_name: Optional[str] = None,
|
5357
6134
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
6135
|
+
rotation_period: Optional[int] = None,
|
6136
|
+
rotation_schedule: Optional[str] = None,
|
6137
|
+
rotation_window: Optional[int] = None,
|
5358
6138
|
split_statements: Optional[bool] = None,
|
5359
6139
|
username: Optional[str] = None,
|
5360
6140
|
username_template: Optional[str] = None,
|
@@ -5365,6 +6145,7 @@ class SecretsMountOracle(dict):
|
|
5365
6145
|
connection.
|
5366
6146
|
:param str connection_url: Connection string to use to connect to the database.
|
5367
6147
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
6148
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5368
6149
|
|
5369
6150
|
Supported list of database secrets engines that can be configured:
|
5370
6151
|
:param bool disconnect_sessions: Set to true to disconnect any open sessions prior to running the revocation statements.
|
@@ -5374,6 +6155,13 @@ class SecretsMountOracle(dict):
|
|
5374
6155
|
:param str password: The root credential password used in the connection URL
|
5375
6156
|
:param str plugin_name: Specifies the name of the plugin to use.
|
5376
6157
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
6158
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
6159
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
6160
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
6161
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
6162
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
6163
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
6164
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
5377
6165
|
:param bool split_statements: Set to true in order to split statements after semi-colons.
|
5378
6166
|
:param str username: The root credential username used in the connection URL
|
5379
6167
|
:param str username_template: Username generation template.
|
@@ -5387,6 +6175,8 @@ class SecretsMountOracle(dict):
|
|
5387
6175
|
pulumi.set(__self__, "connection_url", connection_url)
|
5388
6176
|
if data is not None:
|
5389
6177
|
pulumi.set(__self__, "data", data)
|
6178
|
+
if disable_automated_rotation is not None:
|
6179
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
5390
6180
|
if disconnect_sessions is not None:
|
5391
6181
|
pulumi.set(__self__, "disconnect_sessions", disconnect_sessions)
|
5392
6182
|
if max_connection_lifetime is not None:
|
@@ -5401,6 +6191,12 @@ class SecretsMountOracle(dict):
|
|
5401
6191
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
5402
6192
|
if root_rotation_statements is not None:
|
5403
6193
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
6194
|
+
if rotation_period is not None:
|
6195
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
6196
|
+
if rotation_schedule is not None:
|
6197
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
6198
|
+
if rotation_window is not None:
|
6199
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
5404
6200
|
if split_statements is not None:
|
5405
6201
|
pulumi.set(__self__, "split_statements", split_statements)
|
5406
6202
|
if username is not None:
|
@@ -5440,10 +6236,18 @@ class SecretsMountOracle(dict):
|
|
5440
6236
|
def data(self) -> Optional[Mapping[str, str]]:
|
5441
6237
|
"""
|
5442
6238
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
6239
|
+
"""
|
6240
|
+
return pulumi.get(self, "data")
|
6241
|
+
|
6242
|
+
@property
|
6243
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
6244
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
6245
|
+
"""
|
6246
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5443
6247
|
|
5444
6248
|
Supported list of database secrets engines that can be configured:
|
5445
6249
|
"""
|
5446
|
-
return pulumi.get(self, "
|
6250
|
+
return pulumi.get(self, "disable_automated_rotation")
|
5447
6251
|
|
5448
6252
|
@property
|
5449
6253
|
@pulumi.getter(name="disconnectSessions")
|
@@ -5501,6 +6305,34 @@ class SecretsMountOracle(dict):
|
|
5501
6305
|
"""
|
5502
6306
|
return pulumi.get(self, "root_rotation_statements")
|
5503
6307
|
|
6308
|
+
@property
|
6309
|
+
@pulumi.getter(name="rotationPeriod")
|
6310
|
+
def rotation_period(self) -> Optional[int]:
|
6311
|
+
"""
|
6312
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
6313
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
6314
|
