pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +9 -0
- pulumi_vault/_inputs.py +583 -562
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +425 -200
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +523 -306
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +288 -70
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +383 -130
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +432 -186
- pulumi_vault/azure/backend_role.py +188 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +3857 -2200
- pulumi_vault/database/outputs.py +2483 -1330
- pulumi_vault/database/secret_backend_connection.py +333 -112
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +283 -140
- pulumi_vault/database/secrets_mount.py +275 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +426 -205
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +420 -179
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +68 -18
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +754 -533
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +720 -499
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +73 -60
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +31 -36
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +174 -126
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -31
- pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +894 -644
- pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
- pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +2 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +96 -95
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +3 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +325 -0
- pulumi_vault/transit/get_verify.py +355 -0
- pulumi_vault/transit/secret_backend_key.py +394 -231
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
- pulumi_vault-6.7.0.dist-info/RECORD +265 -0
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
- pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -19,29 +20,31 @@ __all__ = ['BackendConfigAcmeArgs', 'BackendConfigAcme']
|
|
19
20
|
@pulumi.input_type
|
20
21
|
class BackendConfigAcmeArgs:
|
21
22
|
def __init__(__self__, *,
|
22
|
-
backend: pulumi.Input[str],
|
23
|
-
enabled: pulumi.Input[bool],
|
24
|
-
allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
|
25
|
-
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
26
|
-
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
27
|
-
default_directory_policy: Optional[pulumi.Input[str]] = None,
|
28
|
-
dns_resolver: Optional[pulumi.Input[str]] = None,
|
29
|
-
eab_policy: Optional[pulumi.Input[str]] = None,
|
30
|
-
|
23
|
+
backend: pulumi.Input[builtins.str],
|
24
|
+
enabled: pulumi.Input[builtins.bool],
|
25
|
+
allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
|
26
|
+
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
27
|
+
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
28
|
+
default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
|
29
|
+
dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
|
30
|
+
eab_policy: Optional[pulumi.Input[builtins.str]] = None,
|
31
|
+
max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
32
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None):
|
31
33
|
"""
|
32
34
|
The set of arguments for constructing a BackendConfigAcme resource.
|
33
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
34
|
-
:param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
|
35
|
-
:param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
36
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
37
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
38
|
-
:param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
35
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
36
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
|
37
|
+
:param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
38
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
39
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
40
|
+
:param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
39
41
|
Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
|
40
|
-
:param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
42
|
+
:param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
41
43
|
Must be in the format `<host>:<port>`, with both parts mandatory.
|
42
|
-
:param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
44
|
+
:param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
43
45
|
Allowed values are `not-required`, `new-account-required` or `always-required`.
|
44
|
-
:param pulumi.Input[
|
46
|
+
:param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
|
47
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
45
48
|
The value should not contain leading or trailing forward slashes.
|
46
49
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
47
50
|
*Available only for Vault Enterprise*.
|
@@ -60,72 +63,74 @@ class BackendConfigAcmeArgs:
|
|
60
63
|
pulumi.set(__self__, "dns_resolver", dns_resolver)
|
61
64
|
if eab_policy is not None:
|
62
65
|
pulumi.set(__self__, "eab_policy", eab_policy)
|
66
|
+
if max_ttl is not None:
|
67
|
+
pulumi.set(__self__, "max_ttl", max_ttl)
|
63
68
|
if namespace is not None:
|
64
69
|
pulumi.set(__self__, "namespace", namespace)
|
65
70
|
|
66
71
|
@property
|
67
72
|
@pulumi.getter
|
68
|
-
def backend(self) -> pulumi.Input[str]:
|
73
|
+
def backend(self) -> pulumi.Input[builtins.str]:
|
69
74
|
"""
|
70
75
|
The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
71
76
|
"""
|
72
77
|
return pulumi.get(self, "backend")
|
73
78
|
|
74
79
|
@backend.setter
|
75
|
-
def backend(self, value: pulumi.Input[str]):
|
80
|
+
def backend(self, value: pulumi.Input[builtins.str]):
|
76
81
|
pulumi.set(self, "backend", value)
|
77
82
|
|
78
83
|
@property
|
79
84
|
@pulumi.getter
|
80
|
-
def enabled(self) -> pulumi.Input[bool]:
|
85
|
+
def enabled(self) -> pulumi.Input[builtins.bool]:
|
81
86
|
"""
|
82
87
|
Specifies whether ACME is enabled.
