pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +9 -0
  2. pulumi_vault/_inputs.py +583 -562
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +425 -200
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +523 -306
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +288 -70
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +383 -130
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +432 -186
  38. pulumi_vault/azure/backend_role.py +188 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +3857 -2200
  53. pulumi_vault/database/outputs.py +2483 -1330
  54. pulumi_vault/database/secret_backend_connection.py +333 -112
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +283 -140
  57. pulumi_vault/database/secrets_mount.py +275 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +426 -205
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +420 -179
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +68 -18
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +754 -533
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +720 -499
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +73 -60
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +3 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -36
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +174 -126
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -31
  191. pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +894 -644
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
  203. pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +2 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +96 -95
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +3 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +325 -0
  257. pulumi_vault/transit/get_verify.py +355 -0
  258. pulumi_vault/transit/secret_backend_key.py +394 -231
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
  261. pulumi_vault-6.7.0.dist-info/RECORD +265 -0
  262. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
  263. pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
  264. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,43 +20,54 @@ __all__ = ['SecretBackendStaticRoleArgs', 'SecretBackendStaticRole']
19
20
  @pulumi.input_type
20
21
  class SecretBackendStaticRoleArgs:
21
22
  def __init__(__self__, *,
22
- backend: pulumi.Input[str],
23
- db_name: pulumi.Input[str],
24
- username: pulumi.Input[str],
25
- name: Optional[pulumi.Input[str]] = None,
26
- namespace: Optional[pulumi.Input[str]] = None,
27
- rotation_period: Optional[pulumi.Input[int]] = None,
28
- rotation_schedule: Optional[pulumi.Input[str]] = None,
29
- rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
30
- rotation_window: Optional[pulumi.Input[int]] = None,
31
- self_managed_password: Optional[pulumi.Input[str]] = None):
23
+ backend: pulumi.Input[builtins.str],
24
+ db_name: pulumi.Input[builtins.str],
25
+ username: pulumi.Input[builtins.str],
26
+ credential_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
27
+ credential_type: Optional[pulumi.Input[builtins.str]] = None,
28
+ name: Optional[pulumi.Input[builtins.str]] = None,
29
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
30
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
31
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
32
+ rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
33
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
34
+ self_managed_password: Optional[pulumi.Input[builtins.str]] = None,
35
+ skip_import_rotation: Optional[pulumi.Input[builtins.bool]] = None):
32
36
  """
33
37
  The set of arguments for constructing a SecretBackendStaticRole resource.
34
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
35
- :param pulumi.Input[str] db_name: The unique name of the database connection to use for the static role.
36
- :param pulumi.Input[str] username: The database username that this static role corresponds to.
37
- :param pulumi.Input[str] name: A unique name to give the static role.
38
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
38
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
39
+ :param pulumi.Input[builtins.str] db_name: The unique name of the database connection to use for the static role.
40
+ :param pulumi.Input[builtins.str] username: The database username that this static role corresponds to.
41
+ :param pulumi.Input[builtins.str] credential_type: The credential type for the user, can be one of "password", "rsa_private_key" or "client_certificate".The configuration
42
+ can be done in `credential_config`.
43
+ :param pulumi.Input[builtins.str] name: A unique name to give the static role.
44
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
39
45
  The value should not contain leading or trailing forward slashes.
40
46
  The `namespace` is always relative to the provider's configured namespace.
41
47
  *Available only for Vault Enterprise*.
42
- :param pulumi.Input[int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
48
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
43
49
  Mutually exclusive with `rotation_schedule`.
44
- :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
50
+ :param pulumi.Input[builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
45
51
  Mutually exclusive with `rotation_period`.
46
52
 
47
53
  **Warning**: The `rotation_period` and `rotation_schedule` fields are
48
54
  mutually exclusive. One of them must be set but not both.
49
- :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
50
- :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
55
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
56
+ :param pulumi.Input[builtins.int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
51
57
  from a given `rotation_schedule`.
52
- :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
58
+ :param pulumi.Input[builtins.str] self_managed_password: The password corresponding to the username in the database.
53
59
  Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
54
60
  select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
61
+ :param pulumi.Input[builtins.bool] skip_import_rotation: If set to true, Vault will skip the
62
+ initial secret rotation on import. Requires Vault 1.18+ Enterprise.
55
63
  """
56
64
  pulumi.set(__self__, "backend", backend)
57
65
  pulumi.set(__self__, "db_name", db_name)
58
66
  pulumi.set(__self__, "username", username)
67
+ if credential_config is not None:
68
+ pulumi.set(__self__, "credential_config", credential_config)
69
+ if credential_type is not None:
70
+ pulumi.set(__self__, "credential_type", credential_type)
59
71
  if name is not None:
60
72
  pulumi.set(__self__, "name", name)
61
73
  if namespace is not None:
@@ -70,58 +82,82 @@ class SecretBackendStaticRoleArgs:
70
82
  pulumi.set(__self__, "rotation_window", rotation_window)
71
83
  if self_managed_password is not None:
72
84
  pulumi.set(__self__, "self_managed_password", self_managed_password)
85
+ if skip_import_rotation is not None:
86
+ pulumi.set(__self__, "skip_import_rotation", skip_import_rotation)
73
87
 
