pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0a1741847926__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +8 -0
- pulumi_vault/aws/auth_backend_client.py +228 -4
- pulumi_vault/aws/secret_backend.py +266 -50
- pulumi_vault/aws/secret_backend_static_role.py +217 -0
- pulumi_vault/azure/auth_backend_config.py +257 -5
- pulumi_vault/azure/backend.py +249 -4
- pulumi_vault/database/_inputs.py +1692 -36
- pulumi_vault/database/outputs.py +1170 -18
- pulumi_vault/database/secret_backend_connection.py +220 -0
- pulumi_vault/database/secret_backend_static_role.py +143 -1
- pulumi_vault/database/secrets_mount.py +8 -0
- pulumi_vault/gcp/auth_backend.py +222 -2
- pulumi_vault/gcp/secret_backend.py +244 -4
- pulumi_vault/ldap/auth_backend.py +222 -2
- pulumi_vault/ldap/secret_backend.py +222 -2
- pulumi_vault/pkisecret/__init__.py +2 -0
- pulumi_vault/pkisecret/_inputs.py +0 -6
- pulumi_vault/pkisecret/backend_config_acme.py +47 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
- pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
- pulumi_vault/pkisecret/outputs.py +0 -4
- pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
- pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
- pulumi_vault/pkisecret/secret_backend_role.py +252 -3
- pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
- pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/terraformcloud/secret_role.py +7 -7
- pulumi_vault/transit/__init__.py +2 -0
- pulumi_vault/transit/get_sign.py +324 -0
- pulumi_vault/transit/get_verify.py +354 -0
- pulumi_vault/transit/secret_backend_key.py +162 -0
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/METADATA +1 -1
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/RECORD +44 -39
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/WHEEL +1 -1
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/top_level.txt +0 -0
@@ -24,6 +24,7 @@ class SecretBackendSignArgs:
|
|
24
24
|
csr: pulumi.Input[str],
|
25
25
|
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
26
26
|
auto_renew: Optional[pulumi.Input[bool]] = None,
|
27
|
+
cert_metadata: Optional[pulumi.Input[str]] = None,
|
27
28
|
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
28
29
|
format: Optional[pulumi.Input[str]] = None,
|
29
30
|
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -31,6 +32,7 @@ class SecretBackendSignArgs:
|
|
31
32
|
min_seconds_remaining: Optional[pulumi.Input[int]] = None,
|
32
33
|
name: Optional[pulumi.Input[str]] = None,
|
33
34
|
namespace: Optional[pulumi.Input[str]] = None,
|
35
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
34
36
|
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
35
37
|
ttl: Optional[pulumi.Input[str]] = None,
|
36
38
|
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
|
@@ -41,6 +43,7 @@ class SecretBackendSignArgs:
|
|
41
43
|
:param pulumi.Input[str] csr: The CSR
|
42
44
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
43
45
|
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
46
|
+
:param pulumi.Input[str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
44
47
|
:param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
45
48
|
:param pulumi.Input[str] format: The format of data
|
46
49
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
|
@@ -54,6 +57,7 @@ class SecretBackendSignArgs:
|
|
54
57
|
The value should not contain leading or trailing forward slashes.
|
55
58
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
56
59
|
*Available only for Vault Enterprise*.
|
60
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
57
61
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
58
62
|
:param pulumi.Input[str] ttl: Time to live
|
59
63
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
@@ -65,6 +69,8 @@ class SecretBackendSignArgs:
|
|
65
69
|
pulumi.set(__self__, "alt_names", alt_names)
|
66
70
|
if auto_renew is not None:
|
67
71
|
pulumi.set(__self__, "auto_renew", auto_renew)
|
72
|
+
if cert_metadata is not None:
|
73
|
+
pulumi.set(__self__, "cert_metadata", cert_metadata)
|
68
74
|
if exclude_cn_from_sans is not None:
|
69
75
|
pulumi.set(__self__, "exclude_cn_from_sans", exclude_cn_from_sans)
|
70
76
|
if format is not None:
|
@@ -79,6 +85,8 @@ class SecretBackendSignArgs:
|
|
79
85
|
pulumi.set(__self__, "name", name)
|
80
86
|
if namespace is not None:
|
81
87
|
pulumi.set(__self__, "namespace", namespace)
|
88
|
+
if not_after is not None:
|
89
|
+
pulumi.set(__self__, "not_after", not_after)
|
82
90
|
if other_sans is not None:
|
83
91
|
pulumi.set(__self__, "other_sans", other_sans)
|
84
92
|
if ttl is not None:
|
@@ -146,6 +154,18 @@ class SecretBackendSignArgs:
|
|
146
154
|
def auto_renew(self, value: Optional[pulumi.Input[bool]]):
|
147
155
|
pulumi.set(self, "auto_renew", value)
|
148
156
|
|
157
|
+
@property
|
158
|
+
@pulumi.getter(name="certMetadata")
|
159
|
+
def cert_metadata(self) -> Optional[pulumi.Input[str]]:
|
160
|
+
"""
|
161
|
+
A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
162
|
+