|
83
88
|
"""
|
84
89
|
return pulumi.get(self, "enabled")
|
85
90
|
|
86
91
|
@enabled.setter
|
87
|
-
def enabled(self, value: pulumi.Input[bool]):
|
92
|
+
def enabled(self, value: pulumi.Input[builtins.bool]):
|
88
93
|
pulumi.set(self, "enabled", value)
|
89
94
|
|
90
95
|
@property
|
91
96
|
@pulumi.getter(name="allowRoleExtKeyUsage")
|
92
|
-
def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[bool]]:
|
97
|
+
def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[builtins.bool]]:
|
93
98
|
"""
|
94
99
|
Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
95
100
|
"""
|
96
101
|
return pulumi.get(self, "allow_role_ext_key_usage")
|
97
102
|
|
98
103
|
@allow_role_ext_key_usage.setter
|
99
|
-
def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[bool]]):
|
104
|
+
def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[builtins.bool]]):
|
100
105
|
pulumi.set(self, "allow_role_ext_key_usage", value)
|
101
106
|
|
102
107
|
@property
|
103
108
|
@pulumi.getter(name="allowedIssuers")
|
104
|
-
def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
109
|
+
def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
105
110
|
"""
|
106
111
|
Specifies which issuers are allowed for use with ACME.
|
107
112
|
"""
|
108
113
|
return pulumi.get(self, "allowed_issuers")
|
109
114
|
|
110
115
|
@allowed_issuers.setter
|
111
|
-
def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
116
|
+
def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
112
117
|
pulumi.set(self, "allowed_issuers", value)
|
113
118
|
|
114
119
|
@property
|
115
120
|
@pulumi.getter(name="allowedRoles")
|
116
|
-
def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
121
|
+
def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
117
122
|
"""
|
118
123
|
Specifies which roles are allowed for use with ACME.
|
119
124
|
"""
|
120
125
|
return pulumi.get(self, "allowed_roles")
|
121
126
|
|
122
127
|
@allowed_roles.setter
|
123
|
-
def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
128
|
+
def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
124
129
|
pulumi.set(self, "allowed_roles", value)
|
125
130
|
|
126
131
|
@property
|
127
132
|
@pulumi.getter(name="defaultDirectoryPolicy")
|
128
|
-
def default_directory_policy(self) -> Optional[pulumi.Input[str]]:
|
133
|
+
def default_directory_policy(self) -> Optional[pulumi.Input[builtins.str]]:
|
129
134
|
"""
|
130
135
|
Specifies the policy to be used for non-role-qualified ACME requests.
|
131
136
|
Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
|
@@ -133,12 +138,12 @@ class BackendConfigAcmeArgs:
|
|
133
138
|
return pulumi.get(self, "default_directory_policy")
|
134
139
|
|
135
140
|
@default_directory_policy.setter
|
136
|
-
def default_directory_policy(self, value: Optional[pulumi.Input[str]]):
|
141
|
+
def default_directory_policy(self, value: Optional[pulumi.Input[builtins.str]]):
|
137
142
|
pulumi.set(self, "default_directory_policy", value)
|
138
143
|
|
139
144
|
@property
|
140
145
|
@pulumi.getter(name="dnsResolver")
|
141
|
-
def dns_resolver(self) -> Optional[pulumi.Input[str]]:
|
146
|
+
def dns_resolver(self) -> Optional[pulumi.Input[builtins.str]]:
|
142
147
|
"""
|
143
148
|
DNS resolver to use for domain resolution on this mount.
|
144
149
|
Must be in the format `<host>:<port>`, with both parts mandatory.
|
@@ -146,12 +151,12 @@ class BackendConfigAcmeArgs:
|
|
146
151
|
return pulumi.get(self, "dns_resolver")
|
147
152
|
|
148
153
|
@dns_resolver.setter
|
149
|
-
def dns_resolver(self, value: Optional[pulumi.Input[str]]):
|
154
|
+
def dns_resolver(self, value: Optional[pulumi.Input[builtins.str]]):
|
150
155
|
pulumi.set(self, "dns_resolver", value)
|
151
156
|
|
152
157
|
@property
|
153
158
|
@pulumi.getter(name="eabPolicy")
|
154
|
-
def eab_policy(self) -> Optional[pulumi.Input[str]]:
|
159
|
+
def eab_policy(self) -> Optional[pulumi.Input[builtins.str]]:
|
155
160
|
"""
|
156
161
|
Specifies the policy to use for external account binding behaviour.
