pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +9 -0
  2. pulumi_vault/_inputs.py +583 -562
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +425 -200
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +523 -306
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +288 -70
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +383 -130
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +432 -186
  38. pulumi_vault/azure/backend_role.py +188 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +3857 -2200
  53. pulumi_vault/database/outputs.py +2483 -1330
  54. pulumi_vault/database/secret_backend_connection.py +333 -112
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +283 -140
  57. pulumi_vault/database/secrets_mount.py +275 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +426 -205
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +420 -179
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +68 -18
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +754 -533
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +720 -499
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +73 -60
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +3 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -36
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +174 -126
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -31
  191. pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +894 -644
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
  203. pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +2 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +96 -95
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +3 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +325 -0
  257. pulumi_vault/transit/get_verify.py +355 -0
  258. pulumi_vault/transit/secret_backend_key.py +394 -231
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
  261. pulumi_vault-6.7.0.dist-info/RECORD +265 -0
  262. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
  263. pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
  264. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,39 +20,42 @@ __all__ = ['SecretBackendCrlConfigArgs', 'SecretBackendCrlConfig']
19
20
  @pulumi.input_type
20
21
  class SecretBackendCrlConfigArgs:
21
22
  def __init__(__self__, *,
22
- backend: pulumi.Input[str],
23
- auto_rebuild: Optional[pulumi.Input[bool]] = None,
24
- auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
25
- cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
26
- delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
27
- disable: Optional[pulumi.Input[bool]] = None,
28
- enable_delta: Optional[pulumi.Input[bool]] = None,
29
- expiry: Optional[pulumi.Input[str]] = None,
30
- namespace: Optional[pulumi.Input[str]] = None,
31
- ocsp_disable: Optional[pulumi.Input[bool]] = None,
32
- ocsp_expiry: Optional[pulumi.Input[str]] = None,
33
- unified_crl: Optional[pulumi.Input[bool]] = None,
34
- unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None):
23
+ backend: pulumi.Input[builtins.str],
24
+ auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
25
+ auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
26
+ cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
27
+ delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
28
+ disable: Optional[pulumi.Input[builtins.bool]] = None,
29
+ enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
30
+ expiry: Optional[pulumi.Input[builtins.str]] = None,
31
+ max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
32
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
33
+ ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
34
+ ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
35
+ unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
36
+ unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None):
35
37
  """
36
38
  The set of arguments for constructing a SecretBackendCrlConfig resource.
37
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
38
- :param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
39
- :param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
40
- :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
41
- :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
42
- :param pulumi.Input[bool] disable: Disables or enables CRL building.
43
- :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
39
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
40
+ :param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
41
+ :param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
42
+ :param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
43
+ :param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
44
+ :param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
45
+ :param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
44
46
  augmenting the last complete CRL. **Vault 1.12+**
45
- :param pulumi.Input[str] expiry: Specifies the time until expiration.
46
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
47
+ :param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
48
+ :param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
49
+ accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
50
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
47
51
  The value should not contain leading or trailing forward slashes.
48
52
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
49
53
  *Available only for Vault Enterprise*.
50
- :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
51
- :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
54
+ :param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
55
+ :param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
52
56
  refresh durations. **Vault 1.12+**
53
- :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
54
- :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
57
+ :param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
58
+ :param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
55
59
  cluster-local paths. **Vault 1.13+**
56
60
  """
57
61
  pulumi.set(__self__, "backend", backend)
@@ -69,6 +73,8 @@ class SecretBackendCrlConfigArgs:
69
73
  pulumi.set(__self__, "enable_delta", enable_delta)
70
74
  if expiry is not None:
71
75
  pulumi.set(__self__, "expiry", expiry)
76
+ if max_crl_entries is not None:
77
+ pulumi.set(__self__, "max_crl_entries", max_crl_entries)
72
78
  if namespace is not None:
73
79
  pulumi.set(__self__, "namespace", namespace)
74
80
  if ocsp_disable is not None:
@@ -82,79 +88,79 @@ class SecretBackendCrlConfigArgs:
82
88
 
83
89
  @property
84
90
  @pulumi.getter
85
- def backend(self) -> pulumi.Input[str]:
91
+ def backend(self) -> pulumi.Input[builtins.str]:
86
92
  """
87
93
  The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
88
94
  """
89
95
  return pulumi.get(self, "backend")
90
96
 
91
97
  @backend.setter
92
- def backend(self, value: pulumi.Input[str]):
98
+ def backend(self, value: pulumi.Input[builtins.str]):
93
99
  pulumi.set(self, "backend", value)
94
100
 
95
101
  @property
96
102
  @pulumi.getter(name="autoRebuild")
97
- def auto_rebuild(self) -> Optional[pulumi.Input[bool]]:
103
+ def auto_rebuild(self) -> Optional[pulumi.Input[builtins.bool]]:
98
104
  """
99
105
  Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
100
106
  """
101
107
  return pulumi.get(self, "auto_rebuild")
102
108
 
