pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +9 -0
  2. pulumi_vault/_inputs.py +583 -562
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +425 -200
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +523 -306
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +288 -70
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +383 -130
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +432 -186
  38. pulumi_vault/azure/backend_role.py +188 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +3857 -2200
  53. pulumi_vault/database/outputs.py +2483 -1330
  54. pulumi_vault/database/secret_backend_connection.py +333 -112
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +283 -140
  57. pulumi_vault/database/secrets_mount.py +275 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +426 -205
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +420 -179
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +68 -18
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +754 -533
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +720 -499
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +73 -60
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +3 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -36
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +174 -126
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -31
  191. pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +894 -644
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
  203. pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +2 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +96 -95
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +3 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +325 -0
  257. pulumi_vault/transit/get_verify.py +355 -0
  258. pulumi_vault/transit/secret_backend_key.py +394 -231
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
  261. pulumi_vault-6.7.0.dist-info/RECORD +265 -0
  262. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
  263. pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
  264. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,29 +20,31 @@ __all__ = ['BackendConfigAcmeArgs', 'BackendConfigAcme']
19
20
  @pulumi.input_type
20
21
  class BackendConfigAcmeArgs:
21
22
  def __init__(__self__, *,
22
- backend: pulumi.Input[str],
23
- enabled: pulumi.Input[bool],
24
- allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
25
- allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
26
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
27
- default_directory_policy: Optional[pulumi.Input[str]] = None,
28
- dns_resolver: Optional[pulumi.Input[str]] = None,
29
- eab_policy: Optional[pulumi.Input[str]] = None,
30
- namespace: Optional[pulumi.Input[str]] = None):
23
+ backend: pulumi.Input[builtins.str],
24
+ enabled: pulumi.Input[builtins.bool],
25
+ allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
26
+ allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
27
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
28
+ default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
29
+ dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
30
+ eab_policy: Optional[pulumi.Input[builtins.str]] = None,
31
+ max_ttl: Optional[pulumi.Input[builtins.int]] = None,
32
+ namespace: Optional[pulumi.Input[builtins.str]] = None):
31
33
  """
32
34
  The set of arguments for constructing a BackendConfigAcme resource.
33
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
34
- :param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
35
- :param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
36
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
37
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
38
- :param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
35
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
36
+ :param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
37
+ :param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
38
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
39
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
40
+ :param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
39
41
  Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
40
- :param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
42
+ :param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
41
43
  Must be in the format `<host>:<port>`, with both parts mandatory.
42
- :param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
44
+ :param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
43
45
  Allowed values are `not-required`, `new-account-required` or `always-required`.
44
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
46
+ :param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
47
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
45
48
  The value should not contain leading or trailing forward slashes.
46
49
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
47
50
  *Available only for Vault Enterprise*.
@@ -60,72 +63,74 @@ class BackendConfigAcmeArgs:
60
63
  pulumi.set(__self__, "dns_resolver", dns_resolver)
61
64
  if eab_policy is not None:
62
65
  pulumi.set(__self__, "eab_policy", eab_policy)
66
+ if max_ttl is not None:
67
+ pulumi.set(__self__, "max_ttl", max_ttl)
63
68
  if namespace is not None:
64
69
  pulumi.set(__self__, "namespace", namespace)
65
70
 
66
71
  @property
67
72
  @pulumi.getter
68
- def backend(self) -> pulumi.Input[str]:
73
+ def backend(self) -> pulumi.Input[builtins.str]:
69
74
  """
70
75
  The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
71
76
  """
72
77
  return pulumi.get(self, "backend")
73
78
 
74
79
  @backend.setter
75
- def backend(self, value: pulumi.Input[str]):
80
+ def backend(self, value: pulumi.Input[builtins.str]):
76
81
  pulumi.set(self, "backend", value)
77
82
 
78
83
  @property
79
84
  @pulumi.getter
80
- def enabled(self) -> pulumi.Input[bool]:
85
+ def enabled(self) -> pulumi.Input[builtins.bool]:
81
86
  """
82
87
  Specifies whether ACME is enabled.
83
88
  """
84
89
  return pulumi.get(self, "enabled")
85
90
 
86
91
  @enabled.setter
87
- def enabled(self, value: pulumi.Input[bool]):
92
+ def enabled(self, value: pulumi.Input[builtins.bool]):
88
93
  pulumi.set(self, "enabled", value)
89
94
 
