pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +9 -0
  2. pulumi_vault/_inputs.py +583 -562
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +425 -200
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +523 -306
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +288 -70
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +383 -130
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +432 -186
  38. pulumi_vault/azure/backend_role.py +188 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +3857 -2200
  53. pulumi_vault/database/outputs.py +2483 -1330
  54. pulumi_vault/database/secret_backend_connection.py +333 -112
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +283 -140
  57. pulumi_vault/database/secrets_mount.py +275 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +426 -205
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +420 -179
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +68 -18
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +754 -533
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +720 -499
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +73 -60
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +3 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -36
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +174 -126
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -31
  191. pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +894 -644
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
  203. pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +2 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +96 -95
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +3 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +325 -0
  257. pulumi_vault/transit/get_verify.py +355 -0
  258. pulumi_vault/transit/secret_backend_key.py +394 -231
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
  261. pulumi_vault-6.7.0.dist-info/RECORD +265 -0
  262. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
  263. pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
  264. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,45 +20,51 @@ __all__ = ['SecretBackendCertArgs', 'SecretBackendCert']
19
20
  @pulumi.input_type
20
21
  class SecretBackendCertArgs:
21
22
  def __init__(__self__, *,
22
- backend: pulumi.Input[str],
23
- common_name: pulumi.Input[str],
24
- alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
25
- auto_renew: Optional[pulumi.Input[bool]] = None,
26
- exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
27
- format: Optional[pulumi.Input[str]] = None,
28
- ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
29
- issuer_ref: Optional[pulumi.Input[str]] = None,
30
- min_seconds_remaining: Optional[pulumi.Input[int]] = None,
31
- name: Optional[pulumi.Input[str]] = None,
32
- namespace: Optional[pulumi.Input[str]] = None,
33
- other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
34
- private_key_format: Optional[pulumi.Input[str]] = None,
35
- revoke: Optional[pulumi.Input[bool]] = None,
36
- ttl: Optional[pulumi.Input[str]] = None,
37
- uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
38
- user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
23
+ backend: pulumi.Input[builtins.str],
24
+ common_name: pulumi.Input[builtins.str],
25
+ alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
26
+ auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
27
+ cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
28
+ exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
29
+ format: Optional[pulumi.Input[builtins.str]] = None,
30
+ ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
31
+ issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
32
+ min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
33
+ name: Optional[pulumi.Input[builtins.str]] = None,
34
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
35
+ not_after: Optional[pulumi.Input[builtins.str]] = None,
36
+ other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
37
+ private_key_format: Optional[pulumi.Input[builtins.str]] = None,
38
+ revoke: Optional[pulumi.Input[builtins.bool]] = None,
39
+ revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
40
+ ttl: Optional[pulumi.Input[builtins.str]] = None,
41
+ uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
42
+ user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None):
39
43
  """
40
44
  The set of arguments for constructing a SecretBackendCert resource.
41
- :param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
42
- :param pulumi.Input[str] common_name: CN of certificate to create
43
- :param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
44
- :param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
45
- :param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
46
- :param pulumi.Input[str] format: The format of data
47
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
48
- :param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request.
49
- :param pulumi.Input[int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
50
- :param pulumi.Input[str] name: Name of the role to create the certificate against
51
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
45
+ :param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
46
+ :param pulumi.Input[builtins.str] common_name: CN of certificate to create
47
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
48
+ :param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
49
+ :param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
50
+ :param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
51
+ :param pulumi.Input[builtins.str] format: The format of data
52
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
53
+ :param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
54
+ :param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
55
+ :param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
56
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
52
57
  The value should not contain leading or trailing forward slashes.
53
58
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
54
59
  *Available only for Vault Enterprise*.
55
- :param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
56
- :param pulumi.Input[str] private_key_format: The private key format
57
- :param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
58
- :param pulumi.Input[str] ttl: Time to live
59
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
60
- :param pulumi.Input[Sequence[pulumi.Input[str]]] user_ids: List of Subject User IDs
60
+ :param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
61
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
62
+ :param pulumi.Input[builtins.str] private_key_format: The private key format
63
+ :param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
64
+ :param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
65
+ :param pulumi.Input[builtins.str] ttl: Time to live
66
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
67
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
61
68
  """
62
69
  pulumi.set(__self__, "backend", backend)
63
70
  pulumi.set(__self__, "common_name", common_name)
@@ -65,6 +72,8 @@ class SecretBackendCertArgs:
65
72
  pulumi.set(__self__, "alt_names", alt_names)
66
73
  if auto_renew is not None:
67
74
  pulumi.set(__self__, "auto_renew", auto_renew)
75
+ if cert_metadata is not None:
76
+ pulumi.set(__self__, "cert_metadata", cert_metadata)
68
77
  if exclude_cn_from_sans is not None:
69
78
  pulumi.set(__self__, "exclude_cn_from_sans", exclude_cn_from_sans)
70
79
  if format is not None:
@@ -79,12 +88,16 @@ class SecretBackendCertArgs:
79
88
  pulumi.set(__self__, "name", name)
80
89
  if namespace is not None:
81
90
  pulumi.set(__self__, "namespace", namespace)
91
+ if not_after is not None:
92
+ pulumi.set(__self__, "not_after", not_after)
82
93
  if other_sans is not None:
83
94
  pulumi.set(__self__, "other_sans", other_sans)
84
95
  if private_key_format is not None:
85
96
  pulumi.set(__self__, "private_key_format", private_key_format)
86
97
  if revoke is not None:
87
98
  pulumi.set(__self__, "revoke", revoke)
99
+ if revoke_with_key is not None:
100
+ pulumi.set(__self__, "revoke_with_key", revoke_with_key)
88
101
  if ttl is not None:
89
102
  pulumi.set(__self__, "ttl", ttl)
90
103
  if uri_sans is not None:
@@ -94,127 +107,139 @@ class SecretBackendCertArgs:
94
107
 
95
108
  @property
96
109
  @pulumi.getter
97
- def backend(self) -> pulumi.Input[str]:
110
+ def backend(self) -> pulumi.Input[builtins.str]:
98
111
  """
99
112
  The PKI secret backend the resource belongs to.
100
113
  """
101
114
  return pulumi.get(self, "backend")
102
115
 
103
116
  @backend.setter
104
- def backend(self, value: pulumi.Input[str]):
117
+ def backend(self, value: pulumi.Input[builtins.str]):
105
118
  pulumi.set(self, "backend", value)
106
119
 
107
120
  @property
108
121
  @pulumi.getter(name="commonName")
109
- def common_name(self) -> pulumi.Input[str]:
122
+ def common_name(self) -> pulumi.Input[builtins.str]:
110
123
  """
111
124
  CN of certificate to create
112
125
  """
113
126
  return pulumi.get(self, "common_name")
114
127
 
115
128
  @common_name.setter
116
- def common_name(self, value: pulumi.Input[str]):
129
+ def common_name(self, value: pulumi.Input[builtins.str]):
117
130
  pulumi.set(self, "common_name", value)
118
131
 
119
132
  @property
120
133
  @pulumi.getter(name="altNames")
121
- def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
134
+ def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
122
135
  """
123
136
  List of alternative names
124
137
  """
125
138
  return pulumi.get(self, "alt_names")
126
139
 
127
140
  @alt_names.setter
128
- def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
141
+ def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
129
142
  pulumi.set(self, "alt_names", value)
130
143
 
131
144
  @property
132
145
  @pulumi.getter(name="autoRenew")
133
- def auto_renew(self) -> Optional[pulumi.Input[bool]]:
146
+ def auto_renew(self) -> Optional[pulumi.Input[builtins.bool]]:
134
147
  """
135
148
  If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
136
149
  """
137
150
  return pulumi.get(self, "auto_renew")
138
151
 
139
152
  @auto_renew.setter
140
- def auto_renew(self, value: Optional[pulumi.Input[bool]]):
153
+ def auto_renew(self, value: Optional[pulumi.Input[builtins.bool]]):
141
154
  pulumi.set(self, "auto_renew", value)
142
155
 