103
109
  @auto_rebuild.setter
104
- def auto_rebuild(self, value: Optional[pulumi.Input[bool]]):
110
+ def auto_rebuild(self, value: Optional[pulumi.Input[builtins.bool]]):
105
111
  pulumi.set(self, "auto_rebuild", value)
106
112
 
107
113
  @property
108
114
  @pulumi.getter(name="autoRebuildGracePeriod")
109
- def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[str]]:
115
+ def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[builtins.str]]:
110
116
  """
111
117
  Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
112
118
  """
113
119
  return pulumi.get(self, "auto_rebuild_grace_period")
114
120
 
115
121
  @auto_rebuild_grace_period.setter
116
- def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[str]]):
122
+ def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[builtins.str]]):
117
123
  pulumi.set(self, "auto_rebuild_grace_period", value)
118
124
 
119
125
  @property
120
126
  @pulumi.getter(name="crossClusterRevocation")
121
- def cross_cluster_revocation(self) -> Optional[pulumi.Input[bool]]:
127
+ def cross_cluster_revocation(self) -> Optional[pulumi.Input[builtins.bool]]:
122
128
  """
123
129
  Enable cross-cluster revocation request queues. **Vault 1.13+**
124
130
  """
125
131
  return pulumi.get(self, "cross_cluster_revocation")
126
132
 
127
133
  @cross_cluster_revocation.setter
128
- def cross_cluster_revocation(self, value: Optional[pulumi.Input[bool]]):
134
+ def cross_cluster_revocation(self, value: Optional[pulumi.Input[builtins.bool]]):
129
135
  pulumi.set(self, "cross_cluster_revocation", value)
130
136
 
131
137
  @property
132
138
  @pulumi.getter(name="deltaRebuildInterval")
133
- def delta_rebuild_interval(self) -> Optional[pulumi.Input[str]]:
139
+ def delta_rebuild_interval(self) -> Optional[pulumi.Input[builtins.str]]:
134
140
  """
135
141
  Interval to check for new revocations on, to regenerate the delta CRL.
136
142
  """
137
143
  return pulumi.get(self, "delta_rebuild_interval")
138
144
 
139
145
  @delta_rebuild_interval.setter
140
- def delta_rebuild_interval(self, value: Optional[pulumi.Input[str]]):
146
+ def delta_rebuild_interval(self, value: Optional[pulumi.Input[builtins.str]]):
141
147
  pulumi.set(self, "delta_rebuild_interval", value)
142
148
 
143
149
  @property
144
150
  @pulumi.getter
145
- def disable(self) -> Optional[pulumi.Input[bool]]:
151
+ def disable(self) -> Optional[pulumi.Input[builtins.bool]]:
146
152
  """
147
153
  Disables or enables CRL building.
148
154
  """
149
155
  return pulumi.get(self, "disable")
150
156
 
151
157
  @disable.setter
152
- def disable(self, value: Optional[pulumi.Input[bool]]):
158
+ def disable(self, value: Optional[pulumi.Input[builtins.bool]]):
153
159
  pulumi.set(self, "disable", value)
154
160
 
155
161
  @property
156
162
  @pulumi.getter(name="enableDelta")
157
- def enable_delta(self) -> Optional[pulumi.Input[bool]]:
163
+ def enable_delta(self) -> Optional[pulumi.Input[builtins.bool]]:
158
164
  """
159
165
  Enables building of delta CRLs with up-to-date revocation information,
160
166
  augmenting the last complete CRL. **Vault 1.12+**
@@ -162,24 +168,37 @@ class SecretBackendCrlConfigArgs:
162
168
  return pulumi.get(self, "enable_delta")
163
169
 
164
170
  @enable_delta.setter
165
- def enable_delta(self, value: Optional[pulumi.Input[bool]]):
171
+ def enable_delta(self, value: Optional[pulumi.Input[builtins.bool]]):
166
172
  pulumi.set(self, "enable_delta", value)
167
173
 
168
174
  @property
169
175
  @pulumi.getter
170
- def expiry(self) -> Optional[pulumi.Input[str]]:
176
+ def expiry(self) -> Optional[pulumi.Input[builtins.str]]:
171
177
  """
172
178
  Specifies the time until expiration.
173
179
  """
174
180
  return pulumi.get(self, "expiry")
175
181
 
176
182
  @expiry.setter
177
- def expiry(self, value: Optional[pulumi.Input[str]]):
183
+ def expiry(self, value: Optional[pulumi.Input[builtins.str]]):
178
184
  pulumi.set(self, "expiry", value)
179
185
 