74
88
  @property
75
89
  @pulumi.getter
76
- def backend(self) -> pulumi.Input[str]:
90
+ def backend(self) -> pulumi.Input[builtins.str]:
77
91
  """
78
92
  The unique name of the Vault mount to configure.
79
93
  """
80
94
  return pulumi.get(self, "backend")
81
95
 
82
96
  @backend.setter
83
- def backend(self, value: pulumi.Input[str]):
97
+ def backend(self, value: pulumi.Input[builtins.str]):
84
98
  pulumi.set(self, "backend", value)
85
99
 
86
100
  @property
87
101
  @pulumi.getter(name="dbName")
88
- def db_name(self) -> pulumi.Input[str]:
102
+ def db_name(self) -> pulumi.Input[builtins.str]:
89
103
  """
90
104
  The unique name of the database connection to use for the static role.
91
105
  """
92
106
  return pulumi.get(self, "db_name")
93
107
 
94
108
  @db_name.setter
95
- def db_name(self, value: pulumi.Input[str]):
109
+ def db_name(self, value: pulumi.Input[builtins.str]):
96
110
  pulumi.set(self, "db_name", value)
97
111
 
98
112
  @property
99
113
  @pulumi.getter
100
- def username(self) -> pulumi.Input[str]:
114
+ def username(self) -> pulumi.Input[builtins.str]:
101
115
  """
102
116
  The database username that this static role corresponds to.
103
117
  """
104
118
  return pulumi.get(self, "username")
105
119
 
106
120
  @username.setter
107
- def username(self, value: pulumi.Input[str]):
121
+ def username(self, value: pulumi.Input[builtins.str]):
108
122
  pulumi.set(self, "username", value)
109
123
 
124
+ @property
125
+ @pulumi.getter(name="credentialConfig")
126
+ def credential_config(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
127
+ return pulumi.get(self, "credential_config")
128
+
129
+ @credential_config.setter
130
+ def credential_config(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
131
+ pulumi.set(self, "credential_config", value)
132
+
133
+ @property
134
+ @pulumi.getter(name="credentialType")
135
+ def credential_type(self) -> Optional[pulumi.Input[builtins.str]]:
136
+ """
137
+ The credential type for the user, can be one of "password", "rsa_private_key" or "client_certificate".The configuration
138
+ can be done in `credential_config`.
139
+ """
140
+ return pulumi.get(self, "credential_type")
141
+
142
+ @credential_type.setter
143
+ def credential_type(self, value: Optional[pulumi.Input[builtins.str]]):
144
+ pulumi.set(self, "credential_type", value)
145
+
110
146
  @property
111
147
  @pulumi.getter
112
- def name(self) -> Optional[pulumi.Input[str]]:
148
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
113
149
  """
114
150
  A unique name to give the static role.
115
151
  """
116
152
  return pulumi.get(self, "name")
117
153
 
118
154
  @name.setter
119
- def name(self, value: Optional[pulumi.Input[str]]):
155
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
120
156
  pulumi.set(self, "name", value)
121
157
 
122
158
  @property
123
159
  @pulumi.getter
124
- def namespace(self) -> Optional[pulumi.Input[str]]:
160
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
125
161
  """
126
162
  The namespace to provision the resource in.
127
163
  The value should not contain leading or trailing forward slashes.
@@ -131,12 +167,12 @@ class SecretBackendStaticRoleArgs:
131
167
  return pulumi.get(self, "namespace")
132
168
 
133
169
  @namespace.setter
134
- def namespace(self, value: Optional[pulumi.Input[str]]):
170
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
135
171
  pulumi.set(self, "namespace", value)
136
172
 
137
173
  @property
138
174
  @pulumi.getter(name="rotationPeriod")
139
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
175
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
140
176
  """
141
177
  The amount of time Vault should wait before rotating the password, in seconds.
142
178
  Mutually exclusive with `rotation_schedule`.
@@ -144,12 +180,12 @@ class SecretBackendStaticRoleArgs:
144
180
  return pulumi.get(self, "rotation_period")
145
181
 
146
182
  @rotation_period.setter
147
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
183
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
148
184
  pulumi.set(self, "rotation_period", value)
149
185
 
150
186
  @property
151
187
  @pulumi.getter(name="rotationSchedule")
152
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
188
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
153
189
  """
154
190
  A cron-style string that will define the schedule on which rotations should occur.
155
191
  Mutually exclusive with `rotation_period`.
@@ -160,24 +196,24 @@ class SecretBackendStaticRoleArgs:
160
196
  return pulumi.get(self, "rotation_schedule")
161
197
 
