pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +9 -0
  2. pulumi_vault/_inputs.py +583 -562
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +425 -200
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +523 -306
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +288 -70
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +383 -130
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +432 -186
  38. pulumi_vault/azure/backend_role.py +188 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +3857 -2200
  53. pulumi_vault/database/outputs.py +2483 -1330
  54. pulumi_vault/database/secret_backend_connection.py +333 -112
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +283 -140
  57. pulumi_vault/database/secrets_mount.py +275 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +426 -205
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +420 -179
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +68 -18
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +754 -533
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +720 -499
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +73 -60
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +3 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -36
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +174 -126
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -31
  191. pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +894 -644
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
  203. pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +2 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +96 -95
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +3 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +325 -0
  257. pulumi_vault/transit/get_verify.py +355 -0
  258. pulumi_vault/transit/secret_backend_key.py +394 -231
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
  261. pulumi_vault-6.7.0.dist-info/RECORD +265 -0
  262. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
  263. pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
  264. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -0,0 +1,278 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import builtins
6
+ import copy
7
+ import warnings
8
+ import sys
9
+ import pulumi
10
+ import pulumi.runtime
11
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
12
+ if sys.version_info >= (3, 11):
13
+ from typing import NotRequired, TypedDict, TypeAlias
14
+ else:
15
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
16
+ from .. import _utilities
17
+
18
+ __all__ = [
19
+ 'GetBackendCertMetadataResult',
20
+ 'AwaitableGetBackendCertMetadataResult',
21
+ 'get_backend_cert_metadata',
22
+ 'get_backend_cert_metadata_output',
23
+ ]
24
+
25
+ @pulumi.output_type
26
+ class GetBackendCertMetadataResult:
27
+ """
28
+ A collection of values returned by getBackendCertMetadata.
29
+ """
30
+ def __init__(__self__, cert_metadata=None, expiration=None, id=None, issuer_id=None, namespace=None, path=None, role=None, serial=None, serial_number=None):
31
+ if cert_metadata and not isinstance(cert_metadata, str):
32
+ raise TypeError("Expected argument 'cert_metadata' to be a str")
33
+ pulumi.set(__self__, "cert_metadata", cert_metadata)
34
+ if expiration and not isinstance(expiration, str):
35
+ raise TypeError("Expected argument 'expiration' to be a str")
36
+ pulumi.set(__self__, "expiration", expiration)
37
+ if id and not isinstance(id, str):
38
+ raise TypeError("Expected argument 'id' to be a str")
39
+ pulumi.set(__self__, "id", id)
40
+ if issuer_id and not isinstance(issuer_id, str):
41
+ raise TypeError("Expected argument 'issuer_id' to be a str")
42
+ pulumi.set(__self__, "issuer_id", issuer_id)
43
+ if namespace and not isinstance(namespace, str):
44
+ raise TypeError("Expected argument 'namespace' to be a str")
45
+ pulumi.set(__self__, "namespace", namespace)
46
+ if path and not isinstance(path, str):
47
+ raise TypeError("Expected argument 'path' to be a str")
48
+ pulumi.set(__self__, "path", path)
49
+ if role and not isinstance(role, str):
50
+ raise TypeError("Expected argument 'role' to be a str")
51
+ pulumi.set(__self__, "role", role)
52
+ if serial and not isinstance(serial, str):
53
+ raise TypeError("Expected argument 'serial' to be a str")
54
+ pulumi.set(__self__, "serial", serial)
55
+ if serial_number and not isinstance(serial_number, str):
56
+ raise TypeError("Expected argument 'serial_number' to be a str")
57
+ pulumi.set(__self__, "serial_number", serial_number)
58
+
59
+ @property
60
+ @pulumi.getter(name="certMetadata")
61
+ def cert_metadata(self) -> builtins.str:
62
+ """
63
+ The metadata associated with the certificate
64
+ """
65