186
+ @property
187
+ @pulumi.getter(name="maxCrlEntries")
188
+ def max_crl_entries(self) -> Optional[pulumi.Input[builtins.int]]:
189
+ """
190
+ The maximum number of entries a CRL can contain. This option exists to prevent
191
+ accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
192
+ """
193
+ return pulumi.get(self, "max_crl_entries")
194
+
195
+ @max_crl_entries.setter
196
+ def max_crl_entries(self, value: Optional[pulumi.Input[builtins.int]]):
197
+ pulumi.set(self, "max_crl_entries", value)
198
+
180
199
  @property
181
200
  @pulumi.getter
182
- def namespace(self) -> Optional[pulumi.Input[str]]:
201
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
183
202
  """
184
203
  The namespace to provision the resource in.
185
204
  The value should not contain leading or trailing forward slashes.
@@ -189,24 +208,24 @@ class SecretBackendCrlConfigArgs:
189
208
  return pulumi.get(self, "namespace")
190
209
 
191
210
  @namespace.setter
192
- def namespace(self, value: Optional[pulumi.Input[str]]):
211
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
193
212
  pulumi.set(self, "namespace", value)
194
213
 
195
214
  @property
196
215
  @pulumi.getter(name="ocspDisable")
197
- def ocsp_disable(self) -> Optional[pulumi.Input[bool]]:
216
+ def ocsp_disable(self) -> Optional[pulumi.Input[builtins.bool]]:
198
217
  """
199
218
  Disables the OCSP responder in Vault. **Vault 1.12+**
200
219
  """
201
220
  return pulumi.get(self, "ocsp_disable")
202
221
 
203
222
  @ocsp_disable.setter
204
- def ocsp_disable(self, value: Optional[pulumi.Input[bool]]):
223
+ def ocsp_disable(self, value: Optional[pulumi.Input[builtins.bool]]):
205
224
  pulumi.set(self, "ocsp_disable", value)
206
225
 
207
226
  @property
208
227
  @pulumi.getter(name="ocspExpiry")
209
- def ocsp_expiry(self) -> Optional[pulumi.Input[str]]:
228
+ def ocsp_expiry(self) -> Optional[pulumi.Input[builtins.str]]:
210
229
  """
211
230
  The amount of time an OCSP response can be cached for, useful for OCSP stapling
212
231
  refresh durations. **Vault 1.12+**
@@ -214,24 +233,24 @@ class SecretBackendCrlConfigArgs:
214
233
  return pulumi.get(self, "ocsp_expiry")
215
234
 
216
235
  @ocsp_expiry.setter
217
- def ocsp_expiry(self, value: Optional[pulumi.Input[str]]):
236
+ def ocsp_expiry(self, value: Optional[pulumi.Input[builtins.str]]):
218
237
  pulumi.set(self, "ocsp_expiry", value)
219
238
 
220
239
  @property
221
240
  @pulumi.getter(name="unifiedCrl")
222
- def unified_crl(self) -> Optional[pulumi.Input[bool]]:
241
+ def unified_crl(self) -> Optional[pulumi.Input[builtins.bool]]:
223
242
  """
224
243
  Enables unified CRL and OCSP building. **Vault 1.13+**
225
244
  """
226
245
  return pulumi.get(self, "unified_crl")
227
246
 
228
247
  @unified_crl.setter
229
- def unified_crl(self, value: Optional[pulumi.Input[bool]]):
248
+ def unified_crl(self, value: Optional[pulumi.Input[builtins.bool]]):
230
249
  pulumi.set(self, "unified_crl", value)
231
250
 
232
251
  @property
233
252
  @pulumi.getter(name="unifiedCrlOnExistingPaths")
234
- def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[bool]]:
253
+ def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[builtins.bool]]:
235
254
  """
236
255
  Enables serving the unified CRL and OCSP on the existing, previously
237
256
  cluster-local paths. **Vault 1.13+**
@@ -239,46 +258,49 @@ class SecretBackendCrlConfigArgs:
239
258
  return pulumi.get(self, "unified_crl_on_existing_paths")
240
259
 
241
260
  @unified_crl_on_existing_paths.setter
242
- def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[bool]]):
261
+ def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[builtins.bool]]):
243
262
  pulumi.set(self, "unified_crl_on_existing_paths", value)
244
263
 