162
198
  @rotation_schedule.setter
163
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
199
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
164
200
  pulumi.set(self, "rotation_schedule", value)
165
201
 
166
202
  @property
167
203
  @pulumi.getter(name="rotationStatements")
168
- def rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
204
+ def rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
169
205
  """
170
206
  Database statements to execute to rotate the password for the configured database user.
171
207
  """
172
208
  return pulumi.get(self, "rotation_statements")
173
209
 
174
210
  @rotation_statements.setter
175
- def rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
211
+ def rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
176
212
  pulumi.set(self, "rotation_statements", value)
177
213
 
178
214
  @property
179
215
  @pulumi.getter(name="rotationWindow")
180
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
216
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
181
217
  """
182
218
  The amount of time, in seconds, in which rotations are allowed to occur starting
183
219
  from a given `rotation_schedule`.
@@ -185,12 +221,12 @@ class SecretBackendStaticRoleArgs:
185
221
  return pulumi.get(self, "rotation_window")
186
222
 
187
223
  @rotation_window.setter
188
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
224
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
189
225
  pulumi.set(self, "rotation_window", value)
190
226
 
191
227
  @property
192
228
  @pulumi.getter(name="selfManagedPassword")
193
- def self_managed_password(self) -> Optional[pulumi.Input[str]]:
229
+ def self_managed_password(self) -> Optional[pulumi.Input[builtins.str]]:
194
230
  """
195
231
  The password corresponding to the username in the database.
196
232
  Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
@@ -199,49 +235,73 @@ class SecretBackendStaticRoleArgs:
199
235
  return pulumi.get(self, "self_managed_password")
200
236
 
201
237
  @self_managed_password.setter
202
- def self_managed_password(self, value: Optional[pulumi.Input[str]]):
238
+ def self_managed_password(self, value: Optional[pulumi.Input[builtins.str]]):
203
239
  pulumi.set(self, "self_managed_password", value)
204
240
 
241
+ @property
242
+ @pulumi.getter(name="skipImportRotation")
243
+ def skip_import_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
244
+ """
245
+ If set to true, Vault will skip the
246
+ initial secret rotation on import. Requires Vault 1.18+ Enterprise.
247
+ """
248
+ return pulumi.get(self, "skip_import_rotation")
249
+
250
+ @skip_import_rotation.setter
251
+ def skip_import_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
252
+ pulumi.set(self, "skip_import_rotation", value)
253
+
205
254
 
206
255
  @pulumi.input_type
207
256
  class _SecretBackendStaticRoleState:
208
257
  def __init__(__self__, *,
209
- backend: Optional[pulumi.Input[str]] = None,
210
- db_name: Optional[pulumi.Input[str]] = None,
211
- name: Optional[pulumi.Input[str]] = None,
212
- namespace: Optional[pulumi.Input[str]] = None,
213
- rotation_period: Optional[pulumi.Input[int]] = None,
214
- rotation_schedule: Optional[pulumi.Input[str]] = None,
215
- rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
216
- rotation_window: Optional[pulumi.Input[int]] = None,
217
- self_managed_password: Optional[pulumi.Input[str]] = None,
218
- username: Optional[pulumi.Input[str]] = None):
258
+ backend: Optional[pulumi.Input[builtins.str]] = None,
259
+ credential_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
260
+ credential_type: Optional[pulumi.Input[builtins.str]] = None,
261
+ db_name: Optional[pulumi.Input[builtins.str]] = None,
262
+ name: Optional[pulumi.Input[builtins.str]] = None,
263
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
264
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
265
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
266
+ rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
267
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
268
+ self_managed_password: Optional[pulumi.Input[builtins.str]] = None,
269
+ skip_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
270
+ username: Optional[pulumi.Input[builtins.str]] = None):
219
271
  """
220
272
  Input properties used for looking up and filtering SecretBackendStaticRole resources.
221
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
222
- :param pulumi.Input[str] db_name: The unique name of the database connection to use for the static role.
223
- :param pulumi.Input[str] name: A unique name to give the static role.
224
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
273
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
274
+ :param pulumi.Input[builtins.str] credential_type: The credential type for the user, can be one of "password", "rsa_private_key" or "client_certificate".The configuration
275
+ can be done in `credential_config`.
276
+ :param pulumi.Input[builtins.str] db_name: The unique name of the database connection to use for the static role.
277
+ :param pulumi.Input[builtins.str] name: A unique name to give the static role.
278
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
225
279
  The value should not contain leading or trailing forward slashes.
226
280
  The `namespace` is always relative to the provider's configured namespace.
227
281
  *Available only for Vault Enterprise*.
228
- :param pulumi.Input[int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
282
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
229
283
  Mutually exclusive with `rotation_schedule`.
230
- :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
284
+ :param pulumi.Input[builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
231
285
  Mutually exclusive with `rotation_period`.
232
286
 