+ return pulumi.get(self, "cert_metadata")
66
+
67
+ @property
68
+ @pulumi.getter
69
+ def expiration(self) -> builtins.str:
70
+ """
71
+ The expiration date of the certificate in unix epoch format
72
+ """
73
+ return pulumi.get(self, "expiration")
74
+
75
+ @property
76
+ @pulumi.getter
77
+ def id(self) -> builtins.str:
78
+ """
79
+ The provider-assigned unique ID for this managed resource.
80
+ """
81
+ return pulumi.get(self, "id")
82
+
83
+ @property
84
+ @pulumi.getter(name="issuerId")
85
+ def issuer_id(self) -> builtins.str:
86
+ """
87
+ ID of the issuer.
88
+ """
89
+ return pulumi.get(self, "issuer_id")
90
+
91
+ @property
92
+ @pulumi.getter
93
+ def namespace(self) -> Optional[builtins.str]:
94
+ return pulumi.get(self, "namespace")
95
+
96
+ @property
97
+ @pulumi.getter
98
+ def path(self) -> builtins.str:
99
+ return pulumi.get(self, "path")
100
+
101
+ @property
102
+ @pulumi.getter
103
+ def role(self) -> builtins.str:
104
+ """
105
+ The role used to create the certificate
106
+ """
107
+ return pulumi.get(self, "role")
108
+
109
+ @property
110
+ @pulumi.getter
111
+ def serial(self) -> builtins.str:
112
+ return pulumi.get(self, "serial")
113
+
114
+ @property
115
+ @pulumi.getter(name="serialNumber")
116
+ def serial_number(self) -> builtins.str:
117
+ """
118
+ The serial number
119
+ """
120
+ return pulumi.get(self, "serial_number")
121
+
122
+
123
+ class AwaitableGetBackendCertMetadataResult(GetBackendCertMetadataResult):
124
+ # pylint: disable=using-constant-test
125
+ def __await__(self):
126
+ if False:
127
+ yield self
128
+ return GetBackendCertMetadataResult(
129
+ cert_metadata=self.cert_metadata,
130
+ expiration=self.expiration,
131
+ id=self.id,
132
+ issuer_id=self.issuer_id,
133
+ namespace=self.namespace,
134
+ path=self.path,
135
+ role=self.role,
136
+ serial=self.serial,
137
+ serial_number=self.serial_number)
138
+
139
+
140
+ def get_backend_cert_metadata(namespace: Optional[builtins.str] = None,
141
+ path: Optional[builtins.str] = None,
142
+ serial: Optional[builtins.str] = None,
143
+ opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendCertMetadataResult:
144
+ """
145
+ ## Example Usage
146
+
147
+ ```python
148
+ import pulumi
149
+ import pulumi_vault as vault
150
+
151
+ pki = vault.Mount("pki",
152
+ path="pki",
153
+ type="pki",
154
+ description="PKI secret engine mount")
155
+ root = vault.pki_secret.SecretBackendRootCert("root",
156
+ backend=pki.path,
157
+ type="internal",
158
+ common_name="example",
159
+ ttl="86400",
160
+ issuer_name="example")
161
+ test_secret_backend_role = vault.pki_secret.SecretBackendRole("test",
162
+ backend=test_vault_pki_secret_backend_root_cert["backend"],
163
+ name="test",
164
+ allowed_domains=["test.my.domain"],
165
+ allow_subdomains=True,
166
+ max_ttl="3600",
167
+ key_usages=[
168
+ "DigitalSignature",
169
+ "KeyAgreement",
170
+ "KeyEncipherment",
171
+ ],
172
+ no_store_metadata=False)
173
+ test_secret_backend_cert = vault.pki_secret.SecretBackendCert("test",
174
+ backend=test_secret_backend_role.backend,
175
+ name=test_secret_backend_role.name,
176
+ common_name="cert.test.my.domain",
177
+ ttl="720h",
178
+ min_seconds_remaining=60,
179
+ cert_metadata="dGVzdCBtZXRhZGF0YQ==")
180
+ test = test_secret_backend_cert.serial_number.apply(lambda serial_number: vault.pkiSecret.get_backend_cert_metadata_output(path=test_root["path"],
181
+ serial=serial_number))
182
+ ```
183
+
184
+
185
+ :param builtins.str namespace: The namespace of the target resource.
186
+ The value should not contain leading or trailing forward slashes.
187
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
188
+ *Available only for Vault Enterprise*.
189
+ :param builtins.str path: The path to the PKI secret backend to
190
+ read the cert metadata from, with no leading or trailing `/`s.
191
+ :param builtins.str serial: Specifies the serial of the certificate whose metadata to read.
192
+ """
193
+ __args__ = dict()
194
+ __args__['namespace'] = namespace
195
+ __args__['path'] = path
196
+ __args__['serial'] = serial
197
+ opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
198
+ __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendCertMetadata:getBackendCertMetadata', __args__, opts=opts, typ=GetBackendCertMetadataResult).value
199
+
200
+ return AwaitableGetBackendCertMetadataResult(
201
+ cert_metadata=pulumi.get(__ret__, 'cert_metadata'),
202
+ expiration=pulumi.get(__ret__, 'expiration'),
203
+ id=pulumi.get(__ret__, 'id'),
204
+ issuer_id=pulumi.get(__ret__, 'issuer_id'),
205
+ namespace=pulumi.get(__ret__, 'namespace'),
206
+ path=pulumi.get(__ret__, 'path'),
207
+ role=pulumi.get(__ret__, 'role'),
208
