pulumi-vault 6.6.0a1741329548__py3-none-any.whl → 6.6.0a1741836364__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +8 -0
- pulumi_vault/aws/auth_backend_client.py +228 -4
- pulumi_vault/aws/secret_backend.py +266 -50
- pulumi_vault/aws/secret_backend_static_role.py +217 -0
- pulumi_vault/azure/auth_backend_config.py +257 -5
- pulumi_vault/azure/backend.py +249 -4
- pulumi_vault/database/_inputs.py +1692 -36
- pulumi_vault/database/outputs.py +1170 -18
- pulumi_vault/database/secret_backend_connection.py +220 -0
- pulumi_vault/database/secret_backend_static_role.py +143 -1
- pulumi_vault/database/secrets_mount.py +8 -0
- pulumi_vault/gcp/auth_backend.py +222 -2
- pulumi_vault/gcp/secret_backend.py +244 -4
- pulumi_vault/ldap/auth_backend.py +222 -2
- pulumi_vault/ldap/secret_backend.py +222 -2
- pulumi_vault/pkisecret/__init__.py +2 -0
- pulumi_vault/pkisecret/_inputs.py +0 -6
- pulumi_vault/pkisecret/backend_config_acme.py +47 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
- pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
- pulumi_vault/pkisecret/outputs.py +0 -4
- pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
- pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
- pulumi_vault/pkisecret/secret_backend_role.py +252 -3
- pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
- pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/terraformcloud/secret_role.py +7 -7
- pulumi_vault/transit/__init__.py +2 -0
- pulumi_vault/transit/get_sign.py +324 -0
- pulumi_vault/transit/get_verify.py +354 -0
- pulumi_vault/transit/secret_backend_key.py +162 -0
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/METADATA +1 -1
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/RECORD +44 -39
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/WHEEL +1 -1
- {pulumi_vault-6.6.0a1741329548.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/top_level.txt +0 -0
@@ -26,6 +26,7 @@ class SecretBackendConnectionArgs:
|
|
26
26
|
cassandra: Optional[pulumi.Input['SecretBackendConnectionCassandraArgs']] = None,
|
27
27
|
couchbase: Optional[pulumi.Input['SecretBackendConnectionCouchbaseArgs']] = None,
|
28
28
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
29
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
29
30
|
elasticsearch: Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']] = None,
|
30
31
|
hana: Optional[pulumi.Input['SecretBackendConnectionHanaArgs']] = None,
|
31
32
|
influxdb: Optional[pulumi.Input['SecretBackendConnectionInfluxdbArgs']] = None,
|
@@ -45,6 +46,9 @@ class SecretBackendConnectionArgs:
|
|
45
46
|
redis_elasticache: Optional[pulumi.Input['SecretBackendConnectionRedisElasticacheArgs']] = None,
|
46
47
|
redshift: Optional[pulumi.Input['SecretBackendConnectionRedshiftArgs']] = None,
|
47
48
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
49
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
50
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
51
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
48
52
|
snowflake: Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']] = None,
|
49
53
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
50
54
|
"""
|
@@ -55,6 +59,7 @@ class SecretBackendConnectionArgs:
|
|
55
59
|
:param pulumi.Input['SecretBackendConnectionCassandraArgs'] cassandra: A nested block containing configuration options for Cassandra connections.
|
56
60
|
:param pulumi.Input['SecretBackendConnectionCouchbaseArgs'] couchbase: A nested block containing configuration options for Couchbase connections.
|
57
61
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
62
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
58
63
|
:param pulumi.Input['SecretBackendConnectionElasticsearchArgs'] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
|
59
64
|
:param pulumi.Input['SecretBackendConnectionHanaArgs'] hana: A nested block containing configuration options for SAP HanaDB connections.
|
60
65
|
:param pulumi.Input['SecretBackendConnectionInfluxdbArgs'] influxdb: A nested block containing configuration options for InfluxDB connections.
|
@@ -79,6 +84,13 @@ class SecretBackendConnectionArgs:
|
|
79
84
|
Exactly one of the nested blocks of configuration options must be supplied.
