pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.6.0a1741836364__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. pulumi_vault/__init__.py +8 -0
  2. pulumi_vault/aws/auth_backend_client.py +228 -4
  3. pulumi_vault/aws/secret_backend.py +266 -50
  4. pulumi_vault/aws/secret_backend_static_role.py +217 -0
  5. pulumi_vault/azure/auth_backend_config.py +257 -5
  6. pulumi_vault/azure/backend.py +249 -4
  7. pulumi_vault/database/_inputs.py +1692 -36
  8. pulumi_vault/database/outputs.py +1170 -18
  9. pulumi_vault/database/secret_backend_connection.py +220 -0
  10. pulumi_vault/database/secret_backend_static_role.py +143 -1
  11. pulumi_vault/database/secrets_mount.py +8 -0
  12. pulumi_vault/gcp/auth_backend.py +222 -2
  13. pulumi_vault/gcp/secret_backend.py +244 -4
  14. pulumi_vault/ldap/auth_backend.py +222 -2
  15. pulumi_vault/ldap/secret_backend.py +222 -2
  16. pulumi_vault/pkisecret/__init__.py +2 -0
  17. pulumi_vault/pkisecret/_inputs.py +0 -6
  18. pulumi_vault/pkisecret/backend_config_acme.py +47 -0
  19. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
  20. pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
  21. pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
  22. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
  23. pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
  24. pulumi_vault/pkisecret/outputs.py +0 -4
  25. pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
  26. pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
  27. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
  28. pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
  29. pulumi_vault/pkisecret/secret_backend_role.py +252 -3
  30. pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
  31. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
  32. pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
  33. pulumi_vault/pulumi-plugin.json +1 -1
  34. pulumi_vault/ssh/__init__.py +1 -0
  35. pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
  36. pulumi_vault/terraformcloud/secret_role.py +7 -7
  37. pulumi_vault/transit/__init__.py +2 -0
  38. pulumi_vault/transit/get_sign.py +324 -0
  39. pulumi_vault/transit/get_verify.py +354 -0
  40. pulumi_vault/transit/secret_backend_key.py +162 -0
  41. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/METADATA +1 -1
  42. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/RECORD +44 -39
  43. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/WHEEL +1 -1
  44. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.6.0a1741836364.dist-info}/top_level.txt +0 -0
@@ -22,6 +22,10 @@ class SecretBackendIssuerArgs:
22
22
  backend: pulumi.Input[str],
23
23
  issuer_ref: pulumi.Input[str],
24
24
  crl_distribution_points: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
25
+ disable_critical_extension_checks: Optional[pulumi.Input[bool]] = None,
26
+ disable_name_checks: Optional[pulumi.Input[bool]] = None,
27
+ disable_name_constraint_checks: Optional[pulumi.Input[bool]] = None,
28
+ disable_path_length_checks: Optional[pulumi.Input[bool]] = None,
25
29
  enable_aia_url_templating: Optional[pulumi.Input[bool]] = None,
26
30
  issuer_name: Optional[pulumi.Input[str]] = None,
27
31
  issuing_certificates: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
@@ -38,6 +42,21 @@ class SecretBackendIssuerArgs:
38
42
  :param pulumi.Input[str] issuer_ref: Reference to an existing issuer.
39
43
  :param pulumi.Input[Sequence[pulumi.Input[str]]] crl_distribution_points: Specifies the URL values for the CRL
40
44
  Distribution Points field.
45
+ :param pulumi.Input[bool] disable_critical_extension_checks: This determines whether this
46
+ issuer is able to issue certificates where the chain of trust (including the
47
+ issued certificate) contain critical extensions not processed by Vault.
48
+ :param pulumi.Input[bool] disable_name_checks: This determines whether this issuer is able
49
+ to issue certificates where the chain of trust (including the final issued
50
+ certificate) contains a link in which the subject of the issuing certificate
51
+ does not match the named issuer of the certificate it signed.
52
+ :param pulumi.Input[bool] disable_name_constraint_checks: This determines whether this
53
+ issuer is able to issue certificates where the chain of trust (including the
54
+ final issued certificate) violates the name constraints critical extension of
55
+ one of the issuer certificates in the chain.