+ serial=pulumi.get(__ret__, 'serial'),
209
+ serial_number=pulumi.get(__ret__, 'serial_number'))
210
+ def get_backend_cert_metadata_output(namespace: Optional[pulumi.Input[Optional[builtins.str]]] = None,
211
+ path: Optional[pulumi.Input[builtins.str]] = None,
212
+ serial: Optional[pulumi.Input[builtins.str]] = None,
213
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetBackendCertMetadataResult]:
214
+ """
215
+ ## Example Usage
216
+
217
+ ```python
218
+ import pulumi
219
+ import pulumi_vault as vault
220
+
221
+ pki = vault.Mount("pki",
222
+ path="pki",
223
+ type="pki",
224
+ description="PKI secret engine mount")
225
+ root = vault.pki_secret.SecretBackendRootCert("root",
226
+ backend=pki.path,
227
+ type="internal",
228
+ common_name="example",
229
+ ttl="86400",
230
+ issuer_name="example")
231
+ test_secret_backend_role = vault.pki_secret.SecretBackendRole("test",
232
+ backend=test_vault_pki_secret_backend_root_cert["backend"],
233
+ name="test",
234
+ allowed_domains=["test.my.domain"],
235
+ allow_subdomains=True,
236
+ max_ttl="3600",
237
+ key_usages=[
238
+ "DigitalSignature",
239
+ "KeyAgreement",
240
+ "KeyEncipherment",
241
+ ],
242
+ no_store_metadata=False)
243
+ test_secret_backend_cert = vault.pki_secret.SecretBackendCert("test",
244
+ backend=test_secret_backend_role.backend,
245
+ name=test_secret_backend_role.name,
246
+ common_name="cert.test.my.domain",
247
+ ttl="720h",
248
+ min_seconds_remaining=60,
249
+ cert_metadata="dGVzdCBtZXRhZGF0YQ==")
250
+ test = test_secret_backend_cert.serial_number.apply(lambda serial_number: vault.pkiSecret.get_backend_cert_metadata_output(path=test_root["path"],
251
+ serial=serial_number))
252
+ ```
253
+
254
+
255
+ :param builtins.str namespace: The namespace of the target resource.
256
+ The value should not contain leading or trailing forward slashes.
257
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
258
+ *Available only for Vault Enterprise*.
259
+ :param builtins.str path: The path to the PKI secret backend to
260
+ read the cert metadata from, with no leading or trailing `/`s.
261
+ :param builtins.str serial: Specifies the serial of the certificate whose metadata to read.
262
+ """
263
+ __args__ = dict()
264
+ __args__['namespace'] = namespace
265
+ __args__['path'] = path
266
+ __args__['serial'] = serial
267
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
268
+ __ret__ = pulumi.runtime.invoke_output('vault:pkiSecret/getBackendCertMetadata:getBackendCertMetadata', __args__, opts=opts, typ=GetBackendCertMetadataResult)
269
+ return __ret__.apply(lambda __response__: GetBackendCertMetadataResult(
270
+ cert_metadata=pulumi.get(__response__, 'cert_metadata'),
271
+ expiration=pulumi.get(__response__, 'expiration'),
272
+ id=pulumi.get(__response__, 'id'),
273
+ issuer_id=pulumi.get(__response__, 'issuer_id'),
274
+ namespace=pulumi.get(__response__, 'namespace'),
275
+ path=pulumi.get(__response__, 'path'),
276
+ role=pulumi.get(__response__, 'role'),
277
+ serial=pulumi.get(__response__, 'serial'),
278
+ serial_number=pulumi.get(__response__, 'serial_number')))
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -27,7 +28,7 @@ class GetBackendConfigCmpv2Result:
27
28
  """
28
29
  A collection of values returned by getBackendConfigCmpv2.
29
30
  """
30
- def __init__(__self__, audit_fields=None, authenticators=None, backend=None, default_path_policy=None, enable_sentinel_parsing=None, enabled=None, id=None, last_updated=None, namespace=None):
31
+ def __init__(__self__, audit_fields=None, authenticators=None, backend=None, default_path_policy=None, disabled_validations=None, enable_sentinel_parsing=None, enabled=None, id=None, last_updated=None, namespace=None):
31
32
  if audit_fields and not isinstance(audit_fields, list):
32
33
  raise TypeError("Expected argument 'audit_fields' to be a list")
33
34
  pulumi.set(__self__, "audit_fields", audit_fields)
@@ -40,6 +41,9 @@ class GetBackendConfigCmpv2Result:
40
41
  if default_path_policy and not isinstance(default_path_policy, str):
41
42
  raise TypeError("Expected argument 'default_path_policy' to be a str")
42
43
  pulumi.set(__self__, "default_path_policy", default_path_policy)
44
+ if disabled_validations and not isinstance(disabled_validations, list):
45
+ raise TypeError("Expected argument 'disabled_validations' to be a list")
46
+ pulumi.set(__self__, "disabled_validations", disabled_validations)
43
47
  if enable_sentinel_parsing and not isinstance(enable_sentinel_parsing, bool):
44
48
  raise TypeError("Expected argument 'enable_sentinel_parsing' to be a bool")
45
49
  pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
@@ -58,7 +62,7 @@ class GetBackendConfigCmpv2Result:
58
62
 