|
157
162
|
Allowed values are `not-required`, `new-account-required` or `always-required`.
|
@@ -159,12 +164,24 @@ class BackendConfigAcmeArgs:
|
|
159
164
|
return pulumi.get(self, "eab_policy")
|
160
165
|
|
161
166
|
@eab_policy.setter
|
162
|
-
def eab_policy(self, value: Optional[pulumi.Input[str]]):
|
167
|
+
def eab_policy(self, value: Optional[pulumi.Input[builtins.str]]):
|
163
168
|
pulumi.set(self, "eab_policy", value)
|
164
169
|
|
170
|
+
@property
|
171
|
+
@pulumi.getter(name="maxTtl")
|
172
|
+
def max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
173
|
+
"""
|
174
|
+
The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
|
175
|
+
"""
|
176
|
+
return pulumi.get(self, "max_ttl")
|
177
|
+
|
178
|
+
@max_ttl.setter
|
179
|
+
def max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
180
|
+
pulumi.set(self, "max_ttl", value)
|
181
|
+
|
165
182
|
@property
|
166
183
|
@pulumi.getter
|
167
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
184
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
168
185
|
"""
|
169
186
|
The namespace to provision the resource in.
|
170
187
|
The value should not contain leading or trailing forward slashes.
|
@@ -174,36 +191,38 @@ class BackendConfigAcmeArgs:
|
|
174
191
|
return pulumi.get(self, "namespace")
|
175
192
|
|
176
193
|
@namespace.setter
|
177
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
194
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
178
195
|
pulumi.set(self, "namespace", value)
|
179
196
|
|
180
197
|
|
181
198
|
@pulumi.input_type
|
182
199
|
class _BackendConfigAcmeState:
|
183
200
|
def __init__(__self__, *,
|
184
|
-
allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
|
185
|
-
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
186
|
-
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
187
|
-
backend: Optional[pulumi.Input[str]] = None,
|
188
|
-
default_directory_policy: Optional[pulumi.Input[str]] = None,
|
189
|
-
dns_resolver: Optional[pulumi.Input[str]] = None,
|
190
|
-
eab_policy: Optional[pulumi.Input[str]] = None,
|
191
|
-
enabled: Optional[pulumi.Input[bool]] = None,
|
192
|
-
|
201
|
+
allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
|
202
|
+
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
203
|
+
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
204
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
205
|
+
default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
|
206
|
+
dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
|
207
|
+
eab_policy: Optional[pulumi.Input[builtins.str]] = None,
|
208
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
209
|
+
max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
210
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None):
|
193
211
|
"""
|
194
212
|
Input properties used for looking up and filtering BackendConfigAcme resources.
|
195
|
-
:param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
196
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
197
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
198
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
199
|
-
:param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
213
|
+
:param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
214
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
215
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
216
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
217
|
+
:param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
200
218
|
Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
|
201
|
-
:param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
219
|
+
:param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
202
220
|
Must be in the format `<host>:<port>`, with both parts mandatory.
|
203
|
-
:param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
221
|
+
:param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
204
222
|
Allowed values are `not-required`, `new-account-required` or `always-required`.
|
205
|
-
:param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
|
206
|
-
:param pulumi.Input[
|
223
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
|
224
|
+
:param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
|
225
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
207
226
|
The value should not contain leading or trailing forward slashes.
|
208
227
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
209
228
|
*Available only for Vault Enterprise*.
|
@@ -224,60 +243,62 @@ class _BackendConfigAcmeState:
|
|
224
243
|
pulumi.set(__self__, "eab_policy", eab_policy)
|
225
244
|
if enabled is not None:
|
226
245
|
pulumi.set(__self__, "enabled", enabled)
|
246
|
+
if max_ttl is not None:
|
247
|
+
pulumi.set(__self__, "max_ttl", max_ttl)
|
227
248
|
if namespace is not None:
|
228
249
|
pulumi.set(__self__, "namespace", namespace)
|
229
250
|
|
230
251
|
@property
|
231
252
|
@pulumi.getter(name="allowRoleExtKeyUsage")
|
232
|
-
def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[bool]]:
|
253
|
+
def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[builtins.bool]]:
|
233
254
|
"""
|
234
255
|
Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
235
256
|
"""
|
236
257
|
return pulumi.get(self, "allow_role_ext_key_usage")
|
237
258
|
|
238
259
|
@allow_role_ext_key_usage.setter
|
239
|
-
def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[bool]]):
|
260
|
+
def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[builtins.bool]]):
|
240
261
|
pulumi.set(self, "allow_role_ext_key_usage", value)
|
241
262
|
|
242
263
|
@property
|
243
264
|
@pulumi.getter(name="allowedIssuers")
|
244
|
-
def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
265
|
+
def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
245
266
|
"""
|
246
267
|
Specifies which issuers are allowed for use with ACME.