56
+ :param pulumi.Input[bool] disable_path_length_checks: This determines whether this issuer
57
+ is able to issue certificates where the chain of trust (including the final
58
+ issued certificate) is longer than allowed by a certificate authority in that
59
+ chain.
41
60
  :param pulumi.Input[bool] enable_aia_url_templating: Specifies that the AIA URL values should
42
61
  be templated.
43
62
  :param pulumi.Input[str] issuer_name: Name of the issuer.
@@ -60,6 +79,14 @@ class SecretBackendIssuerArgs:
60
79
  pulumi.set(__self__, "issuer_ref", issuer_ref)
61
80
  if crl_distribution_points is not None:
62
81
  pulumi.set(__self__, "crl_distribution_points", crl_distribution_points)
82
+ if disable_critical_extension_checks is not None:
83
+ pulumi.set(__self__, "disable_critical_extension_checks", disable_critical_extension_checks)
84
+ if disable_name_checks is not None:
85
+ pulumi.set(__self__, "disable_name_checks", disable_name_checks)
86
+ if disable_name_constraint_checks is not None:
87
+ pulumi.set(__self__, "disable_name_constraint_checks", disable_name_constraint_checks)
88
+ if disable_path_length_checks is not None:
89
+ pulumi.set(__self__, "disable_path_length_checks", disable_path_length_checks)
63
90
  if enable_aia_url_templating is not None:
64
91
  pulumi.set(__self__, "enable_aia_url_templating", enable_aia_url_templating)
65
92
  if issuer_name is not None:
@@ -117,6 +144,65 @@ class SecretBackendIssuerArgs:
117
144
  def crl_distribution_points(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
118
145
  pulumi.set(self, "crl_distribution_points", value)
119
146
 
147
+ @property
148
+ @pulumi.getter(name="disableCriticalExtensionChecks")
149
+ def disable_critical_extension_checks(self) -> Optional[pulumi.Input[bool]]:
150
+ """
151
+ This determines whether this
152
+ issuer is able to issue certificates where the chain of trust (including the
153
+ issued certificate) contain critical extensions not processed by Vault.
154
+ """
155
+ return pulumi.get(self, "disable_critical_extension_checks")
156
+
157
+ @disable_critical_extension_checks.setter
158
+ def disable_critical_extension_checks(self, value: Optional[pulumi.Input[bool]]):
159
+ pulumi.set(self, "disable_critical_extension_checks", value)
160
+
161
+ @property
162
+ @pulumi.getter(name="disableNameChecks")
163
+ def disable_name_checks(self) -> Optional[pulumi.Input[bool]]:
164
+ """
165
+ This determines whether this issuer is able
166
+ to issue certificates where the chain of trust (including the final issued
167
+ certificate) contains a link in which the subject of the issuing certificate
168
+ does not match the named issuer of the certificate it signed.
169
+ """
170
+ return pulumi.get(self, "disable_name_checks")
171
+
172
+ @disable_name_checks.setter
173
+ def disable_name_checks(self, value: Optional[pulumi.Input[bool]]):
174
+ pulumi.set(self, "disable_name_checks", value)
175
+
176
+ @property
177
+ @pulumi.getter(name="disableNameConstraintChecks")
178
+ def disable_name_constraint_checks(self) -> Optional[pulumi.Input[bool]]:
179
+ """
180
+ This determines whether this
181
+ issuer is able to issue certificates where the chain of trust (including the
182
+ final issued certificate) violates the name constraints critical extension of
183
+ one of the issuer certificates in the chain.
184
+ """
185
+ return pulumi.get(self, "disable_name_constraint_checks")
186
+
187
+ @disable_name_constraint_checks.setter
188
+ def disable_name_constraint_checks(self, value: Optional[pulumi.Input[bool]]):
189
+ pulumi.set(self, "disable_name_constraint_checks", value)
190
+
191
+ @property
192
+ @pulumi.getter(name="disablePathLengthChecks")
193
+ def disable_path_length_checks(self) -> Optional[pulumi.Input[bool]]:
194
+ """
195
+ This determines whether this issuer
196
+ is able to issue certificates where the chain of trust (including the final
197
+ issued certificate) is longer than allowed by a certificate authority in that
198
+ chain.
