pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +9 -0
- pulumi_vault/_inputs.py +583 -562
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +425 -200
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +523 -306
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +288 -70
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +383 -130
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +432 -186
- pulumi_vault/azure/backend_role.py +188 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +3857 -2200
- pulumi_vault/database/outputs.py +2483 -1330
- pulumi_vault/database/secret_backend_connection.py +333 -112
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +283 -140
- pulumi_vault/database/secrets_mount.py +275 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +426 -205
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +420 -179
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +68 -18
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +754 -533
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +720 -499
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +73 -60
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +31 -36
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +174 -126
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -31
- pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +894 -644
- pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
- pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +2 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +96 -95
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +3 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +325 -0
- pulumi_vault/transit/get_verify.py +355 -0
- pulumi_vault/transit/secret_backend_key.py +394 -231
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
- pulumi_vault-6.7.0.dist-info/RECORD +265 -0
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
- pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -0,0 +1,295 @@
|
|
1
|
+
# coding=utf-8
|
2
|
+
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
|
+
|
5
|
+
import builtins
|
6
|
+
import copy
|
7
|
+
import warnings
|
8
|
+
import sys
|
9
|
+
import pulumi
|
10
|
+
import pulumi.runtime
|
11
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
12
|
+
if sys.version_info >= (3, 11):
|
13
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
14
|
+
else:
|
15
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
16
|
+
from .. import _utilities
|
17
|
+
|
18
|
+
__all__ = [
|
19
|
+
'GetSecretBackendSignResult',
|
20
|
+
'AwaitableGetSecretBackendSignResult',
|
21
|
+
'get_secret_backend_sign',
|
22
|
+
'get_secret_backend_sign_output',
|
23
|
+
]
|
24
|
+
|
25
|
+
@pulumi.output_type
|
26
|
+
class GetSecretBackendSignResult:
|
27
|
+
"""
|
28
|
+
A collection of values returned by getSecretBackendSign.
|
29
|
+
"""
|
30
|
+
def __init__(__self__, cert_type=None, critical_options=None, extensions=None, id=None, key_id=None, name=None, namespace=None, path=None, public_key=None, serial_number=None, signed_key=None, ttl=None, valid_principals=None):
|
31
|
+
if cert_type and not isinstance(cert_type, str):
|
32
|
+
raise TypeError("Expected argument 'cert_type' to be a str")
|
33
|
+
pulumi.set(__self__, "cert_type", cert_type)
|
34
|
+
if critical_options and not isinstance(critical_options, dict):
|
35
|
+
raise TypeError("Expected argument 'critical_options' to be a dict")
|
36
|
+
pulumi.set(__self__, "critical_options", critical_options)
|
37
|
+
if extensions and not isinstance(extensions, dict):
|
38
|
+
raise TypeError("Expected argument 'extensions' to be a dict")
|
39
|
+
pulumi.set(__self__, "extensions", extensions)
|
40
|
+
if id and not isinstance(id, str):
|
41
|
+
raise TypeError("Expected argument 'id' to be a str")
|
42
|
+
pulumi.set(__self__, "id", id)
|
43
|
+
if key_id and not isinstance(key_id, str):