245
264
 
246
265
  @pulumi.input_type
247
266
  class _SecretBackendCrlConfigState:
248
267
  def __init__(__self__, *,
249
- auto_rebuild: Optional[pulumi.Input[bool]] = None,
250
- auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
251
- backend: Optional[pulumi.Input[str]] = None,
252
- cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
253
- delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
254
- disable: Optional[pulumi.Input[bool]] = None,
255
- enable_delta: Optional[pulumi.Input[bool]] = None,
256
- expiry: Optional[pulumi.Input[str]] = None,
257
- namespace: Optional[pulumi.Input[str]] = None,
258
- ocsp_disable: Optional[pulumi.Input[bool]] = None,
259
- ocsp_expiry: Optional[pulumi.Input[str]] = None,
260
- unified_crl: Optional[pulumi.Input[bool]] = None,
261
- unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None):
268
+ auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
269
+ auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
270
+ backend: Optional[pulumi.Input[builtins.str]] = None,
271
+ cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
272
+ delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
273
+ disable: Optional[pulumi.Input[builtins.bool]] = None,
274
+ enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
275
+ expiry: Optional[pulumi.Input[builtins.str]] = None,
276
+ max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
277
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
278
+ ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
279
+ ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
280
+ unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
281
+ unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None):
262
282
  """
263
283
  Input properties used for looking up and filtering SecretBackendCrlConfig resources.
264
- :param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
265
- :param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
266
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
267
- :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
268
- :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
269
- :param pulumi.Input[bool] disable: Disables or enables CRL building.
270
- :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
284
+ :param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
285
+ :param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
286
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
287
+ :param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
288
+ :param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
289
+ :param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
290
+ :param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
271
291
  augmenting the last complete CRL. **Vault 1.12+**
272
- :param pulumi.Input[str] expiry: Specifies the time until expiration.
273
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
292
+ :param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
293
+ :param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
294
+ accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
295
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
274
296
  The value should not contain leading or trailing forward slashes.
275
297
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
276
298
  *Available only for Vault Enterprise*.
277
- :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
278
- :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
299
+ :param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
300
+ :param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
279
301
  refresh durations. **Vault 1.12+**
280
- :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
281
- :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
302
+ :param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
303
+ :param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
282
304
  cluster-local paths. **Vault 1.13+**
283
305
  """
284
306
  if auto_rebuild is not None:
@@ -297,6 +319,8 @@ class _SecretBackendCrlConfigState:
297
319
  pulumi.set(__self__, "enable_delta", enable_delta)
298
320
  if expiry is not None:
299
321
  pulumi.set(__self__, "expiry", expiry)
322
+ if max_crl_entries is not None:
323
+ pulumi.set(__self__, "max_crl_entries", max_crl_entries)
300
324
  if namespace is not None:
301
325
  pulumi.set(__self__, "namespace", namespace)
302
326
  if ocsp_disable is not None:
@@ -310,79 +334,79 @@ class _SecretBackendCrlConfigState:
310
334
 
311
335
  @property
312
336
  @pulumi.getter(name="autoRebuild")
313
- def auto_rebuild(self) -> Optional[pulumi.Input[bool]]:
337
+ def auto_rebuild(self) -> Optional[pulumi.Input[builtins.bool]]:
314
338
  """
315
339
  Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
316
340
  """
317
341
  return pulumi.get(self, "auto_rebuild")
318
342
 
319
343
  @auto_rebuild.setter
320
- def auto_rebuild(self, value: Optional[pulumi.Input[bool]]):
344
+ def auto_rebuild(self, value: Optional[pulumi.Input[builtins.bool]]):
321
345
  pulumi.set(self, "auto_rebuild", value)
322
346
 
323
347
  @property
324
348
  @pulumi.getter(name="autoRebuildGracePeriod")
325
- def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[str]]:
349
+ def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[builtins.str]]:
326
350
  """
327
351
  Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
328
352
  """
329
353
  return pulumi.get(self, "auto_rebuild_grace_period")
330
354
 
331
355
  @auto_rebuild_grace_period.setter
332
- def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[str]]):
356
+ def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[builtins.str]]):
333
357
  pulumi.set(self, "auto_rebuild_grace_period", value)
334
358
 
335
359
  @property
336
360
  @pulumi.getter
337
- def backend(self) -> Optional[pulumi.Input[str]]:
361
+ def backend(self) -> Optional[pulumi.Input[builtins.str]]:
338
362
  """
339
363
  The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
340
364
  """
341
365
  return pulumi.get(self, "backend")
342
366
 
343
367
  @backend.setter
344
- def backend(self, value: Optional[pulumi.Input[str]]):
368
+ def backend(self, value: Optional[pulumi.Input[builtins.str]]):
345
369
  pulumi.set(self, "backend", value)
346
370
 
347
371
  @property
348
372
  @pulumi.getter(name="crossClusterRevocation")
349
- def cross_cluster_revocation(self) -> Optional[pulumi.Input[bool]]:
373
+ def cross_cluster_revocation(self) -> Optional[pulumi.Input[builtins.bool]]:
350
374
  """
351
375
  Enable cross-cluster revocation request queues. **Vault 1.13+**
352
376
  """
353
377
  return pulumi.get(self, "cross_cluster_revocation")
354
378
 
355
379
  @cross_cluster_revocation.setter
356
- def cross_cluster_revocation(self, value: Optional[pulumi.Input[bool]]):
380
+ def cross_cluster_revocation(self, value: Optional[pulumi.Input[builtins.bool]]):
357
381
  pulumi.set(self, "cross_cluster_revocation", value)
358
382
 
359
383
  @property
360
384
  @pulumi.getter(name="deltaRebuildInterval")
361
- def delta_rebuild_interval(self) -> Optional[pulumi.Input[str]]:
385
+ def delta_rebuild_interval(self) -> Optional[pulumi.Input[builtins.str]]:
362
386
  """
363
387
  Interval to check for new revocations on, to regenerate the delta CRL.
364
388
  """
365
389
  return pulumi.get(self, "delta_rebuild_interval")
366
390
 