233
287
  **Warning**: The `rotation_period` and `rotation_schedule` fields are
234
288
  mutually exclusive. One of them must be set but not both.
235
- :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
236
- :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
289
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
290
+ :param pulumi.Input[builtins.int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
237
291
  from a given `rotation_schedule`.
238
- :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
292
+ :param pulumi.Input[builtins.str] self_managed_password: The password corresponding to the username in the database.
239
293
  Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
240
294
  select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
241
- :param pulumi.Input[str] username: The database username that this static role corresponds to.
295
+ :param pulumi.Input[builtins.bool] skip_import_rotation: If set to true, Vault will skip the
296
+ initial secret rotation on import. Requires Vault 1.18+ Enterprise.
297
+ :param pulumi.Input[builtins.str] username: The database username that this static role corresponds to.
242
298
  """
243
299
  if backend is not None:
244
300
  pulumi.set(__self__, "backend", backend)
301
+ if credential_config is not None:
302
+ pulumi.set(__self__, "credential_config", credential_config)
303
+ if credential_type is not None:
304
+ pulumi.set(__self__, "credential_type", credential_type)
245
305
  if db_name is not None:
246
306
  pulumi.set(__self__, "db_name", db_name)
247
307
  if name is not None:
@@ -258,48 +318,72 @@ class _SecretBackendStaticRoleState:
258
318
  pulumi.set(__self__, "rotation_window", rotation_window)
259
319
  if self_managed_password is not None:
260
320
  pulumi.set(__self__, "self_managed_password", self_managed_password)
321
+ if skip_import_rotation is not None:
322
+ pulumi.set(__self__, "skip_import_rotation", skip_import_rotation)
261
323
  if username is not None:
262
324
  pulumi.set(__self__, "username", username)
263
325
 
264
326
  @property
265
327
  @pulumi.getter
266
- def backend(self) -> Optional[pulumi.Input[str]]:
328
+ def backend(self) -> Optional[pulumi.Input[builtins.str]]:
267
329
  """
268
330
  The unique name of the Vault mount to configure.
269
331
  """
270
332
  return pulumi.get(self, "backend")
271
333
 
272
334
  @backend.setter
273
- def backend(self, value: Optional[pulumi.Input[str]]):
335
+ def backend(self, value: Optional[pulumi.Input[builtins.str]]):
274
336
  pulumi.set(self, "backend", value)
275
337
 
338
+ @property
339
+ @pulumi.getter(name="credentialConfig")
340
+ def credential_config(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
341
+ return pulumi.get(self, "credential_config")
342
+
343
+ @credential_config.setter
344
+ def credential_config(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
345
+ pulumi.set(self, "credential_config", value)
346
+
347
+ @property
348
+ @pulumi.getter(name="credentialType")
349
+ def credential_type(self) -> Optional[pulumi.Input[builtins.str]]:
350
+ """
351
+ The credential type for the user, can be one of "password", "rsa_private_key" or "client_certificate".The configuration
352
+ can be done in `credential_config`.
353
+ """
354
+ return pulumi.get(self, "credential_type")
355
+
356
+ @credential_type.setter
357
+ def credential_type(self, value: Optional[pulumi.Input[builtins.str]]):
358
+ pulumi.set(self, "credential_type", value)
359
+
276
360
  @property
277
361
  @pulumi.getter(name="dbName")
278
- def db_name(self) -> Optional[pulumi.Input[str]]:
362
+ def db_name(self) -> Optional[pulumi.Input[builtins.str]]:
279
363
  """
280
364
  The unique name of the database connection to use for the static role.
281
365
  """
282
366
  return pulumi.get(self, "db_name")
283
367
 
284
368
  @db_name.setter
285
- def db_name(self, value: Optional[pulumi.Input[str]]):
369
+ def db_name(self, value: Optional[pulumi.Input[builtins.str]]):
286
370
  pulumi.set(self, "db_name", value)
287
371
 
288
372
  @property
289
373
  @pulumi.getter
290
- def name(self) -> Optional[pulumi.Input[str]]:
374
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
291
375
  """
292
376
  A unique name to give the static role.
293
377
  """
294
378
  return pulumi.get(self, "name")
295
379
 
296
380
  @name.setter
297
- def name(self, value: Optional[pulumi.Input[str]]):
381
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
298
382
  pulumi.set(self, "name", value)
299
383
 
300
384
  @property
301
385
  @pulumi.getter
302
- def namespace(self) -> Optional[pulumi.Input[str]]:
386
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
303
387
  """
304
388
  The namespace to provision the resource in.
305
389
  The value should not contain leading or trailing forward slashes.
@@ -309,12 +393,12 @@ class _SecretBackendStaticRoleState:
309
393
  return pulumi.get(self, "namespace")
310
394
 
311
395
  @namespace.setter
312
- def namespace(self, value: Optional[pulumi.Input[str]]):
396
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
313
397
  pulumi.set(self, "namespace", value)
314
398
 