"""
|
163
|
+
return pulumi.get(self, "cert_metadata")
|
164
|
+
|
165
|
+
@cert_metadata.setter
|
166
|
+
def cert_metadata(self, value: Optional[pulumi.Input[str]]):
|
167
|
+
pulumi.set(self, "cert_metadata", value)
|
168
|
+
|
149
169
|
@property
|
150
170
|
@pulumi.getter(name="excludeCnFromSans")
|
151
171
|
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[bool]]:
|
@@ -236,6 +256,18 @@ class SecretBackendSignArgs:
|
|
236
256
|
def namespace(self, value: Optional[pulumi.Input[str]]):
|
237
257
|
pulumi.set(self, "namespace", value)
|
238
258
|
|
259
|
+
@property
|
260
|
+
@pulumi.getter(name="notAfter")
|
261
|
+
def not_after(self) -> Optional[pulumi.Input[str]]:
|
262
|
+
"""
|
263
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
264
|
+
"""
|
265
|
+
return pulumi.get(self, "not_after")
|
266
|
+
|
267
|
+
@not_after.setter
|
268
|
+
def not_after(self, value: Optional[pulumi.Input[str]]):
|
269
|
+
pulumi.set(self, "not_after", value)
|
270
|
+
|
239
271
|
@property
|
240
272
|
@pulumi.getter(name="otherSans")
|
241
273
|
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
@@ -280,6 +312,7 @@ class _SecretBackendSignState:
|
|
280
312
|
auto_renew: Optional[pulumi.Input[bool]] = None,
|
281
313
|
backend: Optional[pulumi.Input[str]] = None,
|
282
314
|
ca_chains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
315
|
+
cert_metadata: Optional[pulumi.Input[str]] = None,
|
283
316
|
certificate: Optional[pulumi.Input[str]] = None,
|
284
317
|
common_name: Optional[pulumi.Input[str]] = None,
|
285
318
|
csr: Optional[pulumi.Input[str]] = None,
|
@@ -292,6 +325,7 @@ class _SecretBackendSignState:
|
|
292
325
|
min_seconds_remaining: Optional[pulumi.Input[int]] = None,
|
293
326
|
name: Optional[pulumi.Input[str]] = None,
|
294
327
|
namespace: Optional[pulumi.Input[str]] = None,
|
328
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
295
329
|
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
296
330
|
renew_pending: Optional[pulumi.Input[bool]] = None,
|
297
331
|
serial_number: Optional[pulumi.Input[str]] = None,
|
@@ -303,6 +337,7 @@ class _SecretBackendSignState:
|
|
303
337
|
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
304
338
|
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
305
339
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] ca_chains: The CA chain
|
340
|
+
:param pulumi.Input[str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
306
341
|
:param pulumi.Input[str] certificate: The certificate
|
307
342
|
:param pulumi.Input[str] common_name: CN of certificate to create
|
308
343
|
:param pulumi.Input[str] csr: The CSR
|
@@ -321,6 +356,7 @@ class _SecretBackendSignState:
|
|
321
356
|
The value should not contain leading or trailing forward slashes.
|
322
357
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
323
358
|
*Available only for Vault Enterprise*.
|
359
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
324
360
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
325
361
|
:param pulumi.Input[bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
326
362
|
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
@@ -335,6 +371,8 @@ class _SecretBackendSignState:
|
|
335
371
|
pulumi.set(__self__, "backend", backend)
|
336
372
|
if ca_chains is not None:
|
337
373
|
pulumi.set(__self__, "ca_chains", ca_chains)
|
374
|
+
if cert_metadata is not None:
|
375
|
+
pulumi.set(__self__, "cert_metadata", cert_metadata)
|
338
376
|
if certificate is not None:
|
339
377
|
pulumi.set(__self__, "certificate", certificate)
|
340
378
|
if common_name is not None:
|
@@ -359,6 +397,8 @@ class _SecretBackendSignState:
|
|
359
397
|
pulumi.set(__self__, "name", name)
|
360
398
|
if namespace is not None:
|
361
399
|
pulumi.set(__self__, "namespace", namespace)
|
400
|
+
if not_after is not None:
|
401
|
+
pulumi.set(__self__, "not_after", not_after)
|
362
402
|
if other_sans is not None:
|
363
403
|
pulumi.set(__self__, "other_sans", other_sans)
|
364
404
|
if renew_pending is not None:
|
@@ -418,6 +458,18 @@ class _SecretBackendSignState:
|
|
418
458
|
def ca_chains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
419
459
|
pulumi.set(self, "ca_chains", value)
|
420
460
|
|
461
|
+
@property
|
462
|
+
@pulumi.getter(name="certMetadata")
|
463
|
+
def cert_metadata(self) -> Optional[pulumi.Input[str]]:
|
464
|
+
"""
|
465
|
+
A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
466
|
+
"""
|
467
|
+
return pulumi.get(self, "cert_metadata")
|
468
|
+
|
469
|
+
@cert_metadata.setter
|
470
|
+
def cert_metadata(self, value: Optional[pulumi.Input[str]]):
|
471
|
+
pulumi.set(self, "cert_metadata", value)
|
472
|
+
|
421
473
|
@property
|
422
474
|
@pulumi.getter
|
423
475
|
def certificate(self) -> Optional[pulumi.Input[str]]:
|
@@ -568,6 +620,18 @@ class _SecretBackendSignState:
|
|
568
620
|
def namespace(self, value: Optional[pulumi.Input[str]]):
|
569
621
|
pulumi.set(self, "namespace", value)
|
570
622
|
|
623
|
+
@property
|
624
|
+