199
+ """
200
+ return pulumi.get(self, "disable_path_length_checks")
201
+
202
+ @disable_path_length_checks.setter
203
+ def disable_path_length_checks(self, value: Optional[pulumi.Input[bool]]):
204
+ pulumi.set(self, "disable_path_length_checks", value)
205
+
120
206
  @property
121
207
  @pulumi.getter(name="enableAiaUrlTemplating")
122
208
  def enable_aia_url_templating(self) -> Optional[pulumi.Input[bool]]:
@@ -239,6 +325,10 @@ class _SecretBackendIssuerState:
239
325
  def __init__(__self__, *,
240
326
  backend: Optional[pulumi.Input[str]] = None,
241
327
  crl_distribution_points: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
328
+ disable_critical_extension_checks: Optional[pulumi.Input[bool]] = None,
329
+ disable_name_checks: Optional[pulumi.Input[bool]] = None,
330
+ disable_name_constraint_checks: Optional[pulumi.Input[bool]] = None,
331
+ disable_path_length_checks: Optional[pulumi.Input[bool]] = None,
242
332
  enable_aia_url_templating: Optional[pulumi.Input[bool]] = None,
243
333
  issuer_id: Optional[pulumi.Input[str]] = None,
244
334
  issuer_name: Optional[pulumi.Input[str]] = None,
@@ -256,6 +346,21 @@ class _SecretBackendIssuerState:
256
346
  leading or trailing `/`s.
257
347
  :param pulumi.Input[Sequence[pulumi.Input[str]]] crl_distribution_points: Specifies the URL values for the CRL
258
348
  Distribution Points field.
349
+ :param pulumi.Input[bool] disable_critical_extension_checks: This determines whether this
350
+ issuer is able to issue certificates where the chain of trust (including the
351
+ issued certificate) contain critical extensions not processed by Vault.
352
+ :param pulumi.Input[bool] disable_name_checks: This determines whether this issuer is able
353
+ to issue certificates where the chain of trust (including the final issued
354
+ certificate) contains a link in which the subject of the issuing certificate
355
+ does not match the named issuer of the certificate it signed.
356
+ :param pulumi.Input[bool] disable_name_constraint_checks: This determines whether this
357
+ issuer is able to issue certificates where the chain of trust (including the
358
+ final issued certificate) violates the name constraints critical extension of
359
+ one of the issuer certificates in the chain.
360
+ :param pulumi.Input[bool] disable_path_length_checks: This determines whether this issuer
361
+ is able to issue certificates where the chain of trust (including the final
362
+ issued certificate) is longer than allowed by a certificate authority in that
363
+ chain.
259
364
  :param pulumi.Input[bool] enable_aia_url_templating: Specifies that the AIA URL values should
260
365
  be templated.
261
366
  :param pulumi.Input[str] issuer_id: ID of the issuer.
@@ -280,6 +385,14 @@ class _SecretBackendIssuerState:
280
385
  pulumi.set(__self__, "backend", backend)
281
386
  if crl_distribution_points is not None:
282
387
  pulumi.set(__self__, "crl_distribution_points", crl_distribution_points)
388
+ if disable_critical_extension_checks is not None:
389
+ pulumi.set(__self__, "disable_critical_extension_checks", disable_critical_extension_checks)
390
+ if disable_name_checks is not None:
391
+ pulumi.set(__self__, "disable_name_checks", disable_name_checks)
392
+ if disable_name_constraint_checks is not None:
393
+ pulumi.set(__self__, "disable_name_constraint_checks", disable_name_constraint_checks)
394
+ if disable_path_length_checks is not None:
395
+ pulumi.set(__self__, "disable_path_length_checks", disable_path_length_checks)
283
396
  if enable_aia_url_templating is not None:
284
397
  pulumi.set(__self__, "enable_aia_url_templating", enable_aia_url_templating)
285
398
  if issuer_id is not None:
@@ -329,6 +442,65 @@ class _SecretBackendIssuerState:
329
442
  def crl_distribution_points(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
330
443
  pulumi.set(self, "crl_distribution_points", value)
331
444
 
445
+ @property
446
+ @pulumi.getter(name="disableCriticalExtensionChecks")
447
+ def disable_critical_extension_checks(self) -> Optional[pulumi.Input[bool]]:
448
+ """
449
+ This determines whether this
450
+ issuer is able to issue certificates where the chain of trust (including the
451
+ issued certificate) contain critical extensions not processed by Vault.
