pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +9 -0
- pulumi_vault/_inputs.py +583 -562
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +425 -200
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +523 -306
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +288 -70
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +383 -130
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +432 -186
- pulumi_vault/azure/backend_role.py +188 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +3857 -2200
- pulumi_vault/database/outputs.py +2483 -1330
- pulumi_vault/database/secret_backend_connection.py +333 -112
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +283 -140
- pulumi_vault/database/secrets_mount.py +275 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +426 -205
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +420 -179
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +68 -18
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +754 -533
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +720 -499
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +73 -60
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +3 -0
- pulumi_vault/pkisecret/_inputs.py +31 -36
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +174 -126
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -31
- pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +894 -644
- pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
- pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +2 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +96 -95
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +3 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +325 -0
- pulumi_vault/transit/get_verify.py +355 -0
- pulumi_vault/transit/secret_backend_key.py +394 -231
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
- pulumi_vault-6.7.0.dist-info/RECORD +265 -0
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
- pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -21,24 +22,24 @@ __all__ = ['SecretsMountArgs', 'SecretsMount']
|
|
21
22
|
@pulumi.input_type
|
22
23
|
class SecretsMountArgs:
|
23
24
|
def __init__(__self__, *,
|
24
|
-
path: pulumi.Input[str],
|
25
|
-
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
26
|
-
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
27
|
-
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
28
|
-
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
25
|
+
path: pulumi.Input[builtins.str],
|
26
|
+
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
27
|
+
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
28
|
+
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
29
|
+
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
29
30
|
cassandras: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]]] = None,
|
30
31
|
couchbases: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]]] = None,
|
31
|
-
default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
32
|
-
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
33
|
-
description: Optional[pulumi.Input[str]] = None,
|
32
|
+
default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
33
|
+
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
34
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
34
35
|
elasticsearches: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]]] = None,
|
35
|
-
external_entropy_access: Optional[pulumi.Input[bool]] = None,
|
36
|
+
external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
|
36
37
|
hanas: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]]] = None,
|
37
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
38
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
38
39
|
influxdbs: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]]] = None,
|
39
|
-
listing_visibility: Optional[pulumi.Input[str]] = None,
|
40
|
-
local: Optional[pulumi.Input[bool]] = None,
|
41
|
-
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
40
|
+
listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
|
41
|
+
local: Optional[pulumi.Input[builtins.bool]] = None,
|
42
|
+
max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
42
43
|
mongodbatlas: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]]] = None,
|
43
44
|
mongodbs: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]]] = None,
|
44
45
|
mssqls: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]]] = None,
|
@@ -46,44 +47,44 @@ class SecretsMountArgs:
|
|
46
47
|
mysql_legacies: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]]] = None,
|
47
48
|
mysql_rds: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]]] = None,
|
48
49
|
mysqls: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]]] = None,
|
49
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
50
|
-
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
50
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
51
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
|
51
52
|
oracles: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]]] = None,
|
52
|
-
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
53
|
-
plugin_version: Optional[pulumi.Input[str]] = None,
|
53
|
+
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
54
|
+
plugin_version: Optional[pulumi.Input[builtins.str]] = None,
|
54
55
|
postgresqls: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]]] = None,
|
55
56
|
redis: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]]] = None,
|
56
57
|
redis_elasticaches: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]]] = None,
|
57
58
|
redshifts: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]]] = None,
|
58
|
-
seal_wrap: Optional[pulumi.Input[bool]] = None,
|
59
|
+
seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
|
59
60
|
snowflakes: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]]] = None):
|
60
61
|
"""
|
61
62
|
The set of arguments for constructing a SecretsMount resource.
|
62
|
-
:param pulumi.Input[str] path: Where the secret backend will be mounted
|
63
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
63
|
+
:param pulumi.Input[builtins.str] path: Where the secret backend will be mounted
|
64
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
64
65
|
|
65
66
|
The following arguments are common to all database engines:
|
66
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
67
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
68
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
67
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
68
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
69
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
69
70
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections.
|
70
71
|
*See Configuration Options for more info*
|
71
72
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]] couchbases: A nested block containing configuration options for Couchbase connections.
|
72
73
|
*See Configuration Options for more info*
|
73
|
-
:param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
74
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
75
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount
|
74
|
+
:param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
75
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
76
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount
|
76
77
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.
|
77
78
|
*See Configuration Options for more info*
|
78
|
-
:param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
79
|
+
:param pulumi.Input[builtins.bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
79
80
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]] hanas: A nested block containing configuration options for SAP HanaDB connections.
|
80
81
|
*See Configuration Options for more info*
|
81
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
|
82
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
|
82
83
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]] influxdbs: A nested block containing configuration options for InfluxDB connections.
|
83
84
|
*See Configuration Options for more info*
|
84
|
-
:param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
85
|
-
:param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
86
|
-
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
85
|
+
:param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
86
|
+
:param pulumi.Input[builtins.bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
87
|
+
:param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
87
88
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.
|
88
89
|
*See Configuration Options for more info*
|
89
90
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]] mongodbs: A nested block containing configuration options for MongoDB connections.
|
@@ -98,12 +99,12 @@ class SecretsMountArgs:
|
|
98
99
|
*See Configuration Options for more info*
|
99
100
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]] mysqls: A nested block containing configuration options for MySQL connections.
|
100
101
|
*See Configuration Options for more info*
|
101
|
-
:param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
|
102
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
|
102
|
+
:param pulumi.Input[builtins.str] namespace: Target namespace. (requires Enterprise)
|
103
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
|
103
104
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]] oracles: A nested block containing configuration options for Oracle connections.
|
104
105
|
*See Configuration Options for more info*
|
105
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
106
|
-
:param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
106
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
107
|
+
:param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
107
108
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]] postgresqls: A nested block containing configuration options for PostgreSQL connections.
|
108
109
|
*See Configuration Options for more info*
|
109
110
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]] redis: A nested block containing configuration options for Redis connections.
|
@@ -112,7 +113,7 @@ class SecretsMountArgs:
|
|
112
113
|
*See Configuration Options for more info*
|
113
114
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]] redshifts: A nested block containing configuration options for AWS Redshift connections.
|
114
115
|
*See Configuration Options for more info*
|
115
|
-
:param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
116
|
+
:param pulumi.Input[builtins.bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
116
117
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]] snowflakes: A nested block containing configuration options for Snowflake connections.