90
95
  @property
91
96
  @pulumi.getter(name="allowRoleExtKeyUsage")
92
- def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[bool]]:
97
+ def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[builtins.bool]]:
93
98
  """
94
99
  Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
95
100
  """
96
101
  return pulumi.get(self, "allow_role_ext_key_usage")
97
102
 
98
103
  @allow_role_ext_key_usage.setter
99
- def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[bool]]):
104
+ def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[builtins.bool]]):
100
105
  pulumi.set(self, "allow_role_ext_key_usage", value)
101
106
 
102
107
  @property
103
108
  @pulumi.getter(name="allowedIssuers")
104
- def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
109
+ def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
105
110
  """
106
111
  Specifies which issuers are allowed for use with ACME.
107
112
  """
108
113
  return pulumi.get(self, "allowed_issuers")
109
114
 
110
115
  @allowed_issuers.setter
111
- def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
116
+ def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
112
117
  pulumi.set(self, "allowed_issuers", value)
113
118
 
114
119
  @property
115
120
  @pulumi.getter(name="allowedRoles")
116
- def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
121
+ def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
117
122
  """
118
123
  Specifies which roles are allowed for use with ACME.
119
124
  """
120
125
  return pulumi.get(self, "allowed_roles")
121
126
 
122
127
  @allowed_roles.setter
123
- def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
128
+ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
124
129
  pulumi.set(self, "allowed_roles", value)
125
130
 
126
131
  @property
127
132
  @pulumi.getter(name="defaultDirectoryPolicy")
128
- def default_directory_policy(self) -> Optional[pulumi.Input[str]]:
133
+ def default_directory_policy(self) -> Optional[pulumi.Input[builtins.str]]:
129
134
  """
130
135
  Specifies the policy to be used for non-role-qualified ACME requests.
131
136
  Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
@@ -133,12 +138,12 @@ class BackendConfigAcmeArgs:
133
138
  return pulumi.get(self, "default_directory_policy")
134
139
 
135
140
  @default_directory_policy.setter
136
- def default_directory_policy(self, value: Optional[pulumi.Input[str]]):
141
+ def default_directory_policy(self, value: Optional[pulumi.Input[builtins.str]]):
137
142
  pulumi.set(self, "default_directory_policy", value)
138
143
 
139
144
  @property
140
145
  @pulumi.getter(name="dnsResolver")
141
- def dns_resolver(self) -> Optional[pulumi.Input[str]]:
146
+ def dns_resolver(self) -> Optional[pulumi.Input[builtins.str]]:
142
147
  """
143
148
  DNS resolver to use for domain resolution on this mount.
144
149
  Must be in the format `<host>:<port>`, with both parts mandatory.
@@ -146,12 +151,12 @@ class BackendConfigAcmeArgs:
146
151
  return pulumi.get(self, "dns_resolver")
147
152
 
148
153
  @dns_resolver.setter
149
- def dns_resolver(self, value: Optional[pulumi.Input[str]]):
154
+ def dns_resolver(self, value: Optional[pulumi.Input[builtins.str]]):
150
155
  pulumi.set(self, "dns_resolver", value)
151
156
 
152
157
  @property
153
158
  @pulumi.getter(name="eabPolicy")
154
- def eab_policy(self) -> Optional[pulumi.Input[str]]:
159
+ def eab_policy(self) -> Optional[pulumi.Input[builtins.str]]:
155
160
  """
156
161
  Specifies the policy to use for external account binding behaviour.
157
162
  Allowed values are `not-required`, `new-account-required` or `always-required`.
@@ -159,12 +164,24 @@ class BackendConfigAcmeArgs:
159
164
  return pulumi.get(self, "eab_policy")
160
165
 
161
166
  @eab_policy.setter
162
- def eab_policy(self, value: Optional[pulumi.Input[str]]):
167
+ def eab_policy(self, value: Optional[pulumi.Input[builtins.str]]):
163
168
  pulumi.set(self, "eab_policy", value)
164
169
 