+
"""
|
6315
|
+
return pulumi.get(self, "rotation_period")
|
6316
|
+
|
6317
|
+
@property
|
6318
|
+
@pulumi.getter(name="rotationSchedule")
|
6319
|
+
def rotation_schedule(self) -> Optional[str]:
|
6320
|
+
"""
|
6321
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
6322
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
6323
|
+
"""
|
6324
|
+
return pulumi.get(self, "rotation_schedule")
|
6325
|
+
|
6326
|
+
@property
|
6327
|
+
@pulumi.getter(name="rotationWindow")
|
6328
|
+
def rotation_window(self) -> Optional[int]:
|
6329
|
+
"""
|
6330
|
+
The maximum amount of time in seconds allowed to complete
|
6331
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
6332
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
6333
|
+
"""
|
6334
|
+
return pulumi.get(self, "rotation_window")
|
6335
|
+
|
5504
6336
|
@property
|
5505
6337
|
@pulumi.getter(name="splitStatements")
|
5506
6338
|
def split_statements(self) -> Optional[bool]:
|
@@ -5546,6 +6378,8 @@ class SecretsMountPostgresql(dict):
|
|
5546
6378
|
suggest = "auth_type"
|
5547
6379
|
elif key == "connectionUrl":
|
5548
6380
|
suggest = "connection_url"
|
6381
|
+
elif key == "disableAutomatedRotation":
|
6382
|
+
suggest = "disable_automated_rotation"
|
5549
6383
|
elif key == "disableEscaping":
|
5550
6384
|
suggest = "disable_escaping"
|
5551
6385
|
elif key == "maxConnectionLifetime":
|
@@ -5562,6 +6396,12 @@ class SecretsMountPostgresql(dict):
|
|
5562
6396
|
suggest = "private_key"
|
5563
6397
|
elif key == "rootRotationStatements":
|
5564
6398
|
suggest = "root_rotation_statements"
|
6399
|
+
elif key == "rotationPeriod":
|
6400
|
+
suggest = "rotation_period"
|
6401
|
+
elif key == "rotationSchedule":
|
6402
|
+
suggest = "rotation_schedule"
|
6403
|
+
elif key == "rotationWindow":
|
6404
|
+
suggest = "rotation_window"
|
5565
6405
|
elif key == "selfManaged":
|
5566
6406
|
suggest = "self_managed"
|
5567
6407
|
elif key == "serviceAccountJson":
|
@@ -5592,6 +6432,7 @@ class SecretsMountPostgresql(dict):
|
|
5592
6432
|
auth_type: Optional[str] = None,
|
5593
6433
|
connection_url: Optional[str] = None,
|
5594
6434
|
data: Optional[Mapping[str, str]] = None,
|
6435
|
+
disable_automated_rotation: Optional[bool] = None,
|
5595
6436
|
disable_escaping: Optional[bool] = None,
|
5596
6437
|
max_connection_lifetime: Optional[int] = None,
|
5597
6438
|
max_idle_connections: Optional[int] = None,
|
@@ -5601,6 +6442,9 @@ class SecretsMountPostgresql(dict):
|
|
5601
6442
|
plugin_name: Optional[str] = None,
|
5602
6443
|
private_key: Optional[str] = None,
|
5603
6444
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
6445
|
+
rotation_period: Optional[int] = None,
|
6446
|
+
rotation_schedule: Optional[str] = None,
|
6447
|
+
rotation_window: Optional[int] = None,
|
5604
6448
|
self_managed: Optional[bool] = None,
|
5605
6449
|
service_account_json: Optional[str] = None,
|
5606
6450
|
tls_ca: Optional[str] = None,
|
@@ -5615,6 +6459,7 @@ class SecretsMountPostgresql(dict):
|
|
5615
6459
|
:param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
5616
6460
|
:param str connection_url: Connection string to use to connect to the database.
|
5617
6461
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
6462
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5618
6463
|
|
5619
6464
|
Supported list of database secrets engines that can be configured:
|
5620
6465
|
:param bool disable_escaping: Disable special character escaping in username and password
|
@@ -5626,6 +6471,13 @@ class SecretsMountPostgresql(dict):
|
|
5626
6471
|
:param str plugin_name: Specifies the name of the plugin to use.
|
5627
6472
|
:param str private_key: The secret key used for the x509 client certificate. Must be PEM encoded.
|
5628
6473
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
6474
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
6475
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
6476
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
6477
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
6478
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
6479
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
6480
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
5629
6481
|
:param bool self_managed: If set, allows onboarding static roles with a rootless connection configuration.