|
80
85
|
:param pulumi.Input['SecretBackendConnectionRedshiftArgs'] redshift: Connection parameters for the redshift-database-plugin plugin.
|
81
86
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
87
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
88
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
89
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
90
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
91
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
92
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
93
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
82
94
|
:param pulumi.Input['SecretBackendConnectionSnowflakeArgs'] snowflake: A nested block containing configuration options for Snowflake connections.
|
83
95
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
84
96
|
initial configuration or not.
|
@@ -92,6 +104,8 @@ class SecretBackendConnectionArgs:
|
|
92
104
|
pulumi.set(__self__, "couchbase", couchbase)
|
93
105
|
if data is not None:
|
94
106
|
pulumi.set(__self__, "data", data)
|
107
|
+
if disable_automated_rotation is not None:
|
108
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
95
109
|
if elasticsearch is not None:
|
96
110
|
pulumi.set(__self__, "elasticsearch", elasticsearch)
|
97
111
|
if hana is not None:
|
@@ -130,6 +144,12 @@ class SecretBackendConnectionArgs:
|
|
130
144
|
pulumi.set(__self__, "redshift", redshift)
|
131
145
|
if root_rotation_statements is not None:
|
132
146
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
147
|
+
if rotation_period is not None:
|
148
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
149
|
+
if rotation_schedule is not None:
|
150
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
151
|
+
if rotation_window is not None:
|
152
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
133
153
|
if snowflake is not None:
|
134
154
|
pulumi.set(__self__, "snowflake", snowflake)
|
135
155
|
if verify_connection is not None:
|
@@ -196,6 +216,18 @@ class SecretBackendConnectionArgs:
|
|
196
216
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
197
217
|
pulumi.set(self, "data", value)
|
198
218
|
|
219
|
+
@property
|
220
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
221
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
222
|
+
"""
|
223
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
224
|
+
"""
|
225
|
+
return pulumi.get(self, "disable_automated_rotation")
|
226
|
+
|
227
|
+
@disable_automated_rotation.setter
|
228
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
229
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
230
|
+
|
199
231
|
@property
|
200
232
|
@pulumi.getter
|
201
233
|
def elasticsearch(self) -> Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']]:
|
@@ -429,6 +461,46 @@ class SecretBackendConnectionArgs:
|
|
429
461
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
430
462
|
pulumi.set(self, "root_rotation_statements", value)
|
431
463
|
|
464
|
+
@property
|
465
|
+
@pulumi.getter(name="rotationPeriod")
|
466
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
467
|
+
"""
|
468
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
469
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
470
|
+
"""
|
471
|
+
return pulumi.get(self, "rotation_period")
|
472
|
+
|
473
|
+
@rotation_period.setter
|
474
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
475
|
+
pulumi.set(self, "rotation_period", value)
|
476
|
+
|
477
|
+
@property
|
478
|
+
@pulumi.getter(name="rotationSchedule")
|
479
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
480
|
+
"""
|
481
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
482
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
483
|
+
"""
|
484
|
+
return pulumi.get(self, "rotation_schedule")
|
485
|
+
|
486
|
+
@rotation_schedule.setter
|
487
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
488
|
+
pulumi.set(self, "rotation_schedule", value)
|
489
|
+
|
490
|
+
@property
|
491
|
+
@pulumi.getter(name="rotationWindow")
|
492
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
493
|
+
"""
|
494
|
+
The maximum amount of time in seconds allowed to complete
|
495
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
496
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
497
|
+
"""
|
498
|
+
return pulumi.get(self, "rotation_window")
|
499
|
+
|
500
|
+
@rotation_window.setter
|
501
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
502
|
+
pulumi.set(self, "rotation_window", value)
|
503
|
+
|
432
504
|
@property
|
433
505
|
@pulumi.getter
|
434
506
|
def snowflake(self) -> Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']]:
|
@@ -463,6 +535,7 @@ class _SecretBackendConnectionState:
|
|
463
535
|
cassandra: Optional[pulumi.Input['SecretBackendConnectionCassandraArgs']] = None,
|
464
536
|
couchbase: Optional[pulumi.Input['SecretBackendConnectionCouchbaseArgs']] = None,
|
465
537
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
538
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
466
539
|
elasticsearch: Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']] = None,
|
467
540
|
hana: Optional[pulumi.Input['SecretBackendConnectionHanaArgs']] = None,
|
468
541
|
influxdb: Optional[pulumi.Input['SecretBackendConnectionInfluxdbArgs']] = None,
|
@@ -482,6 +555,9 @@ class _SecretBackendConnectionState:
|
|
482
555
|
redis_elasticache: Optional[pulumi.Input['SecretBackendConnectionRedisElasticacheArgs']] = None,
|
483
556
|
redshift: Optional[pulumi.Input['SecretBackendConnectionRedshiftArgs']] = None,
|
484
557
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
558
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
559
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
560
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
485
561
|
snowflake: Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']] = None,
|
486
562
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
487
563
|
"""
|
@@ -492,6 +568,7 @@ class _SecretBackendConnectionState:
|
|
492
568
|
:param pulumi.Input['SecretBackendConnectionCassandraArgs'] cassandra: A nested block containing configuration options for Cassandra connections.