170
+ @property
171
+ @pulumi.getter(name="maxTtl")
172
+ def max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
173
+ """
174
+ The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
175
+ """
176
+ return pulumi.get(self, "max_ttl")
177
+
178
+ @max_ttl.setter
179
+ def max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
180
+ pulumi.set(self, "max_ttl", value)
181
+
165
182
  @property
166
183
  @pulumi.getter
167
- def namespace(self) -> Optional[pulumi.Input[str]]:
184
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
168
185
  """
169
186
  The namespace to provision the resource in.
170
187
  The value should not contain leading or trailing forward slashes.
@@ -174,36 +191,38 @@ class BackendConfigAcmeArgs:
174
191
  return pulumi.get(self, "namespace")
175
192
 
176
193
  @namespace.setter
177
- def namespace(self, value: Optional[pulumi.Input[str]]):
194
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
178
195
  pulumi.set(self, "namespace", value)
179
196
 
180
197
 
181
198
  @pulumi.input_type
182
199
  class _BackendConfigAcmeState:
183
200
  def __init__(__self__, *,
184
- allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
185
- allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
186
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
187
- backend: Optional[pulumi.Input[str]] = None,
188
- default_directory_policy: Optional[pulumi.Input[str]] = None,
189
- dns_resolver: Optional[pulumi.Input[str]] = None,
190
- eab_policy: Optional[pulumi.Input[str]] = None,
191
- enabled: Optional[pulumi.Input[bool]] = None,
192
- namespace: Optional[pulumi.Input[str]] = None):
201
+ allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
202
+ allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
203
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
204
+ backend: Optional[pulumi.Input[builtins.str]] = None,
205
+ default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
206
+ dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
207
+ eab_policy: Optional[pulumi.Input[builtins.str]] = None,
208
+ enabled: Optional[pulumi.Input[builtins.bool]] = None,
209
+ max_ttl: Optional[pulumi.Input[builtins.int]] = None,
210
+ namespace: Optional[pulumi.Input[builtins.str]] = None):
193
211
  """
194
212
  Input properties used for looking up and filtering BackendConfigAcme resources.
195
- :param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
196
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
197
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
198
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
199
- :param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
213
+ :param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
214
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
215
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
216
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
217
+ :param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
200
218
  Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
201
- :param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
219
+ :param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
202
220
  Must be in the format `<host>:<port>`, with both parts mandatory.
203
- :param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
221
+ :param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
204
222
  Allowed values are `not-required`, `new-account-required` or `always-required`.
205
- :param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
206
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
223
+ :param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
224
+ :param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
225
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
207
226
  The value should not contain leading or trailing forward slashes.
208
227
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
209
228
  *Available only for Vault Enterprise*.
@@ -224,60 +243,62 @@ class _BackendConfigAcmeState:
224
243
  pulumi.set(__self__, "eab_policy", eab_policy)
225
244
  if enabled is not None:
226
245
  pulumi.set(__self__, "enabled", enabled)
246
+ if max_ttl is not None:
247
+ pulumi.set(__self__, "max_ttl", max_ttl)
227
248
  if namespace is not None:
228
249
  pulumi.set(__self__, "namespace", namespace)
229
250
 
230
251
  @property
231
252
  @pulumi.getter(name="allowRoleExtKeyUsage")
232
- def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[bool]]:
253
+ def allow_role_ext_key_usage(self) -> Optional[pulumi.Input[builtins.bool]]:
233
254
  """
234
255
  Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
235
256
  """
236
257
  return pulumi.get(self, "allow_role_ext_key_usage")
237
258
 
238
259
  @allow_role_ext_key_usage.setter
239
- def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[bool]]):
260
+ def allow_role_ext_key_usage(self, value: Optional[pulumi.Input[builtins.bool]]):
240
261
  pulumi.set(self, "allow_role_ext_key_usage", value)
241
262
 
242
263
  @property
243
264
  @pulumi.getter(name="allowedIssuers")
244
- def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
265
+ def allowed_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
245
266
  """
246
267
  Specifies which issuers are allowed for use with ACME.
247
268
  """
248
269
  return pulumi.get(self, "allowed_issuers")
249
270
 
250
271
  @allowed_issuers.setter
251
- def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
272
+ def allowed_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
252
273
  pulumi.set(self, "allowed_issuers", value)
253
274
 