|
44
|
+
raise TypeError("Expected argument 'key_id' to be a str")
|
45
|
+
pulumi.set(__self__, "key_id", key_id)
|
46
|
+
if name and not isinstance(name, str):
|
47
|
+
raise TypeError("Expected argument 'name' to be a str")
|
48
|
+
pulumi.set(__self__, "name", name)
|
49
|
+
if namespace and not isinstance(namespace, str):
|
50
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
51
|
+
pulumi.set(__self__, "namespace", namespace)
|
52
|
+
if path and not isinstance(path, str):
|
53
|
+
raise TypeError("Expected argument 'path' to be a str")
|
54
|
+
pulumi.set(__self__, "path", path)
|
55
|
+
if public_key and not isinstance(public_key, str):
|
56
|
+
raise TypeError("Expected argument 'public_key' to be a str")
|
57
|
+
pulumi.set(__self__, "public_key", public_key)
|
58
|
+
if serial_number and not isinstance(serial_number, str):
|
59
|
+
raise TypeError("Expected argument 'serial_number' to be a str")
|
60
|
+
pulumi.set(__self__, "serial_number", serial_number)
|
61
|
+
if signed_key and not isinstance(signed_key, str):
|
62
|
+
raise TypeError("Expected argument 'signed_key' to be a str")
|
63
|
+
pulumi.set(__self__, "signed_key", signed_key)
|
64
|
+
if ttl and not isinstance(ttl, str):
|
65
|
+
raise TypeError("Expected argument 'ttl' to be a str")
|
66
|
+
pulumi.set(__self__, "ttl", ttl)
|
67
|
+
if valid_principals and not isinstance(valid_principals, str):
|
68
|
+
raise TypeError("Expected argument 'valid_principals' to be a str")
|
69
|
+
pulumi.set(__self__, "valid_principals", valid_principals)
|
70
|
+
|
71
|
+
@property
|
72
|
+
@pulumi.getter(name="certType")
|
73
|
+
def cert_type(self) -> Optional[builtins.str]:
|
74
|
+
return pulumi.get(self, "cert_type")
|
75
|
+
|
76
|
+
@property
|
77
|
+
@pulumi.getter(name="criticalOptions")
|
78
|
+
def critical_options(self) -> Optional[Mapping[str, builtins.str]]:
|
79
|
+
return pulumi.get(self, "critical_options")
|
80
|
+
|
81
|
+
@property
|
82
|
+
@pulumi.getter
|
83
|
+
def extensions(self) -> Optional[Mapping[str, builtins.str]]:
|
84
|
+
return pulumi.get(self, "extensions")
|
85
|
+
|
86
|
+
@property
|
87
|
+
@pulumi.getter
|
88
|
+
def id(self) -> builtins.str:
|
89
|
+
"""
|
90
|
+
The provider-assigned unique ID for this managed resource.
|
91
|
+
"""
|
92
|
+
return pulumi.get(self, "id")
|
93
|
+
|
94
|
+
@property
|
95
|
+
@pulumi.getter(name="keyId")
|
96
|
+
def key_id(self) -> Optional[builtins.str]:
|
97
|
+
return pulumi.get(self, "key_id")
|
98
|
+
|
99
|
+
@property
|
100
|
+
@pulumi.getter
|
101
|
+
def name(self) -> builtins.str:
|
102
|
+
return pulumi.get(self, "name")
|
103
|
+
|
104
|
+
@property
|
105
|
+
@pulumi.getter
|
106
|
+
def namespace(self) -> Optional[builtins.str]:
|
107
|
+
return pulumi.get(self, "namespace")
|
108
|
+
|
109
|
+
@property
|
110
|
+
@pulumi.getter
|
111
|
+
def path(self) -> builtins.str:
|
112
|
+
return pulumi.get(self, "path")
|
113
|
+
|
114
|
+
@property
|
115
|
+
@pulumi.getter(name="publicKey")
|
116
|
+
def public_key(self) -> builtins.str:
|
117
|
+
return pulumi.get(self, "public_key")
|
118
|
+
|
119
|
+
@property
|
120
|
+
@pulumi.getter(name="serialNumber")
|
121
|
+
def serial_number(self) -> builtins.str:
|
122
|
+
"""
|
123
|
+
The serial number of the certificate returned from Vault
|
124
|
+
"""
|
125
|
+
return pulumi.get(self, "serial_number")
|
126
|
+
|
127
|
+
@property
|
128
|
+
@pulumi.getter(name="signedKey")
|
129
|
+
def signed_key(self) -> builtins.str:
|
130
|
+
"""
|
131
|
+
The signed certificate returned from Vault
|
132
|
+
"""
|
133
|
+
return pulumi.get(self, "signed_key")
|
134
|
+
|
135
|
+
@property
|
136
|
+
@pulumi.getter
|
137
|
+
def ttl(self) -> Optional[builtins.str]:
|
138
|
+
return pulumi.get(self, "ttl")
|
139
|
+
|
140
|
+
@property
|
141
|
+
@pulumi.getter(name="validPrincipals")
|
142
|
+