315
399
  @property
316
400
  @pulumi.getter(name="rotationPeriod")
317
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
401
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
318
402
  """
319
403
  The amount of time Vault should wait before rotating the password, in seconds.
320
404
  Mutually exclusive with `rotation_schedule`.
@@ -322,12 +406,12 @@ class _SecretBackendStaticRoleState:
322
406
  return pulumi.get(self, "rotation_period")
323
407
 
324
408
  @rotation_period.setter
325
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
409
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
326
410
  pulumi.set(self, "rotation_period", value)
327
411
 
328
412
  @property
329
413
  @pulumi.getter(name="rotationSchedule")
330
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
414
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
331
415
  """
332
416
  A cron-style string that will define the schedule on which rotations should occur.
333
417
  Mutually exclusive with `rotation_period`.
@@ -338,24 +422,24 @@ class _SecretBackendStaticRoleState:
338
422
  return pulumi.get(self, "rotation_schedule")
339
423
 
340
424
  @rotation_schedule.setter
341
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
425
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
342
426
  pulumi.set(self, "rotation_schedule", value)
343
427
 
344
428
  @property
345
429
  @pulumi.getter(name="rotationStatements")
346
- def rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
430
+ def rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
347
431
  """
348
432
  Database statements to execute to rotate the password for the configured database user.
349
433
  """
350
434
  return pulumi.get(self, "rotation_statements")
351
435
 
352
436
  @rotation_statements.setter
353
- def rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
437
+ def rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
354
438
  pulumi.set(self, "rotation_statements", value)
355
439
 
356
440
  @property
357
441
  @pulumi.getter(name="rotationWindow")
358
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
442
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
359
443
  """
360
444
  The amount of time, in seconds, in which rotations are allowed to occur starting
361
445
  from a given `rotation_schedule`.
@@ -363,12 +447,12 @@ class _SecretBackendStaticRoleState:
363
447
  return pulumi.get(self, "rotation_window")
364
448
 
365
449
  @rotation_window.setter
366
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
450
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
367
451
  pulumi.set(self, "rotation_window", value)
368
452
 
369
453
  @property
370
454
  @pulumi.getter(name="selfManagedPassword")
371
- def self_managed_password(self) -> Optional[pulumi.Input[str]]:
455
+ def self_managed_password(self) -> Optional[pulumi.Input[builtins.str]]:
372
456
  """
373
457
  The password corresponding to the username in the database.
374
458
  Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
@@ -377,19 +461,32 @@ class _SecretBackendStaticRoleState:
377
461
  return pulumi.get(self, "self_managed_password")
378
462
 
379
463
  @self_managed_password.setter
380
- def self_managed_password(self, value: Optional[pulumi.Input[str]]):
464
+ def self_managed_password(self, value: Optional[pulumi.Input[builtins.str]]):
381
465
  pulumi.set(self, "self_managed_password", value)
382
466
 
467
+ @property
468
+ @pulumi.getter(name="skipImportRotation")
469
+ def skip_import_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
470
+ """
471
+ If set to true, Vault will skip the
472
+ initial secret rotation on import. Requires Vault 1.18+ Enterprise.
473
+ """
474
+ return pulumi.get(self, "skip_import_rotation")
475
+
476
+ @skip_import_rotation.setter
477
+ def skip_import_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
478
+ pulumi.set(self, "skip_import_rotation", value)
479
+
383
480
  @property
384
481
  @pulumi.getter
385
- def username(self) -> Optional[pulumi.Input[str]]:
482
+ def username(self) -> Optional[pulumi.Input[builtins.str]]:
386
483
  """
387
484
  The database username that this static role corresponds to.
388
485
  """
389
486
  return pulumi.get(self, "username")
390
487
 
391
488
  @username.setter
392
- def username(self, value: Optional[pulumi.Input[str]]):
489
+ def username(self, value: Optional[pulumi.Input[builtins.str]]):
393
490
  pulumi.set(self, "username", value)
394
491
 
395
492
 
@@ -398,16 +495,19 @@ class SecretBackendStaticRole(pulumi.CustomResource):
398
495
  def __init__(__self__,
399
496
  resource_name: str,
400
497
  opts: Optional[pulumi.ResourceOptions] = None,
401
- backend: Optional[pulumi.Input[str]] = None,
402
- db_name: Optional[pulumi.Input[str]] = None,
403
- name: Optional[pulumi.Input[str]] = None,
404
- namespace: Optional[pulumi.Input[str]] = None,
405
- rotation_period: Optional[pulumi.Input[int]] = None,
406
- rotation_schedule: Optional[pulumi.Input[str]] = None,
407
- rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
408
- rotation_window: Optional[pulumi.Input[int]] = None,
409
- self_managed_password: Optional[pulumi.Input[str]] = None,
410
- username: Optional[pulumi.Input[str]] = None,
498
+ backend: Optional[pulumi.Input[builtins.str]] = None,
499
+ credential_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
500
+ credential_type: Optional[pulumi.Input[builtins.str]] = None,
501
+ db_name: Optional[pulumi.Input[builtins.str]] = None,
502
+ name: Optional[pulumi.Input[builtins.str]] = None,
503
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
504
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
505
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
506
+ rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
507
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
508
+ self_managed_password: Optional[pulumi.Input[builtins.str]] = None,
509
+ skip_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
510
+ username: Optional[pulumi.Input[builtins.str]] = None,
411
511
  __props__=None):
412
512
  """
413
513
  Creates a Database Secret Backend static role in Vault. Database secret backend
@@ -459,27 +559,31 @@ class SecretBackendStaticRole(pulumi.CustomResource):
459
559
 