|
117
118
|
*See Configuration Options for more info*
|
118
119
|
"""
|
@@ -190,19 +191,19 @@ class SecretsMountArgs:
|
|
190
191
|
|
191
192
|
@property
|
192
193
|
@pulumi.getter
|
193
|
-
def path(self) -> pulumi.Input[str]:
|
194
|
+
def path(self) -> pulumi.Input[builtins.str]:
|
194
195
|
"""
|
195
196
|
Where the secret backend will be mounted
|
196
197
|
"""
|
197
198
|
return pulumi.get(self, "path")
|
198
199
|
|
199
200
|
@path.setter
|
200
|
-
def path(self, value: pulumi.Input[str]):
|
201
|
+
def path(self, value: pulumi.Input[builtins.str]):
|
201
202
|
pulumi.set(self, "path", value)
|
202
203
|
|
203
204
|
@property
|
204
205
|
@pulumi.getter(name="allowedManagedKeys")
|
205
|
-
def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
206
|
+
def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
206
207
|
"""
|
207
208
|
Set of managed key registry entry names that the mount in question is allowed to access
|
208
209
|
|
@@ -211,43 +212,43 @@ class SecretsMountArgs:
|
|
211
212
|
return pulumi.get(self, "allowed_managed_keys")
|
212
213
|
|
213
214
|
@allowed_managed_keys.setter
|
214
|
-
def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
215
|
+
def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
215
216
|
pulumi.set(self, "allowed_managed_keys", value)
|
216
217
|
|
217
218
|
@property
|
218
219
|
@pulumi.getter(name="allowedResponseHeaders")
|
219
|
-
def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
220
|
+
def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
220
221
|
"""
|
221
222
|
List of headers to allow and pass from the request to the plugin
|
222
223
|
"""
|
223
224
|
return pulumi.get(self, "allowed_response_headers")
|
224
225
|
|
225
226
|
@allowed_response_headers.setter
|
226
|
-
def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
227
|
+
def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
227
228
|
pulumi.set(self, "allowed_response_headers", value)
|
228
229
|
|
229
230
|
@property
|
230
231
|
@pulumi.getter(name="auditNonHmacRequestKeys")
|
231
|
-
def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
232
|
+
def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
232
233
|
"""
|
233
234
|
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
234
235
|
"""
|
235
236
|
return pulumi.get(self, "audit_non_hmac_request_keys")
|
236
237
|
|
237
238
|
@audit_non_hmac_request_keys.setter
|
238
|
-
def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
239
|
+
def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
239
240
|
pulumi.set(self, "audit_non_hmac_request_keys", value)
|
240
241
|
|
241
242
|
@property
|
242
243
|
@pulumi.getter(name="auditNonHmacResponseKeys")
|
243
|
-
def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
244
|
+
def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
244
245
|
"""
|
245
246
|
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
246
247
|
"""
|
247
248
|
return pulumi.get(self, "audit_non_hmac_response_keys")
|
248
249
|
|
249
250
|
@audit_non_hmac_response_keys.setter
|
250
|
-
def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
251
|
+
def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
251
252
|
pulumi.set(self, "audit_non_hmac_response_keys", value)
|
252
253
|
|
253
254
|
@property
|
@@ -278,38 +279,38 @@ class SecretsMountArgs:
|
|
278
279
|
|
279
280
|
@property
|
280
281
|
@pulumi.getter(name="defaultLeaseTtlSeconds")
|
281
|
-
def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
|
282
|
+
def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
|
282
283
|
"""
|
283
284
|
Default lease duration for tokens and secrets in seconds
|
284
285
|
"""
|
285
286
|
return pulumi.get(self, "default_lease_ttl_seconds")
|
286
287
|
|
287
288
|
@default_lease_ttl_seconds.setter
|
288
|
-
def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
|
289
|
+
def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
|
289
290
|
pulumi.set(self, "default_lease_ttl_seconds", value)
|
290
291
|
|
291
292
|
@property
|
292
293
|
@pulumi.getter(name="delegatedAuthAccessors")
|
293
|
-
def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
294
|
+
def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
294
295
|
"""
|
295
296
|
List of headers to allow and pass from the request to the plugin
|
296
297
|
"""
|
297
298
|
return pulumi.get(self, "delegated_auth_accessors")
|
298
299
|
|
299
300
|
@delegated_auth_accessors.setter
|
300
|
-
def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
301
|
+
def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
301
302
|
pulumi.set(self, "delegated_auth_accessors", value)
|
302
303
|
|
303
304
|
@property
|
304
305
|
@pulumi.getter
|
305
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
306
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
306
307
|
"""
|
307
308
|
Human-friendly description of the mount
|
308
309
|
"""
|
309
310
|
return pulumi.get(self, "description")
|
310
311
|
|
311
312
|
@description.setter
|
312
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
313
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
313
314
|
pulumi.set(self, "description", value)
|
314
315
|
|
315
316
|
@property
|
@@ -327,14 +328,14 @@ class SecretsMountArgs:
|
|
327
328
|
|
328
329
|
@property
|
329
330
|
@pulumi.getter(name="externalEntropyAccess")
|
330
|
-
def external_entropy_access(self) -> Optional[pulumi.Input[bool]]:
|
331
|
+
def external_entropy_access(self) -> Optional[pulumi.Input[builtins.bool]]:
|
331
332
|
"""
|
332
333
|
Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
333
334
|
"""
|
334
335
|
return pulumi.get(self, "external_entropy_access")
|
335
336
|
|
336
337
|
@external_entropy_access.setter
|
337
|
-
def external_entropy_access(self, value: Optional[pulumi.Input[bool]]):
|
338
|
+
def external_entropy_access(self, value: Optional[pulumi.Input[builtins.bool]]):
|
338
339
|
pulumi.set(self, "external_entropy_access", value)
|
339
340
|
|
340
341
|
@property
|
@@ -352,14 +353,14 @@ class SecretsMountArgs:
|
|
352
353
|
|
353
354
|
@property
|
354
355
|
@pulumi.getter(name="identityTokenKey")
|
355
|
-
def identity_token_key(self) -> Optional[pulumi.Input[str]]:
|
356
|
+
def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
356
357
|
"""
|
357
358
|
The key to use for signing plugin workload identity tokens
|
358
359
|
"""
|
359
360
|
return pulumi.get(self, "identity_token_key")
|
360
361
|
|
361
362
|
@identity_token_key.setter
|
362
|
-
def identity_token_key(self, value: Optional[pulumi.Input[str]]):
|
363
|
+
def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
363
364
|
pulumi.set(self, "identity_token_key", value)
|
364
365
|
|
365
366
|
@property
|
@@ -377,38 +378,38 @@ class SecretsMountArgs:
|
|
377
378
|
|
378
379
|
@property
|
379
380
|
@pulumi.getter(name="listingVisibility")
|
380
|
-
def listing_visibility(self) -> Optional[pulumi.Input[str]]:
|
381
|
+
def listing_visibility(self) -> Optional[pulumi.Input[builtins.str]]:
|
381
382
|
"""
|
382
383
|
Specifies whether to show this mount in the UI-specific listing endpoint
|
383
384
|
"""
|
384
385
|
return pulumi.get(self, "listing_visibility")
|
385
386
|
|
386
387
|
@listing_visibility.setter
|
387
|
-
def listing_visibility(self, value: Optional[pulumi.Input[str]]):
|
388
|
+
def listing_visibility(self, value: Optional[pulumi.Input[builtins.str]]):
|
388
389
|
pulumi.set(self, "listing_visibility", value)
|
389
390
|
|
390
391
|
@property
|
391
392
|
@pulumi.getter
|
392
|
-
def local(self) -> Optional[pulumi.Input[bool]]:
|
393
|
+
def local(self) -> Optional[pulumi.Input[builtins.bool]]:
|
393
394
|
"""
|
394
395
|
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
395
396
|
"""
|
396
397
|
return pulumi.get(self, "local")
|
397
398
|
|
398
399
|
@local.setter
|
399
|
-
def local(self, value: Optional[pulumi.Input[bool]]):
|
400
|
+
def local(self, value: Optional[pulumi.Input[builtins.bool]]):
|
400
401
|
pulumi.set(self, "local", value)
|
401
402
|
|
402
403
|
@property
|
403
404
|
@pulumi.getter(name="maxLeaseTtlSeconds")
|
404
|
-
def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
|
405
|
+
def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
|
405
406
|
"""
|
406
407
|
Maximum possible lease duration for tokens and secrets in seconds
|
407
408
|
"""
|
408
409
|
return pulumi.get(self, "max_lease_ttl_seconds")
|
409
410
|
|
410
411
|
@max_lease_ttl_seconds.setter
|
411
|
-
def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
|
412
|
+
def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
|
412
413
|
pulumi.set(self, "max_lease_ttl_seconds", value)
|
413
414
|
|
414
415
|
@property
|
@@ -504,26 +505,26 @@ class SecretsMountArgs:
|
|
504
505
|
|
505
506
|
@property
|
506
507
|
@pulumi.getter
|
507
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
508
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
508
509
|
"""
|
509
510
|
Target namespace. (requires Enterprise)
|
510
511
|
"""
|
511
512
|
return pulumi.get(self, "namespace")
|
512
513
|
|
513
514
|
@namespace.setter
|
514
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
515
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
515
516
|
pulumi.set(self, "namespace", value)
|
516
517
|
|
517
518
|
@property
|
518
519
|
@pulumi.getter
|
519
|
-
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
520
|
+
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
|
520
521
|
"""
|
521
522
|
Specifies mount type specific options that are passed to the backend
|
522
523
|
"""
|
523
524
|
return pulumi.get(self, "options")
|
524
525
|
|
525
526
|
@options.setter
|
526
|
-
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
527
|
+
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
|
527
528
|
pulumi.set(self, "options", value)
|
528
529
|
|
529
530
|
@property
|
@@ -541,26 +542,26 @@ class SecretsMountArgs:
|
|
541
542
|
|
542
543
|
@property
|
543
544
|
@pulumi.getter(name="passthroughRequestHeaders")
|
544
|
-
def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
545
|
+
def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
545
546
|
"""
|
546
547
|
List of headers to allow and pass from the request to the plugin
|
547
548
|
"""
|
548
549
|
return pulumi.get(self, "passthrough_request_headers")
|
549
550
|
|
550
551
|
@passthrough_request_headers.setter
|
551
|
-
def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
552
|
+
def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
552
553
|
pulumi.set(self, "passthrough_request_headers", value)
|
553
554
|
|
554
555
|
@property
|
555
556
|
@pulumi.getter(name="pluginVersion")
|
556
|
-
def plugin_version(self) -> Optional[pulumi.Input[str]]:
|
557
|
+
def plugin_version(self) -> Optional[pulumi.Input[builtins.str]]:
|