156
+ @property
157
+ @pulumi.getter(name="certMetadata")
158
+ def cert_metadata(self) -> Optional[pulumi.Input[builtins.str]]:
159
+ """
160
+ A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
161
+ """
162
+ return pulumi.get(self, "cert_metadata")
163
+
164
+ @cert_metadata.setter
165
+ def cert_metadata(self, value: Optional[pulumi.Input[builtins.str]]):
166
+ pulumi.set(self, "cert_metadata", value)
167
+
143
168
  @property
144
169
  @pulumi.getter(name="excludeCnFromSans")
145
- def exclude_cn_from_sans(self) -> Optional[pulumi.Input[bool]]:
170
+ def exclude_cn_from_sans(self) -> Optional[pulumi.Input[builtins.bool]]:
146
171
  """
147
172
  Flag to exclude CN from SANs
148
173
  """
149
174
  return pulumi.get(self, "exclude_cn_from_sans")
150
175
 
151
176
  @exclude_cn_from_sans.setter
152
- def exclude_cn_from_sans(self, value: Optional[pulumi.Input[bool]]):
177
+ def exclude_cn_from_sans(self, value: Optional[pulumi.Input[builtins.bool]]):
153
178
  pulumi.set(self, "exclude_cn_from_sans", value)
154
179
 
155
180
  @property
156
181
  @pulumi.getter
157
- def format(self) -> Optional[pulumi.Input[str]]:
182
+ def format(self) -> Optional[pulumi.Input[builtins.str]]:
158
183
  """
159
184
  The format of data
160
185
  """
161
186
  return pulumi.get(self, "format")
162
187
 
163
188
  @format.setter
164
- def format(self, value: Optional[pulumi.Input[str]]):
189
+ def format(self, value: Optional[pulumi.Input[builtins.str]]):
165
190
  pulumi.set(self, "format", value)
166
191
 
167
192
  @property
168
193
  @pulumi.getter(name="ipSans")
169
- def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
194
+ def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
170
195
  """
171
196
  List of alternative IPs
172
197
  """
173
198
  return pulumi.get(self, "ip_sans")
174
199
 
175
200
  @ip_sans.setter
176
- def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
201
+ def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
177
202
  pulumi.set(self, "ip_sans", value)
178
203
 
179
204
  @property
180
205
  @pulumi.getter(name="issuerRef")
181
- def issuer_ref(self) -> Optional[pulumi.Input[str]]:
206
+ def issuer_ref(self) -> Optional[pulumi.Input[builtins.str]]:
182
207
  """
183
208
  Specifies the default issuer of this request.
184
209
  """
185
210
  return pulumi.get(self, "issuer_ref")
186
211
 
187
212
  @issuer_ref.setter
188
- def issuer_ref(self, value: Optional[pulumi.Input[str]]):
213
+ def issuer_ref(self, value: Optional[pulumi.Input[builtins.str]]):
189
214
  pulumi.set(self, "issuer_ref", value)
190
215
 
191
216
  @property
192
217
  @pulumi.getter(name="minSecondsRemaining")
193
- def min_seconds_remaining(self) -> Optional[pulumi.Input[int]]:
218
+ def min_seconds_remaining(self) -> Optional[pulumi.Input[builtins.int]]:
194
219
  """
195
220
  Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
196
221
  """
197
222
  return pulumi.get(self, "min_seconds_remaining")
198
223
 
199
224
  @min_seconds_remaining.setter
200
- def min_seconds_remaining(self, value: Optional[pulumi.Input[int]]):
225
+ def min_seconds_remaining(self, value: Optional[pulumi.Input[builtins.int]]):
201
226
  pulumi.set(self, "min_seconds_remaining", value)
202
227
 
203
228
  @property
204
229
  @pulumi.getter
205
- def name(self) -> Optional[pulumi.Input[str]]:
230
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
206
231
  """
207
232
  Name of the role to create the certificate against
208
233
  """
209
234
  return pulumi.get(self, "name")
210
235
 
211
236
  @name.setter
212
- def name(self, value: Optional[pulumi.Input[str]]):
237
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
213
238
  pulumi.set(self, "name", value)
214
239
 
215
240
  @property
216
241
  @pulumi.getter
217
- def namespace(self) -> Optional[pulumi.Input[str]]:
242
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
218
243
  """
219
244
  The namespace to provision the resource in.
220
245
  The value should not contain leading or trailing forward slashes.
@@ -224,140 +249,170 @@ class SecretBackendCertArgs:
224
249
  return pulumi.get(self, "namespace")
225
250
 
226
251
  @namespace.setter
227
- def namespace(self, value: Optional[pulumi.Input[str]]):
252
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
228
253
  pulumi.set(self, "namespace", value)
229
254
 
255
+ @property
256
+ @pulumi.getter(name="notAfter")
257
+ def not_after(self) -> Optional[pulumi.Input[builtins.str]]:
258
+ """
259
+ Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
260
+ """
261
+ return pulumi.get(self, "not_after")
262
+
263
+ @not_after.setter
264
+ def not_after(self, value: Optional[pulumi.Input[builtins.str]]):
265
+ pulumi.set(self, "not_after", value)
266
+
230
267
  @property
231
268
  @pulumi.getter(name="otherSans")
232
- def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
269
+ def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
233
270
  """
234
271
  List of other SANs
235
272
  """
236
273
  return pulumi.get(self, "other_sans")
237
274
 
238
275
  @other_sans.setter
239
- def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
276
+ def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
240
277
  pulumi.set(self, "other_sans", value)
241
278
 
242
279
  @property
243
280
  @pulumi.getter(name="privateKeyFormat")
244
- def private_key_format(self) -> Optional[pulumi.Input[str]]:
281
+ def private_key_format(self) -> Optional[pulumi.Input[builtins.str]]:
245
282
  """
246
283
  The private key format
247
284
  """
248
285
  return pulumi.get(self, "private_key_format")
249
286
 
250
287
  @private_key_format.setter
251
- def private_key_format(self, value: Optional[pulumi.Input[str]]):
288
+ def private_key_format(self, value: Optional[pulumi.Input[builtins.str]]):
252
289
  pulumi.set(self, "private_key_format", value)
253
290
 
254
291
  @property
255
292
  @pulumi.getter
256
- def revoke(self) -> Optional[pulumi.Input[bool]]:
293
+ def revoke(self) -> Optional[pulumi.Input[builtins.bool]]:
257
294
  """
258
- If set to `true`, the certificate will be revoked on resource destruction.
295
+ If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
259
296
  """
260
297
  return pulumi.get(self, "revoke")
261
298
 
262
299
  @revoke.setter
263
- def revoke(self, value: Optional[pulumi.Input[bool]]):
300
+ def revoke(self, value: Optional[pulumi.Input[builtins.bool]]):
264
301
  pulumi.set(self, "revoke", value)
265
302
 
303
+ @property
304
+ @pulumi.getter(name="revokeWithKey")
305
+ def revoke_with_key(self) -> Optional[pulumi.Input[builtins.bool]]:
306
+ """
307
+ If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
308
+ """
309
+ return pulumi.get(self, "revoke_with_key")
310
+
311
+ @revoke_with_key.setter
312
+ def revoke_with_key(self, value: Optional[pulumi.Input[builtins.bool]]):
313
+ pulumi.set(self, "revoke_with_key", value)
314
+
266
315
  @property
267
316
  @pulumi.getter
268
- def ttl(self) -> Optional[pulumi.Input[str]]:
317
+ def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
269
318
  """
270
319
  Time to live
271
320
  """
272
321
  return pulumi.get(self, "ttl")
273
322
 
274
323
  @ttl.setter
275
- def ttl(self, value: Optional[pulumi.Input[str]]):
324
+ def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
276
325
  pulumi.set(self, "ttl", value)
277
326
 
278
327
  @property
279
328
  @pulumi.getter(name="uriSans")
280
- def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
329
+ def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
281
330
  """
282
331
  List of alternative URIs
283
332
  """
284
333
  return pulumi.get(self, "uri_sans")
285
334
 
286
335
  @uri_sans.setter
287
- def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
336
+ def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
288
337
  pulumi.set(self, "uri_sans", value)
289
338
 
290
339
  @property
291
340
  @pulumi.getter(name="userIds")
292
- def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
341
+ def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
293
342
  """
294
343
  List of Subject User IDs
295
344
  """
296
345
  return pulumi.get(self, "user_ids")
297
346
 