|
5630
6482
|
:param str service_account_json: A JSON encoded credential for use with IAM authorization
|
5631
6483
|
:param str tls_ca: The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
|
@@ -5644,6 +6496,8 @@ class SecretsMountPostgresql(dict):
|
|
5644
6496
|
pulumi.set(__self__, "connection_url", connection_url)
|
5645
6497
|
if data is not None:
|
5646
6498
|
pulumi.set(__self__, "data", data)
|
6499
|
+
if disable_automated_rotation is not None:
|
6500
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
5647
6501
|
if disable_escaping is not None:
|
5648
6502
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
5649
6503
|
if max_connection_lifetime is not None:
|
@@ -5662,6 +6516,12 @@ class SecretsMountPostgresql(dict):
|
|
5662
6516
|
pulumi.set(__self__, "private_key", private_key)
|
5663
6517
|
if root_rotation_statements is not None:
|
5664
6518
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
6519
|
+
if rotation_period is not None:
|
6520
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
6521
|
+
if rotation_schedule is not None:
|
6522
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
6523
|
+
if rotation_window is not None:
|
6524
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
5665
6525
|
if self_managed is not None:
|
5666
6526
|
pulumi.set(__self__, "self_managed", self_managed)
|
5667
6527
|
if service_account_json is not None:
|
@@ -5715,10 +6575,18 @@ class SecretsMountPostgresql(dict):
|
|
5715
6575
|
def data(self) -> Optional[Mapping[str, str]]:
|
5716
6576
|
"""
|
5717
6577
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
6578
|
+
"""
|
6579
|
+
return pulumi.get(self, "data")
|
6580
|
+
|
6581
|
+
@property
|
6582
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
6583
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
6584
|
+
"""
|
6585
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5718
6586
|
|
5719
6587
|
Supported list of database secrets engines that can be configured:
|
5720
6588
|
"""
|
5721
|
-
return pulumi.get(self, "
|
6589
|
+
return pulumi.get(self, "disable_automated_rotation")
|
5722
6590
|
|
5723
6591
|
@property
|
5724
6592
|
@pulumi.getter(name="disableEscaping")
|
@@ -5792,6 +6660,34 @@ class SecretsMountPostgresql(dict):
|
|
5792
6660
|
"""
|
5793
6661
|
return pulumi.get(self, "root_rotation_statements")
|
5794
6662
|
|
6663
|
+
@property
|
6664
|
+
@pulumi.getter(name="rotationPeriod")
|
6665
|
+
def rotation_period(self) -> Optional[int]:
|
6666
|
+
"""
|
6667
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
6668
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
6669
|
+
"""
|
6670
|
+
return pulumi.get(self, "rotation_period")
|
6671
|
+
|
6672
|
+
@property
|
6673
|
+
@pulumi.getter(name="rotationSchedule")
|
6674
|
+
def rotation_schedule(self) -> Optional[str]:
|
6675
|
+
"""
|
6676
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
6677
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
6678
|
+
"""
|
6679
|
+
return pulumi.get(self, "rotation_schedule")
|
6680
|
+
|
6681
|
+
@property
|
6682
|
+
@pulumi.getter(name="rotationWindow")
|
6683
|
+
def rotation_window(self) -> Optional[int]:
|
6684
|
+
"""
|
6685
|
+
The maximum amount of time in seconds allowed to complete
|
6686
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
6687
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
6688
|
+
"""
|
6689
|
+
return pulumi.get(self, "rotation_window")
|
6690
|
+
|
5795
6691
|
@property
|
5796
6692
|
@pulumi.getter(name="selfManaged")
|
5797
6693
|
def self_managed(self) -> Optional[bool]:
|
@@ -5859,12 +6755,20 @@ class SecretsMountRedi(dict):
|
|
5859
6755
|
suggest = "allowed_roles"
|
5860
6756
|
elif key == "caCert":
|
5861
6757
|
suggest = "ca_cert"
|
6758
|
+
elif key == "disableAutomatedRotation":
|
6759
|
+
suggest = "disable_automated_rotation"
|
5862
6760
|
elif key == "insecureTls":
|
5863
6761
|
suggest = "insecure_tls"
|
5864
6762
|
elif key == "pluginName":
|
5865
6763
|
suggest = "plugin_name"
|
5866
6764
|
elif key == "rootRotationStatements":
|
5867
6765
|
suggest = "root_rotation_statements"
|
6766
|
+
elif key == "rotationPeriod":
|
6767
|
+
suggest = "rotation_period"
|
6768
|
+
elif key == "rotationSchedule":
|
6769
|
+
suggest = "rotation_schedule"
|
6770
|
+
elif key == "rotationWindow":
|
6771
|
+
suggest = "rotation_window"
|
5868
6772
|
elif key == "verifyConnection":
|
5869
6773
|
suggest = "verify_connection"
|
5870
6774
|
|
@@ -5887,10 +6791,14 @@ class SecretsMountRedi(dict):
|
|
5887
6791
|
allowed_roles: Optional[Sequence[str]] = None,
|
5888
6792
|
ca_cert: Optional[str] = None,
|
5889
6793
|
data: Optional[Mapping[str, str]] = None,
|
6794
|
+
disable_automated_rotation: Optional[bool] = None,
|
5890
6795
|
insecure_tls: Optional[bool] = None,
|
5891
6796
|
plugin_name: Optional[str] = None,
|
5892
6797
|
port: Optional[int] = None,
|
5893
6798
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
6799
|
+
rotation_period: Optional[int] = None,
|
6800
|
+
rotation_schedule: Optional[str] = None,
|
6801
|
+
rotation_window: Optional[int] = None,
|
5894
6802
|
tls: Optional[bool] = None,
|
5895
6803
|
verify_connection: Optional[bool] = None):
|
5896
6804
|
"""
|
@@ -5902,12 +6810,20 @@ class SecretsMountRedi(dict):
|
|
5902
6810
|
connection.
|
5903
6811
|
:param str ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
|
5904
6812
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
6813
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5905
6814
|
|
5906
6815
|
Supported list of database secrets engines that can be configured:
|
5907
6816
|
:param bool insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
|
5908
6817
|
:param str plugin_name: Specifies the name of the plugin to use.
