pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +9 -0
- pulumi_vault/_inputs.py +583 -562
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +425 -200
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +523 -306
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +288 -70
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +383 -130
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +432 -186
- pulumi_vault/azure/backend_role.py +188 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +3857 -2200
- pulumi_vault/database/outputs.py +2483 -1330
- pulumi_vault/database/secret_backend_connection.py +333 -112
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +283 -140
- pulumi_vault/database/secrets_mount.py +275 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +426 -205
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +420 -179
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +68 -18
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +754 -533
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +720 -499
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +73 -60
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +31 -36
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +174 -126
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -31
- pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +894 -644
- pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
- pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +2 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +96 -95
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +3 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +325 -0
- pulumi_vault/transit/get_verify.py +355 -0
- pulumi_vault/transit/secret_backend_key.py +394 -231
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
- pulumi_vault-6.7.0.dist-info/RECORD +265 -0
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
- pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -21,25 +22,27 @@ __all__ = ['BackendConfigCmpv2Args', 'BackendConfigCmpv2']
|
|
21
22
|
@pulumi.input_type
|
22
23
|
class BackendConfigCmpv2Args:
|
23
24
|
def __init__(__self__, *,
|
24
|
-
backend: pulumi.Input[str],
|
25
|
-
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
25
|
+
backend: pulumi.Input[builtins.str],
|
26
|
+
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
26
27
|
authenticators: Optional[pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs']] = None,
|
27
|
-
default_path_policy: Optional[pulumi.Input[str]] = None,
|
28
|
-
|
29
|
-
|
30
|
-
|
28
|
+
default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
|
29
|
+
disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
30
|
+
enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
|
31
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
32
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None):
|
31
33
|
"""
|
32
34
|
The set of arguments for constructing a BackendConfigCmpv2 resource.
|
33
|
-
:param pulumi.Input[str] backend: The path to the PKI secret backend to
|
35
|
+
:param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
|
34
36
|
read the CMPv2 configuration from, with no leading or trailing `/`s.
|
35
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
37
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
38
|
+
:param pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs'] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
|
39
|
+
:param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
40
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
|
36
41
|
|
37
42
|
<a id="nestedatt--authenticators"></a>
|
38
|
-
:param pulumi.Input[
|
39
|
-
:param pulumi.Input[
|
40
|
-
:param pulumi.Input[
|
41
|
-
:param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
|
42
|
-
:param pulumi.Input[str] namespace: The namespace of the target resource.
|
43
|
+
:param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
|
44
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
|
45
|
+
:param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
|
43
46
|
The value should not contain leading or trailing forward slashes.
|
44
47
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
45
48
|
*Available only for Vault Enterprise*.
|
@@ -51,6 +54,8 @@ class BackendConfigCmpv2Args:
|
|
51
54
|
pulumi.set(__self__, "authenticators", authenticators)
|
52
55
|
if default_path_policy is not None:
|
53
56
|
pulumi.set(__self__, "default_path_policy", default_path_policy)
|
57
|
+
if disabled_validations is not None:
|
58
|
+
pulumi.set(__self__, "disabled_validations", disabled_validations)
|
54
59
|
if enable_sentinel_parsing is not None:
|
55
60
|
pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
|
56
61
|
if enabled is not None:
|
@@ -60,7 +65,7 @@ class BackendConfigCmpv2Args:
|
|
60
65
|
|
61
66
|
@property
|
62
67
|
@pulumi.getter
|
63
|
-
def backend(self) -> pulumi.Input[str]:
|
68
|
+
def backend(self) -> pulumi.Input[builtins.str]:
|
64
69
|
"""
|
65
70
|
The path to the PKI secret backend to
|
66
71
|
read the CMPv2 configuration from, with no leading or trailing `/`s.