def valid_principals(self) -> Optional[builtins.str]:
|
143
|
+
return pulumi.get(self, "valid_principals")
|
144
|
+
|
145
|
+
|
146
|
+
class AwaitableGetSecretBackendSignResult(GetSecretBackendSignResult):
|
147
|
+
# pylint: disable=using-constant-test
|
148
|
+
def __await__(self):
|
149
|
+
if False:
|
150
|
+
yield self
|
151
|
+
return GetSecretBackendSignResult(
|
152
|
+
cert_type=self.cert_type,
|
153
|
+
critical_options=self.critical_options,
|
154
|
+
extensions=self.extensions,
|
155
|
+
id=self.id,
|
156
|
+
key_id=self.key_id,
|
157
|
+
name=self.name,
|
158
|
+
namespace=self.namespace,
|
159
|
+
path=self.path,
|
160
|
+
public_key=self.public_key,
|
161
|
+
serial_number=self.serial_number,
|
162
|
+
signed_key=self.signed_key,
|
163
|
+
ttl=self.ttl,
|
164
|
+
valid_principals=self.valid_principals)
|
165
|
+
|
166
|
+
|
167
|
+
def get_secret_backend_sign(cert_type: Optional[builtins.str] = None,
|
168
|
+
critical_options: Optional[Mapping[str, builtins.str]] = None,
|
169
|
+
extensions: Optional[Mapping[str, builtins.str]] = None,
|
170
|
+
key_id: Optional[builtins.str] = None,
|
171
|
+
name: Optional[builtins.str] = None,
|
172
|
+
namespace: Optional[builtins.str] = None,
|
173
|
+
path: Optional[builtins.str] = None,
|
174
|
+
public_key: Optional[builtins.str] = None,
|
175
|
+
ttl: Optional[builtins.str] = None,
|
176
|
+
valid_principals: Optional[builtins.str] = None,
|
177
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSecretBackendSignResult:
|
178
|
+
"""
|
179
|
+
This is a data source which can be used to sign an SSH public key
|
180
|
+
|
181
|
+
## Example Usage
|
182
|
+
|
183
|
+
```python
|
184
|
+
import pulumi
|
185
|
+
import pulumi_vault as vault
|
186
|
+
|
187
|
+
test = vault.ssh.get_secret_backend_sign(path="ssh",
|
188
|
+
public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDR6q4PTcuIkpdGEqaCaxnR8/REqlbSiEIKaRZkVSjiTXOaiSfUsy9cY2+7+oO9fLMUrhylImerjzEoagX1IjYvc9IeUBaRnfacN7QwUDfstgp2jknbg7rNX9j9nFxwltV/jYQPcRq8Ud0wn1nb4qixq+diM7+Up+xJOeaKxbpjEUJH5dcvaBB+Aa24tJpjOQxtFyQ6dUxlgJu0tcygZR92kKYCVjZDohlSED3i/Ak2KFwqCKx2IZWq9z1vMEgmRzv++4Qt1OsbpW8itiCyWn6lmV33eDCdjMrr9TEThQNnMinPrHdmVUnPZ/OomP+rLDRE9lQR16uaSvKhg5TWOFIXRPyEhX9arEATrE4KSWeQN2qgHOb6P24YqgEm1ZdHJq25q/nBBAa1x0tFMiWqZwOsGeJ9nTeOeyiqFKH5YRBo6DIy3ag3taFsfQSve6oqjnrudUd1hJ8/bNSz8amECfP0ULvAEAgpiurj3eCPc3OcXl4tAld9F6KwabEJV5eelcs= user@example.com",
|
189
|
+
name="test",
|
190
|
+
valid_principals="my-user")
|
191
|
+
```
|
192
|
+
|
193
|
+
|
194
|
+
:param builtins.str cert_type: Specifies the type of certificate to be created; either "user" or "host".
|
195
|
+
:param Mapping[str, builtins.str] critical_options: Specifies a map of the critical options that the certificate should be signed for. Defaults to none.
|
196
|
+
:param Mapping[str, builtins.str] extensions: Specifies a map of the extensions that the certificate should be signed for. Defaults to none.
|
197
|
+
:param builtins.str key_id: Specifies the key id that the created certificate should have. If not specified, the display name of the token will be used.
|
198
|
+
:param builtins.str name: Specifies the name of the role to sign.
|
199
|
+
:param builtins.str path: Full path where SSH backend is mounted.
|
200
|
+
:param builtins.str public_key: Specifies the SSH public key that should be signed.
|
201
|
+
:param builtins.str ttl: Specifies the Requested Time To Live. Cannot be greater than the role's max_ttl value. If not provided, the role's ttl value will be used. Note that the role values default to system values if not explicitly set.
|
202
|
+
:param builtins.str valid_principals: Specifies valid principals, either usernames or hostnames, that the certificate should be signed for. Required unless the role has specified allow_empty_principals or a value has been set for either the default_user or default_user_template role parameters.