|
493
569
|
:param pulumi.Input['SecretBackendConnectionCouchbaseArgs'] couchbase: A nested block containing configuration options for Couchbase connections.
|
494
570
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
571
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
495
572
|
:param pulumi.Input['SecretBackendConnectionElasticsearchArgs'] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
|
496
573
|
:param pulumi.Input['SecretBackendConnectionHanaArgs'] hana: A nested block containing configuration options for SAP HanaDB connections.
|
497
574
|
:param pulumi.Input['SecretBackendConnectionInfluxdbArgs'] influxdb: A nested block containing configuration options for InfluxDB connections.
|
@@ -516,6 +593,13 @@ class _SecretBackendConnectionState:
|
|
516
593
|
Exactly one of the nested blocks of configuration options must be supplied.
|
517
594
|
:param pulumi.Input['SecretBackendConnectionRedshiftArgs'] redshift: Connection parameters for the redshift-database-plugin plugin.
|
518
595
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
596
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
597
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
598
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
599
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
600
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
601
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
602
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
519
603
|
:param pulumi.Input['SecretBackendConnectionSnowflakeArgs'] snowflake: A nested block containing configuration options for Snowflake connections.
|
520
604
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
521
605
|
initial configuration or not.
|
@@ -530,6 +614,8 @@ class _SecretBackendConnectionState:
|
|
530
614
|
pulumi.set(__self__, "couchbase", couchbase)
|
531
615
|
if data is not None:
|
532
616
|
pulumi.set(__self__, "data", data)
|
617
|
+
if disable_automated_rotation is not None:
|
618
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
533
619
|
if elasticsearch is not None:
|
534
620
|
pulumi.set(__self__, "elasticsearch", elasticsearch)
|
535
621
|
if hana is not None:
|
@@ -568,6 +654,12 @@ class _SecretBackendConnectionState:
|
|
568
654
|
pulumi.set(__self__, "redshift", redshift)
|
569
655
|
if root_rotation_statements is not None:
|
570
656
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
657
|
+
if rotation_period is not None:
|
658
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
659
|
+
if rotation_schedule is not None:
|
660
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
661
|
+
if rotation_window is not None:
|
662
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
571
663
|
if snowflake is not None:
|
572
664
|
pulumi.set(__self__, "snowflake", snowflake)
|
573
665
|
if verify_connection is not None:
|
@@ -634,6 +726,18 @@ class _SecretBackendConnectionState:
|
|
634
726
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
635
727
|
pulumi.set(self, "data", value)
|
636
728
|
|
729
|
+
@property
|
730
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
731
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
732
|
+
"""
|
733
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
734
|
+
"""
|
735
|
+
return pulumi.get(self, "disable_automated_rotation")
|
736
|
+
|
737
|
+
@disable_automated_rotation.setter
|
738
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
739
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
740
|
+
|
637
741
|
@property
|
638
742
|
@pulumi.getter
|
639
743
|
def elasticsearch(self) -> Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']]:
|
@@ -867,6 +971,46 @@ class _SecretBackendConnectionState:
|
|
867
971
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
868
972
|
pulumi.set(self, "root_rotation_statements", value)
|
869
973
|
|
974
|
+
@property
|
975
|
+
@pulumi.getter(name="rotationPeriod")
|
976
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
977
|
+
"""
|
978
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
979
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
980
|
+
"""
|
981
|
+
return pulumi.get(self, "rotation_period")
|
982
|
+
|
983
|
+
@rotation_period.setter
|
984
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
985
|
+
pulumi.set(self, "rotation_period", value)
|
986
|
+
|
987
|
+
@property
|
988
|
+
@pulumi.getter(name="rotationSchedule")
|
989
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
990
|
+
"""
|
991
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
992
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
993
|
+
"""
|
994
|
+