@pulumi.getter(name="notAfter")
|
625
|
+
def not_after(self) -> Optional[pulumi.Input[str]]:
|
626
|
+
"""
|
627
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
628
|
+
"""
|
629
|
+
return pulumi.get(self, "not_after")
|
630
|
+
|
631
|
+
@not_after.setter
|
632
|
+
def not_after(self, value: Optional[pulumi.Input[str]]):
|
633
|
+
pulumi.set(self, "not_after", value)
|
634
|
+
|
571
635
|
@property
|
572
636
|
@pulumi.getter(name="otherSans")
|
573
637
|
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
@@ -637,6 +701,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
637
701
|
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
638
702
|
auto_renew: Optional[pulumi.Input[bool]] = None,
|
639
703
|
backend: Optional[pulumi.Input[str]] = None,
|
704
|
+
cert_metadata: Optional[pulumi.Input[str]] = None,
|
640
705
|
common_name: Optional[pulumi.Input[str]] = None,
|
641
706
|
csr: Optional[pulumi.Input[str]] = None,
|
642
707
|
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
@@ -646,6 +711,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
646
711
|
min_seconds_remaining: Optional[pulumi.Input[int]] = None,
|
647
712
|
name: Optional[pulumi.Input[str]] = None,
|
648
713
|
namespace: Optional[pulumi.Input[str]] = None,
|
714
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
649
715
|
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
650
716
|
ttl: Optional[pulumi.Input[str]] = None,
|
651
717
|
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -697,6 +763,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
697
763
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
698
764
|
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
699
765
|
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
766
|
+
:param pulumi.Input[str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
700
767
|
:param pulumi.Input[str] common_name: CN of certificate to create
|
701
768
|
:param pulumi.Input[str] csr: The CSR
|
702
769
|
:param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
@@ -712,6 +779,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
712
779
|
The value should not contain leading or trailing forward slashes.
|
713
780
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
714
781
|
*Available only for Vault Enterprise*.
|
782
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
715
783
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
716
784
|
:param pulumi.Input[str] ttl: Time to live
|
717
785
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
@@ -782,6 +850,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
782
850
|
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
783
851
|
auto_renew: Optional[pulumi.Input[bool]] = None,
|
784
852
|
backend: Optional[pulumi.Input[str]] = None,
|
853
|
+
cert_metadata: Optional[pulumi.Input[str]] = None,
|
785
854
|
common_name: Optional[pulumi.Input[str]] = None,
|
786
855
|
csr: Optional[pulumi.Input[str]] = None,
|
787
856
|
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
@@ -791,6 +860,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
791
860
|
min_seconds_remaining: Optional[pulumi.Input[int]] = None,
|
792
861
|
name: Optional[pulumi.Input[str]] = None,
|
793
862
|
namespace: Optional[pulumi.Input[str]] = None,
|
863
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
794
864
|
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
795
865
|
ttl: Optional[pulumi.Input[str]] = None,
|
796
866
|
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
@@ -808,6 +878,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
808
878
|
if backend is None and not opts.urn:
|
809
879
|
raise TypeError("Missing required property 'backend'")
|
810
880
|
__props__.__dict__["backend"] = backend
|
881
|
+
__props__.__dict__["cert_metadata"] = cert_metadata
|
811
882
|
if common_name is None and not opts.urn:
|
812
883
|
raise TypeError("Missing required property 'common_name'")
|
813
884
|
__props__.__dict__["common_name"] = common_name
|
@@ -821,6 +892,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
821
892
|
__props__.__dict__["min_seconds_remaining"] = min_seconds_remaining
|
822
893
|
__props__.__dict__["name"] = name
|
823
894
|
__props__.__dict__["namespace"] = namespace
|
895
|
+
__props__.__dict__["not_after"] = not_after
|
824
896
|
__props__.__dict__["other_sans"] = other_sans
|
825
897
|
__props__.__dict__["ttl"] = ttl
|
826
898
|
__props__.__dict__["uri_sans"] = uri_sans
|
@@ -844,6 +916,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
844
916
|
auto_renew: Optional[pulumi.Input[bool]] = None,
|
845
917
|
backend: Optional[pulumi.Input[str]] = None,
|
846
918
|
ca_chains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
919
|
+
cert_metadata: Optional[pulumi.Input[str]] = None,
|
847
920
|
certificate: Optional[pulumi.Input[str]] = None,
|
848
921
|
common_name: Optional[pulumi.Input[str]] = None,
|
849
922
|
csr: Optional[pulumi.Input[str]] = None,
|
@@ -856,6 +929,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