367
391
  @delta_rebuild_interval.setter
368
- def delta_rebuild_interval(self, value: Optional[pulumi.Input[str]]):
392
+ def delta_rebuild_interval(self, value: Optional[pulumi.Input[builtins.str]]):
369
393
  pulumi.set(self, "delta_rebuild_interval", value)
370
394
 
371
395
  @property
372
396
  @pulumi.getter
373
- def disable(self) -> Optional[pulumi.Input[bool]]:
397
+ def disable(self) -> Optional[pulumi.Input[builtins.bool]]:
374
398
  """
375
399
  Disables or enables CRL building.
376
400
  """
377
401
  return pulumi.get(self, "disable")
378
402
 
379
403
  @disable.setter
380
- def disable(self, value: Optional[pulumi.Input[bool]]):
404
+ def disable(self, value: Optional[pulumi.Input[builtins.bool]]):
381
405
  pulumi.set(self, "disable", value)
382
406
 
383
407
  @property
384
408
  @pulumi.getter(name="enableDelta")
385
- def enable_delta(self) -> Optional[pulumi.Input[bool]]:
409
+ def enable_delta(self) -> Optional[pulumi.Input[builtins.bool]]:
386
410
  """
387
411
  Enables building of delta CRLs with up-to-date revocation information,
388
412
  augmenting the last complete CRL. **Vault 1.12+**
@@ -390,24 +414,37 @@ class _SecretBackendCrlConfigState:
390
414
  return pulumi.get(self, "enable_delta")
391
415
 
392
416
  @enable_delta.setter
393
- def enable_delta(self, value: Optional[pulumi.Input[bool]]):
417
+ def enable_delta(self, value: Optional[pulumi.Input[builtins.bool]]):
394
418
  pulumi.set(self, "enable_delta", value)
395
419
 
396
420
  @property
397
421
  @pulumi.getter
398
- def expiry(self) -> Optional[pulumi.Input[str]]:
422
+ def expiry(self) -> Optional[pulumi.Input[builtins.str]]:
399
423
  """
400
424
  Specifies the time until expiration.
401
425
  """
402
426
  return pulumi.get(self, "expiry")
403
427
 
404
428
  @expiry.setter
405
- def expiry(self, value: Optional[pulumi.Input[str]]):
429
+ def expiry(self, value: Optional[pulumi.Input[builtins.str]]):
406
430
  pulumi.set(self, "expiry", value)
407
431
 
432
+ @property
433
+ @pulumi.getter(name="maxCrlEntries")
434
+ def max_crl_entries(self) -> Optional[pulumi.Input[builtins.int]]:
435
+ """
436
+ The maximum number of entries a CRL can contain. This option exists to prevent
437
+ accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
438
+ """
439
+ return pulumi.get(self, "max_crl_entries")
440
+
441
+ @max_crl_entries.setter
442
+ def max_crl_entries(self, value: Optional[pulumi.Input[builtins.int]]):
443
+ pulumi.set(self, "max_crl_entries", value)
444
+
408
445
  @property
409
446
  @pulumi.getter
410
- def namespace(self) -> Optional[pulumi.Input[str]]:
447
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
411
448
  """
412
449
  The namespace to provision the resource in.
413
450
  The value should not contain leading or trailing forward slashes.
@@ -417,24 +454,24 @@ class _SecretBackendCrlConfigState:
417
454
  return pulumi.get(self, "namespace")
418
455
 
419
456
  @namespace.setter
420
- def namespace(self, value: Optional[pulumi.Input[str]]):
457
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
421
458
  pulumi.set(self, "namespace", value)
422
459
 
423
460
  @property
424
461
  @pulumi.getter(name="ocspDisable")
425
- def ocsp_disable(self) -> Optional[pulumi.Input[bool]]:
462
+ def ocsp_disable(self) -> Optional[pulumi.Input[builtins.bool]]:
426
463
  """
427
464
  Disables the OCSP responder in Vault. **Vault 1.12+**
428
465
  """
429
466
  return pulumi.get(self, "ocsp_disable")
430
467
 
431
468
  @ocsp_disable.setter
432
- def ocsp_disable(self, value: Optional[pulumi.Input[bool]]):
469
+ def ocsp_disable(self, value: Optional[pulumi.Input[builtins.bool]]):
433
470
  pulumi.set(self, "ocsp_disable", value)
434
471
 
435
472
  @property
436
473
  @pulumi.getter(name="ocspExpiry")
437
- def ocsp_expiry(self) -> Optional[pulumi.Input[str]]:
474
+ def ocsp_expiry(self) -> Optional[pulumi.Input[builtins.str]]:
438
475
  """
439
476
  The amount of time an OCSP response can be cached for, useful for OCSP stapling
440
477
  refresh durations. **Vault 1.12+**
@@ -442,24 +479,24 @@ class _SecretBackendCrlConfigState:
442
479
  return pulumi.get(self, "ocsp_expiry")
443
480
 