return pulumi.get(self, "rotation_schedule")
|
995
|
+
|
996
|
+
@rotation_schedule.setter
|
997
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
998
|
+
pulumi.set(self, "rotation_schedule", value)
|
999
|
+
|
1000
|
+
@property
|
1001
|
+
@pulumi.getter(name="rotationWindow")
|
1002
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
1003
|
+
"""
|
1004
|
+
The maximum amount of time in seconds allowed to complete
|
1005
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
1006
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
1007
|
+
"""
|
1008
|
+
return pulumi.get(self, "rotation_window")
|
1009
|
+
|
1010
|
+
@rotation_window.setter
|
1011
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
1012
|
+
pulumi.set(self, "rotation_window", value)
|
1013
|
+
|
870
1014
|
@property
|
871
1015
|
@pulumi.getter
|
872
1016
|
def snowflake(self) -> Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']]:
|
@@ -903,6 +1047,7 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
903
1047
|
cassandra: Optional[pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']]] = None,
|
904
1048
|
couchbase: Optional[pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']]] = None,
|
905
1049
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
1050
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
906
1051
|
elasticsearch: Optional[pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']]] = None,
|
907
1052
|
hana: Optional[pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']]] = None,
|
908
1053
|
influxdb: Optional[pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']]] = None,
|
@@ -922,6 +1067,9 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
922
1067
|
redis_elasticache: Optional[pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']]] = None,
|
923
1068
|
redshift: Optional[pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']]] = None,
|
924
1069
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1070
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
1071
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
1072
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
925
1073
|
snowflake: Optional[pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']]] = None,
|
926
1074
|
verify_connection: Optional[pulumi.Input[bool]] = None,
|
927
1075
|
__props__=None):
|
@@ -942,6 +1090,8 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
942
1090
|
"dev",
|
943
1091
|
"prod",
|
944
1092
|
],
|
1093
|
+
rotation_schedule="0 * * * SAT",
|
1094
|
+
rotation_window=3600,
|
945
1095
|
postgresql={
|
946
1096
|
"connection_url": "postgres://username:password@host:port/database",
|
947
1097
|
})
|
@@ -963,6 +1113,7 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
963
1113
|
:param pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']] cassandra: A nested block containing configuration options for Cassandra connections.
|
964
1114
|
:param pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']] couchbase: A nested block containing configuration options for Couchbase connections.
|
965
1115
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
1116
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
966
1117
|
:param pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
|
967
1118
|
:param pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']] hana: A nested block containing configuration options for SAP HanaDB connections.
|
968
1119
|
:param pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']] influxdb: A nested block containing configuration options for InfluxDB connections.
|
@@ -987,6 +1138,13 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
987
1138
|
Exactly one of the nested blocks of configuration options must be supplied.
|
988
1139
|
:param pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']] redshift: Connection parameters for the redshift-database-plugin plugin.
|
989
1140
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
1141
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
1142
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
1143
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
1144
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
1145
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
1146
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
1147
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
990
1148
|
:param pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']] snowflake: A nested block containing configuration options for Snowflake connections.
|
991
1149
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
992
1150
|
initial configuration or not.
