pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +9 -0
- pulumi_vault/_inputs.py +583 -562
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +425 -200
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +523 -306
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +288 -70
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +383 -130
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +432 -186
- pulumi_vault/azure/backend_role.py +188 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +3857 -2200
- pulumi_vault/database/outputs.py +2483 -1330
- pulumi_vault/database/secret_backend_connection.py +333 -112
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +283 -140
- pulumi_vault/database/secrets_mount.py +275 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +426 -205
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +420 -179
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +68 -18
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +754 -533
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +720 -499
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +73 -60
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +31 -36
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +174 -126
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -31
- pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +894 -644
- pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
- pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +2 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +96 -95
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +3 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +325 -0
- pulumi_vault/transit/get_verify.py +355 -0
- pulumi_vault/transit/secret_backend_key.py +394 -231
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
- pulumi_vault-6.7.0.dist-info/RECORD +265 -0
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
- pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -19,45 +20,51 @@ __all__ = ['SecretBackendCertArgs', 'SecretBackendCert']
|
|
19
20
|
@pulumi.input_type
|
20
21
|
class SecretBackendCertArgs:
|
21
22
|
def __init__(__self__, *,
|
22
|
-
backend: pulumi.Input[str],
|
23
|
-
common_name: pulumi.Input[str],
|
24
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
25
|
-
auto_renew: Optional[pulumi.Input[bool]] = None,
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
23
|
+
backend: pulumi.Input[builtins.str],
|
24
|
+
common_name: pulumi.Input[builtins.str],
|
25
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
26
|
+
auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
|
27
|
+
cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
|
28
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
29
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
30
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
31
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
32
|
+
min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
|
33
|
+
name: Optional[pulumi.Input[builtins.str]] = None,
|
34
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
35
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
36
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
37
|
+
private_key_format: Optional[pulumi.Input[builtins.str]] = None,
|
38
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
39
|
+
revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
|
40
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
41
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
42
|
+
user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None):
|
39
43
|
"""
|
40
44
|
The set of arguments for constructing a SecretBackendCert resource.
|
41
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
42
|
-
:param pulumi.Input[str] common_name: CN of certificate to create
|
43
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
44
|
-
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
45
|
-
:param pulumi.Input[
|
46
|
-
:param pulumi.Input[
|
47
|
-
:param pulumi.Input[
|
48
|
-
:param pulumi.Input[str]
|
49
|
-
:param pulumi.Input[
|
50
|
-
:param pulumi.Input[
|
51
|
-
:param pulumi.Input[str]
|
45
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
46
|
+
:param pulumi.Input[builtins.str] common_name: CN of certificate to create
|
47
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
48
|
+
:param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
49
|
+
:param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
50
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
51
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
52
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
53
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
|
54
|
+
:param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
|
55
|
+
:param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
|
56
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
52
57
|
The value should not contain leading or trailing forward slashes.
|
53
58
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
54
59
|
*Available only for Vault Enterprise*.
|
55
|
-
:param pulumi.Input[
|
56
|
-
:param pulumi.Input[str]
|
57
|
-
:param pulumi.Input[
|
58
|
-
:param pulumi.Input[
|
59
|
-
:param pulumi.Input[
|
60
|
-
:param pulumi.Input[
|
60
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
61
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
62
|
+
:param pulumi.Input[builtins.str] private_key_format: The private key format
|
63
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
|
64
|
+
:param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
|
65
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
66
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
67
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
|
61
68
|
"""
|
62
69
|
pulumi.set(__self__, "backend", backend)
|
63
70
|
pulumi.set(__self__, "common_name", common_name)
|
@@ -65,6 +72,8 @@ class SecretBackendCertArgs:
|
|
65
72
|
pulumi.set(__self__, "alt_names", alt_names)
|
66
73
|
if auto_renew is not None:
|
67
74
|
pulumi.set(__self__, "auto_renew", auto_renew)
|
75
|
+
if cert_metadata is not None:
|
76
|
+
pulumi.set(__self__, "cert_metadata", cert_metadata)
|
68
77
|
if exclude_cn_from_sans is not None:
|
69
78
|
pulumi.set(__self__, "exclude_cn_from_sans", exclude_cn_from_sans)
|
70
79
|
if format is not None:
|
@@ -79,12 +88,16 @@ class SecretBackendCertArgs:
|
|
79
88
|
pulumi.set(__self__, "name", name)
|
80
89
|
if namespace is not None:
|
81
90
|
pulumi.set(__self__, "namespace", namespace)
|
91
|
+
if not_after is not None:
|
92
|
+
pulumi.set(__self__, "not_after", not_after)
|
82
93
|
if other_sans is not None:
|
83
94
|
pulumi.set(__self__, "other_sans", other_sans)
|
84
95
|
if private_key_format is not None:
|
85
96
|
pulumi.set(__self__, "private_key_format", private_key_format)
|
86
97
|
if revoke is not None:
|
87
98
|
pulumi.set(__self__, "revoke", revoke)
|
99
|
+
if revoke_with_key is not None:
|
100
|
+
pulumi.set(__self__, "revoke_with_key", revoke_with_key)
|
88
101
|
if ttl is not None:
|
89
102
|
pulumi.set(__self__, "ttl", ttl)
|
90
103
|
if uri_sans is not None:
|
@@ -94,127 +107,139 @@ class SecretBackendCertArgs:
|
|
94
107
|
|
95
108
|
@property
|
96
109
|
@pulumi.getter
|
97
|
-
def backend(self) -> pulumi.Input[str]:
|
110
|
+
def backend(self) -> pulumi.Input[builtins.str]:
|
98
111
|
"""
|
99
112
|
The PKI secret backend the resource belongs to.
|
100
113
|
"""
|
101
114
|
return pulumi.get(self, "backend")
|
102
115
|
|
103
116
|
@backend.setter
|
104
|
-
def backend(self, value: pulumi.Input[str]):
|
117
|
+
def backend(self, value: pulumi.Input[builtins.str]):
|
105
118
|
pulumi.set(self, "backend", value)
|
106
119
|
|
107
120
|
@property
|
108
121
|
@pulumi.getter(name="commonName")
|
109
|
-
def common_name(self) -> pulumi.Input[str]:
|
122
|
+
def common_name(self) -> pulumi.Input[builtins.str]:
|
110
123
|
"""
|
111
124
|
CN of certificate to create
|
112
125
|
"""
|
113
126
|
return pulumi.get(self, "common_name")
|
114
127
|
|
115
128
|
@common_name.setter
|
116
|
-
def common_name(self, value: pulumi.Input[str]):
|
129
|
+
def common_name(self, value: pulumi.Input[builtins.str]):
|
117
130
|
pulumi.set(self, "common_name", value)
|
118
131
|
|
119
132
|
@property
|
120
133
|
@pulumi.getter(name="altNames")
|
121
|
-
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
134
|
+
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
122
135
|
"""
|
123
136
|
List of alternative names
|
124
137
|
"""
|
125
138
|
return pulumi.get(self, "alt_names")
|
126
139
|
|
127
140
|
@alt_names.setter
|
128
|
-
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
141
|
+
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
129
142
|
pulumi.set(self, "alt_names", value)
|
130
143
|
|
131
144
|
@property
|
132
145
|
@pulumi.getter(name="autoRenew")
|
133
|
-
def auto_renew(self) -> Optional[pulumi.Input[bool]]:
|
146
|
+
def auto_renew(self) -> Optional[pulumi.Input[builtins.bool]]:
|
134
147
|
"""
|
135
148
|
If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
136
149
|
"""
|
137
150
|
return pulumi.get(self, "auto_renew")
|
138
151
|
|
139
152
|
@auto_renew.setter
|
140
|
-
def auto_renew(self, value: Optional[pulumi.Input[bool]]):
|
153
|
+
def auto_renew(self, value: Optional[pulumi.Input[builtins.bool]]):
|
141
154
|
pulumi.set(self, "auto_renew", value)
|
142
155
|
|
156
|
+
@property
|
157
|
+
@pulumi.getter(name="certMetadata")
|
158
|
+
def cert_metadata(self) -> Optional[pulumi.Input[builtins.str]]:
|
159
|
+
"""
|
160
|
+
A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
161
|
+
"""
|
162
|
+
return pulumi.get(self, "cert_metadata")
|
163
|
+
|
164
|
+
@cert_metadata.setter
|
165
|
+
def cert_metadata(self, value: Optional[pulumi.Input[builtins.str]]):
|
166
|
+
pulumi.set(self, "cert_metadata", value)
|
167
|
+
|
143
168
|
@property
|
144
169
|
@pulumi.getter(name="excludeCnFromSans")
|
145
|
-
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[bool]]:
|
170
|
+
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[builtins.bool]]:
|
146
171
|
"""
|
147
172
|
Flag to exclude CN from SANs
|
148
173
|
"""
|
149
174
|
return pulumi.get(self, "exclude_cn_from_sans")
|
150
175
|
|
151
176
|
@exclude_cn_from_sans.setter
|
152
|
-
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[bool]]):
|
177
|
+
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[builtins.bool]]):
|
153
178
|
pulumi.set(self, "exclude_cn_from_sans", value)
|
154
179
|
|
155
180
|
@property
|
156
181
|
@pulumi.getter
|
157
|
-
def format(self) -> Optional[pulumi.Input[str]]:
|
182
|
+
def format(self) -> Optional[pulumi.Input[builtins.str]]:
|
158
183
|
"""
|
159
184
|
The format of data
|
160
185
|
"""
|
161
186
|
return pulumi.get(self, "format")
|
162
187
|
|
163
188
|
@format.setter
|
164
|
-
def format(self, value: Optional[pulumi.Input[str]]):
|
189
|
+
def format(self, value: Optional[pulumi.Input[builtins.str]]):
|
165
190
|
pulumi.set(self, "format", value)
|
166
191
|
|
167
192
|
@property
|
168
193
|
@pulumi.getter(name="ipSans")
|
169
|
-
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
194
|
+
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
170
195
|
"""
|
171
196
|
List of alternative IPs
|
172
197
|
"""
|
173
198
|
return pulumi.get(self, "ip_sans")
|
174
199
|
|
175
200
|
@ip_sans.setter
|
176
|
-
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
201
|
+
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
177
202
|
pulumi.set(self, "ip_sans", value)
|
178
203
|
|
179
204
|
@property
|
180
205
|
@pulumi.getter(name="issuerRef")
|
181
|
-
def issuer_ref(self) -> Optional[pulumi.Input[str]]:
|
206
|
+
def issuer_ref(self) -> Optional[pulumi.Input[builtins.str]]:
|
182
207
|
"""
|
183
208
|
Specifies the default issuer of this request.