59
63
  @property
60
64
  @pulumi.getter(name="auditFields")
61
- def audit_fields(self) -> Sequence[str]:
65
+ def audit_fields(self) -> Sequence[builtins.str]:
62
66
  return pulumi.get(self, "audit_fields")
63
67
 
64
68
  @property
@@ -68,27 +72,32 @@ class GetBackendConfigCmpv2Result:
68
72
 
69
73
  @property
70
74
  @pulumi.getter
71
- def backend(self) -> str:
75
+ def backend(self) -> builtins.str:
72
76
  return pulumi.get(self, "backend")
73
77
 
74
78
  @property
75
79
  @pulumi.getter(name="defaultPathPolicy")
76
- def default_path_policy(self) -> str:
80
+ def default_path_policy(self) -> builtins.str:
77
81
  return pulumi.get(self, "default_path_policy")
78
82
 
83
+ @property
84
+ @pulumi.getter(name="disabledValidations")
85
+ def disabled_validations(self) -> Optional[Sequence[builtins.str]]:
86
+ return pulumi.get(self, "disabled_validations")
87
+
79
88
  @property
80
89
  @pulumi.getter(name="enableSentinelParsing")
81
- def enable_sentinel_parsing(self) -> bool:
90
+ def enable_sentinel_parsing(self) -> builtins.bool:
82
91
  return pulumi.get(self, "enable_sentinel_parsing")
83
92
 