|
@@ -1014,6 +1172,8 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1014
1172
|
"dev",
|
1015
1173
|
"prod",
|
1016
1174
|
],
|
1175
|
+
rotation_schedule="0 * * * SAT",
|
1176
|
+
rotation_window=3600,
|
1017
1177
|
postgresql={
|
1018
1178
|
"connection_url": "postgres://username:password@host:port/database",
|
1019
1179
|
})
|
@@ -1047,6 +1207,7 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1047
1207
|
cassandra: Optional[pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']]] = None,
|
1048
1208
|
couchbase: Optional[pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']]] = None,
|
1049
1209
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
1210
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
1050
1211
|
elasticsearch: Optional[pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']]] = None,
|
1051
1212
|
hana: Optional[pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']]] = None,
|
1052
1213
|
influxdb: Optional[pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']]] = None,
|
@@ -1066,6 +1227,9 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1066
1227
|
redis_elasticache: Optional[pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']]] = None,
|
1067
1228
|
redshift: Optional[pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']]] = None,
|
1068
1229
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1230
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
1231
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
1232
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
1069
1233
|
snowflake: Optional[pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']]] = None,
|
1070
1234
|
verify_connection: Optional[pulumi.Input[bool]] = None,
|
1071
1235
|
__props__=None):
|
@@ -1084,6 +1248,7 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1084
1248
|
__props__.__dict__["cassandra"] = cassandra
|
1085
1249
|
__props__.__dict__["couchbase"] = couchbase
|
1086
1250
|
__props__.__dict__["data"] = data
|
1251
|
+
__props__.__dict__["disable_automated_rotation"] = disable_automated_rotation
|
1087
1252
|
__props__.__dict__["elasticsearch"] = elasticsearch
|
1088
1253
|
__props__.__dict__["hana"] = hana
|
1089
1254
|
__props__.__dict__["influxdb"] = influxdb
|
@@ -1103,6 +1268,9 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1103
1268
|
__props__.__dict__["redis_elasticache"] = redis_elasticache
|
1104
1269
|
__props__.__dict__["redshift"] = redshift
|
1105
1270
|
__props__.__dict__["root_rotation_statements"] = root_rotation_statements
|
1271
|
+
__props__.__dict__["rotation_period"] = rotation_period
|
1272
|
+
__props__.__dict__["rotation_schedule"] = rotation_schedule
|
1273
|
+
__props__.__dict__["rotation_window"] = rotation_window
|
1106
1274
|
__props__.__dict__["snowflake"] = snowflake
|
1107
1275
|
__props__.__dict__["verify_connection"] = verify_connection
|
1108
1276
|
super(SecretBackendConnection, __self__).__init__(
|
@@ -1120,6 +1288,7 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1120
1288
|
cassandra: Optional[pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']]] = None,
|
1121
1289
|
couchbase: Optional[pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']]] = None,
|
1122
1290
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
1291
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
1123
1292
|
elasticsearch: Optional[pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']]] = None,
|
1124
1293
|
hana: Optional[pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']]] = None,
|
1125
1294
|
influxdb: Optional[pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']]] = None,
|
@@ -1139,6 +1308,9 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1139
1308
|
redis_elasticache: Optional[pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']]] = None,
|
1140
1309
|
redshift: Optional[pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']]] = None,
|
1141
1310
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1311
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
1312
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
1313
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
1142
1314
|
snowflake: Optional[pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']]] = None,
|
1143
1315
|
verify_connection: Optional[pulumi.Input[bool]] = None) -> 'SecretBackendConnection':
|
1144
1316
|
"""
|
@@ -1154,6 +1326,7 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1154
1326
|
:param pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']] cassandra: A nested block containing configuration options for Cassandra connections.
|
1155
1327
|
:param pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']] couchbase: A nested block containing configuration options for Couchbase connections.
|
1156
1328
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
1329
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
1157
1330
|
:param pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
|
1158
1331
|
:param pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']] hana: A nested block containing configuration options for SAP HanaDB connections.
|
1159
1332
|
:param pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']] influxdb: A nested block containing configuration options for InfluxDB connections.
|
@@ -1178,6 +1351,13 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1178
1351
|
Exactly one of the nested blocks of configuration options must be supplied.
|
1179
1352
|
:param pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']] redshift: Connection parameters for the redshift-database-plugin plugin.