557
558
|
"""
|
558
559
|
Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
559
560
|
"""
|
560
561
|
return pulumi.get(self, "plugin_version")
|
561
562
|
|
562
563
|
@plugin_version.setter
|
563
|
-
def plugin_version(self, value: Optional[pulumi.Input[str]]):
|
564
|
+
def plugin_version(self, value: Optional[pulumi.Input[builtins.str]]):
|
564
565
|
pulumi.set(self, "plugin_version", value)
|
565
566
|
|
566
567
|
@property
|
@@ -617,14 +618,14 @@ class SecretsMountArgs:
|
|
617
618
|
|
618
619
|
@property
|
619
620
|
@pulumi.getter(name="sealWrap")
|
620
|
-
def seal_wrap(self) -> Optional[pulumi.Input[bool]]:
|
621
|
+
def seal_wrap(self) -> Optional[pulumi.Input[builtins.bool]]:
|
621
622
|
"""
|
622
623
|
Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
623
624
|
"""
|
624
625
|
return pulumi.get(self, "seal_wrap")
|
625
626
|
|
626
627
|
@seal_wrap.setter
|
627
|
-
def seal_wrap(self, value: Optional[pulumi.Input[bool]]):
|
628
|
+
def seal_wrap(self, value: Optional[pulumi.Input[builtins.bool]]):
|
628
629
|
pulumi.set(self, "seal_wrap", value)
|
629
630
|
|
630
631
|
@property
|
@@ -644,25 +645,25 @@ class SecretsMountArgs:
|
|
644
645
|
@pulumi.input_type
|
645
646
|
class _SecretsMountState:
|
646
647
|
def __init__(__self__, *,
|
647
|
-
accessor: Optional[pulumi.Input[str]] = None,
|
648
|
-
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
649
|
-
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
650
|
-
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
651
|
-
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
648
|
+
accessor: Optional[pulumi.Input[builtins.str]] = None,
|
649
|
+
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
650
|
+
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
651
|
+
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
652
|
+
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
652
653
|
cassandras: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]]] = None,
|
653
654
|
couchbases: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]]] = None,
|
654
|
-
default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
655
|
-
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
656
|
-
description: Optional[pulumi.Input[str]] = None,
|
655
|
+
default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
656
|
+
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
657
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
657
658
|
elasticsearches: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]]] = None,
|
658
|
-
engine_count: Optional[pulumi.Input[int]] = None,
|
659
|
-
external_entropy_access: Optional[pulumi.Input[bool]] = None,
|
659
|
+
engine_count: Optional[pulumi.Input[builtins.int]] = None,
|
660
|
+
external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
|
660
661
|
hanas: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]]] = None,
|
661
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
662
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
662
663
|
influxdbs: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]]] = None,
|
663
|
-
listing_visibility: Optional[pulumi.Input[str]] = None,
|
664
|
-
local: Optional[pulumi.Input[bool]] = None,
|
665
|
-
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
664
|
+
listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
|
665
|
+
local: Optional[pulumi.Input[builtins.bool]] = None,
|
666
|
+
max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
666
667
|
mongodbatlas: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]]] = None,
|
667
668
|
mongodbs: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]]] = None,
|
668
669
|
mssqls: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]]] = None,
|
@@ -670,46 +671,46 @@ class _SecretsMountState:
|
|
670
671
|
mysql_legacies: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]]] = None,
|
671
672
|
mysql_rds: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]]] = None,
|
672
673
|
mysqls: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]]] = None,
|
673
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
674
|
-
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
674
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
675
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
|
675
676
|
oracles: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]]] = None,
|
676
|
-
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
677
|
-
path: Optional[pulumi.Input[str]] = None,
|
678
|
-
plugin_version: Optional[pulumi.Input[str]] = None,
|
677
|
+
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
678
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
679
|
+
plugin_version: Optional[pulumi.Input[builtins.str]] = None,
|
679
680
|
postgresqls: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]]] = None,
|
680
681
|
redis: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]]] = None,
|
681
682
|
redis_elasticaches: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]]] = None,
|
682
683
|
redshifts: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]]] = None,
|
683
|
-
seal_wrap: Optional[pulumi.Input[bool]] = None,
|
684
|
+
seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
|
684
685
|
snowflakes: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]]] = None):
|
685
686
|
"""
|
686
687
|
Input properties used for looking up and filtering SecretsMount resources.
|
687
|
-
:param pulumi.Input[str] accessor: Accessor of the mount
|
688
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
688
|
+
:param pulumi.Input[builtins.str] accessor: Accessor of the mount
|
689
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
689
690
|
|
690
691
|
The following arguments are common to all database engines:
|
691
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
692
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
693
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
692
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
693
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
694
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
694
695
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections.
|
695
696
|
*See Configuration Options for more info*
|
696
697
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]] couchbases: A nested block containing configuration options for Couchbase connections.
|
697
698
|
*See Configuration Options for more info*
|
698
|
-
:param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
699
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
700
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount
|
699
|
+
:param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
700
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
701
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount
|
701
702
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.
|
702
703
|
*See Configuration Options for more info*
|
703
|
-
:param pulumi.Input[int] engine_count: The total number of database secrets engines configured.
|
704
|
-
:param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
704
|
+
:param pulumi.Input[builtins.int] engine_count: The total number of database secrets engines configured.
|
705
|
+
:param pulumi.Input[builtins.bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
705
706
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]] hanas: A nested block containing configuration options for SAP HanaDB connections.
|
706
707
|
*See Configuration Options for more info*
|
707
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
|
708
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
|
708
709
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]] influxdbs: A nested block containing configuration options for InfluxDB connections.
|
709
710
|
*See Configuration Options for more info*
|
710
|
-
:param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
711
|
-
:param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
712
|
-
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
711
|
+
:param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
712
|
+
:param pulumi.Input[builtins.bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
713
|
+
:param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
713
714
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.
|
714
715
|
*See Configuration Options for more info*
|
715
716
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]] mongodbs: A nested block containing configuration options for MongoDB connections.
|
@@ -724,13 +725,13 @@ class _SecretsMountState:
|
|
724
725
|
*See Configuration Options for more info*
|
725
726
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]] mysqls: A nested block containing configuration options for MySQL connections.
|
726
727
|
*See Configuration Options for more info*
|
727
|
-
:param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
|
728
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
|
728
|
+
:param pulumi.Input[builtins.str] namespace: Target namespace. (requires Enterprise)
|
729
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
|
729
730
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]] oracles: A nested block containing configuration options for Oracle connections.
|
730
731
|
*See Configuration Options for more info*
|
731
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
732
|
-
:param pulumi.Input[str] path: Where the secret backend will be mounted
|
733
|
-
:param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
732
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
733
|
+
:param pulumi.Input[builtins.str] path: Where the secret backend will be mounted
|
734
|
+
:param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
734
735
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]] postgresqls: A nested block containing configuration options for PostgreSQL connections.
|
735
736
|
*See Configuration Options for more info*
|
736
737
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]] redis: A nested block containing configuration options for Redis connections.
|
@@ -739,7 +740,7 @@ class _SecretsMountState:
|
|
739
740
|
*See Configuration Options for more info*
|
740
741
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]] redshifts: A nested block containing configuration options for AWS Redshift connections.
|
741
742
|
*See Configuration Options for more info*
|
742
|
-
:param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
743
|
+
:param pulumi.Input[builtins.bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
743
744
|
:param pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]] snowflakes: A nested block containing configuration options for Snowflake connections.