|
247
268
|
"""
|
248
269
|
return pulumi.get(self, "allowed_issuers")
|
249
270
|
|
250
271
|
@allowed_issuers.setter
|
251
|
-
def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
272
|
+
def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
252
273
|
pulumi.set(self, "allowed_issuers", value)
|
253
274
|
|
254
275
|
@property
|
255
276
|
@pulumi.getter(name="allowedRoles")
|
256
|
-
def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
277
|
+
def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
257
278
|
"""
|
258
279
|
Specifies which roles are allowed for use with ACME.
|
259
280
|
"""
|
260
281
|
return pulumi.get(self, "allowed_roles")
|
261
282
|
|
262
283
|
@allowed_roles.setter
|
263
|
-
def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
284
|
+
def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
264
285
|
pulumi.set(self, "allowed_roles", value)
|
265
286
|
|
266
287
|
@property
|
267
288
|
@pulumi.getter
|
268
|
-
def backend(self) -> Optional[pulumi.Input[str]]:
|
289
|
+
def backend(self) -> Optional[pulumi.Input[builtins.str]]:
|
269
290
|
"""
|
270
291
|
The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
271
292
|
"""
|
272
293
|
return pulumi.get(self, "backend")
|
273
294
|
|
274
295
|
@backend.setter
|
275
|
-
def backend(self, value: Optional[pulumi.Input[str]]):
|
296
|
+
def backend(self, value: Optional[pulumi.Input[builtins.str]]):
|
276
297
|
pulumi.set(self, "backend", value)
|
277
298
|
|
278
299
|
@property
|
279
300
|
@pulumi.getter(name="defaultDirectoryPolicy")
|
280
|
-
def default_directory_policy(self) -> Optional[pulumi.Input[str]]:
|
301
|
+
def default_directory_policy(self) -> Optional[pulumi.Input[builtins.str]]:
|
281
302
|
"""
|
282
303
|
Specifies the policy to be used for non-role-qualified ACME requests.
|
283
304
|
Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
|
@@ -285,12 +306,12 @@ class _BackendConfigAcmeState:
|
|
285
306
|
return pulumi.get(self, "default_directory_policy")
|
286
307
|
|
287
308
|
@default_directory_policy.setter
|
288
|
-
def default_directory_policy(self, value: Optional[pulumi.Input[str]]):
|
309
|
+
def default_directory_policy(self, value: Optional[pulumi.Input[builtins.str]]):
|
289
310
|
pulumi.set(self, "default_directory_policy", value)
|
290
311
|
|
291
312
|
@property
|
292
313
|
@pulumi.getter(name="dnsResolver")
|
293
|
-
def dns_resolver(self) -> Optional[pulumi.Input[str]]:
|
314
|
+
def dns_resolver(self) -> Optional[pulumi.Input[builtins.str]]:
|
294
315
|
"""
|
295
316
|
DNS resolver to use for domain resolution on this mount.
|
296
317
|
Must be in the format `<host>:<port>`, with both parts mandatory.
|
@@ -298,12 +319,12 @@ class _BackendConfigAcmeState:
|
|
298
319
|
return pulumi.get(self, "dns_resolver")
|
299
320
|
|
300
321
|
@dns_resolver.setter
|
301
|
-
def dns_resolver(self, value: Optional[pulumi.Input[str]]):
|
322
|
+
def dns_resolver(self, value: Optional[pulumi.Input[builtins.str]]):
|
302
323
|
pulumi.set(self, "dns_resolver", value)
|
303
324
|
|
304
325
|
@property
|
305
326
|
@pulumi.getter(name="eabPolicy")
|
306
|
-
def eab_policy(self) -> Optional[pulumi.Input[str]]:
|
327
|
+
def eab_policy(self) -> Optional[pulumi.Input[builtins.str]]:
|
307
328
|
"""
|
308
329
|
Specifies the policy to use for external account binding behaviour.