254
275
  @property
255
276
  @pulumi.getter(name="allowedRoles")
256
- def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
277
+ def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
257
278
  """
258
279
  Specifies which roles are allowed for use with ACME.
259
280
  """
260
281
  return pulumi.get(self, "allowed_roles")
261
282
 
262
283
  @allowed_roles.setter
263
- def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
284
+ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
264
285
  pulumi.set(self, "allowed_roles", value)
265
286
 
266
287
  @property
267
288
  @pulumi.getter
268
- def backend(self) -> Optional[pulumi.Input[str]]:
289
+ def backend(self) -> Optional[pulumi.Input[builtins.str]]:
269
290
  """
270
291
  The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
271
292
  """
272
293
  return pulumi.get(self, "backend")
273
294
 
274
295
  @backend.setter
275
- def backend(self, value: Optional[pulumi.Input[str]]):
296
+ def backend(self, value: Optional[pulumi.Input[builtins.str]]):
276
297
  pulumi.set(self, "backend", value)
277
298
 
278
299
  @property
279
300
  @pulumi.getter(name="defaultDirectoryPolicy")
280
- def default_directory_policy(self) -> Optional[pulumi.Input[str]]:
301
+ def default_directory_policy(self) -> Optional[pulumi.Input[builtins.str]]:
281
302
  """
282
303
  Specifies the policy to be used for non-role-qualified ACME requests.
283
304
  Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
@@ -285,12 +306,12 @@ class _BackendConfigAcmeState:
285
306
  return pulumi.get(self, "default_directory_policy")
286
307
 
287
308
  @default_directory_policy.setter
288
- def default_directory_policy(self, value: Optional[pulumi.Input[str]]):
309
+ def default_directory_policy(self, value: Optional[pulumi.Input[builtins.str]]):
289
310
  pulumi.set(self, "default_directory_policy", value)
290
311
 
291
312
  @property
292
313
  @pulumi.getter(name="dnsResolver")
293
- def dns_resolver(self) -> Optional[pulumi.Input[str]]:
314
+ def dns_resolver(self) -> Optional[pulumi.Input[builtins.str]]:
294
315
  """
295
316
  DNS resolver to use for domain resolution on this mount.
296
317
  Must be in the format `<host>:<port>`, with both parts mandatory.
@@ -298,12 +319,12 @@ class _BackendConfigAcmeState:
298
319
  return pulumi.get(self, "dns_resolver")
299
320
 
300
321
  @dns_resolver.setter
301
- def dns_resolver(self, value: Optional[pulumi.Input[str]]):
322
+ def dns_resolver(self, value: Optional[pulumi.Input[builtins.str]]):
302
323
  pulumi.set(self, "dns_resolver", value)
303
324
 
304
325
  @property
305
326
  @pulumi.getter(name="eabPolicy")
306
- def eab_policy(self) -> Optional[pulumi.Input[str]]:
327
+ def eab_policy(self) -> Optional[pulumi.Input[builtins.str]]:
307
328
  """
308
329
  Specifies the policy to use for external account binding behaviour.
309
330
  Allowed values are `not-required`, `new-account-required` or `always-required`.
@@ -311,24 +332,36 @@ class _BackendConfigAcmeState:
311
332
  return pulumi.get(self, "eab_policy")
312
333
 
313
334
  @eab_policy.setter
314
- def eab_policy(self, value: Optional[pulumi.Input[str]]):
335
+ def eab_policy(self, value: Optional[pulumi.Input[builtins.str]]):
315
336
  pulumi.set(self, "eab_policy", value)
316
337
 
317
338
  @property
318
339
  @pulumi.getter
319
- def enabled(self) -> Optional[pulumi.Input[bool]]:
340
+ def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
320
341
  """
321
342
  Specifies whether ACME is enabled.
322
343
  """
323
344
  return pulumi.get(self, "enabled")
324
345
 
325
346
  @enabled.setter
326
- def enabled(self, value: Optional[pulumi.Input[bool]]):
347
+ def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
327
348
  pulumi.set(self, "enabled", value)
328
349
 