460
560
  :param str resource_name: The name of the resource.
461
561
  :param pulumi.ResourceOptions opts: Options for the resource.
462
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
463
- :param pulumi.Input[str] db_name: The unique name of the database connection to use for the static role.
464
- :param pulumi.Input[str] name: A unique name to give the static role.
465
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
562
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
563
+ :param pulumi.Input[builtins.str] credential_type: The credential type for the user, can be one of "password", "rsa_private_key" or "client_certificate".The configuration
564
+ can be done in `credential_config`.
565
+ :param pulumi.Input[builtins.str] db_name: The unique name of the database connection to use for the static role.
566
+ :param pulumi.Input[builtins.str] name: A unique name to give the static role.
567
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
466
568
  The value should not contain leading or trailing forward slashes.
467
569
  The `namespace` is always relative to the provider's configured namespace.
468
570
  *Available only for Vault Enterprise*.
469
- :param pulumi.Input[int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
571
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
470
572
  Mutually exclusive with `rotation_schedule`.
471
- :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
573
+ :param pulumi.Input[builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
472
574
  Mutually exclusive with `rotation_period`.
473
575
 
474
576
  **Warning**: The `rotation_period` and `rotation_schedule` fields are
475
577
  mutually exclusive. One of them must be set but not both.
476
- :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
477
- :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
578
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
579
+ :param pulumi.Input[builtins.int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
478
580
  from a given `rotation_schedule`.
479
- :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
581
+ :param pulumi.Input[builtins.str] self_managed_password: The password corresponding to the username in the database.
480
582
  Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
481
583
  select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
482
- :param pulumi.Input[str] username: The database username that this static role corresponds to.
584
+ :param pulumi.Input[builtins.bool] skip_import_rotation: If set to true, Vault will skip the
585
+ initial secret rotation on import. Requires Vault 1.18+ Enterprise.
586
+ :param pulumi.Input[builtins.str] username: The database username that this static role corresponds to.
483
587
  """
484
588
  ...
485
589
  @overload
@@ -550,16 +654,19 @@ class SecretBackendStaticRole(pulumi.CustomResource):
550
654
  def _internal_init(__self__,
551
655
  resource_name: str,
552
656
  opts: Optional[pulumi.ResourceOptions] = None,
553
- backend: Optional[pulumi.Input[str]] = None,
554
- db_name: Optional[pulumi.Input[str]] = None,
555
- name: Optional[pulumi.Input[str]] = None,
556
- namespace: Optional[pulumi.Input[str]] = None,
557
- rotation_period: Optional[pulumi.Input[int]] = None,
558
- rotation_schedule: Optional[pulumi.Input[str]] = None,
559
- rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
560
- rotation_window: Optional[pulumi.Input[int]] = None,
561
- self_managed_password: Optional[pulumi.Input[str]] = None,
562
- username: Optional[pulumi.Input[str]] = None,
657
+ backend: Optional[pulumi.Input[builtins.str]] = None,
658
+ credential_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
659
+ credential_type: Optional[pulumi.Input[builtins.str]] = None,
660
+ db_name: Optional[pulumi.Input[builtins.str]] = None,
661
+ name: Optional[pulumi.Input[builtins.str]] = None,
662
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
663
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
664
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
665
+ rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
666
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
667
+ self_managed_password: Optional[pulumi.Input[builtins.str]] = None,
668
+ skip_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
669
+ username: Optional[pulumi.Input[builtins.str]] = None,
563
670
  __props__=None):
564
671
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
565
672
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -572,6 +679,8 @@ class SecretBackendStaticRole(pulumi.CustomResource):
572
679
  if backend is None and not opts.urn:
573
680
  raise TypeError("Missing required property 'backend'")
574
681
  __props__.__dict__["backend"] = backend
682
+ __props__.__dict__["credential_config"] = credential_config
683
+ __props__.__dict__["credential_type"] = credential_type
575
684
  if db_name is None and not opts.urn:
576
685
  raise TypeError("Missing required property 'db_name'")
577
686
  __props__.__dict__["db_name"] = db_name
@@ -582,6 +691,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
582
691
  __props__.__dict__["rotation_statements"] = rotation_statements
583
692
  __props__.__dict__["rotation_window"] = rotation_window
584
693
  __props__.__dict__["self_managed_password"] = None if self_managed_password is None else pulumi.Output.secret(self_managed_password)
694
+ __props__.__dict__["skip_import_rotation"] = skip_import_rotation
585
695
  if username is None and not opts.urn:
586
696
  raise TypeError("Missing required property 'username'")
587
697
  __props__.__dict__["username"] = username
@@ -597,16 +707,19 @@ class SecretBackendStaticRole(pulumi.CustomResource):
597
707
  def get(resource_name: str,
598
708
  id: pulumi.Input[str],
599
709
  opts: Optional[pulumi.ResourceOptions] = None,
600
- backend: Optional[pulumi.Input[str]] = None,
601
- db_name: Optional[pulumi.Input[str]] = None,
602
- name: Optional[pulumi.Input[str]] = None,
603
- namespace: Optional[pulumi.Input[str]] = None,
604
- rotation_period: Optional[pulumi.Input[int]] = None,
605
- rotation_schedule: Optional[pulumi.Input[str]] = None,
606
- rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
607
- rotation_window: Optional[pulumi.Input[int]] = None,
608
- self_managed_password: Optional[pulumi.Input[str]] = None,
609
- username: Optional[pulumi.Input[str]] = None) -> 'SecretBackendStaticRole':
710
+ backend: Optional[pulumi.Input[builtins.str]] = None,
711
+ credential_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
712
+ credential_type: Optional[pulumi.Input[builtins.str]] = None,
713
+ db_name: Optional[pulumi.Input[builtins.str]] = None,
714
+ name: Optional[pulumi.Input[builtins.str]] = None,
715
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
716
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
717
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
718
+ rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
719
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
720
+ self_managed_password: Optional[pulumi.Input[builtins.str]] = None,
721
+ skip_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
722
+ username: Optional[pulumi.Input[builtins.str]] = None) -> 'SecretBackendStaticRole':
610
723
  """
611
724
  Get an existing SecretBackendStaticRole resource's state with the given name, id, and optional extra
612
725
  properties used to qualify the lookup.
@@ -614,33 +727,39 @@ class SecretBackendStaticRole(pulumi.CustomResource):
614
727
  :param str resource_name: The unique name of the resulting resource.
615
728
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
616
729
  :param pulumi.ResourceOptions opts: Options for the resource.
617
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
618
- :param pulumi.Input[str] db_name: The unique name of the database connection to use for the static role.
619
- :param pulumi.Input[str] name: A unique name to give the static role.
620
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
730
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
731
+ :param pulumi.Input[builtins.str] credential_type: The credential type for the user, can be one of "password", "rsa_private_key" or "client_certificate".The configuration
732
+ can be done in `credential_config`.
733
+ :param pulumi.Input[builtins.str] db_name: The unique name of the database connection to use for the static role.
734
+ :param pulumi.Input[builtins.str] name: A unique name to give the static role.
735
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
621
736
  The value should not contain leading or trailing forward slashes.
622
737
  The `namespace` is always relative to the provider's configured namespace.
623
738
  *Available only for Vault Enterprise*.
624
- :param pulumi.Input[int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
739
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
625
740
  Mutually exclusive with `rotation_schedule`.
626
- :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
741
+ :param pulumi.Input[builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
627
742
  Mutually exclusive with `rotation_period`.
628
743
 