|
184
209
|
"""
|
185
210
|
return pulumi.get(self, "issuer_ref")
|
186
211
|
|
187
212
|
@issuer_ref.setter
|
188
|
-
def issuer_ref(self, value: Optional[pulumi.Input[str]]):
|
213
|
+
def issuer_ref(self, value: Optional[pulumi.Input[builtins.str]]):
|
189
214
|
pulumi.set(self, "issuer_ref", value)
|
190
215
|
|
191
216
|
@property
|
192
217
|
@pulumi.getter(name="minSecondsRemaining")
|
193
|
-
def min_seconds_remaining(self) -> Optional[pulumi.Input[int]]:
|
218
|
+
def min_seconds_remaining(self) -> Optional[pulumi.Input[builtins.int]]:
|
194
219
|
"""
|
195
220
|
Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
|
196
221
|
"""
|
197
222
|
return pulumi.get(self, "min_seconds_remaining")
|
198
223
|
|
199
224
|
@min_seconds_remaining.setter
|
200
|
-
def min_seconds_remaining(self, value: Optional[pulumi.Input[int]]):
|
225
|
+
def min_seconds_remaining(self, value: Optional[pulumi.Input[builtins.int]]):
|
201
226
|
pulumi.set(self, "min_seconds_remaining", value)
|
202
227
|
|
203
228
|
@property
|
204
229
|
@pulumi.getter
|
205
|
-
def name(self) -> Optional[pulumi.Input[str]]:
|
230
|
+
def name(self) -> Optional[pulumi.Input[builtins.str]]:
|
206
231
|
"""
|
207
232
|
Name of the role to create the certificate against
|
208
233
|
"""
|
209
234
|
return pulumi.get(self, "name")
|
210
235
|
|
211
236
|
@name.setter
|
212
|
-
def name(self, value: Optional[pulumi.Input[str]]):
|
237
|
+
def name(self, value: Optional[pulumi.Input[builtins.str]]):
|
213
238
|
pulumi.set(self, "name", value)
|
214
239
|
|
215
240
|
@property
|
216
241
|
@pulumi.getter
|
217
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
242
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
218
243
|
"""
|
219
244
|
The namespace to provision the resource in.
|
220
245
|
The value should not contain leading or trailing forward slashes.
|
@@ -224,140 +249,170 @@ class SecretBackendCertArgs:
|
|
224
249
|
return pulumi.get(self, "namespace")
|
225
250
|
|
226
251
|
@namespace.setter
|
227
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
252
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
228
253
|
pulumi.set(self, "namespace", value)
|
229
254
|
|
255
|
+
@property
|
256
|
+
@pulumi.getter(name="notAfter")
|
257
|
+
def not_after(self) -> Optional[pulumi.Input[builtins.str]]:
|
258
|
+
"""
|
259
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
260
|
+
"""
|
261
|
+
return pulumi.get(self, "not_after")
|
262
|
+
|
263
|
+
@not_after.setter
|
264
|
+
def not_after(self, value: Optional[pulumi.Input[builtins.str]]):
|
265
|
+
pulumi.set(self, "not_after", value)
|
266
|
+
|
230
267
|
@property
|
231
268
|
@pulumi.getter(name="otherSans")
|
232
|
-
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
269
|
+
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
233
270
|
"""
|
234
271
|
List of other SANs
|
235
272
|
"""
|
236
273
|
return pulumi.get(self, "other_sans")
|
237
274
|
|
238
275
|
@other_sans.setter
|
239
|
-
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
276
|
+
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
240
277
|
pulumi.set(self, "other_sans", value)
|
241
278
|
|
242
279
|
@property
|
243
280
|
@pulumi.getter(name="privateKeyFormat")
|
244
|
-
def private_key_format(self) -> Optional[pulumi.Input[str]]:
|
281
|
+
def private_key_format(self) -> Optional[pulumi.Input[builtins.str]]:
|
245
282
|
"""
|
246
283
|
The private key format
|
247
284
|
"""
|
248
285
|
return pulumi.get(self, "private_key_format")
|
249
286
|
|
250
287
|
@private_key_format.setter
|
251
|
-
def private_key_format(self, value: Optional[pulumi.Input[str]]):
|
288
|
+
def private_key_format(self, value: Optional[pulumi.Input[builtins.str]]):
|
252
289
|
pulumi.set(self, "private_key_format", value)
|
253
290
|
|
254
291
|
@property
|
255
292
|
@pulumi.getter
|
256
|
-
def revoke(self) -> Optional[pulumi.Input[bool]]:
|
293
|
+
def revoke(self) -> Optional[pulumi.Input[builtins.bool]]:
|
257
294
|
"""
|
258
|
-
If set to `true`, the certificate will be revoked on resource destruction.