|
5909
6818
|
:param int port: The transport port to use to connect to Redis.
|
5910
6819
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
6820
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
6821
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
6822
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
6823
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
6824
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
6825
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
6826
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
5911
6827
|
:param bool tls: Specifies whether to use TLS when connecting to Redis.
|
5912
6828
|
:param bool verify_connection: Whether the connection should be verified on
|
5913
6829
|
initial configuration or not.
|
@@ -5922,6 +6838,8 @@ class SecretsMountRedi(dict):
|
|
5922
6838
|
pulumi.set(__self__, "ca_cert", ca_cert)
|
5923
6839
|
if data is not None:
|
5924
6840
|
pulumi.set(__self__, "data", data)
|
6841
|
+
if disable_automated_rotation is not None:
|
6842
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
5925
6843
|
if insecure_tls is not None:
|
5926
6844
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
5927
6845
|
if plugin_name is not None:
|
@@ -5930,6 +6848,12 @@ class SecretsMountRedi(dict):
|
|
5930
6848
|
pulumi.set(__self__, "port", port)
|
5931
6849
|
if root_rotation_statements is not None:
|
5932
6850
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
6851
|
+
if rotation_period is not None:
|
6852
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
6853
|
+
if rotation_schedule is not None:
|
6854
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
6855
|
+
if rotation_window is not None:
|
6856
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
5933
6857
|
if tls is not None:
|
5934
6858
|
pulumi.set(__self__, "tls", tls)
|
5935
6859
|
if verify_connection is not None:
|
@@ -5989,10 +6913,18 @@ class SecretsMountRedi(dict):
|
|
5989
6913
|
def data(self) -> Optional[Mapping[str, str]]:
|
5990
6914
|
"""
|
5991
6915
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
6916
|
+
"""
|
6917
|
+
return pulumi.get(self, "data")
|
6918
|
+
|
6919
|
+
@property
|
6920
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
6921
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
6922
|
+
"""
|
6923
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
5992
6924
|
|
5993
6925
|
Supported list of database secrets engines that can be configured:
|
5994
6926
|
"""
|
5995
|
-
return pulumi.get(self, "
|
6927
|
+
return pulumi.get(self, "disable_automated_rotation")
|
5996
6928
|
|
5997
6929
|
@property
|
5998
6930
|
@pulumi.getter(name="insecureTls")
|
@@ -6026,6 +6958,34 @@ class SecretsMountRedi(dict):
|
|
6026
6958
|
"""
|
6027
6959
|
return pulumi.get(self, "root_rotation_statements")
|
6028
6960
|
|
6961
|
+
@property
|
6962
|
+
@pulumi.getter(name="rotationPeriod")
|
6963
|
+
def rotation_period(self) -> Optional[int]:
|
6964
|
+
"""
|
6965
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
6966
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
6967
|
+
"""
|
6968
|
+
return pulumi.get(self, "rotation_period")
|
6969
|
+
|
6970
|
+
@property
|
6971
|
+
@pulumi.getter(name="rotationSchedule")
|
6972
|
+
def rotation_schedule(self) -> Optional[str]:
|
6973
|
+
"""
|
6974
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
6975
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
6976
|
+
"""
|
6977
|
+
return pulumi.get(self, "rotation_schedule")
|
6978
|
+
|
6979
|
+
@property
|
6980
|
+
@pulumi.getter(name="rotationWindow")
|
6981
|
+
def rotation_window(self) -> Optional[int]:
|
6982
|
+
"""
|
6983
|
+
The maximum amount of time in seconds allowed to complete
|
6984
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
6985
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
6986
|
+
"""
|
6987
|
+
return pulumi.get(self, "rotation_window")
|
6988
|
+
|
6029
6989
|
@property
|
6030
6990
|
@pulumi.getter
|
6031
6991
|
def tls(self) -> Optional[bool]:
|
@@ -6051,10 +7011,18 @@ class SecretsMountRedisElasticach(dict):
|
|
6051
7011
|
suggest = None
|
6052
7012
|
if key == "allowedRoles":
|
6053
7013
|
suggest = "allowed_roles"
|
7014
|
+
elif key == "disableAutomatedRotation":
|
7015
|
+
suggest = "disable_automated_rotation"
|
6054
7016
|
elif key == "pluginName":
|
6055
7017
|
suggest = "plugin_name"
|
6056
7018
|
elif key == "rootRotationStatements":
|
6057
7019
|
suggest = "root_rotation_statements"
|
7020
|
+
elif key == "rotationPeriod":
|
7021
|
+
suggest = "rotation_period"
|
7022
|
+
elif key == "rotationSchedule":
|
7023
|
+
suggest = "rotation_schedule"
|
7024
|
+
elif key == "rotationWindow":
|
7025
|
+
suggest = "rotation_window"
|
6058
7026
|
elif key == "verifyConnection":
|
6059
7027
|
suggest = "verify_connection"
|
6060
7028
|
|
@@ -6074,10 +7042,14 @@ class SecretsMountRedisElasticach(dict):
|
|
6074
7042
|
url: str,
|
6075
7043
|
allowed_roles: Optional[Sequence[str]] = None,
|
6076
7044
|
data: Optional[Mapping[str, str]] = None,
|
7045
|
+
disable_automated_rotation: Optional[bool] = None,
|
6077
7046
|
password: Optional[str] = None,
|
6078
7047
|
plugin_name: Optional[str] = None,
|
6079
7048
|
region: Optional[str] = None,
|
6080
7049
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
7050
|
+
rotation_period: Optional[int] = None,
|
7051
|
+
rotation_schedule: Optional[str] = None,
|
7052
|
+
rotation_window: Optional[int] = None,
|
6081
7053
|
username: Optional[str] = None,
|
6082
7054
|
verify_connection: Optional[bool] = None):
|
6083
7055
|
"""
|
@@ -6086,12 +7058,20 @@ class SecretsMountRedisElasticach(dict):
|
|
6086
7058
|
:param Sequence[str] allowed_roles: A list of roles that are allowed to use this
|
6087
7059
|
connection.