856
929
|
min_seconds_remaining: Optional[pulumi.Input[int]] = None,
|
857
930
|
name: Optional[pulumi.Input[str]] = None,
|
858
931
|
namespace: Optional[pulumi.Input[str]] = None,
|
932
|
+
not_after: Optional[pulumi.Input[str]] = None,
|
859
933
|
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
860
934
|
renew_pending: Optional[pulumi.Input[bool]] = None,
|
861
935
|
serial_number: Optional[pulumi.Input[str]] = None,
|
@@ -872,6 +946,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
872
946
|
:param pulumi.Input[bool] auto_renew: If set to `true`, certs will be renewed if the expiration is within `min_seconds_remaining`. Default `false`
|
873
947
|
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
874
948
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] ca_chains: The CA chain
|
949
|
+
:param pulumi.Input[str] cert_metadata: A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
875
950
|
:param pulumi.Input[str] certificate: The certificate
|
876
951
|
:param pulumi.Input[str] common_name: CN of certificate to create
|
877
952
|
:param pulumi.Input[str] csr: The CSR
|
@@ -890,6 +965,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
890
965
|
The value should not contain leading or trailing forward slashes.
|
891
966
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
892
967
|
*Available only for Vault Enterprise*.
|
968
|
+
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
893
969
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
894
970
|
:param pulumi.Input[bool] renew_pending: `true` if the current time (during refresh) is after the start of the early renewal window declared by `min_seconds_remaining`, and `false` otherwise; if `auto_renew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
|
895
971
|
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
@@ -904,6 +980,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
904
980
|
__props__.__dict__["auto_renew"] = auto_renew
|
905
981
|
__props__.__dict__["backend"] = backend
|
906
982
|
__props__.__dict__["ca_chains"] = ca_chains
|
983
|
+
__props__.__dict__["cert_metadata"] = cert_metadata
|
907
984
|
__props__.__dict__["certificate"] = certificate
|
908
985
|
__props__.__dict__["common_name"] = common_name
|
909
986
|
__props__.__dict__["csr"] = csr
|
@@ -916,6 +993,7 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
916
993
|
__props__.__dict__["min_seconds_remaining"] = min_seconds_remaining
|
917
994
|
__props__.__dict__["name"] = name
|
918
995
|
__props__.__dict__["namespace"] = namespace
|
996
|
+
__props__.__dict__["not_after"] = not_after
|
919
997
|
__props__.__dict__["other_sans"] = other_sans
|
920
998
|
__props__.__dict__["renew_pending"] = renew_pending
|
921
999
|
__props__.__dict__["serial_number"] = serial_number
|
@@ -955,6 +1033,14 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
955
1033
|
"""
|
956
1034
|
return pulumi.get(self, "ca_chains")
|
957
1035
|
|
1036
|
+
@property
|
1037
|
+
@pulumi.getter(name="certMetadata")
|
1038
|
+
def cert_metadata(self) -> pulumi.Output[Optional[str]]:
|
1039
|
+
"""
|
1040
|
+
A base 64 encoded value or an empty string to associate with the certificate's serial number. The role's no_store_metadata must be set to false, otherwise an error is returned when specified.
|
1041
|
+
"""
|
1042
|
+
return pulumi.get(self, "cert_metadata")
|
1043
|
+
|
958
1044
|
@property
|
959
1045
|
@pulumi.getter
|
960
1046
|
def certificate(self) -> pulumi.Output[str]:
|
@@ -1057,6 +1143,14 @@ class SecretBackendSign(pulumi.CustomResource):
|
|
1057
1143
|
"""
|
1058
1144
|
return pulumi.get(self, "namespace")
|
1059
1145
|
|
1146
|
+
@property
|
1147
|
+
@pulumi.getter(name="notAfter")
|
1148
|
+
def not_after(self) -> pulumi.Output[Optional[str]]:
|
1149
|
+
"""
|
1150
|
+
Set the Not After field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1151
|
+
"""
|
1152
|
+
return pulumi.get(self, "not_after")
|
1153
|
+
|
1060
1154
|
@property
|
1061
1155
|
@pulumi.getter(name="otherSans")
|
1062
1156
|
def other_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
pulumi_vault/pulumi-plugin.json
CHANGED
pulumi_vault/ssh/__init__.py
CHANGED
@@ -0,0 +1,294 @@
|
|
1
|
+
# coding=utf-8
|
2
|
+
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
|
+
|
5
|
+
import copy
|
6
|
+
import warnings
|
7
|
+
import sys
|
8
|
+
import pulumi
|
9
|
+
import pulumi.runtime
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
11
|
+
if sys.version_info >= (3, 11):
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
13
|
+
else:
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
15
|
+
from .. import _utilities
|
16
|
+
|
17
|
+
__all__ = [
|
18
|
+
'GetSecretBackendSignResult',
|
19
|
+
'AwaitableGetSecretBackendSignResult',
|
20
|
+
'get_secret_backend_sign',
|
21
|
+
'get_secret_backend_sign_output',
|
22
|
+
]
|
23
|
+
|
24
|
+
@pulumi.output_type
|
25
|
+
class GetSecretBackendSignResult:
|
26
|
+
"""
|
27
|
+
A collection of values returned by getSecretBackendSign.