|
295
|
+
If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
|
259
296
|
"""
|
260
297
|
return pulumi.get(self, "revoke")
|
261
298
|
|
262
299
|
@revoke.setter
|
263
|
-
def revoke(self, value: Optional[pulumi.Input[bool]]):
|
300
|
+
def revoke(self, value: Optional[pulumi.Input[builtins.bool]]):
|
264
301
|
pulumi.set(self, "revoke", value)
|
265
302
|
|
303
|
+
@property
|
304
|
+
@pulumi.getter(name="revokeWithKey")
|
305
|
+
def revoke_with_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
306
|
+
"""
|
307
|
+
If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
|
308
|
+
"""
|
309
|
+
return pulumi.get(self, "revoke_with_key")
|
310
|
+
|
311
|
+
@revoke_with_key.setter
|
312
|
+
def revoke_with_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
313
|
+
pulumi.set(self, "revoke_with_key", value)
|
314
|
+
|
266
315
|
@property
|
267
316
|
@pulumi.getter
|
268
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
317
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
269
318
|
"""
|
270
319
|
Time to live
|
271
320
|
"""
|
272
321
|
return pulumi.get(self, "ttl")
|
273
322
|
|
274
323
|
@ttl.setter
|
275
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
324
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
276
325
|
pulumi.set(self, "ttl", value)
|
277
326
|
|
278
327
|
@property
|
279
328
|
@pulumi.getter(name="uriSans")
|
280
|
-
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
329
|
+
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
281
330
|
"""
|
282
331
|
List of alternative URIs
|
283
332
|
"""
|
284
333
|
return pulumi.get(self, "uri_sans")
|
285
334
|
|
286
335
|
@uri_sans.setter
|
287
|
-
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
336
|
+
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
288
337
|
pulumi.set(self, "uri_sans", value)
|
289
338
|
|
290
339
|
@property
|
291
340
|
@pulumi.getter(name="userIds")
|
292
|
-
def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
341
|
+
def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
293
342
|
"""
|
294
343
|
List of Subject User IDs
|
295
344
|
"""
|
296
345
|
return pulumi.get(self, "user_ids")
|
297
346
|
|
298
347
|
@user_ids.setter
|
299
|
-
def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
348
|
+
def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
300
349
|
pulumi.set(self, "user_ids", value)
|
301
350
|
|
302
351
|
|
303
352
|
@pulumi.input_type
|
304
353
|
class _SecretBackendCertState:
|
305
354
|
def __init__(__self__, *,
|
306
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
307
|
-
auto_renew: Optional[pulumi.Input[bool]] = None,
|
308
|
-
backend: Optional[pulumi.Input[str]] = None,
|
309
|
-
ca_chain: Optional[pulumi.Input[str]] = None,
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
355
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
356
|
+
auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
|
357
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
358
|
+
ca_chain: Optional[pulumi.Input[builtins.str]] = None,
|
359
|
+
cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
|
360
|
+
certificate: Optional[pulumi.Input[builtins.str]] = None,
|
361
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
362
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
363
|
+
expiration: Optional[pulumi.Input[builtins.int]] = None,
|
364
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
365
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
366
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
367
|
+
issuing_ca: Optional[pulumi.Input[builtins.str]] = None,
|
368
|
+
min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
|
369
|
+
name: Optional[pulumi.Input[builtins.str]] = None,
|
370
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
371
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
372
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
373
|
+
private_key: Optional[pulumi.Input[builtins.str]] = None,
|
374
|
+
private_key_format: Optional[pulumi.Input[builtins.str]] = None,
|
375
|
+
private_key_type: Optional[pulumi.Input[builtins.str]] = None,
|
376
|
+
renew_pending: Optional[pulumi.Input[builtins.bool]] = None,
|
377
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
378
|
+
revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
|
379
|
+
serial_number: Optional[pulumi.Input[builtins.str]] = None,
|
380
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
381
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
382
|
+
user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None):
|
331
383
|
"""
|
332
384
|
Input properties used for looking up and filtering SecretBackendCert resources.
|
333
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
334
|
-
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
335
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
336
|
-
:param pulumi.Input[str] ca_chain: The CA chain
|
337
|
-
:param pulumi.Input[str]
|
338
|
-
:param pulumi.Input[str]
|
339
|
-
:param pulumi.Input[
|
340
|
-
:param pulumi.Input[
|
341
|
-
:param pulumi.Input[
|
342
|
-
:param pulumi.Input[
|
343
|
-
:param pulumi.Input[str]
|
344
|
-
:param pulumi.Input[str]
|
345
|
-
:param pulumi.Input[
|
346
|
-
:param pulumi.Input[
|
347
|
-
:param pulumi.Input[str]
|
385
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
386
|
+
:param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
387
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
388
|
+
:param pulumi.Input[builtins.str] ca_chain: The CA chain
|
389
|
+
:param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
390
|
+
:param pulumi.Input[builtins.str] certificate: The certificate
|
391
|
+
:param pulumi.Input[builtins.str] common_name: CN of certificate to create
|
392
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
393
|
+
:param pulumi.Input[builtins.int] expiration: The expiration date of the certificate in unix epoch format
|
394
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
395
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
396
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
|
397
|
+
:param pulumi.Input[builtins.str] issuing_ca: The issuing CA
|
398
|
+
:param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
|
399
|
+
:param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
|
400
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
348
401
|
The value should not contain leading or trailing forward slashes.
|
349
402
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
350
403
|
*Available only for Vault Enterprise*.
|
351
|
-
:param pulumi.Input[
|
352
|
-
:param pulumi.Input[str]
|
353
|
-
:param pulumi.Input[str]
|
354
|
-
:param pulumi.Input[str]
|
355
|
-
:param pulumi.Input[
|
356
|
-
:param pulumi.Input[bool]
|
357
|
-
:param pulumi.Input[
|
358
|
-
:param pulumi.Input[
|
359
|
-
:param pulumi.Input[
|
360
|
-
:param pulumi.Input[
|
404
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
405
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
406
|
+
:param pulumi.Input[builtins.str] private_key: The private key
|
407
|
+
:param pulumi.Input[builtins.str] private_key_format: The private key format
|
408
|
+
:param pulumi.Input[builtins.str] private_key_type: The private key type
|
409
|
+
:param pulumi.Input[builtins.bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
410
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
|
411
|
+
:param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
|
412
|
+
:param pulumi.Input[builtins.str] serial_number: The serial number
|
413
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
414
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
415
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
|
361
416
|
"""
|
362
417
|
if alt_names is not None:
|
363
418
|
pulumi.set(__self__, "alt_names", alt_names)
|
@@ -367,6 +422,8 @@ class _SecretBackendCertState:
|
|
367
422
|
pulumi.set(__self__, "backend", backend)
|
368
423
|
if ca_chain is not None:
|
369
424
|
pulumi.set(__self__, "ca_chain", ca_chain)
|
425
|
+
if cert_metadata is not None:
|
426
|
+
pulumi.set(__self__, "cert_metadata", cert_metadata)
|
370
427
|
if certificate is not None:
|
371
428
|
pulumi.set(__self__, "certificate", certificate)
|
372
429
|
if common_name is not None:
|
@@ -389,6 +446,8 @@ class _SecretBackendCertState:
|
|
389
446
|
pulumi.set(__self__, "name", name)
|
390
447
|
if namespace is not None:
|
391
448
|
pulumi.set(__self__, "namespace", namespace)
|
449
|
+
if not_after is not None:
|
450
|
+
pulumi.set(__self__, "not_after", not_after)
|
392
451
|
if other_sans is not None:
|
393
452
|
pulumi.set(__self__, "other_sans", other_sans)
|
394
453
|
if private_key is not None:
|
@@ -401,6 +460,8 @@ class _SecretBackendCertState:
|
|
401
460
|
pulumi.set(__self__, "renew_pending", renew_pending)
|
402
461
|
if revoke is not None:
|
403
462
|
pulumi.set(__self__, "revoke", revoke)
|
463
|
+
if revoke_with_key is not None:
|
464
|
+
pulumi.set(__self__, "revoke_with_key", revoke_with_key)
|
404
465
|
if serial_number is not None:
|
405
466
|
pulumi.set(__self__, "serial_number", serial_number)
|
406
467
|
if ttl is not None:
|
@@ -412,175 +473,187 @@ class _SecretBackendCertState:
|
|
412
473
|
|
413
474
|
@property
|
414
475
|
@pulumi.getter(name="altNames")
|
415
|
-
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
476
|
+
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
416
477
|
"""
|
417
478
|
List of alternative names
|
418
479
|
"""
|
419
480
|
return pulumi.get(self, "alt_names")
|
420
481
|
|
421
482
|
@alt_names.setter
|
422
|
-
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
483
|
+
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
423
484
|
pulumi.set(self, "alt_names", value)
|
424
485
|
|
425
486
|
@property
|
426
487
|
@pulumi.getter(name="autoRenew")
|
427
|
-
def auto_renew(self) -> Optional[pulumi.Input[bool]]:
|
488
|
+
def auto_renew(self) -> Optional[pulumi.Input[builtins.bool]]:
|
428
489
|
"""
|
429
490
|
If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
430
491
|
"""
|
431
492
|
return pulumi.get(self, "auto_renew")
|
432
493
|
|
433
494
|
@auto_renew.setter
|
434
|
-
def auto_renew(self, value: Optional[pulumi.Input[bool]]):
|
495
|
+
def auto_renew(self, value: Optional[pulumi.Input[builtins.bool]]):
|
435
496
|
pulumi.set(self, "auto_renew", value)
|
436
497
|
|
437
498
|
@property
|
438
499
|
@pulumi.getter
|
439
|
-
def backend(self) -> Optional[pulumi.Input[str]]:
|
500
|
+
def backend(self) -> Optional[pulumi.Input[builtins.str]]:
|
440
501
|
"""
|
441
502
|
The PKI secret backend the resource belongs to.