|
744
745
|
*See Configuration Options for more info*
|
745
746
|
"""
|
@@ -822,19 +823,19 @@ class _SecretsMountState:
|
|
822
823
|
|
823
824
|
@property
|
824
825
|
@pulumi.getter
|
825
|
-
def accessor(self) -> Optional[pulumi.Input[str]]:
|
826
|
+
def accessor(self) -> Optional[pulumi.Input[builtins.str]]:
|
826
827
|
"""
|
827
828
|
Accessor of the mount
|
828
829
|
"""
|
829
830
|
return pulumi.get(self, "accessor")
|
830
831
|
|
831
832
|
@accessor.setter
|
832
|
-
def accessor(self, value: Optional[pulumi.Input[str]]):
|
833
|
+
def accessor(self, value: Optional[pulumi.Input[builtins.str]]):
|
833
834
|
pulumi.set(self, "accessor", value)
|
834
835
|
|
835
836
|
@property
|
836
837
|
@pulumi.getter(name="allowedManagedKeys")
|
837
|
-
def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
838
|
+
def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
838
839
|
"""
|
839
840
|
Set of managed key registry entry names that the mount in question is allowed to access
|
840
841
|
|
@@ -843,43 +844,43 @@ class _SecretsMountState:
|
|
843
844
|
return pulumi.get(self, "allowed_managed_keys")
|
844
845
|
|
845
846
|
@allowed_managed_keys.setter
|
846
|
-
def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
847
|
+
def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
847
848
|
pulumi.set(self, "allowed_managed_keys", value)
|
848
849
|
|
849
850
|
@property
|
850
851
|
@pulumi.getter(name="allowedResponseHeaders")
|
851
|
-
def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
852
|
+
def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
852
853
|
"""
|
853
854
|
List of headers to allow and pass from the request to the plugin
|
854
855
|
"""
|
855
856
|
return pulumi.get(self, "allowed_response_headers")
|
856
857
|
|
857
858
|
@allowed_response_headers.setter
|
858
|
-
def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
859
|
+
def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
859
860
|
pulumi.set(self, "allowed_response_headers", value)
|
860
861
|
|
861
862
|
@property
|
862
863
|
@pulumi.getter(name="auditNonHmacRequestKeys")
|
863
|
-
def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
864
|
+
def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
864
865
|
"""
|
865
866
|
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
866
867
|
"""
|
867
868
|
return pulumi.get(self, "audit_non_hmac_request_keys")
|
868
869
|
|
869
870
|
@audit_non_hmac_request_keys.setter
|
870
|
-
def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
871
|
+
def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
871
872
|
pulumi.set(self, "audit_non_hmac_request_keys", value)
|
872
873
|
|
873
874
|
@property
|
874
875
|
@pulumi.getter(name="auditNonHmacResponseKeys")
|
875
|
-
def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
876
|
+
def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
876
877
|
"""
|
877
878
|
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
878
879
|
"""
|
879
880
|
return pulumi.get(self, "audit_non_hmac_response_keys")
|
880
881
|
|
881
882
|
@audit_non_hmac_response_keys.setter
|
882
|
-
def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
883
|
+
def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
883
884
|
pulumi.set(self, "audit_non_hmac_response_keys", value)
|
884
885
|
|
885
886
|
@property
|
@@ -910,38 +911,38 @@ class _SecretsMountState:
|
|
910
911
|
|
911
912
|
@property
|
912
913
|
@pulumi.getter(name="defaultLeaseTtlSeconds")
|
913
|
-
def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
|
914
|
+
def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
|
914
915
|
"""
|
915
916
|
Default lease duration for tokens and secrets in seconds
|
916
917
|
"""
|
917
918
|
return pulumi.get(self, "default_lease_ttl_seconds")
|
918
919
|
|
919
920
|
@default_lease_ttl_seconds.setter
|
920
|
-
def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
|
921
|
+
def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
|
921
922
|
pulumi.set(self, "default_lease_ttl_seconds", value)
|
922
923
|
|
923
924
|
@property
|
924
925
|
@pulumi.getter(name="delegatedAuthAccessors")
|
925
|
-
def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
926
|
+
def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
926
927
|
"""
|
927
928
|
List of headers to allow and pass from the request to the plugin
|
928
929
|
"""
|
929
930
|
return pulumi.get(self, "delegated_auth_accessors")
|
930
931
|
|
931
932
|
@delegated_auth_accessors.setter
|
932
|
-
def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
933
|
+
def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
933
934
|
pulumi.set(self, "delegated_auth_accessors", value)
|
934
935
|
|
935
936
|
@property
|
936
937
|
@pulumi.getter
|
937
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
938
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
938
939
|
"""
|
939
940
|
Human-friendly description of the mount
|
940
941
|
"""
|
941
942
|
return pulumi.get(self, "description")
|
942
943
|
|
943
944
|
@description.setter
|
944
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
945
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
945
946
|
pulumi.set(self, "description", value)
|
946
947
|
|
947
948
|
@property
|
@@ -959,26 +960,26 @@ class _SecretsMountState:
|
|
959
960
|
|
960
961
|
@property
|
961
962
|
@pulumi.getter(name="engineCount")
|
962
|
-
def engine_count(self) -> Optional[pulumi.Input[int]]:
|
963
|
+
def engine_count(self) -> Optional[pulumi.Input[builtins.int]]:
|
963
964
|
"""
|
964
965
|
The total number of database secrets engines configured.
|
965
966
|
"""
|
966
967
|
return pulumi.get(self, "engine_count")
|
967
968
|
|
968
969
|
@engine_count.setter
|
969
|
-
def engine_count(self, value: Optional[pulumi.Input[int]]):
|
970
|
+
def engine_count(self, value: Optional[pulumi.Input[builtins.int]]):
|
970
971
|
pulumi.set(self, "engine_count", value)
|
971
972
|
|
972
973
|
@property
|
973
974
|
@pulumi.getter(name="externalEntropyAccess")
|
974
|
-
def external_entropy_access(self) -> Optional[pulumi.Input[bool]]:
|
975
|
+
def external_entropy_access(self) -> Optional[pulumi.Input[builtins.bool]]:
|
975
976
|
"""
|
976
977
|
Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
977
978
|
"""
|
978
979
|
return pulumi.get(self, "external_entropy_access")
|
979
980
|
|
980
981
|
@external_entropy_access.setter
|
981
|
-
def external_entropy_access(self, value: Optional[pulumi.Input[bool]]):
|
982
|
+
def external_entropy_access(self, value: Optional[pulumi.Input[builtins.bool]]):
|
982
983
|
pulumi.set(self, "external_entropy_access", value)
|
983
984
|
|
984
985
|
@property
|
@@ -996,14 +997,14 @@ class _SecretsMountState:
|
|
996
997
|
|
997
998
|
@property
|
998
999
|
@pulumi.getter(name="identityTokenKey")
|
999
|
-
def identity_token_key(self) -> Optional[pulumi.Input[str]]:
|
1000
|
+
def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
1000
1001
|
"""
|
1001
1002
|
The key to use for signing plugin workload identity tokens
|
1002
1003
|
"""
|
1003
1004
|
return pulumi.get(self, "identity_token_key")
|
1004
1005
|
|
1005
1006
|
@identity_token_key.setter
|
1006
|
-
def identity_token_key(self, value: Optional[pulumi.Input[str]]):
|
1007
|
+
def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
1007
1008
|
pulumi.set(self, "identity_token_key", value)
|
1008
1009
|
|
1009
1010
|
@property
|
@@ -1021,38 +1022,38 @@ class _SecretsMountState:
|
|
1021
1022
|
|
1022
1023
|
@property
|
1023
1024
|
@pulumi.getter(name="listingVisibility")
|
1024
|
-
def listing_visibility(self) -> Optional[pulumi.Input[str]]:
|
1025
|
+
def listing_visibility(self) -> Optional[pulumi.Input[builtins.str]]:
|
1025
1026
|
"""
|
1026
1027
|
Specifies whether to show this mount in the UI-specific listing endpoint
|
1027
1028
|
"""
|
1028
1029
|
return pulumi.get(self, "listing_visibility")
|
1029
1030
|
|
1030
1031
|
@listing_visibility.setter
|
1031
|
-
def listing_visibility(self, value: Optional[pulumi.Input[str]]):
|
1032
|
+
def listing_visibility(self, value: Optional[pulumi.Input[builtins.str]]):
|
1032
1033
|
pulumi.set(self, "listing_visibility", value)
|
1033
1034
|
|
1034
1035
|
@property
|
1035
1036
|
@pulumi.getter
|
1036
|
-
def local(self) -> Optional[pulumi.Input[bool]]:
|
1037
|
+
def local(self) -> Optional[pulumi.Input[builtins.bool]]:
|
1037
1038
|
"""
|
1038
1039
|
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
1039
1040
|
"""
|
1040
1041
|
return pulumi.get(self, "local")
|
1041
1042
|
|
1042
1043
|
@local.setter
|
1043
|
-
def local(self, value: Optional[pulumi.Input[bool]]):
|
1044
|
+
def local(self, value: Optional[pulumi.Input[builtins.bool]]):
|
1044
1045
|
pulumi.set(self, "local", value)
|
1045
1046
|
|
1046
1047
|
@property
|
1047
1048
|
@pulumi.getter(name="maxLeaseTtlSeconds")
|
1048
|
-
def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
|
1049
|
+
def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
|
1049
1050
|
"""
|
1050
1051
|
Maximum possible lease duration for tokens and secrets in seconds
|
1051
1052
|
"""
|
1052
1053
|
return pulumi.get(self, "max_lease_ttl_seconds")
|
1053
1054
|
|
1054
1055
|
@max_lease_ttl_seconds.setter
|
1055
|
-
def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
|
1056
|
+
def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