|
309
330
|
Allowed values are `not-required`, `new-account-required` or `always-required`.
|
@@ -311,24 +332,36 @@ class _BackendConfigAcmeState:
|
|
311
332
|
return pulumi.get(self, "eab_policy")
|
312
333
|
|
313
334
|
@eab_policy.setter
|
314
|
-
def eab_policy(self, value: Optional[pulumi.Input[str]]):
|
335
|
+
def eab_policy(self, value: Optional[pulumi.Input[builtins.str]]):
|
315
336
|
pulumi.set(self, "eab_policy", value)
|
316
337
|
|
317
338
|
@property
|
318
339
|
@pulumi.getter
|
319
|
-
def enabled(self) -> Optional[pulumi.Input[bool]]:
|
340
|
+
def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
|
320
341
|
"""
|
321
342
|
Specifies whether ACME is enabled.
|
322
343
|
"""
|
323
344
|
return pulumi.get(self, "enabled")
|
324
345
|
|
325
346
|
@enabled.setter
|
326
|
-
def enabled(self, value: Optional[pulumi.Input[bool]]):
|
347
|
+
def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
|
327
348
|
pulumi.set(self, "enabled", value)
|
328
349
|
|
350
|
+
@property
|
351
|
+
@pulumi.getter(name="maxTtl")
|
352
|
+
def max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
353
|
+
"""
|
354
|
+
The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
|
355
|
+
"""
|
356
|
+
return pulumi.get(self, "max_ttl")
|
357
|
+
|
358
|
+
@max_ttl.setter
|
359
|
+
def max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
360
|
+
pulumi.set(self, "max_ttl", value)
|
361
|
+
|
329
362
|
@property
|
330
363
|
@pulumi.getter
|
331
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
364
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
332
365
|
"""
|
333
366
|
The namespace to provision the resource in.
|
334
367
|
The value should not contain leading or trailing forward slashes.
|
@@ -338,7 +371,7 @@ class _BackendConfigAcmeState:
|
|
338
371
|
return pulumi.get(self, "namespace")
|
339
372
|
|
340
373
|
@namespace.setter
|
341
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
374
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
342
375
|
pulumi.set(self, "namespace", value)
|
343
376
|
|
344
377
|
|
@@ -347,15 +380,16 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
347
380
|
def __init__(__self__,
|
348
381
|
resource_name: str,
|
349
382
|
opts: Optional[pulumi.ResourceOptions] = None,
|
350
|
-
allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
|
351
|
-
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
352
|
-
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
353
|
-
backend: Optional[pulumi.Input[str]] = None,
|
354
|
-
default_directory_policy: Optional[pulumi.Input[str]] = None,
|
355
|
-
dns_resolver: Optional[pulumi.Input[str]] = None,
|
356
|
-
eab_policy: Optional[pulumi.Input[str]] = None,
|
357
|
-
enabled: Optional[pulumi.Input[bool]] = None,
|
358
|
-
|
383
|
+
allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
|
384
|
+
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
385
|
+
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
386
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
387
|
+
default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
|
388
|
+
dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
|
389
|
+
eab_policy: Optional[pulumi.Input[builtins.str]] = None,
|
390
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
391
|
+
max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
392
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
359
393
|
__props__=None):
|
360
394
|
"""
|
361
395
|
Allows setting the ACME server configuration used by specified mount.
|
@@ -398,18 +432,19 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
398
432
|
|
399
433
|
:param str resource_name: The name of the resource.
|
400
434
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
401
|
-
:param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
402
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
403
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
404
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
405
|
-
:param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
435
|
+
:param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
436
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
437
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
438
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
439
|
+
:param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
406
440
|
Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
|
407
|
-
:param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
441
|
+
:param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
408
442
|
Must be in the format `<host>:<port>`, with both parts mandatory.
|
409
|
-
:param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
443
|
+
:param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
410
444
|
Allowed values are `not-required`, `new-account-required` or `always-required`.
|
411
|
-
:param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
|
412
|
-
:param pulumi.Input[
|
445
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
|
446
|
+
:param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
|
447
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
413
448
|
The value should not contain leading or trailing forward slashes.