|
442
503
|
"""
|
443
504
|
return pulumi.get(self, "backend")
|
444
505
|
|
445
506
|
@backend.setter
|
446
|
-
def backend(self, value: Optional[pulumi.Input[str]]):
|
507
|
+
def backend(self, value: Optional[pulumi.Input[builtins.str]]):
|
447
508
|
pulumi.set(self, "backend", value)
|
448
509
|
|
449
510
|
@property
|
450
511
|
@pulumi.getter(name="caChain")
|
451
|
-
def ca_chain(self) -> Optional[pulumi.Input[str]]:
|
512
|
+
def ca_chain(self) -> Optional[pulumi.Input[builtins.str]]:
|
452
513
|
"""
|
453
514
|
The CA chain
|
454
515
|
"""
|
455
516
|
return pulumi.get(self, "ca_chain")
|
456
517
|
|
457
518
|
@ca_chain.setter
|
458
|
-
def ca_chain(self, value: Optional[pulumi.Input[str]]):
|
519
|
+
def ca_chain(self, value: Optional[pulumi.Input[builtins.str]]):
|
459
520
|
pulumi.set(self, "ca_chain", value)
|
460
521
|
|
522
|
+
@property
|
523
|
+
@pulumi.getter(name="certMetadata")
|
524
|
+
def cert_metadata(self) -> Optional[pulumi.Input[builtins.str]]:
|
525
|
+
"""
|
526
|
+
A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
527
|
+
"""
|
528
|
+
return pulumi.get(self, "cert_metadata")
|
529
|
+
|
530
|
+
@cert_metadata.setter
|
531
|
+
def cert_metadata(self, value: Optional[pulumi.Input[builtins.str]]):
|
532
|
+
pulumi.set(self, "cert_metadata", value)
|
533
|
+
|
461
534
|
@property
|
462
535
|
@pulumi.getter
|
463
|
-
def certificate(self) -> Optional[pulumi.Input[str]]:
|
536
|
+
def certificate(self) -> Optional[pulumi.Input[builtins.str]]:
|
464
537
|
"""
|
465
538
|
The certificate
|
466
539
|
"""
|
467
540
|
return pulumi.get(self, "certificate")
|
468
541
|
|
469
542
|
@certificate.setter
|
470
|
-
def certificate(self, value: Optional[pulumi.Input[str]]):
|
543
|
+
def certificate(self, value: Optional[pulumi.Input[builtins.str]]):
|
471
544
|
pulumi.set(self, "certificate", value)
|
472
545
|
|
473
546
|
@property
|
474
547
|
@pulumi.getter(name="commonName")
|
475
|
-
def common_name(self) -> Optional[pulumi.Input[str]]:
|
548
|
+
def common_name(self) -> Optional[pulumi.Input[builtins.str]]:
|
476
549
|
"""
|
477
550
|
CN of certificate to create
|
478
551
|
"""
|
479
552
|
return pulumi.get(self, "common_name")
|
480
553
|
|
481
554
|
@common_name.setter
|
482
|
-
def common_name(self, value: Optional[pulumi.Input[str]]):
|
555
|
+
def common_name(self, value: Optional[pulumi.Input[builtins.str]]):
|
483
556
|
pulumi.set(self, "common_name", value)
|
484
557
|
|
485
558
|
@property
|
486
559
|
@pulumi.getter(name="excludeCnFromSans")
|
487
|
-
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[bool]]:
|
560
|
+
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[builtins.bool]]:
|
488
561
|
"""
|
489
562
|
Flag to exclude CN from SANs
|
490
563
|
"""
|
491
564
|
return pulumi.get(self, "exclude_cn_from_sans")
|
492
565
|
|
493
566
|
@exclude_cn_from_sans.setter
|
494
|
-
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[bool]]):
|
567
|
+
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[builtins.bool]]):
|
495
568
|
pulumi.set(self, "exclude_cn_from_sans", value)
|
496
569
|
|
497
570
|
@property
|
498
571
|
@pulumi.getter
|
499
|
-
def expiration(self) -> Optional[pulumi.Input[int]]:
|
572
|
+
def expiration(self) -> Optional[pulumi.Input[builtins.int]]:
|
500
573
|
"""
|
501
574
|
The expiration date of the certificate in unix epoch format
|
502
575
|
"""
|
503
576
|
return pulumi.get(self, "expiration")
|
504
577
|
|
505
578
|
@expiration.setter
|
506
|
-
def expiration(self, value: Optional[pulumi.Input[int]]):
|
579
|
+
def expiration(self, value: Optional[pulumi.Input[builtins.int]]):
|
507
580
|
pulumi.set(self, "expiration", value)
|
508
581
|
|
509
582
|
@property
|
510
583
|
@pulumi.getter
|
511
|
-
def format(self) -> Optional[pulumi.Input[str]]:
|
584
|
+
def format(self) -> Optional[pulumi.Input[builtins.str]]:
|
512
585
|
"""
|
513
586
|
The format of data
|
514
587
|
"""
|
515
588
|
return pulumi.get(self, "format")
|
516
589
|
|
517
590
|
@format.setter
|
518
|
-
def format(self, value: Optional[pulumi.Input[str]]):
|
591
|
+
def format(self, value: Optional[pulumi.Input[builtins.str]]):
|
519
592
|
pulumi.set(self, "format", value)
|
520
593
|
|
521
594
|
@property
|
522
595
|
@pulumi.getter(name="ipSans")
|
523
|
-
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
596
|
+
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
524
597
|
"""
|
525
598
|
List of alternative IPs
|
526
599
|
"""
|
527
600
|
return pulumi.get(self, "ip_sans")
|
528
601
|
|
529
602
|
@ip_sans.setter
|
530
|
-
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
603
|
+
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
531
604
|
pulumi.set(self, "ip_sans", value)
|
532
605
|
|
533
606
|
@property
|
534
607
|
@pulumi.getter(name="issuerRef")
|
535
|
-
def issuer_ref(self) -> Optional[pulumi.Input[str]]:
|
608
|
+
def issuer_ref(self) -> Optional[pulumi.Input[builtins.str]]:
|
536
609
|
"""
|
537
610
|
Specifies the default issuer of this request.
|
538
611
|
"""
|
539
612
|
return pulumi.get(self, "issuer_ref")
|
540
613
|
|
541
614
|
@issuer_ref.setter
|
542
|
-
def issuer_ref(self, value: Optional[pulumi.Input[str]]):
|
615
|
+
def issuer_ref(self, value: Optional[pulumi.Input[builtins.str]]):
|
543
616
|
pulumi.set(self, "issuer_ref", value)
|
544
617
|
|
545
618
|
@property
|
546
619
|
@pulumi.getter(name="issuingCa")
|
547
|
-
def issuing_ca(self) -> Optional[pulumi.Input[str]]:
|
620
|
+
def issuing_ca(self) -> Optional[pulumi.Input[builtins.str]]:
|
548
621
|
"""
|
549
622
|
The issuing CA
|
550
623
|
"""
|
551
624
|
return pulumi.get(self, "issuing_ca")
|
552
625
|
|
553
626
|
@issuing_ca.setter
|
554
|
-
def issuing_ca(self, value: Optional[pulumi.Input[str]]):
|
627
|
+
def issuing_ca(self, value: Optional[pulumi.Input[builtins.str]]):
|
555
628
|
pulumi.set(self, "issuing_ca", value)
|
556
629
|
|
557
630
|
@property
|
558
631
|
@pulumi.getter(name="minSecondsRemaining")
|
559
|
-
def min_seconds_remaining(self) -> Optional[pulumi.Input[int]]:
|
632
|
+
def min_seconds_remaining(self) -> Optional[pulumi.Input[builtins.int]]:
|
560
633
|
"""
|
561
634
|
Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
|
562
635
|
"""
|
563
636
|
return pulumi.get(self, "min_seconds_remaining")
|
564
637
|
|
565
638
|
@min_seconds_remaining.setter
|
566
|
-
def min_seconds_remaining(self, value: Optional[pulumi.Input[int]]):
|
639
|
+
def min_seconds_remaining(self, value: Optional[pulumi.Input[builtins.int]]):
|
567
640
|
pulumi.set(self, "min_seconds_remaining", value)
|
568
641
|
|
569
642
|
@property
|
570
643
|
@pulumi.getter
|
571
|
-
def name(self) -> Optional[pulumi.Input[str]]:
|
644
|
+
def name(self) -> Optional[pulumi.Input[builtins.str]]:
|
572
645
|
"""
|
573
646
|
Name of the role to create the certificate against
|
574
647
|
"""
|
575
648
|
return pulumi.get(self, "name")
|
576
649
|
|
577
650
|
@name.setter
|
578
|
-
def name(self, value: Optional[pulumi.Input[str]]):
|
651
|
+
def name(self, value: Optional[pulumi.Input[builtins.str]]):
|
579
652
|
pulumi.set(self, "name", value)
|
580
653
|
|
581
654
|
@property
|
582
655
|
@pulumi.getter
|
583
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
656
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
584
657
|
"""
|
585
658
|
The namespace to provision the resource in.