|
28
|
+
"""
|
29
|
+
def __init__(__self__, cert_type=None, critical_options=None, extensions=None, id=None, key_id=None, name=None, namespace=None, path=None, public_key=None, serial_number=None, signed_key=None, ttl=None, valid_principals=None):
|
30
|
+
if cert_type and not isinstance(cert_type, str):
|
31
|
+
raise TypeError("Expected argument 'cert_type' to be a str")
|
32
|
+
pulumi.set(__self__, "cert_type", cert_type)
|
33
|
+
if critical_options and not isinstance(critical_options, dict):
|
34
|
+
raise TypeError("Expected argument 'critical_options' to be a dict")
|
35
|
+
pulumi.set(__self__, "critical_options", critical_options)
|
36
|
+
if extensions and not isinstance(extensions, dict):
|
37
|
+
raise TypeError("Expected argument 'extensions' to be a dict")
|
38
|
+
pulumi.set(__self__, "extensions", extensions)
|
39
|
+
if id and not isinstance(id, str):
|
40
|
+
raise TypeError("Expected argument 'id' to be a str")
|
41
|
+
pulumi.set(__self__, "id", id)
|
42
|
+
if key_id and not isinstance(key_id, str):
|
43
|
+
raise TypeError("Expected argument 'key_id' to be a str")
|
44
|
+
pulumi.set(__self__, "key_id", key_id)
|
45
|
+
if name and not isinstance(name, str):
|
46
|
+
raise TypeError("Expected argument 'name' to be a str")
|
47
|
+
pulumi.set(__self__, "name", name)
|
48
|
+
if namespace and not isinstance(namespace, str):
|
49
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
50
|
+
pulumi.set(__self__, "namespace", namespace)
|
51
|
+
if path and not isinstance(path, str):
|
52
|
+
raise TypeError("Expected argument 'path' to be a str")
|
53
|
+
pulumi.set(__self__, "path", path)
|
54
|
+
if public_key and not isinstance(public_key, str):
|
55
|
+
raise TypeError("Expected argument 'public_key' to be a str")
|
56
|
+
pulumi.set(__self__, "public_key", public_key)
|
57
|
+
if serial_number and not isinstance(serial_number, str):
|
58
|
+
raise TypeError("Expected argument 'serial_number' to be a str")
|
59
|
+
pulumi.set(__self__, "serial_number", serial_number)
|
60
|
+
if signed_key and not isinstance(signed_key, str):
|
61
|
+
raise TypeError("Expected argument 'signed_key' to be a str")
|
62
|
+
pulumi.set(__self__, "signed_key", signed_key)
|
63
|
+
if ttl and not isinstance(ttl, str):
|
64
|
+
raise TypeError("Expected argument 'ttl' to be a str")
|
65
|
+
pulumi.set(__self__, "ttl", ttl)
|
66
|
+
if valid_principals and not isinstance(valid_principals, str):
|
67
|
+
raise TypeError("Expected argument 'valid_principals' to be a str")
|
68
|
+
pulumi.set(__self__, "valid_principals", valid_principals)
|
69
|
+
|
70
|
+
@property
|
71
|
+
@pulumi.getter(name="certType")
|
72
|
+
def cert_type(self) -> Optional[str]:
|
73
|
+
return pulumi.get(self, "cert_type")
|
74
|
+
|
75
|
+
@property
|
76
|
+
@pulumi.getter(name="criticalOptions")
|
77
|
+
def critical_options(self) -> Optional[Mapping[str, str]]:
|
78
|
+
return pulumi.get(self, "critical_options")
|
79
|
+
|
80
|
+
@property
|
81
|
+
@pulumi.getter
|
82
|
+
def extensions(self) -> Optional[Mapping[str, str]]:
|
83
|
+
return pulumi.get(self, "extensions")
|
84
|
+
|
85
|
+
@property
|
86
|
+
@pulumi.getter
|
87
|
+
def id(self) -> str:
|
88
|
+
"""
|
89
|
+
The provider-assigned unique ID for this managed resource.
|
90
|
+
"""
|
91
|
+
return pulumi.get(self, "id")
|
92
|
+
|
93
|
+
@property
|
94
|
+
@pulumi.getter(name="keyId")
|
95
|
+
def key_id(self) -> Optional[str]:
|
96
|
+
return pulumi.get(self, "key_id")
|
97
|
+
|
98
|
+
@property
|
99
|
+
@pulumi.getter
|
100
|
+
def name(self) -> str:
|
101
|
+
return pulumi.get(self, "name")
|
102
|
+
|
103
|
+
@property
|
104
|
+
@pulumi.getter
|
105
|
+
def namespace(self) -> Optional[str]:
|
106
|
+
return pulumi.get(self, "namespace")
|
107
|
+
|
108
|
+
@property
|
109
|
+
@pulumi.getter
|
110
|
+
def path(self) -> str:
|
111
|
+
return pulumi.get(self, "path")
|
112
|
+
|
113
|
+
@property
|
114
|
+
@pulumi.getter(name="publicKey")
|
115
|
+
def public_key(self) -> str:
|
116
|
+
return pulumi.get(self, "public_key")
|
117
|
+
|
118
|
+
@property
|
119
|
+
@pulumi.getter(name="serialNumber")
|
120
|
+
def serial_number(self) -> str:
|
121
|
+
"""
|
122
|
+
The serial number of the certificate returned from Vault
|
123
|
+
"""
|
124
|
+
return pulumi.get(self, "serial_number")
|
125
|
+
|
126
|
+
@property
|
127
|
+
@pulumi.getter(name="signedKey")
|
128
|
+
def signed_key(self) -> str:
|
129
|
+
"""
|
130
|
+
The signed certificate returned from Vault
|
131
|
+
"""
|
132
|
+
return pulumi.get(self, "signed_key")
|
133
|
+
|
134
|
+
@property
|
135
|
+
@pulumi.getter
|
136
|
+
def ttl(self) -> Optional[str]:
|
137
|
+
return pulumi.get(self, "ttl")
|
138
|
+
|
139
|
+
@property
|
140
|
+
@pulumi.getter(name="validPrincipals")
|
141
|
+
def valid_principals(self) -> Optional[str]:
|
142
|
+
return pulumi.get(self, "valid_principals")
|
143
|
+
|
144
|
+
|
145
|
+
class AwaitableGetSecretBackendSignResult(GetSecretBackendSignResult):
|
146
|
+
# pylint: disable=using-constant-test
|
147
|
+
def __await__(self):
|
148
|
+
if False:
|
149
|
+
yield self
|
150
|
+
return GetSecretBackendSignResult(
|
151
|
+
cert_type=self.cert_type,
|
152
|
+
critical_options=self.critical_options,
|
153
|
+
extensions=self.extensions,
|
154
|
+
id=self.id,
|
155
|
+
key_id=self.key_id,
|
156
|
+
name=self.name,
|
157
|
+
namespace=self.namespace,
|
158
|
+
path=self.path,
|
159
|
+
public_key=self.public_key,
|
160
|
+
serial_number=self.serial_number,
|
161
|
+
signed_key=self.signed_key,
|
162
|
+
ttl=self.ttl,
|
163
|
+
valid_principals=self.valid_principals)
|
164
|
+
|
165
|
+
|
166
|
+
def get_secret_backend_sign(cert_type: Optional[str] = None,
|
167
|
+
critical_options: Optional[Mapping[str, str]] = None,
|
168
|
+
extensions: Optional[Mapping[str, str]] = None,
|
169
|
+
key_id: Optional[str] = None,
|
170
|
+
name: Optional[str] = None,
|
171
|
+
namespace: Optional[str] = None,
|
172
|
+
path: Optional[str] = None,
|
173
|
+
public_key: Optional[str] = None,
|
174
|
+
ttl: Optional[str] = None,
|
175
|
+
valid_principals: Optional[str] = None,
|
176
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSecretBackendSignResult:
|
177
|
+
"""
|
178
|
+
This is a data source which can be used to sign an SSH public key
|
179
|
+
|
180
|
+
## Example Usage
|
181
|
+
|
182
|
+
```python
|
183
|
+
import pulumi
|
184
|
+
import pulumi_vault as vault
|
185
|
+
|
186
|
+
test = vault.ssh.get_secret_backend_sign(path="ssh",
|
187
|
+
public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDR6q4PTcuIkpdGEqaCaxnR8/REqlbSiEIKaRZkVSjiTXOaiSfUsy9cY2+7+oO9fLMUrhylImerjzEoagX1IjYvc9IeUBaRnfacN7QwUDfstgp2jknbg7rNX9j9nFxwltV/jYQPcRq8Ud0wn1nb4qixq+diM7+Up+xJOeaKxbpjEUJH5dcvaBB+Aa24tJpjOQxtFyQ6dUxlgJu0tcygZR92kKYCVjZDohlSED3i/Ak2KFwqCKx2IZWq9z1vMEgmRzv++4Qt1OsbpW8itiCyWn6lmV33eDCdjMrr9TEThQNnMinPrHdmVUnPZ/OomP+rLDRE9lQR16uaSvKhg5TWOFIXRPyEhX9arEATrE4KSWeQN2qgHOb6P24YqgEm1ZdHJq25q/nBBAa1x0tFMiWqZwOsGeJ9nTeOeyiqFKH5YRBo6DIy3ag3taFsfQSve6oqjnrudUd1hJ8/bNSz8amECfP0ULvAEAgpiurj3eCPc3OcXl4tAld9F6KwabEJV5eelcs= user@example.com",
|
188
|
+
name="test",
|
189
|
+
valid_principals="my-user")
|
190
|
+
```
|
191
|
+
|
192
|
+
|
193
|
+
:param str cert_type: Specifies the type of certificate to be created; either "user" or "host".
|
194
|
+
:param Mapping[str, str] critical_options: Specifies a map of the critical options that the certificate should be signed for. Defaults to none.
|
195
|
+
:param Mapping[str, str] extensions: Specifies a map of the extensions that the certificate should be signed for. Defaults to none.
|
196
|
+
:param str key_id: Specifies the key id that the created certificate should have. If not specified, the display name of the token will be used.
|
197
|
+
:param str name: Specifies the name of the role to sign.
|
198
|
+
:param str path: Full path where SSH backend is mounted.
|
199
|
+
:param str public_key: Specifies the SSH public key that should be signed.
|
200
|
+
:param str ttl: Specifies the Requested Time To Live. Cannot be greater than the role's max_ttl value. If not provided, the role's ttl value will be used. Note that the role values default to system values if not explicitly set.
|
201
|
+
:param str valid_principals: Specifies valid principals, either usernames or hostnames, that the certificate should be signed for. Required unless the role has specified allow_empty_principals or a value has been set for either the default_user or default_user_template role parameters.
|
202
|
+
"""
|
203
|
+
__args__ = dict()
|
204
|
+
__args__['certType'] = cert_type
|
205
|
+
__args__['criticalOptions'] = critical_options
|
206
|
+
__args__['extensions'] = extensions
|
207
|
+
__args__['keyId'] = key_id
|
208
|
+
__args__['name'] = name
|
209
|
+
__args__['namespace'] = namespace
|
210
|
+
__args__['path'] = path
|
211
|
+
__args__['publicKey'] = public_key
|
212
|
+
__args__['ttl'] = ttl
|
213
|
+
__args__['validPrincipals'] = valid_principals
|
214
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
215
|
+
__ret__ = pulumi.runtime.invoke('vault:ssh/getSecretBackendSign:getSecretBackendSign', __args__, opts=opts, typ=GetSecretBackendSignResult).value
|
216
|
+
|
217
|
+
return AwaitableGetSecretBackendSignResult(
|
218
|
+
cert_type=pulumi.get(__ret__, 'cert_type'),
|
219
|
+
critical_options=pulumi.get(__ret__, 'critical_options'),
|
220
|
+
extensions=pulumi.get(__ret__, 'extensions'),
|
221
|
+
id=pulumi.get(__ret__, 'id'),
|
222
|
+
key_id=pulumi.get(__ret__, 'key_id'),
|
223
|
+
name=pulumi.get(__ret__, 'name'),
|
224
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
225
|
+
path=pulumi.get(__ret__, 'path'),
|
226
|
+
public_key=pulumi.get(__ret__, 'public_key'),
|
227
|
+
serial_number=pulumi.get(__ret__, 'serial_number'),
|
228
|
+
signed_key=pulumi.get(__ret__, 'signed_key'),
|
229
|
+
ttl=pulumi.get(__ret__, 'ttl'),
|
230
|
+
valid_principals=pulumi.get(__ret__, 'valid_principals'))
|
231
|
+
def get_secret_backend_sign_output(cert_type: Optional[pulumi.Input[Optional[str]]] = None,
|
232
|
+
critical_options: Optional[pulumi.Input[Optional[Mapping[str, str]]]] = None,
|
233
|
+
extensions: Optional[pulumi.Input[Optional[Mapping[str, str]]]] = None,
|
234
|
+
key_id: Optional[pulumi.Input[Optional[str]]] = None,
|
235
|
+
name: Optional[pulumi.Input[str]] = None,
|
236
|
+
namespace: Optional[pulumi.Input[Optional[str]]] = None,
|
237
|
+
path: Optional[pulumi.Input[str]] = None,
|
238
|
+
public_key: Optional[pulumi.Input[str]] = None,
|
239
|
+
ttl: Optional[pulumi.Input[Optional[str]]] = None,
|
240
|
+
valid_principals: Optional[pulumi.Input[Optional[str]]] = None,
|
241
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretBackendSignResult]:
|
242
|
+
"""
|
243
|
+
This is a data source which can be used to sign an SSH public key
|
244
|
+
|
245
|
+
## Example Usage
|
246
|
+
|
247
|
+
```python
|
248
|
+
import pulumi
|
249
|
+
import pulumi_vault as vault
|
250
|
+
|
251
|
+
test = vault.ssh.get_secret_backend_sign(path="ssh",
|
252
|
+
public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDR6q4PTcuIkpdGEqaCaxnR8/REqlbSiEIKaRZkVSjiTXOaiSfUsy9cY2+7+oO9fLMUrhylImerjzEoagX1IjYvc9IeUBaRnfacN7QwUDfstgp2jknbg7rNX9j9nFxwltV/jYQPcRq8Ud0wn1nb4qixq+diM7+Up+xJOeaKxbpjEUJH5dcvaBB+Aa24tJpjOQxtFyQ6dUxlgJu0tcygZR92kKYCVjZDohlSED3i/Ak2KFwqCKx2IZWq9z1vMEgmRzv++4Qt1OsbpW8itiCyWn6lmV33eDCdjMrr9TEThQNnMinPrHdmVUnPZ/OomP+rLDRE9lQR16uaSvKhg5TWOFIXRPyEhX9arEATrE4KSWeQN2qgHOb6P24YqgEm1ZdHJq25q/nBBAa1x0tFMiWqZwOsGeJ9nTeOeyiqFKH5YRBo6DIy3ag3taFsfQSve6oqjnrudUd1hJ8/bNSz8amECfP0ULvAEAgpiurj3eCPc3OcXl4tAld9F6KwabEJV5eelcs= user@example.com",
|
253
|
+
name="test",
|
254
|
+
valid_principals="my-user")
|
255
|
+
```
|
256
|
+
|
257
|
+
|
258
|
+
:param str cert_type: Specifies the type of certificate to be created; either "user" or "host".
|
259
|
+
:param Mapping[str, str] critical_options: Specifies a map of the critical options that the certificate should be signed for. Defaults to none.
|
260
|
+
:param Mapping[str, str] extensions: Specifies a map of the extensions that the certificate should be signed for. Defaults to none.
|
261
|
+
:param str key_id: Specifies the key id that the created certificate should have. If not specified, the display name of the token will be used.
|
262
|
+
:param str name: Specifies the name of the role to sign.
|
263
|
+
:param str path: Full path where SSH backend is mounted.
|
264
|
+
:param str public_key: Specifies the SSH public key that should be signed.
|
265
|
+
:param str ttl: Specifies the Requested Time To Live. Cannot be greater than the role's max_ttl value. If not provided, the role's ttl value will be used. Note that the role values default to system values if not explicitly set.
|
266
|
+
:param str valid_principals: Specifies valid principals, either usernames or hostnames, that the certificate should be signed for. Required unless the role has specified allow_empty_principals or a value has been set for either the default_user or default_user_template role parameters.
|
267
|
+
"""
|
268
|
+
__args__ = dict()
|
269
|
+
__args__['certType'] = cert_type
|
270
|
+
__args__['criticalOptions'] = critical_options
|
271
|
+
__args__['extensions'] = extensions
|
272
|
+
__args__['keyId'] = key_id
|
273
|
+
__args__['name'] = name
|
274
|
+
__args__['namespace'] = namespace
|
275
|
+
__args__['path'] = path
|
276
|
+
__args__['publicKey'] = public_key
|
277
|
+
__args__['ttl'] = ttl
|
278
|
+
__args__['validPrincipals'] = valid_principals
|
279
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
280
|
+
__ret__ = pulumi.runtime.invoke_output('vault:ssh/getSecretBackendSign:getSecretBackendSign', __args__, opts=opts, typ=GetSecretBackendSignResult)
|
281
|
+
return __ret__.apply(lambda __response__: GetSecretBackendSignResult(
|
282
|
+
cert_type=pulumi.get(__response__, 'cert_type'),
|
283
|
+
critical_options=pulumi.get(__response__, 'critical_options'),
|
284
|
+
extensions=pulumi.get(__response__, 'extensions'),
|
285
|
+
id=pulumi.get(__response__, 'id'),
|
286
|
+
key_id=pulumi.get(__response__, 'key_id'),
|
287
|
+
name=pulumi.get(__response__, 'name'),
|
288
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
289
|
+
path=pulumi.get(__response__, 'path'),
|
290
|
+
public_key=pulumi.get(__response__, 'public_key'),
|
291
|
+
serial_number=pulumi.get(__response__, 'serial_number'),
|
292
|
+
signed_key=pulumi.get(__response__, 'signed_key'),
|
293
|
+
ttl=pulumi.get(__response__, 'ttl'),
|
294
|
+
valid_principals=pulumi.get(__response__, 'valid_principals')))
|