84
93
  @property
85
94
  @pulumi.getter
86
- def enabled(self) -> bool:
95
+ def enabled(self) -> builtins.bool:
87
96
  return pulumi.get(self, "enabled")
88
97
 
89
98
  @property
90
99
  @pulumi.getter
91
- def id(self) -> str:
100
+ def id(self) -> builtins.str:
92
101
  """
93
102
  The provider-assigned unique ID for this managed resource.
94
103
  """
@@ -96,12 +105,12 @@ class GetBackendConfigCmpv2Result:
96
105
 
97
106
  @property
98
107
  @pulumi.getter(name="lastUpdated")
99
- def last_updated(self) -> str:
108
+ def last_updated(self) -> builtins.str:
100
109
  return pulumi.get(self, "last_updated")
101
110
 
102
111
  @property
103
112
  @pulumi.getter
104
- def namespace(self) -> Optional[str]:
113
+ def namespace(self) -> Optional[builtins.str]:
105
114
  return pulumi.get(self, "namespace")
106
115
 
107
116
 
@@ -115,6 +124,7 @@ class AwaitableGetBackendConfigCmpv2Result(GetBackendConfigCmpv2Result):
115
124
  authenticators=self.authenticators,
116
125
  backend=self.backend,
117
126
  default_path_policy=self.default_path_policy,
127
+ disabled_validations=self.disabled_validations,
118
128
  enable_sentinel_parsing=self.enable_sentinel_parsing,
119
129
  enabled=self.enabled,
120
130
  id=self.id,
@@ -122,8 +132,9 @@ class AwaitableGetBackendConfigCmpv2Result(GetBackendConfigCmpv2Result):
122
132
  namespace=self.namespace)
123
133
 
124
134
 
125
- def get_backend_config_cmpv2(backend: Optional[str] = None,
126
- namespace: Optional[str] = None,
135
+ def get_backend_config_cmpv2(backend: Optional[builtins.str] = None,
136
+ disabled_validations: Optional[Sequence[builtins.str]] = None,
137
+ namespace: Optional[builtins.str] = None,
127
138
  opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendConfigCmpv2Result:
128
139
  """
129
140
  ## Example Usage
@@ -140,17 +151,19 @@ def get_backend_config_cmpv2(backend: Optional[str] = None,
140
151
  ```
141
152
 
142
153
 
143
- :param str backend: The path to the PKI secret backend to
154
+ :param builtins.str backend: The path to the PKI secret backend to
144
155
  read the CMPv2 configuration from, with no leading or trailing `/`s.
145
156
 
146
157
  # Attributes Reference
147
- :param str namespace: The namespace of the target resource.
158
+ :param Sequence[builtins.str] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
159
+ :param builtins.str namespace: The namespace of the target resource.
148
160
  The value should not contain leading or trailing forward slashes.
149
161
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
150
162
  *Available only for Vault Enterprise*.
151
163
  """
152
164
  __args__ = dict()
153
165
  __args__['backend'] = backend
166
+ __args__['disabledValidations'] = disabled_validations
154
167
  __args__['namespace'] = namespace
155
168
  opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
156
169
  __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendConfigCmpv2:getBackendConfigCmpv2', __args__, opts=opts, typ=GetBackendConfigCmpv2Result).value
@@ -160,13 +173,15 @@ def get_backend_config_cmpv2(backend: Optional[str] = None,
160
173
  authenticators=pulumi.get(__ret__, 'authenticators'),
161
174
  backend=pulumi.get(__ret__, 'backend'),
162
175
  default_path_policy=pulumi.get(__ret__, 'default_path_policy'),
176
+ disabled_validations=pulumi.get(__ret__, 'disabled_validations'),
163
177
  enable_sentinel_parsing=pulumi.get(__ret__, 'enable_sentinel_parsing'),
164
178
  enabled=pulumi.get(__ret__, 'enabled'),
165
179
  id=pulumi.get(__ret__, 'id'),
166
180
  last_updated=pulumi.get(__ret__, 'last_updated'),
167
181
  namespace=pulumi.get(__ret__, 'namespace'))
168
- def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
169
- namespace: Optional[pulumi.Input[Optional[str]]] = None,
182
+ def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[builtins.str]] = None,
183
+ disabled_validations: Optional[pulumi.Input[Optional[Sequence[builtins.str]]]] = None,
184
+ namespace: Optional[pulumi.Input[Optional[builtins.str]]] = None,
170
185
  opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetBackendConfigCmpv2Result]:
171
186
  """
172
187
  ## Example Usage
@@ -183,17 +198,19 @@ def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
183
198
  ```
184
199
 