|
586
659
|
The value should not contain leading or trailing forward slashes.
|
@@ -590,127 +663,151 @@ class _SecretBackendCertState:
|
|
590
663
|
return pulumi.get(self, "namespace")
|
591
664
|
|
592
665
|
@namespace.setter
|
593
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
666
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
594
667
|
pulumi.set(self, "namespace", value)
|
595
668
|
|
669
|
+
@property
|
670
|
+
@pulumi.getter(name="notAfter")
|
671
|
+
def not_after(self) -> Optional[pulumi.Input[builtins.str]]:
|
672
|
+
"""
|
673
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
674
|
+
"""
|
675
|
+
return pulumi.get(self, "not_after")
|
676
|
+
|
677
|
+
@not_after.setter
|
678
|
+
def not_after(self, value: Optional[pulumi.Input[builtins.str]]):
|
679
|
+
pulumi.set(self, "not_after", value)
|
680
|
+
|
596
681
|
@property
|
597
682
|
@pulumi.getter(name="otherSans")
|
598
|
-
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
683
|
+
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
599
684
|
"""
|
600
685
|
List of other SANs
|
601
686
|
"""
|
602
687
|
return pulumi.get(self, "other_sans")
|
603
688
|
|
604
689
|
@other_sans.setter
|
605
|
-
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
690
|
+
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
606
691
|
pulumi.set(self, "other_sans", value)
|
607
692
|
|
608
693
|
@property
|
609
694
|
@pulumi.getter(name="privateKey")
|
610
|
-
def private_key(self) -> Optional[pulumi.Input[str]]:
|
695
|
+
def private_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
611
696
|
"""
|
612
697
|
The private key
|
613
698
|
"""
|
614
699
|
return pulumi.get(self, "private_key")
|
615
700
|
|
616
701
|
@private_key.setter
|
617
|
-
def private_key(self, value: Optional[pulumi.Input[str]]):
|
702
|
+
def private_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
618
703
|
pulumi.set(self, "private_key", value)
|
619
704
|
|
620
705
|
@property
|
621
706
|
@pulumi.getter(name="privateKeyFormat")
|
622
|
-
def private_key_format(self) -> Optional[pulumi.Input[str]]:
|
707
|
+
def private_key_format(self) -> Optional[pulumi.Input[builtins.str]]:
|
623
708
|
"""
|
624
709
|
The private key format
|
625
710
|
"""
|
626
711
|
return pulumi.get(self, "private_key_format")
|
627
712
|
|
628
713
|
@private_key_format.setter
|
629
|
-
def private_key_format(self, value: Optional[pulumi.Input[str]]):
|
714
|
+
def private_key_format(self, value: Optional[pulumi.Input[builtins.str]]):
|
630
715
|
pulumi.set(self, "private_key_format", value)
|
631
716
|
|
632
717
|
@property
|
633
718
|
@pulumi.getter(name="privateKeyType")
|
634
|
-
def private_key_type(self) -> Optional[pulumi.Input[str]]:
|
719
|
+
def private_key_type(self) -> Optional[pulumi.Input[builtins.str]]:
|
635
720
|
"""
|
636
721
|
The private key type
|
637
722
|
"""
|
638
723
|
return pulumi.get(self, "private_key_type")
|
639
724
|
|
640
725
|
@private_key_type.setter
|
641
|
-
def private_key_type(self, value: Optional[pulumi.Input[str]]):
|
726
|
+
def private_key_type(self, value: Optional[pulumi.Input[builtins.str]]):
|
642
727
|
pulumi.set(self, "private_key_type", value)
|
643
728
|
|
644
729
|
@property
|
645
730
|
@pulumi.getter(name="renewPending")
|
646
|
-
def renew_pending(self) -> Optional[pulumi.Input[bool]]:
|
731
|
+
def renew_pending(self) -> Optional[pulumi.Input[builtins.bool]]:
|
647
732
|
"""
|
648
733
|
`true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
649
734
|
"""
|
650
735
|
return pulumi.get(self, "renew_pending")
|
651
736
|
|
652
737
|
@renew_pending.setter
|
653
|
-
def renew_pending(self, value: Optional[pulumi.Input[bool]]):
|
738
|
+
def renew_pending(self, value: Optional[pulumi.Input[builtins.bool]]):
|
654
739
|
pulumi.set(self, "renew_pending", value)
|
655
740
|
|
656
741
|
@property
|
657
742
|
@pulumi.getter
|
658
|
-
def revoke(self) -> Optional[pulumi.Input[bool]]:
|
743
|
+
def revoke(self) -> Optional[pulumi.Input[builtins.bool]]:
|
659
744
|
"""
|
660
|
-
If set to `true`, the certificate will be revoked on resource destruction.
|
745
|
+
If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
|
661
746
|
"""
|
662
747
|
return pulumi.get(self, "revoke")
|
663
748
|
|
664
749
|
@revoke.setter
|
665
|
-
def revoke(self, value: Optional[pulumi.Input[bool]]):
|
750
|
+
def revoke(self, value: Optional[pulumi.Input[builtins.bool]]):
|
666
751
|
pulumi.set(self, "revoke", value)
|
667
752
|
|
753
|
+
@property
|
754
|
+
@pulumi.getter(name="revokeWithKey")
|
755
|
+
def revoke_with_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
756
|
+
"""
|
757
|
+
If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
|
758
|
+
"""
|
759
|
+
return pulumi.get(self, "revoke_with_key")
|
760
|
+
|
761
|
+
@revoke_with_key.setter
|
762
|
+
def revoke_with_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
763
|
+
pulumi.set(self, "revoke_with_key", value)
|
764
|
+
|
668
765
|
@property
|
669
766
|
@pulumi.getter(name="serialNumber")
|
670
|
-
def serial_number(self) -> Optional[pulumi.Input[str]]:
|
767
|
+
def serial_number(self) -> Optional[pulumi.Input[builtins.str]]:
|
671
768
|
"""
|
672
769
|
The serial number
|
673
770
|
"""
|
674
771
|
return pulumi.get(self, "serial_number")
|
675
772
|
|
676
773
|
@serial_number.setter
|
677
|
-
def serial_number(self, value: Optional[pulumi.Input[str]]):
|
774
|
+
def serial_number(self, value: Optional[pulumi.Input[builtins.str]]):
|
678
775
|
pulumi.set(self, "serial_number", value)
|
679
776
|
|
680
777
|
@property
|
681
778
|
@pulumi.getter
|
682
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
779
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
683
780
|
"""
|
684
781
|
Time to live
|
685
782
|
"""
|
686
783
|
return pulumi.get(self, "ttl")
|
687
784
|
|
688
785
|
@ttl.setter
|
689
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
786
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
690
787
|
pulumi.set(self, "ttl", value)
|
691
788
|
|
692
789
|
@property
|
693
790
|
@pulumi.getter(name="uriSans")
|
694
|
-
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
791
|
+
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
695
792
|
"""
|
696
793
|
List of alternative URIs
|
697
794
|
"""
|
698
795
|
return pulumi.get(self, "uri_sans")
|
699
796
|
|
700
797
|
@uri_sans.setter
|
701
|
-
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
798
|
+
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
702
799
|
pulumi.set(self, "uri_sans", value)
|
703
800
|
|
704
801
|
@property
|
705
802
|
@pulumi.getter(name="userIds")
|
706
|
-
def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
803
|
+
def user_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
707
804
|
"""
|
708
805
|
List of Subject User IDs
|
709
806
|
"""
|
710
807
|
return pulumi.get(self, "user_ids")
|
711
808
|
|
712
809
|
@user_ids.setter
|
713
|
-
def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
810
|
+
def user_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
714
811
|
pulumi.set(self, "user_ids", value)
|
715
812
|
|
716
813
|
|
@@ -719,23 +816,26 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
719
816
|
def __init__(__self__,
|
720
817
|
resource_name: str,
|
721
818
|
opts: Optional[pulumi.ResourceOptions] = None,
|
722
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
723
|
-
auto_renew: Optional[pulumi.Input[bool]] = None,
|
724
|
-
backend: Optional[pulumi.Input[str]] = None,
|
725
|
-
|
726
|
-
|
727
|
-
|
728
|
-
|
729
|
-
|
730
|
-
|
731
|
-
|
732
|
-
|
733
|
-
|
734
|
-
|
735
|
-
|
736
|
-
|
737
|
-
|
738
|
-
|
819
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
820
|
+
auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
|
821
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
822
|
+
cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
|
823
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
824
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
825
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
826
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
827
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
828
|
+
min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
|
829
|
+
name: Optional[pulumi.Input[builtins.str]] = None,
|
830
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
831
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
832
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
833
|
+
private_key_format: Optional[pulumi.Input[builtins.str]] = None,
|
834
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
835
|
+
revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
|
836
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
837
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
838
|
+
user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
739
839
|
__props__=None):
|
740
840
|
"""
|
741
841
|
## Example Usage
|
@@ -753,26 +853,29 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
753
853
|
|
754
854
|
:param str resource_name: The name of the resource.