298
347
  @user_ids.setter
299
- def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
348
+ def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
300
349
  pulumi.set(self, "user_ids", value)
301
350
 
302
351
 
303
352
  @pulumi.input_type
304
353
  class _SecretBackendCertState:
305
354
  def __init__(__self__, *,
306
- alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
307
- auto_renew: Optional[pulumi.Input[bool]] = None,
308
- backend: Optional[pulumi.Input[str]] = None,
309
- ca_chain: Optional[pulumi.Input[str]] = None,
310
- certificate: Optional[pulumi.Input[str]] = None,
311
- common_name: Optional[pulumi.Input[str]] = None,
312
- exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
313
- expiration: Optional[pulumi.Input[int]] = None,
314
- format: Optional[pulumi.Input[str]] = None,
315
- ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
316
- issuer_ref: Optional[pulumi.Input[str]] = None,
317
- issuing_ca: Optional[pulumi.Input[str]] = None,
318
- min_seconds_remaining: Optional[pulumi.Input[int]] = None,
319
- name: Optional[pulumi.Input[str]] = None,
320
- namespace: Optional[pulumi.Input[str]] = None,
321
- other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
322
- private_key: Optional[pulumi.Input[str]] = None,
323
- private_key_format: Optional[pulumi.Input[str]] = None,
324
- private_key_type: Optional[pulumi.Input[str]] = None,
325
- renew_pending: Optional[pulumi.Input[bool]] = None,
326
- revoke: Optional[pulumi.Input[bool]] = None,
327
- serial_number: Optional[pulumi.Input[str]] = None,
328
- ttl: Optional[pulumi.Input[str]] = None,
329
- uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
330
- user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
355
+ alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
356
+ auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
357
+ backend: Optional[pulumi.Input[builtins.str]] = None,
358
+ ca_chain: Optional[pulumi.Input[builtins.str]] = None,
359
+ cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
360
+ certificate: Optional[pulumi.Input[builtins.str]] = None,
361
+ common_name: Optional[pulumi.Input[builtins.str]] = None,
362
+ exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
363
+ expiration: Optional[pulumi.Input[builtins.int]] = None,
364
+ format: Optional[pulumi.Input[builtins.str]] = None,
365
+ ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
366
+ issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
367
+ issuing_ca: Optional[pulumi.Input[builtins.str]] = None,
368
+ min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
369
+ name: Optional[pulumi.Input[builtins.str]] = None,
370
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
371
+ not_after: Optional[pulumi.Input[builtins.str]] = None,
372
+ other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
373
+ private_key: Optional[pulumi.Input[builtins.str]] = None,
374
+ private_key_format: Optional[pulumi.Input[builtins.str]] = None,
375
+ private_key_type: Optional[pulumi.Input[builtins.str]] = None,
376
+ renew_pending: Optional[pulumi.Input[builtins.bool]] = None,
377
+ revoke: Optional[pulumi.Input[builtins.bool]] = None,
378
+ revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
379
+ serial_number: Optional[pulumi.Input[builtins.str]] = None,
380
+ ttl: Optional[pulumi.Input[builtins.str]] = None,
381
+ uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
382
+ user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None):
331
383
  """
332
384
  Input properties used for looking up and filtering SecretBackendCert resources.
333
- :param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
334
- :param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
335
- :param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
336
- :param pulumi.Input[str] ca_chain: The CA chain
337
- :param pulumi.Input[str] certificate: The certificate
338
- :param pulumi.Input[str] common_name: CN of certificate to create
339
- :param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
340
- :param pulumi.Input[int] expiration: The expiration date of the certificate in unix epoch format
341
- :param pulumi.Input[str] format: The format of data
342
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
343
- :param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request.
344
- :param pulumi.Input[str] issuing_ca: The issuing CA
345
- :param pulumi.Input[int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
346
- :param pulumi.Input[str] name: Name of the role to create the certificate against
347
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
385
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
386
+ :param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
387
+ :param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
388
+ :param pulumi.Input[builtins.str] ca_chain: The CA chain
389
+ :param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
390
+ :param pulumi.Input[builtins.str] certificate: The certificate
391
+ :param pulumi.Input[builtins.str] common_name: CN of certificate to create
392
+ :param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
393
+ :param pulumi.Input[builtins.int] expiration: The expiration date of the certificate in unix epoch format
394
+ :param pulumi.Input[builtins.str] format: The format of data
395
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
396
+ :param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
397
+ :param pulumi.Input[builtins.str] issuing_ca: The issuing CA
398
+ :param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
399
+ :param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
400
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
348
401
  The value should not contain leading or trailing forward slashes.
349
402
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
350
403
  *Available only for Vault Enterprise*.
351
- :param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
352
- :param pulumi.Input[str] private_key: The private key
353
- :param pulumi.Input[str] private_key_format: The private key format
354
- :param pulumi.Input[str] private_key_type: The private key type
355
- :param pulumi.Input[bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
356
- :param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
357
- :param pulumi.Input[str] serial_number: The serial number
358
- :param pulumi.Input[str] ttl: Time to live
359
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
360
- :param pulumi.Input[Sequence[pulumi.Input[str]]] user_ids: List of Subject User IDs
404
+ :param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
405
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
406
+ :param pulumi.Input[builtins.str] private_key: The private key
407
+ :param pulumi.Input[builtins.str] private_key_format: The private key format
408
+ :param pulumi.Input[builtins.str] private_key_type: The private key type
409
+ :param pulumi.Input[builtins.bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
410
+ :param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
411
+ :param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
412
+ :param pulumi.Input[builtins.str] serial_number: The serial number
413
+ :param pulumi.Input[builtins.str] ttl: Time to live
414
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
415
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
361
416
  """
362
417
  if alt_names is not None:
363
418
  pulumi.set(__self__, "alt_names", alt_names)
@@ -367,6 +422,8 @@ class _SecretBackendCertState:
367
422
  pulumi.set(__self__, "backend", backend)
368
423
  if ca_chain is not None:
369
424
  pulumi.set(__self__, "ca_chain", ca_chain)
425
+ if cert_metadata is not None:
426
+ pulumi.set(__self__, "cert_metadata", cert_metadata)
370
427
  if certificate is not None:
371
428
  pulumi.set(__self__, "certificate", certificate)
372
429
  if common_name is not None:
@@ -389,6 +446,8 @@ class _SecretBackendCertState:
389
446
  pulumi.set(__self__, "name", name)
390
447
  if namespace is not None:
391
448
  pulumi.set(__self__, "namespace", namespace)
449
+ if not_after is not None:
450
+ pulumi.set(__self__, "not_after", not_after)
392
451
  if other_sans is not None:
393
452
  pulumi.set(__self__, "other_sans", other_sans)
394
453
  if private_key is not None:
@@ -401,6 +460,8 @@ class _SecretBackendCertState:
401
460
  pulumi.set(__self__, "renew_pending", renew_pending)
402
461
  if revoke is not None:
403
462
  pulumi.set(__self__, "revoke", revoke)
463
+ if revoke_with_key is not None:
464
+ pulumi.set(__self__, "revoke_with_key", revoke_with_key)
404
465
  if serial_number is not None:
405
466
  pulumi.set(__self__, "serial_number", serial_number)
406
467
  if ttl is not None:
@@ -412,175 +473,187 @@ class _SecretBackendCertState:
412
473
 
413
474
  @property
414
475
  @pulumi.getter(name="altNames")
415
- def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
476
+ def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
416
477
  """
417
478
  List of alternative names
418
479
  """
419
480
  return pulumi.get(self, "alt_names")
420
481
 
421
482
  @alt_names.setter
422
- def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
483
+ def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
423
484
  pulumi.set(self, "alt_names", value)
424
485
 
425
486
  @property
426
487
  @pulumi.getter(name="autoRenew")
427
- def auto_renew(self) -> Optional[pulumi.Input[bool]]:
488
+ def auto_renew(self) -> Optional[pulumi.Input[builtins.bool]]:
428
489
  """
429
490
  If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
430
491
  """
431
492
  return pulumi.get(self, "auto_renew")
432
493
 