444
481
  @ocsp_expiry.setter
445
- def ocsp_expiry(self, value: Optional[pulumi.Input[str]]):
482
+ def ocsp_expiry(self, value: Optional[pulumi.Input[builtins.str]]):
446
483
  pulumi.set(self, "ocsp_expiry", value)
447
484
 
448
485
  @property
449
486
  @pulumi.getter(name="unifiedCrl")
450
- def unified_crl(self) -> Optional[pulumi.Input[bool]]:
487
+ def unified_crl(self) -> Optional[pulumi.Input[builtins.bool]]:
451
488
  """
452
489
  Enables unified CRL and OCSP building. **Vault 1.13+**
453
490
  """
454
491
  return pulumi.get(self, "unified_crl")
455
492
 
456
493
  @unified_crl.setter
457
- def unified_crl(self, value: Optional[pulumi.Input[bool]]):
494
+ def unified_crl(self, value: Optional[pulumi.Input[builtins.bool]]):
458
495
  pulumi.set(self, "unified_crl", value)
459
496
 
460
497
  @property
461
498
  @pulumi.getter(name="unifiedCrlOnExistingPaths")
462
- def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[bool]]:
499
+ def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[builtins.bool]]:
463
500
  """
464
501
  Enables serving the unified CRL and OCSP on the existing, previously
465
502
  cluster-local paths. **Vault 1.13+**
@@ -467,7 +504,7 @@ class _SecretBackendCrlConfigState:
467
504
  return pulumi.get(self, "unified_crl_on_existing_paths")
468
505
 
469
506
  @unified_crl_on_existing_paths.setter
470
- def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[bool]]):
507
+ def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[builtins.bool]]):
471
508
  pulumi.set(self, "unified_crl_on_existing_paths", value)
472
509
 
473
510
 
@@ -476,19 +513,20 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
476
513
  def __init__(__self__,
477
514
  resource_name: str,
478
515
  opts: Optional[pulumi.ResourceOptions] = None,
479
- auto_rebuild: Optional[pulumi.Input[bool]] = None,
480
- auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
481
- backend: Optional[pulumi.Input[str]] = None,
482
- cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
483
- delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
484
- disable: Optional[pulumi.Input[bool]] = None,
485
- enable_delta: Optional[pulumi.Input[bool]] = None,
486
- expiry: Optional[pulumi.Input[str]] = None,
487
- namespace: Optional[pulumi.Input[str]] = None,
488
- ocsp_disable: Optional[pulumi.Input[bool]] = None,
489
- ocsp_expiry: Optional[pulumi.Input[str]] = None,
490
- unified_crl: Optional[pulumi.Input[bool]] = None,
491
- unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None,
516
+ auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
517
+ auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
518
+ backend: Optional[pulumi.Input[builtins.str]] = None,
519
+ cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
520
+ delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
521
+ disable: Optional[pulumi.Input[builtins.bool]] = None,
522
+ enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
523
+ expiry: Optional[pulumi.Input[builtins.str]] = None,
524
+ max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
525
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
526
+ ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
527
+ ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
528
+ unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
529
+ unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None,
492
530
  __props__=None):
493
531
  """
494
532
  Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.
@@ -512,24 +550,26 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
512
550
 