|
755
855
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
756
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
757
|
-
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
758
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
759
|
-
:param pulumi.Input[str]
|
760
|
-
:param pulumi.Input[
|
761
|
-
:param pulumi.Input[
|
762
|
-
:param pulumi.Input[
|
763
|
-
:param pulumi.Input[str]
|
764
|
-
:param pulumi.Input[
|
765
|
-
:param pulumi.Input[
|
766
|
-
:param pulumi.Input[str]
|
856
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
857
|
+
:param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
858
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
859
|
+
:param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
860
|
+
:param pulumi.Input[builtins.str] common_name: CN of certificate to create
|
861
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
862
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
863
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
864
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
|
865
|
+
:param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
|
866
|
+
:param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
|
867
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
767
868
|
The value should not contain leading or trailing forward slashes.
|
768
869
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
769
870
|
*Available only for Vault Enterprise*.
|
770
|
-
:param pulumi.Input[
|
771
|
-
:param pulumi.Input[str]
|
772
|
-
:param pulumi.Input[
|
773
|
-
:param pulumi.Input[
|
774
|
-
:param pulumi.Input[
|
775
|
-
:param pulumi.Input[
|
871
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
872
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
873
|
+
:param pulumi.Input[builtins.str] private_key_format: The private key format
|
874
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
|
875
|
+
:param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
|
876
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
877
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
878
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
|
776
879
|
"""
|
777
880
|
...
|
778
881
|
@overload
|
@@ -809,23 +912,26 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
809
912
|
def _internal_init(__self__,
|
810
913
|
resource_name: str,
|
811
914
|
opts: Optional[pulumi.ResourceOptions] = None,
|
812
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
813
|
-
auto_renew: Optional[pulumi.Input[bool]] = None,
|
814
|
-
backend: Optional[pulumi.Input[str]] = None,
|
815
|
-
|
816
|
-
|
817
|
-
|
818
|
-
|
819
|
-
|
820
|
-
|
821
|
-
|
822
|
-
|
823
|
-
|
824
|
-
|
825
|
-
|
826
|
-
|
827
|
-
|
828
|
-
|
915
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
916
|
+
auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
|
917
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
918
|
+
cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
|
919
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
920
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
921
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
922
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
923
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
924
|
+
min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
|
925
|
+
name: Optional[pulumi.Input[builtins.str]] = None,
|
926
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
927
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
928
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
929
|
+
private_key_format: Optional[pulumi.Input[builtins.str]] = None,
|
930
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
931
|
+
revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
|
932
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
933
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
934
|
+
user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
829
935
|
__props__=None):
|
830
936
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
831
937
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -840,6 +946,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
840
946
|
if backend is None and not opts.urn:
|
841
947
|
raise TypeError("Missing required property 'backend'")
|
842
948
|
__props__.__dict__["backend"] = backend
|
949
|
+
__props__.__dict__["cert_metadata"] = cert_metadata
|
843
950
|
if common_name is None and not opts.urn:
|
844
951
|
raise TypeError("Missing required property 'common_name'")
|
845
952
|
__props__.__dict__["common_name"] = common_name
|
@@ -850,9 +957,11 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
850
957
|
__props__.__dict__["min_seconds_remaining"] = min_seconds_remaining
|
851
958
|
__props__.__dict__["name"] = name
|
852
959
|
__props__.__dict__["namespace"] = namespace
|
960
|
+
__props__.__dict__["not_after"] = not_after
|
853
961
|
__props__.__dict__["other_sans"] = other_sans
|
854
962
|
__props__.__dict__["private_key_format"] = private_key_format
|
855
963
|
__props__.__dict__["revoke"] = revoke
|
964
|
+
__props__.__dict__["revoke_with_key"] = revoke_with_key
|
856
965
|
__props__.__dict__["ttl"] = ttl
|
857
966
|
__props__.__dict__["uri_sans"] = uri_sans
|
858
967
|
__props__.__dict__["user_ids"] = user_ids
|
@@ -876,31 +985,34 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
876
985
|
def get(resource_name: str,
|
877
986
|
id: pulumi.Input[str],
|
878
987
|
opts: Optional[pulumi.ResourceOptions] = None,
|
879
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
880
|
-
auto_renew: Optional[pulumi.Input[bool]] = None,
|
881
|
-
backend: Optional[pulumi.Input[str]] = None,
|
882
|
-
ca_chain: Optional[pulumi.Input[str]] = None,
|
883
|
-
|
884
|
-
|
885
|
-
|
886
|
-
|
887
|
-
|
888
|
-
|
889
|
-
|
890
|
-
|
891
|
-
|
892
|
-
|
893
|
-
|
894
|
-
|
895
|
-
|
896
|
-
|
897
|
-
|
898
|
-
|
899
|
-
|
900
|
-
|
901
|
-
|
902
|
-
|
903
|
-
|
988
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
989
|
+
auto_renew: Optional[pulumi.Input[builtins.bool]] = None,
|
990
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
991
|
+
ca_chain: Optional[pulumi.Input[builtins.str]] = None,
|
992
|
+
cert_metadata: Optional[pulumi.Input[builtins.str]] = None,
|
993
|
+
certificate: Optional[pulumi.Input[builtins.str]] = None,
|
994
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
995
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
996
|
+
expiration: Optional[pulumi.Input[builtins.int]] = None,
|
997
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
998
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
999
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
1000
|
+
issuing_ca: Optional[pulumi.Input[builtins.str]] = None,
|
1001
|
+
min_seconds_remaining: Optional[pulumi.Input[builtins.int]] = None,
|
1002
|
+
name: Optional[pulumi.Input[builtins.str]] = None,
|
1003
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1004
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
1005
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1006
|
+
private_key: Optional[pulumi.Input[builtins.str]] = None,
|
1007
|
+
private_key_format: Optional[pulumi.Input[builtins.str]] = None,
|
1008
|
+
private_key_type: Optional[pulumi.Input[builtins.str]] = None,
|
1009
|
+
renew_pending: Optional[pulumi.Input[builtins.bool]] = None,
|
1010
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
1011
|
+
revoke_with_key: Optional[pulumi.Input[builtins.bool]] = None,
|
1012
|
+
serial_number: Optional[pulumi.Input[builtins.str]] = None,
|
1013
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
1014
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1015
|
+
user_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None) -> 'SecretBackendCert':
|
904
1016
|
"""
|
905
1017
|
Get an existing SecretBackendCert resource's state with the given name, id, and optional extra
|
906
1018
|
properties used to qualify the lookup.