|
6088
7060
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
7061
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
6089
7062
|
|
6090
7063
|
Supported list of database secrets engines that can be configured:
|
6091
7064
|
:param str password: The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
|
6092
7065
|
:param str plugin_name: Specifies the name of the plugin to use.
|
6093
7066
|
:param str region: The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
|
6094
7067
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
7068
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
7069
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
7070
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
7071
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
7072
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
7073
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
7074
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
6095
7075
|
:param str username: The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
|
6096
7076
|
:param bool verify_connection: Whether the connection should be verified on
|
6097
7077
|
initial configuration or not.
|
@@ -6102,6 +7082,8 @@ class SecretsMountRedisElasticach(dict):
|
|
6102
7082
|
pulumi.set(__self__, "allowed_roles", allowed_roles)
|
6103
7083
|
if data is not None:
|
6104
7084
|
pulumi.set(__self__, "data", data)
|
7085
|
+
if disable_automated_rotation is not None:
|
7086
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
6105
7087
|
if password is not None:
|
6106
7088
|
pulumi.set(__self__, "password", password)
|
6107
7089
|
if plugin_name is not None:
|
@@ -6110,6 +7092,12 @@ class SecretsMountRedisElasticach(dict):
|
|
6110
7092
|
pulumi.set(__self__, "region", region)
|
6111
7093
|
if root_rotation_statements is not None:
|
6112
7094
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
7095
|
+
if rotation_period is not None:
|
7096
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
7097
|
+
if rotation_schedule is not None:
|
7098
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
7099
|
+
if rotation_window is not None:
|
7100
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
6113
7101
|
if username is not None:
|
6114
7102
|
pulumi.set(__self__, "username", username)
|
6115
7103
|
if verify_connection is not None:
|
@@ -6145,10 +7133,18 @@ class SecretsMountRedisElasticach(dict):
|
|
6145
7133
|
def data(self) -> Optional[Mapping[str, str]]:
|
6146
7134
|
"""
|
6147
7135
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
7136
|
+
"""
|
7137
|
+
return pulumi.get(self, "data")
|
7138
|
+
|
7139
|
+
@property
|
7140
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
7141
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
7142
|
+
"""
|
7143
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
6148
7144
|
|
6149
7145
|
Supported list of database secrets engines that can be configured:
|
6150
7146
|
"""
|
6151
|
-
return pulumi.get(self, "
|
7147
|
+
return pulumi.get(self, "disable_automated_rotation")
|
6152
7148
|
|
6153
7149
|
@property
|
6154
7150
|
@pulumi.getter
|
@@ -6182,6 +7178,34 @@ class SecretsMountRedisElasticach(dict):
|
|
6182
7178
|
"""
|
6183
7179
|
return pulumi.get(self, "root_rotation_statements")
|
6184
7180
|
|
7181
|
+
@property
|
7182
|
+
@pulumi.getter(name="rotationPeriod")
|
7183
|
+
def rotation_period(self) -> Optional[int]:
|
7184
|
+
"""
|
7185
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
7186
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
7187
|
+
"""
|
7188
|
+
return pulumi.get(self, "rotation_period")
|
7189
|
+
|
7190
|
+
@property
|
7191
|
+
@pulumi.getter(name="rotationSchedule")
|
7192
|
+
def rotation_schedule(self) -> Optional[str]:
|
7193
|
+
"""
|
7194
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
7195
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
7196
|
+
"""
|
7197
|
+