433
494
  @auto_renew.setter
434
- def auto_renew(self, value: Optional[pulumi.Input[bool]]):
495
+ def auto_renew(self, value: Optional[pulumi.Input[builtins.bool]]):
435
496
  pulumi.set(self, "auto_renew", value)
436
497
 
437
498
  @property
438
499
  @pulumi.getter
439
- def backend(self) -> Optional[pulumi.Input[str]]:
500
+ def backend(self) -> Optional[pulumi.Input[builtins.str]]:
440
501
  """
441
502
  The PKI secret backend the resource belongs to.
442
503
  """
443
504
  return pulumi.get(self, "backend")
444
505
 
445
506
  @backend.setter
446
- def backend(self, value: Optional[pulumi.Input[str]]):
507
+ def backend(self, value: Optional[pulumi.Input[builtins.str]]):
447
508
  pulumi.set(self, "backend", value)
448
509
 
449
510
  @property
450
511
  @pulumi.getter(name="caChain")
451
- def ca_chain(self) -> Optional[pulumi.Input[str]]:
512
+ def ca_chain(self) -> Optional[pulumi.Input[builtins.str]]:
452
513
  """
453
514
  The CA chain
454
515
  """
455
516
  return pulumi.get(self, "ca_chain")
456
517
 
457
518
  @ca_chain.setter
458
- def ca_chain(self, value: Optional[pulumi.Input[str]]):
519
+ def ca_chain(self, value: Optional[pulumi.Input[builtins.str]]):
459
520
  pulumi.set(self, "ca_chain", value)
460
521
 
522
+ @property
523
+ @pulumi.getter(name="certMetadata")
524
+ def cert_metadata(self) -> Optional[pulumi.Input[builtins.str]]:
525
+ """
526
+ A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
527
+ """
528
+ return pulumi.get(self, "cert_metadata")
529
+
530
+ @cert_metadata.setter
531
+ def cert_metadata(self, value: Optional[pulumi.Input[builtins.str]]):
532
+ pulumi.set(self, "cert_metadata", value)
533
+
461
534
  @property
462
535
  @pulumi.getter
463
- def certificate(self) -> Optional[pulumi.Input[str]]:
536
+ def certificate(self) -> Optional[pulumi.Input[builtins.str]]:
464
537
  """
465
538
  The certificate
466
539
  """
467
540
  return pulumi.get(self, "certificate")
468
541
 
469
542
  @certificate.setter
470
- def certificate(self, value: Optional[pulumi.Input[str]]):
543
+ def certificate(self, value: Optional[pulumi.Input[builtins.str]]):
471
544
  pulumi.set(self, "certificate", value)
472
545
 
473
546
  @property
474
547
  @pulumi.getter(name="commonName")
475
- def common_name(self) -> Optional[pulumi.Input[str]]:
548
+ def common_name(self) -> Optional[pulumi.Input[builtins.str]]:
476
549
  """
477
550
  CN of certificate to create
478
551
  """
479
552
  return pulumi.get(self, "common_name")
480
553
 
481
554
  @common_name.setter
482
- def common_name(self, value: Optional[pulumi.Input[str]]):
555
+ def common_name(self, value: Optional[pulumi.Input[builtins.str]]):
483
556
  pulumi.set(self, "common_name", value)
484
557
 
485
558
  @property
486
559
  @pulumi.getter(name="excludeCnFromSans")
487
- def exclude_cn_from_sans(self) -> Optional[pulumi.Input[bool]]:
560
+ def exclude_cn_from_sans(self) -> Optional[pulumi.Input[builtins.bool]]:
488
561
  """
489
562
  Flag to exclude CN from SANs
490
563
  """
491
564
  return pulumi.get(self, "exclude_cn_from_sans")
492
565
 
493
566
  @exclude_cn_from_sans.setter
494
- def exclude_cn_from_sans(self, value: Optional[pulumi.Input[bool]]):
567
+ def exclude_cn_from_sans(self, value: Optional[pulumi.Input[builtins.bool]]):
495
568
  pulumi.set(self, "exclude_cn_from_sans", value)
496
569
 
497
570
  @property
498
571
  @pulumi.getter
499
- def expiration(self) -> Optional[pulumi.Input[int]]:
572
+ def expiration(self) -> Optional[pulumi.Input[builtins.int]]:
500
573
  """
501
574
  The expiration date of the certificate in unix epoch format
502
575
  """
503
576
  return pulumi.get(self, "expiration")
504
577
 
505
578
  @expiration.setter
506
- def expiration(self, value: Optional[pulumi.Input[int]]):
579
+ def expiration(self, value: Optional[pulumi.Input[builtins.int]]):
507
580
  pulumi.set(self, "expiration", value)
508
581
 
509
582
  @property
510
583
  @pulumi.getter
511
- def format(self) -> Optional[pulumi.Input[str]]:
584
+ def format(self) -> Optional[pulumi.Input[builtins.str]]:
512
585
  """
513
586
  The format of data
514
587
  """
515
588
  return pulumi.get(self, "format")
516
589
 
517
590
  @format.setter
518
- def format(self, value: Optional[pulumi.Input[str]]):
591
+ def format(self, value: Optional[pulumi.Input[builtins.str]]):
519
592
  pulumi.set(self, "format", value)
520
593
 
521
594
  @property
522
595
  @pulumi.getter(name="ipSans")
523
- def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
596
+ def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
524
597
  """
525
598
  List of alternative IPs
526
599
  """
527
600
  return pulumi.get(self, "ip_sans")
528
601
 
529
602
  @ip_sans.setter
530
- def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
603
+ def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
531
604
  pulumi.set(self, "ip_sans", value)
532
605
 
533
606
  @property
534
607
  @pulumi.getter(name="issuerRef")
535
- def issuer_ref(self) -> Optional[pulumi.Input[str]]:
608
+ def issuer_ref(self) -> Optional[pulumi.Input[builtins.str]]:
536
609
  """
537
610
  Specifies the default issuer of this request.
538
611
  """
539
612
  return pulumi.get(self, "issuer_ref")
540
613
 
541
614
  @issuer_ref.setter
542
- def issuer_ref(self, value: Optional[pulumi.Input[str]]):
615
+ def issuer_ref(self, value: Optional[pulumi.Input[builtins.str]]):
543
616
  pulumi.set(self, "issuer_ref", value)
544
617
 
545
618
  @property
546
619
  @pulumi.getter(name="issuingCa")
547
- def issuing_ca(self) -> Optional[pulumi.Input[str]]:
620
+ def issuing_ca(self) -> Optional[pulumi.Input[builtins.str]]:
548
621
  """
549
622
  The issuing CA
550
623
  """
551
624
  return pulumi.get(self, "issuing_ca")
552
625
 
553
626
  @issuing_ca.setter
554
- def issuing_ca(self, value: Optional[pulumi.Input[str]]):
627
+ def issuing_ca(self, value: Optional[pulumi.Input[builtins.str]]):
555
628
  pulumi.set(self, "issuing_ca", value)
556
629
 
557
630
  @property
558
631
  @pulumi.getter(name="minSecondsRemaining")
559
- def min_seconds_remaining(self) -> Optional[pulumi.Input[int]]:
632
+ def min_seconds_remaining(self) -> Optional[pulumi.Input[builtins.int]]:
560
633
  """
561
634
  Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
562
635
  """
563
636
  return pulumi.get(self, "min_seconds_remaining")
564
637
 
565
638
  @min_seconds_remaining.setter
566
- def min_seconds_remaining(self, value: Optional[pulumi.Input[int]]):
639
+ def min_seconds_remaining(self, value: Optional[pulumi.Input[builtins.int]]):
567
640
  pulumi.set(self, "min_seconds_remaining", value)
568
641
 
569
642
  @property
570
643
  @pulumi.getter
571
- def name(self) -> Optional[pulumi.Input[str]]:
644
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
572
645
  """
573
646
  Name of the role to create the certificate against
574
647
  """
575
648
  return pulumi.get(self, "name")
576
649
 
577
650
  @name.setter
578
- def name(self, value: Optional[pulumi.Input[str]]):
651
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
579
652
  pulumi.set(self, "name", value)
580
653
 