629
744
  **Warning**: The `rotation_period` and `rotation_schedule` fields are
630
745
  mutually exclusive. One of them must be set but not both.
631
- :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
632
- :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
746
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
747
+ :param pulumi.Input[builtins.int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
633
748
  from a given `rotation_schedule`.
634
- :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
749
+ :param pulumi.Input[builtins.str] self_managed_password: The password corresponding to the username in the database.
635
750
  Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
636
751
  select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
637
- :param pulumi.Input[str] username: The database username that this static role corresponds to.
752
+ :param pulumi.Input[builtins.bool] skip_import_rotation: If set to true, Vault will skip the
753
+ initial secret rotation on import. Requires Vault 1.18+ Enterprise.
754
+ :param pulumi.Input[builtins.str] username: The database username that this static role corresponds to.
638
755
  """
639
756
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
640
757
 
641
758
  __props__ = _SecretBackendStaticRoleState.__new__(_SecretBackendStaticRoleState)
642
759
 
643
760
  __props__.__dict__["backend"] = backend
761
+ __props__.__dict__["credential_config"] = credential_config
762
+ __props__.__dict__["credential_type"] = credential_type
644
763
  __props__.__dict__["db_name"] = db_name
645
764
  __props__.__dict__["name"] = name
646
765
  __props__.__dict__["namespace"] = namespace
@@ -649,20 +768,35 @@ class SecretBackendStaticRole(pulumi.CustomResource):
649
768
  __props__.__dict__["rotation_statements"] = rotation_statements
650
769
  __props__.__dict__["rotation_window"] = rotation_window
651
770
  __props__.__dict__["self_managed_password"] = self_managed_password
771
+ __props__.__dict__["skip_import_rotation"] = skip_import_rotation
652
772
  __props__.__dict__["username"] = username
653
773
  return SecretBackendStaticRole(resource_name, opts=opts, __props__=__props__)
654
774
 