|
@@ -908,34 +1020,37 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
908
1020
|
:param str resource_name: The unique name of the resulting resource.
|
909
1021
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
910
1022
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
911
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
912
|
-
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
913
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
914
|
-
:param pulumi.Input[str] ca_chain: The CA chain
|
915
|
-
:param pulumi.Input[str]
|
916
|
-
:param pulumi.Input[str]
|
917
|
-
:param pulumi.Input[
|
918
|
-
:param pulumi.Input[
|
919
|
-
:param pulumi.Input[
|
920
|
-
:param pulumi.Input[
|
921
|
-
:param pulumi.Input[str]
|
922
|
-
:param pulumi.Input[str]
|
923
|
-
:param pulumi.Input[
|
924
|
-
:param pulumi.Input[
|
925
|
-
:param pulumi.Input[str]
|
1023
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
1024
|
+
:param pulumi.Input[builtins.bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
1025
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
1026
|
+
:param pulumi.Input[builtins.str] ca_chain: The CA chain
|
1027
|
+
:param pulumi.Input[builtins.str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
1028
|
+
:param pulumi.Input[builtins.str] certificate: The certificate
|
1029
|
+
:param pulumi.Input[builtins.str] common_name: CN of certificate to create
|
1030
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
1031
|
+
:param pulumi.Input[builtins.int] expiration: The expiration date of the certificate in unix epoch format
|
1032
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
1033
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
1034
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request.
|
1035
|
+
:param pulumi.Input[builtins.str] issuing_ca: The issuing CA
|
1036
|
+
:param pulumi.Input[builtins.int] min_seconds_remaining: Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
|
1037
|
+
:param pulumi.Input[builtins.str] name: Name of the role to create the certificate against
|
1038
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
926
1039
|
The value should not contain leading or trailing forward slashes.
|
927
1040
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
928
1041
|
*Available only for Vault Enterprise*.
|
929
|
-
:param pulumi.Input[
|
930
|
-
:param pulumi.Input[str]
|
931
|
-
:param pulumi.Input[str]
|
932
|
-
:param pulumi.Input[str]
|
933
|
-
:param pulumi.Input[
|
934
|
-
:param pulumi.Input[bool]
|
935
|
-
:param pulumi.Input[
|
936
|
-
:param pulumi.Input[
|
937
|
-
:param pulumi.Input[
|
938
|
-
:param pulumi.Input[
|
1042
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1043
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
1044
|
+
:param pulumi.Input[builtins.str] private_key: The private key
|
1045
|
+
:param pulumi.Input[builtins.str] private_key_format: The private key format
|
1046
|
+
:param pulumi.Input[builtins.str] private_key_type: The private key type
|
1047
|
+
:param pulumi.Input[builtins.bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
1048
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
|
1049
|
+
:param pulumi.Input[builtins.bool] revoke_with_key: If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
|
1050
|
+
:param pulumi.Input[builtins.str] serial_number: The serial number
|
1051
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
1052
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
1053
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] user_ids: List of Subject User IDs
|
939
1054
|
"""
|
940
1055
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
941
1056
|
|
@@ -945,6 +1060,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
945
1060
|
__props__.__dict__["auto_renew"] = auto_renew
|
946
1061
|
__props__.__dict__["backend"] = backend
|
947
1062
|
__props__.__dict__["ca_chain"] = ca_chain
|
1063
|
+
__props__.__dict__["cert_metadata"] = cert_metadata
|
948
1064
|
__props__.__dict__["certificate"] = certificate
|
949
1065
|
__props__.__dict__["common_name"] = common_name
|
950
1066
|
__props__.__dict__["exclude_cn_from_sans"] = exclude_cn_from_sans
|
@@ -956,12 +1072,14 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
956
1072
|
__props__.__dict__["min_seconds_remaining"] = min_seconds_remaining
|
957
1073
|
__props__.__dict__["name"] = name
|
958
1074
|
__props__.__dict__["namespace"] = namespace
|
1075
|
+
__props__.__dict__["not_after"] = not_after
|
959
1076
|
__props__.__dict__["other_sans"] = other_sans
|
960
1077
|
__props__.__dict__["private_key"] = private_key
|
961
1078
|
__props__.__dict__["private_key_format"] = private_key_format
|
962
1079
|
__props__.__dict__["private_key_type"] = private_key_type
|
963
1080
|
__props__.__dict__["renew_pending"] = renew_pending
|
964
1081
|
__props__.__dict__["revoke"] = revoke
|
1082
|
+
__props__.__dict__["revoke_with_key"] = revoke_with_key
|
965
1083
|
__props__.__dict__["serial_number"] = serial_number
|
966
1084
|
__props__.__dict__["ttl"] = ttl
|
967
1085
|
__props__.__dict__["uri_sans"] = uri_sans
|
@@ -970,7 +1088,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
970
1088
|
|
971
1089
|
@property
|
972
1090
|
@pulumi.getter(name="altNames")
|
973
|
-
def alt_names(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1091
|
+
def alt_names(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
974
1092
|
"""
|
975
1093
|
List of alternative names
|
976
1094
|
"""
|
@@ -978,7 +1096,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
978
1096
|
|
979
1097
|
@property
|
980
1098
|
@pulumi.getter(name="autoRenew")
|
981
|
-
def auto_renew(self) -> pulumi.Output[Optional[bool]]:
|
1099
|
+
def auto_renew(self) -> pulumi.Output[Optional[builtins.bool]]:
|
982
1100
|
"""
|
983
1101
|
If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
984
1102
|
"""
|
@@ -986,7 +1104,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
986
1104
|
|
987
1105
|
@property
|
988
1106
|
@pulumi.getter
|
989
|
-
def backend(self) -> pulumi.Output[str]:
|
1107
|
+
def backend(self) -> pulumi.Output[builtins.str]:
|
990
1108
|
"""
|
991
1109
|
The PKI secret backend the resource belongs to.
|
992
1110
|
"""
|
@@ -994,15 +1112,23 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
994
1112
|
|
995
1113
|
@property
|
996
1114
|
@pulumi.getter(name="caChain")
|
997
|
-
def ca_chain(self) -> pulumi.Output[str]:
|
1115
|
+
def ca_chain(self) -> pulumi.Output[builtins.str]:
|
998
1116
|
"""
|
999
1117
|
The CA chain
|
1000
1118
|
"""
|
1001
1119
|
return pulumi.get(self, "ca_chain")
|
1002
1120
|
|
1121
|
+
@property
|
1122
|
+
@pulumi.getter(name="certMetadata")
|
1123
|
+
def cert_metadata(self) -> pulumi.Output[Optional[builtins.str]]:
|
1124
|
+
"""
|
1125
|
+
A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
1126
|
+
"""
|
1127
|
+
return pulumi.get(self, "cert_metadata")
|
1128
|
+
|
1003
1129
|
@property
|
1004
1130
|
@pulumi.getter
|
1005
|
-
def certificate(self) -> pulumi.Output[str]:
|
1131
|
+
def certificate(self) -> pulumi.Output[builtins.str]:
|
1006
1132
|
"""
|
1007
1133
|
The certificate
|
1008
1134
|
"""
|
@@ -1010,7 +1136,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1010
1136
|
|
1011
1137
|
@property
|
1012
1138
|
@pulumi.getter(name="commonName")
|
1013
|
-
def common_name(self) -> pulumi.Output[str]:
|
1139
|
+
def common_name(self) -> pulumi.Output[builtins.str]:
|
1014
1140
|
"""
|
1015
1141
|
CN of certificate to create
|
1016
1142
|
"""
|
@@ -1018,7 +1144,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1018
1144
|
|
1019
1145
|
@property
|
1020
1146
|
@pulumi.getter(name="excludeCnFromSans")
|
1021
|
-
def exclude_cn_from_sans(self) -> pulumi.Output[Optional[bool]]:
|
1147
|
+
def exclude_cn_from_sans(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1022
1148
|
"""
|
1023
1149
|
Flag to exclude CN from SANs
|
1024
1150
|
"""
|
@@ -1026,7 +1152,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1026
1152
|
|
1027
1153
|
@property
|
1028
1154
|
@pulumi.getter
|
1029
|
-
def expiration(self) -> pulumi.Output[int]:
|
1155
|
+
def expiration(self) -> pulumi.Output[builtins.int]:
|
1030
1156
|
"""
|
1031
1157
|
The expiration date of the certificate in unix epoch format
|
1032
1158
|
"""
|
@@ -1034,7 +1160,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1034
1160
|
|
1035
1161
|
@property
|
1036
1162
|
@pulumi.getter
|
1037
|
-
def format(self) -> pulumi.Output[Optional[str]]:
|
1163
|
+
def format(self) -> pulumi.Output[Optional[builtins.str]]:
|
1038
1164
|
"""
|
1039
1165
|
The format of data
|
1040
1166
|
"""
|
@@ -1042,7 +1168,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1042
1168
|
|
1043
1169
|
@property
|
1044
1170
|
@pulumi.getter(name="ipSans")
|
1045
|
-
def ip_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1171
|
+
def ip_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1046
1172
|
"""
|
1047
1173
|
List of alternative IPs
|
1048
1174
|
"""
|
@@ -1050,7 +1176,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1050
1176
|
|
1051
1177
|
@property
|
1052
1178
|
@pulumi.getter(name="issuerRef")
|
1053
|
-
def issuer_ref(self) -> pulumi.Output[Optional[str]]:
|
1179
|
+
def issuer_ref(self) -> pulumi.Output[Optional[builtins.str]]:
|
1054
1180
|
"""
|
1055
1181
|
Specifies the default issuer of this request.