185
200
 
186
- :param str backend: The path to the PKI secret backend to
201
+ :param builtins.str backend: The path to the PKI secret backend to
187
202
  read the CMPv2 configuration from, with no leading or trailing `/`s.
188
203
 
189
204
  # Attributes Reference
190
- :param str namespace: The namespace of the target resource.
205
+ :param Sequence[builtins.str] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
206
+ :param builtins.str namespace: The namespace of the target resource.
191
207
  The value should not contain leading or trailing forward slashes.
192
208
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
193
209
  *Available only for Vault Enterprise*.
194
210
  """
195
211
  __args__ = dict()
196
212
  __args__['backend'] = backend
213
+ __args__['disabledValidations'] = disabled_validations
197
214
  __args__['namespace'] = namespace
198
215
  opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
199
216
  __ret__ = pulumi.runtime.invoke_output('vault:pkiSecret/getBackendConfigCmpv2:getBackendConfigCmpv2', __args__, opts=opts, typ=GetBackendConfigCmpv2Result)
@@ -202,6 +219,7 @@ def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
202
219
  authenticators=pulumi.get(__response__, 'authenticators'),
203
220
  backend=pulumi.get(__response__, 'backend'),
204
221
  default_path_policy=pulumi.get(__response__, 'default_path_policy'),
222
+ disabled_validations=pulumi.get(__response__, 'disabled_validations'),
205
223
  enable_sentinel_parsing=pulumi.get(__response__, 'enable_sentinel_parsing'),
206
224
  enabled=pulumi.get(__response__, 'enabled'),
207
225
  id=pulumi.get(__response__, 'id'),
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -64,7 +65,7 @@ class GetBackendConfigEstResult:
64
65
 
65
66
  @property
66
67
  @pulumi.getter(name="auditFields")
67
- def audit_fields(self) -> Sequence[str]:
68
+ def audit_fields(self) -> Sequence[builtins.str]:
68
69
  """
69
70
  Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
70
71
  """
@@ -80,12 +81,12 @@ class GetBackendConfigEstResult:
80
81
 
81
82
  @property
82
83
  @pulumi.getter
83
- def backend(self) -> str:
84
+ def backend(self) -> builtins.str:
84
85
  return pulumi.get(self, "backend")
85
86
 
86
87
  @property
87
88
  @pulumi.getter(name="defaultMount")
88
- def default_mount(self) -> bool:
89
+ def default_mount(self) -> builtins.bool:
89
90
  """
90
91
  If set, this mount is registered as the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
91
92
  """
@@ -93,7 +94,7 @@ class GetBackendConfigEstResult:
93
94
 
94
95
  @property
95
96
  @pulumi.getter(name="defaultPathPolicy")
96
- def default_path_policy(self) -> str:
97
+ def default_path_policy(self) -> builtins.str:
97
98
  """
98
99
  Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
99
100
  """
@@ -101,7 +102,7 @@ class GetBackendConfigEstResult:
101
102
 
102
103
  @property
103
104
  @pulumi.getter(name="enableSentinelParsing")
104
- def enable_sentinel_parsing(self) -> bool:
105
+ def enable_sentinel_parsing(self) -> builtins.bool:
105
106
  """
106
107
  If set, parse out fields from the provided CSR making them available for Sentinel policies.
107
108
  """
@@ -109,7 +110,7 @@ class GetBackendConfigEstResult:
109
110
 
110
111
  @property
111
112
  @pulumi.getter
112
- def enabled(self) -> bool:
113
+ def enabled(self) -> builtins.bool:
113
114
  """
114
115
  Specifies whether EST is enabled.
115
116
  """
@@ -117,7 +118,7 @@ class GetBackendConfigEstResult:
117
118
 