|
1180
1353
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
1354
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
1355
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
1356
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
1357
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
1358
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
1359
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
1360
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
1181
1361
|
:param pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']] snowflake: A nested block containing configuration options for Snowflake connections.
|
1182
1362
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
1183
1363
|
initial configuration or not.
|
@@ -1191,6 +1371,7 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1191
1371
|
__props__.__dict__["cassandra"] = cassandra
|
1192
1372
|
__props__.__dict__["couchbase"] = couchbase
|
1193
1373
|
__props__.__dict__["data"] = data
|
1374
|
+
__props__.__dict__["disable_automated_rotation"] = disable_automated_rotation
|
1194
1375
|
__props__.__dict__["elasticsearch"] = elasticsearch
|
1195
1376
|
__props__.__dict__["hana"] = hana
|
1196
1377
|
__props__.__dict__["influxdb"] = influxdb
|
@@ -1210,6 +1391,9 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1210
1391
|
__props__.__dict__["redis_elasticache"] = redis_elasticache
|
1211
1392
|
__props__.__dict__["redshift"] = redshift
|
1212
1393
|
__props__.__dict__["root_rotation_statements"] = root_rotation_statements
|
1394
|
+
__props__.__dict__["rotation_period"] = rotation_period
|
1395
|
+
__props__.__dict__["rotation_schedule"] = rotation_schedule
|
1396
|
+
__props__.__dict__["rotation_window"] = rotation_window
|
1213
1397
|
__props__.__dict__["snowflake"] = snowflake
|
1214
1398
|
__props__.__dict__["verify_connection"] = verify_connection
|
1215
1399
|
return SecretBackendConnection(resource_name, opts=opts, __props__=__props__)
|
@@ -1255,6 +1439,14 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1255
1439
|
"""
|
1256
1440
|
return pulumi.get(self, "data")
|
1257
1441
|
|
1442
|
+
@property
|
1443
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
1444
|
+
def disable_automated_rotation(self) -> pulumi.Output[Optional[bool]]:
|
1445
|
+
"""
|
1446
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
1447
|
+
"""
|
1448
|
+
return pulumi.get(self, "disable_automated_rotation")
|
1449
|
+
|
1258
1450
|
@property
|
1259
1451
|
@pulumi.getter
|
1260
1452
|
def elasticsearch(self) -> pulumi.Output[Optional['outputs.SecretBackendConnectionElasticsearch']]:
|
@@ -1412,6 +1604,34 @@ class SecretBackendConnection(pulumi.CustomResource):
|
|
1412
1604
|
"""
|
1413
1605
|
return pulumi.get(self, "root_rotation_statements")
|
1414
1606
|
|
1607
|
+
@property
|
1608
|
+
@pulumi.getter(name="rotationPeriod")
|
1609
|
+
def rotation_period(self) -> pulumi.Output[Optional[int]]:
|
1610
|
+
"""
|
1611
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
1612
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
1613
|
+
"""
|
1614
|
+
return pulumi.get(self, "rotation_period")
|
1615
|
+
|
1616
|
+
@property
|
1617
|
+
@pulumi.getter(name="rotationSchedule")
|
1618
|
+
def rotation_schedule(self) -> pulumi.Output[Optional[str]]:
|
1619
|
+
"""
|
1620
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
1621
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
1622
|
+
"""
|
1623
|
+
return pulumi.get(self, "rotation_schedule")
|
1624
|
+
|
1625
|
+
@property
|
1626
|
+
@pulumi.getter(name="rotationWindow")
|
1627
|
+
def rotation_window(self) -> pulumi.Output[Optional[int]]:
|
1628
|
+
"""
|
1629
|
+
The maximum amount of time in seconds allowed to complete
|
1630
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
1631
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
1632
|
+
"""
|
1633
|
+
return pulumi.get(self, "rotation_window")
|
1634
|
+
|
1415
1635
|
@property
|
1416
1636
|
@pulumi.getter
|
1417
1637
|
def snowflake(self) -> pulumi.Output[Optional['outputs.SecretBackendConnectionSnowflake']]:
|