return pulumi.get(self, "rotation_schedule")
|
7198
|
+
|
7199
|
+
@property
|
7200
|
+
@pulumi.getter(name="rotationWindow")
|
7201
|
+
def rotation_window(self) -> Optional[int]:
|
7202
|
+
"""
|
7203
|
+
The maximum amount of time in seconds allowed to complete
|
7204
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
7205
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
7206
|
+
"""
|
7207
|
+
return pulumi.get(self, "rotation_window")
|
7208
|
+
|
6185
7209
|
@property
|
6186
7210
|
@pulumi.getter
|
6187
7211
|
def username(self) -> Optional[str]:
|
@@ -6209,6 +7233,8 @@ class SecretsMountRedshift(dict):
|
|
6209
7233
|
suggest = "allowed_roles"
|
6210
7234
|
elif key == "connectionUrl":
|
6211
7235
|
suggest = "connection_url"
|
7236
|
+
elif key == "disableAutomatedRotation":
|
7237
|
+
suggest = "disable_automated_rotation"
|
6212
7238
|
elif key == "disableEscaping":
|
6213
7239
|
suggest = "disable_escaping"
|
6214
7240
|
elif key == "maxConnectionLifetime":
|
@@ -6221,6 +7247,12 @@ class SecretsMountRedshift(dict):
|
|
6221
7247
|
suggest = "plugin_name"
|
6222
7248
|
elif key == "rootRotationStatements":
|
6223
7249
|
suggest = "root_rotation_statements"
|
7250
|
+
elif key == "rotationPeriod":
|
7251
|
+
suggest = "rotation_period"
|
7252
|
+
elif key == "rotationSchedule":
|
7253
|
+
suggest = "rotation_schedule"
|
7254
|
+
elif key == "rotationWindow":
|
7255
|
+
suggest = "rotation_window"
|
6224
7256
|
elif key == "usernameTemplate":
|
6225
7257
|
suggest = "username_template"
|
6226
7258
|
elif key == "verifyConnection":
|
@@ -6242,6 +7274,7 @@ class SecretsMountRedshift(dict):
|
|
6242
7274
|
allowed_roles: Optional[Sequence[str]] = None,
|
6243
7275
|
connection_url: Optional[str] = None,
|
6244
7276
|
data: Optional[Mapping[str, str]] = None,
|
7277
|
+
disable_automated_rotation: Optional[bool] = None,
|
6245
7278
|
disable_escaping: Optional[bool] = None,
|
6246
7279
|
max_connection_lifetime: Optional[int] = None,
|
6247
7280
|
max_idle_connections: Optional[int] = None,
|
@@ -6249,6 +7282,9 @@ class SecretsMountRedshift(dict):
|
|
6249
7282
|
password: Optional[str] = None,
|
6250
7283
|
plugin_name: Optional[str] = None,
|
6251
7284
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
7285
|
+
rotation_period: Optional[int] = None,
|
7286
|
+
rotation_schedule: Optional[str] = None,
|
7287
|
+
rotation_window: Optional[int] = None,
|
6252
7288
|
username: Optional[str] = None,
|
6253
7289
|
username_template: Optional[str] = None,
|
6254
7290
|
verify_connection: Optional[bool] = None):
|
@@ -6258,6 +7294,7 @@ class SecretsMountRedshift(dict):
|
|
6258
7294
|
connection.
|
6259
7295
|
:param str connection_url: Connection string to use to connect to the database.
|
6260
7296
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
7297
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
6261
7298
|
|
6262
7299
|
Supported list of database secrets engines that can be configured:
|
6263
7300
|
:param bool disable_escaping: Disable special character escaping in username and password
|
@@ -6267,6 +7304,13 @@ class SecretsMountRedshift(dict):
|
|
6267
7304
|
:param str password: The root credential password used in the connection URL
|
6268
7305
|
:param str plugin_name: Specifies the name of the plugin to use.
|
6269
7306
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
7307
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
7308
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
7309
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
7310
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
7311
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
7312
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
7313
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
6270
7314
|
:param str username: The root credential username used in the connection URL
|
6271
7315
|
:param str username_template: Username generation template.