|
@@ -68,21 +73,19 @@ class BackendConfigCmpv2Args:
|
|
68
73
|
return pulumi.get(self, "backend")
|
69
74
|
|
70
75
|
@backend.setter
|
71
|
-
def backend(self, value: pulumi.Input[str]):
|
76
|
+
def backend(self, value: pulumi.Input[builtins.str]):
|
72
77
|
pulumi.set(self, "backend", value)
|
73
78
|
|
74
79
|
@property
|
75
80
|
@pulumi.getter(name="auditFields")
|
76
|
-
def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
81
|
+
def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
77
82
|
"""
|
78
83
|
Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
79
|
-
|
80
|
-
<a id="nestedatt--authenticators"></a>
|
81
84
|
"""
|
82
85
|
return pulumi.get(self, "audit_fields")
|
83
86
|
|
84
87
|
@audit_fields.setter
|
85
|
-
def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
88
|
+
def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
86
89
|
pulumi.set(self, "audit_fields", value)
|
87
90
|
|
88
91
|
@property
|
@@ -99,43 +102,57 @@ class BackendConfigCmpv2Args:
|
|
99
102
|
|
100
103
|
@property
|
101
104
|
@pulumi.getter(name="defaultPathPolicy")
|
102
|
-
def default_path_policy(self) -> Optional[pulumi.Input[str]]:
|
105
|
+
def default_path_policy(self) -> Optional[pulumi.Input[builtins.str]]:
|
103
106
|
"""
|
104
107
|
Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
105
108
|
"""
|
106
109
|
return pulumi.get(self, "default_path_policy")
|
107
110
|
|
108
111
|
@default_path_policy.setter
|
109
|
-
def default_path_policy(self, value: Optional[pulumi.Input[str]]):
|
112
|
+
def default_path_policy(self, value: Optional[pulumi.Input[builtins.str]]):
|
110
113
|
pulumi.set(self, "default_path_policy", value)
|
111
114
|
|
115
|
+
@property
|
116
|
+
@pulumi.getter(name="disabledValidations")
|
117
|
+
def disabled_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
118
|
+
"""
|
119
|
+
A comma-separated list of validations not to perform on CMPv2 messages.
|
120
|
+
|
121
|
+
<a id="nestedatt--authenticators"></a>
|
122
|
+
"""
|
123
|
+
return pulumi.get(self, "disabled_validations")
|
124
|
+
|
125
|
+
@disabled_validations.setter
|
126
|
+
def disabled_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
127
|
+
pulumi.set(self, "disabled_validations", value)
|
128
|
+
|
112
129
|
@property
|
113
130
|
@pulumi.getter(name="enableSentinelParsing")
|
114
|
-
def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
|
131
|
+
def enable_sentinel_parsing(self) -> Optional[pulumi.Input[builtins.bool]]:
|
115
132
|
"""
|
116
133
|
If set, parse out fields from the provided CSR making them available for Sentinel policies.
|
117
134
|
"""
|
118
135
|
return pulumi.get(self, "enable_sentinel_parsing")
|
119
136
|
|
120
137
|
@enable_sentinel_parsing.setter
|
121
|
-
def enable_sentinel_parsing(self, value: Optional[pulumi.Input[bool]]):
|
138
|
+
def enable_sentinel_parsing(self, value: Optional[pulumi.Input[builtins.bool]]):
|
122
139
|
pulumi.set(self, "enable_sentinel_parsing", value)
|
123
140
|
|
124
141
|
@property
|
125
142
|
@pulumi.getter
|
126
|
-
def enabled(self) -> Optional[pulumi.Input[bool]]:
|
143
|
+
def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
|
127
144
|
"""
|
128
145
|
Specifies whether CMPv2 is enabled.
|
129
146
|
"""
|
130
147
|
return pulumi.get(self, "enabled")
|
131
148
|
|
132
149
|
@enabled.setter
|
133
|
-
def enabled(self, value: Optional[pulumi.Input[bool]]):
|
150
|
+
def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
|
134
151
|
pulumi.set(self, "enabled", value)
|
135
152
|
|
136
153
|
@property
|
137
154
|
@pulumi.getter
|
138
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
155
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
139
156
|
"""
|
140
157
|
The namespace of the target resource.
|
141
158
|
The value should not contain leading or trailing forward slashes.
|
@@ -145,34 +162,36 @@ class BackendConfigCmpv2Args:
|
|
145
162
|
return pulumi.get(self, "namespace")
|
146
163
|
|
147
164
|
@namespace.setter
|
148
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
165
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
149
166
|
pulumi.set(self, "namespace", value)
|
150
167
|
|
151
168
|
|
152
169
|
@pulumi.input_type
|
153
170
|
class _BackendConfigCmpv2State:
|
154
171
|
def __init__(__self__, *,
|
155
|
-
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
172
|
+
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
156
173
|
authenticators: Optional[pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs']] = None,
|
157
|
-
backend: Optional[pulumi.Input[str]] = None,
|
158
|
-
default_path_policy: Optional[pulumi.Input[str]] = None,
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
174
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
175
|
+
default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
|
176
|
+
disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
177
|
+
enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
|
178
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
179
|
+
last_updated: Optional[pulumi.Input[builtins.str]] = None,
|
180
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None):
|
163
181
|
"""
|
164
182
|
Input properties used for looking up and filtering BackendConfigCmpv2 resources.