|
1056
1057
|
pulumi.set(self, "max_lease_ttl_seconds", value)
|
1057
1058
|
|
1058
1059
|
@property
|
@@ -1148,26 +1149,26 @@ class _SecretsMountState:
|
|
1148
1149
|
|
1149
1150
|
@property
|
1150
1151
|
@pulumi.getter
|
1151
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
1152
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
1152
1153
|
"""
|
1153
1154
|
Target namespace. (requires Enterprise)
|
1154
1155
|
"""
|
1155
1156
|
return pulumi.get(self, "namespace")
|
1156
1157
|
|
1157
1158
|
@namespace.setter
|
1158
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
1159
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
1159
1160
|
pulumi.set(self, "namespace", value)
|
1160
1161
|
|
1161
1162
|
@property
|
1162
1163
|
@pulumi.getter
|
1163
|
-
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
1164
|
+
def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
|
1164
1165
|
"""
|
1165
1166
|
Specifies mount type specific options that are passed to the backend
|
1166
1167
|
"""
|
1167
1168
|
return pulumi.get(self, "options")
|
1168
1169
|
|
1169
1170
|
@options.setter
|
1170
|
-
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
1171
|
+
def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
|
1171
1172
|
pulumi.set(self, "options", value)
|
1172
1173
|
|
1173
1174
|
@property
|
@@ -1185,38 +1186,38 @@ class _SecretsMountState:
|
|
1185
1186
|
|
1186
1187
|
@property
|
1187
1188
|
@pulumi.getter(name="passthroughRequestHeaders")
|
1188
|
-
def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
1189
|
+
def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
1189
1190
|
"""
|
1190
1191
|
List of headers to allow and pass from the request to the plugin
|
1191
1192
|
"""
|
1192
1193
|
return pulumi.get(self, "passthrough_request_headers")
|
1193
1194
|
|
1194
1195
|
@passthrough_request_headers.setter
|
1195
|
-
def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
1196
|
+
def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
1196
1197
|
pulumi.set(self, "passthrough_request_headers", value)
|
1197
1198
|
|
1198
1199
|
@property
|
1199
1200
|
@pulumi.getter
|
1200
|
-
def path(self) -> Optional[pulumi.Input[str]]:
|
1201
|
+
def path(self) -> Optional[pulumi.Input[builtins.str]]:
|
1201
1202
|
"""
|
1202
1203
|
Where the secret backend will be mounted
|
1203
1204
|
"""
|
1204
1205
|
return pulumi.get(self, "path")
|
1205
1206
|
|
1206
1207
|
@path.setter
|
1207
|
-
def path(self, value: Optional[pulumi.Input[str]]):
|
1208
|
+
def path(self, value: Optional[pulumi.Input[builtins.str]]):
|
1208
1209
|
pulumi.set(self, "path", value)
|
1209
1210
|
|
1210
1211
|
@property
|
1211
1212
|
@pulumi.getter(name="pluginVersion")
|
1212
|
-
def plugin_version(self) -> Optional[pulumi.Input[str]]:
|
1213
|
+
def plugin_version(self) -> Optional[pulumi.Input[builtins.str]]:
|
1213
1214
|
"""
|
1214
1215
|
Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
1215
1216
|
"""
|
1216
1217
|
return pulumi.get(self, "plugin_version")
|
1217
1218
|
|
1218
1219
|
@plugin_version.setter
|
1219
|
-
def plugin_version(self, value: Optional[pulumi.Input[str]]):
|
1220
|
+
def plugin_version(self, value: Optional[pulumi.Input[builtins.str]]):
|
1220
1221
|
pulumi.set(self, "plugin_version", value)
|
1221
1222
|
|
1222
1223
|
@property
|
@@ -1273,14 +1274,14 @@ class _SecretsMountState:
|
|
1273
1274
|
|
1274
1275
|
@property
|
1275
1276
|
@pulumi.getter(name="sealWrap")
|
1276
|
-
def seal_wrap(self) -> Optional[pulumi.Input[bool]]:
|
1277
|
+
def seal_wrap(self) -> Optional[pulumi.Input[builtins.bool]]:
|
1277
1278
|
"""
|
1278
1279
|
Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
1279
1280
|
"""
|
1280
1281
|
return pulumi.get(self, "seal_wrap")
|
1281
1282
|
|
1282
1283
|
@seal_wrap.setter
|
1283
|
-
def seal_wrap(self, value: Optional[pulumi.Input[bool]]):
|
1284
|
+
def seal_wrap(self, value: Optional[pulumi.Input[builtins.bool]]):
|
1284
1285
|
pulumi.set(self, "seal_wrap", value)
|
1285
1286
|
|
1286
1287
|
@property
|
@@ -1302,23 +1303,23 @@ class SecretsMount(pulumi.CustomResource):
|
|
1302
1303
|
def __init__(__self__,
|
1303
1304
|
resource_name: str,
|
1304
1305
|
opts: Optional[pulumi.ResourceOptions] = None,
|
1305
|
-
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1306
|
-
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1307
|
-
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1308
|
-
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1306
|
+
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1307
|
+
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1308
|
+
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1309
|
+
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1309
1310
|
cassandras: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]]] = None,
|
1310
1311
|
couchbases: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]]] = None,
|
1311
|
-
default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1312
|
-
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1313
|
-
description: Optional[pulumi.Input[str]] = None,
|
1312
|
+
default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
1313
|
+
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1314
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
1314
1315
|
elasticsearches: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]]] = None,
|
1315
|
-
external_entropy_access: Optional[pulumi.Input[bool]] = None,
|
1316
|
+
external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
|
1316
1317
|
hanas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]]] = None,
|
1317
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
1318
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
1318
1319
|
influxdbs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]]] = None,
|
1319
|
-
listing_visibility: Optional[pulumi.Input[str]] = None,
|
1320
|
-
local: Optional[pulumi.Input[bool]] = None,
|
1321
|
-
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1320
|
+
listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
|
1321
|
+
local: Optional[pulumi.Input[builtins.bool]] = None,
|
1322
|
+
max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
1322
1323
|
mongodbatlas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]]] = None,
|
1323
1324
|
mongodbs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]]] = None,
|
1324
1325
|
mssqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMssqlArgs', 'SecretsMountMssqlArgsDict']]]]] = None,
|
@@ -1326,17 +1327,17 @@ class SecretsMount(pulumi.CustomResource):
|
|
1326
1327
|
mysql_legacies: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlLegacyArgs', 'SecretsMountMysqlLegacyArgsDict']]]]] = None,
|
1327
1328
|
mysql_rds: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlRdArgs', 'SecretsMountMysqlRdArgsDict']]]]] = None,
|
1328
1329
|
mysqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]]] = None,
|
1329
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
1330
|
-
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
1330
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1331
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
|
1331
1332
|
oracles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]]] = None,
|
1332
|
-
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1333
|
-
path: Optional[pulumi.Input[str]] = None,
|
1334
|
-
plugin_version: Optional[pulumi.Input[str]] = None,
|
1333
|
+
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1334
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
1335
|
+
plugin_version: Optional[pulumi.Input[builtins.str]] = None,
|
1335
1336
|
postgresqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]]] = None,
|
1336
1337
|
redis: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]]] = None,
|
1337
1338
|
redis_elasticaches: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedisElasticachArgs', 'SecretsMountRedisElasticachArgsDict']]]]] = None,
|
1338
1339
|
redshifts: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]]] = None,
|
1339
|
-
seal_wrap: Optional[pulumi.Input[bool]] = None,
|
1340
|
+
seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
|
1340
1341
|
snowflakes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]]] = None,
|
1341
1342
|
__props__=None):
|
1342
1343
|
"""
|
@@ -1354,6 +1355,8 @@ class SecretsMount(pulumi.CustomResource):
|
|
1354
1355
|
"password": "super_secret_1",
|
1355
1356
|
"connection_url": "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
|
1356
1357
|
"allowed_roles": ["dev1"],
|
1358
|
+
"rotation_schedule": "0 * * * SAT",
|
1359
|
+
"rotation_window": 3600,
|
1357
1360
|
}],
|
1358
1361
|
postgresqls=[{
|
1359
1362
|
"name": "db2",
|
@@ -1362,6 +1365,8 @@ class SecretsMount(pulumi.CustomResource):
|
|
1362
1365
|
"connection_url": "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
|
1363
1366
|
"verify_connection": True,
|
1364
1367
|
"allowed_roles": ["dev2"],
|
1368
|
+
"rotation_schedule": "0 * * * SAT",
|
1369
|
+
"rotation_window": 3600,
|
1365
1370
|
}])
|
1366
1371
|
dev1 = vault.database.SecretBackendRole("dev1",
|
1367
1372
|
name="dev1",
|
@@ -1392,30 +1397,30 @@ class SecretsMount(pulumi.CustomResource):
|
|
1392
1397
|
|
1393
1398
|
:param str resource_name: The name of the resource.