|
203
|
+
"""
|
204
|
+
__args__ = dict()
|
205
|
+
__args__['certType'] = cert_type
|
206
|
+
__args__['criticalOptions'] = critical_options
|
207
|
+
__args__['extensions'] = extensions
|
208
|
+
__args__['keyId'] = key_id
|
209
|
+
__args__['name'] = name
|
210
|
+
__args__['namespace'] = namespace
|
211
|
+
__args__['path'] = path
|
212
|
+
__args__['publicKey'] = public_key
|
213
|
+
__args__['ttl'] = ttl
|
214
|
+
__args__['validPrincipals'] = valid_principals
|
215
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
216
|
+
__ret__ = pulumi.runtime.invoke('vault:ssh/getSecretBackendSign:getSecretBackendSign', __args__, opts=opts, typ=GetSecretBackendSignResult).value
|
217
|
+
|
218
|
+
return AwaitableGetSecretBackendSignResult(
|
219
|
+
cert_type=pulumi.get(__ret__, 'cert_type'),
|
220
|
+
critical_options=pulumi.get(__ret__, 'critical_options'),
|
221
|
+
extensions=pulumi.get(__ret__, 'extensions'),
|
222
|
+
id=pulumi.get(__ret__, 'id'),
|
223
|
+
key_id=pulumi.get(__ret__, 'key_id'),
|
224
|
+
name=pulumi.get(__ret__, 'name'),
|
225
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
226
|
+
path=pulumi.get(__ret__, 'path'),
|
227
|
+
public_key=pulumi.get(__ret__, 'public_key'),
|
228
|
+
serial_number=pulumi.get(__ret__, 'serial_number'),
|
229
|
+
signed_key=pulumi.get(__ret__, 'signed_key'),
|
230
|
+
ttl=pulumi.get(__ret__, 'ttl'),
|
231
|
+
valid_principals=pulumi.get(__ret__, 'valid_principals'))
|
232
|
+
def get_secret_backend_sign_output(cert_type: Optional[pulumi.Input[Optional[builtins.str]]] = None,
|
233
|
+
critical_options: Optional[pulumi.Input[Optional[Mapping[str, builtins.str]]]] = None,
|
234
|
+
extensions: Optional[pulumi.Input[Optional[Mapping[str, builtins.str]]]] = None,
|
235
|
+
key_id: Optional[pulumi.Input[Optional[builtins.str]]] = None,
|
236
|
+
name: Optional[pulumi.Input[builtins.str]] = None,
|
237
|
+
namespace: Optional[pulumi.Input[Optional[builtins.str]]] = None,
|
238
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
239
|
+
public_key: Optional[pulumi.Input[builtins.str]] = None,
|
240
|
+
ttl: Optional[pulumi.Input[Optional[builtins.str]]] = None,
|
241
|
+
valid_principals: Optional[pulumi.Input[Optional[builtins.str]]] = None,
|
242
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretBackendSignResult]:
|
243
|
+
"""
|
244
|
+
This is a data source which can be used to sign an SSH public key
|
245
|
+
|
246
|
+
## Example Usage
|
247
|
+
|
248
|
+
```python
|
249
|
+
import pulumi
|
250
|
+
import pulumi_vault as vault
|
251
|
+
|
252
|
+
test = vault.ssh.get_secret_backend_sign(path="ssh",
|
253
|
+
public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDR6q4PTcuIkpdGEqaCaxnR8/REqlbSiEIKaRZkVSjiTXOaiSfUsy9cY2+7+oO9fLMUrhylImerjzEoagX1IjYvc9IeUBaRnfacN7QwUDfstgp2jknbg7rNX9j9nFxwltV/jYQPcRq8Ud0wn1nb4qixq+diM7+Up+xJOeaKxbpjEUJH5dcvaBB+Aa24tJpjOQxtFyQ6dUxlgJu0tcygZR92kKYCVjZDohlSED3i/Ak2KFwqCKx2IZWq9z1vMEgmRzv++4Qt1OsbpW8itiCyWn6lmV33eDCdjMrr9TEThQNnMinPrHdmVUnPZ/OomP+rLDRE9lQR16uaSvKhg5TWOFIXRPyEhX9arEATrE4KSWeQN2qgHOb6P24YqgEm1ZdHJq25q/nBBAa1x0tFMiWqZwOsGeJ9nTeOeyiqFKH5YRBo6DIy3ag3taFsfQSve6oqjnrudUd1hJ8/bNSz8amECfP0ULvAEAgpiurj3eCPc3OcXl4tAld9F6KwabEJV5eelcs= user@example.com",
|
254
|
+
name="test",
|
255
|
+
valid_principals="my-user")
|
256
|
+
```
|
257
|
+
|
258
|
+
|
259
|
+
:param builtins.str cert_type: Specifies the type of certificate to be created; either "user" or "host".
|
260
|
+
:param Mapping[str, builtins.str] critical_options: Specifies a map of the critical options that the certificate should be signed for. Defaults to none.
|
261
|
+
:param Mapping[str, builtins.str] extensions: Specifies a map of the extensions that the certificate should be signed for. Defaults to none.