|
165
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
166
|
-
|
167
|
-
<a id="nestedatt--authenticators"></a>
|
183
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
168
184
|
:param pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs'] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
|
169
|
-
:param pulumi.Input[str] backend: The path to the PKI secret backend to
|
185
|
+
:param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
|
170
186
|
read the CMPv2 configuration from, with no leading or trailing `/`s.
|
171
|
-
:param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
172
|
-
:param pulumi.Input[
|
173
|
-
|
174
|
-
|
175
|
-
:param pulumi.Input[
|
187
|
+
:param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
188
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
|
189
|
+
|
190
|
+
<a id="nestedatt--authenticators"></a>
|
191
|
+
:param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
|
192
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
|
193
|
+
:param pulumi.Input[builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
|
194
|
+
:param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
|
176
195
|
The value should not contain leading or trailing forward slashes.
|
177
196
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
178
197
|
*Available only for Vault Enterprise*.
|
@@ -185,6 +204,8 @@ class _BackendConfigCmpv2State:
|
|
185
204
|
pulumi.set(__self__, "backend", backend)
|
186
205
|
if default_path_policy is not None:
|
187
206
|
pulumi.set(__self__, "default_path_policy", default_path_policy)
|
207
|
+
if disabled_validations is not None:
|
208
|
+
pulumi.set(__self__, "disabled_validations", disabled_validations)
|
188
209
|
if enable_sentinel_parsing is not None:
|
189
210
|
pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
|
190
211
|
if enabled is not None:
|
@@ -196,16 +217,14 @@ class _BackendConfigCmpv2State:
|
|
196
217
|
|
197
218
|
@property
|
198
219
|
@pulumi.getter(name="auditFields")
|
199
|
-
def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
220
|
+
def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
200
221
|
"""
|
201
222
|
Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
202
|
-
|
203
|
-
<a id="nestedatt--authenticators"></a>
|
204
223
|
"""
|
205
224
|
return pulumi.get(self, "audit_fields")
|
206
225
|
|
207
226
|
@audit_fields.setter
|
208
|
-
def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
227
|
+
def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
209
228
|
pulumi.set(self, "audit_fields", value)
|
210
229
|
|
211
230
|
@property
|
@@ -222,7 +241,7 @@ class _BackendConfigCmpv2State:
|
|
222
241
|
|
223
242
|
@property
|
224
243
|
@pulumi.getter
|
225
|
-
def backend(self) -> Optional[pulumi.Input[str]]:
|
244
|
+
def backend(self) -> Optional[pulumi.Input[builtins.str]]:
|
226
245
|
"""
|
227
246
|
The path to the PKI secret backend to
|
228
247
|
read the CMPv2 configuration from, with no leading or trailing `/`s.
|
@@ -230,60 +249,74 @@ class _BackendConfigCmpv2State:
|
|
230
249
|
return pulumi.get(self, "backend")
|
231
250
|
|
232
251
|
@backend.setter
|
233
|
-
def backend(self, value: Optional[pulumi.Input[str]]):
|
252
|
+
def backend(self, value: Optional[pulumi.Input[builtins.str]]):
|
234
253
|
pulumi.set(self, "backend", value)
|
235
254
|
|
236
255
|
@property
|
237
256
|
@pulumi.getter(name="defaultPathPolicy")
|
238
|
-
def default_path_policy(self) -> Optional[pulumi.Input[str]]:
|
257
|
+
def default_path_policy(self) -> Optional[pulumi.Input[builtins.str]]:
|
239
258
|
"""
|
240
259
|
Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
241
260
|
"""
|
242
261
|
return pulumi.get(self, "default_path_policy")
|
243
262
|
|
244
263
|
@default_path_policy.setter
|
245
|
-
def default_path_policy(self, value: Optional[pulumi.Input[str]]):
|
264
|
+
def default_path_policy(self, value: Optional[pulumi.Input[builtins.str]]):
|
246
265
|
pulumi.set(self, "default_path_policy", value)
|
247
266
|
|
267
|
+
@property
|
268
|
+
@pulumi.getter(name="disabledValidations")
|
269
|
+
def disabled_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
270
|
+
"""
|
271
|
+
A comma-separated list of validations not to perform on CMPv2 messages.