|
1394
1399
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
1395
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
1400
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
1396
1401
|
|
1397
1402
|
The following arguments are common to all database engines:
|
1398
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
1399
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
1400
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
1403
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
1404
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
1405
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
1401
1406
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]] cassandras: A nested block containing configuration options for Cassandra connections.
|
1402
1407
|
*See Configuration Options for more info*
|
1403
1408
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]] couchbases: A nested block containing configuration options for Couchbase connections.
|
1404
1409
|
*See Configuration Options for more info*
|
1405
|
-
:param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
1406
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
1407
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount
|
1410
|
+
:param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
1411
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
1412
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount
|
1408
1413
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.
|
1409
1414
|
*See Configuration Options for more info*
|
1410
|
-
:param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
1415
|
+
:param pulumi.Input[builtins.bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
1411
1416
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]] hanas: A nested block containing configuration options for SAP HanaDB connections.
|
1412
1417
|
*See Configuration Options for more info*
|
1413
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
|
1418
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
|
1414
1419
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]] influxdbs: A nested block containing configuration options for InfluxDB connections.
|
1415
1420
|
*See Configuration Options for more info*
|
1416
|
-
:param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
1417
|
-
:param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
1418
|
-
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
1421
|
+
:param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
1422
|
+
:param pulumi.Input[builtins.bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
1423
|
+
:param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
1419
1424
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.
|
1420
1425
|
*See Configuration Options for more info*
|
1421
1426
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]] mongodbs: A nested block containing configuration options for MongoDB connections.
|
@@ -1430,13 +1435,13 @@ class SecretsMount(pulumi.CustomResource):
|
|
1430
1435
|
*See Configuration Options for more info*
|
1431
1436
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]] mysqls: A nested block containing configuration options for MySQL connections.
|
1432
1437
|
*See Configuration Options for more info*
|
1433
|
-
:param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
|
1434
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
|
1438
|
+
:param pulumi.Input[builtins.str] namespace: Target namespace. (requires Enterprise)
|
1439
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
|
1435
1440
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]] oracles: A nested block containing configuration options for Oracle connections.
|
1436
1441
|
*See Configuration Options for more info*
|
1437
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
1438
|
-
:param pulumi.Input[str] path: Where the secret backend will be mounted
|
1439
|
-
:param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
1442
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
1443
|
+
:param pulumi.Input[builtins.str] path: Where the secret backend will be mounted
|
1444
|
+
:param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
1440
1445
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]] postgresqls: A nested block containing configuration options for PostgreSQL connections.
|
1441
1446
|
*See Configuration Options for more info*
|
1442
1447
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]] redis: A nested block containing configuration options for Redis connections.
|
@@ -1445,7 +1450,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1445
1450
|
*See Configuration Options for more info*
|
1446
1451
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]] redshifts: A nested block containing configuration options for AWS Redshift connections.
|
1447
1452
|
*See Configuration Options for more info*
|
1448
|
-
:param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
1453
|
+
:param pulumi.Input[builtins.bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
1449
1454
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]] snowflakes: A nested block containing configuration options for Snowflake connections.
|
1450
1455
|
*See Configuration Options for more info*
|
1451
1456
|
"""
|
@@ -1470,6 +1475,8 @@ class SecretsMount(pulumi.CustomResource):
|
|
1470
1475
|
"password": "super_secret_1",
|
1471
1476
|
"connection_url": "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
|
1472
1477
|
"allowed_roles": ["dev1"],
|
1478
|
+
"rotation_schedule": "0 * * * SAT",
|
1479
|
+
"rotation_window": 3600,
|
1473
1480
|
}],
|
1474
1481
|
postgresqls=[{
|
1475
1482
|
"name": "db2",
|
@@ -1478,6 +1485,8 @@ class SecretsMount(pulumi.CustomResource):
|
|
1478
1485
|
"connection_url": "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
|
1479
1486
|
"verify_connection": True,
|
1480
1487
|
"allowed_roles": ["dev2"],
|
1488
|
+
"rotation_schedule": "0 * * * SAT",
|
1489
|
+
"rotation_window": 3600,
|
1481
1490
|
}])
|
1482
1491
|
dev1 = vault.database.SecretBackendRole("dev1",
|
1483
1492
|
name="dev1",
|
@@ -1521,23 +1530,23 @@ class SecretsMount(pulumi.CustomResource):
|
|
1521
1530
|
def _internal_init(__self__,
|
1522
1531
|
resource_name: str,
|
1523
1532
|
opts: Optional[pulumi.ResourceOptions] = None,
|
1524
|
-
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1525
|
-
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1526
|
-
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1527
|
-
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1533
|
+
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1534
|
+
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1535
|
+
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1536
|
+
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1528
1537
|
cassandras: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]]] = None,
|
1529
1538
|
couchbases: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]]] = None,
|
1530
|
-
default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1531
|
-
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1532
|
-
description: Optional[pulumi.Input[str]] = None,
|
1539
|
+
default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
1540
|
+
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1541
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
1533
1542
|
elasticsearches: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]]] = None,
|
1534
|
-
external_entropy_access: Optional[pulumi.Input[bool]] = None,
|
1543
|
+
external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
|
1535
1544
|
hanas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]]] = None,
|
1536
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
1545
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
1537
1546
|
influxdbs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]]] = None,
|
1538
|
-
listing_visibility: Optional[pulumi.Input[str]] = None,
|
1539
|
-
local: Optional[pulumi.Input[bool]] = None,
|
1540
|
-
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1547
|
+
listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
|
1548
|
+
local: Optional[pulumi.Input[builtins.bool]] = None,
|
1549
|
+
max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
1541
1550
|
mongodbatlas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]]] = None,
|
1542
1551
|
mongodbs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]]] = None,
|
1543
1552
|
mssqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMssqlArgs', 'SecretsMountMssqlArgsDict']]]]] = None,
|
@@ -1545,17 +1554,17 @@ class SecretsMount(pulumi.CustomResource):
|
|
1545
1554
|
mysql_legacies: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlLegacyArgs', 'SecretsMountMysqlLegacyArgsDict']]]]] = None,
|
1546
1555
|
mysql_rds: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlRdArgs', 'SecretsMountMysqlRdArgsDict']]]]] = None,
|
1547
1556
|
mysqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]]] = None,
|
1548
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
1549
|
-
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
1557
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1558
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
|
1550
1559
|
oracles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]]] = None,
|
1551
|
-
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1552
|
-
path: Optional[pulumi.Input[str]] = None,
|
1553
|
-
plugin_version: Optional[pulumi.Input[str]] = None,
|
1560
|
+
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1561
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
1562
|
+
plugin_version: Optional[pulumi.Input[builtins.str]] = None,
|
1554
1563
|
postgresqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]]] = None,
|
1555
1564
|
redis: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]]] = None,
|
1556
1565
|
redis_elasticaches: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedisElasticachArgs', 'SecretsMountRedisElasticachArgsDict']]]]] = None,
|
1557
1566
|
redshifts: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]]] = None,
|
1558
|
-
seal_wrap: Optional[pulumi.Input[bool]] = None,
|
1567
|
+
seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
|
1559
1568
|
snowflakes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]]] = None,
|
1560
1569
|
__props__=None):
|
1561
1570
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