350
+ @property
351
+ @pulumi.getter(name="maxTtl")
352
+ def max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
353
+ """
354
+ The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
355
+ """
356
+ return pulumi.get(self, "max_ttl")
357
+
358
+ @max_ttl.setter
359
+ def max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
360
+ pulumi.set(self, "max_ttl", value)
361
+
329
362
  @property
330
363
  @pulumi.getter
331
- def namespace(self) -> Optional[pulumi.Input[str]]:
364
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
332
365
  """
333
366
  The namespace to provision the resource in.
334
367
  The value should not contain leading or trailing forward slashes.
@@ -338,7 +371,7 @@ class _BackendConfigAcmeState:
338
371
  return pulumi.get(self, "namespace")
339
372
 
340
373
  @namespace.setter
341
- def namespace(self, value: Optional[pulumi.Input[str]]):
374
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
342
375
  pulumi.set(self, "namespace", value)
343
376
 
344
377
 
@@ -347,15 +380,16 @@ class BackendConfigAcme(pulumi.CustomResource):
347
380
  def __init__(__self__,
348
381
  resource_name: str,
349
382
  opts: Optional[pulumi.ResourceOptions] = None,
350
- allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
351
- allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
352
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
353
- backend: Optional[pulumi.Input[str]] = None,
354
- default_directory_policy: Optional[pulumi.Input[str]] = None,
355
- dns_resolver: Optional[pulumi.Input[str]] = None,
356
- eab_policy: Optional[pulumi.Input[str]] = None,
357
- enabled: Optional[pulumi.Input[bool]] = None,
358
- namespace: Optional[pulumi.Input[str]] = None,
383
+ allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
384
+ allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
385
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
386
+ backend: Optional[pulumi.Input[builtins.str]] = None,
387
+ default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
388
+ dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
389
+ eab_policy: Optional[pulumi.Input[builtins.str]] = None,
390
+ enabled: Optional[pulumi.Input[builtins.bool]] = None,
391
+ max_ttl: Optional[pulumi.Input[builtins.int]] = None,
392
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
359
393
  __props__=None):
360
394
  """
361
395
  Allows setting the ACME server configuration used by specified mount.
@@ -398,18 +432,19 @@ class BackendConfigAcme(pulumi.CustomResource):
398
432
 