452
+ """
453
+ return pulumi.get(self, "disable_critical_extension_checks")
454
+
455
+ @disable_critical_extension_checks.setter
456
+ def disable_critical_extension_checks(self, value: Optional[pulumi.Input[bool]]):
457
+ pulumi.set(self, "disable_critical_extension_checks", value)
458
+
459
+ @property
460
+ @pulumi.getter(name="disableNameChecks")
461
+ def disable_name_checks(self) -> Optional[pulumi.Input[bool]]:
462
+ """
463
+ This determines whether this issuer is able
464
+ to issue certificates where the chain of trust (including the final issued
465
+ certificate) contains a link in which the subject of the issuing certificate
466
+ does not match the named issuer of the certificate it signed.
467
+ """
468
+ return pulumi.get(self, "disable_name_checks")
469
+
470
+ @disable_name_checks.setter
471
+ def disable_name_checks(self, value: Optional[pulumi.Input[bool]]):
472
+ pulumi.set(self, "disable_name_checks", value)
473
+
474
+ @property
475
+ @pulumi.getter(name="disableNameConstraintChecks")
476
+ def disable_name_constraint_checks(self) -> Optional[pulumi.Input[bool]]:
477
+ """
478
+ This determines whether this
479
+ issuer is able to issue certificates where the chain of trust (including the
480
+ final issued certificate) violates the name constraints critical extension of
481
+ one of the issuer certificates in the chain.
482
+ """
483
+ return pulumi.get(self, "disable_name_constraint_checks")
484
+
485
+ @disable_name_constraint_checks.setter
486
+ def disable_name_constraint_checks(self, value: Optional[pulumi.Input[bool]]):
487
+ pulumi.set(self, "disable_name_constraint_checks", value)
488
+
489
+ @property
490
+ @pulumi.getter(name="disablePathLengthChecks")
491
+ def disable_path_length_checks(self) -> Optional[pulumi.Input[bool]]:
492
+ """
493
+ This determines whether this issuer
494
+ is able to issue certificates where the chain of trust (including the final
495
+ issued certificate) is longer than allowed by a certificate authority in that
496
+ chain.
497
+ """
498
+ return pulumi.get(self, "disable_path_length_checks")
499
+
500
+ @disable_path_length_checks.setter
501
+ def disable_path_length_checks(self, value: Optional[pulumi.Input[bool]]):
502
+ pulumi.set(self, "disable_path_length_checks", value)
503
+
332
504
  @property
333
505
  @pulumi.getter(name="enableAiaUrlTemplating")
334
506
  def enable_aia_url_templating(self) -> Optional[pulumi.Input[bool]]:
@@ -477,6 +649,10 @@ class SecretBackendIssuer(pulumi.CustomResource):
477
649
  opts: Optional[pulumi.ResourceOptions] = None,
478
650
  backend: Optional[pulumi.Input[str]] = None,
479
651
  crl_distribution_points: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
652
+ disable_critical_extension_checks: Optional[pulumi.Input[bool]] = None,
653
+ disable_name_checks: Optional[pulumi.Input[bool]] = None,
654
+ disable_name_constraint_checks: Optional[pulumi.Input[bool]] = None,
655
+ disable_path_length_checks: Optional[pulumi.Input[bool]] = None,
480
656
  enable_aia_url_templating: Optional[pulumi.Input[bool]] = None,
481
657
  issuer_name: Optional[pulumi.Input[str]] = None,
482
658
  issuer_ref: Optional[pulumi.Input[str]] = None,
@@ -525,6 +701,21 @@ class SecretBackendIssuer(pulumi.CustomResource):
525
701
  leading or trailing `/`s.
526
702
  :param pulumi.Input[Sequence[pulumi.Input[str]]] crl_distribution_points: Specifies the URL values for the CRL
527
703
  Distribution Points field.
704
+ :param pulumi.Input[bool] disable_critical_extension_checks: This determines whether this
705
+ issuer is able to issue certificates where the chain of trust (including the
706
+ issued certificate) contain critical extensions not processed by Vault.