|
262
|
+
:param builtins.str key_id: Specifies the key id that the created certificate should have. If not specified, the display name of the token will be used.
|
263
|
+
:param builtins.str name: Specifies the name of the role to sign.
|
264
|
+
:param builtins.str path: Full path where SSH backend is mounted.
|
265
|
+
:param builtins.str public_key: Specifies the SSH public key that should be signed.
|
266
|
+
:param builtins.str ttl: Specifies the Requested Time To Live. Cannot be greater than the role's max_ttl value. If not provided, the role's ttl value will be used. Note that the role values default to system values if not explicitly set.
|
267
|
+
:param builtins.str valid_principals: Specifies valid principals, either usernames or hostnames, that the certificate should be signed for. Required unless the role has specified allow_empty_principals or a value has been set for either the default_user or default_user_template role parameters.
|
268
|
+
"""
|
269
|
+
__args__ = dict()
|
270
|
+
__args__['certType'] = cert_type
|
271
|
+
__args__['criticalOptions'] = critical_options
|
272
|
+
__args__['extensions'] = extensions
|
273
|
+
__args__['keyId'] = key_id
|
274
|
+
__args__['name'] = name
|
275
|
+
__args__['namespace'] = namespace
|
276
|
+
__args__['path'] = path
|
277
|
+
__args__['publicKey'] = public_key
|
278
|
+
__args__['ttl'] = ttl
|
279
|
+
__args__['validPrincipals'] = valid_principals
|
280
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
281
|
+
__ret__ = pulumi.runtime.invoke_output('vault:ssh/getSecretBackendSign:getSecretBackendSign', __args__, opts=opts, typ=GetSecretBackendSignResult)
|
282
|
+
return __ret__.apply(lambda __response__: GetSecretBackendSignResult(
|
283
|
+
cert_type=pulumi.get(__response__, 'cert_type'),
|
284
|
+
critical_options=pulumi.get(__response__, 'critical_options'),
|
285
|
+
extensions=pulumi.get(__response__, 'extensions'),
|
286
|
+
id=pulumi.get(__response__, 'id'),
|
287
|
+
key_id=pulumi.get(__response__, 'key_id'),
|
288
|
+
name=pulumi.get(__response__, 'name'),
|
289
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
290
|
+
path=pulumi.get(__response__, 'path'),
|
291
|
+
public_key=pulumi.get(__response__, 'public_key'),
|
292
|
+
serial_number=pulumi.get(__response__, 'serial_number'),
|
293
|
+
signed_key=pulumi.get(__response__, 'signed_key'),
|
294
|
+
ttl=pulumi.get(__response__, 'ttl'),
|
295
|
+
valid_principals=pulumi.get(__response__, 'valid_principals')))
|
pulumi_vault/ssh/outputs.py
CHANGED
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -21,11 +22,11 @@ __all__ = [
|
|
21
22
|
@pulumi.output_type
|
22
23
|
class SecretBackendRoleAllowedUserKeyConfig(dict):
|
23
24
|
def __init__(__self__, *,
|
24
|
-
lengths: Sequence[int],
|
25
|
-
type: str):
|
25
|
+
lengths: Sequence[builtins.int],
|
26
|
+
type: builtins.str):
|
26
27
|
"""
|
27
|
-
:param Sequence[int] lengths: List of allowed key lengths, vault-1.10 and above
|
28
|
-
:param str type: Key type, choices:
|
28
|
+
:param Sequence[builtins.int] lengths: List of allowed key lengths, vault-1.10 and above
|
29
|
+
:param builtins.str type: Key type, choices:
|
29
30
|
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|
30
31
|
"""
|
31
32
|
pulumi.set(__self__, "lengths", lengths)
|
@@ -33,7 +34,7 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
33
34
|
|
34
35
|
@property
|
35
36
|
@pulumi.getter
|
36
|
-
def lengths(self) -> Sequence[int]:
|
37
|
+
def lengths(self) -> Sequence[builtins.int]:
|
37
38
|
"""
|
38
39
|
List of allowed key lengths, vault-1.10 and above
|
39
40
|
"""
|
@@ -41,7 +42,7 @@ class SecretBackendRoleAllowedUserKeyConfig(dict):
|
|
41
42
|
|
42
43
|
@property
|
43
44
|
@pulumi.getter
|
44
|
-
def type(self) -> str:
|
45
|
+
def type(self) -> builtins.str:
|
45
46
|
"""
|
46
47
|
Key type, choices:
|
47
48
|
rsa, ecdsa, ec, dsa, ed25519, ssh-rsa, ssh-dss, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
|