399
433
  :param str resource_name: The name of the resource.
400
434
  :param pulumi.ResourceOptions opts: Options for the resource.
401
- :param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
402
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
403
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
404
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
405
- :param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
435
+ :param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
436
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
437
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
438
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
439
+ :param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
406
440
  Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
407
- :param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
441
+ :param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
408
442
  Must be in the format `<host>:<port>`, with both parts mandatory.
409
- :param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
443
+ :param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
410
444
  Allowed values are `not-required`, `new-account-required` or `always-required`.
411
- :param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
412
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
445
+ :param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
446
+ :param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
447
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
413
448
  The value should not contain leading or trailing forward slashes.
414
449
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
415
450
  *Available only for Vault Enterprise*.
@@ -474,15 +509,16 @@ class BackendConfigAcme(pulumi.CustomResource):
474
509
  def _internal_init(__self__,
475
510
  resource_name: str,
476
511
  opts: Optional[pulumi.ResourceOptions] = None,
477
- allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
478
- allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
479
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
480
- backend: Optional[pulumi.Input[str]] = None,
481
- default_directory_policy: Optional[pulumi.Input[str]] = None,
482
- dns_resolver: Optional[pulumi.Input[str]] = None,
483
- eab_policy: Optional[pulumi.Input[str]] = None,
484
- enabled: Optional[pulumi.Input[bool]] = None,
485
- namespace: Optional[pulumi.Input[str]] = None,
512
+ allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
513
+ allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
514
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
515
+ backend: Optional[pulumi.Input[builtins.str]] = None,
516
+ default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
517
+ dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
518
+ eab_policy: Optional[pulumi.Input[builtins.str]] = None,
519
+ enabled: Optional[pulumi.Input[builtins.bool]] = None,
520
+ max_ttl: Optional[pulumi.Input[builtins.int]] = None,
521
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
486
522
  __props__=None):
487
523
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
488
524
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -504,6 +540,7 @@ class BackendConfigAcme(pulumi.CustomResource):
504
540
  if enabled is None and not opts.urn:
505
541
  raise TypeError("Missing required property 'enabled'")
506
542
  __props__.__dict__["enabled"] = enabled
543
+ __props__.__dict__["max_ttl"] = max_ttl
507
544
  __props__.__dict__["namespace"] = namespace
508
545
  super(BackendConfigAcme, __self__).__init__(
509
546
  'vault:pkiSecret/backendConfigAcme:BackendConfigAcme',
@@ -515,15 +552,16 @@ class BackendConfigAcme(pulumi.CustomResource):
515
552
  def get(resource_name: str,
516
553
  id: pulumi.Input[str],
517
554
  opts: Optional[pulumi.ResourceOptions] = None,
518
- allow_role_ext_key_usage: Optional[pulumi.Input[bool]] = None,
519
- allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
520
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
521
- backend: Optional[pulumi.Input[str]] = None,
522
- default_directory_policy: Optional[pulumi.Input[str]] = None,
523
- dns_resolver: Optional[pulumi.Input[str]] = None,
524
- eab_policy: Optional[pulumi.Input[str]] = None,
525
- enabled: Optional[pulumi.Input[bool]] = None,
526
- namespace: Optional[pulumi.Input[str]] = None) -> 'BackendConfigAcme':
555
+ allow_role_ext_key_usage: Optional[pulumi.Input[builtins.bool]] = None,
556
+ allowed_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
557
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
558
+ backend: Optional[pulumi.Input[builtins.str]] = None,
559
+ default_directory_policy: Optional[pulumi.Input[builtins.str]] = None,
560
+ dns_resolver: Optional[pulumi.Input[builtins.str]] = None,
561
+ eab_policy: Optional[pulumi.Input[builtins.str]] = None,
562
+ enabled: Optional[pulumi.Input[builtins.bool]] = None,
563
+ max_ttl: Optional[pulumi.Input[builtins.int]] = None,
564
+ namespace: Optional[pulumi.Input[builtins.str]] = None) -> 'BackendConfigAcme':
527
565
  """
528
566
  Get an existing BackendConfigAcme resource's state with the given name, id, and optional extra
529
567
  properties used to qualify the lookup.
@@ -531,18 +569,19 @@ class BackendConfigAcme(pulumi.CustomResource):
531
569
  :param str resource_name: The unique name of the resulting resource.
532
570
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
533
571
  :param pulumi.ResourceOptions opts: Options for the resource.
534
- :param pulumi.Input[bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
535
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
536
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
537
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
538
- :param pulumi.Input[str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
572
+ :param pulumi.Input[builtins.bool] allow_role_ext_key_usage: Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
573
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_issuers: Specifies which issuers are allowed for use with ACME.
574
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: Specifies which roles are allowed for use with ACME.
575
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
576
+ :param pulumi.Input[builtins.str] default_directory_policy: Specifies the policy to be used for non-role-qualified ACME requests.
539
577
  Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
540
- :param pulumi.Input[str] dns_resolver: DNS resolver to use for domain resolution on this mount.
578
+ :param pulumi.Input[builtins.str] dns_resolver: DNS resolver to use for domain resolution on this mount.
541
579
  Must be in the format `<host>:<port>`, with both parts mandatory.
542
- :param pulumi.Input[str] eab_policy: Specifies the policy to use for external account binding behaviour.
580
+ :param pulumi.Input[builtins.str] eab_policy: Specifies the policy to use for external account binding behaviour.
543
581
  Allowed values are `not-required`, `new-account-required` or `always-required`.
544
- :param pulumi.Input[bool] enabled: Specifies whether ACME is enabled.
545
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
582
+ :param pulumi.Input[builtins.bool] enabled: Specifies whether ACME is enabled.
583
+ :param pulumi.Input[builtins.int] max_ttl: The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
584
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
546
585
  The value should not contain leading or trailing forward slashes.
547
586
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
548
587
  *Available only for Vault Enterprise*.
@@ -559,12 +598,13 @@ class BackendConfigAcme(pulumi.CustomResource):
559
598
  __props__.__dict__["dns_resolver"] = dns_resolver
560
599
  __props__.__dict__["eab_policy"] = eab_policy
561
600
  __props__.__dict__["enabled"] = enabled
601
+ __props__.__dict__["max_ttl"] = max_ttl
562
602
  __props__.__dict__["namespace"] = namespace
563
603
  return BackendConfigAcme(resource_name, opts=opts, __props__=__props__)
564
604
 