513
551
  :param str resource_name: The name of the resource.
514
552
  :param pulumi.ResourceOptions opts: Options for the resource.
515
- :param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
516
- :param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
517
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
518
- :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
519
- :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
520
- :param pulumi.Input[bool] disable: Disables or enables CRL building.
521
- :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
553
+ :param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
554
+ :param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
555
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
556
+ :param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
557
+ :param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
558
+ :param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
559
+ :param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
522
560
  augmenting the last complete CRL. **Vault 1.12+**
523
- :param pulumi.Input[str] expiry: Specifies the time until expiration.
524
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
561
+ :param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
562
+ :param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
563
+ accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
564
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
525
565
  The value should not contain leading or trailing forward slashes.
526
566
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
527
567
  *Available only for Vault Enterprise*.
528
- :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
529
- :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
568
+ :param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
569
+ :param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
530
570
  refresh durations. **Vault 1.12+**
531
- :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
532
- :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
571
+ :param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
572
+ :param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
533
573
  cluster-local paths. **Vault 1.13+**
534
574
  """
535
575
  ...
@@ -573,19 +613,20 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
573
613
  def _internal_init(__self__,
574
614
  resource_name: str,
575
615
  opts: Optional[pulumi.ResourceOptions] = None,
576
- auto_rebuild: Optional[pulumi.Input[bool]] = None,
577
- auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
578
- backend: Optional[pulumi.Input[str]] = None,
579
- cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
580
- delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
581
- disable: Optional[pulumi.Input[bool]] = None,
582
- enable_delta: Optional[pulumi.Input[bool]] = None,
583
- expiry: Optional[pulumi.Input[str]] = None,
584
- namespace: Optional[pulumi.Input[str]] = None,
585
- ocsp_disable: Optional[pulumi.Input[bool]] = None,
586
- ocsp_expiry: Optional[pulumi.Input[str]] = None,
587
- unified_crl: Optional[pulumi.Input[bool]] = None,
588
- unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None,
616
+ auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
617
+ auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
618
+ backend: Optional[pulumi.Input[builtins.str]] = None,
619
+ cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
620
+ delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
621
+ disable: Optional[pulumi.Input[builtins.bool]] = None,
622
+ enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
623
+ expiry: Optional[pulumi.Input[builtins.str]] = None,
624
+ max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
625
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
626
+ ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
627
+ ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
628
+ unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
629
+ unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None,
589
630
  __props__=None):
590
631
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
591
632
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -605,6 +646,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
605
646
  __props__.__dict__["disable"] = disable
606
647
  __props__.__dict__["enable_delta"] = enable_delta
607
648
  __props__.__dict__["expiry"] = expiry
649
+ __props__.__dict__["max_crl_entries"] = max_crl_entries
608
650
  __props__.__dict__["namespace"] = namespace
609
651
  __props__.__dict__["ocsp_disable"] = ocsp_disable
610
652
  __props__.__dict__["ocsp_expiry"] = ocsp_expiry
@@ -620,19 +662,20 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
620
662
  def get(resource_name: str,
621
663
  id: pulumi.Input[str],
622
664
  opts: Optional[pulumi.ResourceOptions] = None,
623
- auto_rebuild: Optional[pulumi.Input[bool]] = None,
624
- auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
625
- backend: Optional[pulumi.Input[str]] = None,
626
- cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
627
- delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
628
- disable: Optional[pulumi.Input[bool]] = None,
629
- enable_delta: Optional[pulumi.Input[bool]] = None,
630
- expiry: Optional[pulumi.Input[str]] = None,
631
- namespace: Optional[pulumi.Input[str]] = None,
632
- ocsp_disable: Optional[pulumi.Input[bool]] = None,
633
- ocsp_expiry: Optional[pulumi.Input[str]] = None,
634
- unified_crl: Optional[pulumi.Input[bool]] = None,
635
- unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None) -> 'SecretBackendCrlConfig':
665
+ auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
666
+ auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
667
+ backend: Optional[pulumi.Input[builtins.str]] = None,
668
+ cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
669
+ delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
670
+ disable: Optional[pulumi.Input[builtins.bool]] = None,
671
+ enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
672
+ expiry: Optional[pulumi.Input[builtins.str]] = None,
673
+ max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
674
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
675
+ ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
676
+ ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
677
+ unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
678
+ unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None) -> 'SecretBackendCrlConfig':
636
679
  """
637
680
  Get an existing SecretBackendCrlConfig resource's state with the given name, id, and optional extra
638
681
  properties used to qualify the lookup.
@@ -640,24 +683,26 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
640
683
  :param str resource_name: The unique name of the resulting resource.
641
684
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
642
685
  :param pulumi.ResourceOptions opts: Options for the resource.
643
- :param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
644
- :param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
645
- :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
646
- :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
647
- :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
648
- :param pulumi.Input[bool] disable: Disables or enables CRL building.
649
- :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
686
+ :param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
687
+ :param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
688
+ :param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
689
+ :param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
690
+ :param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
691
+ :param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
692
+ :param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
650
693
  augmenting the last complete CRL. **Vault 1.12+**
651
- :param pulumi.Input[str] expiry: Specifies the time until expiration.
652
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
694
+ :param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
695
+ :param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
696
+ accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
697
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
653
698
  The value should not contain leading or trailing forward slashes.
654
699
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
655
700
  *Available only for Vault Enterprise*.
656
- :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
657
- :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
701
+ :param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
702
+ :param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
658
703
  refresh durations. **Vault 1.12+**
659
- :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
660
- :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
704
+ :param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
705
+ :param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
661
706
  cluster-local paths. **Vault 1.13+**
662
707
  """
663
708
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -672,6 +717,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
672
717
  __props__.__dict__["disable"] = disable
673
718
  __props__.__dict__["enable_delta"] = enable_delta
674
719
  __props__.__dict__["expiry"] = expiry
720
+ __props__.__dict__["max_crl_entries"] = max_crl_entries
675
721
  __props__.__dict__["namespace"] = namespace
676
722
  __props__.__dict__["ocsp_disable"] = ocsp_disable
677
723
  __props__.__dict__["ocsp_expiry"] = ocsp_expiry
@@ -681,7 +727,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
681
727
 
682
728
  @property
683
729
  @pulumi.getter(name="autoRebuild")
684
- def auto_rebuild(self) -> pulumi.Output[Optional[bool]]:
730
+ def auto_rebuild(self) -> pulumi.Output[Optional[builtins.bool]]:
685
731
  """
686
732
  Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
687
733
  """
@@ -689,7 +735,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
689
735
 