581
654
  @property
582
655
  @pulumi.getter
583
- def namespace(self) -> Optional[pulumi.Input[str]]:
656
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
584
657
  """
585
658
  The namespace to provision the resource in.
586
659
  The value should not contain leading or trailing forward slashes.
@@ -590,127 +663,151 @@ class _SecretBackendCertState:
590
663
  return pulumi.get(self, "namespace")
591
664
 
592
665
  @namespace.setter
593
- def namespace(self, value: Optional[pulumi.Input[str]]):
666
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
594
667
  pulumi.set(self, "namespace", value)
595
668
 
669
+ @property
670
+ @pulumi.getter(name="notAfter")
671
+ def not_after(self) -> Optional[pulumi.Input[builtins.str]]:
672
+ """
673
+ Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
674
+ """
675
+ return pulumi.get(self, "not_after")
676
+
677
+ @not_after.setter
678
+ def not_after(self, value: Optional[pulumi.Input[builtins.str]]):
679
+ pulumi.set(self, "not_after", value)
680
+
596
681
  @property
597
682
  @pulumi.getter(name="otherSans")
598
- def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
683
+ def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
599
684
  """
600
685
  List of other SANs
601
686
  """
602
687
  return pulumi.get(self, "other_sans")
603
688
 
604
689
  @other_sans.setter
605
- def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
690
+ def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
606
691
  pulumi.set(self, "other_sans", value)
607
692
 
608
693
  @property
609
694
  @pulumi.getter(name="privateKey")
610
- def private_key(self) -> Optional[pulumi.Input[str]]:
695
+ def private_key(self) -> Optional[pulumi.Input[builtins.str]]:
611
696
  """
612
697
  The private key
613
698
  """
614
699
  return pulumi.get(self, "private_key")
615
700
 
616
701
  @private_key.setter
617
- def private_key(self, value: Optional[pulumi.Input[str]]):
702
+ def private_key(self, value: Optional[pulumi.Input[builtins.str]]):
618
703
  pulumi.set(self, "private_key", value)
619
704
 
620
705
  @property
621
706
  @pulumi.getter(name="privateKeyFormat")
622
- def private_key_format(self) -> Optional[pulumi.Input[str]]:
707
+ def private_key_format(self) -> Optional[pulumi.Input[builtins.str]]:
623
708
  """
624
709
  The private key format
625
710
  """
626
711
  return pulumi.get(self, "private_key_format")
627
712
 
628
713
  @private_key_format.setter
629
- def private_key_format(self, value: Optional[pulumi.Input[str]]):
714
+ def private_key_format(self, value: Optional[pulumi.Input[builtins.str]]):
630
715
  pulumi.set(self, "private_key_format", value)
631
716
 
632
717
  @property
633
718
  @pulumi.getter(name="privateKeyType")
634
- def private_key_type(self) -> Optional[pulumi.Input[str]]:
719
+ def private_key_type(self) -> Optional[pulumi.Input[builtins.str]]:
635
720
  """
636
721
  The private key type
637
722
  """
638
723
  return pulumi.get(self, "private_key_type")
639
724
 
640
725
  @private_key_type.setter
641
- def private_key_type(self, value: Optional[pulumi.Input[str]]):
726
+ def private_key_type(self, value: Optional[pulumi.Input[builtins.str]]):
642
727
  pulumi.set(self, "private_key_type", value)
643
728
 
644
729
  @property
645
730
  @pulumi.getter(name="renewPending")
646
- def renew_pending(self) -> Optional[pulumi.Input[bool]]:
731
+ def renew_pending(self) -> Optional[pulumi.Input[builtins.bool]]:
647
732
  """
648
733
  `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
649
734
  """
650
735
  return pulumi.get(self, "renew_pending")
651
736
 
652
737
  @renew_pending.setter
653
- def renew_pending(self, value: Optional[pulumi.Input[bool]]):
738
+ def renew_pending(self, value: Optional[pulumi.Input[builtins.bool]]):
654
739
  pulumi.set(self, "renew_pending", value)
655
740
 
656
741
  @property
657
742
  @pulumi.getter
658
- def revoke(self) -> Optional[pulumi.Input[bool]]:
743
+ def revoke(self) -> Optional[pulumi.Input[builtins.bool]]:
659
744
  """
660
- If set to `true`, the certificate will be revoked on resource destruction.
745
+ If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
661
746
  """
662
747
  return pulumi.get(self, "revoke")
663
748
 
664
749
  @revoke.setter
665
- def revoke(self, value: Optional[pulumi.Input[bool]]):
750
+ def revoke(self, value: Optional[pulumi.Input[builtins.bool]]):
666
751
  pulumi.set(self, "revoke", value)
667
752
 
753
+ @property
754
+ @pulumi.getter(name="revokeWithKey")
755
+ def revoke_with_key(self) -> Optional[pulumi.Input[builtins.bool]]:
756
+ """
757
+ If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
758
+ """
759
+ return pulumi.get(self, "revoke_with_key")
760
+
761
+ @revoke_with_key.setter
762
+ def revoke_with_key(self, value: Optional[pulumi.Input[builtins.bool]]):
763
+ pulumi.set(self, "revoke_with_key", value)
764
+
668
765
  @property
669
766
  @pulumi.getter(name="serialNumber")
670
- def serial_number(self) -> Optional[pulumi.Input[str]]:
767
+ def serial_number(self) -> Optional[pulumi.Input[builtins.str]]:
671
768
  """
672
769
  The serial number
673
770
  """
674
771
  return pulumi.get(self, "serial_number")
675
772
 
676
773
  @serial_number.setter
677
- def serial_number(self, value: Optional[pulumi.Input[str]]):
774
+ def serial_number(self, value: Optional[pulumi.Input[builtins.str]]):
678
775
  pulumi.set(self, "serial_number", value)
679
776
 
680
777
  @property
681
778
  @pulumi.getter
682
- def ttl(self) -> Optional[pulumi.Input[str]]:
779
+ def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
683
780
  """
684
781
  Time to live
685
782
  """
686
783
  return pulumi.get(self, "ttl")
687
784
 
688
785
  @ttl.setter
689
- def ttl(self, value: Optional[pulumi.Input[str]]):
786
+ def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
690
787
  pulumi.set(self, "ttl", value)
691
788
 
692
789
  @property
693
790
  @pulumi.getter(name="uriSans")
694
- def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
791
+ def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
695
792
  """
696
793
  List of alternative URIs
697
794
  """
698
795
  return pulumi.get(self, "uri_sans")
699
796
 
700
797
  @uri_sans.setter
701
- def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
798
+ def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
702
799
  pulumi.set(self, "uri_sans", value)
703
800
 
704
801
  @property
705
802
  @pulumi.getter(name="userIds")
706
- def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
803
+ def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
707
804
  """
708
805
  List of Subject User IDs
709
806
  """
710
807
  return pulumi.get(self, "user_ids")
711
808
 
712
809
  @user_ids.setter
713
- def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
810
+ def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
714
811
  pulumi.set(self, "user_ids", value)
715
812
 
716
813
 
@@ -719,23 +816,26 @@ class SecretBackendCert(pulumi.CustomResource):
719
816
  def __init__(__self__,
720
817
  resource_name: str,
721
818
  opts: Optional[pulumi.ResourceOptions] = None,
722
- alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
723
- auto_renew: Optional[pulumi.Input[bool]] = None,
724
- backend: Optional[pulumi.Input[str]] = None,
725
- common_name: Optional[pulumi.Input[str]] = None,
726
- exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
727
- format: Optional[pulumi.Input[str]] = None,
728
- ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
729
- issuer_ref: Optional[pulumi.Input[str]] = None,
730
- min_seconds_remaining: Optional[pulumi.Input[int]] = None,
731
- name: Optional[pulumi.Input[str]] = None,
732
- namespace: Optional[pulumi.Input[str]] = None,
733
- other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
734
- private_key_format: Optional[pulumi.Input[str]] = None,
735
- revoke: Optional[pulumi.Input[bool]] = None,
736
- ttl: Optional[pulumi.Input[str]] = None,
737
- uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
738
- user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
819
+ alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
820
+ auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
821
+ backend: Optional[pulumi.Input[builtins.str]] = None,
822
+ cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
823
+ common_name: Optional[pulumi.Input[builtins.str]] = None,
824
+ exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
825
+ format: Optional[pulumi.Input[builtins.str]] = None,
826
+ ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
827
+ issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
828
+ min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
829
+ name: Optional[pulumi.Input[builtins.str]] = None,
830
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
831
+ not_after: Optional[pulumi.Input[builtins.str]] = None,
832
+ other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
833
+ private_key_format: Optional[pulumi.Input[builtins.str]] = None,
834
+ revoke: Optional[pulumi.Input[builtins.bool]] = None,
835
+ revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
836
+ ttl: Optional[pulumi.Input[builtins.str]] = None,
837
+ uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
838
+ user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
739
839
  __props__=None):
740
840
  """
741
841
  ## Example Usage
@@ -753,26 +853,29 @@ class SecretBackendCert(pulumi.CustomResource):
753
853
 