|
272
|
+
|
273
|
+
<a id="nestedatt--authenticators"></a>
|
274
|
+
"""
|
275
|
+
return pulumi.get(self, "disabled_validations")
|
276
|
+
|
277
|
+
@disabled_validations.setter
|
278
|
+
def disabled_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
279
|
+
pulumi.set(self, "disabled_validations", value)
|
280
|
+
|
248
281
|
@property
|
249
282
|
@pulumi.getter(name="enableSentinelParsing")
|
250
|
-
def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
|
283
|
+
def enable_sentinel_parsing(self) -> Optional[pulumi.Input[builtins.bool]]:
|
251
284
|
"""
|
252
285
|
If set, parse out fields from the provided CSR making them available for Sentinel policies.
|
253
286
|
"""
|
254
287
|
return pulumi.get(self, "enable_sentinel_parsing")
|
255
288
|
|
256
289
|
@enable_sentinel_parsing.setter
|
257
|
-
def enable_sentinel_parsing(self, value: Optional[pulumi.Input[bool]]):
|
290
|
+
def enable_sentinel_parsing(self, value: Optional[pulumi.Input[builtins.bool]]):
|
258
291
|
pulumi.set(self, "enable_sentinel_parsing", value)
|
259
292
|
|
260
293
|
@property
|
261
294
|
@pulumi.getter
|
262
|
-
def enabled(self) -> Optional[pulumi.Input[bool]]:
|
295
|
+
def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
|
263
296
|
"""
|
264
297
|
Specifies whether CMPv2 is enabled.
|
265
298
|
"""
|
266
299
|
return pulumi.get(self, "enabled")
|
267
300
|
|
268
301
|
@enabled.setter
|
269
|
-
def enabled(self, value: Optional[pulumi.Input[bool]]):
|
302
|
+
def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
|
270
303
|
pulumi.set(self, "enabled", value)
|
271
304
|
|
272
305
|
@property
|
273
306
|
@pulumi.getter(name="lastUpdated")
|
274
|
-
def last_updated(self) -> Optional[pulumi.Input[str]]:
|
307
|
+
def last_updated(self) -> Optional[pulumi.Input[builtins.str]]:
|
275
308
|
"""
|
276
309
|
A read-only timestamp representing the last time the configuration was updated.
|
277
310
|
"""
|
278
311
|
return pulumi.get(self, "last_updated")
|
279
312
|
|
280
313
|
@last_updated.setter
|
281
|
-
def last_updated(self, value: Optional[pulumi.Input[str]]):
|
314
|
+
def last_updated(self, value: Optional[pulumi.Input[builtins.str]]):
|
282
315
|
pulumi.set(self, "last_updated", value)
|
283
316
|
|
284
317
|
@property
|
285
318
|
@pulumi.getter
|
286
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
319
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
287
320
|
"""
|
288
321
|
The namespace of the target resource.
|
289
322
|
The value should not contain leading or trailing forward slashes.
|
@@ -293,7 +326,7 @@ class _BackendConfigCmpv2State:
|
|
293
326
|
return pulumi.get(self, "namespace")
|
294
327
|
|
295
328
|
@namespace.setter
|
296
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
329
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
297
330
|
pulumi.set(self, "namespace", value)
|
298
331
|
|
299
332
|
|
@@ -302,13 +335,14 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
302
335
|
def __init__(__self__,
|
303
336
|
resource_name: str,
|
304
337
|
opts: Optional[pulumi.ResourceOptions] = None,
|
305
|
-
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
338
|
+
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
306
339
|
authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
|
307
|
-
backend: Optional[pulumi.Input[str]] = None,
|
308
|
-
default_path_policy: Optional[pulumi.Input[str]] = None,
|
309
|
-
|
310
|
-
|
311
|
-
|
340
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
341
|
+
default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
|
342
|
+
disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
343
|
+
enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
|
344
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
345
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
312
346
|
__props__=None):
|
313
347
|
"""
|
314
348
|
Allows setting the CMPv2 configuration on a PKI Secret Backend
|
@@ -325,16 +359,17 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
325
359
|
|
326
360
|
:param str resource_name: The name of the resource.