707
+ :param pulumi.Input[bool] disable_name_checks: This determines whether this issuer is able
708
+ to issue certificates where the chain of trust (including the final issued
709
+ certificate) contains a link in which the subject of the issuing certificate
710
+ does not match the named issuer of the certificate it signed.
711
+ :param pulumi.Input[bool] disable_name_constraint_checks: This determines whether this
712
+ issuer is able to issue certificates where the chain of trust (including the
713
+ final issued certificate) violates the name constraints critical extension of
714
+ one of the issuer certificates in the chain.
715
+ :param pulumi.Input[bool] disable_path_length_checks: This determines whether this issuer
716
+ is able to issue certificates where the chain of trust (including the final
717
+ issued certificate) is longer than allowed by a certificate authority in that
718
+ chain.
528
719
  :param pulumi.Input[bool] enable_aia_url_templating: Specifies that the AIA URL values should
529
720
  be templated.
530
721
  :param pulumi.Input[str] issuer_name: Name of the issuer.
@@ -598,6 +789,10 @@ class SecretBackendIssuer(pulumi.CustomResource):
598
789
  opts: Optional[pulumi.ResourceOptions] = None,
599
790
  backend: Optional[pulumi.Input[str]] = None,
600
791
  crl_distribution_points: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
792
+ disable_critical_extension_checks: Optional[pulumi.Input[bool]] = None,
793
+ disable_name_checks: Optional[pulumi.Input[bool]] = None,
794
+ disable_name_constraint_checks: Optional[pulumi.Input[bool]] = None,
795
+ disable_path_length_checks: Optional[pulumi.Input[bool]] = None,
601
796
  enable_aia_url_templating: Optional[pulumi.Input[bool]] = None,
602
797
  issuer_name: Optional[pulumi.Input[str]] = None,
603
798
  issuer_ref: Optional[pulumi.Input[str]] = None,
@@ -621,6 +816,10 @@ class SecretBackendIssuer(pulumi.CustomResource):
621
816
  raise TypeError("Missing required property 'backend'")
622
817
  __props__.__dict__["backend"] = backend
623
818
  __props__.__dict__["crl_distribution_points"] = crl_distribution_points
819
+ __props__.__dict__["disable_critical_extension_checks"] = disable_critical_extension_checks
820
+ __props__.__dict__["disable_name_checks"] = disable_name_checks
821
+ __props__.__dict__["disable_name_constraint_checks"] = disable_name_constraint_checks
822
+ __props__.__dict__["disable_path_length_checks"] = disable_path_length_checks
624
823
  __props__.__dict__["enable_aia_url_templating"] = enable_aia_url_templating
625
824
  __props__.__dict__["issuer_name"] = issuer_name
626
825
  if issuer_ref is None and not opts.urn:
@@ -646,6 +845,10 @@ class SecretBackendIssuer(pulumi.CustomResource):
646
845
  opts: Optional[pulumi.ResourceOptions] = None,
647
846
  backend: Optional[pulumi.Input[str]] = None,
648
847
  crl_distribution_points: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
848
+ disable_critical_extension_checks: Optional[pulumi.Input[bool]] = None,
849
+ disable_name_checks: Optional[pulumi.Input[bool]] = None,
850
+ disable_name_constraint_checks: Optional[pulumi.Input[bool]] = None,
851
+ disable_path_length_checks: Optional[pulumi.Input[bool]] = None,
649
852
  enable_aia_url_templating: Optional[pulumi.Input[bool]] = None,
650
853
  issuer_id: Optional[pulumi.Input[str]] = None,
651
854
  issuer_name: Optional[pulumi.Input[str]] = None,
@@ -668,6 +871,21 @@ class SecretBackendIssuer(pulumi.CustomResource):
668
871
  leading or trailing `/`s.
669
872
  :param pulumi.Input[Sequence[pulumi.Input[str]]] crl_distribution_points: Specifies the URL values for the CRL
670
873
  Distribution Points field.
874
+ :param pulumi.Input[bool] disable_critical_extension_checks: This determines whether this
875
+ issuer is able to issue certificates where the chain of trust (including the
876
+ issued certificate) contain critical extensions not processed by Vault.