|
414
449
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
415
450
|
*Available only for Vault Enterprise*.
|
@@ -474,15 +509,16 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
474
509
|
def _internal_init(__self__,
|
475
510
|
resource_name: str,
|
476
511
|
opts: Optional[pulumi.ResourceOptions] = None,
|
477
|
-
allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
|
478
|
-
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
479
|
-
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
480
|
-
backend: Optional[pulumi.Input[str]] = None,
|
481
|
-
default_directory_policy: Optional[pulumi.Input[str]] = None,
|
482
|
-
dns_resolver: Optional[pulumi.Input[str]] = None,
|
483
|
-
eab_policy: Optional[pulumi.Input[str]] = None,
|
484
|
-
enabled: Optional[pulumi.Input[bool]] = None,
|
485
|
-
|
512
|
+
allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
|
513
|
+
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
514
|
+
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
515
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
516
|
+
default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
|
517
|
+
dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
|
518
|
+
eab_policy: Optional[pulumi.Input[builtins.str]] = None,
|
519
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
520
|
+
max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
521
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
486
522
|
__props__=None):
|
487
523
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
488
524
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -504,6 +540,7 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
504
540
|
if enabled is None and not opts.urn:
|
505
541
|
raise TypeError("Missing required property 'enabled'")
|
506
542
|
__props__.__dict__["enabled"] = enabled
|
543
|
+
__props__.__dict__["max_ttl"] = max_ttl
|
507
544
|
__props__.__dict__["namespace"] = namespace
|
508
545
|
super(BackendConfigAcme, __self__).__init__(
|
509
546
|
'vault:pkiSecret/backendConfigAcme:BackendConfigAcme',
|
@@ -515,15 +552,16 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
515
552
|
def get(resource_name: str,
|
516
553
|
id: pulumi.Input[str],
|
517
554
|
opts: Optional[pulumi.ResourceOptions] = None,
|
518
|
-
allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
|
519
|
-
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
520
|
-
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
521
|
-
backend: Optional[pulumi.Input[str]] = None,
|
522
|
-
default_directory_policy: Optional[pulumi.Input[str]] = None,
|
523
|
-
dns_resolver: Optional[pulumi.Input[str]] = None,
|
524
|
-
eab_policy: Optional[pulumi.Input[str]] = None,
|
525
|
-
enabled: Optional[pulumi.Input[bool]] = None,
|
526
|
-
|
555
|
+
allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
|
556
|
+
allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
557
|
+
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
558
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
559
|
+
default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
|
560
|
+
dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
|
561
|
+
eab_policy: Optional[pulumi.Input[builtins.str]] = None,
|
562
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
563
|
+
max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
564
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None) -> 'BackendConfigAcme':
|
527
565
|
"""
|
528
566
|
Get an existing BackendConfigAcme resource's state with the given name, id, and optional extra
|
529
567
|
properties used to qualify the lookup.
|
@@ -531,18 +569,19 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
531
569
|
:param str resource_name: The unique name of the resulting resource.
|
532
570
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
533
571
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
534
|
-
:param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
535
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
536
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
537
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
538
|
-
:param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
572
|
+
:param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
573
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
|
574
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
|
575
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
576
|
+
:param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
|
539
577
|
Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
|
540
|
-
:param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
578
|
+
:param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
|
541
579
|
Must be in the format `<host>:<port>`, with both parts mandatory.
|
542
|
-
:param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
580
|
+
:param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
|
543
581
|
Allowed values are `not-required`, `new-account-required` or `always-required`.
|
544
|
-
:param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
|
545
|
-
:param pulumi.Input[
|
582
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
|
583
|
+
:param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
|
584
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
546
585
|
The value should not contain leading or trailing forward slashes.
|
547
586
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
548
587
|
*Available only for Vault Enterprise*.