@@ -1616,25 +1625,25 @@ class SecretsMount(pulumi.CustomResource):
|
|
1616
1625
|
def get(resource_name: str,
|
1617
1626
|
id: pulumi.Input[str],
|
1618
1627
|
opts: Optional[pulumi.ResourceOptions] = None,
|
1619
|
-
accessor: Optional[pulumi.Input[str]] = None,
|
1620
|
-
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1621
|
-
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1622
|
-
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1623
|
-
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1628
|
+
accessor: Optional[pulumi.Input[builtins.str]] = None,
|
1629
|
+
allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1630
|
+
allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1631
|
+
audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1632
|
+
audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1624
1633
|
cassandras: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]]] = None,
|
1625
1634
|
couchbases: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]]] = None,
|
1626
|
-
default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1627
|
-
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1628
|
-
description: Optional[pulumi.Input[str]] = None,
|
1635
|
+
default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
1636
|
+
delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1637
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
1629
1638
|
elasticsearches: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]]] = None,
|
1630
|
-
engine_count: Optional[pulumi.Input[int]] = None,
|
1631
|
-
external_entropy_access: Optional[pulumi.Input[bool]] = None,
|
1639
|
+
engine_count: Optional[pulumi.Input[builtins.int]] = None,
|
1640
|
+
external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
|
1632
1641
|
hanas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]]] = None,
|
1633
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
1642
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
1634
1643
|
influxdbs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]]] = None,
|
1635
|
-
listing_visibility: Optional[pulumi.Input[str]] = None,
|
1636
|
-
local: Optional[pulumi.Input[bool]] = None,
|
1637
|
-
max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
|
1644
|
+
listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
|
1645
|
+
local: Optional[pulumi.Input[builtins.bool]] = None,
|
1646
|
+
max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
|
1638
1647
|
mongodbatlas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]]] = None,
|
1639
1648
|
mongodbs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]]] = None,
|
1640
1649
|
mssqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMssqlArgs', 'SecretsMountMssqlArgsDict']]]]] = None,
|
@@ -1642,17 +1651,17 @@ class SecretsMount(pulumi.CustomResource):
|
|
1642
1651
|
mysql_legacies: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlLegacyArgs', 'SecretsMountMysqlLegacyArgsDict']]]]] = None,
|
1643
1652
|
mysql_rds: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlRdArgs', 'SecretsMountMysqlRdArgsDict']]]]] = None,
|
1644
1653
|
mysqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]]] = None,
|
1645
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
1646
|
-
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
1654
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1655
|
+
options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
|
1647
1656
|
oracles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]]] = None,
|
1648
|
-
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1649
|
-
path: Optional[pulumi.Input[str]] = None,
|
1650
|
-
plugin_version: Optional[pulumi.Input[str]] = None,
|
1657
|
+
passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1658
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
1659
|
+
plugin_version: Optional[pulumi.Input[builtins.str]] = None,
|
1651
1660
|
postgresqls: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]]] = None,
|
1652
1661
|
redis: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]]] = None,
|
1653
1662
|
redis_elasticaches: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedisElasticachArgs', 'SecretsMountRedisElasticachArgsDict']]]]] = None,
|
1654
1663
|
redshifts: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]]] = None,
|
1655
|
-
seal_wrap: Optional[pulumi.Input[bool]] = None,
|
1664
|
+
seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
|
1656
1665
|
snowflakes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]]] = None) -> 'SecretsMount':
|
1657
1666
|
"""
|
1658
1667
|
Get an existing SecretsMount resource's state with the given name, id, and optional extra
|
@@ -1661,32 +1670,32 @@ class SecretsMount(pulumi.CustomResource):
|
|
1661
1670
|
:param str resource_name: The unique name of the resulting resource.
|
1662
1671
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
1663
1672
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
1664
|
-
:param pulumi.Input[str] accessor: Accessor of the mount
|
1665
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
1673
|
+
:param pulumi.Input[builtins.str] accessor: Accessor of the mount
|
1674
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access
|
1666
1675
|
|
1667
1676
|
The following arguments are common to all database engines:
|
1668
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
1669
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
1670
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
1677
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
|
1678
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
1679
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
1671
1680
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]] cassandras: A nested block containing configuration options for Cassandra connections.
|
1672
1681
|
*See Configuration Options for more info*
|
1673
1682
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]] couchbases: A nested block containing configuration options for Couchbase connections.
|
1674
1683
|
*See Configuration Options for more info*
|
1675
|
-
:param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
1676
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
1677
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount
|
1684
|
+
:param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
|
1685
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
|
1686
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount
|
1678
1687
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.
|
1679
1688
|
*See Configuration Options for more info*
|
1680
|
-
:param pulumi.Input[int] engine_count: The total number of database secrets engines configured.
|
1681
|
-
:param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
1689
|
+
:param pulumi.Input[builtins.int] engine_count: The total number of database secrets engines configured.
|
1690
|
+
:param pulumi.Input[builtins.bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
1682
1691
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]] hanas: A nested block containing configuration options for SAP HanaDB connections.
|
1683
1692
|
*See Configuration Options for more info*
|
1684
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
|
1693
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
|
1685
1694
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]] influxdbs: A nested block containing configuration options for InfluxDB connections.
|
1686
1695
|
*See Configuration Options for more info*
|
1687
|
-
:param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
1688
|
-
:param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
1689
|
-
:param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
1696
|
+
:param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
|
1697
|
+
:param pulumi.Input[builtins.bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
1698
|
+
:param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
|
1690
1699
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.
|
1691
1700
|
*See Configuration Options for more info*
|
1692
1701
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]] mongodbs: A nested block containing configuration options for MongoDB connections.
|
@@ -1701,13 +1710,13 @@ class SecretsMount(pulumi.CustomResource):
|
|
1701
1710
|
*See Configuration Options for more info*
|
1702
1711
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]] mysqls: A nested block containing configuration options for MySQL connections.
|
1703
1712
|
*See Configuration Options for more info*
|
1704
|
-
:param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
|
1705
|
-
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
|
1713
|
+
:param pulumi.Input[builtins.str] namespace: Target namespace. (requires Enterprise)
|
1714
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
|
1706
1715
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]] oracles: A nested block containing configuration options for Oracle connections.
|
1707
1716
|
*See Configuration Options for more info*
|
1708
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
1709
|
-
:param pulumi.Input[str] path: Where the secret backend will be mounted
|
1710
|
-
:param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
1717
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
|
1718
|
+
:param pulumi.Input[builtins.str] path: Where the secret backend will be mounted
|
1719
|
+
:param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
1711
1720
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]] postgresqls: A nested block containing configuration options for PostgreSQL connections.
|
1712
1721
|
*See Configuration Options for more info*
|
1713
1722
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]] redis: A nested block containing configuration options for Redis connections.
|
@@ -1716,7 +1725,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1716
1725
|
*See Configuration Options for more info*
|
1717
1726
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]] redshifts: A nested block containing configuration options for AWS Redshift connections.
|
1718
1727
|
*See Configuration Options for more info*
|
1719
|
-
:param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
1728
|
+
:param pulumi.Input[builtins.bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
1720
1729
|
:param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]] snowflakes: A nested block containing configuration options for Snowflake connections.