754
854
  :param str resource_name: The name of the resource.
755
855
  :param pulumi.ResourceOptions opts: Options for the resource.
756
- :param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
757
- :param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
758
- :param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
759
- :param pulumi.Input[str] common_name: CN of certificate to create
760
- :param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
761
- :param pulumi.Input[str] format: The format of data
762
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
763
- :param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request.
764
- :param pulumi.Input[int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
765
- :param pulumi.Input[str] name: Name of the role to create the certificate against
766
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
856
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
857
+ :param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
858
+ :param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
859
+ :param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
860
+ :param pulumi.Input[builtins.str] common_name: CN of certificate to create
861
+ :param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
862
+ :param pulumi.Input[builtins.str] format: The format of data
863
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
864
+ :param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
865
+ :param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
866
+ :param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
867
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
767
868
  The value should not contain leading or trailing forward slashes.
768
869
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
769
870
  *Available only for Vault Enterprise*.
770
- :param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
771
- :param pulumi.Input[str] private_key_format: The private key format
772
- :param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
773
- :param pulumi.Input[str] ttl: Time to live
774
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
775
- :param pulumi.Input[Sequence[pulumi.Input[str]]] user_ids: List of Subject User IDs
871
+ :param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
872
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
873
+ :param pulumi.Input[builtins.str] private_key_format: The private key format
874
+ :param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
875
+ :param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
876
+ :param pulumi.Input[builtins.str] ttl: Time to live
877
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
878
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
776
879
  """
777
880
  ...
778
881
  @overload
@@ -809,23 +912,26 @@ class SecretBackendCert(pulumi.CustomResource):
809
912
  def _internal_init(__self__,
810
913
  resource_name: str,
811
914
  opts: Optional[pulumi.ResourceOptions] = None,
812
- alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
813
- auto_renew: Optional[pulumi.Input[bool]] = None,
814
- backend: Optional[pulumi.Input[str]] = None,
815
- common_name: Optional[pulumi.Input[str]] = None,
816
- exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
817
- format: Optional[pulumi.Input[str]] = None,
818
- ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
819
- issuer_ref: Optional[pulumi.Input[str]] = None,
820
- min_seconds_remaining: Optional[pulumi.Input[int]] = None,
821
- name: Optional[pulumi.Input[str]] = None,
822
- namespace: Optional[pulumi.Input[str]] = None,
823
- other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
824
- private_key_format: Optional[pulumi.Input[str]] = None,
825
- revoke: Optional[pulumi.Input[bool]] = None,
826
- ttl: Optional[pulumi.Input[str]] = None,
827
- uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
828
- user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
915
+ alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
916
+ auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
917
+ backend: Optional[pulumi.Input[builtins.str]] = None,
918
+ cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
919
+ common_name: Optional[pulumi.Input[builtins.str]] = None,
920
+ exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
921
+ format: Optional[pulumi.Input[builtins.str]] = None,
922
+ ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
923
+ issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
924
+ min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
925
+ name: Optional[pulumi.Input[builtins.str]] = None,
926
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
927
+ not_after: Optional[pulumi.Input[builtins.str]] = None,
928
+ other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
929
+ private_key_format: Optional[pulumi.Input[builtins.str]] = None,
930
+ revoke: Optional[pulumi.Input[builtins.bool]] = None,
931
+ revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
932
+ ttl: Optional[pulumi.Input[builtins.str]] = None,
933
+ uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
934
+ user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
829
935
  __props__=None):
830
936
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
831
937
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -840,6 +946,7 @@ class SecretBackendCert(pulumi.CustomResource):
840
946
  if backend is None and not opts.urn:
841
947
  raise TypeError("Missing required property 'backend'")
842
948
  __props__.__dict__["backend"] = backend
949
+ __props__.__dict__["cert_metadata"] = cert_metadata
843
950
  if common_name is None and not opts.urn:
844
951
  raise TypeError("Missing required property 'common_name'")
845
952
  __props__.__dict__["common_name"] = common_name
@@ -850,9 +957,11 @@ class SecretBackendCert(pulumi.CustomResource):
850
957
  __props__.__dict__["min_seconds_remaining"] = min_seconds_remaining
851
958
  __props__.__dict__["name"] = name
852
959
  __props__.__dict__["namespace"] = namespace
960
+ __props__.__dict__["not_after"] = not_after
853
961
  __props__.__dict__["other_sans"] = other_sans
854
962
  __props__.__dict__["private_key_format"] = private_key_format
855
963
  __props__.__dict__["revoke"] = revoke
964
+ __props__.__dict__["revoke_with_key"] = revoke_with_key
856
965
  __props__.__dict__["ttl"] = ttl
857
966
  __props__.__dict__["uri_sans"] = uri_sans
858
967
  __props__.__dict__["user_ids"] = user_ids
@@ -876,31 +985,34 @@ class SecretBackendCert(pulumi.CustomResource):
876
985
  def get(resource_name: str,
877
986
  id: pulumi.Input[str],
878
987
  opts: Optional[pulumi.ResourceOptions] = None,
879
- alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
880
- auto_renew: Optional[pulumi.Input[bool]] = None,
881
- backend: Optional[pulumi.Input[str]] = None,
882
- ca_chain: Optional[pulumi.Input[str]] = None,
883
- certificate: Optional[pulumi.Input[str]] = None,
884
- common_name: Optional[pulumi.Input[str]] = None,
885
- exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
886
- expiration: Optional[pulumi.Input[int]] = None,
887
- format: Optional[pulumi.Input[str]] = None,
888
- ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
889
- issuer_ref: Optional[pulumi.Input[str]] = None,
890
- issuing_ca: Optional[pulumi.Input[str]] = None,
891
- min_seconds_remaining: Optional[pulumi.Input[int]] = None,
892
- name: Optional[pulumi.Input[str]] = None,
893
- namespace: Optional[pulumi.Input[str]] = None,
894
- other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
895
- private_key: Optional[pulumi.Input[str]] = None,
896
- private_key_format: Optional[pulumi.Input[str]] = None,
897
- private_key_type: Optional[pulumi.Input[str]] = None,
898
- renew_pending: Optional[pulumi.Input[bool]] = None,
899
- revoke: Optional[pulumi.Input[bool]] = None,
900
- serial_number: Optional[pulumi.Input[str]] = None,
901
- ttl: Optional[pulumi.Input[str]] = None,
902
- uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
903
- user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None) -> 'SecretBackendCert':
988
+ alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
989
+ auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
990
+ backend: Optional[pulumi.Input[builtins.str]] = None,
991
+ ca_chain: Optional[pulumi.Input[builtins.str]] = None,
992
+ cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
993
+ certificate: Optional[pulumi.Input[builtins.str]] = None,
994
+ common_name: Optional[pulumi.Input[builtins.str]] = None,
995
+ exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
996
+ expiration: Optional[pulumi.Input[builtins.int]] = None,
997
+ format: Optional[pulumi.Input[builtins.str]] = None,
998
+ ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
999
+ issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
1000
+ issuing_ca: Optional[pulumi.Input[builtins.str]] = None,
1001
+ min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
1002
+ name: Optional[pulumi.Input[builtins.str]] = None,
1003
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1004
+ not_after: Optional[pulumi.Input[builtins.str]] = None,
1005
+ other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1006
+ private_key: Optional[pulumi.Input[builtins.str]] = None,
1007
+ private_key_format: Optional[pulumi.Input[builtins.str]] = None,
1008
+ private_key_type: Optional[pulumi.Input[builtins.str]] = None,
1009
+ renew_pending: Optional[pulumi.Input[builtins.bool]] = None,
1010
+ revoke: Optional[pulumi.Input[builtins.bool]] = None,
1011
+ revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
1012
+ serial_number: Optional[pulumi.Input[builtins.str]] = None,
1013
+ ttl: Optional[pulumi.Input[builtins.str]] = None,
1014
+ uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1015
+ user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None) -> 'SecretBackendCert':
904
1016
  """
905
1017
  Get an existing SecretBackendCert resource's state with the given name, id, and optional extra
906
1018
  properties used to qualify the lookup.
@@ -908,34 +1020,37 @@ class SecretBackendCert(pulumi.CustomResource):
908
1020
  :param str resource_name: The unique name of the resulting resource.
909
1021
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
910
1022
  :param pulumi.ResourceOptions opts: Options for the resource.
911
- :param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
912
- :param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
913
- :param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
914
- :param pulumi.Input[str] ca_chain: The CA chain
915
- :param pulumi.Input[str] certificate: The certificate
916
- :param pulumi.Input[str] common_name: CN of certificate to create
917
- :param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
918
- :param pulumi.Input[int] expiration: The expiration date of the certificate in unix epoch format
919
- :param pulumi.Input[str] format: The format of data
920
- :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
921
- :param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request.
922
- :param pulumi.Input[str] issuing_ca: The issuing CA
923
- :param pulumi.Input[int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
924
- :param pulumi.Input[str] name: Name of the role to create the certificate against
925
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1023
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
1024
+ :param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
1025
+ :param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
1026
+ :param pulumi.Input[builtins.str] ca_chain: The CA chain
1027
+ :param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
1028
+ :param pulumi.Input[builtins.str] certificate: The certificate
1029
+ :param pulumi.Input[builtins.str] common_name: CN of certificate to create
1030
+ :param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
1031
+ :param pulumi.Input[builtins.int] expiration: The expiration date of the certificate in unix epoch format
1032
+ :param pulumi.Input[builtins.str] format: The format of data
1033
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
1034
+ :param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
1035
+ :param pulumi.Input[builtins.str] issuing_ca: The issuing CA
1036
+ :param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
1037
+ :param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
1038
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
926
1039
  The value should not contain leading or trailing forward slashes.
927
1040
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
928
1041
  *Available only for Vault Enterprise*.
929
- :param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
930
- :param pulumi.Input[str] private_key: The private key
931
- :param pulumi.Input[str] private_key_format: The private key format
932
- :param pulumi.Input[str] private_key_type: The private key type
933
- :param pulumi.Input[bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
934
- :param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
935
- :param pulumi.Input[str] serial_number: The serial number
936
- :param pulumi.Input[str] ttl: Time to live
937
- :param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
938
- :param pulumi.Input[Sequence[pulumi.Input[str]]] user_ids: List of Subject User IDs
1042
+ :param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
1043
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
1044
+ :param pulumi.Input[builtins.str] private_key: The private key
1045
+ :param pulumi.Input[builtins.str] private_key_format: The private key format
1046
+ :param pulumi.Input[builtins.str] private_key_type: The private key type
1047
+ :param pulumi.Input[builtins.bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
1048
+ :param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
1049
+ :param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
1050
+ :param pulumi.Input[builtins.str] serial_number: The serial number
1051
+ :param pulumi.Input[builtins.str] ttl: Time to live
1052
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
1053
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
939
1054
  """
940
1055
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
941
1056
 