118
119
  @property
119
120
  @pulumi.getter
120
- def id(self) -> str:
121
+ def id(self) -> builtins.str:
121
122
  """
122
123
  The provider-assigned unique ID for this managed resource.
123
124
  """
@@ -125,7 +126,7 @@ class GetBackendConfigEstResult:
125
126
 
126
127
  @property
127
128
  @pulumi.getter(name="labelToPathPolicy")
128
- def label_to_path_policy(self) -> Mapping[str, str]:
129
+ def label_to_path_policy(self) -> Mapping[str, builtins.str]:
129
130
  """
130
131
  A pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
131
132
  """
@@ -133,7 +134,7 @@ class GetBackendConfigEstResult:
133
134
 
134
135
  @property
135
136
  @pulumi.getter(name="lastUpdated")
136
- def last_updated(self) -> str:
137
+ def last_updated(self) -> builtins.str:
137
138
  """
138
139
  A read-only timestamp representing the last time the configuration was updated.
139
140
  """
@@ -141,7 +142,7 @@ class GetBackendConfigEstResult:
141
142
 
142
143
  @property
143
144
  @pulumi.getter
144
- def namespace(self) -> Optional[str]:
145
+ def namespace(self) -> Optional[builtins.str]:
145
146
  return pulumi.get(self, "namespace")
146
147
 
147
148
 
@@ -164,8 +165,8 @@ class AwaitableGetBackendConfigEstResult(GetBackendConfigEstResult):
164
165
  namespace=self.namespace)
165
166
 
166
167
 
167
- def get_backend_config_est(backend: Optional[str] = None,
168
- namespace: Optional[str] = None,
168
+ def get_backend_config_est(backend: Optional[builtins.str] = None,
169
+ namespace: Optional[builtins.str] = None,
169
170
  opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendConfigEstResult:
170
171
  """
171
172
  ## Example Usage
@@ -182,9 +183,9 @@ def get_backend_config_est(backend: Optional[str] = None,
182
183
  ```
183
184
 
184
185
 
185
- :param str backend: The path to the PKI secret backend to
186
+ :param builtins.str backend: The path to the PKI secret backend to
186
187
  read the EST configuration from, with no leading or trailing `/`s.
187
- :param str namespace: The namespace of the target resource.
188
+ :param builtins.str namespace: The namespace of the target resource.
188
189
  The value should not contain leading or trailing forward slashes.
189
190
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
190
191
  *Available only for Vault Enterprise*.
@@ -207,8 +208,8 @@ def get_backend_config_est(backend: Optional[str] = None,
207
208
  label_to_path_policy=pulumi.get(__ret__, 'label_to_path_policy'),
208
209
  last_updated=pulumi.get(__ret__, 'last_updated'),
209
210
  namespace=pulumi.get(__ret__, 'namespace'))
210
- def get_backend_config_est_output(backend: Optional[pulumi.Input[str]] = None,
211
- namespace: Optional[pulumi.Input[Optional[str]]] = None,
211
+ def get_backend_config_est_output(backend: Optional[pulumi.Input[builtins.str]] = None,
212
+ namespace: Optional[pulumi.Input[Optional[builtins.str]]] = None,
212
213
  opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetBackendConfigEstResult]:
213
214
  """
214
215
  ## Example Usage
@@ -225,9 +226,9 @@ def get_backend_config_est_output(backend: Optional[pulumi.Input[str]] = None,
225
226
  ```
226
227
 
227
228
 
228
- :param str backend: The path to the PKI secret backend to
229
+ :param builtins.str backend: The path to the PKI secret backend to
229
230
  read the EST configuration from, with no leading or trailing `/`s.
230
- :param str namespace: The namespace of the target resource.
231
+ :param builtins.str namespace: The namespace of the target resource.
231
232
  The value should not contain leading or trailing forward slashes.
232
233
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
233
234
  *Available only for Vault Enterprise*.