|
1056
1182
|
"""
|
@@ -1058,7 +1184,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1058
1184
|
|
1059
1185
|
@property
|
1060
1186
|
@pulumi.getter(name="issuingCa")
|
1061
|
-
def issuing_ca(self) -> pulumi.Output[str]:
|
1187
|
+
def issuing_ca(self) -> pulumi.Output[builtins.str]:
|
1062
1188
|
"""
|
1063
1189
|
The issuing CA
|
1064
1190
|
"""
|
@@ -1066,7 +1192,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1066
1192
|
|
1067
1193
|
@property
|
1068
1194
|
@pulumi.getter(name="minSecondsRemaining")
|
1069
|
-
def min_seconds_remaining(self) -> pulumi.Output[Optional[int]]:
|
1195
|
+
def min_seconds_remaining(self) -> pulumi.Output[Optional[builtins.int]]:
|
1070
1196
|
"""
|
1071
1197
|
Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
|
1072
1198
|
"""
|
@@ -1074,7 +1200,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1074
1200
|
|
1075
1201
|
@property
|
1076
1202
|
@pulumi.getter
|
1077
|
-
def name(self) -> pulumi.Output[str]:
|
1203
|
+
def name(self) -> pulumi.Output[builtins.str]:
|
1078
1204
|
"""
|
1079
1205
|
Name of the role to create the certificate against
|
1080
1206
|
"""
|
@@ -1082,7 +1208,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1082
1208
|
|
1083
1209
|
@property
|
1084
1210
|
@pulumi.getter
|
1085
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
1211
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
1086
1212
|
"""
|
1087
1213
|
The namespace to provision the resource in.
|
1088
1214
|
The value should not contain leading or trailing forward slashes.
|
@@ -1091,9 +1217,17 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1091
1217
|
"""
|
1092
1218
|
return pulumi.get(self, "namespace")
|
1093
1219
|
|
1220
|
+
@property
|
1221
|
+
@pulumi.getter(name="notAfter")
|
1222
|
+
def not_after(self) -> pulumi.Output[Optional[builtins.str]]:
|
1223
|
+
"""
|
1224
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1225
|
+
"""
|
1226
|
+
return pulumi.get(self, "not_after")
|
1227
|
+
|
1094
1228
|
@property
|
1095
1229
|
@pulumi.getter(name="otherSans")
|
1096
|
-
def other_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1230
|
+
def other_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1097
1231
|
"""
|
1098
1232
|
List of other SANs
|
1099
1233
|
"""
|
@@ -1101,7 +1235,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1101
1235
|
|
1102
1236
|
@property
|
1103
1237
|
@pulumi.getter(name="privateKey")
|
1104
|
-
def private_key(self) -> pulumi.Output[str]:
|
1238
|
+
def private_key(self) -> pulumi.Output[builtins.str]:
|
1105
1239
|
"""
|
1106
1240
|
The private key
|
1107
1241
|
"""
|
@@ -1109,7 +1243,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1109
1243
|
|
1110
1244
|
@property
|
1111
1245
|
@pulumi.getter(name="privateKeyFormat")
|
1112
|
-
def private_key_format(self) -> pulumi.Output[Optional[str]]:
|
1246
|
+
def private_key_format(self) -> pulumi.Output[Optional[builtins.str]]:
|
1113
1247
|
"""
|
1114
1248
|
The private key format
|
1115
1249
|
"""
|
@@ -1117,7 +1251,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1117
1251
|
|
1118
1252
|
@property
|
1119
1253
|
@pulumi.getter(name="privateKeyType")
|
1120
|
-
def private_key_type(self) -> pulumi.Output[str]:
|
1254
|
+
def private_key_type(self) -> pulumi.Output[builtins.str]:
|
1121
1255
|
"""
|
1122
1256
|
The private key type
|
1123
1257
|
"""
|
@@ -1125,7 +1259,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1125
1259
|
|
1126
1260
|
@property
|
1127
1261
|
@pulumi.getter(name="renewPending")
|
1128
|
-
def renew_pending(self) -> pulumi.Output[bool]:
|
1262
|
+
def renew_pending(self) -> pulumi.Output[builtins.bool]:
|
1129
1263
|
"""
|
1130
1264
|
`true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
1131
1265
|
"""
|
@@ -1133,15 +1267,23 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1133
1267
|
|
1134
1268
|
@property
|
1135
1269
|
@pulumi.getter
|
1136
|
-
def revoke(self) -> pulumi.Output[Optional[bool]]:
|
1270
|
+
def revoke(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1137
1271
|
"""
|
1138
|
-
If set to `true`, the certificate will be revoked on resource destruction.
|
1272
|
+
If set to `true`, the certificate will be revoked on resource destruction using the `revoke` PKI API. Conflicts with `revoke_with_key`. Default `false`.
|
1139
1273
|
"""
|
1140
1274
|
return pulumi.get(self, "revoke")
|
1141
1275
|
|
1276
|
+
@property
|
1277
|
+
@pulumi.getter(name="revokeWithKey")
|
1278
|
+
def revoke_with_key(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1279
|
+
"""
|
1280
|
+
If set to `true`, the certificate will be revoked on resource destruction using the `revoke-with-key` PKI API. Conflicts with `revoke`. Default `false`
|
1281
|
+
"""
|
1282
|
+
return pulumi.get(self, "revoke_with_key")
|
1283
|
+
|
1142
1284
|
@property
|
1143
1285
|
@pulumi.getter(name="serialNumber")
|
1144
|
-
def serial_number(self) -> pulumi.Output[str]:
|
1286
|
+
def serial_number(self) -> pulumi.Output[builtins.str]:
|
1145
1287
|
"""
|
1146
1288
|
The serial number
|
1147
1289
|
"""
|
@@ -1149,7 +1291,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1149
1291
|
|
1150
1292
|
@property
|
1151
1293
|
@pulumi.getter
|
1152
|
-
def ttl(self) -> pulumi.Output[Optional[str]]:
|
1294
|
+
def ttl(self) -> pulumi.Output[Optional[builtins.str]]:
|
1153
1295
|
"""
|
1154
1296
|
Time to live
|
1155
1297
|
"""
|
@@ -1157,7 +1299,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1157
1299
|
|
1158
1300
|
@property
|
1159
1301
|
@pulumi.getter(name="uriSans")
|
1160
|
-
def uri_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1302
|
+
def uri_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1161
1303
|
"""
|
1162
1304
|
List of alternative URIs
|
1163
1305
|
"""
|
@@ -1165,7 +1307,7 @@ class SecretBackendCert(pulumi.CustomResource):
|
|
1165
1307
|
|
1166
1308
|
@property
|
1167
1309
|
@pulumi.getter(name="userIds")
|
1168
|
-
def user_ids(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1310
|
+
def user_ids(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1169
1311
|
"""
|
1170
1312
|
List of Subject User IDs
|
1171
1313
|
"""
|