|
1721
1730
|
*See Configuration Options for more info*
|
1722
1731
|
"""
|
@@ -1766,7 +1775,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1766
1775
|
|
1767
1776
|
@property
|
1768
1777
|
@pulumi.getter
|
1769
|
-
def accessor(self) -> pulumi.Output[str]:
|
1778
|
+
def accessor(self) -> pulumi.Output[builtins.str]:
|
1770
1779
|
"""
|
1771
1780
|
Accessor of the mount
|
1772
1781
|
"""
|
@@ -1774,7 +1783,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1774
1783
|
|
1775
1784
|
@property
|
1776
1785
|
@pulumi.getter(name="allowedManagedKeys")
|
1777
|
-
def allowed_managed_keys(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1786
|
+
def allowed_managed_keys(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1778
1787
|
"""
|
1779
1788
|
Set of managed key registry entry names that the mount in question is allowed to access
|
1780
1789
|
|
@@ -1784,7 +1793,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1784
1793
|
|
1785
1794
|
@property
|
1786
1795
|
@pulumi.getter(name="allowedResponseHeaders")
|
1787
|
-
def allowed_response_headers(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1796
|
+
def allowed_response_headers(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1788
1797
|
"""
|
1789
1798
|
List of headers to allow and pass from the request to the plugin
|
1790
1799
|
"""
|
@@ -1792,7 +1801,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1792
1801
|
|
1793
1802
|
@property
|
1794
1803
|
@pulumi.getter(name="auditNonHmacRequestKeys")
|
1795
|
-
def audit_non_hmac_request_keys(self) -> pulumi.Output[Sequence[str]]:
|
1804
|
+
def audit_non_hmac_request_keys(self) -> pulumi.Output[Sequence[builtins.str]]:
|
1796
1805
|
"""
|
1797
1806
|
Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
|
1798
1807
|
"""
|
@@ -1800,7 +1809,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1800
1809
|
|
1801
1810
|
@property
|
1802
1811
|
@pulumi.getter(name="auditNonHmacResponseKeys")
|
1803
|
-
def audit_non_hmac_response_keys(self) -> pulumi.Output[Sequence[str]]:
|
1812
|
+
def audit_non_hmac_response_keys(self) -> pulumi.Output[Sequence[builtins.str]]:
|
1804
1813
|
"""
|
1805
1814
|
Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
|
1806
1815
|
"""
|
@@ -1826,7 +1835,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1826
1835
|
|
1827
1836
|
@property
|
1828
1837
|
@pulumi.getter(name="defaultLeaseTtlSeconds")
|
1829
|
-
def default_lease_ttl_seconds(self) -> pulumi.Output[int]:
|
1838
|
+
def default_lease_ttl_seconds(self) -> pulumi.Output[builtins.int]:
|
1830
1839
|
"""
|
1831
1840
|
Default lease duration for tokens and secrets in seconds
|
1832
1841
|
"""
|
@@ -1834,7 +1843,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1834
1843
|
|
1835
1844
|
@property
|
1836
1845
|
@pulumi.getter(name="delegatedAuthAccessors")
|
1837
|
-
def delegated_auth_accessors(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1846
|
+
def delegated_auth_accessors(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1838
1847
|
"""
|
1839
1848
|
List of headers to allow and pass from the request to the plugin
|
1840
1849
|
"""
|
@@ -1842,7 +1851,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1842
1851
|
|
1843
1852
|
@property
|
1844
1853
|
@pulumi.getter
|
1845
|
-
def description(self) -> pulumi.Output[Optional[str]]:
|
1854
|
+
def description(self) -> pulumi.Output[Optional[builtins.str]]:
|
1846
1855
|
"""
|
1847
1856
|
Human-friendly description of the mount
|
1848
1857
|
"""
|
@@ -1859,7 +1868,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1859
1868
|
|
1860
1869
|
@property
|
1861
1870
|
@pulumi.getter(name="engineCount")
|
1862
|
-
def engine_count(self) -> pulumi.Output[int]:
|
1871
|
+
def engine_count(self) -> pulumi.Output[builtins.int]:
|
1863
1872
|
"""
|
1864
1873
|
The total number of database secrets engines configured.
|
1865
1874
|
"""
|
@@ -1867,7 +1876,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1867
1876
|
|
1868
1877
|
@property
|
1869
1878
|
@pulumi.getter(name="externalEntropyAccess")
|
1870
|
-
def external_entropy_access(self) -> pulumi.Output[Optional[bool]]:
|
1879
|
+
def external_entropy_access(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1871
1880
|
"""
|
1872
1881
|
Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
|
1873
1882
|
"""
|
@@ -1884,7 +1893,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1884
1893
|
|
1885
1894
|
@property
|
1886
1895
|
@pulumi.getter(name="identityTokenKey")
|
1887
|
-
def identity_token_key(self) -> pulumi.Output[Optional[str]]:
|
1896
|
+
def identity_token_key(self) -> pulumi.Output[Optional[builtins.str]]:
|
1888
1897
|
"""
|
1889
1898
|
The key to use for signing plugin workload identity tokens
|
1890
1899
|
"""
|
@@ -1901,7 +1910,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1901
1910
|
|
1902
1911
|
@property
|
1903
1912
|
@pulumi.getter(name="listingVisibility")
|
1904
|
-
def listing_visibility(self) -> pulumi.Output[Optional[str]]:
|
1913
|
+
def listing_visibility(self) -> pulumi.Output[Optional[builtins.str]]:
|
1905
1914
|
"""
|
1906
1915
|
Specifies whether to show this mount in the UI-specific listing endpoint
|
1907
1916
|
"""
|
@@ -1909,7 +1918,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1909
1918
|
|
1910
1919
|
@property
|
1911
1920
|
@pulumi.getter
|
1912
|
-
def local(self) -> pulumi.Output[Optional[bool]]:
|
1921
|
+
def local(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1913
1922
|
"""
|
1914
1923
|
Boolean flag that can be explicitly set to true to enforce local mount in HA environment
|
1915
1924
|
"""
|
@@ -1917,7 +1926,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1917
1926
|
|
1918
1927
|
@property
|
1919
1928
|
@pulumi.getter(name="maxLeaseTtlSeconds")
|
1920
|
-
def max_lease_ttl_seconds(self) -> pulumi.Output[int]:
|
1929
|
+
def max_lease_ttl_seconds(self) -> pulumi.Output[builtins.int]:
|
1921
1930
|
"""
|
1922
1931
|
Maximum possible lease duration for tokens and secrets in seconds
|
1923
1932
|
"""
|
@@ -1988,7 +1997,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1988
1997
|
|
1989
1998
|
@property
|
1990
1999
|
@pulumi.getter
|
1991
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
2000
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
1992
2001
|
"""
|
1993
2002
|
Target namespace. (requires Enterprise)
|
1994
2003
|
"""
|
@@ -1996,7 +2005,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
1996
2005
|
|
1997
2006
|
@property
|
1998
2007
|
@pulumi.getter
|
1999
|
-
def options(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
|
2008
|
+
def options(self) -> pulumi.Output[Optional[Mapping[str, builtins.str]]]:
|
2000
2009
|
"""
|
2001
2010
|
Specifies mount type specific options that are passed to the backend
|
2002
2011
|
"""
|
@@ -2013,7 +2022,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
2013
2022
|
|
2014
2023
|
@property
|
2015
2024
|
@pulumi.getter(name="passthroughRequestHeaders")
|
2016
|
-
def passthrough_request_headers(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
2025
|
+
def passthrough_request_headers(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
2017
2026
|
"""
|
2018
2027
|
List of headers to allow and pass from the request to the plugin
|
2019
2028
|
"""
|
@@ -2021,7 +2030,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
2021
2030
|
|
2022
2031
|
@property
|
2023
2032
|
@pulumi.getter
|
2024
|
-
def path(self) -> pulumi.Output[str]:
|
2033
|
+
def path(self) -> pulumi.Output[builtins.str]:
|
2025
2034
|
"""
|
2026
2035
|
Where the secret backend will be mounted
|
2027
2036
|
"""
|
@@ -2029,7 +2038,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
2029
2038
|
|
2030
2039
|
@property
|
2031
2040
|
@pulumi.getter(name="pluginVersion")
|
2032
|
-
def plugin_version(self) -> pulumi.Output[Optional[str]]:
|
2041
|
+
def plugin_version(self) -> pulumi.Output[Optional[builtins.str]]:
|
2033
2042
|
"""
|
2034
2043
|
Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
|
2035
2044
|
"""
|
@@ -2073,7 +2082,7 @@ class SecretsMount(pulumi.CustomResource):
|
|
2073
2082
|
|
2074
2083
|
@property
|
2075
2084
|
@pulumi.getter(name="sealWrap")
|
2076
|
-
def seal_wrap(self) -> pulumi.Output[bool]:
|
2085
|
+
def seal_wrap(self) -> pulumi.Output[builtins.bool]:
|
2077
2086
|
"""
|
2078
2087
|
Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
|
2079
2088
|
"""
|