690
736
  @property
691
737
  @pulumi.getter(name="autoRebuildGracePeriod")
692
- def auto_rebuild_grace_period(self) -> pulumi.Output[str]:
738
+ def auto_rebuild_grace_period(self) -> pulumi.Output[builtins.str]:
693
739
  """
694
740
  Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
695
741
  """
@@ -697,7 +743,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
697
743
 
698
744
  @property
699
745
  @pulumi.getter
700
- def backend(self) -> pulumi.Output[str]:
746
+ def backend(self) -> pulumi.Output[builtins.str]:
701
747
  """
702
748
  The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
703
749
  """
@@ -705,7 +751,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
705
751
 
706
752
  @property
707
753
  @pulumi.getter(name="crossClusterRevocation")
708
- def cross_cluster_revocation(self) -> pulumi.Output[bool]:
754
+ def cross_cluster_revocation(self) -> pulumi.Output[builtins.bool]:
709
755
  """
710
756
  Enable cross-cluster revocation request queues. **Vault 1.13+**
711
757
  """
@@ -713,7 +759,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
713
759
 
714
760
  @property
715
761
  @pulumi.getter(name="deltaRebuildInterval")
716
- def delta_rebuild_interval(self) -> pulumi.Output[str]:
762
+ def delta_rebuild_interval(self) -> pulumi.Output[builtins.str]:
717
763
  """
718
764
  Interval to check for new revocations on, to regenerate the delta CRL.
719
765
  """
@@ -721,7 +767,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
721
767
 
722
768
  @property
723
769
  @pulumi.getter
724
- def disable(self) -> pulumi.Output[Optional[bool]]:
770
+ def disable(self) -> pulumi.Output[Optional[builtins.bool]]:
725
771
  """
726
772
  Disables or enables CRL building.
727
773
  """
@@ -729,7 +775,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
729
775
 
730
776
  @property
731
777
  @pulumi.getter(name="enableDelta")
732
- def enable_delta(self) -> pulumi.Output[Optional[bool]]:
778
+ def enable_delta(self) -> pulumi.Output[Optional[builtins.bool]]:
733
779
  """
734
780
  Enables building of delta CRLs with up-to-date revocation information,
735
781
  augmenting the last complete CRL. **Vault 1.12+**
@@ -738,15 +784,24 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
738
784
 
739
785
  @property
740
786
  @pulumi.getter
741
- def expiry(self) -> pulumi.Output[Optional[str]]:
787
+ def expiry(self) -> pulumi.Output[Optional[builtins.str]]:
742
788
  """
743
789
  Specifies the time until expiration.
744
790
  """
745
791
  return pulumi.get(self, "expiry")
746
792
 
793
+ @property
794
+ @pulumi.getter(name="maxCrlEntries")
795
+ def max_crl_entries(self) -> pulumi.Output[builtins.int]:
796
+ """
797
+ The maximum number of entries a CRL can contain. This option exists to prevent
798
+ accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
799
+ """
800
+ return pulumi.get(self, "max_crl_entries")
801
+
747
802
  @property
748
803
  @pulumi.getter
749
- def namespace(self) -> pulumi.Output[Optional[str]]:
804
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
750
805
  """
751
806
  The namespace to provision the resource in.
752
807
  The value should not contain leading or trailing forward slashes.
@@ -757,7 +812,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
757
812
 
758
813
  @property
759
814
  @pulumi.getter(name="ocspDisable")
760
- def ocsp_disable(self) -> pulumi.Output[Optional[bool]]:
815
+ def ocsp_disable(self) -> pulumi.Output[Optional[builtins.bool]]:
761
816
  """
762
817
  Disables the OCSP responder in Vault. **Vault 1.12+**
763
818
  """
@@ -765,7 +820,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
765
820
 
766
821
  @property
767
822
  @pulumi.getter(name="ocspExpiry")
768
- def ocsp_expiry(self) -> pulumi.Output[str]:
823
+ def ocsp_expiry(self) -> pulumi.Output[builtins.str]:
769
824
  """
770
825
  The amount of time an OCSP response can be cached for, useful for OCSP stapling
771
826
  refresh durations. **Vault 1.12+**
@@ -774,7 +829,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
774
829
 
775
830
  @property
776
831
  @pulumi.getter(name="unifiedCrl")
777
- def unified_crl(self) -> pulumi.Output[bool]:
832
+ def unified_crl(self) -> pulumi.Output[builtins.bool]:
778
833
  """
779
834
  Enables unified CRL and OCSP building. **Vault 1.13+**
780
835
  """
@@ -782,7 +837,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
782
837
 
783
838
  @property
784
839
  @pulumi.getter(name="unifiedCrlOnExistingPaths")
785
- def unified_crl_on_existing_paths(self) -> pulumi.Output[bool]:
840
+ def unified_crl_on_existing_paths(self) -> pulumi.Output[builtins.bool]:
786
841
  """
787
842
  Enables serving the unified CRL and OCSP on the existing, previously
788
843
  cluster-local paths. **Vault 1.13+**