877
+ :param pulumi.Input[bool] disable_name_checks: This determines whether this issuer is able
878
+ to issue certificates where the chain of trust (including the final issued
879
+ certificate) contains a link in which the subject of the issuing certificate
880
+ does not match the named issuer of the certificate it signed.
881
+ :param pulumi.Input[bool] disable_name_constraint_checks: This determines whether this
882
+ issuer is able to issue certificates where the chain of trust (including the
883
+ final issued certificate) violates the name constraints critical extension of
884
+ one of the issuer certificates in the chain.
885
+ :param pulumi.Input[bool] disable_path_length_checks: This determines whether this issuer
886
+ is able to issue certificates where the chain of trust (including the final
887
+ issued certificate) is longer than allowed by a certificate authority in that
888
+ chain.
671
889
  :param pulumi.Input[bool] enable_aia_url_templating: Specifies that the AIA URL values should
672
890
  be templated.
673
891
  :param pulumi.Input[str] issuer_id: ID of the issuer.
@@ -694,6 +912,10 @@ class SecretBackendIssuer(pulumi.CustomResource):
694
912
 
695
913
  __props__.__dict__["backend"] = backend
696
914
  __props__.__dict__["crl_distribution_points"] = crl_distribution_points
915
+ __props__.__dict__["disable_critical_extension_checks"] = disable_critical_extension_checks
916
+ __props__.__dict__["disable_name_checks"] = disable_name_checks
917
+ __props__.__dict__["disable_name_constraint_checks"] = disable_name_constraint_checks
918
+ __props__.__dict__["disable_path_length_checks"] = disable_path_length_checks
697
919
  __props__.__dict__["enable_aia_url_templating"] = enable_aia_url_templating
698
920
  __props__.__dict__["issuer_id"] = issuer_id
699
921
  __props__.__dict__["issuer_name"] = issuer_name
@@ -725,6 +947,49 @@ class SecretBackendIssuer(pulumi.CustomResource):
725
947
  """
726
948
  return pulumi.get(self, "crl_distribution_points")
727
949
 
950
+ @property
951
+ @pulumi.getter(name="disableCriticalExtensionChecks")
952
+ def disable_critical_extension_checks(self) -> pulumi.Output[Optional[bool]]:
953
+ """
954
+ This determines whether this
955
+ issuer is able to issue certificates where the chain of trust (including the
956
+ issued certificate) contain critical extensions not processed by Vault.
957
+ """
958
+ return pulumi.get(self, "disable_critical_extension_checks")
959
+
960
+ @property
961
+ @pulumi.getter(name="disableNameChecks")
962
+ def disable_name_checks(self) -> pulumi.Output[Optional[bool]]:
963
+ """
964
+ This determines whether this issuer is able
965
+ to issue certificates where the chain of trust (including the final issued
966
+ certificate) contains a link in which the subject of the issuing certificate
967
+ does not match the named issuer of the certificate it signed.
968
+ """
969
+ return pulumi.get(self, "disable_name_checks")
970
+
971
+ @property
972
+ @pulumi.getter(name="disableNameConstraintChecks")
973
+ def disable_name_constraint_checks(self) -> pulumi.Output[Optional[bool]]:
974
+ """
975
+ This determines whether this
976
+ issuer is able to issue certificates where the chain of trust (including the
977
+ final issued certificate) violates the name constraints critical extension of
978
+ one of the issuer certificates in the chain.
979
+ """
980
+ return pulumi.get(self, "disable_name_constraint_checks")
981
+
982
+ @property
983
+ @pulumi.getter(name="disablePathLengthChecks")
984
+ def disable_path_length_checks(self) -> pulumi.Output[Optional[bool]]:
985
+ """
986
+ This determines whether this issuer
987
+ is able to issue certificates where the chain of trust (including the final
988
+ issued certificate) is longer than allowed by a certificate authority in that
989
+ chain.
990
+ """
991
+ return pulumi.get(self, "disable_path_length_checks")
992
+
728
993
  @property
729
994
  @pulumi.getter(name="enableAiaUrlTemplating")
730
995
  def enable_aia_url_templating(self) -> pulumi.Output[Optional[bool]]: