pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0a1741847926__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. pulumi_vault/__init__.py +8 -0
  2. pulumi_vault/aws/auth_backend_client.py +228 -4
  3. pulumi_vault/aws/secret_backend.py +266 -50
  4. pulumi_vault/aws/secret_backend_static_role.py +217 -0
  5. pulumi_vault/azure/auth_backend_config.py +257 -5
  6. pulumi_vault/azure/backend.py +249 -4
  7. pulumi_vault/database/_inputs.py +1692 -36
  8. pulumi_vault/database/outputs.py +1170 -18
  9. pulumi_vault/database/secret_backend_connection.py +220 -0
  10. pulumi_vault/database/secret_backend_static_role.py +143 -1
  11. pulumi_vault/database/secrets_mount.py +8 -0
  12. pulumi_vault/gcp/auth_backend.py +222 -2
  13. pulumi_vault/gcp/secret_backend.py +244 -4
  14. pulumi_vault/ldap/auth_backend.py +222 -2
  15. pulumi_vault/ldap/secret_backend.py +222 -2
  16. pulumi_vault/pkisecret/__init__.py +2 -0
  17. pulumi_vault/pkisecret/_inputs.py +0 -6
  18. pulumi_vault/pkisecret/backend_config_acme.py +47 -0
  19. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
  20. pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
  21. pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
  22. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
  23. pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
  24. pulumi_vault/pkisecret/outputs.py +0 -4
  25. pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
  26. pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
  27. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
  28. pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
  29. pulumi_vault/pkisecret/secret_backend_role.py +252 -3
  30. pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
  31. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
  32. pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
  33. pulumi_vault/pulumi-plugin.json +1 -1
  34. pulumi_vault/ssh/__init__.py +1 -0
  35. pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
  36. pulumi_vault/terraformcloud/secret_role.py +7 -7
  37. pulumi_vault/transit/__init__.py +2 -0
  38. pulumi_vault/transit/get_sign.py +324 -0
  39. pulumi_vault/transit/get_verify.py +354 -0
  40. pulumi_vault/transit/secret_backend_key.py +162 -0
  41. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/METADATA +1 -1
  42. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/RECORD +44 -39
  43. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/WHEEL +1 -1
  44. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/top_level.txt +0 -0
@@ -25,6 +25,7 @@ class BackendConfigCmpv2Args:
25
25
  audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
26
26
  authenticators: Optional[pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs']] = None,
27
27
  default_path_policy: Optional[pulumi.Input[str]] = None,
28
+ disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
28
29
  enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
29
30
  enabled: Optional[pulumi.Input[bool]] = None,
30
31
  namespace: Optional[pulumi.Input[str]] = None):
@@ -33,10 +34,11 @@ class BackendConfigCmpv2Args:
33
34
  :param pulumi.Input[str] backend: The path to the PKI secret backend to
34
35
  read the CMPv2 configuration from, with no leading or trailing `/`s.
35
36
  :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
36
-
37
- <a id="nestedatt--authenticators"></a>
38
37
  :param pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs'] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
39
38
  :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
39
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
40
+
41
+ <a id="nestedatt--authenticators"></a>
40
42
  :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
41
43
  :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
42
44
  :param pulumi.Input[str] namespace: The namespace of the target resource.
@@ -51,6 +53,8 @@ class BackendConfigCmpv2Args:
51
53
  pulumi.set(__self__, "authenticators", authenticators)
52
54
  if default_path_policy is not None:
53
55
  pulumi.set(__self__, "default_path_policy", default_path_policy)
56
+ if disabled_validations is not None:
57
+ pulumi.set(__self__, "disabled_validations", disabled_validations)
54
58
  if enable_sentinel_parsing is not None:
55
59
  pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
56
60
  if enabled is not None:
@@ -76,8 +80,6 @@ class BackendConfigCmpv2Args:
76
80
  def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
77
81
  """
78
82
  Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
79
-
80
- <a id="nestedatt--authenticators"></a>
81
83
  """
82
84
  return pulumi.get(self, "audit_fields")
83
85
 
@@ -109,6 +111,20 @@ class BackendConfigCmpv2Args:
109
111
  def default_path_policy(self, value: Optional[pulumi.Input[str]]):
110
112
  pulumi.set(self, "default_path_policy", value)
111
113
 
114
+ @property
115
+ @pulumi.getter(name="disabledValidations")
116
+ def disabled_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
117
+ """
118
+ A comma-separated list of validations not to perform on CMPv2 messages.
119
+
120
+ <a id="nestedatt--authenticators"></a>
121
+ """
122
+ return pulumi.get(self, "disabled_validations")
123
+
124
+ @disabled_validations.setter
125
+ def disabled_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
126
+ pulumi.set(self, "disabled_validations", value)
127
+
112
128
  @property
113
129
  @pulumi.getter(name="enableSentinelParsing")
114
130
  def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
@@ -156,6 +172,7 @@ class _BackendConfigCmpv2State:
156
172
  authenticators: Optional[pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs']] = None,
157
173
  backend: Optional[pulumi.Input[str]] = None,
158
174
  default_path_policy: Optional[pulumi.Input[str]] = None,
175
+ disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
159
176
  enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
160
177
  enabled: Optional[pulumi.Input[bool]] = None,
161
178
  last_updated: Optional[pulumi.Input[str]] = None,
@@ -163,12 +180,13 @@ class _BackendConfigCmpv2State:
163
180
  """
164
181
  Input properties used for looking up and filtering BackendConfigCmpv2 resources.
165
182
  :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
166
-
167
- <a id="nestedatt--authenticators"></a>
168
183
  :param pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs'] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
169
184
  :param pulumi.Input[str] backend: The path to the PKI secret backend to
170
185
  read the CMPv2 configuration from, with no leading or trailing `/`s.
171
186
  :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
187
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
188
+
189
+ <a id="nestedatt--authenticators"></a>
172
190
  :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
173
191
  :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
174
192
  :param pulumi.Input[str] last_updated: A read-only timestamp representing the last time the configuration was updated.
@@ -185,6 +203,8 @@ class _BackendConfigCmpv2State:
185
203
  pulumi.set(__self__, "backend", backend)
186
204
  if default_path_policy is not None:
187
205
  pulumi.set(__self__, "default_path_policy", default_path_policy)
206
+ if disabled_validations is not None:
207
+ pulumi.set(__self__, "disabled_validations", disabled_validations)
188
208
  if enable_sentinel_parsing is not None:
189
209
  pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
190
210
  if enabled is not None:
@@ -199,8 +219,6 @@ class _BackendConfigCmpv2State:
199
219
  def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
200
220
  """
201
221
  Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
202
-
203
- <a id="nestedatt--authenticators"></a>
204
222
  """
205
223
  return pulumi.get(self, "audit_fields")
206
224
 
@@ -245,6 +263,20 @@ class _BackendConfigCmpv2State:
245
263
  def default_path_policy(self, value: Optional[pulumi.Input[str]]):
246
264
  pulumi.set(self, "default_path_policy", value)
247
265
 
266
+ @property
267
+ @pulumi.getter(name="disabledValidations")
268
+ def disabled_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
269
+ """
270
+ A comma-separated list of validations not to perform on CMPv2 messages.
271
+
272
+ <a id="nestedatt--authenticators"></a>
273
+ """
274
+ return pulumi.get(self, "disabled_validations")
275
+
276
+ @disabled_validations.setter
277
+ def disabled_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
278
+ pulumi.set(self, "disabled_validations", value)
279
+
248
280
  @property
249
281
  @pulumi.getter(name="enableSentinelParsing")
250
282
  def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
@@ -306,6 +338,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
306
338
  authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
307
339
  backend: Optional[pulumi.Input[str]] = None,
308
340
  default_path_policy: Optional[pulumi.Input[str]] = None,
341
+ disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
309
342
  enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
310
343
  enabled: Optional[pulumi.Input[bool]] = None,
311
344
  namespace: Optional[pulumi.Input[str]] = None,
@@ -326,12 +359,13 @@ class BackendConfigCmpv2(pulumi.CustomResource):
326
359
  :param str resource_name: The name of the resource.
327
360
  :param pulumi.ResourceOptions opts: Options for the resource.
328
361
  :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
329
-
330
- <a id="nestedatt--authenticators"></a>
331
362
  :param pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
332
363
  :param pulumi.Input[str] backend: The path to the PKI secret backend to
333
364
  read the CMPv2 configuration from, with no leading or trailing `/`s.
334
365
  :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
366
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
367
+
368
+ <a id="nestedatt--authenticators"></a>
335
369
  :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
336
370
  :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
337
371
  :param pulumi.Input[str] namespace: The namespace of the target resource.
@@ -377,6 +411,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
377
411
  authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
378
412
  backend: Optional[pulumi.Input[str]] = None,
379
413
  default_path_policy: Optional[pulumi.Input[str]] = None,
414
+ disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
380
415
  enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
381
416
  enabled: Optional[pulumi.Input[bool]] = None,
382
417
  namespace: Optional[pulumi.Input[str]] = None,
@@ -395,6 +430,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
395
430
  raise TypeError("Missing required property 'backend'")
396
431
  __props__.__dict__["backend"] = backend
397
432
  __props__.__dict__["default_path_policy"] = default_path_policy
433
+ __props__.__dict__["disabled_validations"] = disabled_validations
398
434
  __props__.__dict__["enable_sentinel_parsing"] = enable_sentinel_parsing
399
435
  __props__.__dict__["enabled"] = enabled
400
436
  __props__.__dict__["namespace"] = namespace
@@ -413,6 +449,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
413
449
  authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
414
450
  backend: Optional[pulumi.Input[str]] = None,
415
451
  default_path_policy: Optional[pulumi.Input[str]] = None,
452
+ disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
416
453
  enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
417
454
  enabled: Optional[pulumi.Input[bool]] = None,
418
455
  last_updated: Optional[pulumi.Input[str]] = None,
@@ -425,12 +462,13 @@ class BackendConfigCmpv2(pulumi.CustomResource):
425
462
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
426
463
  :param pulumi.ResourceOptions opts: Options for the resource.
427
464
  :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
428
-
429
- <a id="nestedatt--authenticators"></a>
430
465
  :param pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
431
466
  :param pulumi.Input[str] backend: The path to the PKI secret backend to
432
467
  read the CMPv2 configuration from, with no leading or trailing `/`s.
433
468
  :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
469
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
470
+
471
+ <a id="nestedatt--authenticators"></a>
434
472
  :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
435
473
  :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
436
474
  :param pulumi.Input[str] last_updated: A read-only timestamp representing the last time the configuration was updated.
@@ -447,6 +485,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
447
485
  __props__.__dict__["authenticators"] = authenticators
448
486
  __props__.__dict__["backend"] = backend
449
487
  __props__.__dict__["default_path_policy"] = default_path_policy
488
+ __props__.__dict__["disabled_validations"] = disabled_validations
450
489
  __props__.__dict__["enable_sentinel_parsing"] = enable_sentinel_parsing
451
490
  __props__.__dict__["enabled"] = enabled
452
491
  __props__.__dict__["last_updated"] = last_updated
@@ -458,8 +497,6 @@ class BackendConfigCmpv2(pulumi.CustomResource):
458
497
  def audit_fields(self) -> pulumi.Output[Sequence[str]]:
459
498
  """
460
499
  Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
461
-
462
- <a id="nestedatt--authenticators"></a>
463
500
  """
464
501
  return pulumi.get(self, "audit_fields")
465
502
 
@@ -488,6 +525,16 @@ class BackendConfigCmpv2(pulumi.CustomResource):
488
525
  """
489
526
  return pulumi.get(self, "default_path_policy")
490
527
 
528
+ @property
529
+ @pulumi.getter(name="disabledValidations")
530
+ def disabled_validations(self) -> pulumi.Output[Optional[Sequence[str]]]:
531
+ """
532
+ A comma-separated list of validations not to perform on CMPv2 messages.
533
+
534
+ <a id="nestedatt--authenticators"></a>
535
+ """
536
+ return pulumi.get(self, "disabled_validations")
537
+
491
538
  @property
492
539
  @pulumi.getter(name="enableSentinelParsing")
493
540
  def enable_sentinel_parsing(self) -> pulumi.Output[Optional[bool]]:
@@ -0,0 +1,277 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import copy
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+
17
+ __all__ = [
18
+ 'GetBackendCertMetadataResult',
19
+ 'AwaitableGetBackendCertMetadataResult',
20
+ 'get_backend_cert_metadata',
21
+ 'get_backend_cert_metadata_output',
22
+ ]
23
+
24
+ @pulumi.output_type
25
+ class GetBackendCertMetadataResult:
26
+ """
27
+ A collection of values returned by getBackendCertMetadata.
28
+ """
29
+ def __init__(__self__, cert_metadata=None, expiration=None, id=None, issuer_id=None, namespace=None, path=None, role=None, serial=None, serial_number=None):
30
+ if cert_metadata and not isinstance(cert_metadata, str):
31
+ raise TypeError("Expected argument 'cert_metadata' to be a str")
32
+ pulumi.set(__self__, "cert_metadata", cert_metadata)
33
+ if expiration and not isinstance(expiration, str):
34
+ raise TypeError("Expected argument 'expiration' to be a str")
35
+ pulumi.set(__self__, "expiration", expiration)
36
+ if id and not isinstance(id, str):
37
+ raise TypeError("Expected argument 'id' to be a str")
38
+ pulumi.set(__self__, "id", id)
39
+ if issuer_id and not isinstance(issuer_id, str):
40
+ raise TypeError("Expected argument 'issuer_id' to be a str")
41
+ pulumi.set(__self__, "issuer_id", issuer_id)
42
+ if namespace and not isinstance(namespace, str):
43
+ raise TypeError("Expected argument 'namespace' to be a str")
44
+ pulumi.set(__self__, "namespace", namespace)
45
+ if path and not isinstance(path, str):
46
+ raise TypeError("Expected argument 'path' to be a str")
47
+ pulumi.set(__self__, "path", path)
48
+ if role and not isinstance(role, str):
49
+ raise TypeError("Expected argument 'role' to be a str")
50
+ pulumi.set(__self__, "role", role)
51
+ if serial and not isinstance(serial, str):
52
+ raise TypeError("Expected argument 'serial' to be a str")
53
+ pulumi.set(__self__, "serial", serial)
54
+ if serial_number and not isinstance(serial_number, str):
55
+ raise TypeError("Expected argument 'serial_number' to be a str")
56
+ pulumi.set(__self__, "serial_number", serial_number)
57
+
58
+ @property
59
+ @pulumi.getter(name="certMetadata")
60
+ def cert_metadata(self) -> str:
61
+ """
62
+ The metadata associated with the certificate
63
+ """
64
+ return pulumi.get(self, "cert_metadata")
65
+
66
+ @property
67
+ @pulumi.getter
68
+ def expiration(self) -> str:
69
+ """
70
+ The expiration date of the certificate in unix epoch format
71
+ """
72
+ return pulumi.get(self, "expiration")
73
+
74
+ @property
75
+ @pulumi.getter
76
+ def id(self) -> str:
77
+ """
78
+ The provider-assigned unique ID for this managed resource.
79
+ """
80
+ return pulumi.get(self, "id")
81
+
82
+ @property
83
+ @pulumi.getter(name="issuerId")
84
+ def issuer_id(self) -> str:
85
+ """
86
+ ID of the issuer.
87
+ """
88
+ return pulumi.get(self, "issuer_id")
89
+
90
+ @property
91
+ @pulumi.getter
92
+ def namespace(self) -> Optional[str]:
93
+ return pulumi.get(self, "namespace")
94
+
95
+ @property
96
+ @pulumi.getter
97
+ def path(self) -> str:
98
+ return pulumi.get(self, "path")
99
+
100
+ @property
101
+ @pulumi.getter
102
+ def role(self) -> str:
103
+ """
104
+ The role used to create the certificate
105
+ """
106
+ return pulumi.get(self, "role")
107
+
108
+ @property
109
+ @pulumi.getter
110
+ def serial(self) -> str:
111
+ return pulumi.get(self, "serial")
112
+
113
+ @property
114
+ @pulumi.getter(name="serialNumber")
115
+ def serial_number(self) -> str:
116
+ """
117
+ The serial number
118
+ """
119
+ return pulumi.get(self, "serial_number")
120
+
121
+
122
+ class AwaitableGetBackendCertMetadataResult(GetBackendCertMetadataResult):
123
+ # pylint: disable=using-constant-test
124
+ def __await__(self):
125
+ if False:
126
+ yield self
127
+ return GetBackendCertMetadataResult(
128
+ cert_metadata=self.cert_metadata,
129
+ expiration=self.expiration,
130
+ id=self.id,
131
+ issuer_id=self.issuer_id,
132
+ namespace=self.namespace,
133
+ path=self.path,
134
+ role=self.role,
135
+ serial=self.serial,
136
+ serial_number=self.serial_number)
137
+
138
+
139
+ def get_backend_cert_metadata(namespace: Optional[str] = None,
140
+ path: Optional[str] = None,
141
+ serial: Optional[str] = None,
142
+ opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendCertMetadataResult:
143
+ """
144
+ ## Example Usage
145
+
146
+ ```python
147
+ import pulumi
148
+ import pulumi_vault as vault
149
+
150
+ pki = vault.Mount("pki",
151
+ path="pki",
152
+ type="pki",
153
+ description="PKI secret engine mount")
154
+ root = vault.pki_secret.SecretBackendRootCert("root",
155
+ backend=pki.path,
156
+ type="internal",
157
+ common_name="example",
158
+ ttl="86400",
159
+ issuer_name="example")
160
+ test_secret_backend_role = vault.pki_secret.SecretBackendRole("test",
161
+ backend=test_vault_pki_secret_backend_root_cert["backend"],
162
+ name="test",
163
+ allowed_domains=["test.my.domain"],
164
+ allow_subdomains=True,
165
+ max_ttl="3600",
166
+ key_usages=[
167
+ "DigitalSignature",
168
+ "KeyAgreement",
169
+ "KeyEncipherment",
170
+ ],
171
+ no_store_metadata=False)
172
+ test_secret_backend_cert = vault.pki_secret.SecretBackendCert("test",
173
+ backend=test_secret_backend_role.backend,
174
+ name=test_secret_backend_role.name,
175
+ common_name="cert.test.my.domain",
176
+ ttl="720h",
177
+ min_seconds_remaining=60,
178
+ cert_metadata="dGVzdCBtZXRhZGF0YQ==")
179
+ test = test_secret_backend_cert.serial_number.apply(lambda serial_number: vault.pkiSecret.get_backend_cert_metadata_output(path=test_root["path"],
180
+ serial=serial_number))
181
+ ```
182
+
183
+
184
+ :param str namespace: The namespace of the target resource.
185
+ The value should not contain leading or trailing forward slashes.
186
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
187
+ *Available only for Vault Enterprise*.
188
+ :param str path: The path to the PKI secret backend to
189
+ read the cert metadata from, with no leading or trailing `/`s.
190
+ :param str serial: Specifies the serial of the certificate whose metadata to read.
191
+ """
192
+ __args__ = dict()
193
+ __args__['namespace'] = namespace
194
+ __args__['path'] = path
195
+ __args__['serial'] = serial
196
+ opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
197
+ __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendCertMetadata:getBackendCertMetadata', __args__, opts=opts, typ=GetBackendCertMetadataResult).value
198
+
199
+ return AwaitableGetBackendCertMetadataResult(
200
+ cert_metadata=pulumi.get(__ret__, 'cert_metadata'),
201
+ expiration=pulumi.get(__ret__, 'expiration'),
202
+ id=pulumi.get(__ret__, 'id'),
203
+ issuer_id=pulumi.get(__ret__, 'issuer_id'),
204
+ namespace=pulumi.get(__ret__, 'namespace'),
205
+ path=pulumi.get(__ret__, 'path'),
206
+ role=pulumi.get(__ret__, 'role'),
207
+ serial=pulumi.get(__ret__, 'serial'),
208
+ serial_number=pulumi.get(__ret__, 'serial_number'))
209
+ def get_backend_cert_metadata_output(namespace: Optional[pulumi.Input[Optional[str]]] = None,
210
+ path: Optional[pulumi.Input[str]] = None,
211
+ serial: Optional[pulumi.Input[str]] = None,
212
+ opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetBackendCertMetadataResult]:
213
+ """
214
+ ## Example Usage
215
+
216
+ ```python
217
+ import pulumi
218
+ import pulumi_vault as vault
219
+
220
+ pki = vault.Mount("pki",
221
+ path="pki",
222
+ type="pki",
223
+ description="PKI secret engine mount")
224
+ root = vault.pki_secret.SecretBackendRootCert("root",
225
+ backend=pki.path,
226
+ type="internal",
227
+ common_name="example",
228
+ ttl="86400",
229
+ issuer_name="example")
230
+ test_secret_backend_role = vault.pki_secret.SecretBackendRole("test",
231
+ backend=test_vault_pki_secret_backend_root_cert["backend"],
232
+ name="test",
233
+ allowed_domains=["test.my.domain"],
234
+ allow_subdomains=True,
235
+ max_ttl="3600",
236
+ key_usages=[
237
+ "DigitalSignature",
238
+ "KeyAgreement",
239
+ "KeyEncipherment",
240
+ ],
241
+ no_store_metadata=False)
242
+ test_secret_backend_cert = vault.pki_secret.SecretBackendCert("test",
243
+ backend=test_secret_backend_role.backend,
244
+ name=test_secret_backend_role.name,
245
+ common_name="cert.test.my.domain",
246
+ ttl="720h",
247
+ min_seconds_remaining=60,
248
+ cert_metadata="dGVzdCBtZXRhZGF0YQ==")
249
+ test = test_secret_backend_cert.serial_number.apply(lambda serial_number: vault.pkiSecret.get_backend_cert_metadata_output(path=test_root["path"],
250
+ serial=serial_number))
251
+ ```
252
+
253
+
254
+ :param str namespace: The namespace of the target resource.
255
+ The value should not contain leading or trailing forward slashes.
256
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
257
+ *Available only for Vault Enterprise*.
258
+ :param str path: The path to the PKI secret backend to
259
+ read the cert metadata from, with no leading or trailing `/`s.
260
+ :param str serial: Specifies the serial of the certificate whose metadata to read.
261
+ """
262
+ __args__ = dict()
263
+ __args__['namespace'] = namespace
264
+ __args__['path'] = path
265
+ __args__['serial'] = serial
266
+ opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
267
+ __ret__ = pulumi.runtime.invoke_output('vault:pkiSecret/getBackendCertMetadata:getBackendCertMetadata', __args__, opts=opts, typ=GetBackendCertMetadataResult)
268
+ return __ret__.apply(lambda __response__: GetBackendCertMetadataResult(
269
+ cert_metadata=pulumi.get(__response__, 'cert_metadata'),
270
+ expiration=pulumi.get(__response__, 'expiration'),
271
+ id=pulumi.get(__response__, 'id'),
272
+ issuer_id=pulumi.get(__response__, 'issuer_id'),
273
+ namespace=pulumi.get(__response__, 'namespace'),
274
+ path=pulumi.get(__response__, 'path'),
275
+ role=pulumi.get(__response__, 'role'),
276
+ serial=pulumi.get(__response__, 'serial'),
277
+ serial_number=pulumi.get(__response__, 'serial_number')))
@@ -27,7 +27,7 @@ class GetBackendConfigCmpv2Result:
27
27
  """
28
28
  A collection of values returned by getBackendConfigCmpv2.
29
29
  """
30
- def __init__(__self__, audit_fields=None, authenticators=None, backend=None, default_path_policy=None, enable_sentinel_parsing=None, enabled=None, id=None, last_updated=None, namespace=None):
30
+ def __init__(__self__, audit_fields=None, authenticators=None, backend=None, default_path_policy=None, disabled_validations=None, enable_sentinel_parsing=None, enabled=None, id=None, last_updated=None, namespace=None):
31
31
  if audit_fields and not isinstance(audit_fields, list):
32
32
  raise TypeError("Expected argument 'audit_fields' to be a list")
33
33
  pulumi.set(__self__, "audit_fields", audit_fields)
@@ -40,6 +40,9 @@ class GetBackendConfigCmpv2Result:
40
40
  if default_path_policy and not isinstance(default_path_policy, str):
41
41
  raise TypeError("Expected argument 'default_path_policy' to be a str")
42
42
  pulumi.set(__self__, "default_path_policy", default_path_policy)
43
+ if disabled_validations and not isinstance(disabled_validations, list):
44
+ raise TypeError("Expected argument 'disabled_validations' to be a list")
45
+ pulumi.set(__self__, "disabled_validations", disabled_validations)
43
46
  if enable_sentinel_parsing and not isinstance(enable_sentinel_parsing, bool):
44
47
  raise TypeError("Expected argument 'enable_sentinel_parsing' to be a bool")
45
48
  pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
@@ -76,6 +79,11 @@ class GetBackendConfigCmpv2Result:
76
79
  def default_path_policy(self) -> str:
77
80
  return pulumi.get(self, "default_path_policy")
78
81
 
82
+ @property
83
+ @pulumi.getter(name="disabledValidations")
84
+ def disabled_validations(self) -> Optional[Sequence[str]]:
85
+ return pulumi.get(self, "disabled_validations")
86
+
79
87
  @property
80
88
  @pulumi.getter(name="enableSentinelParsing")
81
89
  def enable_sentinel_parsing(self) -> bool:
@@ -115,6 +123,7 @@ class AwaitableGetBackendConfigCmpv2Result(GetBackendConfigCmpv2Result):
115
123
  authenticators=self.authenticators,
116
124
  backend=self.backend,
117
125
  default_path_policy=self.default_path_policy,
126
+ disabled_validations=self.disabled_validations,
118
127
  enable_sentinel_parsing=self.enable_sentinel_parsing,
119
128
  enabled=self.enabled,
120
129
  id=self.id,
@@ -123,6 +132,7 @@ class AwaitableGetBackendConfigCmpv2Result(GetBackendConfigCmpv2Result):
123
132
 
124
133
 
125
134
  def get_backend_config_cmpv2(backend: Optional[str] = None,
135
+ disabled_validations: Optional[Sequence[str]] = None,
126
136
  namespace: Optional[str] = None,
127
137
  opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendConfigCmpv2Result:
128
138
  """
@@ -144,6 +154,7 @@ def get_backend_config_cmpv2(backend: Optional[str] = None,
144
154
  read the CMPv2 configuration from, with no leading or trailing `/`s.
145
155
 
146
156
  # Attributes Reference
157
+ :param Sequence[str] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
147
158
  :param str namespace: The namespace of the target resource.
148
159
  The value should not contain leading or trailing forward slashes.
149
160
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
@@ -151,6 +162,7 @@ def get_backend_config_cmpv2(backend: Optional[str] = None,
151
162
  """
152
163
  __args__ = dict()
153
164
  __args__['backend'] = backend
165
+ __args__['disabledValidations'] = disabled_validations
154
166
  __args__['namespace'] = namespace
155
167
  opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
156
168
  __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendConfigCmpv2:getBackendConfigCmpv2', __args__, opts=opts, typ=GetBackendConfigCmpv2Result).value
@@ -160,12 +172,14 @@ def get_backend_config_cmpv2(backend: Optional[str] = None,
160
172
  authenticators=pulumi.get(__ret__, 'authenticators'),
161
173
  backend=pulumi.get(__ret__, 'backend'),
162
174
  default_path_policy=pulumi.get(__ret__, 'default_path_policy'),
175
+ disabled_validations=pulumi.get(__ret__, 'disabled_validations'),
163
176
  enable_sentinel_parsing=pulumi.get(__ret__, 'enable_sentinel_parsing'),
164
177
  enabled=pulumi.get(__ret__, 'enabled'),
165
178
  id=pulumi.get(__ret__, 'id'),
166
179
  last_updated=pulumi.get(__ret__, 'last_updated'),
167
180
  namespace=pulumi.get(__ret__, 'namespace'))
168
181
  def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
182
+ disabled_validations: Optional[pulumi.Input[Optional[Sequence[str]]]] = None,
169
183
  namespace: Optional[pulumi.Input[Optional[str]]] = None,
170
184
  opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetBackendConfigCmpv2Result]:
171
185
  """
@@ -187,6 +201,7 @@ def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
187
201
  read the CMPv2 configuration from, with no leading or trailing `/`s.
188
202
 
189
203
  # Attributes Reference
204
+ :param Sequence[str] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
190
205
  :param str namespace: The namespace of the target resource.
191
206
  The value should not contain leading or trailing forward slashes.
192
207
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
@@ -194,6 +209,7 @@ def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
194
209
  """
195
210
  __args__ = dict()
196
211
  __args__['backend'] = backend
212
+ __args__['disabledValidations'] = disabled_validations
197
213
  __args__['namespace'] = namespace
198
214
  opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
199
215
  __ret__ = pulumi.runtime.invoke_output('vault:pkiSecret/getBackendConfigCmpv2:getBackendConfigCmpv2', __args__, opts=opts, typ=GetBackendConfigCmpv2Result)
@@ -202,6 +218,7 @@ def get_backend_config_cmpv2_output(backend: Optional[pulumi.Input[str]] = None,
202
218
  authenticators=pulumi.get(__response__, 'authenticators'),
203
219
  backend=pulumi.get(__response__, 'backend'),
204
220
  default_path_policy=pulumi.get(__response__, 'default_path_policy'),
221
+ disabled_validations=pulumi.get(__response__, 'disabled_validations'),
205
222
  enable_sentinel_parsing=pulumi.get(__response__, 'enable_sentinel_parsing'),
206
223
  enabled=pulumi.get(__response__, 'enabled'),
207
224
  id=pulumi.get(__response__, 'id'),