|
327
361
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
328
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
329
|
-
|
330
|
-
<a id="nestedatt--authenticators"></a>
|
362
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
331
363
|
:param pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
|
332
|
-
:param pulumi.Input[str] backend: The path to the PKI secret backend to
|
364
|
+
:param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
|
333
365
|
read the CMPv2 configuration from, with no leading or trailing `/`s.
|
334
|
-
:param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
335
|
-
:param pulumi.Input[
|
336
|
-
|
337
|
-
|
366
|
+
:param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
367
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
|
368
|
+
|
369
|
+
<a id="nestedatt--authenticators"></a>
|
370
|
+
:param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
|
371
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
|
372
|
+
:param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
|
338
373
|
The value should not contain leading or trailing forward slashes.
|
339
374
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
340
375
|
*Available only for Vault Enterprise*.
|
@@ -373,13 +408,14 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
373
408
|
def _internal_init(__self__,
|
374
409
|
resource_name: str,
|
375
410
|
opts: Optional[pulumi.ResourceOptions] = None,
|
376
|
-
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
411
|
+
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
377
412
|
authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
|
378
|
-
backend: Optional[pulumi.Input[str]] = None,
|
379
|
-
default_path_policy: Optional[pulumi.Input[str]] = None,
|
380
|
-
|
381
|
-
|
382
|
-
|
413
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
414
|
+
default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
|
415
|
+
disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
416
|
+
enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
|
417
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
418
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
383
419
|
__props__=None):
|
384
420
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
385
421
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -395,6 +431,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
395
431
|
raise TypeError("Missing required property 'backend'")
|
396
432
|
__props__.__dict__["backend"] = backend
|
397
433
|
__props__.__dict__["default_path_policy"] = default_path_policy
|
434
|
+
__props__.__dict__["disabled_validations"] = disabled_validations
|
398
435
|
__props__.__dict__["enable_sentinel_parsing"] = enable_sentinel_parsing
|
399
436
|
__props__.__dict__["enabled"] = enabled
|
400
437
|
__props__.__dict__["namespace"] = namespace
|
@@ -409,14 +446,15 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
409
446
|
def get(resource_name: str,
|
410
447
|
id: pulumi.Input[str],
|
411
448
|
opts: Optional[pulumi.ResourceOptions] = None,
|
412
|
-
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
449
|
+
audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
413
450
|
authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
|
414
|
-
backend: Optional[pulumi.Input[str]] = None,
|
415
|
-
default_path_policy: Optional[pulumi.Input[str]] = None,
|
416
|
-
|
417
|
-
|
418
|
-
|
419
|
-
|
451
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
452
|
+
default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
|
453
|
+
disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
454
|
+
enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
|
455
|
+
enabled: Optional[pulumi.Input[builtins.bool]] = None,
|
456
|
+
last_updated: Optional[pulumi.Input[builtins.str]] = None,
|
457
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None) -> 'BackendConfigCmpv2':
|
420
458
|
"""
|
421
459
|
Get an existing BackendConfigCmpv2 resource's state with the given name, id, and optional extra
|
422
460
|
properties used to qualify the lookup.
|
@@ -424,17 +462,18 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
424
462
|
:param str resource_name: The unique name of the resulting resource.
|
425
463
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
426
464
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
427
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
428
|
-
|
429
|
-
<a id="nestedatt--authenticators"></a>
|
465
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
430
466
|
:param pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
|
431
|
-
:param pulumi.Input[str] backend: The path to the PKI secret backend to
|
467
|
+
:param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
|
432
468
|
read the CMPv2 configuration from, with no leading or trailing `/`s.
|
433
|
-
:param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
434
|
-
:param pulumi.Input[
|
435
|
-
|
436
|
-
|
437
|
-
:param pulumi.Input[
|
469
|
+
:param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
470
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
|
471
|
+
|
472
|
+
<a id="nestedatt--authenticators"></a>
|
473
|
+
:param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
|
474
|
+
:param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
|
475
|
+
:param pulumi.Input[builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
|
476
|
+
:param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
|
438
477
|
The value should not contain leading or trailing forward slashes.