|
@@ -559,12 +598,13 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
559
598
|
__props__.__dict__["dns_resolver"] = dns_resolver
|
560
599
|
__props__.__dict__["eab_policy"] = eab_policy
|
561
600
|
__props__.__dict__["enabled"] = enabled
|
601
|
+
__props__.__dict__["max_ttl"] = max_ttl
|
562
602
|
__props__.__dict__["namespace"] = namespace
|
563
603
|
return BackendConfigAcme(resource_name, opts=opts, __props__=__props__)
|
564
604
|
|
565
605
|
@property
|
566
606
|
@pulumi.getter(name="allowRoleExtKeyUsage")
|
567
|
-
def allow_role_ext_key_usage(self) -> pulumi.Output[Optional[bool]]:
|
607
|
+
def allow_role_ext_key_usage(self) -> pulumi.Output[Optional[builtins.bool]]:
|
568
608
|
"""
|
569
609
|
Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
|
570
610
|
"""
|
@@ -572,7 +612,7 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
572
612
|
|
573
613
|
@property
|
574
614
|
@pulumi.getter(name="allowedIssuers")
|
575
|
-
def allowed_issuers(self) -> pulumi.Output[Sequence[str]]:
|
615
|
+
def allowed_issuers(self) -> pulumi.Output[Sequence[builtins.str]]:
|
576
616
|
"""
|
577
617
|
Specifies which issuers are allowed for use with ACME.
|
578
618
|
"""
|
@@ -580,7 +620,7 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
580
620
|
|
581
621
|
@property
|
582
622
|
@pulumi.getter(name="allowedRoles")
|
583
|
-
def allowed_roles(self) -> pulumi.Output[Sequence[str]]:
|
623
|
+
def allowed_roles(self) -> pulumi.Output[Sequence[builtins.str]]:
|
584
624
|
"""
|
585
625
|
Specifies which roles are allowed for use with ACME.
|
586
626
|
"""
|
@@ -588,7 +628,7 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
588
628
|
|
589
629
|
@property
|
590
630
|
@pulumi.getter
|
591
|
-
def backend(self) -> pulumi.Output[str]:
|
631
|
+
def backend(self) -> pulumi.Output[builtins.str]:
|
592
632
|
"""
|
593
633
|
The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
594
634
|
"""
|
@@ -596,7 +636,7 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
596
636
|
|
597
637
|
@property
|
598
638
|
@pulumi.getter(name="defaultDirectoryPolicy")
|
599
|
-
def default_directory_policy(self) -> pulumi.Output[str]:
|
639
|
+
def default_directory_policy(self) -> pulumi.Output[builtins.str]:
|
600
640
|
"""
|
601
641
|
Specifies the policy to be used for non-role-qualified ACME requests.
|
602
642
|
Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
|
@@ -605,7 +645,7 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
605
645
|
|
606
646
|
@property
|
607
647
|
@pulumi.getter(name="dnsResolver")
|
608
|
-
def dns_resolver(self) -> pulumi.Output[Optional[str]]:
|
648
|
+
def dns_resolver(self) -> pulumi.Output[Optional[builtins.str]]:
|
609
649
|
"""
|
610
650
|
DNS resolver to use for domain resolution on this mount.
|
611
651
|
Must be in the format `<host>:<port>`, with both parts mandatory.
|
@@ -614,7 +654,7 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
614
654
|
|
615
655
|
@property
|
616
656
|
@pulumi.getter(name="eabPolicy")
|
617
|
-
def eab_policy(self) -> pulumi.Output[str]:
|
657
|
+
def eab_policy(self) -> pulumi.Output[builtins.str]:
|
618
658
|
"""
|
619
659
|
Specifies the policy to use for external account binding behaviour.
|
620
660
|
Allowed values are `not-required`, `new-account-required` or `always-required`.
|
@@ -623,15 +663,23 @@ class BackendConfigAcme(pulumi.CustomResource):
|
|
623
663
|
|
624
664
|
@property
|
625
665
|
@pulumi.getter
|
626
|
-
def enabled(self) -> pulumi.Output[bool]:
|
666
|
+
def enabled(self) -> pulumi.Output[builtins.bool]:
|
627
667
|
"""
|
628
668
|
Specifies whether ACME is enabled.
|
629
669
|
"""
|
630
670
|
return pulumi.get(self, "enabled")
|
631
671
|
|
672
|
+
@property
|
673
|
+
@pulumi.getter(name="maxTtl")
|
674
|
+
def max_ttl(self) -> pulumi.Output[builtins.int]:
|
675
|
+
"""
|
676
|
+
The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
|
677
|
+
"""
|
678
|
+
return pulumi.get(self, "max_ttl")
|
679
|
+
|
632
680
|
@property
|
633
681
|
@pulumi.getter
|
634
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
682
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
635
683
|
"""
|
636
684
|
The namespace to provision the resource in.
|
637
685
|
The value should not contain leading or trailing forward slashes.
|