@@ -945,6 +1060,7 @@ class SecretBackendCert(pulumi.CustomResource):
945
1060
  __props__.__dict__["auto_renew"] = auto_renew
946
1061
  __props__.__dict__["backend"] = backend
947
1062
  __props__.__dict__["ca_chain"] = ca_chain
1063
+ __props__.__dict__["cert_metadata"] = cert_metadata
948
1064
  __props__.__dict__["certificate"] = certificate
949
1065
  __props__.__dict__["common_name"] = common_name
950
1066
  __props__.__dict__["exclude_cn_from_sans"] = exclude_cn_from_sans
@@ -956,12 +1072,14 @@ class SecretBackendCert(pulumi.CustomResource):
956
1072
  __props__.__dict__["min_seconds_remaining"] = min_seconds_remaining
957
1073
  __props__.__dict__["name"] = name
958
1074
  __props__.__dict__["namespace"] = namespace
1075
+ __props__.__dict__["not_after"] = not_after
959
1076
  __props__.__dict__["other_sans"] = other_sans
960
1077
  __props__.__dict__["private_key"] = private_key
961
1078
  __props__.__dict__["private_key_format"] = private_key_format
962
1079
  __props__.__dict__["private_key_type"] = private_key_type
963
1080
  __props__.__dict__["renew_pending"] = renew_pending
964
1081
  __props__.__dict__["revoke"] = revoke
1082
+ __props__.__dict__["revoke_with_key"] = revoke_with_key
965
1083
  __props__.__dict__["serial_number"] = serial_number
966
1084
  __props__.__dict__["ttl"] = ttl
967
1085
  __props__.__dict__["uri_sans"] = uri_sans
@@ -970,7 +1088,7 @@ class SecretBackendCert(pulumi.CustomResource):
970
1088
 
971
1089
  @property
972
1090
  @pulumi.getter(name="altNames")
973
- def alt_names(self) -> pulumi.Output[Optional[Sequence[str]]]:
1091
+ def alt_names(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
974
1092
  """
975
1093
  List of alternative names
976
1094
  """
@@ -978,7 +1096,7 @@ class SecretBackendCert(pulumi.CustomResource):
978
1096
 
979
1097
  @property
980
1098
  @pulumi.getter(name="autoRenew")
981
- def auto_renew(self) -> pulumi.Output[Optional[bool]]:
1099
+ def auto_renew(self) -> pulumi.Output[Optional[builtins.bool]]:
982
1100
  """
983
1101
  If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
984
1102
  """
@@ -986,7 +1104,7 @@ class SecretBackendCert(pulumi.CustomResource):
986
1104
 
987
1105
  @property
988
1106
  @pulumi.getter
989
- def backend(self) -> pulumi.Output[str]:
1107
+ def backend(self) -> pulumi.Output[builtins.str]:
990
1108
  """
991
1109
  The PKI secret backend the resource belongs to.
992
1110
  """
@@ -994,15 +1112,23 @@ class SecretBackendCert(pulumi.CustomResource):
994
1112
 
995
1113
  @property
996
1114
  @pulumi.getter(name="caChain")
997
- def ca_chain(self) -> pulumi.Output[str]:
1115
+ def ca_chain(self) -> pulumi.Output[builtins.str]:
998
1116
  """
999
1117
  The CA chain
1000
1118
  """
1001
1119
  return pulumi.get(self, "ca_chain")
1002
1120
 
1121
+ @property
1122
+ @pulumi.getter(name="certMetadata")
1123
+ def cert_metadata(self) -> pulumi.Output[Optional[builtins.str]]:
1124
+ """
1125
+ A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
1126
+ """
1127
+ return pulumi.get(self, "cert_metadata")
1128
+
1003
1129
  @property
1004
1130
  @pulumi.getter
1005
- def certificate(self) -> pulumi.Output[str]:
1131
+ def certificate(self) -> pulumi.Output[builtins.str]:
1006
1132
  """
1007
1133
  The certificate
1008
1134
  """
@@ -1010,7 +1136,7 @@ class SecretBackendCert(pulumi.CustomResource):
1010
1136
 
1011
1137
  @property
1012
1138
  @pulumi.getter(name="commonName")
1013
- def common_name(self) -> pulumi.Output[str]:
1139
+ def common_name(self) -> pulumi.Output[builtins.str]:
1014
1140
  """
1015
1141
  CN of certificate to create
1016
1142
  """
@@ -1018,7 +1144,7 @@ class SecretBackendCert(pulumi.CustomResource):
1018
1144
 
1019
1145
  @property
1020
1146
  @pulumi.getter(name="excludeCnFromSans")
1021
- def exclude_cn_from_sans(self) -> pulumi.Output[Optional[bool]]:
1147
+ def exclude_cn_from_sans(self) -> pulumi.Output[Optional[builtins.bool]]:
1022
1148
  """
1023
1149
  Flag to exclude CN from SANs
1024
1150
  """
@@ -1026,7 +1152,7 @@ class SecretBackendCert(pulumi.CustomResource):
1026
1152
 