655
775
  @property
656
776
  @pulumi.getter
657
- def backend(self) -> pulumi.Output[str]:
777
+ def backend(self) -> pulumi.Output[builtins.str]:
658
778
  """
659
779
  The unique name of the Vault mount to configure.
660
780
  """
661
781
  return pulumi.get(self, "backend")
662
782
 
783
+ @property
784
+ @pulumi.getter(name="credentialConfig")
785
+ def credential_config(self) -> pulumi.Output[Optional[Mapping[str, builtins.str]]]:
786
+ return pulumi.get(self, "credential_config")
787
+
788
+ @property
789
+ @pulumi.getter(name="credentialType")
790
+ def credential_type(self) -> pulumi.Output[builtins.str]:
791
+ """
792
+ The credential type for the user, can be one of "password", "rsa_private_key" or "client_certificate".The configuration
793
+ can be done in `credential_config`.
794
+ """
795
+ return pulumi.get(self, "credential_type")
796
+
663
797
  @property
664
798
  @pulumi.getter(name="dbName")
665
- def db_name(self) -> pulumi.Output[str]:
799
+ def db_name(self) -> pulumi.Output[builtins.str]:
666
800
  """
667
801
  The unique name of the database connection to use for the static role.
668
802
  """
@@ -670,7 +804,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
670
804
 
671
805
  @property
672
806
  @pulumi.getter
673
- def name(self) -> pulumi.Output[str]:
807
+ def name(self) -> pulumi.Output[builtins.str]:
674
808
  """
675
809
  A unique name to give the static role.
676
810
  """
@@ -678,7 +812,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
678
812
 
679
813
  @property
680
814
  @pulumi.getter
681
- def namespace(self) -> pulumi.Output[Optional[str]]:
815
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
682
816
  """
683
817
  The namespace to provision the resource in.
684
818
  The value should not contain leading or trailing forward slashes.
@@ -689,7 +823,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
689
823
 
690
824
  @property
691
825
  @pulumi.getter(name="rotationPeriod")
692
- def rotation_period(self) -> pulumi.Output[Optional[int]]:
826
+ def rotation_period(self) -> pulumi.Output[Optional[builtins.int]]:
693
827
  """
694
828
  The amount of time Vault should wait before rotating the password, in seconds.
695
829
  Mutually exclusive with `rotation_schedule`.
@@ -698,7 +832,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
698
832
 
699
833
  @property
700
834
  @pulumi.getter(name="rotationSchedule")
701
- def rotation_schedule(self) -> pulumi.Output[Optional[str]]:
835
+ def rotation_schedule(self) -> pulumi.Output[Optional[builtins.str]]:
702
836
  """
703
837
  A cron-style string that will define the schedule on which rotations should occur.
704
838
  Mutually exclusive with `rotation_period`.
@@ -710,7 +844,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
710
844
 
711
845
  @property
712
846
  @pulumi.getter(name="rotationStatements")
713
- def rotation_statements(self) -> pulumi.Output[Optional[Sequence[str]]]:
847
+ def rotation_statements(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
714
848
  """
715
849
  Database statements to execute to rotate the password for the configured database user.
716
850
  """
@@ -718,7 +852,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
718
852
 
719
853
  @property
720
854
  @pulumi.getter(name="rotationWindow")
721
- def rotation_window(self) -> pulumi.Output[Optional[int]]:
855
+ def rotation_window(self) -> pulumi.Output[Optional[builtins.int]]:
722
856
  """
723
857
  The amount of time, in seconds, in which rotations are allowed to occur starting
724
858
  from a given `rotation_schedule`.
@@ -727,7 +861,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
727
861
 
728
862
  @property
729
863
  @pulumi.getter(name="selfManagedPassword")
730
- def self_managed_password(self) -> pulumi.Output[Optional[str]]:
864
+ def self_managed_password(self) -> pulumi.Output[Optional[builtins.str]]:
731
865
  """
732
866
  The password corresponding to the username in the database.
733
867
  Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
@@ -735,9 +869,18 @@ class SecretBackendStaticRole(pulumi.CustomResource):
735
869
  """
736
870
  return pulumi.get(self, "self_managed_password")
737
871
 
872
+ @property
873
+ @pulumi.getter(name="skipImportRotation")
874
+ def skip_import_rotation(self) -> pulumi.Output[Optional[builtins.bool]]:
875
+ """
876
+ If set to true, Vault will skip the
877
+ initial secret rotation on import. Requires Vault 1.18+ Enterprise.
878
+ """
879
+ return pulumi.get(self, "skip_import_rotation")
880
+
738
881
  @property
739
882
  @pulumi.getter
740
- def username(self) -> pulumi.Output[str]:
883
+ def username(self) -> pulumi.Output[builtins.str]:
741
884
  """
742
885
  The database username that this static role corresponds to.
743
886
  """