565
605
  @property
566
606
  @pulumi.getter(name="allowRoleExtKeyUsage")
567
- def allow_role_ext_key_usage(self) -> pulumi.Output[Optional[bool]]:
607
+ def allow_role_ext_key_usage(self) -> pulumi.Output[Optional[builtins.bool]]:
568
608
  """
569
609
  Specifies whether the ExtKeyUsage field from a role is used. **Vault 1.14.1+**
570
610
  """
@@ -572,7 +612,7 @@ class BackendConfigAcme(pulumi.CustomResource):
572
612
 
573
613
  @property
574
614
  @pulumi.getter(name="allowedIssuers")
575
- def allowed_issuers(self) -> pulumi.Output[Sequence[str]]:
615
+ def allowed_issuers(self) -> pulumi.Output[Sequence[builtins.str]]:
576
616
  """
577
617
  Specifies which issuers are allowed for use with ACME.
578
618
  """
@@ -580,7 +620,7 @@ class BackendConfigAcme(pulumi.CustomResource):
580
620
 
581
621
  @property
582
622
  @pulumi.getter(name="allowedRoles")
583
- def allowed_roles(self) -> pulumi.Output[Sequence[str]]:
623
+ def allowed_roles(self) -> pulumi.Output[Sequence[builtins.str]]:
584
624
  """
585
625
  Specifies which roles are allowed for use with ACME.
586
626
  """
@@ -588,7 +628,7 @@ class BackendConfigAcme(pulumi.CustomResource):
588
628
 
589
629
  @property
590
630
  @pulumi.getter
591
- def backend(self) -> pulumi.Output[str]:
631
+ def backend(self) -> pulumi.Output[builtins.str]:
592
632
  """
593
633
  The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
594
634
  """
@@ -596,7 +636,7 @@ class BackendConfigAcme(pulumi.CustomResource):
596
636
 
597
637
  @property
598
638
  @pulumi.getter(name="defaultDirectoryPolicy")
599
- def default_directory_policy(self) -> pulumi.Output[str]:
639
+ def default_directory_policy(self) -> pulumi.Output[builtins.str]:
600
640
  """
601
641
  Specifies the policy to be used for non-role-qualified ACME requests.
602
642
  Allowed values are `forbid`, `sign-verbatim`, `role:<role_name>`, `external-policy` or `external-policy:<policy>`.
@@ -605,7 +645,7 @@ class BackendConfigAcme(pulumi.CustomResource):
605
645
 
606
646
  @property
607
647
  @pulumi.getter(name="dnsResolver")
608
- def dns_resolver(self) -> pulumi.Output[Optional[str]]:
648
+ def dns_resolver(self) -> pulumi.Output[Optional[builtins.str]]:
609
649
  """
610
650
  DNS resolver to use for domain resolution on this mount.
611
651
  Must be in the format `<host>:<port>`, with both parts mandatory.
@@ -614,7 +654,7 @@ class BackendConfigAcme(pulumi.CustomResource):
614
654
 
615
655
  @property
616
656
  @pulumi.getter(name="eabPolicy")
617
- def eab_policy(self) -> pulumi.Output[str]:
657
+ def eab_policy(self) -> pulumi.Output[builtins.str]:
618
658
  """
619
659
  Specifies the policy to use for external account binding behaviour.
620
660
  Allowed values are `not-required`, `new-account-required` or `always-required`.
@@ -623,15 +663,23 @@ class BackendConfigAcme(pulumi.CustomResource):
623
663
 
624
664
  @property
625
665
  @pulumi.getter
626
- def enabled(self) -> pulumi.Output[bool]:
666
+ def enabled(self) -> pulumi.Output[builtins.bool]:
627
667
  """
628
668
  Specifies whether ACME is enabled.
629
669
  """
630
670
  return pulumi.get(self, "enabled")
631
671
 
672
+ @property
673
+ @pulumi.getter(name="maxTtl")
674
+ def max_ttl(self) -> pulumi.Output[builtins.int]:
675
+ """
676
+ The maximum TTL in seconds for certificates issued by ACME. **Vault 1.17.0+**
677
+ """
678
+ return pulumi.get(self, "max_ttl")
679
+
632
680
  @property
633
681
  @pulumi.getter
634
- def namespace(self) -> pulumi.Output[Optional[str]]:
682
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
635
683
  """
636
684
  The namespace to provision the resource in.
637
685
  The value should not contain leading or trailing forward slashes.