1027
1153
  @property
1028
1154
  @pulumi.getter
1029
- def expiration(self) -> pulumi.Output[int]:
1155
+ def expiration(self) -> pulumi.Output[builtins.int]:
1030
1156
  """
1031
1157
  The expiration date of the certificate in unix epoch format
1032
1158
  """
@@ -1034,7 +1160,7 @@ class SecretBackendCert(pulumi.CustomResource):
1034
1160
 
1035
1161
  @property
1036
1162
  @pulumi.getter
1037
- def format(self) -> pulumi.Output[Optional[str]]:
1163
+ def format(self) -> pulumi.Output[Optional[builtins.str]]:
1038
1164
  """
1039
1165
  The format of data
1040
1166
  """
@@ -1042,7 +1168,7 @@ class SecretBackendCert(pulumi.CustomResource):
1042
1168
 
1043
1169
  @property
1044
1170
  @pulumi.getter(name="ipSans")
1045
- def ip_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
1171
+ def ip_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1046
1172
  """
1047
1173
  List of alternative IPs
1048
1174
  """
@@ -1050,7 +1176,7 @@ class SecretBackendCert(pulumi.CustomResource):
1050
1176
 
1051
1177
  @property
1052
1178
  @pulumi.getter(name="issuerRef")
1053
- def issuer_ref(self) -> pulumi.Output[Optional[str]]:
1179
+ def issuer_ref(self) -> pulumi.Output[Optional[builtins.str]]:
1054
1180
  """
1055
1181
  Specifies the default issuer of this request.
1056
1182
  """
@@ -1058,7 +1184,7 @@ class SecretBackendCert(pulumi.CustomResource):
1058
1184
 
1059
1185
  @property
1060
1186
  @pulumi.getter(name="issuingCa")
1061
- def issuing_ca(self) -> pulumi.Output[str]:
1187
+ def issuing_ca(self) -> pulumi.Output[builtins.str]:
1062
1188
  """
1063
1189
  The issuing CA
1064
1190
  """
@@ -1066,7 +1192,7 @@ class SecretBackendCert(pulumi.CustomResource):
1066
1192
 
1067
1193
  @property
1068
1194
  @pulumi.getter(name="minSecondsRemaining")
1069
- def min_seconds_remaining(self) -> pulumi.Output[Optional[int]]:
1195
+ def min_seconds_remaining(self) -> pulumi.Output[Optional[builtins.int]]:
1070
1196
  """
1071
1197
  Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
1072
1198
  """
@@ -1074,7 +1200,7 @@ class SecretBackendCert(pulumi.CustomResource):
1074
1200
 
1075
1201
  @property
1076
1202
  @pulumi.getter
1077
- def name(self) -> pulumi.Output[str]:
1203
+ def name(self) -> pulumi.Output[builtins.str]:
1078
1204
  """
1079
1205
  Name of the role to create the certificate against
1080
1206
  """
@@ -1082,7 +1208,7 @@ class SecretBackendCert(pulumi.CustomResource):
1082
1208
 
1083
1209
  @property
1084
1210
  @pulumi.getter
1085
- def namespace(self) -> pulumi.Output[Optional[str]]:
1211
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1086
1212
  """
1087
1213
  The namespace to provision the resource in.
1088
1214
  The value should not contain leading or trailing forward slashes.
@@ -1091,9 +1217,17 @@ class SecretBackendCert(pulumi.CustomResource):
1091
1217
  """
1092
1218
  return pulumi.get(self, "namespace")
1093
1219
 
1220
+ @property
1221
+ @pulumi.getter(name="notAfter")
1222
+ def not_after(self) -> pulumi.Output[Optional[builtins.str]]:
1223
+ """
1224
+ Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
1225
+ """
1226
+ return pulumi.get(self, "not_after")
1227
+
1094
1228
  @property
1095
1229
  @pulumi.getter(name="otherSans")
1096
- def other_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
1230
+ def other_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1097
1231
  """
1098
1232
  List of other SANs
1099
1233
  """
@@ -1101,7 +1235,7 @@ class SecretBackendCert(pulumi.CustomResource):
1101
1235
 
1102
1236
  @property
1103
1237
  @pulumi.getter(name="privateKey")
1104
- def private_key(self) -> pulumi.Output[str]:
1238
+ def private_key(self) -> pulumi.Output[builtins.str]:
1105
1239
  """
1106
1240
  The private key
1107
1241
  """
@@ -1109,7 +1243,7 @@ class SecretBackendCert(pulumi.CustomResource):
1109
1243
 
1110
1244
  @property
1111
1245
  @pulumi.getter(name="privateKeyFormat")
1112
- def private_key_format(self) -> pulumi.Output[Optional[str]]:
1246
+ def private_key_format(self) -> pulumi.Output[Optional[builtins.str]]:
1113
1247
  """
1114
1248
  The private key format
1115
1249
  """
@@ -1117,7 +1251,7 @@ class SecretBackendCert(pulumi.CustomResource):
1117
1251
 
1118
1252
  @property
1119
1253
  @pulumi.getter(name="privateKeyType")
1120
- def private_key_type(self) -> pulumi.Output[str]:
1254
+ def private_key_type(self) -> pulumi.Output[builtins.str]:
1121
1255
  """
1122
1256
  The private key type
1123
1257
  """
@@ -1125,7 +1259,7 @@ class SecretBackendCert(pulumi.CustomResource):
1125
1259
 
1126
1260
  @property
1127
1261
  @pulumi.getter(name="renewPending")
1128
- def renew_pending(self) -> pulumi.Output[bool]:
1262
+ def renew_pending(self) -> pulumi.Output[builtins.bool]:
1129
1263
  """
1130
1264
  `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
1131
1265
  """
@@ -1133,15 +1267,23 @@ class SecretBackendCert(pulumi.CustomResource):
1133
1267
 
1134
1268
  @property
1135
1269
  @pulumi.getter
1136
- def revoke(self) -> pulumi.Output[Optional[bool]]:
1270
+ def revoke(self) -> pulumi.Output[Optional[builtins.bool]]:
1137
1271
  """
1138
- If set to `true`, the certificate will be revoked on resource destruction.
1272
+ If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
1139
1273
  """
1140
1274
  return pulumi.get(self, "revoke")
1141
1275
 
1276
+ @property
1277
+ @pulumi.getter(name="revokeWithKey")
1278
+ def revoke_with_key(self) -> pulumi.Output[Optional[builtins.bool]]:
1279
+ """
1280
+ If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
1281
+ """
1282
+ return pulumi.get(self, "revoke_with_key")
1283
+
1142
1284
  @property
1143
1285
  @pulumi.getter(name="serialNumber")
1144
- def serial_number(self) -> pulumi.Output[str]:
1286
+ def serial_number(self) -> pulumi.Output[builtins.str]:
1145
1287
  """
1146
1288
  The serial number
1147
1289
  """
@@ -1149,7 +1291,7 @@ class SecretBackendCert(pulumi.CustomResource):
1149
1291
 
1150
1292
  @property
1151
1293
  @pulumi.getter
1152
- def ttl(self) -> pulumi.Output[Optional[str]]:
1294
+ def ttl(self) -> pulumi.Output[Optional[builtins.str]]:
1153
1295
  """
1154
1296
  Time to live
1155
1297
  """
@@ -1157,7 +1299,7 @@ class SecretBackendCert(pulumi.CustomResource):
1157
1299
 
1158
1300
  @property
1159
1301
  @pulumi.getter(name="uriSans")
1160
- def uri_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
1302
+ def uri_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1161
1303
  """
1162
1304
  List of alternative URIs
1163
1305
  """
@@ -1165,7 +1307,7 @@ class SecretBackendCert(pulumi.CustomResource):
1165
1307
 
1166
1308
  @property
1167
1309
  @pulumi.getter(name="userIds")
1168
- def user_ids(self) -> pulumi.Output[Optional[Sequence[str]]]:
1310
+ def user_ids(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1169
1311
  """
1170
1312
  List of Subject User IDs
1171
1313
  """