|
6272
7316
|
:param bool verify_connection: Whether the connection should be verified on
|
@@ -6279,6 +7323,8 @@ class SecretsMountRedshift(dict):
|
|
6279
7323
|
pulumi.set(__self__, "connection_url", connection_url)
|
6280
7324
|
if data is not None:
|
6281
7325
|
pulumi.set(__self__, "data", data)
|
7326
|
+
if disable_automated_rotation is not None:
|
7327
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
6282
7328
|
if disable_escaping is not None:
|
6283
7329
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
6284
7330
|
if max_connection_lifetime is not None:
|
@@ -6293,6 +7339,12 @@ class SecretsMountRedshift(dict):
|
|
6293
7339
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
6294
7340
|
if root_rotation_statements is not None:
|
6295
7341
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
7342
|
+
if rotation_period is not None:
|
7343
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
7344
|
+
if rotation_schedule is not None:
|
7345
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
7346
|
+
if rotation_window is not None:
|
7347
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
6296
7348
|
if username is not None:
|
6297
7349
|
pulumi.set(__self__, "username", username)
|
6298
7350
|
if username_template is not None:
|
@@ -6330,10 +7382,18 @@ class SecretsMountRedshift(dict):
|
|
6330
7382
|
def data(self) -> Optional[Mapping[str, str]]:
|
6331
7383
|
"""
|
6332
7384
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
7385
|
+
"""
|
7386
|
+
return pulumi.get(self, "data")
|
7387
|
+
|
7388
|
+
@property
|
7389
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
7390
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
7391
|
+
"""
|
7392
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
6333
7393
|
|
6334
7394
|
Supported list of database secrets engines that can be configured:
|
6335
7395
|
"""
|
6336
|
-
return pulumi.get(self, "
|
7396
|
+
return pulumi.get(self, "disable_automated_rotation")
|
6337
7397
|
|
6338
7398
|
@property
|
6339
7399
|
@pulumi.getter(name="disableEscaping")
|
@@ -6391,6 +7451,34 @@ class SecretsMountRedshift(dict):
|
|
6391
7451
|
"""
|
6392
7452
|
return pulumi.get(self, "root_rotation_statements")
|
6393
7453
|
|
7454
|
+
@property
|
7455
|
+
@pulumi.getter(name="rotationPeriod")
|
7456
|
+
def rotation_period(self) -> Optional[int]:
|
7457
|
+
"""
|
7458
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
7459
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
7460
|
+
"""
|
7461
|
+
return pulumi.get(self, "rotation_period")
|
7462
|
+
|
7463
|
+
@property
|
7464
|
+
@pulumi.getter(name="rotationSchedule")
|
7465
|
+
def rotation_schedule(self) -> Optional[str]:
|
7466
|
+
"""
|
7467
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
7468
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
7469
|
+
"""
|
7470
|
+
return pulumi.get(self, "rotation_schedule")
|
7471
|
+
|
7472
|
+
@property
|
7473
|
+
@pulumi.getter(name="rotationWindow")
|
7474
|
+
def rotation_window(self) -> Optional[int]:
|
7475
|
+
"""
|
7476
|
+
The maximum amount of time in seconds allowed to complete
|
7477
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
7478
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
7479
|
+
"""
|
7480
|
+
return pulumi.get(self, "rotation_window")
|
7481
|
+
|
6394
7482
|
@property
|
6395
7483
|
@pulumi.getter
|
6396
7484
|
def username(self) -> Optional[str]:
|
@@ -6426,6 +7514,8 @@ class SecretsMountSnowflake(dict):
|
|
6426
7514
|
suggest = "allowed_roles"
|
6427
7515
|
elif key == "connectionUrl":
|
6428
7516
|
suggest = "connection_url"
|
7517
|
+
elif key == "disableAutomatedRotation":
|
7518
|
+
suggest = "disable_automated_rotation"
|
6429
7519
|
elif key == "maxConnectionLifetime":
|
6430
7520
|
suggest = "max_connection_lifetime"
|
6431
7521
|
elif key == "maxIdleConnections":
|
@@ -6436,6 +7526,12 @@ class SecretsMountSnowflake(dict):
|
|
6436
7526
|
suggest = "plugin_name"
|
6437
7527
|
elif key == "rootRotationStatements":
|
6438
7528
|
suggest = "root_rotation_statements"
|
7529
|
+
elif key == "rotationPeriod":
|
7530
|
+
suggest = "rotation_period"
|
7531
|
+
elif key == "rotationSchedule":
|
7532
|
+
suggest = "rotation_schedule"
|
7533
|
+
elif key == "rotationWindow":
|
7534
|
+
suggest = "rotation_window"
|
6439
7535
|
elif key == "usernameTemplate":
|
6440
7536
|
suggest = "username_template"
|
6441
7537
|
elif key == "verifyConnection":
|
@@ -6457,12 +7553,16 @@ class SecretsMountSnowflake(dict):
|
|
6457
7553
|
allowed_roles: Optional[Sequence[str]] = None,
|
6458
7554
|
connection_url: Optional[str] = None,
|
6459
7555
|
data: Optional[Mapping[str, str]] = None,
|
7556
|
+
disable_automated_rotation: Optional[bool] = None,
|
6460
7557
|
max_connection_lifetime: Optional[int] = None,
|
6461
7558
|
max_idle_connections: Optional[int] = None,
|
6462
7559
|
max_open_connections: Optional[int] = None,
|
6463
7560
|
password: Optional[str] = None,
|
6464
7561
|
plugin_name: Optional[str] = None,
|
6465
7562
|
root_rotation_statements: Optional[Sequence[str]] = None,
|
7563
|
+
rotation_period: Optional[int] = None,
|
7564
|
+
rotation_schedule: Optional[str] = None,
|
7565
|
+
rotation_window: Optional[int] = None,
|
6466
7566
|
username: Optional[str] = None,
|
6467
7567
|
username_template: Optional[str] = None,
|
6468
7568
|
verify_connection: Optional[bool] = None):
|
@@ -6472,6 +7572,7 @@ class SecretsMountSnowflake(dict):
|
|
6472
7572
|
connection.