|
439
478
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
440
479
|
*Available only for Vault Enterprise*.
|
@@ -447,6 +486,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
447
486
|
__props__.__dict__["authenticators"] = authenticators
|
448
487
|
__props__.__dict__["backend"] = backend
|
449
488
|
__props__.__dict__["default_path_policy"] = default_path_policy
|
489
|
+
__props__.__dict__["disabled_validations"] = disabled_validations
|
450
490
|
__props__.__dict__["enable_sentinel_parsing"] = enable_sentinel_parsing
|
451
491
|
__props__.__dict__["enabled"] = enabled
|
452
492
|
__props__.__dict__["last_updated"] = last_updated
|
@@ -455,11 +495,9 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
455
495
|
|
456
496
|
@property
|
457
497
|
@pulumi.getter(name="auditFields")
|
458
|
-
def audit_fields(self) -> pulumi.Output[Sequence[str]]:
|
498
|
+
def audit_fields(self) -> pulumi.Output[Sequence[builtins.str]]:
|
459
499
|
"""
|
460
500
|
Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
|
461
|
-
|
462
|
-
<a id="nestedatt--authenticators"></a>
|
463
501
|
"""
|
464
502
|
return pulumi.get(self, "audit_fields")
|
465
503
|
|
@@ -473,7 +511,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
473
511
|
|
474
512
|
@property
|
475
513
|
@pulumi.getter
|
476
|
-
def backend(self) -> pulumi.Output[str]:
|
514
|
+
def backend(self) -> pulumi.Output[builtins.str]:
|
477
515
|
"""
|
478
516
|
The path to the PKI secret backend to
|
479
517
|
read the CMPv2 configuration from, with no leading or trailing `/`s.
|
@@ -482,15 +520,25 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
482
520
|
|
483
521
|
@property
|
484
522
|
@pulumi.getter(name="defaultPathPolicy")
|
485
|
-
def default_path_policy(self) -> pulumi.Output[Optional[str]]:
|
523
|
+
def default_path_policy(self) -> pulumi.Output[Optional[builtins.str]]:
|
486
524
|
"""
|
487
525
|
Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
|
488
526
|
"""
|
489
527
|
return pulumi.get(self, "default_path_policy")
|
490
528
|
|
529
|
+
@property
|
530
|
+
@pulumi.getter(name="disabledValidations")
|
531
|
+
def disabled_validations(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
532
|
+
"""
|
533
|
+
A comma-separated list of validations not to perform on CMPv2 messages.
|
534
|
+
|
535
|
+
<a id="nestedatt--authenticators"></a>
|
536
|
+
"""
|
537
|
+
return pulumi.get(self, "disabled_validations")
|
538
|
+
|
491
539
|
@property
|
492
540
|
@pulumi.getter(name="enableSentinelParsing")
|
493
|
-
def enable_sentinel_parsing(self) -> pulumi.Output[Optional[bool]]:
|
541
|
+
def enable_sentinel_parsing(self) -> pulumi.Output[Optional[builtins.bool]]:
|
494
542
|
"""
|
495
543
|
If set, parse out fields from the provided CSR making them available for Sentinel policies.
|
496
544
|
"""
|
@@ -498,7 +546,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
498
546
|
|
499
547
|
@property
|
500
548
|
@pulumi.getter
|
501
|
-
def enabled(self) -> pulumi.Output[Optional[bool]]:
|
549
|
+
def enabled(self) -> pulumi.Output[Optional[builtins.bool]]:
|
502
550
|
"""
|
503
551
|
Specifies whether CMPv2 is enabled.
|
504
552
|
"""
|
@@ -506,7 +554,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
506
554
|
|
507
555
|
@property
|
508
556
|
@pulumi.getter(name="lastUpdated")
|
509
|
-
def last_updated(self) -> pulumi.Output[str]:
|
557
|
+
def last_updated(self) -> pulumi.Output[builtins.str]:
|
510
558
|
"""
|
511
559
|
A read-only timestamp representing the last time the configuration was updated.
|
512
560
|
"""
|
@@ -514,7 +562,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
|
|
514
562
|
|
515
563
|
@property
|
516
564
|
@pulumi.getter
|
517
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
565
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
518
566
|
"""
|
519
567
|
The namespace of the target resource.
|
520
568
|
The value should not contain leading or trailing forward slashes.
|