|
6473
7573
|
:param str connection_url: Connection string to use to connect to the database.
|
6474
7574
|
:param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
7575
|
+
:param bool disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
6475
7576
|
|
6476
7577
|
Supported list of database secrets engines that can be configured:
|
6477
7578
|
:param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
@@ -6480,6 +7581,13 @@ class SecretsMountSnowflake(dict):
|
|
6480
7581
|
:param str password: The root credential password used in the connection URL
|
6481
7582
|
:param str plugin_name: Specifies the name of the plugin to use.
|
6482
7583
|
:param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
7584
|
+
:param int rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
7585
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
7586
|
+
:param str rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
7587
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
7588
|
+
:param int rotation_window: The maximum amount of time in seconds allowed to complete
|
7589
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
7590
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
6483
7591
|
:param str username: The root credential username used in the connection URL
|
6484
7592
|
:param str username_template: Username generation template.
|
6485
7593
|
:param bool verify_connection: Whether the connection should be verified on
|
@@ -6492,6 +7600,8 @@ class SecretsMountSnowflake(dict):
|
|
6492
7600
|
pulumi.set(__self__, "connection_url", connection_url)
|
6493
7601
|
if data is not None:
|
6494
7602
|
pulumi.set(__self__, "data", data)
|
7603
|
+
if disable_automated_rotation is not None:
|
7604
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
6495
7605
|
if max_connection_lifetime is not None:
|
6496
7606
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
6497
7607
|
if max_idle_connections is not None:
|
@@ -6504,6 +7614,12 @@ class SecretsMountSnowflake(dict):
|
|
6504
7614
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
6505
7615
|
if root_rotation_statements is not None:
|
6506
7616
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
7617
|
+
if rotation_period is not None:
|
7618
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
7619
|
+
if rotation_schedule is not None:
|
7620
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
7621
|
+
if rotation_window is not None:
|
7622
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
6507
7623
|
if username is not None:
|
6508
7624
|
pulumi.set(__self__, "username", username)
|
6509
7625
|
if username_template is not None:
|
@@ -6541,10 +7657,18 @@ class SecretsMountSnowflake(dict):
|
|
6541
7657
|
def data(self) -> Optional[Mapping[str, str]]:
|
6542
7658
|
"""
|
6543
7659
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
7660
|
+
"""
|
7661
|
+
return pulumi.get(self, "data")
|
7662
|
+
|
7663
|
+
@property
|
7664
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
7665
|
+
def disable_automated_rotation(self) -> Optional[bool]:
|
7666
|
+
"""
|
7667
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
6544
7668
|
|
6545
7669
|
Supported list of database secrets engines that can be configured:
|
6546
7670
|
"""
|
6547
|
-
return pulumi.get(self, "
|
7671
|
+
return pulumi.get(self, "disable_automated_rotation")
|
6548
7672
|
|
6549
7673
|
@property
|
6550
7674
|
@pulumi.getter(name="maxConnectionLifetime")
|
@@ -6594,6 +7718,34 @@ class SecretsMountSnowflake(dict):
|
|
6594
7718
|
"""
|
6595
7719
|
return pulumi.get(self, "root_rotation_statements")
|
6596
7720
|
|
7721
|
+
@property
|
7722
|
+
@pulumi.getter(name="rotationPeriod")
|
7723
|
+
def rotation_period(self) -> Optional[int]:
|
7724
|
+
"""
|
7725
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
7726
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
7727
|
+
"""
|
7728
|
+
return pulumi.get(self, "rotation_period")
|
7729
|
+
|
7730
|
+
@property
|
7731
|
+
@pulumi.getter(name="rotationSchedule")
|
7732
|
+
def rotation_schedule(self) -> Optional[str]:
|
7733
|
+
"""
|
7734
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
7735
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
7736
|
+
"""
|
7737
|
+
return pulumi.get(self, "rotation_schedule")
|
7738
|
+
|
7739
|
+
@property
|
7740
|
+
@pulumi.getter(name="rotationWindow")
|
7741
|
+
def rotation_window(self) -> Optional[int]:
|
7742
|
+
"""
|
7743
|
+
The maximum amount of time in seconds allowed to complete
|
7744
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
7745
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
7746
|
+
"""
|
7747
|
+
return pulumi.get(self, "rotation_window")
|
7748
|
+
|
6597
7749
|
@property
|
6598
7750
|
@pulumi.getter
|
6599
7751
|
def username(self) -> Optional[str]:
|